public function Execute(Template $template, Session $session, $request)
 {
     $this->dba = DBA::Open();
     $template = CreateAncestors($template, $template['L_ADMINPANEL']);
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         $template->content = array('file' => 'admin/admin.html');
         $template->admin_panel = array('file' => 'admin/mod_permissions.html');
         if (isset($request['forum']) && intval($request['forum']) != 0) {
             $forum = $this->dba->GetRow("SELECT * FROM " . FORUMS . " WHERE id = " . intval($request['forum']));
             /* Set the template variables */
             $template['forum_id'] = $forum['id'];
             $template['can_view'] = $forum['can_view'];
             $template['can_read'] = $forum['can_read'];
             $template['can_post'] = $forum['can_post'];
             $template['can_reply'] = $forum['can_reply'];
             $template['can_edit'] = $forum['can_edit'];
             $template['can_sticky'] = $forum['can_sticky'];
             $template['can_announce'] = $forum['can_announce'];
             $template['can_vote'] = $forum['can_vote'];
             $template['can_pollcreate'] = $forum['can_pollcreate'];
             $template['can_attach'] = $forum['can_attach'];
         } else {
             return new Error($template['L_FORUMDOESNTEXIST'], $template);
         }
     }
     return TRUE;
 }
 public function Execute(Template $template, Session $session, $request)
 {
     $this->dba = DBA::Open();
     /* Create the ancestors bar (if we run into any trouble */
     $template = CreateAncestors($template, $template['L_INFORMATION']);
     if ($session['user'] instanceof Guest) {
         $email = htmlspecialchars($request['email']);
         if ($email == check_mail($email)) {
             if ($this->dba->Query("SELECT * FROM " . USERS . " WHERE email = '{$email}'")->NumRows() > 0) {
                 $new_pw = $this->GetRandom();
                 $forum = $this->dba->GetValue("SELECT name FROM " . FORUMS . " WHERE row_left = 1");
                 $username = $this->dba->GetValue("SELECT name FROM " . USERS . " WHERE email = '{$email}'");
                 if (mail($email, sprintf($template['L_PWSENTSUBJECT'], $forum), sprintf($template['L_PWSENTMESSAGE'], $forum, $username, $new_pw, $forum), "From: \"Password Reset - k4 Bulletin Board Mailer\" <noreply@" . $_SERVER['HTTP_HOST'] . ">")) {
                     $this->dba->Query("UPDATE " . USERS . " SET pass = '******' WHERE email = '{$email}'");
                     return new Error($template['L_PASSWORDSENT'] . '<meta http-equiv="refresh" content="2; url=index.php">', $template);
                 } else {
                     return new Error($template['L_ERRORRESETPW'], $template);
                 }
             } else {
                 return new Error($template['L_INVALIDEMAIL'], $template);
             }
         } else {
             return new Error($template['L_INVALIDEMAIL'], $template);
         }
     } else {
         return new Error($template['L_CANTBELOGGEDIN'], $template);
     }
 }
 public function Execute(Template $template, Session $session, $request)
 {
     $this->dba = DBA::Open();
     $template = CreateAncestors($template, $template['L_ADMINPANEL']);
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         if (isset($request['forum']) && isset($request['days'])) {
             /* Turn the board off for safety reasons */
             $this->dba->Execute("UPDATE " . SETTING . " SET value = '0' WHERE varname = 'bbactive'");
             $days = intval($request['days']);
             $forum = intval($request['forum']);
             $created = $days == 0 ? time() : time() - $days * 24 * 3600;
             $prune = new Prune();
             if ($forum == -1) {
                 foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) {
                     $prune->KillNode($post);
                 }
             } else {
                 foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE parent_id = " . $forum . " AND row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) {
                     $prune->KillNode($post);
                 }
             }
             /* Turn the board back on */
             $this->dba->Execute("UPDATE " . SETTING . " SET value = '1' WHERE varname = 'bbactive'");
