function sig_preview() { global $context, $sourcedir, $smcFunc, $txt, $user_info; require_once $sourcedir . '/Profile-Modify.php'; loadLanguage('Profile'); loadLanguage('Errors'); $user = isset($_POST['user']) ? (int) $_POST['user'] : 0; $is_owner = $user == $user_info['id']; // @todo Temporary // Borrowed from loadAttachmentContext in Display.php $can_change = $is_owner ? allowedTo(array('profile_extra_any', 'profile_extra_own')) : allowedTo('profile_extra_any'); $errors = array(); if (!empty($user) && $can_change) { $request = $smcFunc['db_query']('', ' SELECT signature FROM {db_prefix}members WHERE id_member = {int:id_member} LIMIT 1', array('id_member' => $user)); list($current_signature) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); censorText($current_signature); $current_signature = parse_bbc($current_signature, true, 'sig' . $user); $preview_signature = !empty($_POST['signature']) ? $_POST['signature'] : ''; $validation = profileValidateSignature($preview_signature); if ($validation !== true && $validation !== false) { $errors[] = array('value' => $txt['profile_error_' . $validation], 'attributes' => array('type' => 'error')); } censorText($preview_signature); $preview_signature = parse_bbc($preview_signature, true, 'sig' . $user); } elseif (!$can_change) { if ($is_owner) { $errors[] = array('value' => $txt['cannot_profile_extra_own'], 'attributes' => array('type' => 'error')); } else { $errors[] = array('value' => $txt['cannot_profile_extra_any'], 'attributes' => array('type' => 'error')); } } else { $errors[] = array('value' => $txt['no_user_selected'], 'attributes' => array('type' => 'error')); } $context['xml_data']['signatures'] = array('identifier' => 'signature', 'children' => array()); if (isset($current_signature)) { $context['xml_data']['signatures']['children'][] = array('value' => $current_signature, 'attributes' => array('type' => 'current')); } if (isset($preview_signature)) { $context['xml_data']['signatures']['children'][] = array('value' => $preview_signature, 'attributes' => array('type' => 'preview')); } if (!empty($errors)) { $context['xml_data']['errors'] = array('identifier' => 'error', 'children' => array_merge(array(array('value' => $txt['profile_errors_occurred'], 'attributes' => array('type' => 'errors_occurred'))), $errors)); } }
/** * Load key signature context data. * * @return boolean */ function profileLoadSignatureData() { global $modSettings, $context, $txt, $cur_profile, $memberContext; // Signature limits. list($sig_limits, $sig_bbc) = explode(':', $modSettings['signature_settings']); $sig_limits = explode(',', $sig_limits); $context['signature_enabled'] = isset($sig_limits[0]) ? $sig_limits[0] : 0; $context['signature_limits'] = array('max_length' => isset($sig_limits[1]) ? $sig_limits[1] : 0, 'max_lines' => isset($sig_limits[2]) ? $sig_limits[2] : 0, 'max_images' => isset($sig_limits[3]) ? $sig_limits[3] : 0, 'max_smileys' => isset($sig_limits[4]) ? $sig_limits[4] : 0, 'max_image_width' => isset($sig_limits[5]) ? $sig_limits[5] : 0, 'max_image_height' => isset($sig_limits[6]) ? $sig_limits[6] : 0, 'max_font_size' => isset($sig_limits[7]) ? $sig_limits[7] : 0, 'bbc' => !empty($sig_bbc) ? explode(',', $sig_bbc) : array()); // Kept this line in for backwards compatibility! $context['max_signature_length'] = $context['signature_limits']['max_length']; // Warning message for signature image limits? $context['signature_warning'] = ''; if ($context['signature_limits']['max_image_width'] && $context['signature_limits']['max_image_height']) { $context['signature_warning'] = sprintf($txt['profile_error_signature_max_image_size'], $context['signature_limits']['max_image_width'], $context['signature_limits']['max_image_height']); } elseif ($context['signature_limits']['max_image_width'] || $context['signature_limits']['max_image_height']) { $context['signature_warning'] = sprintf($txt['profile_error_signature_max_image_' . ($context['signature_limits']['max_image_width'] ? 'width' : 'height')], $context['signature_limits'][$context['signature_limits']['max_image_width'] ? 