public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$template->content = array('file' => 'admin/admin.html');
$template->admin_panel = array('file' => 'admin/mod_permissions.html');
if (isset($request['forum']) && intval($request['forum']) != 0) {
$forum = $this->dba->GetRow("SELECT * FROM " . FORUMS . " WHERE id = " . intval($request['forum']));
/* Set the template variables */
$template['forum_id'] = $forum['id'];
$template['can_view'] = $forum['can_view'];
$template['can_read'] = $forum['can_read'];
$template['can_post'] = $forum['can_post'];
$template['can_reply'] = $forum['can_reply'];
$template['can_edit'] = $forum['can_edit'];
$template['can_sticky'] = $forum['can_sticky'];
$template['can_announce'] = $forum['can_announce'];
$template['can_vote'] = $forum['can_vote'];
$template['can_pollcreate'] = $forum['can_pollcreate'];
$template['can_attach'] = $forum['can_attach'];
} else {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
}
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_INFORMATION']);
if ($session['user'] instanceof Guest) {
$email = htmlspecialchars($request['email']);
if ($email == check_mail($email)) {
if ($this->dba->Query("SELECT * FROM " . USERS . " WHERE email = '{$email}'")->NumRows() > 0) {
$new_pw = $this->GetRandom();
$forum = $this->dba->GetValue("SELECT name FROM " . FORUMS . " WHERE row_left = 1");
$username = $this->dba->GetValue("SELECT name FROM " . USERS . " WHERE email = '{$email}'");
if (mail($email, sprintf($template['L_PWSENTSUBJECT'], $forum), sprintf($template['L_PWSENTMESSAGE'], $forum, $username, $new_pw, $forum), "From: \"Password Reset - k4 Bulletin Board Mailer\" <noreply@" . $_SERVER['HTTP_HOST'] . ">")) {
$this->dba->Query("UPDATE " . USERS . " SET pass = '******' WHERE email = '{$email}'");
return new Error($template['L_PASSWORDSENT'] . '<meta http-equiv="refresh" content="2; url=index.php">', $template);
} else {
return new Error($template['L_ERRORRESETPW'], $template);
}
} else {
return new Error($template['L_INVALIDEMAIL'], $template);
}
} else {
return new Error($template['L_INVALIDEMAIL'], $template);
}
} else {
return new Error($template['L_CANTBELOGGEDIN'], $template);
}
}
public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
if (isset($request['forum']) && isset($request['days'])) {
/* Turn the board off for safety reasons */
$this->dba->Execute("UPDATE " . SETTING . " SET value = '0' WHERE varname = 'bbactive'");
$days = intval($request['days']);
$forum = intval($request['forum']);
$created = $days == 0 ? time() : time() - $days * 24 * 3600;
$prune = new Prune();
if ($forum == -1) {
foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) {
$prune->KillNode($post);
}
} else {
foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE parent_id = " . $forum . " AND row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) {
$prune->KillNode($post);
}
}
/* Turn the board back on */
$this->dba->Execute("UPDATE " . SETTING . " SET value = '1' WHERE varname = 'bbactive'");
return new Error($template['L_PRUNESUCCESS'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=prune">', $template);
} else {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
}
return TRUE;
}
public function __construct($request)
{
global $lang;
$this->lang = $lang;
if (isset($_GET['sort']) && $_GET['sort'] != "*") {
//if($request['sort'] == "*") {
//$order ="[a-zA-Z].*$";
//$like = 'REGEXP';
//} else {
$order = strtolower($_GET['sort']) . '%';
$like = 'LIKE';
//}
} else {
$order = "%";
$like = 'LIKE';
}
$limit = isset($_GET['limit']) ? intval($_GET['limit']) : NULL;
$start = isset($_GET['start']) ? intval($_GET['start']) : NULL;
global $settings;