             return new Error($template['L_PRUNESUCCESS'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=prune">', $template);
         } else {
             return new Error($template['L_FORUMDOESNTEXIST'], $template);
         }
     }
     return TRUE;
 }
 public function __construct($request)
 {
     global $lang;
     $this->lang = $lang;
     if (isset($_GET['sort']) && $_GET['sort'] != "*") {
         //if($request['sort'] == "*") {
         //$order ="[a-zA-Z].*$";
         //$like = 'REGEXP';
         //} else {
         $order = strtolower($_GET['sort']) . '%';
         $like = 'LIKE';
         //}
     } else {
         $order = "%";
         $like = 'LIKE';
     }
     $limit = isset($_GET['limit']) ? intval($_GET['limit']) : NULL;
     $start = isset($_GET['start']) ? intval($_GET['start']) : NULL;
     global $settings;
     $db_type = get_setting(get_setting('application', 'dba_name'), 'type');
     $proper_limit = $db_type == 'pgsql' ? "LIMIT {$limit} OFFSET {$start}" : "LIMIT {$start}, {$limit}";
     $extra = !is_null($limit) && !is_null($start) ? $proper_limit : "LIMIT " . $settings['memberlistperpage'];
     $query = "SELECT * FROM " . USERS . " WHERE name {$like} '{$order}' {$extra}";
     $this->users = DBA::Open()->Query($query)->GetIterator();
 }
 public function __construct()
 {
     $expired = time() - Lib::GetSetting('sess.gc_maxlifetime');
     $users = DBA::Open()->Query("SELECT * FROM " . USERS . " WHERE birthday != 0");
     $this->count = $users->NumRows();
     $this->users = $users->GetIterator();
     $this->i = 1;
 }
 public function __construct()
 {
     $url = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
     $this->config = new Config();
     $this->last_year = new Url($url);
     $this->last_month = new Url($url);
     $this->next_year = new Url($url);
     $this->next_month = new Url($url);
     $this->dba = DBA::Open();
 }
 public function Execute(Template $template, Session $session, $request)
 {
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         $id = intval($request['bwid']);
         if (DBA::Open()->Query("DELETE FROM " . BADWORDS . " WHERE id = {$id}")) {
             header("Location: admin.php?act=censoring");
         }
     }
     return TRUE;
 }
 public function setForumPermissions($forum_id, $request)
 {
     $dba = DBA::Open();
     foreach ($request as $key => $val) {
         $request['key'] = $dba->Quote(intval($val));
     }
     if ($dba->Query("UPDATE " . FORUMS . " SET can_attach = " . $request['can_attach'] . ", can_view = " . $request['can_view'] . ", can_read = " . $request['can_read'] . ", can_post = " . $request['can_post'] . ", can_reply = " . $request['can_reply'] . ", can_edit = " . $request['can_edit'] . ", can_sticky = " . $request['can_sticky'] . ", can_announce = " . $request['can_announce'] . ", can_vote = " . $request['can_vote'] . ", can_pollcreate = " . $request['can_pollcreate'] . " WHERE id = {$forum_id}")) {
         return TRUE;
     } else {
         return FALSE;
     }
 }
Exemple #9
0
 public function Execute(Template $template, Session $session, $request)
 {
     $forum = new Forum();
     //foreach(DBA::Open()->Query("SELECT * FROM ". SESSIONS) as $s) { print_r($s); }
     //$rows = $forum->getForums((@$session['user']['perms'] & ADMIN));
     /* Set the templates */
     $template->content = array('file' => 'forums.html');
     if ($template['WOLenable'] == 1) {
         $template->users_online = array('file' => 'online_users.html');
     }
     if ($template['showbirthdays'] == 1) {
         $template->todays_bdays = array('file' => 'birthdays.html');
     }
     $suspend = $session['user']['perms'] & ADMIN ? 1 : 0;
     /* Set the forums and categoris */
     $template->categories = new ForumList(FALSE, $suspend);
     /* Set the title of the page */
     $template['title'] = $template['L_HOME'];
     $expired = time() - Lib::GetSetting('sess.gc_maxlifetime');
     /* Display message for unlogged users */
     if ($session['user'] instanceof Guest) {
         $template['welcome_title'] = sprintf($template['L_WELCOMETITLE'], $template['forum_description']);
         // you can use forum_name here instead
         $template['welcome_msg'] = $template['L_WELCOMEMESSAGE'];
     } else {
