function login_func($xmlrpc_params)
{
global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $mobiquo_config, $user, $register;
$lang->load("member");
$input = Tapatalk_Input::filterXmlInput(array('username' => Tapatalk_Input::STRING, 'password' => Tapatalk_Input::STRING, 'anonymous' => Tapatalk_Input::INT, 'push' => Tapatalk_Input::STRING), $xmlrpc_params);
$logins = login_attempt_check(1);
$login_text = '';
if (!username_exists($input['username'])) {
my_setcookie('loginattempts', $logins + 1);
$status = 2;
$response = new xmlrpcval(array('result' => new xmlrpcval(0, 'boolean'), 'result_text' => new xmlrpcval(strip_tags($lang->error_invalidpworusername), 'base64'), 'status' => new xmlrpcval($status, 'string')), 'struct');
return new xmlrpcresp($response);
}
$query = $db->simple_select("users", "loginattempts", "LOWER(username)='" . my_strtolower($input['username_esc']) . "'", array('limit' => 1));
$loginattempts = $db->fetch_field($query, "loginattempts");
$errors = array();
$user = validate_password_from_username($input['username'], $input['password']);
$correct = false;
if (!$user['uid']) {
if (validate_email_format($input['username'])) {
$mybb->settings['username_method'] = 1;
$user = validate_password_from_username($input['username'], $input['password']);
}
if (!$user['uid']) {
my_setcookie('loginattempts', $logins + 1);
$db->update_query("users", array('loginattempts' => 'loginattempts+1'), "LOWER(username) = '" . my_strtolower($input['username_esc']) . "'", 1, true);
if ($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1) {
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
$errors[] = $lang->error_invalidpworusername . $login_text;
} else {
$correct = true;
}
} else {
$correct = true;
}
if (!empty($errors)) {
return xmlrespfalse(implode(" :: ", $errors));
} else {
if ($correct) {
$register = 0;
return tt_login_success();
}
}
return xmlrespfalse("Invalid login details");
}
public function set_activity()
{
return my_setcookie('inferno_wait', TIME_NOW + $this->settings['inferno_shoutbox_flood']);
}
$loginhandler = new LoginDataHandler("get");
if ($mybb->get_input('quick_password') && $mybb->get_input('quick_username')) {
$mybb->input['password'] = $mybb->get_input('quick_password');
$mybb->input['username'] = $mybb->get_input('quick_username');
$mybb->input['remember'] = $mybb->get_input('quick_remember');
}
$user = array('username' => $mybb->get_input('username'), 'password' => $mybb->get_input('password'), 'remember' => $mybb->get_input('remember'), 'imagestring' => $mybb->get_input('imagestring'));
$options = array('fields' => 'loginattempts', 'username_method' => (int) $mybb->settings['username_method']);
$user_loginattempts = get_user_by_username($user['username'], $options);
$user['loginattempts'] = (int) $user_loginattempts['loginattempts'];
$loginhandler->set_data($user);
$validated = $loginhandler->validate_login();
if (!$validated) {
$mybb->input['action'] = "login";
$mybb->request_method = "get";
my_setcookie('loginattempts', $logins + 1);
$db->update_query("users", array('loginattempts' => 'loginattempts+1'), "uid='" . (int) $loginhandler->login_data['uid'] . "'", 1, true);
$errors = $loginhandler->get_friendly_errors();
$user['loginattempts'] = (int) $loginhandler->login_data['loginattempts'];
// If we need a captcha set it here
if ($mybb->settings['failedcaptchalogincount'] > 0 && ($user['loginattempts'] > $mybb->settings['failedcaptchalogincount'] || (int) $mybb->cookies['loginattempts'] > $mybb->settings['failedcaptchalogincount'])) {
$do_captcha = true;
$correct = $loginhandler->captcha_verified;
}
} else {
if ($validated && $loginhandler->captcha_verified == true) {
// Successful login
if ($loginhandler->login_data['coppauser']) {
error($lang->error_awaitingcoppa);
}
$loginhandler->complete_login();
$db->update_query("adminoptions", array("recovery_codes" => $db->escape_string(my_serialize($ncodes))), "uid='{$mybb->user['uid']}'");
if (count($ncodes) == 0) {
flash_message($lang->my2fa_no_codes, "error");
}
}
// Validate the code
require_once MYBB_ROOT . "inc/3rdparty/2fa/GoogleAuthenticator.php";
$auth = new PHPGangsta_GoogleAuthenticator();
$test = $auth->verifyCode($admin_options['authsecret'], $mybb->get_input('code'));
// Either the code was okay or it was a recovery code
if ($test === true || $recovery === true) {
// Correct code -> session authenticated
$db->update_query("adminsessions", array("authenticated" => 1), "sid='" . $db->escape_string($mybb->cookies['adminsid']) . "'");
$admin_session['authenticated'] = 1;
$db->update_query("adminoptions", array("loginattempts" => 0, "loginlockoutexpiry" => 0), "uid='{$mybb->user['uid']}'");
my_setcookie('acploginattempts', 0);
// post would result in an authorization code mismatch error
$mybb->request_method = "get";
} else {
// Wrong code -> close session (aka logout)
$db->delete_query("adminsessions", "sid='" . $db->escape_string($mybb->cookies['adminsid']) . "'");
my_unsetcookie('adminsid');
// Now test whether we need to lock this guy completly
$db->update_query("adminoptions", array("loginattempts" => "loginattempts+1"), "uid='{$mybb->user['uid']}'", '', true);
$loginattempts = login_attempt_check_acp($mybb->user['uid'], true);
// Have we attempted too many times?
if ($loginattempts['loginattempts'] > 0) {
// Have we set an expiry yet?