$db_type = get_setting(get_setting('application', 'dba_name'), 'type');
$proper_limit = $db_type == 'pgsql' ? "LIMIT {$limit} OFFSET {$start}" : "LIMIT {$start}, {$limit}";
$extra = !is_null($limit) && !is_null($start) ? $proper_limit : "LIMIT " . $settings['memberlistperpage'];
$query = "SELECT * FROM " . USERS . " WHERE name {$like} '{$order}' {$extra}";
$this->users = DBA::Open()->Query($query)->GetIterator();
}
public function __construct()
{
$expired = time() - Lib::GetSetting('sess.gc_maxlifetime');
$users = DBA::Open()->Query("SELECT * FROM " . USERS . " WHERE birthday != 0");
$this->count = $users->NumRows();
$this->users = $users->GetIterator();
$this->i = 1;
}
public function __construct()
{
$url = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
$this->config = new Config();
$this->last_year = new Url($url);
$this->last_month = new Url($url);
$this->next_year = new Url($url);
$this->next_month = new Url($url);
$this->dba = DBA::Open();
}
public function Execute(Template $template, Session $session, $request)
{
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$id = intval($request['bwid']);
if (DBA::Open()->Query("DELETE FROM " . BADWORDS . " WHERE id = {$id}")) {
header("Location: admin.php?act=censoring");
}
}
return TRUE;
}
public function setForumPermissions($forum_id, $request)
{
$dba = DBA::Open();
foreach ($request as $key => $val) {
$request['key'] = $dba->Quote(intval($val));
}
if ($dba->Query("UPDATE " . FORUMS . " SET can_attach = " . $request['can_attach'] . ", can_view = " . $request['can_view'] . ", can_read = " . $request['can_read'] . ", can_post = " . $request['can_post'] . ", can_reply = " . $request['can_reply'] . ", can_edit = " . $request['can_edit'] . ", can_sticky = " . $request['can_sticky'] . ", can_announce = " . $request['can_announce'] . ", can_vote = " . $request['can_vote'] . ", can_pollcreate = " . $request['can_pollcreate'] . " WHERE id = {$forum_id}")) {
return TRUE;
} else {
return FALSE;
}
}
public function Execute(Template $template, Session $session, $request)
{
$forum = new Forum();
//foreach(DBA::Open()->Query("SELECT * FROM ". SESSIONS) as $s) { print_r($s); }
//$rows = $forum->getForums((@$session['user']['perms'] & ADMIN));
/* Set the templates */
$template->content = array('file' => 'forums.html');
if ($template['WOLenable'] == 1) {
$template->users_online = array('file' => 'online_users.html');
}
if ($template['showbirthdays'] == 1) {
$template->todays_bdays = array('file' => 'birthdays.html');
}
$suspend = $session['user']['perms'] & ADMIN ? 1 : 0;
/* Set the forums and categoris */
$template->categories = new ForumList(FALSE, $suspend);
/* Set the title of the page */
$template['title'] = $template['L_HOME'];
$expired = time() - Lib::GetSetting('sess.gc_maxlifetime');
/* Display message for unlogged users */
if ($session['user'] instanceof Guest) {
$template['welcome_title'] = sprintf($template['L_WELCOMETITLE'], $template['forum_description']);
// you can use forum_name here instead
$template['welcome_msg'] = $template['L_WELCOMEMESSAGE'];
} else {
$template->welcome_msg = array('hide' => TRUE);
}
/* Set the online users list */
if ($template['displayloggedin'] == 1) {
$template->online_users = new Online_Users();
}
if ($template['showbirthdays'] == 1) {
$template->birthdays = new Birthdays();
}
//DBA::Open()->Execute("delete from k4_pmsgs");
//echo DBA::Open()->GetValue("select count(*) from k4_pmsgs");
//print_r(DBA::Open()->GetRow("SELECT * FROM ". FORUMS ." WHERE row_left = 1"));
//foreach(DBA::Open()->Query("SELECT * FROM ". POSTS ." WHERE row_left < 0 OR row_right < 0") as $t) { print_r($t); }