         $template->welcome_msg = array('hide' => TRUE);
     }
     /* Set the online users list */
     if ($template['displayloggedin'] == 1) {
         $template->online_users = new Online_Users();
     }
     if ($template['showbirthdays'] == 1) {
         $template->birthdays = new Birthdays();
     }
     //DBA::Open()->Execute("delete from k4_pmsgs");
     //echo DBA::Open()->GetValue("select count(*) from k4_pmsgs");
     //print_r(DBA::Open()->GetRow("SELECT * FROM ". FORUMS ." WHERE row_left = 1"));
     //foreach(DBA::Open()->Query("SELECT * FROM ". POSTS ." WHERE row_left < 0 OR row_right < 0") as $t) { print_r($t); }
     $stats = DBA::Open()->GetRow("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE invisible = 0) AS num_members, (SELECT COUNT(s.uid) FROM " . USERS . " u, " . SESSIONS . " s WHERE u.invisible = 1 AND u.id = s.uid) AS num_invisible, (SELECT MAX(id) FROM " . USERS . ") AS newest_uid, (SELECT name FROM " . USERS . " ORDER BY created DESC LIMIT 1) AS newest_user, (SELECT COUNT(*) FROM " . USERS . " WHERE seen >= {$expired}) AS num_online, (SELECT COUNT(*) FROM " . POSTS . ") AS num_articles, (SELECT COUNT(*) FROM " . SESSIONS . ") AS num_total FROM " . USERS);
     /* Set the board statistics */
     $template['newest_member'] = sprintf($template['L_NEWESTMEMBER'], $stats['newest_uid'], $stats['newest_user']);
     $template['total_posts'] = sprintf($template['L_TOTALPOSTS'], $stats['num_articles']);
     $template['total_users'] = sprintf($template['L_TOTALUSERS'], $stats['num_members']);
     $guests = $stats['num_total'] - $stats['num_online'] < 0 ? 0 : $stats['num_total'] - $stats['num_online'];
     $guests = $template['WOLguests'] == 1 ? $guests : '--';
     $template['online_stats'] = sprintf($template['L_ONLINEUSERSTATS'], $stats['num_total'], $stats['num_online'], $guests, $stats['num_invisible']);
     /* Set the number of queries */
     $template['num_queries'] = $session->dba->num_queries;
     return TRUE;
 }
Exemple #10
0
 public function Execute(Template $template, Session $session, $request)
 {
     /* Create the ancestors bar (if we run into any trouble */
     $template = CreateAncestors($template, $template['L_LOGOUT']);
     if ($session['user'] instanceof Member) {
         setcookie('k4_lastactive', time(), time() + 3600 * 24 * 60);
         // expire in 30 days
         DBA::Open()->Query("UPDATE " . USERS . " SET last_seen = seen, seen = 0 WHERE id = " . $session['user']['id']);
         $session['user'] = new Guest();
         $session['rememberme'] = 'off';
         header("Location: {$_SERVER['HTTP_REFERER']}");
         exit;
     } else {
         return new Error($template['L_NEEDLOGGEDIN'], $template);
     }
     return FALSE;
 }
 public function Execute(Template $template, Session $session, $request)
 {
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         $dba = DBA::Open();
         if (!$request['name']) {
             return new Error(sprintf($template['L_REQUIREDFIELDS'], $template['L_NAME']), $template);
         }
         if (!$request['description']) {
             return new Error(sprintf($template['L_REQUIREDFIELDS'], $template['L_DESCRIPTION']), $template);
         }
         if (!$request['mod_name']) {
             return new Error(sprintf($template['L_REQUIREDFIELDS'], $template['L_MODERATOR']), $template);
         }
         if (!$request['perms']) {
             return new Error(sprintf($template['L_REQUIREDFIELDS'], $template['L_PERMISSIONS']), $template);
         }
         $name = $dba->Quote($request['name']);
         $id = intval($request['id']);
         $description = $dba->Quote($request['description']);
         $mod_name = $dba->Quote($request['mod_name']);
         try {
             $mod = $dba->GetRow("SELECT * FROM " . USERS . " WHERE name = '{$mod_name}'");
             $permissions = intval($request['perms']);
             $users = $dba->Query("SELECT * FROM " . USER_IN_GROUP . " WHERE group_id = {$id}");
             foreach ($users as $user) {
                 $temp_user = $dba->GetRow("SELECT * FROM " . USERS . " WHERE id = " . $user['id']);
                 if ($permissions > $temp_user['perms']) {
                     @$dba->Query("UPDATE " . USERS . " SET perms = {$permissions} WHERE id = " . $user['id']);
                 }