'max_image_width' : 'max_image_height']); } $context['show_spellchecking'] = !empty($modSettings['enableSpellChecking']) && function_exists('pspell_new'); if ($context['show_spellchecking']) { loadJavascriptFile('spellcheck.js', array('defer' => true)); } if (empty($context['do_preview'])) { $context['member']['signature'] = empty($cur_profile['signature']) ? '' : str_replace(array('<br />', '<', '>', '"', '\''), array("\n", '<', '>', '"', '''), $cur_profile['signature']); } else { $signature = !empty($_POST['signature']) ? $_POST['signature'] : ''; $validation = profileValidateSignature($signature); if (empty($context['post_errors'])) { loadLanguage('Errors'); $context['post_errors'] = array(); } $context['post_errors'][] = 'signature_not_yet_saved'; if ($validation !== true && $validation !== false) { $context['post_errors'][] = $validation; } censorText($context['member']['signature']); $context['member']['current_signature'] = $context['member']['signature']; censorText($signature); $context['member']['signature_preview'] = parse_bbc($signature, true, 'sig' . $memberContext[$context['id_member']]); $context['member']['signature'] = $_POST['signature']; } return true; }
/** * Let them see what their signature looks like before they use it like spam */ public function action_sig_preview() { global $context, $txt, $user_info; require_once SUBSDIR . '/Profile.subs.php'; loadLanguage('Profile'); loadLanguage('Errors'); $user = isset($_POST['user']) ? (int) $_POST['user'] : 0; $is_owner = $user == $user_info['id']; // @todo Temporary // Borrowed from loadAttachmentContext in Display.controller.php $can_change = $is_owner ? allowedTo(array('profile_extra_any', 'profile_extra_own')) : allowedTo('profile_extra_any'); $errors = array(); if (!empty($user) && $can_change) { require_once SUBSDIR . '/Members.subs.php'; // Get the current signature $member = getBasicMemberData($user, array('preferences' => true)); censorText($member['signature']); $member['signature'] = parse_bbc($member['signature'], true, 'sig' . $user); // And now what they want it to be $preview_signature = !empty($_POST['signature']) ? Util::htmlspecialchars($_POST['signature']) : ''; $validation = profileValidateSignature($preview_signature); // An odd check for errors to be sure if ($validation !== true && $validation !== false) { $errors[] = array('value' => $txt['profile_error_' . $validation], 'attributes' => array('type' => 'error')); } preparsecode($preview_signature); censorText($preview_signature); $preview_signature = parse_bbc($preview_signature, true, 'sig' . $user); } elseif (!$can_change) { if ($is_owner) { $errors[] = array('value' => $txt['cannot_profile_extra_own'], 'attributes' => array('type' => 'error')); } else { $errors[] = array('value' => $txt['cannot_profile_extra_any'], 'attributes' => array('type' => 'error')); } } else { $errors[] = array('value' => $txt['no_user_selected'], 'attributes' => array('type' => 'error')); } // Return the response for the template $context['xml_data']['signatures'] = array('identifier' => 'signature', 'children' => array()); if (isset($member['signature'])) { $context['xml_data']['signatures']['children'][] = array('value' => $member['signature'], 'attributes' => array('type' => 'current')); } if (isset($preview_signature)) { $context['xml_data']['signatures']['children'][] = array('value' => $preview_signature, 'attributes' => array('type' => 'preview')); } if (!empty($errors)) { $context['xml_data']['errors'] = array('identifier' => 'error', 'children' => array_merge(array(array('value' => $txt['profile_errors_occurred'], 'attributes' => array('type' => 'errors_occurred'))), $errors)); } }