$stats = DBA::Open()->GetRow("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE invisible = 0) AS num_members, (SELECT COUNT(s.uid) FROM " . USERS . " u, " . SESSIONS . " s WHERE u.invisible = 1 AND u.id = s.uid) AS num_invisible, (SELECT MAX(id) FROM " . USERS . ") AS newest_uid, (SELECT name FROM " . USERS . " ORDER BY created DESC LIMIT 1) AS newest_user, (SELECT COUNT(*) FROM " . USERS . " WHERE seen >= {$expired}) AS num_online, (SELECT COUNT(*) FROM " . POSTS . ") AS num_articles, (SELECT COUNT(*) FROM " . SESSIONS . ") AS num_total FROM " . USERS);
/* Set the board statistics */
$template['newest_member'] = sprintf($template['L_NEWESTMEMBER'], $stats['newest_uid'], $stats['newest_user']);
$template['total_posts'] = sprintf($template['L_TOTALPOSTS'], $stats['num_articles']);
$template['total_users'] = sprintf($template['L_TOTALUSERS'], $stats['num_members']);
$guests = $stats['num_total'] - $stats['num_online'] < 0 ? 0 : $stats['num_total'] - $stats['num_online'];
$guests = $template['WOLguests'] == 1 ? $guests : '--';
$template['online_stats'] = sprintf($template['L_ONLINEUSERSTATS'], $stats['num_total'], $stats['num_online'], $guests, $stats['num_invisible']);
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_LOGOUT']);
if ($session['user'] instanceof Member) {
setcookie('k4_lastactive', time(), time() + 3600 * 24 * 60);
// expire in 30 days
DBA::Open()->Query("UPDATE " . USERS . " SET last_seen = seen, seen = 0 WHERE id = " . $session['user']['id']);
$session['user'] = new Guest();
$session['rememberme'] = 'off';
header("Location: {$_SERVER['HTTP_REFERER']}");
exit;
} else {
return new Error($template['L_NEEDLOGGEDIN'], $template);
}
return FALSE;
}
public function Execute(Template $template, Session $session, $request)
{
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$dba = DBA::Open();
if (!$request['name']) {
return new Error(sprintf($template['L_REQUIREDFIELDS'], $template['L_NAME']), $template);
}
if (!$request['description']) {
return new Error(sprintf($template['L_REQUIREDFIELDS'], $template['L_DESCRIPTION']), $template);
}
if (!$request['mod_name']) {
return new Error(sprintf($template['L_REQUIREDFIELDS'], $template['L_MODERATOR']), $template);
}
if (!$request['perms']) {
return new Error(sprintf($template['L_REQUIREDFIELDS'], $template['L_PERMISSIONS']), $template);
}
$name = $dba->Quote($request['name']);
$id = intval($request['id']);
$description = $dba->Quote($request['description']);
$mod_name = $dba->Quote($request['mod_name']);
try {
$mod = $dba->GetRow("SELECT * FROM " . USERS . " WHERE name = '{$mod_name}'");
$permissions = intval($request['perms']);
$users = $dba->Query("SELECT * FROM " . USER_IN_GROUP . " WHERE group_id = {$id}");
foreach ($users as $user) {
$temp_user = $dba->GetRow("SELECT * FROM " . USERS . " WHERE id = " . $user['id']);
if ($permissions > $temp_user['perms']) {
@$dba->Query("UPDATE " . USERS . " SET perms = {$permissions} WHERE id = " . $user['id']);
}
}
if (@$dba->Query("UPDATE " . GROUPS . " SET name = '{$name}', description = '{$description}', mod_name = '" . $mod['name'] . "', mod_id = " . $mod['id'] . ", permissions = {$permissions} WHERE id = {$id}")) {
header("Location: admin.php?act=groups");
}
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
}
return TRUE;
}
public function __construct($row, $revert)
{
$this->revert = $revert;
$this->item = DBA::Open()->Query("SELECT * FROM " . FAQ . " WHERE parent_id = " . $row['id'])->GetIterator();
}
public function Execute(Template $template, Session $session, $request)
{
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
if (!isset($request['parent_id']) || !@$request['parent_id']) {
