Exemple #1
0
/**
 * Check an input field isn't 'evil'.
 *
 * @param  string			The name of the parameter
 * @param  string			The value retrieved
 * @param  ?boolean		Whether the parameter is a POST parameter (NULL: undetermined)
 */
function check_input_field_string($name, &$val, $posted = false)
{
    if (preg_match('#^\\s*((((j\\s*a\\s*v\\s*a\\s*)|(v\\s*b\\s*))?s\\s*c\\s*r\\s*i\\s*p\\s*t)|(d\\s*a\\s*t\\s*a\\s*))\\s*:#i', $val) != 0 && $name != 'value') {
        log_hack_attack_and_exit('SCRIPT_URL_HACK_2', $val);
    }
    // Security check for known URL fields. Check for specific things, plus we know we can be pickier in general
    $is_url = $name == 'from' || $name == 'preview_url' || $name == 'redirect' || $name == 'redirect_passon' || $name == 'url';
    if ($is_url) {
        if ($is_url) {
            if (preg_match('#\\n|\\000|<|(".*[=<>])|^\\s*((((j\\s*a\\s*v\\s*a\\s*)|(v\\s*b\\s*))?s\\s*c\\s*r\\s*i\\s*p\\s*t)|(d\\s*a\\s*t\\s*a\\s*))\\s*:#mi', $val) != 0) {
                if ($name == 'page') {
                    $_GET[$name] = '';
                }
                // Stop loops
                log_hack_attack_and_exit('DODGY_GET_HACK', $name, $val);
            }
            // Don't allow external redirections
            if (!$posted) {
                $_val = str_replace('https://', 'http://', $val);
                if (looks_like_url($_val)) {
                    $bus = array(get_base_url(false), get_forum_base_url(), 'http://ocportal.com/');
                    $ok = false;
                    foreach ($bus as $bu) {
                        if (substr($_val, 0, strlen($bu)) == $bu) {
                            $ok = true;
                            break;
                        }
                    }
                    if (!$ok) {
                        $val = get_base_url(false);
                    }
                }
            }
        }
    }
    if ($GLOBALS['BOOTSTRAPPING'] == 0) {
        // Quickly depose of common spam attacks. Not really security, just a sensible barrier
        if ((!function_exists('is_guest') || is_guest()) && (strpos($val, '[url=http://') !== false || strpos($val, '[link') !== false) && strpos($val, '<a ') !== false) {
            log_hack_attack_and_exit('LAME_SPAM_HACK', $val);
        }
        // Additional checks for non-privileged users
        if (function_exists('has_specific_permission') && $name != 'page') {
            if (false) {
                hard_filter_input_data__html($val);
                hard_filter_input_data__filesystem($val);
            }
        }
    }
}
Exemple #2
0
 /**
  * Standard modular run function.
  *
  * @return array		An array of tuples: The task row to show, the number of seconds until it is due (or NULL if not on a timer), the number of things to sort out (or NULL if not on a queue), The name of the config option that controls the schedule (or NULL if no option).
  */
 function run()
 {
     // Forum moderation
     if (!has_no_forum()) {
         $status = do_template('BLOCK_MAIN_STAFF_CHECKLIST_ITEM_STATUS_NA');
         if (get_forum_type() == 'ocf') {
             $url = build_url(array('page' => 'vforums', 'type' => 'unread'), get_module_zone('vforums'));
         } else {
             $url = make_string_tempcode(get_forum_base_url());
         }
         $tpl = do_template('BLOCK_MAIN_STAFF_CHECKLIST_ITEM', array('_GUID' => 'a2cdfc2ea5db2d8c13a4d9eafa9b644b', 'URL' => '', 'STATUS' => $status, 'TASK' => urlise_lang(do_lang('NAG_FORUMS'), $url), 'INFO' => ''));
         return array(array($tpl, NULL, NULL, NULL));
     }
     return array();
 }
Exemple #3
0
 /**
  * Standard modular run function.
  *
  * @return tempcode	The result of execution.
  */
 function run()
 {
     $base_url = get_forum_base_url();
     $forums = get_param('url', $base_url . '/');
     if (substr($forums, 0, strlen($base_url)) != $base_url) {
         $base_url = rtrim($forums, '/');
         if (strpos($base_url, '.php') !== false || strpos($base_url, '?') !== false) {
             $base_url = dirname($base_url);
         }
         //log_hack_attack_and_exit('REFERRER_IFRAME_HACK'); No longer a hack attack becase people webmasters changed their forum base URL at some point, creating problems with old bookmarks!
         header('Location: ' . get_self_url(true, false, array('url' => get_forum_base_url())));
         exit;
     }
     $old_method = false;
     if ($old_method) {
         return do_template('FORUMS_EMBED', array('_GUID' => '159575f6b83c5366d29e184a8dd5fc49', 'FORUMS' => $forums));
     }
     $GLOBALS['SCREEN_TEMPLATE_CALLED'] = '';
     require_code('integrator');
     return do_template('COMCODE_SURROUND', array('CLASS' => 'float_surrounder', 'CONTENT' => protect_from_escaping(reprocess_url($forums, $base_url))));
 }
Exemple #4
0
 /**
  * Find the base URL to the emoticons.
  *
  * @return URLPATH		The base URL
  */
 function get_emo_dir()
 {
     global $EMOTICON_SET_DIR;
     if (is_null($EMOTICON_SET_DIR)) {
         $EMOTICON_SET_DIR = $this->connection->query_value_null_ok('skin_sets', 'set_emoticon_folder', array('set_image_dir' => $this->get_theme()));
         if (is_null($EMOTICON_SET_DIR)) {
             $EMOTICON_SET_DIR = 'default';
         }
     }
     return get_forum_base_url() . '/style_emoticons/' . $EMOTICON_SET_DIR . '/';
 }
 /**
  * Get tempcode for a post template adding/editing form.
  *
  * @param  SHORT_TEXT	The emoticon code
  * @param  SHORT_TEXT	The theme image code
  * @param  integer		The relevance level of the emoticon
  * @range  0 4
  * @param  BINARY			Whether the emoticon is usable as a topic emoticon
  * @param  BINARY			Whether this may only be used by privileged members
  * @return array			A pair: The input fields, Hidden fields
  */
 function get_form_fields($code = ':-]', $theme_img_code = '', $relevance_level = 1, $use_topics = 1, $is_special = 0)
 {
     $fields = new ocp_tempcode();
     $hidden = new ocp_tempcode();
     $fields->attach(form_input_line(do_lang_tempcode('CODE'), do_lang_tempcode('DESCRIPTION_EMOTICON_CODE'), 'code', $code, true));
     if (get_base_url() == get_forum_base_url()) {
         $fields->attach(form_input_upload(do_lang_tempcode('UPLOAD'), do_lang_tempcode('DESCRIPTION_UPLOAD'), 'file', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images'))));
         handle_max_file_size($hidden, 'image');
     }
     require_code('themes2');
     $ids = get_all_image_ids_type('ocf_emoticons', false, $GLOBALS['FORUM_DB']);
     $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('STOCK')), do_lang_tempcode('DESCRIPTION_ALTERNATE_STOCK'), 'theme_img_code', $ids, NULL, $theme_img_code, NULL, true, $GLOBALS['FORUM_DB']));
     $list = new ocp_tempcode();
     for ($i = 0; $i <= 4; $i++) {
         $list->attach(form_input_list_entry(strval($i), $i == $relevance_level, do_lang_tempcode('EMOTICON_RELEVANCE_LEVEL_' . strval($i))));
     }
     $fields->attach(form_input_list(do_lang_tempcode('RELEVANCE_LEVEL'), do_lang_tempcode('DESCRIPTION_RELEVANCE_LEVEL'), 'relevance_level', $list));
     $fields->attach(form_input_tick(do_lang_tempcode('USE_TOPICS'), do_lang_tempcode('DESCRIPTION_USE_TOPICS'), 'use_topics', $use_topics == 1));
     $fields->attach(form_input_tick(do_lang_tempcode('EMOTICON_IS_SPECIAL'), do_lang_tempcode('DESCRIPTION_EMOTICON_IS_SPECIAL'), 'is_special', $is_special == 1));
     return array($fields, $hidden);
 }
Exemple #6
0
 /**
  * Get a URL to the specified post id.
  *
  * @param  integer		The post id
  * @param  string			The forum ID
  * @param  boolean		Whether it is okay to return the result using Tempcode (more efficient)
  * @return mixed			The URL to the post
  */
 function post_url($id, $forum, $tempcode_okay = false)
 {
     if (is_null($id)) {
         return '';
     }
     // Should not happen, but if it does, this is how we should handle it.
     unset($forum);
     $_url = build_url(array('page' => 'topicview', 'type' => 'findpost', 'id' => $id), get_module_zone('topicview'), NULL, false, false, !$tempcode_okay);
     if ($tempcode_okay && get_base_url() == get_forum_base_url()) {
         return $_url;
     }
     $url = $_url->evaluate();
     $url .= '#post_' . strval($id);
     if (get_option('forum_in_portal') == '0') {
         $url = str_replace(get_base_url(), get_forum_base_url(), $url);
     }
     return $url;
 }
Exemple #7
0
 /**
  * Try to find the theme that the logged-in/guest member is using, and map it to an ocPortal theme.
  * The themes/map.ini file functions to provide this mapping between forum themes, and ocPortal themes, and has a slightly different meaning for different forum drivers. For example, some drivers map the forum themes theme directory to the ocPortal theme name, whilst others made the humanly readeable name.
  *
  * @param  boolean		Whether to avoid member-specific lookup
  * @return ID_TEXT		The theme
  */
 function _get_theme($skip_member_specific = false)
 {
     $def = '';
     // Load in remapper
     $map = file_exists(get_file_base() . '/themes/map.ini') ? better_parse_ini_file(get_file_base() . '/themes/map.ini') : array();
     if (!$skip_member_specific) {
         // Work out
         $member = get_member();
         if ($member != $this->get_guest_id()) {
             $skin = $this->connection->query_value_null_ok('users', 'user_theme', array('user_id' => $member));
         } else {
             $skin = '';
         }
         if (strlen($skin) > 0) {
             $def = array_key_exists($skin, $map) ? $map[$skin] : $skin;
         }
     }
     // Look for a skin according to our site name (we bother with this instead of 'default' because ocPortal itself likes to never choose a theme when forum-theme integration is on: all forum [via map] or all ocPortal seems cleaner, although it is complex)
     if (!(strlen($def) > 0) || !file_exists(get_custom_file_base() . '/themes/' . $def)) {
         if (@chdir(get_forum_base_url() . '/themes/' . get_site_name() . '/')) {
             $wowbb = get_site_name();
             $def = array_key_exists($wowbb, $map) ? $map[$wowbb] : $wowbb;
         }
     }
     // Hmm, just the very-default then
     if (!(strlen($def) > 0) || !file_exists(get_custom_file_base() . '/themes/' . $def)) {
         $def = array_key_exists('default', $map) ? $map['default'] : 'default';
     }
     return $def;
 }
Exemple #8
0
 /**
  * Standard modular render function for profile tabs edit hooks.
  *
  * @param  MEMBER			The ID of the member who is being viewed
  * @param  MEMBER			The ID of the member who is doing the viewing
  * @param  boolean		Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later
  * @return ?array			A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set)
  */
 function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false)
 {
     $title = do_lang_tempcode('AVATAR');
     $order = 20;
     // Actualiser
     if (post_param_integer('submitting_avatar_tab', 0) == 1) {
         require_code('uploads');
         if (has_specific_permission($member_id_viewing, 'own_avatars')) {
             if (!(is_swf_upload(true) && array_key_exists('avatar_file', $_FILES) || array_key_exists('avatar_file', $_FILES) && is_uploaded_file($_FILES['avatar_file']['tmp_name']))) {
                 $urls = array();
                 $stock = post_param('avatar_alt_url', '');
                 if ($stock == '') {
                     $stock = post_param('avatar_stock', NULL);
                     if (!is_null($stock)) {
                         $urls[0] = $stock == '' ? '' : find_theme_image($stock, false, true);
                     } else {
                         $urls[0] = '';
                     }
                     // None
                 } else {
                     if (url_is_local($stock) && !$GLOBALS['FORUM_DRIVER']->is_super_admin($member_id_viewing)) {
                         $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_avatar_url', array('id' => $member_id_of));
                         if ($old != $stock) {
                             access_denied('ASSOCIATE_EXISTING_FILE');
                         }
                     }
                     $urls[0] = $stock;
                     // URL
                 }
             } else {
                 // We have chosen an upload. Note that we will not be looking at alt_url at this point, even though it is specified below for canonical reasons
                 $urls = get_url('avatar_alt_url', 'avatar_file', file_exists(get_custom_file_base() . '/uploads/avatars') ? 'uploads/avatars' : 'uploads/ocf_avatars', 0, OCP_UPLOAD_IMAGE, false, '', '', false, true);
                 if ((get_base_url() != get_forum_base_url() || array_key_exists('on_msn', $GLOBALS['SITE_INFO']) && $GLOBALS['SITE_INFO']['on_msn'] == '1') && $urls[0] != '' && url_is_local($urls[0])) {
                     $urls[0] = get_custom_base_url() . '/' . $urls[0];
                 }
             }
             $avatar_url = $urls[0];
         } else {
             $stock = post_param('avatar_stock');
             $avatar_url = $stock == '' ? '' : find_theme_image($stock, false, true);
         }
         require_code('ocf_members_action');
         require_code('ocf_members_action2');
         ocf_member_choose_avatar($avatar_url, $member_id_of);
         attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform');
     }
     if ($leave_to_ajax_if_possible) {
         return NULL;
     }
     // UI fields
     $avatar_url = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_avatar_url');
     require_javascript('javascript_multi');
     $fields = new ocp_tempcode();
     require_code('form_templates');
     require_code('themes2');
     $ids = get_all_image_ids_type('ocf_default_avatars', true);
     $found_it = false;
     foreach ($ids as $id) {
         $pos = strpos($avatar_url, '/' . $id);
         $selected = $pos !== false;
         if ($selected) {
             $found_it = true;
         }
     }
     $hidden = new ocp_tempcode();
     if (has_specific_permission($member_id_viewing, 'own_avatars')) {
         $javascript = 'standardAlternateFields(\'avatar_file\',\'avatar_alt_url\',\'avatar_stock*\',true);';
         $fields->attach(form_input_upload(do_lang_tempcode('UPLOAD'), do_lang_tempcode('DESCRIPTION_UPLOAD'), 'avatar_file', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images'))));
         handle_max_file_size($hidden, 'image');
         $fields->attach(form_input_line(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('URL')), do_lang_tempcode('DESCRIPTION_ALTERNATE_URL'), 'avatar_alt_url', $found_it ? '' : $avatar_url, false));
         $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('STOCK')), do_lang_tempcode('DESCRIPTION_ALTERNATE_STOCK'), 'avatar_stock', $ids, $avatar_url, NULL, NULL, true));
     } else {
         $javascript = '';
         $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('STOCK'), '', 'avatar_stock', $ids, $avatar_url, NULL, NULL, true));
     }
     if ($avatar_url != '') {
         if (url_is_local($avatar_url)) {
             $avatar_url = get_complex_base_url($avatar_url) . '/' . $avatar_url;
         }
         $avatar = do_template('OCF_TOPIC_POST_AVATAR', array('_GUID' => '50a5902f3ab7e384d9cf99577b222cc8', 'AVATAR' => $avatar_url));
     } else {
         $avatar = do_lang_tempcode('NONE_EM');
     }
     $width = ocf_get_member_best_group_property($member_id_of, 'max_avatar_width');
     $height = ocf_get_member_best_group_property($member_id_of, 'max_avatar_height');
     $text = do_template('OCF_EDIT_AVATAR_TAB', array('_GUID' => 'dbdac6ca3bc752b54d2a24a4c6e69c7c', 'MEMBER_ID' => strval($member_id_of), 'USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($member_id_of), 'AVATAR' => $avatar, 'WIDTH' => integer_format($width), 'HEIGHT' => integer_format($height)));
     $hidden = new ocp_tempcode();
     $hidden->attach(form_input_hidden('submitting_avatar_tab', '1'));
     return array($title, $fields, $text, $javascript, $order, $hidden);
 }
Exemple #9
0
/**
 * Find the URL to the theme image of the specified ID. It searches various priorities, including language and theme overrides.