if ($loginattempts['loginlockoutexpiry'] == 0) {
$db->update_query("adminoptions", array("loginlockoutexpiry" => TIME_NOW + (int) $mybb->settings['loginattemptstimeout'] * 60), "uid='{$mybb->user['uid']}'");
}
}
}
}
if (count($errors) > 0) {
error($errors[0]);
}
}
if ($mybb->input['action'] == "do_password" && $mybb->request_method == "post") {
$errors = array();
$plugins->run_hooks("usercp_do_password_start");
if (!$verify_result && !validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword'])) {
$errors[] = $lang->error_invalidpassword;
} else {
// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");
$user = array("uid" => $mybb->user['uid'], "password" => $mybb->input['password'], "password2" => $mybb->input['password2']);
$userhandler->set_data($user);
if (!$userhandler->validate_user()) {
$errors = $userhandler->get_friendly_errors();
} else {
$userhandler->update_user();
my_setcookie("mybbuser", $mybb->user['uid'] . "_" . $userhandler->data['loginkey']);
$plugins->run_hooks("usercp_do_password_end");
$verify_result = true;
}
}
if (count($errors) > 0) {
error($errors[0]);
}
}
if ($mybb->get_input('quoted_ids') == "all") {
my_unsetcookie("multiquote");
} else {
$quoted_ids = explode("|", $mybb->get_input('quoted_ids'));
$multiquote = explode("|", $mybb->cookies['multiquote']);
if (is_array($multiquote) && is_array($quoted_ids)) {
foreach ($multiquote as $key => $quoteid) {
// If this ID was quoted, remove it from the multiquote list
if (in_array($quoteid, $quoted_ids)) {
unset($multiquote[$key]);
}
}
// Still have an array - set the new cookie
if (is_array($multiquote)) {
$new_multiquote = implode(",", $multiquote);
my_setcookie("multiquote", $new_multiquote);
} else {
my_unsetcookie("multiquote");
}
}
}
}
$plugins->run_hooks("newreply_do_newreply_end");
// This was a post made via the ajax quick reply - we need to do some special things here
if ($mybb->get_input('ajax', MyBB::INPUT_INT)) {
// Visible post
if ($visible == 1) {
// Set post counter
$postcounter = $thread['replies'] + 1;
if (is_moderator($fid, "canviewunapprove")) {
$postcounter += $thread['unapprovedposts'];
function extendinline($id, $type)
{
global $mybb;
my_setcookie("inlinemod_{$type}{$id}", '', TIME_NOW + 3600);
my_setcookie("inlinemod_{$type}{$id_removed}", '', TIME_NOW + 3600);
}
// Load Limiting
if ($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load']) {
// User is not an administrator and the load limit is higher than the limit, show an error
error($lang->error_loadlimit);
}
// If there is a valid referrer in the URL, cookie it
if (!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername']))) {
if (isset($mybb->input['referrername'])) {
$condition = "username='******'referrername']) . "'";
} else {
$condition = "uid='" . intval($mybb->input['referrer']) . "'";
}
$query = $db->simple_select("users", "uid", $condition, array('limit' => 1));
$referrer = $db->fetch_array($query);
if ($referrer['uid']) {
my_setcookie("mybb[referrer]", $referrer['uid']);
}
}
if ($mybb->usergroup['canview'] != 1) {
// Check pages allowable even when not allowed to view board
$allowable_actions = array("member.php" => array("register", "do_register", "login", "do_login", "logout", "lostpw", "do_lostpw", "activate", "resendactivation", "do_resendactivation", "resetpassword"), "usercp2.php" => array("removesubscription", "removesubscriptions"));
if (!($current_page == "member.php" && in_array($mybb->input['action'], $allowable_actions['member.php'])) && !($current_page == "usercp2.php" && in_array($mybb->input['action'], $allowable_actions['usercp2.php'])) && $current_page != "captcha.php") {
error_no_permission();
}
unset($allowable_actions);
}
// work out which items the user has collapsed
$colcookie = $mybb->cookies['collapsed'];
// set up collapsable items (to automatically show them us expanded)
if ($colcookie) {
$col = explode("|", $colcookie);
/**
* Logins an user by adding a cookie into his browser and updating his session
*/
public function login($user = '')
{
global $mybb, $session, $db;
if (!$user) {
$user = $mybb->user;
}
if (!$user['uid'] or !$user['loginkey'] or !$session) {
return false;
}
// Delete all the old sessions
$db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' and sid != '" . $session->sid . "'");
// Create a new session
$db->update_query("sessions", array("uid" => $user['uid']), "sid='" . $session->sid . "'");
// Set up the login cookies
my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true);
my_setcookie("sid", $session->sid, -1, true);
return true;
}
$modann = '';
}
$plugins->run_hooks("forumdisplay_announcement");
eval("\$announcements .= \"" . $templates->get("forumdisplay_announcements_announcement") . "\";");
$bgcolor = alt_trow();
}
if ($announcements) {
eval("\$announcementlist = \"" . $templates->get("forumdisplay_announcements") . "\";");
$shownormalsep = true;
}
if (empty($cookie)) {
// Clean up cookie crumbs
my_setcookie('mybb[announcements]', 0, TIME_NOW - 60 * 60 * 24 * 365);
} else {
if (!empty($cookie)) {
my_setcookie("mybb[announcements]", addslashes(my_serialize($cookie)), -1);
}
}
} else {
$announcementlist = '';
}
$tids = $threadcache = array();
$icon_cache = $cache->read("posticons");
if ($fpermissions['canviewthreads'] != 0) {
$plugins->run_hooks("forumdisplay_get_threads");
// Start Getting Threads
$query = $db->query("\n\t\tSELECT t.*, {$ratingadd}t.username AS threadusername, u.username\n\t\tFROM " . TABLE_PREFIX . "threads t\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid)\n\t\tWHERE t.fid='{$fid}' {$tuseronly} {$tvisibleonly} {$datecutsql2} {$prefixsql2}\n\t\tORDER BY t.sticky DESC, {$t}{$sortfield} {$sortordernow} {$sortfield2}\n\t\tLIMIT {$start}, {$perpage}\n\t");
$ratings = false;
$moved_threads = array();
while ($thread = $db->fetch_array($query)) {
$threadcache[$thread['tid']] = $thread;
function gomobile_switch_version()
{
global $db, $lang, $mybb;
if ($mybb->input['action'] != "switch_version") {
return false;
}
$url = "index.php";
if (isset($_SERVER['HTTP_REFERER'])) {
$url = htmlentities($_SERVER['HTTP_REFERER']);
}
if (md5($mybb->post_code) != $mybb->input['my_post_key']) {
redirect($url, $lang->invalid_post_code);
}
if ($mybb->input['do'] == "full") {
// Disable the mobile theme
my_setcookie("gomobile", "disabled", -1);
} elseif ($mybb->input['do'] == "clear") {
// Clear the mobile theme cookie
my_setcookie("gomobile", "nothing", -1);
} else {
// Assume we're wanting to switch to the mobile version
my_setcookie("gomobile", "force", -1);
}
$lang->load("gomobile");
redirect($url, $lang->gomobile_switched_version);
}
/**
* Log the user into MyBB with their MC credentials.
* Must be authenticated with authenticate() first!
*
* @access public
* @param $username
* @return bool
*/
public function login($username)
{
global $mybb, $db, $session;
if (!isset($username)) {
$username = $this->getUsername();
}
$q = $db->simple_select('users', 'uid,loginkey', "mcc_username = '******'");
if ($db->num_rows($q) == 1) {
$user = $db->fetch_array($q);
if (!$user['uid']) {
return false;
}
// Delete all the old sessions from user's IP address
$db->delete_query('sessions', "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '{$session->sid}'");
// Create a new session
$db->update_query('sessions', array('uid' => $user['uid']), "sid='{$session->sid}'");
// Set login cookies
my_setcookie('mybbuser', $user['uid'] . '_' . $user['loginkey'], null, true);
my_setcookie('sid', $session->sid, -1, true);
return true;
}
return false;
}
/**
* @return bool true
*/
function complete_login()
{
global $plugins, $db, $mybb, $session;
$user =& $this->login_data;
$plugins->run_hooks('datahandler_login_complete_start', $this);
// Login to MyBB
my_setcookie('loginattempts', 1);
my_setcookie("sid", $session->sid, -1, true);
$ip_address = $db->escape_binary($session->packedip);
$db->delete_query("sessions", "ip = {$ip_address} AND sid != '{$session->sid}'");
$newsession = array("uid" => $user['uid']);
$db->update_query("sessions", $newsession, "sid = '{$session->sid}'");
$db->update_query("users", array("loginattempts" => 1), "uid = '{$user['uid']}'");
$remember = null;
if (!isset($mybb->input['remember']) || $mybb->input['remember'] != "yes") {
$remember = -1;
}
my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], $remember, true);
if ($this->captcha !== false) {
$this->captcha->invalidate_captcha();
}
$plugins->run_hooks('datahandler_login_complete_end', $this);
return true;
}
function loginconvert_convert()
{
global $mybb, $db, $lang, $session, $plugins, $inline_errors, $errors;
if ($mybb->input['action'] != "do_login" || $mybb->request_method != "post") {
return;
}
// Checks to make sure the user can login; they haven't had too many tries at logging in.
