/**
* Return localized string by its key and locale.
*
* Do not use this function manually because it is for internal use only and may
* be removed soon. Use {@link getlocal()} function instead.
*
* @access private
* @param string $string Localization string key.
* @param string $locale Target locale code.
* @return string Localized string.
*/
function get_localized_string($string, $locale)
{
$localized = load_messages($locale);
if (isset($localized[$string])) {
return $localized[$string];
}
// The string is not localized, save it to the database to provide an
// ability to translate it from the UI later. At the same time we cannot
// rely on the database during maintenance, thus we should check the
// current system state.
if (get_maintenance_mode() === false) {
save_message($locale, $string, $string);
}
// One can change english strings from the UI. Try to use these strings.
if ($locale != 'en') {
return get_localized_string($string, 'en');
}
// The string is not localized at all. Use it "as is".
return $string;
}
case 'takenewblog':
$Title = db_string($_POST['title']);
$Body = db_string($_POST['body']);
$ThreadID = $_POST['thread'];
if($ThreadID && is_number($ThreadID)) {
$DB->query("SELECT ForumID FROM forums_topics WHERE ID=".$ThreadID);
if($DB->record_count() < 1) {
error_message("No such thread exists!");
header('Location: blog.php');
}
} else {
$ThreadID = create_thread(ANNOUNCEMENT_FORUM_ID, $LoggedUser[ID], $Title, $Body);
if($ThreadID < 1) {
error(0);
}
save_message("Thread ".$ThreadID." created");
}
$DB->query("INSERT INTO blog (UserID, Title, Body, Time, ThreadID) VALUES ('$LoggedUser[ID]', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', '".sqltime()."', ".$ThreadID.")");
$Cache->delete_value('blog');
header('Location: blog.php');
break;
}
}
?>
<div class="box thin">
<div class="head">
<?php
echo empty($_GET['action']) ? 'Create a blog post' : 'Edit blog post';
} else {
$message = "";
$page['locale'] = verifyparam("lang", "/^[\\w-]{2,5}\$/", "");
$page['groupid'] = "";
if ($settings['enablegroups'] == '1') {
$page['groupid'] = verifyparam("group", "/^\\d{0,10}\$/");
}
}
if (isset($_POST['message'])) {
$message = getparam('message');
if (!$message) {
$errors[] = no_field("form.field.message");
}
if (count($errors) == 0) {
if ($stringid) {
save_message($stringid, $message);
} else {
add_message($page['locale'], $page['groupid'], $message);
}
$page['saved'] = true;
prepare_menu($operator, false);
start_html_output();
require '../view/cannededit.php';
exit;
}
}
$page['saved'] = false;
$page['key'] = $stringid;
$page['formmessage'] = topage($message);
prepare_menu($operator, false);
start_html_output();
if (!$dontlog) {
fwrite($handler, $errstr, strlen($errstr));
}
if (!$dontlog) {
fclose($handler);
}
$arr = array('step' => 'send', 'error' => $error, 'begin' => $sn, 'list_id' => $list_id, 'msg_id' => $msg_id, 'sn' => $sn, 'token' => $token, 'pct' => 100, 'TTS' => $tts);
echo json_encode($arr);
}
break;
default:
$message = $_SESSION['message'];
$subject = $_SESSION['subject'];
$format = $_SESSION['format'];
$date = date("Y-m-d H:i:s");
$msg_id = save_message($cnx, $row_config_globale['table_archives'], addslashes($subject), $format, addslashes($message), $date, $list_id);
$cnx->query("UPDATE " . $row_config_globale['table_upload'] . " SET msg_id={$msg_id} WHERE list_id={$list_id} AND msg_id=0");
$dontlog = 0;
if (!($handler = @fopen('logs/list' . $list_id . '-msg' . $msg_id . '.txt', 'a+'))) {
$dontlog = 1;
}