 *
 * @param  ID_TEXT			The theme image ID
 * @param  boolean			Whether to silently fail (i.e. not give out an error message when a theme image cannot be found)
 * @param  boolean			Whether to leave URLs as relative local URLs
 * @param  ?ID_TEXT			The theme to search in (NULL: users current theme)
 * @param  ?LANGUAGE_NAME  The language to search for (NULL: users current language)
 * @param  ?object			The database to use (NULL: site database)
 * @param  boolean			Whether to only search the default 'images' filesystem
 * @return URLPATH			The URL found (blank: not found)
 */
function find_theme_image($id, $silent_fail = false, $leave_local = false, $theme = NULL, $lang = NULL, $db = NULL, $pure_only = false)
{
    if (substr($id, 0, 4) == 'ocf_' && is_file(get_file_base() . '/themes/default/images/avatars/index.html')) {
        $id = substr($id, 4);
    }
    if (isset($_GET['keep_theme_seed']) && get_param('keep_theme_seed', NULL) !== NULL && function_exists('has_specific_permission') && has_specific_permission(get_member(), 'view_profiling_modes')) {
        require_code('themewizard');
        $test = find_theme_image_themewizard_preview($id);
        if ($test !== NULL) {
            return $test;
        }
    }
    if ($db === NULL) {
        $db = $GLOBALS['SITE_DB'];
    }
    global $RECORD_IMG_CODES;
    if ($RECORD_IMG_CODES) {
        global $RECORDED_IMG_CODES;
        if (isset($GLOBALS['FORUM_DB']) && $db->connection_write !== $GLOBALS['FORUM_DB']->connection_write) {
            $RECORDED_IMG_CODES[serialize(array($id, $theme, $lang))] = 1;
        }
    }
    $true_theme = $GLOBALS['FORUM_DRIVER']->get_theme();
    if ($theme === NULL) {
        $theme = $true_theme;
    }
    global $USER_LANG_CACHED;
    $true_lang = $USER_LANG_CACHED === NULL ? user_lang() : $USER_LANG_CACHED;
    if ($lang === NULL) {
        $lang = $true_lang;
    }
    $truism = $theme == $true_theme && $lang == $true_lang;
    $site = $GLOBALS['SITE_DB'] == $db ? 'site' : 'forums';
    global $IMG_CODES;
    if (!isset($IMG_CODES[$site])) {
        static $cache = NULL;
        if ($site == 'site') {
            $cache = persistant_cache_get('THEME_IMAGES');
        }
        if (!isset($cache[$true_theme][$true_lang])) {
            $IMG_CODES[$site] = $db->query_select('theme_images', array('id', 'path'), array('theme' => $true_theme, 'lang' => $true_lang));
            $IMG_CODES[$site] = collapse_2d_complexity('id', 'path', $IMG_CODES[$site]);
            if ($site == 'site') {
                if ($cache === NULL) {
                    $cache = array();
                }
                $cache[$theme][$true_lang] = $IMG_CODES[$site];
                persistant_cache_set('THEME_IMAGES', $cache);
            }
        } else {
            $IMG_CODES[$site] = $cache[$true_theme][$true_lang];
        }
    }
    if (!$truism && !$pure_only) {
        $path = $db->query_value_null_ok('theme_images', 'path', array('theme' => $theme, 'lang' => $lang, 'id' => $id));
        if ($path !== NULL) {
            if (url_is_local($path) && !$leave_local) {
                $path = ($db->connection_write != $GLOBALS['SITE_DB']->connection_write ? get_forum_base_url() : (substr($path, 0, 22) == 'themes/default/images/' ? get_base_url() : get_custom_base_url())) . '/' . $path;
            }
            return cdn_filter($path);
        }
    }
    if ($pure_only || !isset($IMG_CODES[$site][$id]) || !$truism) {
        $path = NULL;
        $priorities = array();
        if (!$pure_only) {
            $priorities = array_merge($priorities, array(array($theme, $lang, 'images_custom'), array($theme, '', 'images_custom'), $lang == fallback_lang() ? NULL : array($theme, fallback_lang(), 'images_custom')));
        }
        // This will not do a DB search, just a filesystem search. The Theme Wizard makes these though
        $priorities = array_merge($priorities, array(array($theme, $lang, 'images'), array($theme, '', 'images'), $lang == fallback_lang() ? NULL : array($theme, fallback_lang(), 'images')));
        if ($theme != 'default') {
            if (!$pure_only) {
                $priorities = array_merge($priorities, array(array('default', $lang, 'images_custom'), array('default', '', 'images_custom'), $lang == fallback_lang() ? NULL : array('default', fallback_lang(), 'images_custom')));
            }
            $priorities = array_merge($priorities, array(array('default', $lang, 'images'), array('default', '', 'images'), $lang == fallback_lang() ? NULL : array('default', fallback_lang(), 'images')));
        }
        foreach ($priorities as $i => $priority) {
            if ($priority === NULL) {
                continue;
            }
            if ($priority[2] == 'images_custom' && $priority[1] != '') {
                $smap = array('id' => $id, 'theme' => $priority[0], 'lang' => $priority[1]);
                $nql_backup = $GLOBALS['NO_QUERY_LIMIT'];
                $GLOBALS['NO_QUERY_LIMIT'] = true;
                $truism_b = $priority[0] == $true_theme && (!multi_lang() || $priority[1] == '' || $priority[1] === $true_lang);
                $path = $truism_b ? NULL : $db->query_value_null_ok('theme_images', 'path', $smap);
                $GLOBALS['NO_QUERY_LIMIT'] = $nql_backup;
                if ($path !== NULL) {
                    if (strpos($path, '/images/' . $id . '.') !== false) {
                        continue;
                    }
                    if (array_key_exists('lang', $smap) && strpos($path, '/images/' . $smap['lang'] . '/' . $id . '.') !== false) {
                        continue;
                    }
                    break;
                }
            }
            $test = _search_img_file($priority[0], $priority[1], $id, $priority[2]);
            if ($test !== NULL) {
                $path_bits = explode('/', $test);
                $path = '';
                foreach ($path_bits as $bit) {
                    if ($path != '') {
                        $path .= '/';
                    }
                    $path .= rawurlencode($bit);
                }
                break;
            }
        }
        if ($db->connection_write == $GLOBALS['SITE_DB']->connection_write) {
            if ($path !== NULL && $path != '' || $silent_fail && !$GLOBALS['SEMI_DEBUG_MODE']) {
                $nql_backup = $GLOBALS['NO_QUERY_LIMIT'];
                $GLOBALS['NO_QUERY_LIMIT'] = true;
                $db->query_delete('theme_images', array('id' => $id, 'theme' => $theme, 'lang' => $lang));
                // Allow for race conditions
                $db->query_insert('theme_images', array('id' => $id, 'theme' => $theme, 'path' => $path === NULL ? '' : $path, 'lang' => $lang), false, true);
                // Allow for race conditions
                $GLOBALS['NO_QUERY_LIMIT'] = $nql_backup;
                persistant_cache_delete('THEME_IMAGES');
            }
        }
        if ($path === NULL) {
            if (!$silent_fail) {
                require_code('site');
                attach_message(do_lang_tempcode('NO_SUCH_IMAGE', escape_html($id)), 'warn');
            }
            return '';
        }
        if ($truism) {
            $IMG_CODES[$site][$id] = $path;
        }
        // only cache if we are looking up for our own theme/lang
    } else {
        $path = $IMG_CODES[$site][$id];
        global $SITE_INFO;
        if ($path != '' && (!isset($SITE_INFO['disable_smart_decaching']) || $SITE_INFO['disable_smart_decaching'] == '0') && (!isset($SITE_INFO['no_disk_sanity_checks']) || $SITE_INFO['no_disk_sanity_checks'] == '0') && url_is_local($path) && !is_file(get_custom_file_base() . '/' . rawurldecode($path))) {
            unset($IMG_CODES[$site][$id]);
            return find_theme_image($id, $silent_fail, $leave_local, $theme, $lang, $db, $pure_only);
        }
    }
    if (url_is_local($path) && !$leave_local && $path != '') {
        if ($db->connection_write != $GLOBALS['SITE_DB']->connection_write) {
            $base_url = get_forum_base_url();
        } else {
            global $SITE_INFO;
            $missing = !$pure_only && ((!isset($SITE_INFO['disable_smart_decaching']) || $SITE_INFO['disable_smart_decaching'] == '0') && (!isset($SITE_INFO['no_disk_sanity_checks']) || $SITE_INFO['no_disk_sanity_checks'] == '0') && (!is_file(get_file_base() . '/' . rawurldecode($path)) && !is_file(get_custom_file_base() . '/' . rawurldecode($path))));
            if (substr($path, 0, 22) == 'themes/default/images/' || $missing) {
                if ($missing) {
                    return find_theme_image($id, $silent_fail, $leave_local, $theme, $lang, $db, true);
                }
                $base_url = get_base_url();
            } else {
                $base_url = get_custom_base_url();
            }
        }
        $path = $base_url . '/' . $path;
    }
    return cdn_filter($path);
}
Exemple #10
0
    $FILE_BASE = substr($FILE_BASE, 0, $a > $b ? $a : $b);
} else {
    $RELATIVE_PATH = '';
}
@chdir($FILE_BASE);
global $NON_PAGE_SCRIPT;
$NON_PAGE_SCRIPT = 1;
global $FORCE_INVISIBLE_GUEST;
$FORCE_INVISIBLE_GUEST = 0;
if (!is_file($FILE_BASE . '/sources/global.php')) {
    exit('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' . chr(10) . '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN"><head><title>Critical startup error</title></head><body><h1>ocPortal startup error</h1><p>The second most basic ocPortal startup file, sources/global.php, could not be located. This is almost always due to an incomplete upload of the ocPortal system, so please check all files are uploaded correctly.</p><p>Once all ocPortal files are in place, ocPortal must actually be installed by running the installer. You must be seeing this message either because your system has become corrupt since installation, or because you have uploaded some but not all files from our manual installer package: the quick installer is easier, so you might consider using that instead.</p><p>ocProducts maintains full documentation for all procedures and tools, especially those for installation. These may be found on the <a href="http://ocportal.com">ocPortal website</a>. If you are unable to easily solve this problem, we may be contacted from our website and can help resolve it for you.</p><hr /><p style="font-size: 0.8em">ocPortal is a website engine created by ocProducts.</p></body></html>');
}
require $FILE_BASE . '/sources/global.php';
// Remap menus to use these images
$icons = fopen(get_file_base() . '/data_custom/icon_map.csv', 'rt');
while (($line = fgetcsv($icons, 1024)) !== false) {
    if (count($line) == 2) {
        switch ($line[0]) {
            case 'collab_features':
                $map = array('i_menu' => $line[0], 'i_url' => '');
                break;
            case 'forum_base_url':
                $map = array('i_url' => get_forum_base_url(true));
                break;
            default:
                $map = array('i_url' => $line[0]);
        }
        $GLOBALS['SITE_DB']->query_update('menu_items', array('i_theme_img_code' => 'menu_items/' . $line[1]), $map);
    }
}
echo 'Installed';
Exemple #11
0
 /**
  * Find the base URL to the emoticons.
  *
  * @return URLPATH		The base URL
  */
 function get_emo_dir()
 {
     return get_forum_base_url() . '/Smileys/default/';
 }
Exemple #12
0
/**
 * Evaluate a conventional tempcode variable, handling escaping
 *
 * @param  LANGUAGE_NAME	The language to evaluate this symbol in (some symbols refer to language elements)
 * @param  array				Array of escaping operations
 * @param  integer			The type of symbol this is (TC_SYMBOL, TC_LANGUAGE_REFERENCE)
 * @set    0 2
 * @param  ID_TEXT			The name of the symbol
 * @param  array				Parameters to the symbol. For all but directive it is an array of strings. For directives it is an array of Tempcode objects. Actually there may be template-style parameters in here, as an influence of singular_bind and these may be Tempcode, but we ignore them.
 * @return mixed				The result. Either tempcode, or a string.