// Is a fatal call if user has had too many tries
$logins = login_attempt_check();
$login_text = '';
// Did we come from the quick login form?
if ($mybb->input['quick_login'] == "1" && $mybb->input['quick_password'] && $mybb->input['quick_username']) {
$mybb->input['password'] = $mybb->input['quick_password'];
$mybb->input['username'] = $mybb->input['quick_username'];
}
if (!username_exists($mybb->input['username'])) {
my_setcookie('loginattempts', $logins + 1);
error($lang->error_invalidpworusername . $login_text);
}
$query = $db->simple_select("users", "loginattempts", "LOWER(username)='" . $db->escape_string(my_strtolower($mybb->input['username'])) . "'", array('limit' => 1));
$loginattempts = $db->fetch_field($query, "loginattempts");
$errors = array();
$user = loginconvert_validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if (!$user['uid']) {
my_setcookie('loginattempts', $logins + 1);
$db->write_query("UPDATE " . TABLE_PREFIX . "users SET loginattempts=loginattempts+1 WHERE LOWER(username) = '" . $db->escape_string(my_strtolower($mybb->input['username'])) . "'");
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
if ($mybb->settings['failedlogintext'] == 1) {
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
$errors[] = $lang->error_invalidpworusername . $login_text;
} else {
$correct = true;
}
if ($loginattempts > 3 || intval($mybb->cookies['loginattempts']) > 3) {
// Show captcha image for guests if enabled
if ($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && !$mybb->user['uid']) {
// If previewing a post - check their current captcha input - if correct, hide the captcha input area
if ($mybb->input['imagestring']) {
$imagehash = $db->escape_string($mybb->input['imagehash']);
$imagestring = $db->escape_string($mybb->input['imagestring']);
$query = $db->simple_select("captcha", "*", "imagehash='{$imagehash}' AND imagestring='{$imagestring}'");
$imgcheck = $db->fetch_array($query);
if ($imgcheck['dateline'] > 0) {
$correct = true;
} else {
$db->delete_query("captcha", "imagehash='{$imagehash}'");
$errors[] = $lang->error_regimageinvalid;
}
} else {
if ($mybb->input['quick_login'] == 1 && $mybb->input['quick_password'] && $mybb->input['quick_username']) {
$errors[] = $lang->error_regimagerequired;
} else {
$errors[] = $lang->error_regimagerequired;
}
}
}
$do_captcha = true;
}
if (!empty($errors)) {
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
$inline_errors = inline_error($errors);
} else {
if ($correct) {
if ($user['coppauser']) {
error($lang->error_awaitingcoppa);
}
my_setcookie('loginattempts', 1);
$db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '" . $session->sid . "'");
$newsession = array("uid" => $user['uid']);
$db->update_query("sessions", $newsession, "sid='" . $session->sid . "'");
$db->update_query("users", array("loginattempts" => 1), "uid='{$user['uid']}'");
my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true);
my_setcookie("sid", $session->sid, -1, true);
$plugins->run_hooks("member_do_login_end");
if ($mybb->input['url'] != "" && my_strpos(basename($mybb->input['url']), 'member.php') === false) {
if ((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false) {
$mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']);
}
$mybb->input['url'] = str_replace('&', '&', $mybb->input['url']);
// Redirect to the URL if it is not member.php
redirect(htmlentities($mybb->input['url']), $lang->redirect_loggedin);
} else {
redirect("index.php", $lang->redirect_loggedin);
}
} else {
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
}
}
}
$vote_options = array();
if ($mybb->user['uid']) {
$query = $db->simple_select("pollvotes", "vid,voteoption", "uid='" . $mybb->user['uid'] . "' AND pid='" . $poll['pid'] . "'");
while ($voteoption = $db->fetch_array($query)) {
$vote_options[$voteoption['vid']] = $voteoption['voteoption'];
}
} elseif (isset($mybb->cookies['pollvotes'][$poll['pid']])) {
// for Guests, we simply see if they've got the cookie
$vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]);
}
if (empty($vote_options)) {
error($lang->error_notvoted);
} else {
if (!$mybb->user['uid']) {
// clear cookie for Guests
my_setcookie("pollvotes[{$poll['pid']}]", "");
}
}
// Note, this is not thread safe!
$votesarray = explode("||~|~||", $poll['votes']);
if (count($votesarray) > $poll['numoptions']) {
$votesarray = array_slice(0, $poll['numoptions']);
}
if ($poll['multiple'] == 1) {
foreach ($vote_options as $vote) {
if (isset($votesarray[$vote - 1])) {
--$votesarray[$vote - 1];
--$poll['numvotes'];
}
}
} else {
}
$query = $db->simple_select("threadratings", "*", "{$whereclause} AND tid='{$tid}'");
$ratecheck = $db->fetch_array($query);
if ($ratecheck['rid'] || $mybb->cookies['mybbratethread'][$tid]) {
error($lang->error_alreadyratedthread);
} else {
$plugins->run_hooks("ratethread_process");
$db->write_query("\r\n\t\tUPDATE " . TABLE_PREFIX . "threads\r\n\t\tSET numratings=numratings+1, totalratings=totalratings+'{$mybb->input['rating']}'\r\n\t\tWHERE tid='{$tid}'\r\n\t");
if ($mybb->user['uid'] != 0) {
$insertarray = array('tid' => $tid, 'uid' => $mybb->user['uid'], 'rating' => $mybb->input['rating'], 'ipaddress' => $db->escape_string($session->ipaddress));
$db->insert_query("threadratings", $insertarray);
} else {
$insertarray = array('tid' => $tid, 'rating' => $mybb->input['rating'], 'ipaddress' => $db->escape_string($session->ipaddress));
$db->insert_query("threadratings", $insertarray);
$time = TIME_NOW;
my_setcookie("mybbratethread[{$tid}]", $mybb->input['rating']);
}
}
$plugins->run_hooks("ratethread_end");
if ($mybb->input['ajax']) {
echo "<success>{$lang->rating_added}</success>\n";
$query = $db->simple_select("threads", "totalratings, numratings", "tid='{$tid}'", array('limit' => 1));
$fetch = $db->fetch_array($query);
$width = 0;
if ($fetch['numratings'] >= 0) {
$averagerating = floatval(round($fetch['totalratings'] / $fetch['numratings'], 2));
$width = intval(round($averagerating)) * 20;
$fetch['numratings'] = intval($fetch['numratings']);
$ratingvotesav = $lang->sprintf($lang->rating_votes_average, $fetch['numratings'], $averagerating);
echo "<average>{$ratingvotesav}</average>\n";
}
// Load Limiting
if ($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load']) {
// User is not an administrator and the load limit is higher than the limit, show an error
error($lang->error_loadlimit);
}
// If there is a valid referrer in the URL, cookie it
if (!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername']))) {
if (isset($mybb->input['referrername'])) {
$condition = "username = '******'referrername')) . "'";
} else {
$condition = "uid = '" . $mybb->get_input('referrer', MyBB::INPUT_INT) . "'";
}
$query = $db->simple_select('users', 'uid', $condition, array('limit' => 1));
$referrer = $db->fetch_array($query);
if ($referrer['uid']) {
my_setcookie('mybb[referrer]', $referrer['uid']);
}
}
if ($mybb->usergroup['canview'] != 1) {
// Check pages allowable even when not allowed to view board
if (defined('ALLOWABLE_PAGE')) {
if (is_string(ALLOWABLE_PAGE)) {
$allowable_actions = explode(',', ALLOWABLE_PAGE);
if (!in_array($mybb->get_input('action'), $allowable_actions)) {
error_no_permission();
}
unset($allowable_actions);
} else {
if (ALLOWABLE_PAGE !== 1) {
error_no_permission();
}
/**
* Checks to make sure a user has not tried to login more times than permitted
* Will stop execution with call to error() unless
*
* @param bool (Optional) The function will stop execution if it finds an error with the login. Default is True
* @return bool Number of logins when success, false if failed.