             }
             if (@$dba->Query("UPDATE " . GROUPS . " SET name = '{$name}', description = '{$description}', mod_name = '" . $mod['name'] . "', mod_id = " . $mod['id'] . ", permissions = {$permissions} WHERE id = {$id}")) {
                 header("Location: admin.php?act=groups");
             }
         } catch (DBA_Exception $e) {
             return new TplException($e, $template);
         }
     }
     return TRUE;
 }
 public function __construct($row, $revert)
 {
     $this->revert = $revert;
     $this->item = DBA::Open()->Query("SELECT * FROM " . FAQ . " WHERE parent_id = " . $row['id'])->GetIterator();
 }
Exemple #13
0
 public function Execute(Template $template, Session $session, $request)
 {
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         if (!isset($request['parent_id']) || !@$request['parent_id']) {
             return new Error(sprintf($template['L_REQUIREDFIELDSSF'], $template['L_CATEGORY']), $template);
         }
         if (!isset($request['question']) || !@$request['question']) {
             return new Error(sprintf($template['L_REQUIREDFIELDSSF'], $template['L_QUESTION']), $template);
         }
         if (!isset($request['question']) || !@$request['message']) {
             return new Error(sprintf($template['L_REQUIREDFIELDSSF'], $template['L_ANSWER']), $template);
         }
         $dba = DBA::Open();
         $parent_id = intval($request['parent_id']);
         $question = $dba->Quote($request['question']);
         $parser = new BBParser($request['message']);
         $answer = $dba->Quote($parser->Execute());
         if (intval($request['add']) == 1) {
             if ($dba->Query("INSERT INTO " . FAQ . " (parent_id, question, answer) VALUES ({$parent_id}, '{$question}', '{$answer}')")) {
                 header("Location: admin.php?act=faq");
             }
         } else {
             $id = intval($request['id']);
             if ($dba->Query("UPDATE " . FAQ . " SET parent_id = {$parent_id}, question = '{$question}', answer = '{$answer}' WHERE id = {$id}")) {
                 header("Location: admin.php?act=faq");
             }
         }
     }
 }
Exemple #14
0
 public function Execute(Template $template, Session $session, $request)
 {
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         $css = new CSS();
         $dba = DBA::Open();
         if (isset($_FILES["imported_file"]["tmp_name"])) {
             $filename = 'Uploads/' . $_FILES["imported_file"]["name"];
             if (move_uploaded_file($_FILES["imported_file"]["tmp_name"], $filename)) {
                 //if(is_uploaded_file($filename)) {
                 include $filename;
                 header("Location: admin.php?act=css");
                 //}
             }
         }
     }
     return TRUE;
 }
 public function __construct($row, $extra = FALSE, $suspend)
 {
     global $lang;
     global $settings;
     $this->lang = $lang;
     $this->settings = $settings;
     $this->session = $_SESSION;
     $this->session['user']['perms'] = intval($this->session['user']['perms']) == 0 ? ALL : $this->session['user']['perms'];
     $this->suspend = $suspend;
     $this->dba = DBA::Open();
     $this->child = $this->dba->Query("SELECT * FROM " . FORUMS . " WHERE row_left > " . $row['row_left'] . " AND row_right < " . $row['row_right'] . " AND suspend <= {$this->suspend} AND can_view <= " . intval($this->session['user']['perms']) . " {$extra}" . " ORDER BY f_order ASC")->GetIterator();
 }
<?php

/**********************************************************************************
 *     k4 Bulletin Board
 *     lang.php (English language pack)
 *     Copyright (c) 2004, Peter Goodman
 *     Permission is hereby granted, free of charge, to any person obtaining 
 *     a copy of this software and associated documentation files (the 
 *     "Software"), to deal in the Software without restriction, including 
 *     without limitation the rights to use, copy, modify, merge, publish, 
 *     distribute, sublicense, and/or sell copies of the Software, and to 
 *     permit persons to whom the Software is furnished to do so, subject to 
 *     the following conditions:
 *     The above copyright notice and this permission notice shall be 
 *     included in all copies or substantial portions of the Software.