$num = get_newsletter_total_subscribers($cnx, $row_config_globale['table_email'], $list_id);
$sql = "INSERT into " . $row_config_globale['table_send'] . " (`id_mail`, `id_list`, `cpt`) VALUES ('" . $msg_id . "','" . $list_id . "','0')";
$cnx->query($sql);
$sql_suivi = "INSERT into " . $row_config_globale['table_send_suivi'] . " (`list_id`, `msg_id`, `total_to_send`) VALUES ('" . $list_id . "','" . $msg_id . "','" . $num . "')";
$cnx->query($sql_suivi);
$errstr = "============================================================\r\n";
$errstr .= date("d M Y") . "\r\n";
$errstr .= "Started at " . date("H:i:s") . "\r\n";
$errstr .= "N° \t Date \t\t Time \t\t Status \t\t Recipient \r\n";
$errstr .= "------------------------------------------------------------\r\n";
}
save_message("Your permission class has been saved.");
$Cache->delete_value('classes');
} else {
error_message($Err);
}
}
include('managers/permissions_alter.php');
} else {
if (!empty($_REQUEST['removeid'])) {
$DB->query("DELETE FROM permissions WHERE ID='".db_string($_REQUEST['removeid'])."'");
$DB->query("UPDATE users_main SET PermissionID='".USER."' WHERE PermissionID='".db_string($_REQUEST['removeid'])."'");
save_message("The permission class has been removed.");
$Cache->delete_value('classes');
}
include('managers/permissions_list.php');
}
break;
case 'ip_ban':
//TODO: Clean up db table ip_bans.
include("managers/bans.php");
break;
//Data
case 'registration_log':
<?
require_once '../../../inc/database.inc.php';
if (isset($_POST['message'])) {
$link = database_init();
save_message($link, $_POST['message']);
}
header('Location: /status/admin/');
?>
}
$Short = $_POST['type'];
$Type = $Types[$Short];
$ID = $_POST['id'];
$Reason = $_POST['reason'];
show_header('Reported '.$Type['title']);
$DB->query("INSERT INTO reports
(UserID, ThingID, Type, ReportedTime, Reason)
VALUES
(".db_string($LoggedUser['ID']).", ".$ID." , '".$Short."', '".sqltime()."', '".db_string($Reason)."')");
$Cache->delete_value('num_other_reports');
save_message($Type['title']." reported!");
switch($Short) {
case "request" :
header('Location: requests.php?action=view&id='.$ID);
break;
case "user" :
header('Location: user.php?id='.$ID);
break;
case "collage" :
header('Location: collages.php?id='.$ID);
break;
case "thread" :
header('Location: forums.php?action=viewthread&threadid='.$ID);
break;
case "post" :
$lang1 = $messages[$source];
if (!isset($messages[$target])) {
load_messages($target);
}
$lang2 = $messages[$target];
$errors = array();
$page = array('lang1' => $source, 'lang2' => $target, 'title1' => isset($lang1["localeid"]) ? $lang1["localeid"] : $source, 'title2' => isset($lang2["localeid"]) ? $lang2["localeid"] : $target);
if ($stringid) {
$translation = isset($lang2[$stringid]) ? $lang2[$stringid] : "";
if (isset($_POST['translation'])) {
$translation = getparam('translation');
if (!$translation) {
$errors[] = no_field("form.field.translation");
}
if (count($errors) == 0) {
save_message($target, $stringid, $translation);
$page['saved'] = true;
prepare_menu($operator, false);
start_html_output();
require '../view/translate.php';
exit;
}
}
$page['saved'] = false;
$page['key'] = $stringid;
$page['target'] = $target;
$page['formoriginal'] = isset($lang1[$stringid]) ? $lang1[$stringid] : "<b><unknown></b>";
$page['formtranslation'] = $translation;
prepare_menu($operator, false);
start_html_output();
require '../view/translate.php';
#!/usr/bin/php <? require_once 'inc/database.inc.php'; $link = database_init(); save_message($link, $argv[1]); ?>
<?