*/
function login_attempt_check($fatal = true)
{
global $mybb, $lang, $session, $db;
if ($mybb->settings['failedlogincount'] == 0) {
return 1;
}
// Note: Number of logins is defaulted to 1, because using 0 seems to clear cookie data. Not really a problem as long as we account for 1 being default.
// Use cookie if possible, otherwise use session
// Find better solution to prevent clearing cookies
$loginattempts = 0;
$failedlogin = 0;
if (!empty($mybb->cookies['loginattempts'])) {
$loginattempts = $mybb->cookies['loginattempts'];
}
if (!empty($mybb->cookies['failedlogin'])) {
$failedlogin = $mybb->cookies['failedlogin'];
}
// Work out if the user has had more than the allowed number of login attempts
if ($loginattempts > $mybb->settings['failedlogincount']) {
// If so, then we need to work out if they can try to login again
// Some maths to work out how long they have left and display it to them
$now = TIME_NOW;
if (empty($mybb->cookies['failedlogin'])) {
$failedtime = $now;
} else {
$failedtime = $mybb->cookies['failedlogin'];
}
$secondsleft = $mybb->settings['failedlogintime'] * 60 + $failedtime - $now;
$hoursleft = floor($secondsleft / 3600);
$minsleft = floor($secondsleft / 60 % 60);
$secsleft = floor($secondsleft % 60);
// This value will be empty the first time the user doesn't login in, set it
if (empty($failedlogin)) {
my_setcookie('failedlogin', $now);
if ($fatal) {
error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));
}
return false;
}
// Work out if the user has waited long enough before letting them login again
if ($mybb->cookies['failedlogin'] < $now - $mybb->settings['failedlogintime'] * 60) {
my_setcookie('loginattempts', 1);
my_unsetcookie('failedlogin');
if ($mybb->user['uid'] != 0) {
$update_array = array('loginattempts' => 1);
$db->update_query("users", $update_array, "uid = '{$mybb->user['uid']}'");
}
return 1;
} else {
if ($mybb->cookies['failedlogin'] > $now - $mybb->settings['failedlogintime'] * 60) {
if ($fatal) {
error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));
}
return false;
}
}
}
// User can attempt another login
return $loginattempts;
}
$user = $db->fetch_array($query);
if (!$user['uid']) {
$output->print_error("Wpisany login jest niepoprawny.");
} else {
$user = validate_password_from_uid($user['uid'], $mybb->input['password'], $user);
if (!$user['uid']) {
$output->print_error("Wpisane hasło jest nieprawidłowe. Jeżeli nie pamiętasz swojego hasła, kliknij <a href=\"../member.php?action=lostpw\">tutaj</a>, aby je odzyskać i spróbuj ponownie.");
}
}
$db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '" . $session->sid . "'");
$newsession = array("uid" => $user['uid']);
$db->update_query("sessions", $newsession, "sid='" . $session->sid . "'");
// Temporarily set the cookie remember option for the login cookies
$mybb->user['remember'] = $user['remember'];
my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true);
my_setcookie("sid", $session->sid, -1, true);
header("Location: ./upgrade.php");
}
}
$output->steps = array($lang->upgrade);
if ($mybb->user['uid'] == 0) {
$output->print_header("Wymagane zalogowanie", "errormsg", 0, 1);
$output->print_contents('<p>Podaj swój login i hasło, aby rozpocząć proces aktualizacji. Musisz mieć uprawnienia administratora, aby uruchomić ten proces.</p>
<form action="upgrade.php" method="post">
<div class="border_wrapper">
<table class="general" cellspacing="0">
<thead>
<tr>
<th colspan="2" class="first last">Logowanie</th>
</tr>
</thead>
eval("\$syndication = \"" . $templates->get("misc_syndication") . "\";");
output_page($syndication);
}
if ($mybb->input['action'] == "clearcookies") {
$plugins->run_hooks("misc_clearcookies");
if ($mybb->input['key'] != $mybb->user['logoutkey']) {
error($lang->error_invalidkey);
}
$remove_cookies = array('mybb', 'mybbuser', 'mybb[password]', 'mybb[lastvisit]', 'mybb[lastactive]', 'collapsed', 'mybb[forumread]', 'mybb[threadsread]', 'mybbadmin');
if ($mybb->settings['cookiedomain']) {
foreach ($remove_cookies as $name) {
@my_setcookie($name, '', TIME_NOW - 1, $mybb->settings['cookiepath'], $mybb->settings['cookiedomain']);
}
} else {
foreach ($remove_cookies as $name) {
@my_setcookie($name, '', TIME_NOW - 1, $mybb->settings['cookiepath']);
}
}
redirect("index.php", $lang->redirect_cookiescleared);
}
function makesyndicateforums($pid = "0", $selitem = "", $addselect = "1", $depth = "", $permissions = "")
{
global $db, $forumcache, $permissioncache, $mybb, $selecteddone, $forumlist, $forumlistbits, $theme, $templates, $flist, $lang, $unviewable;
static $unviewableforums;
$pid = intval($pid);
if (!$permissions) {
$permissions = $mybb->usergroup;
}
if (!is_array($forumcache)) {
// Get Forums
$query = $db->simple_select("forums", "*", "linkto = '' AND active!=0", array('order_by' => 'pid, disporder'));
function tt_login_success()
{
global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $mobiquo_config, $user, $register;
if ($user['coppauser']) {
error($lang->error_awaitingcoppa);
}
my_setcookie('loginattempts', 1);
$db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '" . $session->sid . "'");
$newsession = array("uid" => $user['uid']);
$db->update_query("sessions", $newsession, "sid='" . $session->sid . "'");
$db->update_query("users", array("loginattempts" => 1), "uid='{$user['uid']}'");
my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true);
my_setcookie("sid", $session->sid, -1, true);
$mybb->cookies['sid'] = $session->sid;
$session = new session();
$session->init();
$mybbgroups = $mybb->user['usergroup'];
if ($mybb->user['additionalgroups']) {
$mybbgroups .= ',' . $mybb->user['additionalgroups'];
}
$groups = explode(",", $mybbgroups);