return new Error(sprintf($template['L_REQUIREDFIELDSSF'], $template['L_CATEGORY']), $template);
}
if (!isset($request['question']) || !@$request['question']) {
return new Error(sprintf($template['L_REQUIREDFIELDSSF'], $template['L_QUESTION']), $template);
}
if (!isset($request['question']) || !@$request['message']) {
return new Error(sprintf($template['L_REQUIREDFIELDSSF'], $template['L_ANSWER']), $template);
}
$dba = DBA::Open();
$parent_id = intval($request['parent_id']);
$question = $dba->Quote($request['question']);
$parser = new BBParser($request['message']);
$answer = $dba->Quote($parser->Execute());
if (intval($request['add']) == 1) {
if ($dba->Query("INSERT INTO " . FAQ . " (parent_id, question, answer) VALUES ({$parent_id}, '{$question}', '{$answer}')")) {
header("Location: admin.php?act=faq");
}
} else {
$id = intval($request['id']);
if ($dba->Query("UPDATE " . FAQ . " SET parent_id = {$parent_id}, question = '{$question}', answer = '{$answer}' WHERE id = {$id}")) {
header("Location: admin.php?act=faq");
}
}
}
}
public function Execute(Template $template, Session $session, $request)
{
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$css = new CSS();
$dba = DBA::Open();
if (isset($_FILES["imported_file"]["tmp_name"])) {
$filename = 'Uploads/' . $_FILES["imported_file"]["name"];
if (move_uploaded_file($_FILES["imported_file"]["tmp_name"], $filename)) {
//if(is_uploaded_file($filename)) {
include $filename;
header("Location: admin.php?act=css");
//}
}
}
}
return TRUE;
}
public function __construct($row, $extra = FALSE, $suspend)
{
global $lang;
global $settings;
$this->lang = $lang;
$this->settings = $settings;
$this->session = $_SESSION;
$this->session['user']['perms'] = intval($this->session['user']['perms']) == 0 ? ALL : $this->session['user']['perms'];
$this->suspend = $suspend;
$this->dba = DBA::Open();
$this->child = $this->dba->Query("SELECT * FROM " . FORUMS . " WHERE row_left > " . $row['row_left'] . " AND row_right < " . $row['row_right'] . " AND suspend <= {$this->suspend} AND can_view <= " . intval($this->session['user']['perms']) . " {$extra}" . " ORDER BY f_order ASC")->GetIterator();
}
<?php
/**********************************************************************************
* k4 Bulletin Board
* lang.php (English language pack)
* Copyright (c) 2004, Peter Goodman
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*********************************************************************************/
error_reporting(E_STRICT | E_ALL);
/*------------------------------- SETTINGS -------------------------------- */
$settings = array();
foreach (DBA::Open()->Query("SELECT * FROM " . SETTING) as $setting) {
$settings[$setting['varname']] = $setting['value'];
}
/*------------------------------------------------------------------------- */
public function __construct()
{
$this->session = $_SESSION;
$this->dba = DBA::Open();
$this->friends = $this->dba->Query("SELECT * FROM " . PMSG_LIST . " WHERE member_list_id = " . $this->session['user']['id'] . " AND user_liked = 0")->GetIterator();
}
public function __construct()
{
$this->dba = DBA::Open();
}
public function __construct()
{
$this->forums = DBA::Open()->Query("SELECT * FROM " . FORUMS . " WHERE row_left > 1 AND row_level > 1 ORDER BY row_left ASC")->GetIterator();
}
public function Execute(Template $template, Session $session, $request)
{
if (isset($request['id'])) {
/* Instanciate the forum class */
$forum = new Forum();
$id = intval($request['id']);
$suspend = $session['user']['perms'] & ADMIN ? 1 : 0;
$row = $forum->getForum($id);
/* Simple redirect to index.php */
if ($row['row_left'] == 1) {
exit(header("Location: index.php"));
}
/* Check if the Category or forum exists */
