if ($access == 0) { ++$no_access; } } // User can't access any actions in this module - just disallow it completely if ($no_access == count($actions)) { unset($mybb->input['permissions'][$module]); } } // Does an options row exist for this admin already? $query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='" . $mybb->get_input('uid', MyBB::INPUT_INT) . "'"); $existing_options = $db->fetch_field($query, "existing_options"); if ($existing_options > 0) { $db->update_query("adminoptions", array('permissions' => $db->escape_string(my_serialize($mybb->input['permissions']))), "uid = '" . $mybb->get_input('uid', MyBB::INPUT_INT) . "'"); } else { $insert_array = array("uid" => $mybb->get_input('uid', MyBB::INPUT_INT), "permissions" => $db->escape_string(my_serialize($mybb->input['permissions'])), "notes" => '', "defaultviews" => ''); $db->insert_query("adminoptions", $insert_array); } $plugins->run_hooks("admin_user_admin_permissions_edit_commit"); // Log admin action if ($uid > 0) { // Users $user = get_user($uid); log_admin_action($uid, $user['username']); } elseif ($uid < 0) { // Groups $gid = abs($uid); $query = $db->simple_select("usergroups", "title", "gid='{$gid}'"); $group = $db->fetch_array($query); log_admin_action($uid, $group['title']); } else {
$modann = ''; } $plugins->run_hooks("forumdisplay_announcement"); eval("\$announcements .= \"" . $templates->get("forumdisplay_announcements_announcement") . "\";"); $bgcolor = alt_trow(); } if ($announcements) { eval("\$announcementlist = \"" . $templates->get("forumdisplay_announcements") . "\";"); $shownormalsep = true; } if (empty($cookie)) { // Clean up cookie crumbs my_setcookie('mybb[announcements]', 0, TIME_NOW - 60 * 60 * 24 * 365); } else { if (!empty($cookie)) { my_setcookie("mybb[announcements]", addslashes(my_serialize($cookie)), -1); } } } else { $announcementlist = ''; } $tids = $threadcache = array(); $icon_cache = $cache->read("posticons"); if ($fpermissions['canviewthreads'] != 0) { $plugins->run_hooks("forumdisplay_get_threads"); // Start Getting Threads $query = $db->query("\n\t\tSELECT t.*, {$ratingadd}t.username AS threadusername, u.username\n\t\tFROM " . TABLE_PREFIX . "threads t\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid)\n\t\tWHERE t.fid='{$fid}' {$tuseronly} {$tvisibleonly} {$datecutsql2} {$prefixsql2}\n\t\tORDER BY t.sticky DESC, {$t}{$sortfield} {$sortordernow} {$sortfield2}\n\t\tLIMIT {$start}, {$perpage}\n\t"); $ratings = false; $moved_threads = array(); while ($thread = $db->fetch_array($query)) { $threadcache[$thread['tid']] = $thread;
exit; } $page->show_login($login_message, "error"); } } // Time to check for Two-Factor Authentication // First: are we trying to verify a code? if ($mybb->input['do'] == "do_2fa" && $mybb->request_method == "post") { // Test whether it's a recovery code $recovery = false; $codes = my_unserialize($admin_options['recovery_codes']); if (!empty($codes) && in_array($mybb->get_input('code'), $codes)) { $recovery = true; $ncodes = array_diff($codes, array($mybb->input['code'])); // Removes our current code from the codes array $db->update_query("adminoptions", array("recovery_codes" => $db->escape_string(my_serialize($ncodes))), "uid='{$mybb->user['uid']}'"); if (count($ncodes) == 0) { flash_message($lang->my2fa_no_codes, "error"); } } // Validate the code require_once MYBB_ROOT . "inc/3rdparty/2fa/GoogleAuthenticator.php"; $auth = new PHPGangsta_GoogleAuthenticator(); $test = $auth->verifyCode($admin_options['authsecret'], $mybb->get_input('code')); // Either the code was okay or it was a recovery code if ($test === true || $recovery === true) { // Correct code -> session authenticated $db->update_query("adminsessions", array("authenticated" => 1), "sid='" . $db->escape_string($mybb->cookies['adminsid']) . "'"); $admin_session['authenticated'] = 1; $db->update_query("adminoptions", array("loginattempts" => 0, "loginlockoutexpiry" => 0), "uid='{$mybb->user['uid']}'"); my_setcookie('acploginattempts', 0);
$errors[] = $lang->error_missing_action_type; } if (!$errors) { // Ban if ($mybb->input['action_type'] == 1) { $action = array("type" => 1, "usergroup" => $mybb->get_input('action_1_usergroup', MyBB::INPUT_INT), "length" => fetch_time_length($mybb->input['action_1_time'], $mybb->input['action_1_period'])); } else { if ($mybb->input['action_type'] == 2) { $action = array("type" => 2, "length" => fetch_time_length($mybb->input['action_2_time'], $mybb->input['action_2_period'])); } else { if ($mybb->input['action_type'] == 3) { $action = array("type" => 3, "length" => fetch_time_length($mybb->input['action_3_time'], $mybb->input['action_3_period'])); } } } $updated_level = array("percentage" => $mybb->get_input('percentage', MyBB::INPUT_INT), "action" => my_serialize($action)); $plugins->run_hooks("admin_config_warning_edit_level_commit"); $db->update_query("warninglevels", $updated_level, "lid='{$level['lid']}'"); // Log admin action log_admin_action($level['lid'], $mybb->input['percentage']); flash_message($lang->success_warning_level_updated, 'success'); admin_redirect("index.php?module=config-warning&action=levels"); } } $page->add_breadcrumb_item($lang->edit_warning_level); $page->output_header($lang->warning_levels . " - " . $lang->edit_warning_level); $sub_tabs['edit_level'] = array('link' => "index.php?module=config-warning&action=edit_level&lid={$level['lid']}", 'title' => $lang->edit_warning_level, 'description' => $lang->edit_warning_level_desc); $page->output_nav_tabs($sub_tabs, 'edit_level'); $form = new Form("index.php?module=config-warning&action=edit_level&lid={$level['lid']}", "post"); if ($errors) { $page->output_inline_error($errors);
$popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions=" . urlencode(my_serialize(array("postip" => $user['regip'])))); $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}', null, true); return false;"); $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['regip']}"); $controls = $popup->fetch(); } $table->construct_cell("<strong>{$lang->registration_ip}:</strong> " . $user['regip']); $table->construct_cell($controls, array('class' => "align_center")); $table->construct_row(); $counter = 0; $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'"); while ($ip = $db->fetch_array($query)) { ++$counter; $ip['ipaddress'] = my_inet_ntop($db->unescape_binary($ip['ipaddress'])); $popup = new PopupMenu("id_{$counter}", $lang->options); $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions=" . urlencode(my_serialize(array("regip" => $ip['ipaddress'])))); $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions=" . urlencode(my_serialize(array("postip" => $ip['ipaddress'])))); $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}', null, true); return false;"); $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$ip['ipaddress']}"); $controls = $popup->fetch(); $table->construct_cell($ip['ipaddress']); $table->construct_cell($controls, array('class' => "align_center")); $table->construct_row(); } $table->output($lang->ip_address_for . " {$user['username']}"); $page->output_footer(); } if ($mybb->input['action'] == "merge") { $plugins->run_hooks("admin_user_users_merge"); if ($mybb->request_method == "post") { $source_user = get_user_by_username($mybb->input['source_username'], array('fields' => '*')); if (!$source_user['uid']) {
function set_default_view($type, $vid) { global $mybb, $db; $query = $db->simple_select("adminoptions", "defaultviews", "uid='{$mybb->user['uid']}'"); $default_views = my_unserialize($db->fetch_field($query, "defaultviews")); if (!$db->num_rows($query)) { $create = true; } $default_views[$type] = $vid; $default_views = my_serialize($default_views); $updated_admin = array("defaultviews" => $db->escape_string($default_views)); if ($create == true) { $updated_admin['uid'] = $mybb->user['uid']; $updated_admin['notes'] = ''; $updated_admin['permissions'] = ''; $db->insert_query("adminoptions", $updated_admin); } else { $db->update_query("adminoptions", $updated_admin, "uid='{$mybb->user['uid']}'"); } }