$xmlgroups = array();
foreach ($groups as $group) {
$xmlgroups[] = new xmlrpcval($group, "string");
}
tt_update_push();
if ($settings['maxattachments'] == 0) {
$settings['maxattachments'] = 100;
}
$userPushType = array('pm' => 1, 'newtopic' => 1, 'sub' => 1, 'tag' => 1, 'quote' => 1);
$push_type = array();
foreach ($userPushType as $name => $value) {
$push_type[] = new xmlrpcval(array('name' => new xmlrpcval($name, 'string'), 'value' => new xmlrpcval($value, 'boolean')), 'struct');
}
if ($mybb->settings['postfloodsecs'] && !is_moderator(0, "", $mybb->user['uid'])) {
$flood_interval = $mybb->settings['postfloodsecs'];
}
$result = array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'user_id' => new xmlrpcval($mybb->user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'login_name' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'user_type' => check_return_user_type($mybb->user['username']), 'email' => new xmlrpcval(basic_clean($mybb->user['email']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($mybb->user['avatar']), 'string'), 'post_count' => new xmlrpcval(intval($mybb->user['postnum']), 'int'), 'usergroup_id' => new xmlrpcval($xmlgroups, 'array'), 'ignored_uids' => new xmlrpcval($mybb->user['ignorelist'], 'string'), 'max_png_size' => new xmlrpcval(10000000, "int"), 'max_jpg_size' => new xmlrpcval(10000000, "int"), 'max_attachment' => new xmlrpcval($mybb->usergroup['canpostattachments'] == 1 ? $settings['maxattachments'] : 0, "int"), 'can_upload_avatar' => new xmlrpcval($mybb->usergroup['canuploadavatars'] == 1, "boolean"), 'can_pm' => new xmlrpcval($mybb->usergroup['canusepms'] == 1 && !$mobiquo_config['disable_pm'], "boolean"), 'can_send_pm' => new xmlrpcval($mybb->usergroup['cansendpms'] == 1 && !$mobiquo_config['disable_pm'], "boolean"), 'can_moderate' => new xmlrpcval($mybb->usergroup['canmodcp'] == 1, "boolean"), 'can_search' => new xmlrpcval($mybb->usergroup['cansearch'] == 1, "boolean"), 'can_whosonline' => new xmlrpcval($mybb->usergroup['canviewonline'] == 1, "boolean"), 'register' => new xmlrpcval($register, "boolean"), 'push_type' => new xmlrpcval($push_type, 'array'), 'post_countdown' => new xmlrpcval($flood_interval, 'int'));
if ($mybb->usergroup['isbannedgroup'] == 1) {
// Fetch details on their ban
$query = $db->simple_select("banned", "*", "uid='{$mybb->user['uid']}'", array('limit' => 1));
$ban = $db->fetch_array($query);
if ($ban['uid']) {
// Format their ban lift date and reason appropriately
if ($ban['lifted'] > 0) {
$banlift = my_date($mybb->settings['dateformat'], $ban['lifted']) . ", " . my_date($mybb->settings['timeformat'], $ban['lifted']);
} else {
$banlift = $lang->banned_lifted_never;
}
$reason = htmlspecialchars_uni($ban['reason']);
}
if (empty($reason)) {
$reason = $lang->unknown;
}
if (empty($banlift)) {
$banlift = $lang->unknown;
}
$result_text = $lang->banned_warning . $lang->banned_warning2 . ": " . $reason . "\n" . $lang->banned_warning3 . ": " . $banlift;
$result['result_text'] = new xmlrpcval($result_text, 'base64');
}
return new xmlrpcresp(new xmlrpcval($result, 'struct'));
}
if ($mybb->input['action'] == "do_login" && $mybb->request_method == "post") {
require_once MYBB_ROOT . "inc/functions_user.php";
if (!username_exists($mybb->get_input('username'))) {
$output->print_error("The username you have entered appears to be invalid.");
}
$options = array('fields' => array('username', 'password', 'salt', 'loginkey'));
$user = get_user_by_username($mybb->get_input('username'), $options);
if (!$user['uid']) {
$output->print_error("The username you have entered appears to be invalid.");
} else {
$user = validate_password_from_uid($user['uid'], $mybb->get_input('password'), $user);
if (!$user['uid']) {
$output->print_error("The password you entered is incorrect. If you have forgotten your password, click <a href=\"../member.php?action=lostpw\">here</a>. Otherwise, go back and try again.");
}
}
my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true);
header("Location: ./upgrade.php");
}
}
$output->steps = array($lang->upgrade);
if ($mybb->user['uid'] == 0) {
$output->print_header($lang->please_login, "errormsg", 0, 1);
$output->print_contents('<p>' . $lang->login_desc . '</p>
<form action="upgrade.php" method="post">
<div class="border_wrapper">
<table class="general" cellspacing="0">
<thead>
<tr>
<th colspan="2" class="first last">' . $lang->login . '</th>
</tr>
</thead>
/**
* Load a guest user.
*
*/
function load_guest()
{
global $mybb, $time, $db, $lang;
// Set up some defaults
$time = TIME_NOW;
$mybb->user['usergroup'] = 1;
$mybb->user['username'] = '';
$mybb->user['uid'] = 0;
$mybbgroups = 1;
$mybb->user['displaygroup'] = 1;
// Has this user visited before? Lastvisit need updating?
if (isset($mybb->cookies['mybb']['lastvisit'])) {
if (!isset($mybb->cookies['mybb']['lastactive'])) {
$mybb->user['lastactive'] = $time;
$mybb->cookies['mybb']['lastactive'] = $mybb->user['lastactive'];
} else {
$mybb->user['lastactive'] = intval($mybb->cookies['mybb']['lastactive']);
}
if ($time - $mybb->cookies['mybb']['lastactive'] > 900) {
my_setcookie("mybb[lastvisit]", $mybb->user['lastactive']);
$mybb->user['lastvisit'] = $mybb->user['lastactive'];
} else {
$mybb->user['lastvisit'] = intval($mybb->cookies['mybb']['lastactive']);
}
} else {
my_setcookie("mybb[lastvisit]", $time);
$mybb->user['lastvisit'] = $time;
}
// Update last active cookie.
my_setcookie("mybb[lastactive]", $time);
// Gather a full permission set for this guest
$mybb->usergroup = usergroup_permissions($mybbgroups);
$mydisplaygroup = usergroup_displaygroup($mybb->user['displaygroup']);
$mybb->usergroup = array_merge($mybb->usergroup, $mydisplaygroup);
// Update the online data.