 *     THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
 *     EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
 *     MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
 *     NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 
 *     BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 
 *     ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 
 *     CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 
 *     SOFTWARE.
 *********************************************************************************/
error_reporting(E_STRICT | E_ALL);
/*------------------------------- SETTINGS -------------------------------- */
$settings = array();
foreach (DBA::Open()->Query("SELECT * FROM " . SETTING) as $setting) {
    $settings[$setting['varname']] = $setting['value'];
}
/*------------------------------------------------------------------------- */
 public function __construct()
 {
     $this->session = $_SESSION;
     $this->dba = DBA::Open();
     $this->friends = $this->dba->Query("SELECT * FROM " . PMSG_LIST . " WHERE member_list_id = " . $this->session['user']['id'] . " AND user_liked = 0")->GetIterator();
 }
Exemple #18
0
 public function __construct()
 {
     $this->dba = DBA::Open();
 }
Exemple #19
0
 public function __construct()
 {
     $this->forums = DBA::Open()->Query("SELECT * FROM " . FORUMS . " WHERE row_left > 1 AND row_level > 1 ORDER BY row_left ASC")->GetIterator();
 }
Exemple #20
0
 public function Execute(Template $template, Session $session, $request)
 {
     if (isset($request['id'])) {
         /* Instanciate the forum class */
         $forum = new Forum();
         $id = intval($request['id']);
         $suspend = $session['user']['perms'] & ADMIN ? 1 : 0;
         $row = $forum->getForum($id);
         /* Simple redirect to index.php */
         if ($row['row_left'] == 1) {
             exit(header("Location: index.php"));
         }
         /* Check if the Category or forum exists */
         if (!$row) {
             return new Error($template['L_FORUMDOESNTEXIST'], $template);
         }
         /* Create the ancestors list with the results from the get category query */
         $template = CreateAncestors($template, $row, $suspend);
         /* Are we looking at forums within a category? */
         if ($row['row_level'] == 1) {
             $template->welcome_msg = array('hide' => TRUE);
             $template->content = array('file' => 'forums.html');
             $template->categories = new ForumList($id, $suspend);
         } else {
             if ($row['row_level'] >= 2) {
                 /* Make sure that the forum isn't a link */
                 if ($row['is_link'] == 0) {
                     /* Is this forum password-protected? */
                     if ($row['private'] == 1 && @$_SESSION['forum_logged'] != $row['id']) {
                         $template['forum_id'] = $row['id'];
                         $template->content = array('file' => 'forum_login.html');
                     } else {
                         /* Get the user permissions */
                         $user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL;
                         /* If the current user is allowed to read the forums */
                         if ($user_perms >= $row['can_view']) {
                             if ($row['subforums'] > 0) {
                                 $template->subforums = new SubForumList($row, FALSE, $suspend);
                             } else {
                                 $template->sub_forums = array('hide' => TRUE);
                             }
                             /* Set the template */
                             $template->content = array('file' => 'forum.html');
                             if (isset($request['sort']) && isset($request['order'])) {
                                 $template[$request['sort'] . '_sort'] = $request['order'] == 'ASC' ? '&nbsp;<img src="Images/' . $template['imageset'] . '/Icons/arrow_up.gif" alt="" border="0" />' : '&nbsp;<img src="Images/' . $template['imageset'] . '/Icons/arrow_down.gif" alt="" border="0" />';
                             }
                             if (!isset($request['order'])) {
                                 $template['order'] = 'DESC';
                             } else {
                                 $template['order'] = $request['order'] == 'DESC' ? 'ASC' : 'DESC';