function char_edit() { global $context, $smcFunc, $txt, $sourcedir, $user_info, $modSettings; // If they don't have permission to be here, goodbye. if (!$context['character']['editable']) { redirectexit('action=profile;u=' . $context['id_member'] . ';area=characters;char=' . $context['character']['id_character']); } $context['character']['title_editable'] = !empty($modSettings['titlesEnable']) && allowedTo('admin_forum'); $context['sub_template'] = 'edit_char'; loadJavascriptFile('chars.js', array('default_theme' => true), 'chars'); $context['character']['groups_editable'] = false; if (allowedTo('manage_membergroups') && !$context['character']['is_main']) { $context['character']['groups_editable'] = true; profileLoadCharGroups(); } require_once $sourcedir . '/Subs-Post.php'; require_once $sourcedir . '/Profile-Modify.php'; profileLoadSignatureData(); $context['form_errors'] = []; if (isset($_POST['edit_char'])) { validateSession(); validateToken('edit-char' . $context['character']['id_character'], 'post'); $changes = []; $new_name = !empty($_POST['char_name']) ? $smcFunc['htmlspecialchars'](trim($_POST['char_name']), ENT_QUOTES) : ''; if ($new_name == '') { $context['form_errors'][] = $txt['char_error_character_must_have_name']; } elseif ($new_name != $context['character']['character_name']) { // Check if the name already exists. $result = $smcFunc['db_query']('', ' SELECT COUNT(*) FROM {db_prefix}characters WHERE character_name LIKE {string:new_name} AND id_character != {int:char}', array('new_name' => $new_name, 'char' => $context['character']['id_character'])); list($matching_names) = $smcFunc['db_fetch_row']($result); $smcFunc['db_free_result']($result); if ($matching_names) { $context['form_errors'][] = $txt['char_error_duplicate_character_name']; } else { $changes['character_name'] = $new_name; } } if ($context['character']['title_editable']) { $new_title = isset($_POST['char_title']) ? $_POST['char_title'] : ''; preparsecode($new_title); if ($new_title != $context['character']['char_title']) { $changes['char_title'] = $new_title; } } if ($context['character']['groups_editable']) { // Editing groups is a little bit complicated. $new_id_group = isset($_POST['id_group'], $context['member_groups'][$_POST['id_group']]) && $context['member_groups'][$_POST['id_group']]['can_be_primary'] ? (int) $_POST['id_group'] : $context['character']['main_char_group']; $new_char_groups = []; if (isset($_POST['additional_groups']) && is_array($_POST['additional_groups'])) { foreach ($_POST['additional_groups'] as $id_group) { if (!isset($context['member_groups'][$id_group])) { continue; } if (!$context['member_groups'][$id_group]['can_be_additional']) { continue; } if ($id_group == $new_id_group) { continue; } $new_char_groups[] = (int) $id_group; } } $new_char_groups = implode(',', $new_char_groups); if ($new_id_group != $context['character']['main_char_group']) { $changes['main_char_group'] = $new_id_group; } if ($new_char_groups != $context['character']['char_groups']) { $changes['char_groups'] = $new_char_groups; } } $new_age = !empty($_POST['age']) ? $smcFunc['htmlspecialchars'](trim($_POST['age']), ENT_QUOTES) : ''; if ($new_age != $context['character']['age']) { $changes['age'] = $new_age; } $new_avatar = !empty($_POST['avatar']) ? trim($_POST['avatar']) : ''; $validatable_avatar = strpos($new_avatar, 'http') !== 0 ? 'http://' . $new_avatar : $new_avatar; // filter_var doesn't like // URLs if ($new_avatar != $context['character']['avatar']) { if (filter_var($validatable_avatar, FILTER_VALIDATE_URL)) { $size = get_avatar_url_size($new_avatar); if (!$size) { $context['form_errors'][] = $txt['char_error_avatar_link_invalid']; } elseif (!empty($modSettings['avatar_max_width_external'])) { if ($size[0] > $modSettings['avatar_max_width_external'] || $size[1] > $modSettings['avatar_max_height_external']) { $txt['char_error_avatar_oversize'] = sprintf($txt['char_error_avatar_oversize'], $size[0], $size[1], $modSettings['avatar_max_width_external'], $modSettings['avatar_max_height_external']); $context['form_errors'][] = $txt['char_error_avatar_oversize']; } else { $changes['avatar'] = $new_avatar; } } else { $changes['avatar'] = $new_avatar; } } elseif ($new_avatar != '') { $context['form_errors'][] = $txt['char_error_avatar_must_be_real_url']; } } $new_sig = !empty($_POST['char_signature']) ? $smcFunc['htmlspecialchars']($_POST['char_signature'], ENT_QUOTES) : ''; $valid_sig = profileValidateSignature($new_sig); if ($valid_sig === true) { $changes['signature'] = $new_sig; } else { $context['form_errors'][] = $valid_sig; } if (!empty($changes) && empty($context['form_errors'])) { if ($context['character']['is_main']) { if (isset($changes['character_name'])) { updateMemberData($context['id_member'], array('real_name' => $changes['character_name'])); } } if (!empty($modSettings['userlog_enabled'])) { $rows = []; foreach ($changes as $key => $new_value) { $change_array = array('previous' => $context['character'][$key], 'new' => $changes[$key], 'applicator' => $context['user']['id'], 'member_affected' => $context['id_member'], 'id_character' => $context['character']['id_character'], 'character_name' => !empty($changes['character_name']) ? $changes['character_name'] : $context['character']['character_name']); if ($key == 'main_char_group') { $change_array['previous'] = $context['member_groups'][$context['character'][$key]]['name']; $change_array['new'] = $context['member_groups'][$changes[$key]]['name']; } if ($key == 'char_groups') { $previous = []; $new = []; foreach (explode(',', $context['character']['char_groups']) as $id_group) { if (isset($context['member_groups'][$id_group])) { $previous[] = $context['member_groups'][$id_group]['name']; } } foreach (explode(',', $changes['char_groups']) as $id_group) { if (isset($context['member_groups'][$id_group])) { $new[] = $context['member_groups'][$id_group]['name']; } } $change_array['previous'] = implode(', ', $previous); $change_array['new'] = implode(', ', $new); } $rows[] = array('id_log' => 2, 'log_time' => time(), 'id_member' => $context['id_member'], 'ip' => $user_info['ip'], 'action' => $context['character']['is_main'] && $key == 'character_name' ? 'real_name' : 'char_' . $key, 'id_board' => 0, 'id_topic' => 0, 'id_msg' => 0, 'extra' => json_encode($change_array)); } if (!empty($rows)) { $smcFunc['db_insert']('insert', '{db_prefix}log_actions', array('id_log' => 'int', 'log_time' => 'int', 'id_member' => 'int', 'ip' => 'inet', 'action' => 'string', 'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string'), $rows, []); } } updateCharacterData($context['character']['id_character'], $changes); $_SESSION['char_updated'] = true; redirectexit('action=profile;u=' . $context['id_member'] . ';area=characters;char=' . $context['character']['id_character'] . ';sa=edit'); } // Put the new values back in for the form $context['character'] = array_merge($context['character'], $changes); if (isset($changes['main_char_group']) || isset($changes['char_groups'])) { foreach (array_keys($context['member_groups']) as $id_group) { $context['member_groups']['is_primary'] = $id_group == $new_id_group; $context['member_groups']['is_additional'] = in_array($id_group, $new_char_groups); } } } $form_value = !empty($context['character']['signature']) ? $context['character']['signature'] : ''; // Get it ready for the editor. $form_value = un_preparsecode($form_value); censorText($form_value); $form_value = str_replace(array('"', '<', '>', ' '), array('"', '<', '>', ' '), $form_value); $context['character']['char_title_raw'] = un_preparsecode($context['character']['char_title']); require_once $sourcedir . '/Subs-Editor.php'; $editorOptions = array('id' => 'char_signature', 'value' => $form_value, 'disable_smiley_box' => false, 'labels' => [], 'height' => '200px', 'width' => '80%', 'preview_type' => 0, 'required' => true); create_control_richedit($editorOptions); addInlineJavascript(' function update_preview() { if ($("#avatar").val() == "") { $("#avatar_preview").html(' . JavaScriptEscape($txt['no_avatar_yet']) . '); } else { $("#avatar_preview").html(\'<img src="\' + $("#avatar").val() + \'" class="avatar" alt="" />\'); } } $(document).ready(function() { update_preview(); }); $("#avatar").on("blur", function() { update_preview(); });', true); createToken('edit-char' . $context['character']['id_character'], 'post'); $context['char_updated'] = !empty($_SESSION['char_updated']); unset($_SESSION['char_updated']); }