if (!defined("NO_ONLINE")) {
if (!empty($this->sid)) {
$this->update_session($this->sid);
} else {
$this->create_session();
}
}
}
function get_announcement_list($foruminfo, $fid)
{
// Gather forum stats
global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $time, $mybbgroups, $cache;
$has_announcements = $has_modtools = false;
$forum_stats = $cache->read("forumsdisplay");
$parser = new postParser();
if (is_array($forum_stats)) {
if (!empty($forum_stats[-1]['modtools']) || !empty($forum_stats[$fid]['modtools'])) {
// Mod tools are specific to forums, not parents
$has_modtools = true;
}
if (!empty($forum_stats[-1]['announcements']) || !empty($forum_stats[$fid]['announcements'])) {
// Global or forum-specific announcements
$has_announcements = true;
}
}
$parentlist = $foruminfo['parentlist'];
$parentlistexploded = explode(",", $parentlist);
foreach ($parentlistexploded as $mfid) {
if (!empty($forum_stats[$mfid]['announcements'])) {
$has_announcements = true;
}
}
$announcementlist = $topic_list = array();
if ($has_announcements == true) {
$limit = '';
$announcements = '';
if ($mybb->settings['announcementlimit']) {
$limit = "LIMIT 0, " . $mybb->settings['announcementlimit'];
}
$sql = build_parent_list($fid, "fid", "OR", $parentlist);
$time = TIME_NOW;
$query = $db->query("\n\t\t\tSELECT a.*, u.username\n\t\t\tFROM " . TABLE_PREFIX . "announcements a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\t\t\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND ({$sql} OR fid='-1')\n\t\t\tORDER BY a.startdate DESC {$limit}\n\t\t");
// See if this announcement has been read in our announcement array
$cookie = array();
if (isset($mybb->cookies['mybb']['announcements'])) {
$cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements']));
}
$announcementlist = '';
$bgcolor = alt_trow(true);
// Reset the trow colors
while ($announcement = $db->fetch_array($query)) {
if ($announcement['startdate'] > $mybb->user['lastvisit'] && !$cookie[$announcement['aid']]) {
$new_class = ' class="subject_new"';
$folder = "newfolder";
} else {
$new_class = ' class="subject_old"';
$folder = "folder";
}
// Mmm, eat those announcement cookies if they're older than our last visit
if (isset($cookie[$announcement['aid']]) && $cookie[$announcement['aid']] < $mybb->user['lastvisit']) {
unset($cookie[$announcement['aid']]);
}
$announcement['announcementlink'] = get_announcement_link($announcement['aid']);
$announcement['subject'] = $parser->parse_badwords($announcement['subject']);
$announcement['subject'] = htmlspecialchars_uni($announcement['subject']);
$postdate = my_date('relative', $announcement['startdate']);
$announcement['profilelink'] = build_profile_link($announcement['username'], $announcement['uid']);
$announcementlist[] = $announcement;
}
if (empty($cookie)) {
// Clean up cookie crumbs
my_setcookie('mybb[announcements]', 0, TIME_NOW - 60 * 60 * 24 * 365);
} else {
if (!empty($cookie)) {
my_setcookie("mybb[announcements]", addslashes(serialize($cookie)), -1);
}
}
foreach ($announcementlist as $announce) {
$user_info = get_user($announce['uid']);
$icon_url = absolute_url($user_info['avatar']);
$xmlrpc_topic = new xmlrpcval(array('forum_id' => new xmlrpcval($fid, 'string'), 'topic_id' => new xmlrpcval('ann_' . $announce['aid'], 'string'), 'topic_title' => new xmlrpcval(basic_clean($announce['subject']), 'base64'), 'topic_author_id' => new xmlrpcval($announce['uid'], 'string'), 'topic_author_name' => new xmlrpcval(basic_clean($announce['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($icon_url), 'string'), 'reply_number' => new xmlrpcval(0, 'int'), 'view_number' => new xmlrpcval(0, 'int'), 'short_content' => new xmlrpcval(process_short_content($announce['message'], $parser), 'base64')), 'struct');
$topic_list[] = $xmlrpc_topic;
}
}
$response = new xmlrpcval(array('total_topic_num' => new xmlrpcval(count($announcementlist), 'int'), 'forum_id' => new xmlrpcval($fid), 'forum_name' => new xmlrpcval(basic_clean($foruminfo['name']), 'base64'), 'can_post' => new xmlrpcval(false, 'boolean'), 'can_upload' => new xmlrpcval(false, 'boolean'), 'topics' => new xmlrpcval($topic_list, 'array')), 'struct');
return new xmlrpcresp($response);
}
/**
* Marks all forums as read.
*
*/
function mark_all_forums_read()
{
global $mybb, $db, $cache;
// Can only do "true" tracking for registered users
if ($mybb->user['uid'] > 0) {
$db->update_query("users", array('lastvisit' => TIME_NOW), "uid='" . $mybb->user['uid'] . "'");
require_once MYBB_ROOT . "inc/functions_user.php";
update_pm_count('', 2);
if ($mybb->settings['threadreadcut'] > 0) {
// Need to loop through all forums and mark them as read
$forums = $cache->read('forums');
$update_count = ceil(count($forums) / 20);
if ($update_count < 15) {
$update_count = 15;
}
$mark_query = '';
$done = 0;
foreach (array_keys($forums) as $fid) {
switch ($db->type) {
case "pgsql":
case "sqlite":
$mark_query[] = array('fid' => $fid, 'uid' => $mybb->user['uid'], 'dateline' => TIME_NOW);
break;
default:
if ($mark_query != '') {
$mark_query .= ',';
}
$mark_query .= "('{$fid}', '{$mybb->user['uid']}', '" . TIME_NOW . "')";
}
++$done;
// Only do this in loops of $update_count, save query time
if ($done % $update_count) {
switch ($db->type) {
case "pgsql":
case "sqlite":
foreach ($mark_query as $replace_query) {
add_shutdown(array($db, "replace_query"), array("forumsread", $replace_query, array("fid", "uid")));
}
$mark_query = array();
break;
default:
$db->shutdown_query("\n\t\t\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumsread (fid, uid, dateline)\n\t\t\t\t\t\t\t\tVALUES {$mark_query}\n\t\t\t\t\t\t\t");
$mark_query = '';
}
}
}
if ($mark_query != '') {
switch ($db->type) {
case "pgsql":
case "sqlite":
foreach ($mark_query as $replace_query) {
add_shutdown(array($db, "replace_query"), array("forumsread", $replace_query, array("fid", "uid")));
}
break;
default:
$db->shutdown_query("\n\t\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumsread (fid, uid, dateline)\n\t\t\t\t\t\t\tVALUES {$mark_query}\n\t\t\t\t\t\t");
}
}
}
} else {
my_setcookie("mybb[readallforums]", 1);
my_setcookie("mybb[lastvisit]", TIME_NOW);
my_unsetcookie("mybb[threadread]");
my_unsetcookie("mybb[forumread]");
}
}
/**
* Perform a vote in a poll
*
* @param integer $poll_id ID of Poll
* @param integer $user_id ID of User
* @param integer|array Vote option (basically what you vote!) - if multiple, you can define more options in an array
*/
function vote($poll_id, $user_id = 0, $option = NULL)
{
// Load the Language Phrases
$this->lang->load('polls');
// A bit sanitizing...
$poll_id = (int) $poll_id;
$user_id = (int) $user_id;
// Let's fetch infos of the poll
$query = $this->db->simple_select("polls", "*", "pid='" . intval($poll_id) . "'");
$poll = $this->db->fetch_array($query);
$poll['timeout'] = $poll['timeout'] * 60 * 60 * 24;
$this->plugins->run_hooks("polls_vote_start");
// Does the poll exist?
if (!$poll['pid']) {
return $this->lang->error_invalidpoll;
}
// Does the poll exist in a valid thread?
$query = $this->db->simple_select("threads", "*", "poll='" . $poll['pid'] . "'");
$thread = $this->db->fetch_array($query);
if (!$thread['tid']) {
return $this->lang->error_invalidthread;
}
// Do we have the permissino to vote?
$fid = $thread['fid'];
$forumpermissions = forum_permissions($fid);
if ($forumpermissions['canvotepolls'] == 0) {
return false;
}
// Has the poll expired?
$expiretime = $poll['dateline'] + $poll['timeout'];
if ($poll['closed'] == 1 || $thread['closed'] == 1 || $expiretime < TIME_NOW && $poll['timeout']) {
return $this->lang->error_pollclosed;
}
// Did we pass an option to vote for?
if (empty($option)) {
return $this->lang->error_nopolloptions;
}
// Check if the user has voted before...