if (!is_array($mybb->input['tables'])) { flash_message($lang->error_no_tables_selected, 'error'); admin_redirect("index.php?module=tools-optimizedb"); } @set_time_limit(0); $db->set_table_prefix(''); foreach ($mybb->input['tables'] as $table) { if ($db->table_exists($db->escape_string($table))) { $db->optimize_table($table); $db->analyze_table($table); } } $db->set_table_prefix(TABLE_PREFIX); $plugins->run_hooks("admin_tools_optimizedb_start_begin"); // Log admin action log_admin_action(my_serialize($mybb->input['tables'])); flash_message($lang->success_tables_optimized, 'success'); admin_redirect("index.php?module=tools-optimizedb"); } $page->extra_header = "\t<script type=\"text/javascript\">\n\tfunction changeSelection(action, prefix)\n\t{\n\t\tvar select_box = document.getElementById('table_select');\n\n\t\tfor(var i = 0; i < select_box.length; i++)\n\t\t{\n\t\t\tif(action == 'select')\n\t\t\t{\n\t\t\t\tselect_box[i].selected = true;\n\t\t\t}\n\t\t\telse if(action == 'deselect')\n\t\t\t{\n\t\t\t\tselect_box[i].selected = false;\n\t\t\t}\n\t\t\telse if(action == 'forum' && prefix != 0)\n\t\t\t{\n\t\t\t\tselect_box[i].selected = false;\n\t\t\t\tvar row = select_box[i].value;\n\t\t\t\tvar subString = row.substring(prefix.length, 0);\n\t\t\t\tif(subString == prefix)\n\t\t\t\t{\n\t\t\t\t\tselect_box[i].selected = true;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\t</script>\n"; $page->output_header($lang->optimize_database); $table = new Table(); $table->construct_header($lang->table_selection); $table_selects = array(); $table_list = $db->list_tables($config['database']['database']); foreach ($table_list as $id => $table_name) { $table_selects[$table_name] = $table_name; } $form = new Form("index.php?module=tools-optimizedb", "post", "table_selection", 0, "table_selection"); $table->construct_cell("{$lang->tables_select_desc}\n<br /><br />\n<a href=\"javascript:changeSelection('select', 0);\">{$lang->select_all}</a><br />\n<a href=\"javascript:changeSelection('deselect', 0);\">{$lang->deselect_all}</a><br />\n<a href=\"javascript:changeSelection('forum', '" . TABLE_PREFIX . "');\">{$lang->select_forum_tables}</a>\n<br /><br />\n<div class=\"form_row\">" . $form->generate_select_box("tables[]", $table_selects, false, array('multiple' => true, 'id' => 'table_select', 'size' => 20)) . "</div>", array('rowspan' => 5, 'width' => '50%')); $table->construct_row();
function upgrade30_updatetheme() { global $db, $mybb, $output, $config; if (file_exists(MYBB_ROOT . $mybb->config['admin_dir'] . "/inc/functions_themes.php")) { require_once MYBB_ROOT . $mybb->config['admin_dir'] . "/inc/functions_themes.php"; } else { if (file_exists(MYBB_ROOT . "admin/inc/functions_themes.php")) { require_once MYBB_ROOT . "admin/inc/functions_themes.php"; } else { $output->print_error("Please make sure your admin directory is uploaded correctly."); } } $output->print_header("Updating Themes"); // New default user star $contents = "<p>Updating the Default user star image... "; $db->update_query("usergroups", array('starimage' => 'images/star.png'), "starimage='images/star.gif'"); $contents .= "done.</p>"; $contents .= "<p>Adding new stylesheets... "; $query = $db->simple_select("themes", "*", "tid='1'"); $theme = $db->fetch_array($query); $properties = my_unserialize($theme['properties']); $stylesheets = my_unserialize($theme['stylesheets']); $old = array("global.css", "usercp.css", "modcp.css", "star_ratings.css"); require_once MYBB_ROOT . "inc/class_xml.php"; $colors = @file_get_contents(INSTALL_ROOT . 'resources/mybb_theme.xml'); $parser = new XMLParser($colors); $tree = $parser->get_tree(); if (is_array($tree) && is_array($tree['theme'])) { if (is_array($tree['theme']['stylesheets'])) { foreach ($tree['theme']['stylesheets']['stylesheet'] as $stylesheet) { $new_stylesheet = array("name" => $db->escape_string($stylesheet['attributes']['name']), "tid" => 1, "attachedto" => $db->escape_string($stylesheet['attributes']['attachedto']), "stylesheet" => $db->escape_string($stylesheet['value']), "lastmodified" => TIME_NOW, "cachefile" => $db->escape_string($stylesheet['attributes']['name'])); if (in_array($new_stylesheet['name'], $old)) { // We can update the disporder here $properties['disporder'][$stylesheet['attributes']['name']] = $stylesheet['attributes']['disporder']; } else { // Insert new stylesheet $sid = $db->insert_query("themestylesheets", $new_stylesheet); $css_url = "css.php?stylesheet={$sid}"; $cached = cache_stylesheet($tid, $stylesheet['attributes']['name'], $stylesheet['value']); if ($cached) { $css_url = $cached; } // Add to display and stylesheet list $properties['disporder'][$stylesheet['attributes']['name']] = $stylesheet['attributes']['disporder']; $attachedto = $stylesheet['attributes']['attachedto']; if (!$attachedto) { $attachedto = "global"; } // private.php?compose,folders|usercp.php,global|global $attachedto = explode("|", $attachedto); foreach ($attachedto as $attached_file) { $attached_actions = explode(",", $attached_file); $attached_file = array_shift($attached_actions); if (count($attached_actions) == 0) { $attached_actions = array("global"); } foreach ($attached_actions as $action) { $stylesheets[$attached_file][$action][] = $css_url; } } } } } } $update_array = array("properties" => $db->escape_string(my_serialize($properties)), "stylesheets" => $db->escape_string(my_serialize($stylesheets))); $db->update_query("themes", $update_array, "tid = '1'"); $contents .= "done.</p>"; $contents .= "<p>Adding a disporder to all stylesheets... "; $query = $db->simple_select("themes", "tid,properties,stylesheets"); while ($theme = $db->fetch_array($query)) { $properties = my_unserialize($theme['properties']); $stylesheets = my_unserialize($theme['stylesheets']); // Disporder already set? if (isset($properties['disporder']) && !empty($properties['disporder'])) { continue; } $disporder = 1; // First go through all own stylesheets $query2 = $db->simple_select("themestylesheets", "name", "tid='{$theme['tid']}'"); while ($name = $db->fetch_field($query2, "name")) { $properties['disporder'][$name] = $disporder; $disporder++; } // Next go through the inherited stylesheets if (!empty($stylesheets)) { foreach ($stylesheets as $a) { foreach ($a as $file => $stylesheet) { // Don't ask me... Throws an error otherwise if (empty($stylesheet)) { continue; } foreach ($stylesheet as $s) { $name = pathinfo($s, PATHINFO_BASENAME); if (empty($properties['disporder']) || !in_array($name, array_keys($properties['disporder']))) { $properties['disporder'][$name] = $disporder; $disporder++; } } } } } $db->update_query("themes", array("properties" => $db->escape_string(my_serialize($properties))), "tid='{$theme['tid']}'"); } $contents .= "done.</p>"; $contents .= "<p>Adding the Default colors... "; $query = $db->simple_select("themes", "*", "tid = '2'"); // Someone deleted the default theme... :o if ($db->num_rows($query) != 0) { $theme = $db->fetch_array($query); $properties = my_unserialize($theme['properties']); $stylesheets = my_unserialize($theme['stylesheets']); $properties['editortheme'] = "mybb.css"; // New editor, so reset the theme for it $properties['tablespace'] = 5; $properties['borderwidth'] = 0; // Reset the logo if it's still the default one if ($properties['logo'] == "images/logo.gif") { $properties['logo'] = "images/logo.png"; } require_once MYBB_ROOT . "inc/class_xml.php"; $colors = @file_get_contents(INSTALL_ROOT . 'resources/mybb_theme_colors.xml'); $parser = new XMLParser($colors); $tree = $parser->get_tree(); if (is_array($tree) && is_array($tree['colors'])) { if (is_array($tree['colors']['scheme'])) { foreach ($tree['colors']['scheme'] as $tag => $value) { $exp = explode("=", $value['value']); $properties['colors'][$exp[0]] = $exp[1]; } } if (is_array($tree['colors']['stylesheets'])) { $count = count($properties['disporder']) + 1; foreach ($tree['colors']['stylesheets']['stylesheet'] as $stylesheet) { $new_stylesheet = array("name" => $db->escape_string($stylesheet['attributes']['name']), "tid" => 2, "attachedto" => $db->escape_string($stylesheet['attributes']['attachedto']), "stylesheet" => $db->escape_string($stylesheet['value']), "lastmodified" => TIME_NOW, "cachefile" => $db->escape_string($stylesheet['attributes']['name'])); $sid = $db->insert_query("themestylesheets", $new_stylesheet); $css_url = "css.php?stylesheet={$sid}"; $cached = cache_stylesheet($tid, $stylesheet['attributes']['name'], $stylesheet['value']); if ($cached) { $css_url = $cached; } // Add to display and stylesheet list $properties['disporder'][$stylesheet['attributes']['name']] = $count; $stylesheets[$stylesheet['attributes']['attachedto']]['global'][] = $css_url; ++$count; } } $update_array = array("properties" => $db->escape_string(my_serialize($properties)), "stylesheets" => $db->escape_string(my_serialize($stylesheets))); $db->update_query("themes", $update_array, "tid = '2'"); } } $contents .= "done.</p>"; $contents .= '<p>Re-caching and minifying existing stylesheets...</p>'; $num_re_cached = recache_existing_styles(); $contents .= "Done. {$num_re_cached} stylesheets re-cached."; echo $contents; $output->print_contents("<p>Click next to continue with the upgrade process.</p>"); if (!isset($config['secret_pin']) && is_writable(MYBB_ROOT . "inc/config.php")) { $output->print_footer("30_acppin"); } else { $output->print_footer("30_done"); } }