 */
function ecv($lang, $escaped, $type, $name, $param)
{
    global $TEMPCODE_SETGET, $CYCLES, $PREPROCESSABLE_SYMBOLS, $DISPLAYED_TITLE;
    //echo '<!--'.$name.'-->'."\n";
    if ($type == TC_SYMBOL) {
        $escaped_codes = $name . ($escaped == array() ? '' : serialize($escaped));
        $cacheable = $param == array() && !isset($GLOBALS['NON_CACHEABLE_SYMBOLS'][$name]);
        if ($cacheable) {
            global $SYMBOL_CACHE;
            if (isset($SYMBOL_CACHE[$escaped_codes])) {
                return $SYMBOL_CACHE[$escaped_codes];
            }
        }
        $value = '';
        if ($GLOBALS['XSS_DETECT']) {
            ocp_mark_as_escaped($value);
        }
        $temp_array = array();
        if (isset($PREPROCESSABLE_SYMBOLS[$name]) && $name != 'PAGE_LINK') {
            handle_symbol_preprocessing(array($escaped, $type, $name, $param), $temp_array);
        }
        // Late preprocessing. Should not be needed in case of full screen output (as this was properly preprocessed), but is in other cases
        switch ($name) {
            case 'PAGE_LINK':
                if (isset($param[0])) {
                    list($zone, $map, $hash) = page_link_decode(is_object($param[0]) ? $param[0]->evaluate() : $param[0]);
                    $skip = NULL;
                    if (isset($param[4])) {
                        $skip = array_flip(explode('|', $param[4]));
                    }
                    $avoid_remap = isset($param[1]) && $param[1] == '1';
                    $skip_keep = isset($param[2]) && $param[2] == '1';
                    $keep_all = isset($param[3]) && $param[3] == '1';
                    foreach ($map as $key => $val) {
                        if (is_object($val)) {
                            $map[$key] = $val->evaluate();
                        }
                    }
                    $value = _build_url($map, $zone, $skip, $keep_all, $avoid_remap, $skip_keep, $hash);
                } else {
                    $value = get_zone_name() . ':' . get_page_name();
                    foreach ($_GET as $key => $val) {
                        if ($key == 'page') {
                            continue;
                        }
                        if (is_array($val)) {
                            continue;
                        }
                        if (substr($key, 0, 5) == 'keep_' && !skippable_keep($key, $val)) {
                            continue;
                        }
                        $value .= ':' . $key . '=' . $val;
                    }
                }
                break;
            case 'SET':
                if (isset($param[1])) {
                    if (isset($param[1]) && is_object($param[1])) {
                        $TEMPCODE_SETGET[$param[0]] = $param[1];
                    } else {
                        $param_copy = $param;
                        unset($param_copy[0]);
                        $TEMPCODE_SETGET[$param[0]] = implode(',', $param_copy);
                    }
                }
                break;
            case 'GET':
                if (isset($param[0])) {
                    if (isset($TEMPCODE_SETGET[$param[0]])) {
                        if (is_object($TEMPCODE_SETGET[$param[0]])) {
                            $TEMPCODE_SETGET[$param[0]] = $TEMPCODE_SETGET[$param[0]]->evaluate();
                        }
                        $value = $TEMPCODE_SETGET[$param[0]];
                    }
                }
                break;
            case 'EQ':
                if (isset($param[1])) {
                    $first = array_shift($param);
                    $count = 0;
                    foreach ($param as $test) {
                        if ($first == $test) {
                            $count++;
                            break;
                        }
                    }
                    $value = $count != 0 ? '1' : '0';
                }
                break;
            case 'NEQ':
                if (isset($param[1])) {
                    $first = array_shift($param);
                    $count = 0;
                    foreach ($param as $test) {
                        if ($first == $test) {
                            $count++;
                        }
                    }
                    $value = $count == 0 ? '1' : '0';
                }
                break;
            case 'NOT':
                if (isset($param[0])) {
                    $value = $param[0] == '1' || $param[0] == '1' ? '0' : '1';
                }
                break;
            case 'OR':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count > 0 ? '1' : '0';
                break;
            case 'AND':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count == count($param) ? '1' : '0';
                break;
            case 'HAS_ACTUAL_PAGE_ACCESS':
                if (isset($param[0])) {
                    $value = has_actual_page_access($param !== NULL && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], isset($param[1]) ? $param[1] : NULL) ? '1' : '0';
                }
                break;
            case '?':
                if (isset($param[1])) {
                    $value = $param[0] == '1' || $param[0] == '1' ? $param[1] : (isset($param[2]) ? $param[2] : $value);
                }
                break;
            case 'IMG':
                if (isset($param[0]) && isset($GLOBALS['SITE_DB']) && function_exists('find_theme_image') && $GLOBALS['IN_MINIKERNEL_VERSION'] == 0) {
                    $value = find_theme_image($param[0], isset($param[3]) && $param[3] == '1', false, array_key_exists(2, $param) && $param[2] != '' ? $param[2] : NULL, NULL, isset($param[1]) && $param[1] == '1' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB']);
                }
                break;
            case '':
                break;
            case 'META_DATA':
                if (isset($param[0])) {
                    global $META_DATA;
                    if (isset($param[1])) {
                        $matches = array();
                        if ($param[0] == 'image' && preg_match('#^' . preg_quote(find_script('attachment'), '#') . '\\?id=(\\d+)#', $param[1], $matches) != 0) {
                            require_code('attachments');
                            if (!has_attachment_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), intval($matches[1]))) {
                                break;
                            }
                        }
                        $META_DATA[$param[0]] = $param[1];
                    } else {
                        $value = isset($META_DATA[$param[0]]) ? strip_comcode($META_DATA[$param[0]]) : '';
                        if ($value === NULL) {
                            $value = '';
                        }
                    }
                }
                break;
            case 'SPECIAL_CLICK_TO_EDIT':
                $_value = do_lang_tempcode('SPECIAL_CLICK_TO_EDIT');
                $value = $_value->evaluate();
                break;
            case 'KEEP':
                // What needs preserving in the URL
                $value = keep_symbol($param);
                break;
            case 'BROWSER':
                if (isset($param[1])) {
                    $q = false;
                    foreach (explode('|', $param[0]) as $browser) {
                        $q = browser_matches($browser);
                        if ($q) {
                            break;
                        }
                    }
                    $value = $q ? $param[1] : (isset($param[2]) ? $param[2] : '');
                    if ($GLOBALS['XSS_DETECT']) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'JAVASCRIPT_INCLUDE':
                if (isset($param[0])) {
                    require_javascript($param[0]);
                    /*// Has to do this inline, as you're not allowed to reference scripts outside head
                    		if (!array_key_exists($param[0],$GLOBALS['JAVASCRIPTS']))
                    		{
                    			$GLOBALS['JAVASCRIPTS'][$param[0]]=1;
                    			$file=javascript_enforce($param[0]);
                    			$_value=do_template('JAVASCRIPT_NEED_INLINE',array('_GUID'=>'d6c907e26c5a8dd8c65f1d36a1a674a9','CODE'=>file_get_contents($file,FILE_TEXT)));
                    			$value=$_value->evaluate();
                    		}*/
                }
                break;
            case 'FACILITATE_AJAX_BLOCK_CALL':
                if (isset($param[0])) {
                    require_javascript('javascript_ajax');
                    require_code('blocks');
                    $_block_constraints = block_params_to_block_signature(block_params_str_to_arr($param[0]));
                    if (array_key_exists(1, $param)) {
                        $_block_constraints = array_merge($_block_constraints, block_params_str_to_arr($param[1]));
                        ksort($_block_constraints);
                    }
                    $block_constraints = block_params_arr_to_str($_block_constraints);
                    // Store permissions
                    $_auth_key = $GLOBALS['SITE_DB']->query_select('temp_block_permissions', array('id', 'p_time'), array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints), '', 1);
                    if (!array_key_exists(0, $_auth_key)) {
                        $auth_key = $GLOBALS['SITE_DB']->query_insert('temp_block_permissions', array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints, 'p_time' => time()), true);
                    } else {
                        $auth_key = $_auth_key[0]['id'];
                        if (time() - $_auth_key[0]['p_time'] > 100) {
                            $GLOBALS['SITE_DB']->query_update('temp_block_permissions', array('p_time' => time()), array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints), '', 1);
                        }
                    }
                    $keep = symbol_tempcode('KEEP');
                    $value = find_script('snippet') . '?snippet=block&auth_key=' . urlencode(strval($auth_key)) . '&block_map=' . urlencode($param[0]) . $keep->evaluate();
                }
                break;
            case 'LANG':
                $value = user_lang();
                break;
            case '_GET':
                if (isset($param[0])) {
                    $value = get_param($param[0], isset($param[1]) ? $param[1] : '', true);
                }
                break;
            case 'QUERY_STRING':
                $value = ocp_srv('QUERY_STRING');
                break;
            case 'USER_AGENT':
                $value = ocp_srv('HTTP_USER_AGENT');
                break;
            case 'STRIP_TAGS':
                if (isset($param[0])) {
                    if (isset($param[1]) && $param[1] == '1') {
                        $value = strip_tags(str_replace('))', ')', str_replace('((', '(', str_replace('<em>', '(', str_replace('</em>', ')', $param[0])))));
                    } else {
                        $value = strip_tags($param[0], array_key_exists(2, $param) ? $param[2] : '');
                    }
                    if (isset($param[1]) && $param[1] == '1') {
                        $value = @html_entity_decode($value, ENT_QUOTES, get_charset());
                    }
                }
                break;
            case 'CONFIG_OPTION':
                if (isset($param[0])) {
                    if (!isset($GLOBALS['OPTIONS'])) {
                        $value = '0';
                    } else {
                        $value = get_option($param[0], true);
                        if ($value === NULL) {
                            $value = '';
                        }
                    }
                }
                break;
            case 'TRUNCATE_LEFT':
                // Truncate the left length of a string. 0: text to truncate, 1: the truncate length, 2: whether to use a tooltip mouse-over if it is truncated, 3: whether it is encoded as HTML (0=no [default, plain-text], 1=yes)
                $value = symbol_truncator($param, 'left');
                break;
            case 'TRUNCATE_RIGHT':
                $value = symbol_truncator($param, 'right');
                break;
            case 'TRUNCATE_SPREAD':
                $value = symbol_truncator($param, 'spread');
                break;
            case 'TRUNCATE_EXPAND':
                $value = symbol_truncator($param, 'expand');
                break;
            case 'THEME':
                if (isset($GLOBALS['FORUM_DRIVER'])) {
                    $value = $GLOBALS['FORUM_DRIVER']->get_theme();
                } else {
                    $value = 'default';
                }
                break;
            case 'REVERSE':
                if (isset($param[0])) {
                    $value = implode(',', array_reverse(explode(',', $param[0])));
                }
                break;
            case 'COMMA_LIST_GET':
                if (isset($param[1])) {
                    require_code('blocks');
                    $values = block_params_str_to_arr($param[0]);
                    $value = isset($values[$param[1]]) ? $values[$param[1]] : '';
                }
                break;
            case 'COMMA_LIST_SET':
                if (isset($param[2])) {
                    require_code('blocks');
                    $values = block_params_str_to_arr($param[0]);
                    $values[$param[1]] = $param[2];
                    $value = block_params_arr_to_str($values);
                }
                break;
            case 'IS_EMPTY':
                if (isset($param[0])) {
                    $value = $param[0] == '' ? '1' : '0';
                }
                break;
            case 'IS_NON_EMPTY':
                if (isset($param[0])) {
                    $value = $param[0] != '' ? '1' : '0';
                }
                break;
            case 'CUSTOM_BASE_URL':
                $value = get_custom_base_url(isset($param[0]) && $param[0] != '' ? $param[0] == '1' : NULL);
                if (isset($param[1]) && $param[1] == '1') {
                    $value = cdn_filter($value);
                }
                break;
            case 'LOAD_PANEL':
                foreach ($param as $i => $p) {
                    if (is_object($p)) {
                        $param[$i] = $p->evaluate();
                    }
                }
                global $LOADED_PANELS;
                if (strpos($param[0], ':') !== false) {
                    $param = array_reverse(explode(':', $param[0], 2));
                }
                if (substr($param[0], 0, 6) == 'panel_') {
                    $param[0] = substr($param[0], 6);
                }
                $sr = serialize($param);
                $value = array_key_exists($sr, $LOADED_PANELS) ? $LOADED_PANELS[$sr] : '';
                break;
            case 'HAS_JS':
            case 'JS_ON':
                if (isset($param[1])) {
                    $value = has_js() ? $param[0] : $param[1];
                } else {
                    $value = has_js() ? '1' : '0';
                }
                break;
            case 'BASE_URL_NOHTTP':
                $value = preg_replace('#^https?://[^/]+#', '', get_base_url());
                if (substr($value, 0, 2) == '//') {
                    $value = substr($value, 1);
                }
                if (!$GLOBALS['DEBUG_MODE']) {
                    break;
                }
                // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            case 'CUSTOM_BASE_URL_NOHTTP':
                $value = preg_replace('#^https?://[^/]+/#', '/', get_custom_base_url());
                if (substr($value, 0, 2) == '//') {
                    $value = substr($value, 1);
                }
                if (!$GLOBALS['DEBUG_MODE']) {
                    break;
                }
                // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            case 'BASE_URL':
                $value = get_base_url(isset($param[0]) ? $param[0] == '1' : NULL);
                break;
            case 'ZONE':
                $value = get_zone_name();
                break;
            case 'PAGE':
                $value = get_page_name();
                break;
            case 'SITE_NAME':
                $value = get_site_name();
                break;
            case 'HEADER_TEXT':
                global $ZONE;
                $value = $ZONE['zone_header_text_trans'];
                break;
            case 'PANEL_WIDTH':
                if (isset($TEMPCODE_SETGET['PANEL_WIDTH']) && $TEMPCODE_SETGET['PANEL_WIDTH'] != '') {
                    $value = $TEMPCODE_SETGET['PANEL_WIDTH'];
                } else {
                    $value = get_option('panel_width', true);
                    if ($value === NULL) {
                        $value = '13.3em';
                    }
                }
                break;
            case 'PANEL_WIDTH_SPACED':
                if (isset($TEMPCODE_SETGET['PANEL_WIDTH_SPACED']) && $TEMPCODE_SETGET['PANEL_WIDTH_SPACED'] != '') {
                    $value = $TEMPCODE_SETGET['PANEL_WIDTH_SPACED'];
                } else {
                    $value = get_option('panel_width_spaced', true);
                    if (is_null($value)) {
                        $value = '14.3em';
                    }
                }
                break;
            case 'TRIM':
                if (isset($param[0])) {
                    $value = preg_replace(array('#^\\s+#', '#^(<br\\s*/?' . '>\\s*)+#', '#^(&nbsp;)+#', '#\\s+$#', '#(<br\\s*/?' . '>\\s*)+$#', '#(&nbsp;)+$#'), array('', '', '', '', '', ''), $param[0]);
                }
                break;
            case 'CPF_VALUE':
                if (isset($param[0])) {
                    if (is_numeric($param[0])) {
                        require_code('ocf_members');
                        $fields = ocf_get_custom_fields_member(isset($param[1]) ? intval($param[1]) : get_member());
                        if (array_key_exists(intval($param[0]), $fields)) {
                            $_value = $fields[intval($param[0])];
                        }
                    } elseif (substr($param[0], 0, 2) == 'm_' && strpos(strtolower($param[0]), 'hash') === false && strpos(strtolower($param[0]), 'salt') === false) {
                        $_value = $GLOBALS['FORUM_DRIVER']->get_member_row_field(isset($param[1]) ? intval($param[1]) : get_member(), $param[0]);
                    } else {
                        $_value = get_ocp_cpf($param[0], isset($param[1]) ? intval($param[1]) : NULL);
                    }
                    if (!is_string($_value)) {
                        $value = is_null($_value) ? '' : strval($_value);
                    } else {
                        $value = $_value;
                    }
                }
                break;
            case 'BANNER':
                if (addon_installed('banners')) {
                    global $SITE_INFO;
                    $is_on_banners = get_option('is_on_banners') == '1' && (!has_specific_permission(get_member(), 'banner_free') || $GLOBALS['FORUM_DRIVER']->is_super_admin(get_member()) && get_option('admin_banners') == '1' || !is_null($GLOBALS['CURRENT_SHARE_USER']));
                    if (array_key_exists('throttle_bandwidth_registered', $SITE_INFO)) {
                        $views_till_now = intval(get_value('page_views'));
                        $bandwidth_allowed = $SITE_INFO['throttle_bandwidth_registered'];
                        $total_bandwidth = intval(get_value('download_bandwidth'));
                        if ($bandwidth_allowed * 1024 * 1024 >= $total_bandwidth) {
                            $is_on_banners = false;
                        }
                    }
                    if ($is_on_banners && !is_page_https(get_zone_name(), get_page_name())) {
                        require_code('banners');
                        $b_type = isset($param[0]) ? $param[0] : '';
                        $internal_only = isset($param[1]) ? intval($param[1]) : ($b_type == '' ? 0 : 1);
