Exemple #1
0
 $pm_subject = isset($_POST['req_subject']) ? panther_trim($_POST['req_subject']) : '';
 if ($panther_config['o_censoring'] == '1') {
     $censored_subject = panther_trim(censor_words($pm_subject));
 }
 if ($pm_subject == '') {
     $errors[] = $lang_warnings['No subject'];
 } else {
     if ($panther_config['o_censoring'] == '1' && $censored_subject == '') {
         $errors[] = $lang_post['No subject after censoring'];
     } else {
         if (panther_strlen($pm_subject) > 70) {
             $errors[] = $lang_post['Too long subject'];
         }
     }
 }
 $pm_message = panther_linebreaks(panther_trim($_POST['req_message']));
 if ($pm_message == '') {
     $errors[] = $lang_post['No message'];
 } else {
     if (strlen($pm_message) > PANTHER_MAX_POSTSIZE) {
         $errors[] = sprintf($lang_post['Too long message'], forum_number_format(PANTHER_MAX_POSTSIZE));
     }
 }
 if ($panther_config['p_message_bbcode'] == '1') {
     require PANTHER_ROOT . 'include/parser.php';
     $pm_message = $parser->preparse_bbcode($pm_message, $errors);
 }
 if (empty($errors)) {
     if ($pm_message == '') {
         $errors[] = $lang_post['No message'];
     } else {
Exemple #2
0
     } else {
         if ($panther_config['o_censoring'] == '1' && $censored_subject == '') {
             $errors[] = $lang_post['No subject after censoring'];
         } else {
             if (panther_strlen($subject) > 70) {
                 $errors[] = $lang_post['Too long subject'];
             } else {
                 if ($panther_config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$panther_user['is_admmod']) {
                     $errors[] = $lang_post['All caps subject'];
                 }
             }
         }
     }
 }
 // Clean up message from POST
 $message = isset($_POST['req_message']) ? panther_linebreaks(panther_trim($_POST['req_message'])) : '';
 // Here we use strlen() not panther_strlen() as we want to limit the post to PANTHER_MAX_POSTSIZE bytes, not characters
 if (strlen($message) > PANTHER_MAX_POSTSIZE) {
     $errors[] = sprintf($lang_post['Too long message'], forum_number_format(PANTHER_MAX_POSTSIZE));
 } else {
     if ($panther_config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$panther_user['is_admmod']) {
         $errors[] = $lang_post['All caps message'];
     }
 }
 // Validate BBCode syntax
 if ($panther_config['p_message_bbcode'] == '1') {
     require PANTHER_ROOT . 'include/parser.php';
     $message = $parser->preparse_bbcode($message, $errors);
 }
 if (empty($errors)) {
     if ($message == '') {
Exemple #3
0
                 $forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower($lang_common['Member']), utf8_strtolower($lang_common['Moderator']), utf8_strtolower($lang_common['Administrator']), utf8_strtolower($lang_common['Banned']), utf8_strtolower($lang_common['Guest']));
                 if (in_array(utf8_strtolower($form['title']), $forbidden)) {
                     message($lang_profile['Forbidden title']);
                 }
             }
         }
     }
     break;
 case 'messaging':
     $form = array('facebook' => panther_trim($_POST['form']['facebook']), 'steam' => panther_trim($_POST['form']['steam']), 'skype' => panther_trim($_POST['form']['skype']), 'google' => panther_trim($_POST['form']['google']), 'twitter' => panther_trim($_POST['form']['twitter']));
     break;
 case 'personality':
     $form = array();
     // Clean up signature from POST
     if ($panther_config['o_signatures'] == '1') {
         $form['signature'] = isset($_POST['signature']) ? panther_linebreaks(panther_trim($_POST['signature'])) : '';
         // Validate signature
         if (panther_strlen($form['signature']) > $panther_config['p_sig_length']) {