if (!check_perms('site_collages_recover')) {
error(403);
}
if($_POST['collage_id'] && is_number($_POST['collage_id'])) {
$CollageID = $_POST['collage_id'];
$DB->query("UPDATE collages SET Deleted = '0' WHERE ID=$CollageID");
$Cache->delete_value('collage_'.$CollageID);
write_log("Collage ".$CollageID." was recovered by ".$LoggedUser['Username']);
save_message("Collage recovered \o/");
header("Location: collages.php?id=$CollageID");
}
show_header("Collage recovery!");
show_message();
?>
<div class="thin center">
<div class="box" style="width:600px; margin:0px auto;">
<div class="head colhead">
Recover deleted collage
</div>
<div class="pad">
<form action="collages.php" method="post">
<input type="hidden" name="action" value="recover" />
<strong>ID: </strong>
<input type="text" name="collage_id" size="8" />
<input value="Recover!" type="submit" />
</form>
</div>
</div>
</div>
$Subject='';
$DB->query("SELECT UserID FROM pm_conversations_users WHERE UserID='$LoggedUser[ID]' AND ConvID='$ConvID'");
if($DB->record_count() == 0) {
error(403);
}
} else {
$ConvID='';
$Subject = trim($_POST['subject']);
if (empty($Subject)) {
$Err = "You can't send a message without a subject";
}
}
$Body = trim($_POST['body']);
if(empty($Body)) {
$Err = "You can't send a message without a body!";
}
if(!empty($Err)) {
save_message($Err);
//header('Location: inbox.php?action=compose&to='.$_POST['toid']);
$ToID = $_POST['toid'];
$Return = true;
include(SERVER_ROOT.'/sections/inbox/compose.php');
die();
}
$ConvID = send_pm($_POST['toid'],$LoggedUser['ID'],db_string($Subject),db_string($Body),$ConvID);
header('Location: inbox.php');
?>
/**
* Processes submitting of the form which is generated in
* {@link \Mibew\Controller\TranslateController::showEditFormAction()}
* method.
*
* @param Request $request Incoming request.
* @return string Rendered page content.
*/
public function submitEditFormAction(Request $request)
{
csrf_check_token($request);
$operator = $this->getOperator();
$errors = array();
$string_id = $request->attributes->get('string_id');
$string = $this->loadString($string_id);
if (!$string) {
throw new NotFoundException('The string is not found.');
}
$target = $string['locale'];
$translation = $request->request->get('translation');
if (!$translation) {
$errors[] = no_field("Translation");
}
if (count($errors) != 0) {
$request->attributes->set('errors', $errors);
// The form should be rebuild. Invoke appropriate action.
return $this->showEditFormAction($request);
}
save_message($target, $string['source'], $translation);
// Remove cached client side translations.
$this->getCache()->getItem('translation/js/' . $target)->clear();
$page['saved'] = true;
$page['title'] = getlocal("Translations");
$page = array_merge($page, prepare_menu($operator, false));
return $this->render('translation_edit', $page);
}
}
if(isset($_POST['all'])) {
$DB->query("DELETE FROM users_sessions WHERE UserID='$UserID' AND SessionID<>'$SessionID'");
$UserSessions = array($SessionID=>array('SessionID'=>$SessionID,'Browser'=>$Browser,'OperatingSystem'=>$OperatingSystem,'IP'=>$SessionIP,'LastUpdate'=>sqltime()));
$Cache->cache_value('users_sessions_'.$UserID, $UserSessions, 0);
save_message("All other sessions have been removed (logged out)");
}
if (isset($_POST['session'])) {
$DB->query("DELETE FROM users_sessions WHERE UserID='$UserID' AND SessionID='".db_string($_POST['session'])."'");
unset($UserSessions[$_POST['session']]);
$Cache->begin_transaction('users_sessions_'.$UserID);
$Cache->delete_row($_POST['session']);
$Cache->commit_transaction(0);
save_message("The selected session has been removed (logged out)");
}
list($UserID, $Username) = array_values(user_info($UserID));
show_header($Username.' > Sessions');
show_message();
?>
<div class="thin">