                        if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
                            $_value = banners_script(true, '', '', $b_type, $internal_only, '');
                            $value = $_value->evaluate();
                        } else {
                            $value = 'Banner goes here';
                        }
                    }
                }
                break;
            case 'AVATAR':
                $value = $GLOBALS['FORUM_DRIVER']->get_member_avatar_url(isset($param[0]) ? intval($param[0]) : get_member());
                if (url_is_local($value) && $value != '') {
                    $value = get_custom_base_url() . '/' . $value;
                }
                break;
            case 'IS_GUEST':
                if (isset($param[0])) {
                    $value = is_guest(intval($param[0])) ? '1' : '0';
                } else {
                    $value = is_guest() ? '1' : '0';
                }
                break;
            case 'MEMBER':
                $value = strval(get_member());
                break;
            case 'USER':
                if (!isset($param[0])) {
                    $value = strval(get_member());
                } else {
                    $member_id = $GLOBALS['FORUM_DRIVER']->get_member_from_username($param[0]);
                    $value = is_null($member_id) ? '' : strval($member_id);
                }
                break;
            case 'CSS_INCLUDE':
                if (isset($param[0])) {
                    require_css($param[0]);
                    /*// Has to do this inline, as you're not allowed to reference sheets outside head
                    		if (!array_key_exists($param[0],$GLOBALS['CSSS']))
                    		{
                    			$GLOBALS['CSSS'][$param[0]]=1;
                    			$file=css_enforce($param[0]);
                    			$_value=do_template('CSS_NEED_INLINE',array('_GUID'=>'9de994d2f6d47a622d49347feb7ebe96','CSS'=>str_replace('../../../../',get_base_url().'/',file_get_contents($file,FILE_TEXT))));
                    			$value=$_value->evaluate();
                    		}*/
                }
                break;
            case 'USER_OVERIDE':
                $value = get_param('id', '');
                if (!is_numeric($value) || $value == '') {
                    $value = strval(get_member());
                }
                break;
            case 'IS_HTTPAUTH_LOGIN':
                $value = is_httpauth_login() ? '1' : '0';
                break;
            case 'MEMBER_PROFILE_LINK':
                $value = $GLOBALS['FORUM_DRIVER']->member_profile_url(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member(), false, true);
                if (is_null($value)) {
                    $value = '';
                }
                break;
            case 'USERNAME':
                $value = $GLOBALS['FORUM_DRIVER']->get_username(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member());
                if (is_null($value)) {
                    $value = do_lang('UNKNOWN');
                }
                break;
            case 'CYCLE':
                if (isset($param[0])) {
                    if (!isset($CYCLES[$param[0]])) {
                        $CYCLES[$param[0]] = 0;
                    }
                    if (!isset($param[1])) {
                        $value = strval($CYCLES[$param[0]]);
                    } else {
                        if (count($param) == 2) {
                            $param = array_merge(array($param[0]), explode(',', $param[1]));
                        }
                        ++$CYCLES[$param[0]];
                        if (!array_key_exists($CYCLES[$param[0]], $param)) {
                            $CYCLES[$param[0]] = 1;
                        }
                        $value = $param[$CYCLES[$param[0]]];
                    }
                }
                break;
            case 'THUMBNAIL':
                require_code('images');
                $value = _symbol_thumbnail($param);
                break;
            case 'IMAGE_WIDTH':
                require_code('images');
                list($value, ) = _symbol_image_dims($param);
                break;
            case 'IMAGE_HEIGHT':
                require_code('images');
                list(, $value) = _symbol_image_dims($param);
                break;
            case 'IS_IN_GROUP':
                if (isset($param[0])) {
                    if (in_array($param[count($param) - 1], array('', 'primary', 'secondary'))) {
                        $last_param = $param[count($param) - 1];
                        unset($param[count($param) - 1]);
                    } else {
                        $last_param = '';
                    }
                    $member_id = get_member();
                    $new_param = '';
                    $param_2 = array();
                    foreach ($param as $group) {
                        if (substr($group, 0, 1) == '!' && is_numeric(substr($group, 1))) {
                            $member_id = intval(substr($group, 1));
                        } else {
                            $param_2 = array_merge($param_2, explode(',', $group));
                        }
                    }
                    foreach ($param_2 as $group) {
                        if ($new_param != '') {
                            $new_param .= ',';
                        }
                        $new_param .= $group;
                    }
                    if ($last_param == 'primary') {
                        $member_row = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id);
                        $real_group_list = array($GLOBALS['FORUM_DRIVER']->pname_group($member_row));
                    } elseif ($last_param == 'secondary') {
                        $real_group_list = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id);
                        $member_row = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id);
                        $real_group_list = array_diff($real_group_list, array($GLOBALS['FORUM_DRIVER']->pname_group($member_row)));
                    } else {
                        $real_group_list = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id);
                    }
                    require_code('ocfiltering');
                    $value = count(array_intersect(ocfilter_to_idlist_using_memory($new_param, $GLOBALS['FORUM_DRIVER']->get_usergroup_list()), $real_group_list)) != 0 ? '1' : '0';
                }
                break;
            case 'IS_STAFF':
                if (isset($GLOBALS['FORUM_DRIVER'])) {
                    $value = $GLOBALS['FORUM_DRIVER']->is_staff(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()) ? '1' : '0';
                } else {
                    $value = '0';
                }
                break;
            case 'IS_SUPER_ADMIN':
                if (isset($GLOBALS['FORUM_DRIVER'])) {
                    $value = $GLOBALS['FORUM_DRIVER']->is_super_admin(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()) ? '1' : '0';
                } else {
                    $value = '0';
                }
                break;
            case 'PHOTO':
                if (isset($param[0])) {
                    $value = $GLOBALS['FORUM_DRIVER']->get_member_photo_url(intval($param[0]));
                    if (url_is_local($value) && $value != '') {
                        $value = get_custom_base_url() . '/' . $value;
                    }
                }
                break;
            case 'OCF_RANK_IMAGE':
                if (addon_installed('ocf_forum')) {
                    require_code('ocf_groups');
                    $rank_images = new ocp_tempcode();
                    $member_id = isset($param[0]) ? intval($param[0]) : get_member();
                    $posters_groups = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id, true);
                    foreach ($posters_groups as $group) {
                        $rank_image = ocf_get_group_property($group, 'rank_image');
                        $group_leader = ocf_get_group_property($group, 'group_leader');
                        $group_name = ocf_get_group_name($group);
                        $rank_image_pri_only = ocf_get_group_property($group, 'rank_image_pri_only');
                        if ($rank_image != '' && ($rank_image_pri_only == 0 || $group == $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_primary_group'))) {
                            $rank_images->attach(do_template('OCF_RANK_IMAGE', array('USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($member_id), 'GROUP_NAME' => $group_name, 'IMG' => $rank_image, 'IS_LEADER' => $group_leader == $member_id)));
                        }
                    }
                    $value = $rank_images->evaluate();
                }
                break;
            case 'TOTAL_POINTS':
                if (addon_installed('points')) {
                    require_code('points');
                    $value = strval(total_points(isset($param[0]) ? intval($param[0]) : get_member()));
                }
                break;
            case 'POINTS_USED':
                if (addon_installed('points')) {
                    require_code('points');
                    $value = strval(points_used(isset($param[0]) ? intval($param[0]) : get_member()));
                }
                break;
            case 'AVAILABLE_POINTS':
                if (addon_installed('points')) {
                    require_code('points');
                    $value = strval(available_points(isset($param[0]) ? intval($param[0]) : get_member()));
                }
                break;
            case 'URL_FOR_GET_FORM':
                if (isset($param[0])) {
                    $url_bits = parse_url($param[0]);
                    if (array_key_exists('scheme', $url_bits)) {
                        $value = $url_bits['scheme'] . '://' . (array_key_exists('host', $url_bits) ? $url_bits['host'] : 'localhost');
                        if (array_key_exists('port', $url_bits) && $url_bits['port'] != 80) {
                            $value .= ':' . strval($url_bits['port']);
                        }
                    }
                    if (array_key_exists('path', $url_bits)) {
                        $value .= $url_bits['path'];
                    }
                }
                break;
            case 'HIDDENS_FOR_GET_FORM':
                $_value = new ocp_tempcode();
                $url_bits = parse_url($param[0]);
                if (array_key_exists('query', $url_bits) && $url_bits['query'] != '') {
                    foreach (explode('&', $url_bits['query']) as $exp) {
                        $parts = explode('=', $exp, 2);
                        if (count($parts) == 2) {
                            if (!in_array($parts[0], $param)) {
                                $_value->attach(form_input_hidden($parts[0], urldecode($parts[1])));
                            }
                        }
                    }
                }
                $value = $_value->evaluate();
                break;
            case 'NOTIFICATIONS_ENABLED':
                $value = '';
                if (array_key_exists(0, $param)) {
                    require_code('notifications');
                    $value = notifications_enabled(array_key_exists(1, $param) ? $param[1] : get_page_name(), $param[0]) ? '1' : '0';
                }
                break;
            case 'DOCUMENT_HELP':
                global $DOCUMENT_HELP, $HELPER_PANEL_TUTORIAL;
                $value = $DOCUMENT_HELP;
                if ($value == '' && $HELPER_PANEL_TUTORIAL != '') {
                    $value = brand_base_url() . '/docs' . strval(ocp_version()) . '/pg/' . $HELPER_PANEL_TUTORIAL;
                }
                break;
            case 'HTTP_STATUS_CODE':
                global $HTTP_STATUS_CODE;
                $value = $HTTP_STATUS_CODE;
                break;
            case 'TEMPCODE':
                if (isset($param[0])) {
                    require_code('tempcode_compiler');
                    $_value = template_to_tempcode($param[0]);
                    $value = $_value->evaluate();
                }
                break;
            case 'COMCODE':
                if (isset($param[0])) {
                    $_value = comcode_to_tempcode($param[0], NULL, true);
                    $value = $_value->evaluate();
                }
                break;
            case 'FLAGRANT':
                $_value = get_flagrant();
                $value = $_value->evaluate();
                break;
            case 'IMG_WIDTH':
            case 'IMG_HEIGHT':
                if (isset($param[0]) && isset($GLOBALS['SITE_DB']) && function_exists('find_theme_image') && $GLOBALS['IN_MINIKERNEL_VERSION'] == 0) {
                    global $THEME_IMG_DIMS_CACHE;
                    if (!isset($THEME_IMG_DIMS_CACHE)) {
                        $THEME_IMG_DIMS_CACHE = function_exists('persistant_cache_get') ? persistant_cache_get('THEME_IMG_DIMS') : array();
                    }
                    if (isset($THEME_IMG_DIMS_CACHE[$param[0]])) {
                        list($width, $height) = $THEME_IMG_DIMS_CACHE[$param[0]];
                        $value = $name == 'IMG_WIDTH' ? $width : $height;
                    } else {
                        if (strpos($param[0], '://') === false) {
                            $img_url = find_theme_image($param[0], false, false, array_key_exists(2, $param) ? $param[2] : NULL, NULL, isset($param[1]) && $param[1] == '1' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB']);
                        } else {
                            $img_url = $param[0];
                        }
                        require_code('images');
                        list($width, $height) = _symbol_image_dims(array($img_url));
                        $value = $name == 'IMG_WIDTH' ? $width : $height;
                        $THEME_IMG_DIMS_CACHE[$param[0]] = array($width, $height);
                        if (function_exists('persistant_cache_set')) {
                            persistant_cache_set('THEME_IMG_DIMS', $THEME_IMG_DIMS_CACHE);
                        }
                    }
                }
                break;
            case 'CLEAN_FILE_SIZE':
                if (isset($param[0])) {
                    $bytes = is_numeric($param[0]) ? intval($param[0]) : NULL;
                    require_code('files');
                    $value = clean_file_size($bytes);
                }
                break;
            case 'TIME_PERIOD':
                if (isset($param[0])) {
                    $value = display_time_period(intval($param[0]));
                }
                break;
            case 'MAKE_RELATIVE_DATE':
                if (isset($param[0])) {
                    if (get_option('use_contextual_dates') == '0' && (!array_key_exists(1, $param) || $param[1] != '1')) {
                        $value = get_timezoned_date(intval($param[0]));
                    } else {
                        $value = display_time_period(time() - intval($param[0]));
                    }
                }
                break;
            case 'TIMEZONE':
                $value = make_nice_timezone_name(get_site_timezone());
                break;
            case 'LOAD_PAGE':
                foreach ($param as $i => $p) {
                    if (is_object($p)) {
                        $param[$i] = $p->evaluate();
                    }
                }
                global $LOADED_PAGES;
                if (strpos($param[0], ':') !== false) {
                    $param = array_reverse(explode(':', $param[0], 2));
                }
                $_value = $LOADED_PAGES[serialize($param)];
                $value = $_value->evaluate();
                break;
            case 'RUNNING_SCRIPT':
                if (isset($param[0])) {
                    $value = running_script($param[0]) ? '1' : '0';
                }
                break;
            case 'MATCH_KEY_MATCH':
                $value = '0';
                foreach ($param as $match_key) {
                    if ($match_key == '1' || $match_key == '0' || $match_key == '') {
                        continue;
                    }
                    if (match_key_match($match_key, isset($param[1]) && $match_key == '1')) {
                        $value = '1';
                    }
                }
                break;
            case 'VERSION':
                $value = strval(ocp_version());
                break;
            case 'PREVIEW_VALIDATION':
                $value = get_option('is_on_preview_validation') == '1' ? '1' : '0';
                break;
            case 'BLOCK':
                if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
                    foreach ($param as $i => $p) {
                        if (is_object($p)) {
                            $param[$i] = $p->evaluate();
                        }
                    }
                    if (count($param) == 1 && strpos($param[0], ',') !== false) {
                        $param = preg_split('#((?<!\\\\)|(?<=\\\\\\\\)|(?<=^)),#', $param[0]);
                        foreach ($param as $key => $val) {
                            $param[$key] = str_replace('\\,', ',', $val);
                        }
                    }
                    global $LOADED_BLOCKS;
                    if (isset($LOADED_BLOCKS[serialize($param)])) {
                        // Will always be set
                        $value = $LOADED_BLOCKS[serialize($param)]->evaluate();
                    }
                }
                break;
            case 'CURRENCY':
                if (addon_installed('ecommerce')) {
                    if (isset($param[0])) {
                        require_code('currency');
                        $value = currency_convert(floatval(str_replace(',', '', $param[0])), isset($param[1]) && $param[1] != '' ? $param[1] : get_option('currency'), isset($param[2]) && $param[2] != '' ? $param[2] : NULL, isset($param[3]) && $param[3] == '1');
                        if (is_null($value)) {
                            $value = do_lang('INTERNAL_ERROR');
                        }
                    } else {
                        $value = get_option('currency');
                    }
                }
                break;
            case 'CURRENCY_SYMBOL':
                if (addon_installed('ecommerce')) {
                    require_code('ecommerce');
                    $value = ecommerce_get_currency_symbol();
                }
                break;
            case 'GEOLOCATE':
                $value = geolocate_ip(isset($param[0]) ? $param[0] : NULL);
                break;
            case 'NO_SAFE_MODE':
                $value = str_replace(array('on', 'true', 'yes'), array('1', '1', '1'), strtolower(ini_get('safe_mode'))) == '1' ? '0' : '1';
                break;
            case 'FORCE_PREVIEWS':
                if (get_option('forced_preview_option') == '1') {
                    if (get_forum_type() == 'ocf') {
                        if (is_guest() && get_option('default_preview_guests') == '0') {
                            $value = '0';
                        } else {
                            $value = $GLOBALS['FORUM_DRIVER']->get_member_row_field(get_member(), 'm_preview_posts') == 1 ? '1' : '0';
                        }
                    } else {
                        $value = get_option('default_preview_guests') == '0' ? '0' : '1';
                    }
                } else {
                    $value = '0';
                }
                break;
            case 'PREVIEW_URL':
                $value = find_script('preview');
                $value .= '?page=' . get_page_name();
                $value .= '&type=' . get_param('type', '', true);
                break;
            case 'ADDON_INSTALLED':