             message(sprintf($lang_prof_reg['Sig too long'], $panther_config['p_sig_length'], panther_strlen($form['signature']) - $panther_config['p_sig_length']));
         } else {
             if (substr_count($form['signature'], "\n") > $panther_config['p_sig_lines'] - 1) {
                 message(sprintf($lang_prof_reg['Sig too many lines'], $panther_config['p_sig_lines']));
             } else {
                 if ($form['signature'] && $panther_config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$panther_user['is_admmod']) {
                     $form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
                 }
             }
         }
         // Validate BBCode syntax
         if ($panther_config['p_sig_bbcode'] == '1') {
             require PANTHER_ROOT . 'include/parser.php';
Exemple #4
0
     require PANTHER_ROOT . 'footer.php';
 } else {
     if (isset($_GET['report'])) {
         if ($panther_user['is_guest']) {
             message($lang_common['No permission'], false, '403 Forbidden');
         }
         $post_id = intval($_GET['report']);
         if ($post_id < 1) {
             message($lang_common['Bad request'], false, '404 Not Found');
         }
         $errors = array();
         if (isset($_POST['form_sent'])) {
             // Make sure they got here from the site
             confirm_referrer('misc.php');
             // Clean up reason from POST
             $reason = isset($_POST['req_reason']) ? panther_linebreaks(panther_trim($_POST['req_reason'])) : '';
             if ($reason == '') {
                 $errors[] = $lang_misc['No reason'];
             } else {
                 if (strlen($reason) > 65535) {
                     // TEXT field can only hold 65535 bytes
                     $errors[] = $lang_misc['Reason too long'];
                 }
             }
             if ($panther_user['last_report_sent'] != '' && time() - $panther_user['last_report_sent'] < $panther_user['g_report_flood'] && time() - $panther_user['last_report_sent'] >= 0) {
                 $errors[] = sprintf($lang_misc['Report flood'], $panther_user['g_report_flood'], $panther_user['g_report_flood'] - (time() - $panther_user['last_report_sent']));
             }
             ($hook = get_extensions('report_after_validation')) ? eval($hook) : null;
             if (empty($errors)) {
                 // Get the topic ID
                 $data = array(':id' => $post_id);
Exemple #5
0
     }
 }
 if ($form['announcement_message'] != '') {
     $form['announcement_message'] = panther_linebreaks($form['announcement_message']);
 } else {
     $form['announcement_message'] = $lang_admin_options['Enter announcement here'];
     $form['announcement'] = '0';
 }
 if ($form['rules_message'] != '') {
     $form['rules_message'] = panther_linebreaks($form['rules_message']);
 } else {
     $form['rules_message'] = $lang_admin_options['Enter rules here'];
     $form['rules'] = '0';
 }
 if ($form['maintenance_message'] != '') {
     $form['maintenance_message'] = panther_linebreaks($form['maintenance_message']);
 } else {
     $form['maintenance_message'] = $lang_admin_options['Default maintenance message'];
     $form['maintenance'] = '0';
 }
 // Make sure the number of displayed topics and posts is between 3 and 75
 if ($form['disp_topics_default'] < 3) {
     $form['disp_topics_default'] = 3;
 } else {
     if ($form['disp_topics_default'] > 75) {
         $form['disp_topics_default'] = 75;
     }
 }
 if ($form['disp_posts_default'] < 3) {
     $form['disp_posts_default'] = 3;
 } else {
Exemple #6
0
 function send($to, $subject, $message, $reply_to_email = '', $reply_to_name = '')
 {
     // Use \r\n for SMTP servers, the system's line ending for local mailers
     $smtp = $this->config['o_smtp_host'] != '';
     $EOL = $smtp ? "\r\n" : FORUM_EOL;
     // Do a little spring cleaning
     $to = panther_trim(preg_replace('%[\\n\\r]+%s', '', $to));