                             }
                             /* This could return an instance of the SetError class, so we'll check that */
                             $threads = new ThreadIterator($session);
                             /* Check if there was an error */
                             if ($threads instanceof SetError) {
                                 return new Error($threads->message, $template);
                             } else {
                                 $template->threads = $threads;
                             }
                             $template['total_posts'] = $row['threads'];
                             $template['forum_id'] = $row['id'];
                             $template['postlimit'] = $row['threadsperpage'];
                             $template['pag_start'] = isset($request['start']) ? intval(@$request['start']) : 0;
                         } else {
                             return new Error($template['L_PERMCANTVIEW'], $template);
                         }
                     }
                 } else {
                     DBA::Open()->Execute("UPDATE " . FORUMS . " SET referals = referals+1 WHERE id = " . $row['id']);
                     header("Location: " . $row['link_href']);
                 }
             } else {
                 return new Error($template['L_ERRORVIEWFORUM'], $template);
             }
         }
     } else {
         return new Error($template['L_INVALIDFORUM'], $template);
     }
     /* Set the number of queries */
     $template['num_queries'] = $session->dba->num_queries;
     return TRUE;
 }
Exemple #21
0
 public function Execute(Template $template, Session $session, $request)
 {
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         $css = @$_POST['styleset_id'];
         $dba = DBA::Open();
         $styleset = $dba->GetRow("SELECT * FROM " . STYLES . " WHERE id = '" . $css . "'");
         $styles = $dba->Query("SELECT * FROM " . CSS . " WHERE style_id = '" . $css . "' ORDER BY name ASC");
         $str = "<?php\n\n";
         $str .= "if(isset(\$dba) && isset(\$css)) {\n";
         $str .= "\t\$dba->Query(\"INSERT INTO \". STYLES .\" (name, description) VALUES ('" . $styleset['name'] . "', '" . $styleset['description'] . "')\");\n\n";
         $str .= "\t\$styleset = \$dba->GetValue(\"SELECT MAX(id) FROM \". STYLES );\n\n";
         foreach ($styles as $s) {
             $str .= "\t\$css->AddClass(\"" . $dba->Quote($s['name']) . "\", \"" . $this->proper_quote($dba->Quote($this->remove_lines($s['properties']))) . "\", \$styleset, \"" . $this->proper_quote($dba->Quote($s['description'])) . "\");\n";
             //echo '". $s['name'] ."';
         }
         $str .= "\n} else {\n";
         $str .= "\techo 'The \$dba and \$css variables have not been set.';";
         $str .= "}";
         $str .= "\n?>";
         $output_file = 'k4.' . $styleset['name'] . '.php';
         @ob_end_clean();
         @ini_set('zlib.output_compression', 'Off');
         header('Pragma: public');
         header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
         header('Cache-Control: no-store, no-cache, must-revalidate');
         // HTTP/1.1
         header('Cache-Control: pre-check=0, post-check=0, max-age=0');
         // HTTP/1.1
         header('Content-Transfer-Encoding: none');
         header('Content-Type: application/octetstream; name="' . $output_file . '"');
         //This should work for IE & Opera
         header('Content-Type: application/octet-stream; name="' . $output_file . '"');
         //This should work for the rest
         header('Content-Disposition: inline; filename="' . $output_file . '"');
         echo $str;
         exit;
     }
     /* Set the number of queries */
     $template['num_queries'] = $session->dba->num_queries;
     return TRUE;
 }
Exemple #22
0
 public function Execute(Template $template, Session $session, $request)
 {
     $this->dba = DBA::Open();
     /* Ancestors Bar */
     $template = CreateAncestors($template, $template['L_LOCKTHREAD']);
     /* Check permissions */
     if ($session['user'] instanceof Member && $session['user']['perms'] >= MOD) {
         /* Set the templates */
         $template->content = array('file' => 'admin/admin.html');
         $row = $this->dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = " . intval($request['id']));
         if (!empty($row) && isset($row['id'])) {