                if (isset($param[0]) && !running_script('install')) {
                    $value = addon_installed($param[0]) ? '1' : '0';
                }
                break;
            case 'VALUE_OPTION':
                if (isset($param[0])) {
                    $value = function_exists('get_value') ? get_value($param[0]) : '';
                    if (is_null($value)) {
                        $value = function_exists('get_long_value') ? get_long_value($param[0]) : '';
                        if (is_null($value)) {
                            $value = isset($param[1]) ? $param[1] : '';
                            if ($param[0] == 'textmate' && (ocp_srv('HTTP_HOST') == 'localhost' && strpos(ocp_srv('HTTP_USER_AGENT'), 'Macintosh') !== false)) {
                                $value = '1';
                            }
                        }
                    }
                }
                break;
            case 'KEEP_INDEX':
                // What needs preserving in the URL
                $value = 'index.php';
                if (count($_GET) > 0) {
                    foreach ($_GET as $key => $val) {
                        if (is_array($val)) {
                            continue;
                        }
                        if (get_magic_quotes_gpc()) {
                            $val = stripslashes($val);
                        }
                        if (substr($key, 0, 5) == 'keep_' && !skippable_keep($key, $val) && strpos($key, '_expand_') === false) {
                            $value .= ($value == 'index.php' ? '?' : '&') . urlencode($key) . '=' . ocp_url_encode($val);
                        }
                    }
                }
                break;
            case 'HIDE_HELP_PANEL':
                $value = array_key_exists('hide_help_panel', $_COOKIE) && $_COOKIE['hide_help_panel'] == '1' ? '1' : '0';
                break;
            case 'URLISE_LANG':
                if (isset($param[1])) {
                    $_value = urlise_lang($param[0], $param[1], isset($param[2]) ? $param[2] : '', isset($param[3]) ? $param[3] == '1' : false);
                    $value = $_value->evaluate();
                }
                break;
            case 'FIND_SCRIPT_NOHTTP':
                if (isset($param[0]) && function_exists('find_script')) {
                    $value = preg_replace('#^https?://[^/]+#', '', find_script($param[0], false, isset($param[1]) ? intval($param[1]) : 0));
                }
                if (!$GLOBALS['DEBUG_MODE']) {
                    break;
                }
                // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            case 'FIND_SCRIPT':
                if (isset($param[0]) && function_exists('find_script')) {
                    $value = find_script($param[0], false, isset($param[1]) ? intval($param[1]) : 0);
                }
                break;
            case 'MOBILE':
                $value = is_mobile(NULL, array_key_exists(0, $param) ? $param[0] == '1' : false) ? '1' : '0';
                break;
            case 'VALID_FILE_TYPES':
                $value = get_option('valid_types');
                $types = array_flip(explode(',', $value));
                $value = '';
                ksort($types);
                foreach (array_flip($types) as $val) {
                    $value .= $val . ',';
                }
                $value = substr($value, 0, strlen($value) - 1);
                break;
            case 'BROWSER_UA':
                $browser = get_browser_string();
                $value = $browser;
                break;
            case 'OS':
                $os = get_os_string();
                if (is_null($os)) {
                    $os = '';
                }
                $value = $os;
                break;
            case 'ANCHOR':
                if (isset($param[0])) {
                    $_value = do_template('ANCHOR', array('_GUID' => '8795c70c9dd7c6217bb765264ac24092', 'NAME' => $param[0]));
                    $value = $_value->evaluate();
                }
                break;
            case 'CSS_TEMPCODE':
                $_value = css_tempcode();
                $value = $_value->evaluate();
                break;
            case 'JS_TEMPCODE':
                $_value = javascript_tempcode(isset($param[0]) ? $param[0] : NULL);
                $value = $_value->evaluate();
                break;
            case 'PAD_LEFT':
                if (array_key_exists(1, $param)) {
                    $value = str_pad($param[0], intval($param[1]), array_key_exists(2, $param) ? $param[2] : '', STR_PAD_LEFT);
                }
                break;
            case 'PAD_RIGHT':
                if (array_key_exists(1, $param)) {
                    $value = str_pad($param[0], intval($param[1]), array_key_exists(2, $param) ? $param[2] : '', STR_PAD_RIGHT);
                }
                break;
            case 'PAGE_TITLE':
                $value = is_null($DISPLAYED_TITLE) ? '' : $DISPLAYED_TITLE->evaluate();
                break;
            case 'SET_TITLE':
                if (array_key_exists(0, $param)) {
                    get_page_title($param[0], false);
                }
                break;
            case 'EXTRA_HEAD':
                $_value = $GLOBALS['EXTRA_HEAD'];
                if ($_value === NULL) {
                    $_value = new ocp_tempcode();
                }
                $value = $_value->evaluate();
                break;
            case 'EXTRA_FOOT':
                if ($GLOBALS['EXTRA_FOOT'] === NULL) {
                    $GLOBALS['EXTRA_FOOT'] = new ocp_tempcode();
                }
                $_value = $GLOBALS['EXTRA_FOOT'];
                if (array_key_exists(0, $param)) {
                    $GLOBALS['EXTRA_FOOT']->attach($param[0]);
                } else {
                    $value = $_value->evaluate();
                }
                break;
            case 'RAND':
                if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['RAND'])) {
                    $GLOBALS['NO_EVAL_CACHE'] = true;
                    $value = strval(mt_rand(0, 32000));
                } else {
                    $value = '4';
                }
                break;
            case 'SET_RAND':
                if (isset($param[0])) {
                    if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
                        $GLOBALS['NO_EVAL_CACHE'] = true;
                        $value = $param[mt_rand(0, count($param) - 1)];
                    } else {
                        $value = $param[0];
                    }
                }
                break;
            case 'COPYRIGHT':
                $value = str_replace('$CURRENT_YEAR', date('Y'), get_option('copyright'));
                break;
            case 'KEYWORDS_SPACED':
                $value = str_replace(',', ' ', get_option('keywords'));
                break;
            case 'STAFF_ADDRESS_PURE':
                $value = get_option('staff_address');
                break;
            case 'STAFF_ADDRESS':
                require_code('obfuscate');
                $value = obfuscate_email_address(get_option('staff_address'));
                break;
            case 'DOMAIN':
                $value = get_domain();
                break;
            case 'BRAND_NAME':
                $value = function_exists('get_value') ? get_value('rebrand_name') : NULL;
                if (is_null($value)) {
                    $value = 'ocPortal';
                }
                break;
            case 'BRAND_BASE_URL':
                $value = brand_base_url();
                break;
            case 'SHOW_DOCS':
                $value = get_option('show_docs') === '0' ? '0' : '1';
                break;
            case 'MEMBER_EMAIL':
                $value = $GLOBALS['FORUM_DRIVER']->get_member_email_address(isset($param[0]) ? intval($param[0]) : get_member());
                break;
            case 'OCF_MEMBER_HTML':
                if (get_forum_type() == 'ocf') {
                    require_code('ocf_members');
                    require_code('ocf_members2');
                    $_value = ocf_show_member_box(isset($param[0]) ? intval($param[0]) : get_member());
                    $value = $_value->evaluate();
                }
                break;
            case 'HAS_SPECIFIC_PERMISSION':
                if (isset($param[0])) {
                    $value = has_specific_permission(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
                }
                break;
            case 'HAS_ZONE_ACCESS':
                if (isset($param[0])) {
                    $value = has_zone_access(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
                }
                break;
            case 'HAS_PAGE_ACCESS':
                if (isset($param[0]) && isset($param[1])) {
                    $value = has_page_access(!is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], $param[1], !is_null($param) && isset($param[3]) ? $param[3] == '1' : false) ? '1' : '0';
                }
                break;
            case 'HAS_CATEGORY_ACCESS':
                if (isset($param[0])) {
                    $value = has_category_access(!is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], $param[1]) ? '1' : '0';
                }
                break;
            case 'HAS_ATTACHMENT_ACCESS':
                if (isset($param[0])) {
                    require_code('attachments');
                    $value = has_attachment_access(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
                }
                break;
            case 'HAS_SUBMIT_PERMISSION':
                if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high')) {
                    $value = has_submit_permission(strtolower($param[0]), !is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), !is_null($param) && isset($param[2]) ? $param[2] : get_ip_address(), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
                }
                break;
            case 'HAS_DELETE_PERMISSION':
                if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high') && isset($param[1])) {
                    $value = has_delete_permission(strtolower($param[0]), !is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), intval($param[1]), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
                }
                break;
            case 'HAS_EDIT_PERMISSION':
                if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high') && isset($param[1])) {
                    $value = has_edit_permission(strtolower($param[0]), !is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), intval($param[1]), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
                }
                break;
            case 'ENTITY_DECODE':
                if (isset($param[0])) {
                    $value = @html_entity_decode($param[0], ENT_QUOTES, get_charset());
                }
                break;
            case 'RESET_CYCLE':
                if (isset($param[0])) {
                    $CYCLES[$param[0]] = 0;
                }
                break;
            case 'SITE_SCOPE':
                $value = get_option('site_scope');
                break;
            case 'LAST_VISIT_TIME':
                if (get_forum_type() == 'ocf') {
                    $member_info = ocf_read_in_member_profile(get_member(), true);
                    $value = strval($member_info['last_visit_time']);
                }
                break;
            case 'NUM_NEW_TOPICS':
                if (get_forum_type() == 'ocf') {
                    $member_info = ocf_read_in_member_profile(get_member(), true);
                    $_new_topics = $GLOBALS['FORUM_DB']->query('SELECT COUNT(*) AS mycnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_topics WHERE NOT t_forum_id IS NULL AND t_cache_first_time>' . strval((int) $member_info['last_visit_time']));
                    $new_topics = $_new_topics[0]['mycnt'];
                    $value = strval($new_topics);
                }
                break;
            case 'NUM_NEW_POSTS':
                if (get_forum_type() == 'ocf') {
                    $member_info = ocf_read_in_member_profile(get_member(), true);
                    $_new_posts = $GLOBALS['FORUM_DB']->query('SELECT COUNT(*) AS mycnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_posts WHERE NOT p_cache_forum_id IS NULL AND p_time>' . strval((int) $member_info['last_visit_time']));
                    $new_posts = $_new_posts[0]['mycnt'];
                    $value = strval($new_posts);
                }
                break;
            case 'HAS_FORUM':
                $value = has_no_forum() ? '0' : '1';
                break;
            case 'OCF':
                $value = get_forum_type() == 'ocf' ? '1' : '0';
                break;
            case 'BOARD_PREFIX':
                $value = get_forum_base_url();
                break;
            case 'DATE_AND_TIME':
                $use_contextual_dates = isset($param[0]) && $param[0] == '1';
                $verbose = isset($param[1]) && $param[1] == '1';
                $server_time = isset($param[2]) && $param[2] == '1';
                $time = isset($param[3]) ? intval($param[3]) : time();
                $value = get_timezoned_date($time, true, $verbose, $server_time, !$use_contextual_dates);
                break;
            case 'DATE':
                $use_contextual_dates = isset($param[0]) && $param[0] == '1';
                $verbose = isset($param[1]) && $param[1] == '1';
                $server_time = isset($param[2]) && $param[2] == '1';
                $time = isset($param[3]) ? intval($param[3]) : time();
                $value = get_timezoned_date($time, false, $verbose, $server_time, !$use_contextual_dates);
                break;
            case 'TIME':
                $time = isset($param[0]) ? intval($param[0]) : time();
                $value = get_timezoned_time($time);
                break;
            case 'SECONDS_PERIOD':
                if (array_key_exists(0, $param)) {
                    $value = display_seconds_period(intval($param[0]));
                }
                break;
            case 'FROM_TIMESTAMP':
                if (isset($param[0])) {
                    $timestamp = isset($param[1]) ? intval($param[1]) : time();
                    if (!array_key_exists(2, $param) || $param[2] == '1') {
                        $timestamp = utctime_to_usertime($timestamp);
                    }
                    $value = locale_filter(my_strftime($param[0], $timestamp));
                    if ($value == $param[0]) {
                        // If no conversion happened then the syntax must have been for 'date' not 'strftime'
                        $value = date($param[0], $timestamp);
                    }
                } else {
                    $timestamp = time();
                    $value = strval($timestamp);
                }
                break;
            case 'TO_TIMESTAMP':
                if (isset($param[0])) {
                    $value = strval(strtotime($param[0]));
                    if (array_key_exists(1, $param) && $param[1] == '1') {
                        $value = strval(usertime_to_utctime(intval($value)));
                    }
                    // '1' means date was in user-time so needs converting to a UTC timestamp
                } else {
                    $value = strval(time());
                }
                break;
            case 'SESSION_HASHED':
                $value = md5(strval(get_session_id()));
                break;
            case 'SESSION':
                $value = strval(get_session_id());
                break;
            case 'IN_ARRAY':
                if (isset($param[1])) {
                    $array = array_slice($param, 1);
                    $value = in_array($param[0], $array) ? '1' : '0';
                }
                break;
            case 'MULT':
                if (isset($param[1])) {
                    $value = float_to_raw_string(floatval($param[0]) * floatval($param[1]), 2, true);
                }
                break;
            case 'ROUND':
                if (isset($param[0])) {
                    $amount = isset($param[1]) ? intval($param[1]) : 0;
                    if ($amount > 0) {
                        $value = float_format(floatval($param[0]), $amount);
                    } else {
                        $value = strval(intval(round(floatval($param[0]), $amount)));
                    }
                }
                break;
            case 'DEV_MODE':
                $value = $GLOBALS['DEBUG_MODE'] ? '1' : '0';
                break;
            case 'BROWSER_MATCHES':
                if (isset($param[0])) {
                    $q = false;
                    foreach (explode('|', $param[0]) as $browser) {
                        $q = browser_matches($browser);
                        if ($q) {
                            break;
                        }
                    }
                    $value = $q ? '1' : '0';
                }
                break;
            case 'ISSET':
                if (isset($param[0])) {
                    $value = isset($TEMPCODE_SETGET[$param[0]]) ? '1' : '0';
                }
                break;
            case 'INIT':
                if (isset($param[1])) {
                    if (!isset($TEMPCODE_SETGET[$param[0]])) {
                        $TEMPCODE_SETGET[$param[0]] = $param[1];
                    }
                }
                break;
            case 'INC':
                if (isset($param[0])) {
                    if (!isset($TEMPCODE_SETGET[$param[0]])) {
                        $TEMPCODE_SETGET[$param[0]] = '0';
                    }
                    $TEMPCODE_SETGET[$param[0]] = strval(intval($TEMPCODE_SETGET[$param[0]]) + 1);
                }
                break;
            case 'DEC':
                if (isset($param[0])) {
                    if (!isset($TEMPCODE_SETGET[$param[0]])) {
                        $TEMPCODE_SETGET[$param[0]] = '0';
                    }
                    $TEMPCODE_SETGET[$param[0]] = strval(intval($TEMPCODE_SETGET[$param[0]]) - 1);
                }
                break;
            case 'PREG_MATCH':
                if (isset($param[1])) {
                    $value = preg_match('#' . str_replace('#', '\\#', $param[0]) . '#' . (isset($param[2]) ? str_replace('e', '', $param[2]) : ''), $param[1]) != 0 ? '1' : '0';
                }
                break;
            case 'PREG_REPLACE':
                if (isset($param[2])) {
                    $value = preg_replace('#' . str_replace('#', '\\#', $param[0]) . '#' . (isset($param[3]) ? str_replace('e', '', $param[3]) : ''), $param[1], $param[2]);
                }
                break;
            case 'MAX':
                if (isset($param[0])) {
                    $value = strval(max(intval($param[0]), intval($param[1])));
                }
                break;
            case 'MIN':
                if (isset($param[0])) {
                    $value = strval(min(intval($param[0]), intval($param[1])));
                }
                break;
            case 'MOD':
                if (isset($param[0])) {
                    $value = strval(max(intval($param[0]), -intval($param[0])));
                }
                break;
            case 'REM':
                if (isset($param[1])) {
                    $value = strval(intval($param[0]) % intval($param[1]));
                }
                break;
            case 'DIV_FLOAT':
                if (isset($param[1])) {
                    $value = float_to_raw_string(floatval($param[0]) / floatval($param[1]), 2, true);
                }
                break;
            case 'DIV':
                if (isset($param[1])) {
                    $value = strval(intval(floor(floatval($param[0]) / floatval($param[1]))));
                }
                break;
            case 'SUBTRACT':