     $subject = panther_trim(preg_replace('%[\\n\\r]+%s', '', $subject));
     $from_email = panther_trim(preg_replace('%[\\n\\r:]+%s', '', $this->config['o_webmaster_email']));
     $from_name = panther_trim(preg_replace('%[\\n\\r:]+%s', '', str_replace('"', '', $this->config['o_email_name'])));
     $reply_to_email = panther_trim(preg_replace('%[\\n\\r:]+%s', '', $reply_to_email));
     $reply_to_name = panther_trim(preg_replace('%[\\n\\r:]+%s', '', str_replace('"', '', $reply_to_name)));
     // Set up some headers to take advantage of UTF-8
     $from = '"' . $this->encode_mail_text($from_name) . '" <' . $from_email . '>';
     $subject = $this->encode_mail_text($subject);
     $headers = 'From: ' . $from . $EOL . 'Date: ' . gmdate('r') . $EOL . 'MIME-Version: 1.0' . $EOL . 'Content-transfer-encoding: 8bit' . $EOL . 'Content-type: text/plain; charset=utf-8' . $EOL . 'X-Mailer: Panther Forum Software';
     // If we specified a reply-to email, we deal with it here
     if (!empty($reply_to_email)) {
         $reply_to = '"' . $this->encode_mail_text($reply_to_name) . '" <' . $reply_to_email . '>';
         $headers .= $EOL . 'Reply-To: ' . $reply_to;
     }
     // Make sure all linebreaks are LF in message (and strip out any NULL bytes)
     $message = str_replace("", '', panther_linebreaks($message));
     $message = str_replace("\n", $EOL, $message);
     if ($smtp) {
         $this->smtp_mail($to, $subject, $message, $headers);
     } else {
         mail($to, $subject, $message, $headers);
     }
 }
Exemple #7
0
     generate_forums_cache();
     generate_quickjump_cache();
     generate_perms_cache();
     redirect(panther_link($panther_url['admin_forums']), $lang_admin_forums['Forums updated redirect']);
 } else {
     if (isset($_GET['edit_forum'])) {
         $forum_id = intval($_GET['edit_forum']);
         if ($forum_id < 1) {
             message($lang_common['Bad request'], false, '404 Not Found');
         }
         // Update group permissions for $forum_id
         if (isset($_POST['save'])) {
             confirm_referrer(PANTHER_ADMIN_DIR . '/forums.php');
             // Start with the forum details
             $forum_name = isset($_POST['forum_name']) ? panther_trim($_POST['forum_name']) : '';
             $forum_desc = isset($_POST['forum_desc']) ? panther_linebreaks(panther_trim($_POST['forum_desc'])) : '';
             $cat_id = isset($_POST['cat_id']) ? intval($_POST['cat_id']) : '';
             $sort_by = isset($_POST['sort_by']) ? intval($_POST['sort_by']) : '';
             $redirect_url = isset($_POST['redirect_url']) ? panther_trim($_POST['redirect_url']) : null;
             $use_reputation = isset($_POST['use_reputation']) && $_POST['use_reputation'] == '1' ? '1' : '0';
             $force_approve = isset($_POST['moderator_approve']) ? intval($_POST['moderator_approve']) : '0';
             $parent_forum = isset($_POST['parent_forum']) ? intval($_POST['parent_forum']) : '0';
             $show_post_info = isset($_POST['show_post_info']) ? intval($_POST['show_post_info']) : '1';
             $forum_password1 = isset($_POST['forum_password1']) ? panther_trim($_POST['forum_password1']) : '';
             $forum_password2 = isset($_POST['forum_password2']) ? panther_trim($_POST['forum_password2']) : '';
             $change_password = isset($_POST['change_forum_pass']) ? intval($_POST['change_forum_pass']) : '0';
             $quickjump = isset($_POST['quickjump']) ? intval($_POST['quickjump']) : '1';
             $protected = isset($_POST['protected']) ? intval($_POST['protected']) : '0';
             $increment_posts = isset($_POST['increment_posts']) ? intval($_POST['increment_posts']) : 1;
             if ($forum_name == '') {
                 message($lang_admin_forums['Must enter name message']);