             /* Lock the thread */
             $this->dba->Execute("UPDATE " . POSTS . " SET row_locked = 1 WHERE id = " . $row['id']);
             return new Error($template['L_LOCKEDTHREAD'] . '<meta http-equiv="refresh" content="2; url=viewforum.php?id=' . $row['forum_id'] . '">', $template);
         } else {
             return new Error($template['L_INVALIDTHREADID'], $template);
         }
     }
     /* Set the number of queries */
     $template['num_queries'] = $session->dba->num_queries;
     return TRUE;
 }
Exemple #23
0
 public function __construct()
 {
     $this->dba = DBA::Open();
     $this->ranks = $this->dba->Query("SELECT * FROM " . RANKS)->GetIterator();
 }
 public function __construct()
 {
     $expired = time() - Lib::GetSetting('sess.gc_maxlifetime');
     $this->users = DBA::Open()->Query("SELECT * FROM " . USERS . " WHERE seen >= {$expired} AND invisible = 0")->GetIterator();
 }
Exemple #25
0
 public function Execute(Template $template, Session $session, $request)
 {
     $this->dba = DBA::Open();
     $template = CreateAncestors($template, $template['L_ADMINPANEL']);
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         $user = $this->dba->Quote($request['name']);
         if ($this->dba->Query("SELECT * FROM " . USERS . " WHERE name = '{$user}'")->NumRows() == 1) {
             $id = $this->dba->GetValue("SELECT id FROM " . USERS . " WHERE name = '{$user}'");
             if (isset($request['edit'])) {
                 header("Location: member.php?id=" . $id);
             } else {
                 if (isset($request['delete'])) {
                     if ($id != 1) {
                         $this->dba->Execute("DELETE FROM " . SESSIONS . " WHERE uid = " . $id);
                         $this->dba->Execute("DELETE FROM " . USERS . " WHERE id = " . $id);
                         $this->dba->Execute("UPDATE " . POSTS . " SET poster_id = 0 WHERE poster_id = " . $id);
                         $this->dba->Execute("UPDATE " . FORUMS . " SET thread_uid = 0 WHERE thread_uid = " . $id);
                         return new Error($template['L_DELETEDUSER'], $template);
                     } else {
                         return new Error($template['L_CANNOTDELETEADMIN'], $template);
                     }
                 }
             }
         } else {
             return new Error($template['L_USERDOESNTEXIST'], $template);
         }
     }
 }
 public function __construct($id)
 {
     $this->id = $id;
     $this->dba = DBA::Open();
     $this->options = $this->dba->Query("SELECT * FROM " . POLLOPTIONS . " WHERE poll_id = {$this->id}")->GetIterator();
 }
Exemple #27
0
 public function Execute(Template $template, Session $session, $request)
 {
     $dba = DBA::Open();
     /* Create the ancestors bar (if we run into any trouble */
     $template = CreateAncestors($template, $template['L_EDITPOST']);
     /* Set the user's permissions */
     $user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL;
     if ($session['user'] instanceof Member) {
         $id = intval(@$request['id']);
         if (isset($request['id']) && $id != 0) {
             try {
                 @($post = $dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = {$id}"));
             } catch (DBA_Exception $e) {
                 return new TplException($e, $template);
             }
             if (is_array($post) && !empty($post)) {
                 /* Try and get the forum */
                 try {
                     @($f = new Forum());
                     @($forum = $f->getForum($post['forum_id']));
                 } catch (DBA_Exception $e) {
                     return new TplException($e, $template);
                 }
                 if ($user_perms >= $forum['can_edit'] && ($session['user']['id'] == $post['poster_id'] || $user_perms & ADMIN)) {
                     /* Set the post icons and the emoticons */
                     $template->posticons = DBA::Open()->Query("SELECT * FROM " . POSTICONS);
                     $template->emoticons = DBA::Open()->Query("SELECT * FROM " . EMOTICONS);
                     /* Hide the part of this template that has to do with replying */
                     $template->post_thread = array('hide' => TRUE);
                     /* Set the template */
                     $template->content = array('file' => 'newthread.html');
                     $parser = new BBParser($post['body_text']);