                if (isset($param[1])) {
                    $value = float_to_raw_string(floatval(str_replace(',', '', $param[0])) - floatval(str_replace(',', '', $param[1])), 2, true);
                }
                break;
            case 'ADD':
                if (isset($param[1])) {
                    $value = float_to_raw_string(floatval(str_replace(',', '', $param[0])) + floatval(str_replace(',', '', $param[1])), 2, true);
                }
                break;
            case 'WCASE':
                if (isset($param[0])) {
                    $value = ucwords($param[0]);
                }
                break;
            case 'LCASE':
                if (isset($param[0])) {
                    $value = ocp_mb_strtolower($param[0]);
                }
                break;
            case 'UCASE':
                if (isset($param[0])) {
                    $value = ocp_mb_strtoupper($param[0]);
                }
                break;
            case '_POST':
                if (isset($param[0])) {
                    $value = post_param($param[0], isset($param[1]) ? $param[1] : '');
                }
                break;
            case 'REPLACE':
                if (isset($param[2])) {
                    $value = str_replace($param[0], $param[1], $param[2]);
                    if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'AT':
                if (isset($param[1])) {
                    $value = ocp_mb_substr($param[0], intval($param[1]), 1);
                }
                break;
            case 'STRPOS':
                if (isset($param[1])) {
                    $t_value = strpos($param[0], $param[1]);
                    $value = $t_value === false ? '0' : strval($t_value);
                }
                break;
            case 'IN_STR':
                if (isset($param[1])) {
                    if ($param[1] == '') {
                        $value = '0';
                    } else {
                        $value = '0';
                        foreach ($param as $i => $check) {
                            if (is_integer($i) && $i != 0 && $check != '') {
                                if (strpos($param[0], $check) !== false) {
                                    $value = '1';
                                    break;
                                }
                            }
                        }
                    }
                }
                break;
            case 'SUBSTR_COUNT':
                if (isset($param[1])) {
                    $value = strval(substr_count($param[0], $param[1]));
                }
                break;
            case 'SUBSTR':
                if (isset($param[1])) {
                    $value = ocp_mb_substr($param[0], intval($param[1]), isset($param[2]) ? intval($param[2]) : strlen($param[0]));
                }
                break;
            case 'LENGTH':
                if (isset($param[0])) {
                    $value = strval(ocp_mb_strlen($param[0]));
                }
                break;
            case 'WORDWRAP':
                if (isset($param[1])) {
                    $cut = isset($param[3]) && $param[3] == '1';
                    $value = wordwrap($param[0], intval($param[1]), isset($param[2]) ? $param[2] : '<br />', $cut);
                    if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'ALTERNATOR_TRUNCATED':
                // Alternate values according to whether some given text WOULD have been truncated. 0: text to check against, 1: the truncate length, 2:IF would not be do this, 3: if it would be do this, 4: whether given text is encoded as HTML (0=no [default, plain-text], 1=yes)
                if (isset($param[3])) {
                    $amount = intval($param[1]);
                    $is_html = isset($param[4]) && $param[4] == '1';
                    if (strlen($is_html ? strip_tags($param[0]) : $param[0]) > $amount) {
                        $value = $param[3];
                    } else {
                        $value = $param[2];
                    }
                }
                break;
            case 'ESCAPE':
                if (isset($param[0])) {
                    $d_escaping = array(isset($param[1]) ? constant($param[1]) : ENTITY_ESCAPED);
                    if (is_string($param[0])) {
                        apply_tempcode_escaping($d_escaping, $param[0]);
                    }
                    $value = $param[0];
                }
                break;
            case 'COOKIE_PATH':
                $value = function_exists('get_cookie_path') ? get_cookie_path() : '/';
                break;
            case 'COOKIE_DOMAIN':
                $s_value = function_exists('get_cookie_domain') ? get_cookie_domain() : '';
                $value = is_null($s_value) ? '' : $s_value;
                break;
            case 'IS_A_COOKIE_LOGIN':
                global $IS_A_COOKIE_LOGIN;
                $value = $IS_A_COOKIE_LOGIN && ini_get('suhosin.cookie.max_name_length') !== '64' ? '1' : '0';
                break;
            case 'GROUP_ID':
                if (isset($param[0])) {
                    $groups = $GLOBALS['FORUM_DRIVER']->get_members_groups(isset($param[1]) ? intval($param[1]) : get_member());
                    $value = array_key_exists(intval($param[0]), $groups) ? strval($groups[intval($param[0])]) : '';
                }
                break;
            case 'GROUP_NAME':
                if (isset($param[0])) {
                    $groups = $GLOBALS['FORUM_DRIVER']->get_members_groups(isset($param[1]) ? intval($param[1]) : get_member());
                    if (array_key_exists(intval($param[0]), $groups)) {
                        $all_usergroups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list();
                        $value = $all_usergroups[$groups[intval($param[0])]];
                    }
                    if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'NEGATE':
                if (isset($param[0])) {
                    $value = strval(-intval($param[0]));
                }
                break;
            case 'XOR':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count == 1 ? '1' : '0';
                break;
            case 'NOR':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count > 0 ? '0' : '1';
                break;
            case 'NAND':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count == count($param) ? '0' : '1';
                break;
            case 'LT':
                if (isset($param[1])) {
                    $value = intval($param[0]) < intval($param[1]) ? '1' : '0';
                }
                break;
            case 'GT':
                if (isset($param[1])) {
                    $value = intval($param[0]) > intval($param[1]) ? '1' : '0';
                }
                break;
            case 'COPPA_ON':
                $value = get_option('is_on_coppa') == '1' ? '1' : '0';
                break;
            case 'OBFUSCATE':
                if (isset($param[0])) {
                    require_code('obfuscate');
                    $value = obfuscate_entities($param[0]);
                }
                break;
            case 'FIX_ID':
                if (isset($param[0])) {
                    $value = fix_id($param[0]);
                    if ($GLOBALS['XSS_DETECT']) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'MAILTO':
                require_code('obfuscate');
                $value = mailto_obfuscated();
                break;
            case 'INLINE_STATS':
                $value = get_option('show_inline_stats') == '1' ? '1' : '0';
                break;
            case 'ATTACHMENT_DOWNLOADS':
                if (isset($param[0])) {
                    $db = $GLOBALS['SITE_DB'];
                    if (isset($param[1]) && $param[1] == '1') {
                        $db = $GLOBALS['FORUM_DB'];
                    }
                    $_value = $db->query_value_null_ok('attachments', 'a_num_downloads', array('id' => intval($param[0])));
                    $value = is_null($_value) ? '?' : strval($_value);
                }
                break;
            case 'CSS_DIMENSION_REDUCE':
                if (isset($param[1])) {
                    $value = $param[0];
                    if (substr($value, -2) == 'px') {
                        $b = $param[1];
                        $value = strval(intval(substr($value, 0, -2)) - intval($b)) . 'px';
                    }
                    if ($value == '') {
                        $value = '0px';
                    }
                }
                break;
            case 'COMMENT_COUNT':
                if (isset($param[1])) {
                    if (get_option('is_on_comments') == '1') {
                        $count = 0;
                        $_comments = $GLOBALS['FORUM_DRIVER']->get_forum_topic_posts($GLOBALS['FORUM_DRIVER']->find_topic_id_for_topic_identifier(get_option('comments_forum_name'), $param[0] . '_' . $param[1]), $count, 0, 0, false);
                        $_value = do_lang_tempcode('_COMMENTS', integer_format(0));
                        if (is_array($_comments)) {
                            $_value = do_lang_tempcode('_COMMENTS', escape_html(integer_format($count)));
                        }
                        $value = $_value->evaluate();
                    } else {
                        $value = do_lang('VIEW');
                    }
                }
                break;
            case 'CAN_SPELLCHECK':
                $value = function_exists('pspell_check') ? '1' : '0';
                break;
            case 'AWARD_ID':
                if (array_key_exists(0, $param)) {
                    $value = $GLOBALS['SITE_DB']->query_value_null_ok('award_archive', 'content_id', array('a_type_id' => intval($param[0])), 'ORDER BY date_and_time DESC');
                    if (is_null($value)) {
                        $value = '';
                    }
                }
                break;
            case 'SELF_PAGE_LINK':
                $value = '';
                if (running_script('index') || running_script('iframe')) {
                    $value = get_zone_name() . ':' . get_page_name();
                    foreach ($_GET as $key => $val) {
                        if ($key == 'page') {
                            continue;
                        }
                        if (is_array($val)) {
                            continue;
                        }
                        if (substr($key, 0, 5) == 'keep_') {
                            continue;
                        }
                        $value .= ':' . $key . '=' . $val;
                    }
                }
                break;
            case 'SET_TUTORIAL_LINK':
                $value = '';
                if (array_key_exists(1, $param) && $param[1] != '' && $param[1][0] != '#') {
                    set_tutorial_link($param[0], $param[1]);
                }
                break;
            case 'DISPLAY_CONCEPT':
                $value = '';
                if (array_key_exists(0, $param)) {
                    $key = $param[0];
                    $page_link = get_tutorial_link('concept___' . preg_replace('#[^\\w_]#', '_', $key));
                    if (is_null($page_link)) {
                        $temp_tpl = make_string_tempcode($key);
                    } else {
                        list($zone, $attributes, $hash) = page_link_decode($page_link);
                        $_url = build_url($attributes, $zone, NULL, false, false, false, $hash);
                        $temp_tpl = do_template('COMCODE_CONCEPT', array('_GUID' => 'ee0cd05f87329923f05145180004d8a8', 'TEXT' => $key, 'URL' => $_url));
                    }
                    $value = $temp_tpl->evaluate();
                }
                break;
            case 'SELF_URL':
                $extra_params = NULL;
                if (isset($param[3])) {
                    $extra_params = array();
                    $i = 3;
                    while (isset($param[$i])) {
                        $bits = explode('=', $param[$i], 2);
                        if ($bits[1] == '<null>') {
                            $bits[1] = NULL;
                        }
                        $extra_params[$bits[0]] = $bits[1];
                        $i++;
                    }
                }
                $value = get_self_url(true, isset($param[0]) && $param[0] == '1', $extra_params, isset($param[1]) && $param[1] == '1', isset($param[2]) && $param[2] == '1');
                break;
            case 'SHIFT_DECODE':
                if (isset($param[0])) {
                    global $SHIFT_VARIABLES;
                    $key = $param[0];
                    $value = isset($SHIFT_VARIABLES[$key]) ? $SHIFT_VARIABLES[$key]->evaluate() : '';
                }
                break;
            case 'NUMBER_FORMAT':
                if (isset($param[0])) {
                    $value = integer_format(intval($param[0]));
                }
                break;
            case 'FLOAT_FORMAT':
                if (isset($param[0])) {
                    $value = float_format(floatval($param[0]));
                }
                break;
            case 'CURRENTLY_INVISIBLE':
                $value = is_invisible() ? '1' : '0';
                break;
            case 'IS_FRIEND':
                if (isset($param[0])) {
                    $test = $GLOBALS['SITE_DB']->query_value_null_ok('chat_buddies', 'member_likes', array('member_likes' => isset($param[1]) ? intval($param[1]) : get_member(), 'member_liked' => intval($param[0])));
                    $value = is_null($test) ? '0' : '1';
                }
                break;
            case 'SSW':
                $value = get_option('ssw') == '1' ? '1' : '0';
                break;
            case 'RATING':
                if (isset($param[1])) {
                    require_code('feedback');
                    $rating = get_rating_simple_array(array_key_exists(3, $param) ? $param[3] : get_self_url(true), array_key_exists(4, $param) ? $param[4] : (is_null($DISPLAYED_TITLE) ? '' : $DISPLAYED_TITLE->evaluate()), $param[0], $param[1], array_key_exists(5, $param) ? $param[5] : 'RATING_FORM', array_key_exists(2, $param) ? $param[2] : NULL);
                    if ($rating !== NULL) {
                        if (!array_key_exists(2, $param) || $param[2] == '0') {
                            $value = isset($rating['ALL_RATING_CRITERIA'][0]['RATING']) ? $rating['ALL_RATING_CRITERIA'][0]['RATING'] : '';
                        } else {
                            $value = do_template('RATING_INLINE_STATIC', $rating);
                        }
                        if (is_object($value)) {
                            $value = $value->evaluate();
                        }
                    }
                }
                break;
            case 'VIEWS':
                if (isset($param[2])) {
                    $id_field = 'id';
                    // Not allowed for security reasons
                    if (preg_match('#^\\w*views\\w*$#', $param[1]) != 0) {
                        $test = $GLOBALS['SITE_DB']->query_value_null_ok($param[0], $param[1], array($id_field => $param[2]));
                        if (!is_null($test)) {
                            $value = integer_format($test);
                        }
                    }
                }
                break;
            default:
                global $EXTRA_SYMBOLS;
                if (is_null($EXTRA_SYMBOLS)) {
                    $EXTRA_SYMBOLS = array();
                    $hooks = find_all_hooks('systems', 'symbols');
                    foreach (array_keys($hooks) as $hook) {
                        $EXTRA_SYMBOLS[$hook] = array();
                    }
                }
                if (array_key_exists($name, $EXTRA_SYMBOLS)) {
                    if (!array_key_exists('ob', $EXTRA_SYMBOLS[$name])) {
                        require_code('hooks/systems/symbols/' . filter_naughty_harsh($name));
                        $EXTRA_SYMBOLS[$name]['ob'] = object_factory('Hook_symbol_' . filter_naughty_harsh($name));
                    }
                    $value = $EXTRA_SYMBOLS[$name]['ob']->run($param);
                    break;
                }
                if (defined($name)) {
                    $value = @strval(constant($name));
                    break;
                }
                $value = '';
                require_code('site');
                attach_message(do_lang_tempcode('MISSING_SYMBOL', escape_html($name)), 'warn');
        }
        if ($escaped != array()) {
            if (is_object($value)) {
                $value = $value->evaluate();
            }
            apply_tempcode_escaping($escaped, $value);
        }
        if ($cacheable) {
            $SYMBOL_CACHE[$escaped_codes] = $value;
        }
        return $value;
    }
    // Is it a directive?
    if ($type == TC_DIRECTIVE) {
        $value = '';
        if ($GLOBALS['XSS_DETECT']) {
            ocp_mark_as_escaped($value);
        }
        // In our param we should have a map of bubbled template parameters (under 'vars') and our numbered directive parameters
        if ($param === NULL) {
            $param = array();
        }
        // Closure-based Tempcode parser may send in strings, so we need to adapt...
        foreach ($param as $key => $val) {
            if (is_string($val)) {
                $param[$key] = make_string_tempcode($val);
            }
        }
        if (!isset($param['vars'])) {
            $param['vars'] = array();
        }
        switch ($name) {
            case 'SHIFT_ENCODE':
                break;
            case 'PARAM_INFO':
                $_value = do_template('PARAM_INFO', array('MAP' => $param['vars']));
                $value = $_value->evaluate();
                break;
            case 'CSS_INHERIT':
                // e.g. {+START,CSS_INHERIT,global,default,#886aa9}{+END}
                if (isset($param[0])) {
                    require_code('css_and_js');
                    $css_file = $param[0]->evaluate();
                    $theme = isset($param[1]) ? $param[1]->evaluate() : 'default';
                    $seed = isset($param[2]) ? $param[2]->evaluate() : NULL;
                    if ($seed == '') {
                        $seed = NULL;
                    }
                    $dark = isset($param[3]) ? $param[3]->evaluate() == '1' : false;
                    $algorithm = isset($param[4]) ? $param[4]->evaluate() : 'equations';
                    $value = css_inherit($css_file, $theme, $GLOBALS['FORUM_DRIVER']->get_theme(), $seed, $dark, $algorithm);
                }
                break;
            case 'FRACTIONAL_EDITABLE':
                foreach (array_keys($param) as $key) {
                    if (!is_numeric($key)) {
                        unset($param[$key]);
                    }
                }
                if (isset($param[3])) {
                    $edit_text = $param[0]->evaluate();
                    $edit_param_name = $param[1]->evaluate();
                    $edit_pagelink = $param[2]->evaluate();
                    $supports_comcode = (isset($param[4]) ? $param[3]->evaluate() : '0') == '1';
                    list($zone, $attributes, ) = page_link_decode($edit_pagelink);
                    if ($zone == '_SEARCH') {
                        $zone = get_module_zone($attributes['page']);
                    }
                    if (has_actual_page_access(get_member(), $attributes['page'], $zone) && has_zone_access(get_member(), 'adminzone')) {
                        $keep = symbol_tempcode('KEEP');
                        $url = find_script('fractional_edit') . '?edit_param_name=' . urlencode($edit_param_name) . '&supports_comcode=' . ($supports_comcode ? '1' : '0') . '&zone=' . urlencode($zone) . $keep->evaluate();
                        foreach ($attributes as $key => $val) {
                            $url .= '&' . $key . '=' . urlencode($val);
                        }