/** * @param int $tid * @param bool|array $theme * @param bool $update_disporders * * @return bool */ function update_theme_stylesheet_list($tid, $theme = false, $update_disporders = true) { global $mybb, $db, $cache, $plugins; $stylesheets = array(); $child_list = make_child_theme_list($tid); $parent_list = make_parent_theme_list($tid); if (!is_array($parent_list)) { return false; } $tid_list = implode(',', $parent_list); // Get our list of stylesheets $query = $db->simple_select("themestylesheets", "*", "tid IN ({$tid_list})", array('order_by' => 'tid', 'order_dir' => 'desc')); while ($stylesheet = $db->fetch_array($query)) { if (empty($stylesheets[$stylesheet['name']])) { if ($stylesheet['tid'] != $tid) { $stylesheet['inherited'] = $stylesheet['tid']; } $stylesheets[$stylesheet['name']] = $stylesheet; } } $theme_stylesheets = array(); foreach ($stylesheets as $name => $stylesheet) { $sid = $stylesheet['sid']; $css_url = "css.php?stylesheet={$sid}"; foreach ($parent_list as $theme_id) { if ($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath'])) { $cdnpath = rtrim($mybb->settings['cdnpath'], '/\\') . '/'; if (file_exists($cdnpath . "cache/themes/theme{$theme_id}/{$stylesheet['name']}") && filemtime($cdnpath . "cache/themes/theme{$theme_id}/{$stylesheet['name']}") >= $stylesheet['lastmodified']) { $css_url = "cache/themes/theme{$theme_id}/{$stylesheet['name']}"; break; } } else { if (file_exists(MYBB_ROOT . "cache/themes/theme{$theme_id}/{$stylesheet['name']}") && filemtime(MYBB_ROOT . "cache/themes/theme{$theme_id}/{$stylesheet['name']}") >= $stylesheet['lastmodified']) { $css_url = "cache/themes/theme{$theme_id}/{$stylesheet['name']}"; break; } } } if (is_object($plugins)) { $plugins->run_hooks('update_theme_stylesheet_list_set_css_url', $css_url); } $attachedto = $stylesheet['attachedto']; if (!$attachedto) { $attachedto = "global"; } // private.php?compose,folders|usercp.php,global|global $attachedto = explode("|", $attachedto); foreach ($attachedto as $attached_file) { $attached_actions = array(); if (strpos($attached_file, '?') !== false) { $attached_file = explode('?', $attached_file); $attached_actions = explode(",", $attached_file[1]); $attached_file = $attached_file[0]; } if (count($attached_actions) == 0) { $attached_actions = array("global"); } foreach ($attached_actions as $action) { $theme_stylesheets[$attached_file][$action][] = $css_url; if (!empty($stylesheet['inherited'])) { $theme_stylesheets['inherited']["{$attached_file}_{$action}"][$css_url] = $stylesheet['inherited']; } } } } // Now we have our list of built stylesheets, save them $updated_theme = array("stylesheets" => $db->escape_string(my_serialize($theme_stylesheets))); // Do we have a theme present? If so, update the stylesheet display orders if ($update_disporders) { if (!is_array($theme) || !$theme) { $theme_cache = cache_themes(); $theme = $theme_cache[$tid]; } $orders = $orphaned_stylesheets = array(); $properties = $theme['properties']; if (!is_array($properties)) { $properties = my_unserialize($theme['properties']); } $max_disporder = 0; foreach ($stylesheets as $stylesheet) { if (!isset($properties['disporder'][$stylesheet['name']])) { $orphaned_stylesheets[] = $stylesheet['name']; continue; } if ($properties['disporder'][$stylesheet['name']] > $max_disporder) { $max_disporder = $properties['disporder'][$stylesheet['name']]; } $orders[$stylesheet['name']] = $properties['disporder'][$stylesheet['name']]; } if (!empty($orphaned_stylesheets)) { $loop = $max_disporder + 1; $max_disporder = $loop; foreach ($orphaned_stylesheets as $stylesheet) { $orders[$stylesheet] = $loop; ++$loop; } } asort($orders); $properties['disporder'] = $orders; $updated_theme['properties'] = $db->escape_string(my_serialize($properties)); } $db->update_query("themes", $updated_theme, "tid = '{$tid}'"); // Do we have any children themes that need updating too? if (count($child_list) > 0) { foreach ($child_list as $id) { update_theme_stylesheet_list($id, false, $update_disporders); } } $cache->update_default_theme(); return true; }
} } $page->output_header("{$lang->orphan_attachments_search} - {$lang->step1}"); $page->output_nav_tabs($sub_tabs, 'find_orphans'); echo "<h3>{$lang->step1of2}</h3>"; echo "<p class=\"align_center\">{$lang->step1of2_line1}</p>"; echo "<p class=\"align_center\">{$lang->step_line2}</p>"; echo "<p class=\"align_center\"><img src=\"styles/{$page->style}/images/spinner_big.gif\" alt=\"{$lang->scanning}\" id=\"spinner\" /></p>"; $page->output_footer(false); flush(); scan_attachments_directory(); global $bad_attachments; $form = new Form("index.php?module=forum-attachments&action=orphans&step=2", "post", "redirect_form", 0, ""); // Scan complete if (is_array($bad_attachments) && count($bad_attachments) > 0) { $bad_attachments = my_serialize($bad_attachments); echo $form->generate_hidden_field("bad_attachments", $bad_attachments); } $form->end(); echo "<script type=\"text/javascript\">\$(function() {\n\t\t\t\twindow.setTimeout(\n\t\t\t\t\tfunction() {\n\t\t\t\t\t\t\$(\"#redirect_form\").submit();\n\t\t\t\t\t}, 100\n\t\t\t\t);\n\t\t\t});</script>"; exit; } } } if (!$mybb->input['action']) { $plugins->run_hooks("admin_forum_attachments_start"); if ($mybb->request_method == "post" || $mybb->input['results'] == 1) { $search_sql = '1=1'; // Build the search SQL for users // List of valid LIKE search fields $user_like_fields = array("filename", "filetype");
/** * Insert a new private message. * * @return array Array of PM useful data. */ function insert_pm() { global $cache, $db, $mybb, $plugins, $lang; // Yes, validating is required. if (!$this->get_validated()) { die("The PM needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The PM is not valid."); } // Assign data to common variable $pm =& $this->data; if (empty($pm['pmid'])) { $pm['pmid'] = 0; } $pm['pmid'] = (int) $pm['pmid']; if (empty($pm['icon']) || $pm['icon'] < 0) { $pm['icon'] = 0; } $uid = 0; if (!is_array($pm['recipients'])) { $recipient_list = array(); } else { // Build recipient list foreach ($pm['recipients'] as $recipient) { if (!empty($recipient['bcc'])) { $recipient_list['bcc'][] = $recipient['uid']; } else { $recipient_list['to'][] = $recipient['uid']; $uid = $recipient['uid']; } } } $this->pm_insert_data = array('fromid' => (int) $pm['sender']['uid'], 'folder' => $pm['folder'], 'subject' => $db->escape_string($pm['subject']), 'icon' => (int) $pm['icon'], 'message' => $db->escape_string($pm['message']), 'dateline' => TIME_NOW, 'status' => 0, 'includesig' => $pm['options']['signature'], 'smilieoff' => $pm['options']['disablesmilies'], 'receipt' => (int) $pm['options']['readreceipt'], 'readtime' => 0, 'recipients' => $db->escape_string(my_serialize($recipient_list)), 'ipaddress' => $db->escape_binary($pm['ipaddress'])); // Check if we're updating a draft or not. $query = $db->simple_select("privatemessages", "pmid, deletetime", "folder='3' AND uid='" . (int) $pm['sender']['uid'] . "' AND pmid='{$pm['pmid']}'"); $draftcheck = $db->fetch_array($query); // This PM was previously a draft if ($draftcheck['pmid']) { if ($draftcheck['deletetime']) { // This draft was a reply to a PM $pm['pmid'] = $draftcheck['deletetime']; $pm['do'] = "reply"; } // Delete the old draft as we no longer need it $db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'"); } // Saving this message as a draft if (!empty($pm['saveasdraft'])) { $this->pm_insert_data['uid'] = $pm['sender']['uid']; // If this is a reply, then piggyback into the deletetime to let us know in the future if ($pm['do'] == "reply" || $pm['do'] == "replyall") { $this->pm_insert_data['deletetime'] = $pm['pmid']; } $plugins->run_hooks("datahandler_pm_insert_updatedraft", $this); $db->insert_query("privatemessages", $this->pm_insert_data); // If this is a draft, end it here - below deals with complete messages return array("draftsaved" => 1); } $this->pmid = array(); // Save a copy of the PM for each of our recipients foreach ($pm['recipients'] as $recipient) { // Send email notification of new PM if it is enabled for the recipient $query = $db->simple_select("privatemessages", "dateline", "uid='" . $recipient['uid'] . "' AND folder='1'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1)); $lastpm = $db->fetch_array($query); if ($recipient['pmnotify'] == 1 && $recipient['lastactive'] > $lastpm['dateline']) { if ($recipient['language'] != "" && $lang->language_exists($recipient['language'])) { $uselang = $recipient['language']; } elseif ($mybb->settings['bblanguage']) { $uselang = $mybb->settings['bblanguage']; } else { $uselang = "english"; } if ($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm)) { $emailsubject = $lang->emailsubject_newpm; $emailmessage = $lang->email_newpm; } else { $userlang = new MyLanguage(); $userlang->set_path(MYBB_ROOT . "inc/languages"); $userlang->set_language($uselang); $userlang->load("messages"); $emailsubject = $userlang->emailsubject_newpm; $emailmessage = $userlang->email_newpm; } if (!$pm['sender']['username']) { $pm['sender']['username'] = $lang->mybb_engine; } require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new Postparser(); $parser_options = array('me_username' => $pm['sender']['username'], 'filter_badwords' => 1); $pm['message'] = $parser->text_parse_message($pm['message'], $parser_options); $emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $pm['message']); $emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname'], $pm['subject']); $new_email = array("mailto" => $db->escape_string($recipient['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => ''); $db->insert_query("mailqueue", $new_email); $cache->update_mailqueue(); } $this->pm_insert_data['uid'] = $recipient['uid']; $this->pm_insert_data['toid'] = $recipient['uid']; $plugins->run_hooks("datahandler_pm_insert", $this); $this->pmid[] = $db->insert_query("privatemessages", $this->pm_insert_data); // If PM noices/alerts are on, show! if ($recipient['pmnotice'] == 1) { $updated_user = array("pmnotice" => 2); $db->update_query("users", $updated_user, "uid='{$recipient['uid']}'"); } // Update private message count (total, new and unread) for recipient require_once MYBB_ROOT . "/inc/functions_user.php"; update_pm_count($recipient['uid'], 7, $recipient['lastactive']); } // Are we replying or forwarding an existing PM? if ($pm['pmid']) { if ($pm['do'] == "reply" || $pm['do'] == "replyall") { $sql_array = array('status' => 3, 'statustime' => TIME_NOW); $db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}"); } elseif ($pm['do'] == "forward") { $sql_array = array('status' => 4, 'statustime' => TIME_NOW); $db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}"); } } // If we're saving a copy if ($pm['options']['savecopy'] != 0) { if (isset($recipient_list['to']) && count($recipient_list['to']) == 1) { $this->pm_insert_data['toid'] = $uid; } else { $this->pm_insert_data['toid'] = 0; } $this->pm_insert_data['uid'] = (int) $pm['sender']['uid']; $this->pm_insert_data['folder'] = 2; $this->pm_insert_data['status'] = 1; $this->pm_insert_data['receipt'] = 0; $plugins->run_hooks("datahandler_pm_insert_savedcopy", $this); $db->insert_query("privatemessages", $this->pm_insert_data); // Because the sender saved a copy, update their total pm count require_once MYBB_ROOT . "/inc/functions_user.php"; update_pm_count($pm['sender']['uid'], 1); } // Return back with appropriate data $this->return_values = array("messagesent" => 1, "pmids" => $this->pmid); $plugins->run_hooks("datahandler_pm_insert_end", $this); return $this->return_values; }
$form_container->end(); $buttons[] = $form->generate_submit_button($lang->schedule_for_delivery); $form->output_submit_wrapper($buttons); $form->end(); $page->output_footer(); } elseif ($mybb->input['step'] == 3) { // Define the recipients/conditions if ($mybb->request_method == "post") { // Need to perform the search to fetch the number of users we're emailing $member_query = build_mass_mail_query($mybb->input['conditions']); $query = $db->simple_select("users u", "COUNT(uid) AS num", $member_query); $num = $db->fetch_field($query, "num"); if ($num == 0) { $errors[] = $lang->error_no_users; } else { $updated_email = array("totalcount" => $num, "conditions" => $db->escape_string(my_serialize($mybb->input['conditions']))); $plugins->run_hooks("admin_user_mass_email_send_define_commit"); $db->update_query("massemails", $updated_email, "mid='{$email['mid']}'"); // Take the user to the next step admin_redirect("index.php?module=user-mass_mail&action=send&step=4&mid={$email['mid']}"); } } $page->output_header("{$lang->send_mass_mail}: {$lang->step_three}"); $form = new Form("index.php?module=user-mass_mail&action=send&step=3&mid={$email['mid']}", "post"); $page->output_nav_tabs($sub_tabs, 'send_mass_mail'); // If we have any error messages, show them if ($errors) { $page->output_inline_error($errors); $input = $mybb->input; } else { if ($email['conditions'] != '') {
function hook_newpoints_do_shop_start() { global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors; if ($mybb->get_input('shop_action') == 'buy_sticky') { $do = false; } elseif ($mybb->get_input('shop_action') == 'do_buy_sticky') { $do = true; } else { return false; } if ($do) { $plugins->run_hooks('newpoints_shop_do_buy_sticky_start'); } else { $plugins->run_hooks('newpoints_shop_buy_sticky_start'); } if (!($item = newpoints_shop_get_item($mybb->get_input('iid', 1)))) { error($lang->newpoints_shop_invalid_item); } if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if (!$item['visible'] || !$cat['visible']) { error_no_permission(); } if (!$item['buy_sticky'] || $item['buy_sticky_time'] < 1) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $this->load_language(); if ($do) { // ~~~ @ https://github.com/PaulBender/Move-Posts/blob/master/inc/plugins/moveposts.php#L217 // if ($db->table_exists('google_seo')) { $regexp = "{$mybb->settings['bburl']}/{$mybb->settings['google_seo_url_threads']}"; if ($regexp) { $regexp = preg_quote($regexp, '#'); $regexp = str_replace('\\{\\$url\\}', '([^./]+)', $regexp); $regexp = str_replace('\\{url\\}', '([^./]+)', $regexp); $regexp = "#^{$regexp}\$#u"; } $url = $mybb->get_input('threadurl'); $url = preg_replace('/^([^#?]*)[#?].*$/u', '\\1', $url); $url = preg_replace($regexp, '\\1', $url); $url = urldecode($url); $query = $db->simple_select('google_seo', 'id', "idtype='4' AND url='{$db->escape_string($url)}'"); $redeemtid = $db->fetch_field($query, 'id'); } $realurl = explode('#', $mybb->get_input('threadurl')); $mybb->input['threadurl'] = $realurl[0]; if (substr($mybb->get_input('threadurl'), -4) == 'html') { preg_match('#thread-([0-9]+)?#i', $mybb->get_input('threadurl'), $threadmatch); preg_match('#post-([0-9]+)?#i', $mybb->get_input('threadurl'), $postmatch); if ($threadmatch[1]) { $parameters['tid'] = $threadmatch[1]; } if ($postmatch[1]) { $parameters['pid'] = $postmatch[1]; } } else { $splitloc = explode('.php', $mybb->get_input('threadurl')); $temp = explode('&', my_substr($splitloc[1], 1)); if (!empty($temp)) { for ($i = 0; $i < count($temp); $i++) { $temp2 = explode('=', $temp[$i], 2); $parameters[$temp2[0]] = $temp2[1]; } } else { $temp2 = explode('=', $splitloc[1], 2); $parameters[$temp2[0]] = $temp2[1]; } } if ($parameters['pid'] && !