                     $template['message'] = $parser->Revert($post['body_text']);
                     $template['posttitle'] = $post['name'];
                     /* Remove all of the extra features */
                     $template->poll_options = array('hide' => TRUE);
                     $template->post_options = array('hide' => TRUE);
                     $template->can_attach = array('hide' => TRUE);
                     /* Set the thread action */
                     $template['a_add_thread'] = new Action('posting.php', 'update_post');
                     /* Set the post id */
                     $template['post_id'] = $post['id'];
                 } else {
                     return new Error($template['L_PERMSEDITPOST'], $template);
                 }
             } else {
                 return new Error($template['L_INVALIDPOSTID'], $template);
             }
         } else {
             return new Error($template['L_INVALIDPOSTID'], $template);
         }
     } else {
         return new Error($template['L_NEEDLOGGEDIN'], $template);
     }
     /* Set the number of queries */
     $template['num_queries'] = $session->dba->num_queries;
     return TRUE;
 }
Exemple #28
0
 public function Execute(Template $template, Session $session, $request)
 {
     if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
         $table = $request['act'] == 'deletepi' ? POSTICONS : EMOTICONS;
         if (is_int(@$request['id']) && @$request['id'] != 0 && isset($request['id']) && $request['id'] != '') {
             $id = intval($request['id']);
             if (DBA::Open()->Query("DELETE FROM " . $table . " WHERE id = {$id}")) {
                 header("Location: admin.php?act=icons");
             }
         } else {
             return new Error($template['L_INVALIDICONID'], $template);
         }
     }
 }
Exemple #29
0
 public function ExecutePage()
 {
     //$timer		= new Timer;
     $session = new Session();
     $dba = DBA::Open();
     global $settings;
     foreach ($settings as $key => $val) {
         $this->template[$key] = $val;
     }
     $this->template['date'] = strftime("%a, %B %d");
     $this->template['num_queries'] = $dba->NumQueries();
     $this->template['IMG_DIR'] = !$session['user'] instanceof Member ? $this->template['imageset'] : $session['user']['imgset'];
     $this->template['VERSION'] = VERSION;
     if ($session['user'] instanceof Member) {
         if ($this->template['checknewpm'] == 1) {
             if ($dba->GetValue("SELECT COUNT(*) FROM " . PMSGS . " WHERE (poster_id = " . $session['user']['id'] . " AND saved = 1 AND new_reply = 1) OR ((member_id = " . $session['user']['id'] . " OR member_id = 0) AND member_has_read = 0)") == 0) {
                 $this->template->new_pms = array('hide' => TRUE);
             }
         }
     } else {
         $this->template->new_pms = array('hide' => TRUE);
     }
     /* Navigation */
     if ($this->template['enablememberlist'] == 0) {
         $this->template->memberlist_link = array('hide' => TRUE);
     }
     if ($this->template['calendarenabled'] == 0) {
         $this->template->calendar_link = array('hide' => TRUE);
     }
     $default_theme = $this->template['styleset'];
     $styleset = !$session['user'] instanceof Member ? $default_theme : $dba->GetValue("SELECT name FROM " . STYLES . " WHERE id = " . $session['user']['styleset']);
     $this->template['imageset'] = !$session['user'] instanceof Member ? $this->template['imageset'] : $session['user']['imgset'];
     $this->template->css_styles = $dba->Query("SELECT * FROM " . CSS . " WHERE style_id = (SELECT id FROM " . STYLES . " WHERE name = '" . $styleset . "') ORDER BY name ASC");
     $this->template['load_time'] = $this->timer->__toString();
     parent::Execute($this->template, $session);
 }
 public function Execute($str)
 {
     if ($this->use_db) {
         foreach (DBA::Open()->Query("SELECT * FROM " . BADWORDS) as $word) {
             if ($word['method'] == 0) {
                 // Exact
                 $str = preg_replace("~\\b" . $word['word'] . "\\b~is", $word['replacement'], $str);
             } else {
                 if ($word['method'] == 1) {
                     // Loose
                     $str = preg_replace("~" . $word['word'] . "~is", $word['replacement'], $str);
                 }
             }
         }
     }
     return $str;
 }