                        $_value = $param[count($param) - 1];
                        $_value = do_template('FRACTIONAL_EDIT', array('_GUID' => '075ac126c427d28b309004bc67b32b08', 'VALUE' => $_value, 'URL' => $url, 'EDIT_TEXT' => $edit_text, 'EDIT_PARAM_NAME' => $edit_param_name));
                        $value = $_value->evaluate();
                    } else {
                        $value = $param[count($param) - 1]->evaluate();
                    }
                }
                break;
            case 'SET':
                if (isset($param[1])) {
                    $var = $param[0]->evaluate();
                    $set_val = '';
                    $i = 1;
                    while (isset($param[$i])) {
                        if ($i != 1) {
                            $set_val .= ',';
                        }
                        $set_val .= $param[1]->evaluate();
                        $i++;
                    }
                    $TEMPCODE_SETGET[$var] = $set_val;
                }
                break;
            case 'IN_ARRAY':
                if (isset($param[1])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = in_array($param[0]->evaluate(), $array) ? '1' : '0';
                }
                break;
            case 'NOT_IN_ARRAY':
                if (isset($param[1])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = in_array($param[0]->evaluate(), $array) ? '0' : '1';
                }
                break;
            case 'IF_IN_ARRAY':
                if (isset($param[2])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = in_array($param[0]->evaluate(), $array) ? $param[2]->evaluate() : '';
                }
                break;
            case 'IF_NOT_IN_ARRAY':
                if (isset($param[2])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = in_array($param[0]->evaluate(), $array) ? '' : $param[2]->evaluate();
                }
                break;
            case 'IMPLODE':
                if (isset($param[1])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    if (isset($param[2]) && $param[2]->evaluate() == '1') {
                        $delim = $param[0]->evaluate();
                        foreach ($array as $key => $val) {
                            if ($value != '') {
                                $value .= $delim;
                            }
                            $value .= (is_integer($key) ? integer_format($key) : $key) . ' = ' . $val;
                        }
                    } else {
                        $value = implode($param[0]->evaluate(), $array);
                    }
                }
                break;
            case 'COUNT':
                if (isset($param[0])) {
                    $key = $param[0]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = strval(count($array));
                }
                break;
            case 'BOX':
                unset($param['vars']);
                $title = isset($param[1]) ? $param[0]->evaluate() : '';
                $dimensions = isset($param[2]) ? $param[1]->evaluate() : '100%';
                if ($dimensions == '') {
                    $dimensions = '100%';
                }
                $box_type = isset($param[3]) ? $param[2]->evaluate() : 'classic';
                $options = isset($param[4]) ? $param[3]->evaluate() : '';
                $meta = isset($param[5]) ? $param[4]->evaluate() : '';
                $links = isset($param[6]) ? $param[5]->evaluate() : '';
                $expand = isset($param[7]) ? $param[6]->evaluate() == '1' : false;
                $toplink = isset($param[8]) ? $param[7]->evaluate() : '';
                $tmp = put_in_standard_box(array_pop($param), $title, $dimensions, $box_type, $options, $meta, $links, $expand, $toplink);
                $value = $tmp->evaluate();
                break;
            case 'IF_NON_EMPTY':
                if (isset($param[1])) {
                    if (!$param[0]->is_really_empty()) {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'IF_PASSED':
                if (isset($param[1])) {
                    $t = $param[0]->evaluate();
                    if (isset($param['vars'][$t])) {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'IF_NON_PASSED':
                if (isset($param[1])) {
                    $t = $param[0]->evaluate();
                    if (!isset($param['vars'][$t])) {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'IF_EMPTY':
                if (isset($param[1])) {
                    if ($param[0]->is_really_empty()) {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'IF_ARRAY_EMPTY':
                if (isset($param[0])) {
                    $looking_at = $param[0]->evaluate();
                    if (array_key_exists($looking_at, $param['vars'])) {
                        if (count($param['vars'][$looking_at]) == 0) {
                            $value = $param[1]->evaluate();
                        }
                    }
                }
                break;
            case 'IF_ARRAY_NON_EMPTY':
                if (isset($param[0])) {
                    $looking_at = $param[0]->evaluate();
                    if (array_key_exists($looking_at, $param['vars'])) {
                        if (count($param['vars'][$looking_at]) != 0) {
                            $value = $param[1]->evaluate();
                        }
                    }
                }
                break;
            case 'OF':
                if (isset($param[1])) {
                    $key = $param[0]->evaluate();
                    $x = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $x2 = is_numeric($x) ? intval($x) : $x;
                    if (is_integer($x2)) {
                        if ($x2 < 0) {
                            $x2 = count($array) - 1;
                        } elseif ($x2 >= count($array)) {
                            $x2 -= count($array);
                        }
                    }
                    $value = array_key_exists($x2, $array) ? $array[$x2] : '';
                    if (is_object($value)) {
                        $value = $value->evaluate();
                    }
                }
                break;
            case 'INCLUDE':
                if (isset($param[1])) {
                    $tpl_params = $param['vars'];
                    $explode = explode(chr(10), $param[1]->evaluate());
                    foreach ($explode as $val) {
                        $bits = explode('=', $val, 2);
                        if (count($bits) == 2) {
                            $tpl_params[ltrim($bits[0])] = $bits[1];
                        }
                    }
                    $td = isset($param[3]) ? $param[2]->evaluate() : '';
                    if ($td == '') {
                        $td = 'templates';
                    }
                    $ex = isset($param[2]) ? $param[1]->evaluate() : '';
                    if ($ex == '') {
                        $ex = '.tpl';
                    }
                    $_value = do_template($param[0]->evaluate(), $tpl_params, NULL, false, NULL, $ex, $td);
                    $value = $_value->evaluate();
                }
                break;
            case 'WHILE':
                if (isset($param[1])) {
                    $_p = $param[0]->evaluate();
                    if ($_p == '1' || $_p == '1') {
                        $value = '';
                        $value .= $param[1]->evaluate();
                        $value .= ecv($lang, $escaped, $type, $name, $param);
                    }
                }
                break;
            case 'IF':
                if (isset($param[1])) {
                    $_p = $param[0]->evaluate();
                    if ($_p == '1' || $_p == '1') {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'LOOP':
                if (isset($param[0])) {
                    if (!array_key_exists($param[0]->evaluate(), $param['vars'])) {
                        require_code('site');
                        attach_message(do_lang_tempcode('MISSING_TEMPLATE_PARAMETER', $param[0]->evaluate(), '???'), 'warn');
                        return '';
                    }
                    $array_key = $param[0]->evaluate();
                    if (is_numeric($array_key) || strpos($array_key, ',') !== false) {
                        $array = explode(',', $array_key);
                    } else {
                        $array = array_key_exists($array_key, $param['vars']) ? $param['vars'][$array_key] : array();
                        if (!is_array($array)) {
                            $array = array();
                        }
                    }
                    $value = '';
                    if (array_key_exists(1 + 1, $param)) {
                        $columns = $param[1]->evaluate();
                        $row_starter = array_key_exists(2 + 1, $param) ? $param[2]->evaluate() : '<tr>';
                        $row_terminator = array_key_exists(3 + 1, $param) ? $param[3]->evaluate() : '</tr>';
                        $value .= $row_starter;
                        // Sorting
                        if (array_key_exists(4 + 1, $param)) {
                            $sort_key = $param[4]->evaluate();
                            $rev = array_key_exists(5 + 1, $param) && $param[5]->evaluate() == 'DESC';
                            if ($sort_key != '') {
                                global $M_SORT_KEY;
                                $M_SORT_KEY = $sort_key;
                                uasort($array, 'multi_sort');
                            }
                            if ($rev) {
                                $array = array_reverse($array);
                            }
                        }
                    }
                    $last = count($param) - 2;
                    $col = 0;
                    $first = true;
                    foreach ($array as $go_key => $go) {
                        if (!is_array($go)) {
                            $go = array('_loop_key' => make_string_tempcode(is_integer($go_key) ? strval($go_key) : $go_key), '_loop_var' => make_string_tempcode($go));
                        }
                        // In case it's not a list of maps, but just a list
                        if (isset($param[2]) && $col % $columns == 0 && $col != 0) {
                            $value .= $row_starter;
                        }
                        $ps = $go + $param['vars'] + array('_loop_key' => make_string_tempcode(is_integer($go_key) ? strval($go_key) : $go_key), '_i' => strval($col), '_first' => $first, '_last' => $col == count($array) - 1);
                        $bound = $param[$last]->bind($ps, '');
                        $value .= $bound->evaluate();
                        ++$col;
                        if (isset($param[3]) && $col % $columns == 0) {
                            $value .= $row_terminator;
                        }
                        $first = false;
                    }
                    if (isset($param[2]) && $col % $columns != 0) {
                        $value .= $row_terminator;
                    }
                }
                break;
            default:
                require_code('site');
                attach_message(do_lang_tempcode('UNKNOWN_DIRECTIVE', escape_html($name)), 'warn');
        }
        if ($escaped != array()) {
            apply_tempcode_escaping($escaped, $value);
        }
        return $value;
    }
    // By elimination, it's language
    $a = isset($param[0]) ? is_object($param[0]) ? $param[0]->evaluate() : $param[0] : NULL;
    $b = isset($param[1]) ? is_object($param[1]) ? $param[1]->evaluate() : $param[1] : NULL;
    $c = isset($param[2]) ? array_splice($param, 2) : NULL;
    if ($c !== NULL) {
        foreach ($c as $i => $cc) {
            if (is_object($cc)) {
                $c[$i] = $cc->evaluate();
            }
        }
    }
    static $dle = false;
    if (!$dle) {
        $dle = function_exists('do_lang');
    }
    $ret = $dle ? do_lang($name, $a, $b, $c, $lang, false) : escape_html($name . ':' . (!is_null($a) ? $a : '') . ',' . (!is_null($b) ? $b : ''));
    if ($ret === NULL) {
        if ($type != TC_PARAMETER) {
            require_code('site');
            attach_message(do_lang_tempcode('MISSING_LANG_ENTRY', escape_html($name)), 'warn');
        }
        $value = '';
        if ($GLOBALS['XSS_DETECT']) {
            ocp_mark_as_escaped($value);
        }
        return $value;
    }
    if ($escaped != array() && $escaped != array(ENTITY_ESCAPED)) {
        apply_tempcode_escaping(array_diff($escaped, array(ENTITY_ESCAPED)), $ret);
    }
    // Escape but without ENTITY_ESCAPED because we don't do that on lang strings
    return $ret;
}
/**
 * Edit a member's photo, and check validity.
 *
 * @param  ID_TEXT	The identifier for the name of the posted URL field.
 * @param  ID_TEXT	The identifier for the name of the posted upload.
 * @param  ?MEMBER	The member (NULL: the current member).
 */
function ocf_member_choose_photo($param_name, $upload_name, $member_id = NULL)
{
    if (is_null($member_id)) {
        $member_id = get_member();
    }
    require_code('uploads');
    if (!array_key_exists($upload_name, $_FILES) || !is_swf_upload() && !is_uploaded_file($_FILES[$upload_name]['tmp_name'])) {
        $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_photo_url', array('id' => $member_id));
        $x = post_param($param_name);
        if ($x != '' && url_is_local($x) && !$GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
            if ($old != $x) {
                access_denied('ASSOCIATE_EXISTING_FILE');
            }
        }
        if ($old == $x) {
            return;
        }
        // Not changed, bomb out as we don't want to generate a thumbnail, or copy to avatar, or send notification
    }
    // Find photo URL
    $urls = get_url($param_name, $upload_name, file_exists(get_custom_file_base() . '/uploads/photos') ? 'uploads/photos' : 'uploads/ocf_photos', 0, OCP_UPLOAD_IMAGE, true, 'thumb_' . $param_name, $upload_name . '2', false, true);
    if (!(strlen($urls[0]) > 1)) {
        $urls[1] = '';
    }
    if ((get_base_url() != get_forum_base_url() || array_key_exists('on_msn', $GLOBALS['SITE_INFO']) && $GLOBALS['SITE_INFO']['on_msn'] == '1') && $urls[0] != '' && url_is_local($urls[0])) {
        $urls[0] = get_custom_base_url() . '/' . $urls[0];
    }
    if ((get_base_url() != get_forum_base_url() || array_key_exists('on_msn', $GLOBALS['SITE_INFO']) && $GLOBALS['SITE_INFO']['on_msn'] == '1') && $urls[1] != '' && url_is_local($urls[1])) {
        $urls[1] = get_custom_base_url() . '/' . $urls[1];
    }
    if (get_option('is_on_gd') == '0' || !function_exists('imagetypes')) {
        if (!array_key_exists($upload_name . '2', $_FILES) || !is_swf_upload() && !is_uploaded_file($_FILES[$upload_name . '2']['tmp_name'])) {
            $field = post_param('thumb_' . $param_name, '');
            if ($field == '' && $urls[0] != '') {
                warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_UPLOAD'));
            }
            if ($field != '' && url_is_local($field) && !$GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
                $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_photo_thumb_url', array('id' => $member_id));
                if ($old != $field) {
                    access_denied('ASSOCIATE_EXISTING_FILE');
                }
            }
        }
    }
    // Cleanup old photo
    $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_photo_url', array('id' => $member_id));
    if ($old == $urls[0]) {
        return;
    }
    if (url_is_local($old) && (substr($old, 0, 19) == 'uploads/ocf_photos/' || substr($old, 0, 15) == 'uploads/photos/')) {
        @unlink(get_custom_file_base() . '/' . rawurldecode($old));
    }
    $GLOBALS['FORUM_DB']->query_update('f_members', array('m_photo_url' => $urls[0], 'm_photo_thumb_url' => $urls[1]), array('id' => $member_id), '', 1);
    require_code('notifications');
    dispatch_notification('ocf_choose_photo', NULL, do_lang('CHOOSE_PHOTO_SUBJECT', $GLOBALS['FORUM_DRIVER']->get_username($member_id), NULL, NULL, get_lang($member_id)), do_lang('CHOOSE_PHOTO_BODY', $urls[0], $urls[1], $GLOBALS['FORUM_DRIVER']->get_username($member_id), get_lang($member_id)));
    // If no avatar, or default avatar, or avatars not installed, use photo for it
    $avatar_url = $GLOBALS['FORUM_DRIVER']->get_member_avatar_url($member_id);
    $default_avatar_url = find_theme_image('ocf_default_avatars/default', true, true);
    if (!addon_installed('ocf_avatars')) {
        $avatar_url = $urls[0];
        if (get_option('is_on_gd') == '1' && function_exists('imagetypes')) {
            $stub = url_is_local($avatar_url) ? get_complex_base_url($avatar_url) . '/' : '';
            $file_path = convert_url_to_path($stub . $avatar_url);
            if (!is_null($file_path)) {
                $new_file_path = str_replace('/ocf_photos/', '/ocf_avatars/', $file_path);
                if (!file_exists($new_file_path)) {
                    copy($file_path, $new_file_path);
                    fix_permissions($new_file_path);
                    sync_file($new_file_path);
                }
                $avatar_url = str_replace('/ocf_photos/', '/ocf_avatars/', $avatar_url);
            }
        }
        ocf_member_choose_avatar($avatar_url, $member_id);
    }
    // Decache from run-time cache
    unset($GLOBALS['FORUM_DRIVER']->MEMBER_ROWS_CACHED[$member_id]);
    unset($GLOBALS['MEMBER_CACHE_FIELD_MAPPINGS'][$member_id]);
}
 /**
  * Get tempcode for a adding/editing form.
  *
  * @param  ?GROUP			The usergroup being edited (NULL: adding, not editing)
  * @param  SHORT_TEXT	The usergroup name
  * @param  BINARY			Whether this is a default usergroup
  * @param  BINARY			Whether members of the usergroup are super-administrators
  * @param  BINARY			Whether members of the usergroup are super-moderators
  * @param  ID_TEXT		The username of the usergroup leader
  * @param  SHORT_TEXT	The default title for members with this as their primary usergroup
  * @param  URLPATH		The usergroup rank image
  * @param  ?GROUP			The target for promotion from this usergroup (NULL: no promotion prospects)
  * @param  ?integer		The point threshold upon which promotion occurs (NULL: no promotion prospects)
  * @param  integer		The number of seconds between submission flood controls
  * @param  integer		The number of seconds between access flood controls
  * @param  integer		The number of gift points members of this usergroup get when they start
  * @param  integer		The number of gift points members of this usergroup get per-day
  * @param  integer		The number of megabytes members can upload per day
  * @param  integer		The maximum number of attachments members of this usergroup may have per post
  * @param  integer		The maximum avatar width members of this usergroup may have
  * @param  integer		The maximum avatar height members of this usergroup may have
  * @param  integer		The maximum post length members of this usergroup may have
  * @param  integer		The maximum signature length members of this usergroup may have
  * @param  BINARY			Whether to lock out unverified IP addresses until e-mail confirmation
  * @param  BINARY			Whether the usergroup is presented for joining at joining (implies anyone may be in the usergroup, but only choosable at joining)
  * @param  BINARY			Whether the name and membership of the usergroup is hidden
  * @param  ?integer		The display order this usergroup will be given, relative to other usergroups. Lower numbered usergroups display before higher numbered usergroups (NULL: last).
  * @param  BINARY			Whether the rank image will not be shown for secondary membership
  * @param  BINARY			Whether members may join this usergroup without requiring any special permission
  * @param  BINARY			Whether this usergroup is a private club. Private clubs may be managed in the CMS zone, and do not have any special permissions - except over their own associated forum.