$parameters['tid']) { $query = $db->simple_select('posts', '*', "pid='" . (int) $parameters['pid'] . "'"); $post = $db->fetch_array($query); $redeemtid = $post['tid']; } elseif ($parameters['tid']) { $redeemtid = $parameters['tid']; } $thread = get_thread($redeemtid); // ~~~ // if (!$thread['tid'] || !$thread['visible'] || $thread['deletetime']) { error($lang->newpoints_buy_sticky_redeem_error_invalid); } if ($thread['sticky']) { error($lang->newpoints_buy_sticky_redeem_error_alreadystickied); } if ($thread['closed']) { error($lang->newpoints_buy_sticky_redeem_error_closedthread); } if ($thread['uid'] != $mybb->user['uid']) { error($lang->newpoints_buy_sticky_redeem_error_wronguser); } // We need more extensive permission checkings here late on.. require_once MYBB_ROOT . 'inc/class_moderation.php'; $moderation = new Moderation(); $lang->load('moderation'); $moderation->stick_threads($thread['tid']); log_moderator_action(array('fid' => $thread['fid'], 'tid' => $thread['tid']), $lang->sprintf($lang->mod_process, $lang->stuck)); newpoints_log('buy_sticky', $mybb->settings['bburl'] . '/' . get_thread_link($thread['tid']), $mybb->user['username'], $mybb->user['uid']); $rundate = TIME_NOW + $item['buy_sticky_time'] * 86400; $did = $db->insert_query("delayedmoderation", array('type' => $db->escape_string('stick'), 'delaydateline' => (int) $rundate, 'uid' => (int) $mybb->user['uid'], 'tids' => (int) $thread['tid'], 'fid' => (int) $thread['fid'], 'dateline' => TIME_NOW, 'inputs' => $db->escape_string(my_serialize(array('new_forum' => (int) $thread['fid'], 'method' => 'move', 'redirect_expire' => ''))))); $plugins->run_hooks('moderation_do_delayedmoderation'); // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), "uid='" . (int) $mybb->user['uid'] . "'"); $plugins->run_hooks('newpoints_shop_do_buy_sticky_end'); $message = $lang->sprintf($lang->newpoints_buy_sticky_redeem_done, my_date('relative', $rundate, '', 2)); redirect($mybb->settings['bburl'] . '/newpoints.php?action=shop&shop_action=myitems', $message, $lang->newpoints_buy_sticky_redeem_done_title); } else { $lang->newpoints_shop_action = $lang->newpoints_buy_sticky_redeem_title; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 2; $shop_action = 'do_buy_sticky'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_buy_sticky_redeem_thread . ":</strong><br /><small>" . $lang->newpoints_buy_sticky_redeem_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"threadurl\" value=\"\"></td>"; $plugins->run_hooks('newpoints_shop_buy_sticky_end'); $page = eval($templates->render('newpoints_shop_do_action')); output_page($page); } exit; }
function add_upgrade_store($title, $contents) { global $db; $replace_array = array("title" => $db->escape_string($title), "contents" => $db->escape_string(my_serialize($contents))); $db->replace_query("upgrade_data", $replace_array, "title"); }
$table->construct_header($lang->size, array("class" => "align_center", "width" => 100)); $table->construct_header($lang->controls, array("class" => "align_center", "width" => 150)); $query = $db->simple_select("datacache"); while ($cacheitem = $db->fetch_array($query)) { $table->construct_cell("<strong><a href=\"index.php?module=tools-cache&action=view&title=" . urlencode($cacheitem['title']) . "\">{$cacheitem['title']}</a></strong>"); $table->construct_cell(get_friendly_size(strlen($cacheitem['cache'])), array("class" => "align_center")); if (method_exists($cache, "update_" . $cacheitem['title'])) { $table->construct_cell("<a href=\"index.php?module=tools-cache&action=rebuild&title=" . urlencode($cacheitem['title']) . "&my_post_key={$mybb->post_code}\">" . $lang->rebuild_cache . "</a>", array("class" => "align_center")); } elseif (method_exists($cache, "reload_" . $cacheitem['title'])) { $table->construct_cell("<a href=\"index.php?module=tools-cache&action=reload&title=" . urlencode($cacheitem['title']) . "&my_post_key={$mybb->post_code}\">" . $lang->reload_cache . "</a>", array("class" => "align_center")); } elseif (function_exists("update_" . $cacheitem['title'])) { $table->construct_cell("<a href=\"index.php?module=tools-cache&action=rebuild&title=" . urlencode($cacheitem['title']) . "&my_post_key={$mybb->post_code}\">" . $lang->rebuild_cache . "</a>", array("class" => "align_center")); } elseif (function_exists("reload_" . $cacheitem['title'])) { $table->construct_cell("<a href=\"index.php?module=tools-cache&action=reload&title=" . urlencode($cacheitem['title']) . "&my_post_key={$mybb->post_code}\">" . $lang->reload_cache . "</a>", array("class" => "align_center")); } else { $table->construct_cell(""); } $table->construct_row(); } // Rebuilds forum settings $cachedsettings = (array) $mybb->settings; if (isset($cachedsettings['internal'])) { unset($cachedsettings['internal']); } $table->construct_cell("<strong><a href=\"index.php?module=tools-cache&action=view&title=settings\">settings</a></strong>"); $table->construct_cell(get_friendly_size(strlen(my_serialize($cachedsettings))), array("class" => "align_center")); $table->construct_cell("<a href=\"index.php?module=tools-cache&action=reload&title=settings&my_post_key={$mybb->post_code}\">" . $lang->reload_cache . "</a>", array("class" => "align_center")); $table->construct_row(); $table->output("<div style=\"float: right;\"><small><a href=\"index.php?module=tools-cache&action=rebuild_all&my_post_key={$mybb->post_code}\">" . $lang->rebuild_reload_all . "</a></small></div>" . $lang->cache_manager); $page->output_footer(); }
/** * Adds/Updates a Page/Tab to the permissions array in the adminoptions table * * @param string The name of the tab that is being affected * @param string The name of the page being affected (optional - if not specified, will affect everything under the specified tab) * @param integer Default permissions for the page (1 for allowed - 0 for disallowed - -1 to remove) */ function change_admin_permission($tab, $page = "", $default = 1) { global $db; $query = $db->simple_select("adminoptions", "uid, permissions", "permissions != ''"); while ($adminoption = $db->fetch_array($query)) { $adminoption['permissions'] = my_unserialize($adminoption['permissions']); if ($default == -1) { if (!empty($page)) { unset($adminoption['permissions'][$tab][$page]); } else { unset($adminoption['permissions'][$tab]); } } else { if (!empty($page)) { if ($adminoption['uid'] == 0) { $adminoption['permissions'][$tab][$page] = 0; } else { $adminoption['permissions'][$tab][$page] = $default; } } else { if ($adminoption['uid'] == 0) { $adminoption['permissions'][$tab]['tab'] = 0; } else { $adminoption['permissions'][$tab]['tab'] = $default; } } } $db->update_query("adminoptions", array('permissions' => $db->escape_string(my_serialize($adminoption['permissions']))), "uid='{$adminoption['uid']}'"); } }
$table->construct_header($lang->mybb_server_stats, array("colspan" => 2)); $table->construct_header($lang->forum_stats, array("colspan" => 2)); $table->construct_cell("<strong>{$lang->mybb_version}</strong>", array('width' => '25%')); $table->construct_cell($mybb->version, array('width' => '25%')); $table->construct_cell("<strong>{$lang->threads}</strong>", array('width' => '25%')); $table->construct_cell("<strong>{$threads}</strong> {$lang->threads}<br /><strong>{$newthreads}</strong> {$lang->new_today}<br /><a href=\"index.php?module=forum-moderation_queue&type=threads\"><strong>{$unapproved_threads}</strong> {$lang->unapproved}</a>", array('width' => '25%')); $table->construct_row(); $table->construct_cell("<strong>{$lang->php_version}</strong>", array('width' => '25%')); $table->construct_cell(PHP_VERSION, array('width' => '25%')); $table->construct_cell("<strong>{$lang->posts}</strong>", array('width' => '25%')); $table->construct_cell("<strong>{$posts}</strong> {$lang->posts}<br /><strong>{$newposts}</strong> {$lang->new_today}<br /><a href=\"index.php?module=forum-moderation_queue&type=posts\"><strong>{$unapproved_posts}</strong> {$lang->unapproved}</a><br /><strong>{$reported_posts}</strong> {$lang->reported_posts}<br /><strong>{$new_reported_posts}</strong> {$lang->unread_reports}", array('width' => '25%')); $table->construct_row(); $table->construct_cell("<strong>{$lang->sql_engine}</strong>", array('width' => '25%')); $table->construct_cell($db->short_title . " " . $db->get_version(), array('width' => '25%')); $table->construct_cell("<strong>{$lang->users}</strong>", array('width' => '25%')); $table->construct_cell("<a href=\"index.php?module=user-users\"><strong>{$users}</strong> {$lang->registered_users}</a><br /><strong>{$activeusers}</strong> {$lang->active_users}<br /><strong>{$newusers}</strong> {$lang->registrations_today}<br /><a href=\"index.php?module=user-users&action=search&results=1&conditions=" . urlencode(my_serialize(array('usergroup' => '5'))) . "&from=home\"><strong>{$awaitingusers}</strong> {$lang->awaiting_activation}</a>", array('width' => '25%')); $table->construct_row(); $table->construct_cell("<strong>{$lang->server_load}</strong>", array('width' => '25%')); $table->construct_cell($serverload, array('width' => '25%')); $table->construct_cell("<strong>{$lang->attachments}</strong>", array('width' => '25%')); $table->construct_cell("<strong>{$approved_attachs}</strong> {$lang->attachments}<br /><a href=\"index.php?module=forum-moderation_queue&type=attachments\"><strong>{$unapproved_attachs}</strong> {$lang->unapproved}</a><br /><strong>{$attachs['spaceused']}</strong> {$lang->used}", array('width' => '25%')); $table->construct_row(); $table->output($lang->dashboard); echo ' <div class="float_right" style="width: 48%;">'; $table = new Table(); $table->construct_header($lang->admin_notes_public); $form = new Form("index.php", "post"); $table->construct_cell($form->generate_text_area("adminnotes", $adminmessage['adminmessage'], array('style' => 'width: 99%; height: 200px;'))); $table->construct_row(); $table->output($lang->admin_notes);
// Error out flash_message($lang->error_no_display_order, 'error'); admin_redirect("index.php?module=style-themes&action=edit&tid={$theme['tid']}"); } $orders = array(); foreach ($theme_stylesheets as $stylesheet => $properties) { if (is_array($properties)) { $order = (int) $mybb->input['disporder'][$properties['sid']]; $orders[$properties['name']] = $order; } } asort($orders, SORT_NUMERIC); // Save the orders in the theme properties $properties = my_unserialize($theme['properties']); $properties['disporder'] = $orders; $update_array = array("properties" => $db->escape_string(my_serialize($properties))); $db->update_query("themes", $update_array, "tid = '{$theme['tid']}'"); if ($theme['def'] == 1) { $cache->update_default_theme(); } // normalize for consistency update_theme_stylesheet_list($theme['tid'], false, true); flash_message($lang->success_stylesheet_order_updated, 'success'); admin_redirect("index.php?module=style-themes&action=edit&tid={$theme['tid']}"); } $page->add_breadcrumb_item(htmlspecialchars_uni($theme['name']), "index.php?module=style-themes&action=edit&tid={$mybb->input['tid']}"); $page->output_header("{$lang->themes} - {$lang->stylesheets}"); $sub_tabs['edit_stylesheets'] = array('title' => $lang->edit_stylesheets, 'link' => "index.php?module=style-themes&action=edit&tid={$mybb->input['tid']}", 'description' => $lang->edit_stylesheets_desc); $sub_tabs['add_stylesheet'] = array('title' => $lang->add_stylesheet, 'link' => "index.php?module=style-themes&action=add_stylesheet&tid={$mybb->input['tid']}"); $sub_tabs['export_theme'] = array('title' => $lang->export_theme, 'link' => "index.php?module=style-themes&action=export&tid={$mybb->input['tid']}"); $sub_tabs['duplicate_theme'] = array('title' => $lang->duplicate_theme, 'link' => "index.php?module=style-themes&action=duplicate&tid={$mybb->input['tid']}", 'description' => $lang->duplicate_theme_desc);
$errors[] = $lang->error_delayedmoderation_invalid_date_year; } $date_time = explode(' ', $mybb->get_input('date_time')); $date_time = explode(':', (string) $date_time[0]); if (stristr($mybb->input['date_time'], 'pm')) { $date_time[0] = 12 + $date_time[0]; if ($date_time[0] >= 24) { $date_time[0] = '00'; } } $rundate = mktime((int) $date_time[0], (int) $date_time[1], date('s', TIME_NOW), $mybb->get_input('date_month', MyBB::INPUT_INT), $mybb->get_input('date_day', MyBB::INPUT_INT), $mybb->get_input('date_year', MyBB::INPUT_INT)); if (!$errors) { if (is_array($mybb->input['tids'])) { $mybb->input['tids'] = implode(',', $mybb->input['tids']); } $did = $db->insert_query("delayedmoderation", array('type' => $db->escape_string($mybb->input['type']), 'delaydateline' => (int) $rundate, 'uid' => $mybb->user['uid'], 'tids' => $db->escape_string($mybb->input['tids']), 'fid' => $fid, 'dateline' => TIME_NOW, 'inputs' => $db->escape_string(my_serialize($mybb->input['delayedmoderation'])))); $plugins->run_hooks('moderation_do_delayedmoderation'); $rundate_format = my_date('relative', $rundate, '', 2); $lang->redirect_delayed_moderation_thread = $lang->sprintf($lang->redirect_delayed_moderation_thread, $rundate_format); if (!empty($mybb->input['tid'])) { moderation_redirect(get_thread_link($thread['tid']), $lang->redirect_delayed_moderation_thread); } else { if ($mybb->get_input('inlinetype') == 'search') { moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_search, $rundate_format)); } else { moderation_redirect(get_forum_link($fid), $lang->sprintf($lang->redirect_delayed_moderation_forum, $rundate_format)); } } } else { $type_selected = array(); foreach ($allowed_types as $type) {
/** * Update an existing report * * @param array Array of reported content * @return bool */ function update_report($report) { global $db; $update_array = array('reports' => ++$report['reports'], 'lastreport' => TIME_NOW, 'reporters' => $db->escape_string(my_serialize($report['reporters']))); $db->update_query("reportedcontent", $update_array, "rid = '{$report['rid']}'"); return true; }
$mybb->input['splitpostsunapprove'] = 'unapprove'; } else { $mybb->input['splitpostsunapprove'] = ''; } if (!$mybb->get_input('splitthreadprefix', MyBB::INPUT_INT)) { $mybb->input['splitthreadprefix'] = ''; } if (!$errors) { $thread_options = array('confirmation' => $mybb->get_input('confirmation', MyBB::INPUT_INT), 'deletethread' => $mybb->get_input('deletethread', MyBB::INPUT_INT), 'softdeletethread' => $mybb->input['softdeletethread'], 'approvethread' => $mybb->input['approvethread'], 'openthread' => $mybb->input['openthread'], 'stickthread' => $mybb->input['stickthread'], 'movethread' => $mybb->get_input('move_1_forum', MyBB::INPUT_INT), 'movethreadredirect' => $mybb->get_input('move_2_redirect', MyBB::INPUT_INT), 'movethreadredirectexpire' => $mybb->get_input('move_3_redirecttime', MyBB::INPUT_INT), 'copythread' => $mybb->get_input('copy_1_forum', MyBB::INPUT_INT), 'newsubject' => $mybb->input['newsubject'], 'addreply' => $mybb->input['newreply'], 'replysubject' => $mybb->input['newreplysubject'], 'pm_subject' => $mybb->input['pm_subject'], 'pm_message' => $mybb->input['pm_message'], 'threadprefix' => $mybb->get_input('threadprefix', MyBB::INPUT_INT)); if (stripos($mybb->input['splitpostsnewsubject'], '{subject}') === false) { $mybb->input['splitpostsnewsubject'] = '{subject}' . $mybb->input['splitpostsnewsubject']; } $post_options = array('deleteposts' => $mybb->get_input('deleteposts', MyBB::INPUT_INT), 'softdeleteposts' => $mybb->input['softdeleteposts'], 'mergeposts' => $mybb->get_input('mergeposts', MyBB::INPUT_INT), 'approveposts' => $mybb->input['approveposts'], 'splitposts' => $mybb->get_input('splitposts', MyBB::INPUT_INT), 'splitpostsclose' => $mybb->input['splitpostsclose'], 'splitpostsstick' => $mybb->input['splitpostsstick'], 'splitpostsunapprove' => $mybb->input['splitpostsunapprove'], 'splitthreadprefix' => $mybb->get_input('splitthreadprefix', MyBB::INPUT_INT), 'splitpostsnewsubject' => $mybb->input['splitpostsnewsubject'], 'splitpostsaddreply' => $mybb->input['splitpostsaddreply'], 'splitpostsreplysubject' => $mybb->input['splitpostsreplysubject']); $new_tool['type'] = 'p'; $new_tool['threadoptions'] = $db->escape_string(my_serialize($thread_options)); $new_tool['postoptions'] = $db->escape_string(my_serialize($post_options)); $new_tool['name'] = $db->escape_string($mybb->input['title']); $new_tool['description'] = $db->escape_string($mybb->input['description']); $new_tool['forums'] = ''; $new_tool['groups'] = ''; if ($mybb->input['forum_type'] == 2) { if (is_array($mybb->input['forum_1_forums'])) { $checked = array(); foreach ($mybb->input['forum_1_forums'] as $fid) { $checked[] = (int) $fid; } $new_tool['forums'] = implode(',', $checked); } } else { $new_tool['forums'] = "-1"; }