<h2><?php
echo format_username($UserID, $Username);
?>
> Sessions</h2>
<div class="box pad">
<p>Note: Clearing cookies can result in ghost sessions which are automatically removed after 30 days.</p>
</div>
$data = get_email($clientID);
echo "<br>" . $data['emailadd'];
$destination = $data['emailadd'];
#the client's email address
$origin = '*****@*****.**';
#admin's email address
$max = $cpimages[$i]->imptotal;
$current = $cpimages[$i]->impmade;
$status = $cpimages[$i]->banner_show;
$message = "To Our Valued Customer, <br><br>";
$message .= "We would like to inform you about the following regarding your advertisments:";
#the message
$message .= "<br>Purchased Impressions: <strong>" . $max . "</strong>";
$message .= "<br>Remaining Impressions: <strong>" . $current . "</strong>";
$message .= "<br>Ad Status : <strong>" . $status . "</strong>";
$responder = new auto_res($destination, $message, $origin);
if ($responder->notification_mail($max, $current, $status)) {
$message .= "<br><br><br><br>";
$message .= "The above message was successfully sent to: ";
$message .= "Corporate Partner: <strong>" . $data['clientname'] . "</strong>";
$message .= "<br>Email Address: <strong>" . $data['emailadd'] . "</strong>";
$message .= "<br>On (Date): <strong>" . date("Y-m-d") . "</strong>";
save_message($userID_from, 1, date("Ymd"), 'Unread', 'Notification', $message);
#message to admin
save_message(1, $clientID, date("Ymd"), 'Unread', 'Notification', $message);
#message to client
} else {
$message .= "<br><br><strong>Fail To Send This message. Probably Invalid Email Address.</strong>";
save_message($userID_from, 1, date("Ymd"), 'Unread', 'Notification', $message);
#message to admin if fail
}
(ReporterID, TorrentID, Type, UserComment, Status, ReportedTime, Track, Image, ExtraID, Link)
VALUES
(".db_string($LoggedUser['ID']).", $TorrentID, '".$Type."', '$Extra', 'New', '".sqltime()."', '$Tracks', '$Images', '$ExtraIDs', '$Links')");
$ReportID = $DB->inserted_id();
$ReportArray = $Cache->get_value('reports_torrent_'.$TorrentID);
if(!$ReportArray) {
$DB->query("SELECT r.ID,
r.ReporterID,
reporter.Username,
r.Type,
r.UserComment,
r.ReportedTime
FROM reportsv2 AS r
LEFT JOIN users_main AS reporter ON reporter.ID=r.ReporterID
WHERE TorrentID = $TorrentID
AND Type != 'edited'
AND Status != 'Resolved'");
$ReportArray = $DB->to_array();
$Cache->cache_value('reports_torrent_'.$TorrentID, $ReportArray, 0);
}
$ReportArray[] = array($ReportID, $LoggedUser['ID'], $LoggedUser['Username'], $Type, $Extra, sqltime());
$Cache->cache_value($ReportArray, 'reports_torrent_'.$TorrentID, 0);
$Cache->increment('num_torrent_reportsv2');
save_message("Torrent Reported!");
header('Location: torrents.php?torrentid='.$TorrentID);
?>
if ($ResetPassword) {
$Secret=make_secret();
$PassHash=make_hash($_POST['new_pass_1'],$Secret);
$SQL.=",m.Secret='".db_string($Secret)."',m.PassHash='".db_string($PassHash)."'";
$DB->query("INSERT INTO users_history_passwords
(UserID, ChangerIP, ChangeTime) VALUES
('$UserID', '$ChangerIP', '".sqltime()."')");
}
if (isset($_POST['resetpasskey'])) {
$OldPassKey = db_string($LoggedUser['torrent_pass']);
$NewPassKey = db_string(make_secret());
$ChangerIP = db_string($LoggedUser['IP']);
$SQL.=",m.torrent_pass='******'";
$DB->query("INSERT INTO users_history_passkeys
(UserID, OldPassKey, NewPassKey, ChangerIP, ChangeTime) VALUES
('$UserID', '$OldPassKey', '$NewPassKey', '$ChangerIP', '".sqltime()."')");
$Cache->begin_transaction('user_info_heavy_'.$UserID);
$Cache->update_row(false, array('torrent_pass'=>$NewPassKey));
$Cache->commit_transaction(0);
}
$SQL.="WHERE m.ID='".db_string($UserID)."'";
$DB->query($SQL);
save_message("Your profile has been saved.");
header('Location: user.php?action=edit&userid='.$UserID);
?>