if ($user_id > 0) {
$query = $this->db->simple_select("pollvotes", "*", "uid='" . $user_id . "' AND pid='" . $poll['pid'] . "'");
$votecheck = $this->db->fetch_array($query);
}
if ($votecheck['vid'] || $this->mybb->cookies['pollvotes'][$poll['pid']]) {
return $this->lang->error_alreadyvoted;
} elseif ($user_id == 0) {
// Give a cookie to guests to inhibit revotes
my_setcookie("pollvotes[{$poll['pid']}]", '1');
}
$votesql = '';
$votesarray = explode("||~|~||", $poll['votes']);
$numvotes = $poll['numvotes'];
if ($poll['multiple'] == 1) {
foreach ($option as $voteoption => $vote) {
if ($vote == 1 && isset($votesarray[$voteoption - 1])) {
if ($votesql) {
$votesql .= ",";
}
$votesql .= "('" . $poll['pid'] . "','" . $user_id . "','" . $this->db->escape_string($voteoption) . "', " . TIME_NOW . ")";
$votesarray[$voteoption - 1]++;
$numvotes = $numvotes + 1;
}
}
} else {
if (!isset($votesarray[$option - 1])) {
return $this->lang->error_nopolloptions;
}
$votesql = "('" . $poll['pid'] . "','" . $user_id . "','" . $this->db->escape_string($option) . "', " . TIME_NOW . ")";
$votesarray[$option - 1]++;
$numvotes = $numvotes + 1;
}
// Save the fact that we voted
$this->db->write_query("\n\t\t\tINSERT INTO \n\t\t\t" . TABLE_PREFIX . "pollvotes (pid,uid,voteoption,dateline) \n\t\t\tVALUES {$votesql}\n\t\t");
$voteslist = '';
for ($i = 1; $i <= $poll['numoptions']; ++$i) {
if ($i > 1) {
$voteslist .= "||~|~||";
}
$voteslist .= $votesarray[$i - 1];
}
$updatedpoll = array("votes" => $this->db->escape_string($voteslist), "numvotes" => intval($numvotes));
$this->plugins->run_hooks("polls_vote_process");
$this->db->update_query("polls", $updatedpoll, "pid='" . $poll['pid'] . "'");
$this->plugins->run_hooks("polls_vote_end");
return true;
}
/**
* Installation is finished
*/
function install_done()
{
global $output, $db, $mybb, $errors, $cache, $lang;
if (empty($mybb->input['adminuser'])) {
$errors[] = $lang->admin_step_error_nouser;
}
if (empty($mybb->input['adminpass'])) {
$errors[] = $lang->admin_step_error_nopassword;
}
if ($mybb->get_input('adminpass') != $mybb->get_input('adminpass2')) {
$errors[] = $lang->admin_step_error_nomatch;
}
if (empty($mybb->input['adminemail'])) {
$errors[] = $lang->admin_step_error_noemail;
}
if (is_array($errors)) {
create_admin_user();
}
require MYBB_ROOT . 'inc/config.php';
$db = db_connection($config);
require MYBB_ROOT . 'inc/settings.php';
$mybb->settings =& $settings;
ob_start();
$output->print_header($lang->finish_setup, 'finish');
echo $lang->done_step_usergroupsinserted;
// Insert all of our user groups from the XML file
$usergroup_settings = file_get_contents(INSTALL_ROOT . 'resources/usergroups.xml');
$parser = new XMLParser($usergroup_settings);
$parser->collapse_dups = 0;
$tree = $parser->get_tree();
$admin_gid = '';
$group_count = 0;
foreach ($tree['usergroups'][0]['usergroup'] as $usergroup) {
// usergroup[cancp][0][value]
$new_group = array();
foreach ($usergroup as $key => $value) {
if (!is_array($value)) {
continue;
}
$new_group[$key] = $db->escape_string($value[0]['value']);
}
$db->insert_query("usergroups", $new_group, false);
// If this group can access the admin CP and we haven't established the admin group - set it (just in case we ever change IDs)
if ($new_group['cancp'] == 1 && !$admin_gid) {
$admin_gid = $usergroup['gid'][0]['value'];
}
$group_count++;
}
// Restart usergroup sequence with correct # of groups
if ($config['database']['type'] == "pgsql") {
$db->query("SELECT setval('{$config['database']['table_prefix']}usergroups_gid_seq', (SELECT max(gid) FROM {$config['database']['table_prefix']}usergroups));");
}
echo $lang->done . '</p>';
echo $lang->done_step_admincreated;
$now = TIME_NOW;
$salt = random_str();
$loginkey = generate_loginkey();
$saltedpw = md5(md5($salt) . md5($mybb->get_input('adminpass')));
$newuser = array('username' => $db->escape_string($mybb->get_input('adminuser')), 'password' => $saltedpw, 'salt' => $salt, 'loginkey' => $loginkey, 'email' => $db->escape_string($mybb->get_input('adminemail')), 'usergroup' => $admin_gid, 'regdate' => $now, 'lastactive' => $now, 'lastvisit' => $now, 'website' => '', 'icq' => '', 'aim' => '', 'yahoo' => '', 'skype' => '', 'google' => '', 'birthday' => '', 'signature' => '', 'allownotices' => 1, 'hideemail' => 0, 'subscriptionmethod' => '0', 'receivepms' => 1, 'pmnotice' => 1, 'pmnotify' => 1, 'buddyrequestspm' => 1, 'buddyrequestsauto' => 0, 'showimages' => 1, 'showvideos' => 1, 'showsigs' => 1, 'showavatars' => 1, 'showquickreply' => 1, 'invisible' => 0, 'style' => '0', 'timezone' => 0, 'dst' => 0, 'threadmode' => '', 'daysprune' => 0, 'regip' => $db->escape_binary(my_inet_pton(get_ip())), 'language' => '', 'showcodebuttons' => 1, 'tpp' => 0, 'ppp' => 0, 'referrer' => 0, 'buddylist' => '', 'ignorelist' => '', 'pmfolders' => '', 'notepad' => '', 'showredirect' => 1, 'usernotes' => '');
$db->insert_query('users', $newuser);
echo $lang->done . '</p>';
echo $lang->done_step_adminoptions;
$adminoptions = file_get_contents(INSTALL_ROOT . 'resources/adminoptions.xml');
$parser = new XMLParser($adminoptions);
$parser->collapse_dups = 0;
$tree = $parser->get_tree();
$insertmodule = array();
$db->delete_query("adminoptions");
// Insert all the admin permissions
foreach ($tree['adminoptions'][0]['user'] as $users) {
$uid = $users['attributes']['uid'];
foreach ($users['permissions'][0]['module'] as $module) {
foreach ($module['permission'] as $permission) {
$insertmodule[$module['attributes']['name']][$permission['attributes']['name']] = $permission['value'];
}
}
$defaultviews = array();
foreach ($users['defaultviews'][0]['view'] as $view) {
$defaultviews[$view['attributes']['type']] = $view['value'];
}
$adminoptiondata = array('uid' => (int) $uid, 'cpstyle' => '', 'notes' => '', 'permissions' => $db->escape_string(my_serialize($insertmodule)), 'defaultviews' => $db->escape_string(my_serialize($defaultviews)));
$insertmodule = array();
$db->insert_query('adminoptions', $adminoptiondata);
}
echo $lang->done . '</p>';
// Automatic Login
my_unsetcookie("sid");
my_unsetcookie("mybbuser");
my_setcookie('mybbuser', $uid . '_' . $loginkey, null, true);
ob_end_flush();
// Make fulltext columns if supported
if ($db->supports_fulltext('threads')) {
$db->create_fulltext_index('threads', 'subject');
}
if ($db->supports_fulltext_boolean('posts')) {
$db->create_fulltext_index('posts', 'message');
}
echo $lang->done_step_cachebuilding;
require_once MYBB_ROOT . 'inc/class_datacache.php';
$cache = new datacache();
$cache->update_version();
$cache->update_attachtypes();
$cache->update_smilies();
$cache->update_badwords();
$cache->update_usergroups();
$cache->update_forumpermissions();
$cache->update_stats();
$cache->update_statistics();
$cache->update_forums();
$cache->update_moderators();
$cache->update_usertitles();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();
$cache->update_mycode();
$cache->update_profilefields();
$cache->update_posticons();
$cache->update_spiders();
$cache->update_bannedips();
$cache->update_banned();
$cache->update_bannedemails();
$cache->update_birthdays();
$cache->update_groupleaders();
$cache->update_threadprefixes();
$cache->update_forumsdisplay();
$cache->update("plugins", array());
$cache->update("internal_settings", array('encryption_key' => random_str(32)));
$cache->update_default_theme();
$version_history = array();
$dh = opendir(INSTALL_ROOT . "resources");
while (($file = readdir($dh)) !== false) {
if (preg_match("#upgrade([0-9]+).php\$#i", $file, $match)) {
$version_history[$match[1]] = $match[1];
}
}
sort($version_history, SORT_NUMERIC);
$cache->update("version_history", $version_history);
// Schedule an update check so it occurs an hour ago. Gotta stay up to date!