if (!$row) {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
/* Create the ancestors list with the results from the get category query */
$template = CreateAncestors($template, $row, $suspend);
/* Are we looking at forums within a category? */
if ($row['row_level'] == 1) {
$template->welcome_msg = array('hide' => TRUE);
$template->content = array('file' => 'forums.html');
$template->categories = new ForumList($id, $suspend);
} else {
if ($row['row_level'] >= 2) {
/* Make sure that the forum isn't a link */
if ($row['is_link'] == 0) {
/* Is this forum password-protected? */
if ($row['private'] == 1 && @$_SESSION['forum_logged'] != $row['id']) {
$template['forum_id'] = $row['id'];
$template->content = array('file' => 'forum_login.html');
} else {
/* Get the user permissions */
$user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL;
/* If the current user is allowed to read the forums */
if ($user_perms >= $row['can_view']) {
if ($row['subforums'] > 0) {
$template->subforums = new SubForumList($row, FALSE, $suspend);
} else {
$template->sub_forums = array('hide' => TRUE);
}
/* Set the template */
$template->content = array('file' => 'forum.html');
if (isset($request['sort']) && isset($request['order'])) {
$template[$request['sort'] . '_sort'] = $request['order'] == 'ASC' ? ' <img src="Images/' . $template['imageset'] . '/Icons/arrow_up.gif" alt="" border="0" />' : ' <img src="Images/' . $template['imageset'] . '/Icons/arrow_down.gif" alt="" border="0" />';
}
if (!isset($request['order'])) {
$template['order'] = 'DESC';
} else {
$template['order'] = $request['order'] == 'DESC' ? 'ASC' : 'DESC';
}
/* This could return an instance of the SetError class, so we'll check that */
$threads = new ThreadIterator($session);
/* Check if there was an error */
if ($threads instanceof SetError) {
return new Error($threads->message, $template);
} else {
$template->threads = $threads;
}
$template['total_posts'] = $row['threads'];
$template['forum_id'] = $row['id'];
$template['postlimit'] = $row['threadsperpage'];
$template['pag_start'] = isset($request['start']) ? intval(@$request['start']) : 0;
} else {
return new Error($template['L_PERMCANTVIEW'], $template);
}
}
} else {
DBA::Open()->Execute("UPDATE " . FORUMS . " SET referals = referals+1 WHERE id = " . $row['id']);
header("Location: " . $row['link_href']);
}
} else {
return new Error($template['L_ERRORVIEWFORUM'], $template);
}
}
} else {
return new Error($template['L_INVALIDFORUM'], $template);
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$css = @$_POST['styleset_id'];
$dba = DBA::Open();
$styleset = $dba->GetRow("SELECT * FROM " . STYLES . " WHERE id = '" . $css . "'");
$styles = $dba->Query("SELECT * FROM " . CSS . " WHERE style_id = '" . $css . "' ORDER BY name ASC");
$str = "<?php\n\n";
$str .= "if(isset(\$dba) && isset(\$css)) {\n";
$str .= "\t\$dba->Query(\"INSERT INTO \". STYLES .\" (name, description) VALUES ('" . $styleset['name'] . "', '" . $styleset['description'] . "')\");\n\n";
$str .= "\t\$styleset = \$dba->GetValue(\"SELECT MAX(id) FROM \". STYLES );\n\n";
foreach ($styles as $s) {
$str .= "\t\$css->AddClass(\"" . $dba->Quote($s['name']) . "\", \"" . $this->proper_quote($dba->Quote($this->remove_lines($s['properties']))) . "\", \$styleset, \"" . $this->proper_quote($dba->Quote($s['description'])) . "\");\n";
//echo '". $s['name'] ."';
}
$str .= "\n} else {\n";
$str .= "\techo 'The \$dba and \$css variables have not been set.';";
$str .= "}";
$str .= "\n?>";
$output_file = 'k4.' . $styleset['name'] . '.php';
@ob_end_clean();
@ini_set('zlib.output_compression', 'Off');
header('Pragma: public');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