/** * Updates an event that is already in the database. * * @return array */ function update_event() { global $db, $plugins; // Yes, validating is required. if (!$this->get_validated()) { die("The event needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The event is not valid."); } $event =& $this->data; $this->eid = $event['eid']; if (isset($event['cid'])) { $this->event_update_data['cid'] = $db->escape_string($event['cid']); } if (isset($event['name'])) { $this->event_update_data['name'] = $db->escape_string($event['name']); } if (isset($event['description'])) { $this->event_update_data['description'] = $db->escape_string($event['description']); } if (isset($event['starttime'])) { $this->event_update_data['starttime'] = (int) $event['starttime']; $this->event_update_data['usingtime'] = (int) $event['usingtime']; } if (isset($event['endtime'])) { $this->event_update_data['endtime'] = (int) $event['endtime']; $this->event_update_data['usingtime'] = (int) $event['usingtime']; } else { $this->event_update_data['endtime'] = 0; $this->event_update_data['usingtime'] = 0; } if (isset($event['repeats'])) { if (!empty($event['repeats'])) { $event['repeats'] = my_serialize($event['repeats']); } $this->event_update_data['repeats'] = $db->escape_string($event['repeats']); } if (isset($event['timezone'])) { $this->event_update_data['timezone'] = $db->escape_string((double) $event['timezone']); } if (isset($event['ignoretimezone'])) { $this->event_update_data['ignoretimezone'] = (int) $event['ignoretimezone']; } if (isset($event['private'])) { $this->event_update_data['private'] = (int) $event['private']; } if (isset($event['visible'])) { $this->event_update_data['visible'] = $db->escape_string($event['visible']); } if (isset($event['uid'])) { $this->event_update_data['uid'] = (int) $event['uid']; } $plugins->run_hooks("datahandler_event_update", $this); $db->update_query("events", $this->event_update_data, "eid='" . (int) $event['eid'] . "'"); // Return the event's eid and whether or not it is private. $this->return_values = array('eid' => $event['eid'], 'private' => $event['private']); $plugins->run_hooks("datahandler_event_update_end", $this); return $this->return_values; }
function upgrade12_redothemes() { global $db, $output, $config, $mybb; $output->print_header("Converting themes"); if (!@is_dir(MYBB_ROOT . 'cache/')) { @mkdir(MYBB_ROOT . 'cache/', 077); // Add in empty index.html! $fp = @fopen(MYBB_ROOT . "cache/index.html", "w"); @fwrite($fp, ""); @fclose($fp); } $cachewritable = @fopen(MYBB_ROOT . 'cache/test.write', 'w'); if (!$cachewritable) { $not_writable = true; @fclose($cachewritable); } else { @fclose($cachewritable); @my_chmod(MYBB_ROOT . 'cache', '0777'); @my_chmod(MYBB_ROOT . 'cache/test.write', '0777'); @unlink(MYBB_ROOT . 'cache/test.write'); } if ($not_writable) { echo "<p><span style=\"color: red; font-weight: bold;\">Unable to write to the cache/ directory.</span><br />Before the upgrade process can continue you need to make sure this directory exists and is writable (chmod 777)</p>"; $output->print_footer("12_redothemes"); exit; } $not_writable = false; if (!@is_dir(MYBB_ROOT . 'cache/themes/')) { @mkdir(MYBB_ROOT . 'cache/themes/', 077); // Add in empty index.html! $fp = @fopen(MYBB_ROOT . "cache/themes/index.html", "w"); @fwrite($fp, ""); @fclose($fp); } $themewritable = @fopen(MYBB_ROOT . 'cache/themes/test.write', 'w'); if (!$themewritable) { $not_writable = true; @fclose($themewritable); } else { @fclose($themewritable); @my_chmod(MYBB_ROOT . 'cache/themes', '0777'); @my_chmod(MYBB_ROOT . 'cache/themes/test.write', '0777'); @unlink(MYBB_ROOT . 'cache/themes/test.write'); } if ($not_writable) { echo "<p><span style=\"color: red; font-weight: bold;\">Unable to write to the cache/themes/ directory.</span><br />Before the upgrade process can continue you need to make sure this directory exists and is writable (chmod 777)</p>"; $output->print_footer("12_redothemes"); exit; } if ($db->field_exists('themebits', "themes") && !$db->field_exists('properties', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes CHANGE themebits properties text NOT NULL"); } if ($db->field_exists('cssbits', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP cssbits"); } if ($db->field_exists('csscached', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP csscached"); } if ($db->field_exists('stylesheets', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP stylesheets"); } $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes ADD stylesheets text NOT NULL AFTER properties"); if ($db->table_exists("themestylesheets")) { $db->drop_table("themestylesheets"); } $db->write_query("CREATE TABLE " . TABLE_PREFIX . "themestylesheets(\n\t\tsid int unsigned NOT NULL auto_increment,\n\t\tname varchar(30) NOT NULL default '',\n\t\ttid int unsigned NOT NULL default '0',\n\t\tattachedto text NOT NULL,\n\t\tstylesheet text NOT NULL,\n\t\tcachefile varchar(100) NOT NULL default '',\n\t\tlastmodified bigint(30) NOT NULL default '0',\n\t\tPRIMARY KEY(sid)\n\t) ENGINE=MyISAM{$collation};"); // Define our default stylesheets - MyBB 1.4 contains additional stylesheets that our converted themes will also need $contents = @file_get_contents(INSTALL_ROOT . 'resources/mybb_theme.xml'); if (file_exists(MYBB_ROOT . $mybb->config['admin_dir'] . "/inc/functions_themes.php")) { require_once MYBB_ROOT . $mybb->config['admin_dir'] . "/inc/functions_themes.php"; } else { if (file_exists(MYBB_ROOT . "admin/inc/functions_themes.php")) { require_once MYBB_ROOT . "admin/inc/functions_themes.php"; } else { $output->print_error("Please make sure your admin directory is uploaded correctly."); } } // Import master theme if (import_theme_xml($contents, array("tid" => 1, "no_templates" => 1, "version_compat" => 1)) === -1) { $output->print_error("Please make sure your install/resources/mybb_theme.xml file is uploaded correctly."); } // Fetch out default stylesheets from master $query = $db->simple_select("themes", "*", "tid=1"); $master_theme = $db->fetch_array($query); $master_stylesheets = my_unserialize($master_theme['stylesheets']); if (is_array($master_stylesheets)) { // Note: 1.4 only ships with one global|global stylesheet foreach ($master_stylesheets as $location => $sheets) { foreach ($sheets as $action => $sheets) { foreach ($sheets as $stylesheet) { if ($location == "global" && $action == "global") { continue; // Skip global } $default_stylesheets[$location][$action][] = $stylesheet; $default_stylesheets['inherited']["{$location}_{$action}"][$stylesheet] = 1; // This stylesheet is inherited from the master } } } } $query = $db->simple_select("themes"); while ($theme = $db->fetch_array($query)) { if (!$theme['css']) { continue; } $theme['css'] .= "\n\n" . $theme['extracss']; $theme['css'] = upgrade_css_120_to_140($theme['css']); // Create stylesheets $cache_file = cache_stylesheet($theme['tid'], "global.css", $theme['css']); $new_stylesheet = array("tid" => $theme['tid'], "name" => "global.css", "attachedto" => "", "stylesheet" => $db->escape_string($theme['css']), "cachefile" => "global.css", "lastmodified" => TIME_NOW); $sid = $db->insert_query("themestylesheets", $new_stylesheet); $css_url = "css.php?stylesheet={$sid}"; if ($cache_file) { $css_url = $cache_file; } // Now we go and update the stylesheets column for this theme $stylesheets = $default_stylesheets; // Add in our local for this theme $stylesheets['global']['global'][] = $css_url; // Update the theme $db->update_query("themes", array("stylesheets" => $db->escape_string(my_serialize($stylesheets))), "tid='{$theme['tid']}'"); } if ($db->field_exists('css', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP css"); } if ($db->field_exists('extracss', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP extracss"); } // We need to replace this for our themes css to show up // <link rel="stylesheet" type="text/css" href="{$theme['css_url']}" /> must be present in the old template (it usually is) $query = $db->simple_select("templates", "tid,template", "title='headerinclude'"); while ($template = $db->fetch_array($query)) { $template['template'] = str_replace('<link rel="stylesheet" type="text/css" href="{$theme[\'css_url\']}" />', '{$stylesheets}', $template['template']); $db->update_query("templates", array('template' => $db->escape_string($template['template'])), "tid='{$template['tid']}'"); } echo "<p>Your themes have successfully been converted to the new theme system.</p>"; echo "<p>Click next to continue with the upgrade process.</p>"; global $footer_extra; //$footer_extra = "<script type=\"text/javascript\">$(document).ready(function() { var button = $('.submit_button'); if(button) { button.val('Automatically Redirecting...'); button.prop('disabled', true); button.css('color', '#aaa'); button.css('border-color', '#aaa'); document.forms[0].submit(); } });</script>"; $output->print_footer("12_done"); }