  * @return array			A pair: The input fields, Hidden fields
  */
 function get_form_fields($id = NULL, $name = '', $is_default = 0, $is_super_admin = 0, $is_super_moderator = 0, $group_leader = '', $title = '', $rank_image = '', $promotion_target = NULL, $promotion_threshold = NULL, $flood_control_submit_secs = 0, $flood_control_access_secs = 0, $gift_points_base = 25, $gift_points_per_day = 1, $max_daily_upload_mb = 5, $max_attachments_per_post = 20, $max_avatar_width = 80, $max_avatar_height = 80, $max_post_length_comcode = 40000, $max_sig_length_comcode = 1000, $enquire_on_new_ips = 0, $is_presented_at_install = 0, $group_is_hidden = 0, $order = NULL, $rank_image_pri_only = 1, $open_membership = 0, $is_private_club = 0)
 {
     if (is_null($group_leader)) {
         $group_leader = '';
     }
     $fields = new ocp_tempcode();
     $hidden = new ocp_tempcode();
     require_code('form_templates');
     $fields->attach(form_input_line(do_lang_tempcode('NAME'), do_lang_tempcode('DESCRIPTION_USERGROUP_TITLE'), 'name', $name, true));
     if (addon_installed('ocf_clubs') && !is_null($id)) {
         $fields->attach(form_input_tick(do_lang_tempcode('IS_PRIVATE_CLUB'), do_lang_tempcode('IS_PRIVATE_CLUB_DESCRIPTION'), 'is_private_club', $is_private_club == 1));
     }
     $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => $title == '' && $group_leader == '', 'TITLE' => do_lang_tempcode('ADVANCED'))));
     $fields->attach(form_input_line(do_lang_tempcode('TITLE'), do_lang_tempcode('DESCRIPTION_GROUP_TITLE'), 'title', $title, false));
     $fields->attach(form_input_username(do_lang_tempcode('GROUP_LEADER'), do_lang_tempcode('DESCRIPTION_GROUP_LEADER'), 'group_leader', $group_leader, false));
     $rows = $GLOBALS['FORUM_DB']->query_select('f_groups', array('id', 'g_name', 'g_is_super_admin'), array('g_is_private_club' => 0));
     $orderlist = new ocp_tempcode();
     $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)');
     $num_groups = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)', $group_count > 200 ? array('g_is_private_club' => 0) : NULL);
     if (is_null($id)) {
         $num_groups++;
     }
     for ($i = 0; $i < $num_groups; $i++) {
         $orderlist->attach(form_input_list_entry(strval($i), $i === $order || is_null($id) && $i == $num_groups - 1, integer_format($i + 1)));
     }
     $fields->attach(form_input_list(do_lang_tempcode('ORDER'), do_lang_tempcode('USERGROUP_DISPLAY_ORDER_DESCRIPTION'), 'order', $orderlist));
     $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('JOINING'))));
     if (is_null($id) || $id != db_get_first_id()) {
         $fields->attach(form_input_tick(do_lang_tempcode('IS_PRESENTED_AT_INSTALL'), do_lang_tempcode('DESCRIPTION_IS_PRESENTED_AT_INSTALL'), 'is_presented_at_install', $is_presented_at_install == 1));
         $fields->attach(form_input_tick(do_lang_tempcode('DEFAULT_GROUP'), do_lang_tempcode('DESCRIPTION_IS_DEFAULT_GROUP'), 'is_default', $is_default == 1));
     }
     $fields->attach(form_input_tick(do_lang_tempcode('OPEN_MEMBERSHIP'), do_lang_tempcode('OPEN_MEMBERSHIP_DESCRIPTION'), 'open_membership', $open_membership == 1));
     $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => true, 'TITLE' => do_lang_tempcode('RANK'))));
     if (addon_installed('points')) {
         $promotion_target_groups = form_input_list_entry('-1', false, do_lang_tempcode('NA_EM'));
         foreach ($rows as $group) {
             if ($group['id'] != $id && $group['id'] != db_get_first_id()) {
                 $promotion_target_groups->attach(form_input_list_entry(strval($group['id']), $group['id'] == $promotion_target, get_translated_text($group['g_name'], $GLOBALS['FORUM_DB'])));
             }
         }
         $fields->attach(form_input_list(do_lang_tempcode('PROMOTION_TARGET'), do_lang_tempcode('DESCRIPTION_PROMOTION_TARGET'), 'promotion_target', $promotion_target_groups));
         $fields->attach(form_input_integer(do_lang_tempcode('PROMOTION_THRESHOLD'), do_lang_tempcode('DESCRIPTION_PROMOTION_THRESHOLD'), 'promotion_threshold', $promotion_threshold, false));
     }
     if (get_base_url() == get_forum_base_url()) {
         handle_max_file_size($hidden, 'image');
         $fields->attach(form_input_upload(do_lang_tempcode('RANK_IMAGE'), do_lang_tempcode('DESCRIPTION_RANK_IMAGE'), 'file', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images'))));
     }
     require_code('themes2');
     $ids = get_all_image_ids_type('ocf_rank_images', false, $GLOBALS['FORUM_DB']);
     $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('STOCK')), do_lang_tempcode('DESCRIPTION_ALTERNATE_STOCK'), 'theme_img_code', $ids, NULL, $rank_image, NULL, true, $GLOBALS['FORUM_DB']));
     $fields->attach(form_input_tick(do_lang_tempcode('RANK_IMAGE_PRI_ONLY'), do_lang_tempcode('RANK_IMAGE_PRI_ONLY_DESCRIPTION'), 'rank_image_pri_only', $rank_image_pri_only == 1));
     $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => true, 'TITLE' => do_lang_tempcode('BENEFITS'))));
     $sa_descrip = do_lang_tempcode('DESCRIPTION_IS_SUPER_ADMIN');
     if ($is_super_admin == 1) {
         $sa_descrip->attach(do_lang_tempcode('DESCRIPTION_IS_SUPER_ADMIN_B'));
     }
     $fields->attach(form_input_tick(do_lang_tempcode('SUPER_ADMIN'), $sa_descrip, 'is_super_admin', $is_super_admin == 1));
     $fields->attach(form_input_tick(do_lang_tempcode('SUPER_MODERATOR'), do_lang_tempcode('DESCRIPTION_IS_SUPER_MODERATOR'), 'is_super_moderator', $is_super_moderator == 1));
     if (addon_installed('points')) {
         $fields->attach(form_input_integer(do_lang_tempcode('GIFT_POINTS_BASE'), do_lang_tempcode('DESCRIPTION_GIFT_POINTS_BASE'), 'gift_points_base', $gift_points_base, true));
         $fields->attach(form_input_integer(do_lang_tempcode('GIFT_POINTS_PER_DAY'), do_lang_tempcode('DESCRIPTION_GIFT_POINTS_PER_DAY'), 'gift_points_per_day', $gift_points_per_day, true));
     }
     require_lang('security');
     $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => true, 'TITLE' => do_lang_tempcode('SECURITY'))));
     $fields->attach(form_input_tick(do_lang_tempcode('HIDDEN_USERGROUP'), do_lang_tempcode('DESCRIPTION_GROUP_HIDDEN'), 'hidden', $group_is_hidden == 1));
     $fields->attach(form_input_tick(do_lang_tempcode('ENQUIRE_ON_NEW_IPS'), do_lang_tempcode('DESCRIPTION_ENQUIRE_ON_NEW_IPS'), 'enquire_on_new_ips', $enquire_on_new_ips == 1));
     $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => true, 'TITLE' => do_lang_tempcode('RESTRICTIONS'))));
     $fields->attach(form_input_integer(do_lang_tempcode('MAX_ATTACHMENTS_PER_POST'), do_lang_tempcode('DESCRIPTION_MAX_ATTACHMENTS_PER_POST'), 'max_attachments_per_post', $max_attachments_per_post, true));
     $fields->attach(form_input_integer(do_lang_tempcode('MAX_DAILY_UPLOAD_MB'), do_lang_tempcode('DESCRIPTION_MAX_DAILY_UPLOAD_MB'), 'max_daily_upload_mb', $max_daily_upload_mb, true));
     if (addon_installed('ocf_member_avatars')) {
         $fields->attach(form_input_integer(do_lang_tempcode('MAX_AVATAR_WIDTH'), do_lang_tempcode('DESCRIPTION_MAX_AVATAR_WIDTH'), 'max_avatar_width', $max_avatar_width, true));
         $fields->attach(form_input_integer(do_lang_tempcode('MAX_AVATAR_HEIGHT'), do_lang_tempcode('DESCRIPTION_MAX_AVATAR_HEIGHT'), 'max_avatar_height', $max_avatar_height, true));
     }
     $fields->attach(form_input_integer(do_lang_tempcode('MAX_POST_LENGTH_COMCODE'), do_lang_tempcode('DESCRIPTION_MAX_POST_LENGTH_COMCODE'), 'max_post_length_comcode', $max_post_length_comcode, true));
     if (addon_installed('ocf_signatures')) {
         $fields->attach(form_input_integer(do_lang_tempcode('MAX_SIG_LENGTH_COMCODE'), do_lang_tempcode('DESCRIPTION_MAX_SIG_LENGTH_COMCODE'), 'max_sig_length_comcode', $max_sig_length_comcode, true));
     }
     $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => true, 'TITLE' => do_lang_tempcode('FLOOD_CONTROL'))));
     $fields->attach(form_input_integer(do_lang_tempcode('FLOOD_CONTROL_ACCESS_SECS'), do_lang_tempcode('DESCRIPTION_FLOOD_CONTROL_ACCESS_SECS'), 'flood_control_access_secs', $flood_control_access_secs, true));
     $fields->attach(form_input_integer(do_lang_tempcode('FLOOD_CONTROL_SUBMIT_SECS'), do_lang_tempcode('DESCRIPTION_FLOOD_CONTROL_SUBMIT_SECS'), 'flood_control_submit_secs', $flood_control_submit_secs, true));
     $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('ACTIONS'))));
     $copy_members_from_groups = new ocp_tempcode();
     foreach ($rows as $row) {
         if ($row['id'] != db_get_first_id() && $row['id'] != $id) {
             $copy_members_from_groups->attach(form_input_list_entry(strval($row['id']), false, get_translated_text($row['g_name'], $GLOBALS['FORUM_DB'])));
         }
     }
     $fields->attach(form_input_multi_list(do_lang_tempcode('COPY_MEMBERS_INTO'), do_lang_tempcode('DESCRIPTION_COPY_MEMBERS_INTO'), 'copy_members_into', $copy_members_from_groups));
     // Take permissions from
     $permissions_from_groups = new ocp_tempcode();
     $permissions_from_groups = form_input_list_entry('-1', false, do_lang_tempcode('NA_EM'));
     foreach ($rows as $group) {
         if ($group['id'] != $id) {
             $permissions_from_groups->attach(form_input_list_entry(strval($group['id']), false, get_translated_text($group['g_name'], $GLOBALS['FORUM_DB'])));
         }
     }
     $fields->attach(form_input_list(do_lang_tempcode('DEFAULT_PERMISSIONS_FROM'), do_lang_tempcode(is_null($id) ? 'DESCRIPTION_DEFAULT_PERMISSIONS_FROM_NEW' : 'DESCRIPTION_DEFAULT_PERMISSIONS_FROM'), 'absorb', $permissions_from_groups));
     $this->appended_actions_already = true;
     return array($fields, $hidden);
 }
Exemple #15
0
 /**
  * Get a URL to send a private/personal message to the given member.
  *
  * @param  MEMBER			The member id
  * @return URLPATH		The URL to the private/personal message page
  */
 function _member_pm_url($id)
 {
     return get_forum_base_url() . '/index.php?app=members&module=messaging&section=send&do=form&fromMemberID=' . strval($id);
 }
Exemple #16
0
 /**
  * Get tempcode for a news category adding/editing form.
  *
  * @param  SHORT_TEXT	The title of the news category
  * @param  SHORT_TEXT	The news category image
  * @param  LONG_TEXT		Notes relating to the news category
  * @param  ?MEMBER		The owner of the news category (NULL: public)
  * @param  ?AUTO_LINK	The ID of this news category (NULL: we haven't added it yet)
  * @return array			A pair: The input fields, Hidden fields
  */
 function get_form_fields($title = '', $img = '', $notes = '', $owner = NULL, $category_id = NULL)
 {
     $fields = new ocp_tempcode();
     $hidden = new ocp_tempcode();
     require_code('form_templates');
     $fields->attach(form_input_line_comcode(do_lang_tempcode('TITLE'), do_lang_tempcode('DESCRIPTION_TITLE'), 'title', $title, true));
     if (get_base_url() == get_forum_base_url()) {
         $fields->attach(form_input_upload(do_lang_tempcode('IMAGE'), do_lang_tempcode('DESCRIPTION_UPLOAD'), 'file', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images'))));
         handle_max_file_size($hidden, 'image');
     }
     require_code('themes2');
     $ids = get_all_image_ids_type('newscats');
     $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('STOCK')), do_lang_tempcode('DESCRIPTION_ALTERNATE_STOCK'), 'theme_img_code', $ids, NULL, $img, NULL, true));
     if (!is_null($owner)) {
         $owner_username = $GLOBALS['FORUM_DRIVER']->get_username($owner);
         if (is_null($owner_username)) {
             $owner_username = do_lang('UNKNOWN');
         }
         $fields->attach(form_input_line(do_lang_tempcode('OWNER'), do_lang_tempcode('DESCRIPTION_OWNER'), 'owner', $owner_username, true));
     }
     if (get_value('disable_staff_notes') !== '1') {
         $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => $notes == '', 'TITLE' => do_lang_tempcode('ADVANCED'))));
         $fields->attach(form_input_text(do_lang_tempcode('NOTES'), do_lang_tempcode('DESCRIPTION_NOTES'), 'notes', $notes, false));
     }
     $fields->attach($this->get_permission_fields(is_null($category_id) ? '' : strval($category_id), NULL, $title == ''));
     return array($fields, $hidden);
 }
Exemple #17
0
 /**
  * Find the base URL to the emoticons.
  *
  * @return URLPATH		The base URL
  */
 function get_emo_dir()
 {
     return get_forum_base_url() . '/images/smilies/';
 }
Exemple #18
0
 /**
  * Standard modular install function.
  *
  * @param  ?integer	What version we're upgrading from (NULL: new install)
  * @param  ?integer	What hack version we're upgrading from (NULL: new-install/not-upgrading-from-a-hacked-version)
  */
 function install($upgrade_from = NULL, $upgrade_from_hack = NULL)
 {
     require_code('menus');
     require_all_lang();
     /* Our idealised choice of installed links is built for minimalism by assuming we also have:
     			 zone menu
     			 tailored menus in non-site/welcome zones
     			 NO panel_top (if there is that's fine, it's just a supplementary source of navigation)
     			 footer menu
     			 donate/hosting/advertise linked to by banners
     			 side_personal_stats/side_search/main_newsletter_signup/main_leaderboard/main_poll/main_iotd/main_news/side_news_categories/side_calendar blocks
     			 implicit links to authors/awards/member-actions/onlinemembers
     
     			(not all links defined here, various modules also install them)
     		*/
     // root_website
     add_menu_item_simple('root_website', NULL, 'FRONT_PAGE', ':');
     add_menu_item_simple('root_website', NULL, 'RULES', '_SEARCH:rules');
     //add_menu_item_simple('root_website',NULL,'FEEDBACK','_SEARCH:feedback');
     if (!in_array(get_forum_type(), array('ocf', 'none'))) {
         add_menu_item_simple('root_website', NULL, 'SECTION_FORUMS', get_forum_base_url(true));
     }
     // main_features
     add_menu_item_simple('main_features', NULL, 'FRONT_PAGE', 'site:');
     add_menu_item_simple('main_features', NULL, 'GUIDE', '_SEARCH:help');
     add_menu_item_simple('main_features', NULL, 'RULES', '_SEARCH:rules');
     // main_content
     // main_community
     if (!in_array(get_forum_type(), array('ocf', 'none'))) {
         add_menu_item_simple('main_community', NULL, 'SECTION_FORUMS', get_forum_base_url(true));
     }
     if (get_forum_type() == 'ocf') {
         add_menu_item_simple('main_community', NULL, 'MEMBERS', '_SEARCH:members:type=misc');
     }
     if (get_forum_type() == 'ocf') {
         add_menu_item_simple('main_community', NULL, 'USERGROUPS', '_SEARCH:groups:type=misc');
     }
     // member_features
     add_menu_item_simple('member_features', NULL, '_JOIN', '_SEARCH:join:type=misc', 0, 1);
     add_menu_item_simple('member_features', NULL, 'RESET_PASSWORD', '_SEARCH:lostpassword:type=misc');
     // collab_website
     add_menu_item_simple('collab_website', NULL, 'FRONT_PAGE', 'collaboration:');
     add_menu_item_simple('collab_website', NULL, 'ABOUT', 'collaboration:about');
     // forum_features
     add_menu_item_simple('forum_features', NULL, 'RULES', '_SEARCH:rules');
     add_menu_item_simple('forum_features', NULL, 'MEMBERS', '_SEARCH:members:type=misc');
     // Zones
     add_menu_item_simple('zone_menu', NULL, 'SITE', 'site' . ':', 0, 1);
     if (get_forum_type() == 'ocf') {
         add_menu_item_simple('zone_menu', NULL, 'SECTION_FORUMS', 'forum' . ':', 0, 1);
     } else {
         add_menu_item_simple('zone_menu', NULL, 'SECTION_FORUMS', get_forum_base_url(), 0, 1);
     }
     if (file_exists(get_file_base() . '/collaboration')) {
         add_menu_item_simple('zone_menu', NULL, 'COLLABORATION', 'collaboration' . ':', 0, 1);
     }
     add_menu_item_simple('zone_menu', NULL, 'CMS', 'cms' . ':', 0, 1);
     add_menu_item_simple('zone_menu', NULL, 'ADMIN_ZONE', 'adminzone' . ':', 0, 1);
     //add_menu_item_simple('zone_menu',NULL,'GUIDES','docs'.':userguide',0,1);
 }
Exemple #19
0
 /**
  * Find the base URL to the emoticons.
  *
  * @return URLPATH		The base URL
  */
 function get_emo_dir()
 {
     return get_forum_base_url() . '/html/emoticons/';
 }
Exemple #20
0
/**
 * Function to get a base URL for an OCF relative-URL. The situation is complex as it needs to take into account OCF multi-site-network's, locally defined theme images, and shared-installs (myocp style).
 *
 * @param  URLPATH		Short base URL we need to probe
 * @return URLPATH		The appropriate base-url
 */
function get_complex_base_url($at)
{
    return get_forum_base_url() != get_base_url() ? get_forum_base_url() : (substr($at, 0, 22) == 'themes/default/images/' ? get_base_url() : get_custom_base_url());
}
Exemple #21
0
 /**
  * Find the base URL to the emoticons.
  *
  * @return URLPATH		The base URL
  */
 function get_emo_dir()
 {
     return get_forum_base_url() . '/';
 }
Exemple #22
0
 /**
  * Get the photo thumbnail URL for the specified member id.
  *
  * @param  MEMBER			The member id
  * @return URLPATH		The URL (blank: none)
  */
 function get_member_photo_url($member)
 {
     $pic = $this->connection->query_value_null_ok('member_extra', 'photo_location', array('id' => $member));
     if (is_null($pic)) {
         $pic = '';
     } elseif (url_is_local($pic) && $pic != '') {
         $pic = get_forum_base_url() . '/uploads/' . $pic;
     }
     return $pic;
 }