// HTTP/1.1
header('Cache-Control: pre-check=0, post-check=0, max-age=0');
// HTTP/1.1
header('Content-Transfer-Encoding: none');
header('Content-Type: application/octetstream; name="' . $output_file . '"');
//This should work for IE & Opera
header('Content-Type: application/octet-stream; name="' . $output_file . '"');
//This should work for the rest
header('Content-Disposition: inline; filename="' . $output_file . '"');
echo $str;
exit;
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
/* Ancestors Bar */
$template = CreateAncestors($template, $template['L_LOCKTHREAD']);
/* Check permissions */
if ($session['user'] instanceof Member && $session['user']['perms'] >= MOD) {
/* Set the templates */
$template->content = array('file' => 'admin/admin.html');
$row = $this->dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = " . intval($request['id']));
if (!empty($row) && isset($row['id'])) {
/* Lock the thread */
$this->dba->Execute("UPDATE " . POSTS . " SET row_locked = 1 WHERE id = " . $row['id']);
return new Error($template['L_LOCKEDTHREAD'] . '<meta http-equiv="refresh" content="2; url=viewforum.php?id=' . $row['forum_id'] . '">', $template);
} else {
return new Error($template['L_INVALIDTHREADID'], $template);
}
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function __construct()
{
$this->dba = DBA::Open();
$this->ranks = $this->dba->Query("SELECT * FROM " . RANKS)->GetIterator();
}
public function __construct()
{
$expired = time() - Lib::GetSetting('sess.gc_maxlifetime');
$this->users = DBA::Open()->Query("SELECT * FROM " . USERS . " WHERE seen >= {$expired} AND invisible = 0")->GetIterator();
}
public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$user = $this->dba->Quote($request['name']);
if ($this->dba->Query("SELECT * FROM " . USERS . " WHERE name = '{$user}'")->NumRows() == 1) {
$id = $this->dba->GetValue("SELECT id FROM " . USERS . " WHERE name = '{$user}'");
if (isset($request['edit'])) {
header("Location: member.php?id=" . $id);
} else {
if (isset($request['delete'])) {
if ($id != 1) {
$this->dba->Execute("DELETE FROM " . SESSIONS . " WHERE uid = " . $id);
$this->dba->Execute("DELETE FROM " . USERS . " WHERE id = " . $id);
$this->dba->Execute("UPDATE " . POSTS . " SET poster_id = 0 WHERE poster_id = " . $id);
$this->dba->Execute("UPDATE " . FORUMS . " SET thread_uid = 0 WHERE thread_uid = " . $id);
return new Error($template['L_DELETEDUSER'], $template);
} else {
return new Error($template['L_CANNOTDELETEADMIN'], $template);
}
}
}
} else {
return new Error($template['L_USERDOESNTEXIST'], $template);
}
}
}
public function __construct($id)
{
$this->id = $id;
$this->dba = DBA::Open();
$this->options = $this->dba->Query("SELECT * FROM " . POLLOPTIONS . " WHERE poll_id = {$this->id}")->GetIterator();
}
public function Execute(Template $template, Session $session, $request)
{
$dba = DBA::Open();
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_EDITPOST']);
/* Set the user's permissions */
$user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL;
if ($session['user'] instanceof Member) {
$id = intval(@$request['id']);
if (isset($request['id']) && $id != 0) {
try {
@($post = $dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = {$id}"));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
if (is_array($post) && !empty($post)) {
/* Try and get the forum */
try {
@($f = new Forum());
@($forum = $f->getForum($post['forum_id']));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
if ($user_perms >= $forum['can_edit'] && ($session['user']['id'] == $post['poster_id'] || $user_perms & ADMIN)) {
/* Set the post icons and the emoticons */