$update['nextrun'] = TIME_NOW - 3600;
$db->update_query("tasks", $update, "tid='12'");
$cache->update_update_check();
$cache->update_tasks();
echo $lang->done . '</p>';
echo $lang->done_step_success;
$written = 0;
if (is_writable('./')) {
$lock = @fopen('./lock', 'w');
$written = @fwrite($lock, '1');
@fclose($lock);
if ($written) {
echo $lang->done_step_locked;
}
}
if (!$written) {
echo $lang->done_step_dirdelete;
}
echo $lang->done_whats_next;
$output->print_footer('');
}
}
}
// If the delayedthreadviews setting was changed, enable or disable the tasks for it.
if (isset($mybb->input['upsetting']['delayedthreadviews']) && $mybb->settings['delayedthreadviews'] != $mybb->input['upsetting']['delayedthreadviews']) {
if ($mybb->input['upsetting']['delayedthreadviews'] == 0) {
$updated_task = array("enabled" => 0);
} else {
$updated_task = array("enabled" => 1);
}
$db->update_query("tasks", $updated_task, "file='threadviews'");
}
// Have we changed our cookie prefix? If so, update our adminsid so we're not logged out
if ($mybb->input['upsetting']['cookieprefix'] && $mybb->input['upsetting']['cookieprefix'] != $mybb->settings['cookieprefix']) {
my_unsetcookie("adminsid");
$mybb->settings['cookieprefix'] = $mybb->input['upsetting']['cookieprefix'];
my_setcookie("adminsid", $admin_session['sid'], '', true);
}
// Have we opted for a reCAPTCHA and not set a public/private key?
if ($mybb->input['upsetting']['captchaimage'] == 2 && !$mybb->input['upsetting']['captchaprivatekey'] && !$mybb->input['upsetting']['captchapublickey']) {
$db->update_query("settings", array("value" => 1), "name = 'captchaimage'");
}
rebuild_settings();
$plugins->run_hooks("admin_config_settings_change_commit");
// If we have changed our report reasons recache them
if (isset($mybb->input['upsetting']['reportreasons'])) {
$cache->update_reportedposts();
}
// Log admin action
log_admin_action();
flash_message($lang->success_settings_updated, 'success');
admin_redirect("index.php?module=config-settings");
$form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby')) . " {$lang->in} " . $form->generate_select_box('order', $sort_directions, $mybb->input['order'], array('id' => 'order')), 'sortby');
$form_container->output_row($lang->results_per_page, "", $form->generate_text_box('perpage', $mybb->input['perpage'], array('id' => 'perpage')), 'perpage');
$form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => $mybb->input['displayas'] != "card" ? true : false)) . "<br />" . $form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => $mybb->input['displayas'] == "card" ? true : false)));
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->find_users);
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
}
if ($mybb->input['action'] == "inline_edit") {
$plugins->run_hooks("admin_user_users_inline");
if ($mybb->input['vid'] || $mybb->cookies['acp_view']) {
// We have a custom view
if (!$mybb->cookies['acp_view']) {
// Set a cookie
my_setcookie("acp_view", $mybb->input['vid'], 60);
} elseif ($mybb->cookies['acp_view']) {
// We already have a cookie, so let's use it...
$mybb->input['vid'] = $mybb->cookies['acp_view'];
}
$vid_url = "&vid=" . $mybb->input['vid'];
}
// First, collect the user IDs that we're performing the moderation on
$ids = explode("|", $mybb->cookies['inlinemod_useracp']);
foreach ($ids as $id) {
if ($id != '') {
$selected[] = intval($id);
}
}
// If there isn't anything to select, then output an error
if (!is_array($selected)) {
public function member_profile_end()
{
global $templates, $theme, $memprofile, $settings, $db, $mybb, $lang, $myprofile_visitors, $theme;
if ($settings["mpvisitorsenabled"] != "1") {
return;
}
MyProfileUtils::lang_load_myprofile();
// we don't care if I'm a guest, or I'm visiting my own profile
if (isset($mybb->user["uid"]) && $mybb->user["uid"] > 0 && $mybb->user["uid"] != $memprofile["uid"]) {
$query = $db->simple_select("myprofilevisitors", "*", "uid='{$memprofile['uid']}' AND vuid='{$mybb->user['uid']}'");
if ($db->num_rows($query) > 0) {
// update
$update_array = array("time" => TIME_NOW);
$db->update_query("myprofilevisitors", $update_array, "uid='{$memprofile['uid']}' AND vuid='{$mybb->user['uid']}'");
} else {
// insert
$insert_array = array("uid" => $db->escape_string($memprofile['uid']), "vuid" => $db->escape_string($mybb->user['uid']), "time" => TIME_NOW);
$db->insert_query("myprofilevisitors", $insert_array);
}
}
if ($mybb->settings['mpprofileviewsenabled']) {
// Check if a cookie exists so they can't refresh constantly to increment the counter
$cookiekey = "profile" . $memprofile['uid'];
if (!isset($mybb->cookies[$cookiekey]) && $memprofile['uid'] != $mybb->user['uid']) {
// update the view count
$visitcount = $memprofile['viewcount'] + 1;
$db->write_query("UPDATE " . TABLE_PREFIX . "users SET viewcount={$visitcount} WHERE uid=" . $memprofile['uid']);
}
my_setcookie($cookiekey, 1, 300);
// 5 minute delay should be adequate
eval("\$profilevisits = \"" . $templates->get("myprofile_visitor_count") . "\";");
}
$query = $db->simple_select("myprofilevisitors", "*", "uid='{$memprofile['uid']}'", array("limit" => isset($settings["mpvisitorsrecord"]) && is_numeric($settings["mpvisitorsrecord"]) ? $settings["mpvisitorsrecord"] : "10", "order_by" => "time", "order_dir" => "DESC"));
if ($db->num_rows($query) == 0) {
$lastvisitors = $lang->mp_profile_visitors_no_visit;
} else {
$lastvisitors_array = array();
while ($visit = $db->fetch_array($query)) {
$visitor = get_user($visit["vuid"]);
if (!empty($visitor)) {
$date = my_date($settings["dateformat"], $visit["time"]);
$time = my_date($settings["timeformat"], $visit["time"]);
$username = build_profile_link(format_name(htmlspecialchars_uni($visitor["username"]), $visitor["usergroup"], $visitor["displaygroup"]), $visitor["uid"]);
$lastvisitors_array[] = $username . " ({$date} - {$time})";
}
}
$lastvisitors = implode($lang->comma, $lastvisitors_array);
}
eval("\$myprofile_visitors .= \"" . $templates->get('myprofile_visitors') . "\";");
}