/** * Installation is finished */ function install_done() { global $output, $db, $mybb, $errors, $cache, $lang; if (empty($mybb->input['adminuser'])) { $errors[] = $lang->admin_step_error_nouser; } if (empty($mybb->input['adminpass'])) { $errors[] = $lang->admin_step_error_nopassword; } if ($mybb->get_input('adminpass') != $mybb->get_input('adminpass2')) { $errors[] = $lang->admin_step_error_nomatch; } if (empty($mybb->input['adminemail'])) { $errors[] = $lang->admin_step_error_noemail; } if (is_array($errors)) { create_admin_user(); } require MYBB_ROOT . 'inc/config.php'; $db = db_connection($config); require MYBB_ROOT . 'inc/settings.php'; $mybb->settings =& $settings; ob_start(); $output->print_header($lang->finish_setup, 'finish'); echo $lang->done_step_usergroupsinserted; // Insert all of our user groups from the XML file $usergroup_settings = file_get_contents(INSTALL_ROOT . 'resources/usergroups.xml'); $parser = new XMLParser($usergroup_settings); $parser->collapse_dups = 0; $tree = $parser->get_tree(); $admin_gid = ''; $group_count = 0; foreach ($tree['usergroups'][0]['usergroup'] as $usergroup) { // usergroup[cancp][0][value] $new_group = array(); foreach ($usergroup as $key => $value) { if (!is_array($value)) { continue; } $new_group[$key] = $db->escape_string($value[0]['value']); } $db->insert_query("usergroups", $new_group, false); // If this group can access the admin CP and we haven't established the admin group - set it (just in case we ever change IDs) if ($new_group['cancp'] == 1 && !$admin_gid) { $admin_gid = $usergroup['gid'][0]['value']; } $group_count++; } // Restart usergroup sequence with correct # of groups if ($config['database']['type'] == "pgsql") { $db->query("SELECT setval('{$config['database']['table_prefix']}usergroups_gid_seq', (SELECT max(gid) FROM {$config['database']['table_prefix']}usergroups));"); } echo $lang->done . '</p>'; echo $lang->done_step_admincreated; $now = TIME_NOW; $salt = random_str(); $loginkey = generate_loginkey(); $saltedpw = md5(md5($salt) . md5($mybb->get_input('adminpass'))); $newuser = array('username' => $db->escape_string($mybb->get_input('adminuser')), 'password' => $saltedpw, 'salt' => $salt, 'loginkey' => $loginkey, 'email' => $db->escape_string($mybb->get_input('adminemail')), 'usergroup' => $admin_gid, 'regdate' => $now, 'lastactive' => $now, 'lastvisit' => $now, 'website' => '', 'icq' => '', 'aim' => '', 'yahoo' => '', 'skype' => '', 'google' => '', 'birthday' => '', 'signature' => '', 'allownotices' => 1, 'hideemail' => 0, 'subscriptionmethod' => '0', 'receivepms' => 1, 'pmnotice' => 1, 'pmnotify' => 1, 'buddyrequestspm' => 1, 'buddyrequestsauto' => 0, 'showimages' => 1, 'showvideos' => 1, 'showsigs' => 1, 'showavatars' => 1, 'showquickreply' => 1, 'invisible' => 0, 'style' => '0', 'timezone' => 0, 'dst' => 0, 'threadmode' => '', 'daysprune' => 0, 'regip' => $db->escape_binary(my_inet_pton(get_ip())), 'language' => '', 'showcodebuttons' => 1, 'tpp' => 0, 'ppp' => 0, 'referrer' => 0, 'buddylist' => '', 'ignorelist' => '', 'pmfolders' => '', 'notepad' => '', 'showredirect' => 1, 'usernotes' => ''); $db->insert_query('users', $newuser); echo $lang->done . '</p>'; echo $lang->done_step_adminoptions; $adminoptions = file_get_contents(INSTALL_ROOT . 'resources/adminoptions.xml'); $parser = new XMLParser($adminoptions); $parser->collapse_dups = 0; $tree = $parser->get_tree(); $insertmodule = array(); $db->delete_query("adminoptions"); // Insert all the admin permissions foreach ($tree['adminoptions'][0]['user'] as $users) { $uid = $users['attributes']['uid']; foreach ($users['permissions'][0]['module'] as $module) { foreach ($module['permission'] as $permission) { $insertmodule[$module['attributes']['name']][$permission['attributes']['name']] = $permission['value']; } } $defaultviews = array(); foreach ($users['defaultviews'][0]['view'] as $view) { $defaultviews[$view['attributes']['type']] = $view['value']; } $adminoptiondata = array('uid' => (int) $uid, 'cpstyle' => '', 'notes' => '', 'permissions' => $db->escape_string(my_serialize($insertmodule)), 'defaultviews' => $db->escape_string(my_serialize($defaultviews))); $insertmodule = array(); $db->insert_query('adminoptions', $adminoptiondata); } echo $lang->done . '</p>'; // Automatic Login my_unsetcookie("sid"); my_unsetcookie("mybbuser"); my_setcookie('mybbuser', $uid . '_' . $loginkey, null, true); ob_end_flush(); // Make fulltext columns if supported if ($db->supports_fulltext('threads')) { $db->create_fulltext_index('threads', 'subject'); } if ($db->supports_fulltext_boolean('posts')) { $db->create_fulltext_index('posts', 'message'); } echo $lang->done_step_cachebuilding; require_once MYBB_ROOT . 'inc/class_datacache.php'; $cache = new datacache(); $cache->update_version(); $cache->update_attachtypes(); $cache->update_smilies(); $cache->update_badwords(); $cache->update_usergroups(); $cache->update_forumpermissions(); $cache->update_stats(); $cache->update_statistics(); $cache->update_forums(); $cache->update_moderators(); $cache->update_usertitles(); $cache->update_reportedcontent(); $cache->update_awaitingactivation(); $cache->update_mycode(); $cache->update_profilefields(); $cache->update_posticons(); $cache->update_spiders(); $cache->update_bannedips(); $cache->update_banned(); $cache->update_bannedemails(); $cache->update_birthdays(); $cache->update_groupleaders(); $cache->update_threadprefixes(); $cache->update_forumsdisplay(); $cache->update("plugins", array()); $cache->update("internal_settings", array('encryption_key' => random_str(32))); $cache->update_default_theme(); $version_history = array(); $dh = opendir(INSTALL_ROOT . "resources"); while (($file = readdir($dh)) !== false) { if (preg_match("#upgrade([0-9]+).php\$#i", $file, $match)) { $version_history[$match[1]] = $match[1]; } } sort($version_history, SORT_NUMERIC); $cache->update("version_history", $version_history); // Schedule an update check so it occurs an hour ago. Gotta stay up to date! $update['nextrun'] = TIME_NOW - 3600; $db->update_query("tasks", $update, "tid='12'"); $cache->update_update_check(); $cache->update_tasks(); echo $lang->done . '</p>'; echo $lang->done_step_success; $written = 0; if (is_writable('./')) { $lock = @fopen('./lock', 'w'); $written = @fwrite($lock, '1'); @fclose($lock); if ($written) { echo $lang->done_step_locked; } } if (!$written) { echo $lang->done_step_dirdelete; } echo $lang->done_whats_next; $output->print_footer(''); }
/** * Log a user spam block from StopForumSpam (or other spam service providers...) * * @param string $username The username that the user was using. * @param string $email The email address the user was using. * @param string $ip_address The IP addres of the user. * @param array $data An array of extra data to go with the block (eg: confidence rating). * @return bool Whether the action was logged successfully. */ function log_spam_block($username = '', $email = '', $ip_address = '', $data = array()) { global $db, $session; if (!is_array($data)) { $data = array($data); } if (!$ip_address) { $ip_address = get_ip(); } $ip_address = my_inet_pton($ip_address); $insert_array = array('username' => $db->escape_string($username), 'email' => $db->escape_string($email), 'ipaddress' => $db->escape_binary($ip_address), 'dateline' => (int) TIME_NOW, 'data' => $db->escape_string(@my_serialize($data))); return (bool) $db->insert_query('spamlog', $insert_array); }