$template->posticons = DBA::Open()->Query("SELECT * FROM " . POSTICONS);
$template->emoticons = DBA::Open()->Query("SELECT * FROM " . EMOTICONS);
/* Hide the part of this template that has to do with replying */
$template->post_thread = array('hide' => TRUE);
/* Set the template */
$template->content = array('file' => 'newthread.html');
$parser = new BBParser($post['body_text']);
$template['message'] = $parser->Revert($post['body_text']);
$template['posttitle'] = $post['name'];
/* Remove all of the extra features */
$template->poll_options = array('hide' => TRUE);
$template->post_options = array('hide' => TRUE);
$template->can_attach = array('hide' => TRUE);
/* Set the thread action */
$template['a_add_thread'] = new Action('posting.php', 'update_post');
/* Set the post id */
$template['post_id'] = $post['id'];
} else {
return new Error($template['L_PERMSEDITPOST'], $template);
}
} else {
return new Error($template['L_INVALIDPOSTID'], $template);
}
} else {
return new Error($template['L_INVALIDPOSTID'], $template);
}
} else {
return new Error($template['L_NEEDLOGGEDIN'], $template);
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$table = $request['act'] == 'deletepi' ? POSTICONS : EMOTICONS;
if (is_int(@$request['id']) && @$request['id'] != 0 && isset($request['id']) && $request['id'] != '') {
$id = intval($request['id']);
if (DBA::Open()->Query("DELETE FROM " . $table . " WHERE id = {$id}")) {
header("Location: admin.php?act=icons");
}
} else {
return new Error($template['L_INVALIDICONID'], $template);
}
}
}
public function ExecutePage()
{
//$timer = new Timer;
$session = new Session();
$dba = DBA::Open();
global $settings;
foreach ($settings as $key => $val) {
$this->template[$key] = $val;
}
$this->template['date'] = strftime("%a, %B %d");
$this->template['num_queries'] = $dba->NumQueries();
$this->template['IMG_DIR'] = !$session['user'] instanceof Member ? $this->template['imageset'] : $session['user']['imgset'];
$this->template['VERSION'] = VERSION;
if ($session['user'] instanceof Member) {
if ($this->template['checknewpm'] == 1) {
if ($dba->GetValue("SELECT COUNT(*) FROM " . PMSGS . " WHERE (poster_id = " . $session['user']['id'] . " AND saved = 1 AND new_reply = 1) OR ((member_id = " . $session['user']['id'] . " OR member_id = 0) AND member_has_read = 0)") == 0) {
$this->template->new_pms = array('hide' => TRUE);
}
}
} else {
$this->template->new_pms = array('hide' => TRUE);
}
/* Navigation */
if ($this->template['enablememberlist'] == 0) {
$this->template->memberlist_link = array('hide' => TRUE);
}
if ($this->template['calendarenabled'] == 0) {
$this->template->calendar_link = array('hide' => TRUE);
}
$default_theme = $this->template['styleset'];
$styleset = !$session['user'] instanceof Member ? $default_theme : $dba->GetValue("SELECT name FROM " . STYLES . " WHERE id = " . $session['user']['styleset']);
$this->template['imageset'] = !$session['user'] instanceof Member ? $this->template['imageset'] : $session['user']['imgset'];
$this->template->css_styles = $dba->Query("SELECT * FROM " . CSS . " WHERE style_id = (SELECT id FROM " . STYLES . " WHERE name = '" . $styleset . "') ORDER BY name ASC");
$this->template['load_time'] = $this->timer->__toString();
parent::Execute($this->template, $session);
}
public function Execute($str)
{
if ($this->use_db) {
foreach (DBA::Open()->Query("SELECT * FROM " . BADWORDS) as $word) {
if ($word['method'] == 0) {
// Exact
$str = preg_replace("~\\b" . $word['word'] . "\\b~is", $word['replacement'], $str);
} else {
if ($word['method'] == 1) {
// Loose
$str = preg_replace("~" . $word['word'] . "~is", $word['replacement'], $str);
}
}
}
}
return $str;
}
