/** * Class entry point * * @access public * @param object Registry reference * @return void [Outputs to screen] */ public function doExecute(ipsRegistry $registry) { //----------------------------------------- // INIT //----------------------------------------- $info = array(); $id = intval($this->memberData['member_id']); //----------------------------------------- // Get HTML and skin //----------------------------------------- $this->registry->class_localization->loadLanguageFile(array('public_profile'), 'members'); //----------------------------------------- // Can we access? //----------------------------------------- if (!$this->memberData['g_mem_info'] or $this->memberData['gbw_no_status_update']) { $this->returnJsonError($this->lang->words['status_off']); } if (!$id) { $this->returnJsonError($this->lang->words['status_off']); } $newStatus = trim(IPSText::getTextClass('bbcode')->stripBadWords(IPSText::parseCleanValue($_POST['new_status']))); IPSMember::save($id, array('extendedProfile' => array('pp_status' => $newStatus, 'pp_status_update' => time()))); $this->returnJsonArray(array('status' => 'success', 'new_status' => $newStatus)); exit; }
/** * Convert and make safe an incoming string * * @access public * @param string Raw input string * @param boolean Run through parse_incoming routine * @return string Cleaned string */ public function convertAndMakeSafe($value, $parse_incoming = true) { $value = rawurldecode($value); $value = $this->convertUnicode($value); $value = $this->convertHtmlEntities($value); if ($parse_incoming) { $value = IPSText::parseCleanValue($value); } return $value; }
/** * Check the email address * * @return @e void [Outputs to screen] */ public function checkEmail() { //----------------------------------------- // INIT //----------------------------------------- $email = ''; $banfilters = array(); if (is_string($_REQUEST['email'])) { $email = strtolower(IPSText::parseCleanValue(rawurldecode($_REQUEST['email']))); } if (!$email) { $this->returnString('found'); } if (!IPSText::checkEmailAddress($email)) { $this->returnString('found'); } //----------------------------------------- // Got the member? //----------------------------------------- if (!IPSMember::checkByEmail($email)) { //----------------------------------------- // Load ban filters //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'banfilters')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $banfilters[$r['ban_type']][] = $r['ban_content']; } //----------------------------------------- // Are they banned [EMAIL]? //----------------------------------------- if (is_array($banfilters['email']) and count($banfilters['email'])) { foreach ($banfilters['email'] as $memail) { $memail = str_replace("*", '.*', preg_quote($memail, "/")); if (preg_match("/^{$memail}\$/", $email)) { $this->returnString('banned'); break; } } } //----------------------------------------- // Load handler... //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $han_login = new $classToLoad($this->registry); $han_login->init(); $han_login->emailExistsCheck($email); if ($han_login->return_code and $han_login->return_code != 'METHOD_NOT_DEFINED' and $han_login->return_code != 'EMAIL_NOT_IN_USE') { $this->returnString('found'); } $this->returnString('notfound'); } else { $this->returnString('found'); } }
/** * Recursively parse stuff */ private function _recurse(&$data, $input = array(), $iteration = 0) { if ($iteration >= 20) { return $input; } if (is_array($data)) { foreach ($data as $k => $v) { if (is_array($v)) { $input[$k] = $this->_recurse($data[$k], array(), $iteration + 1); } else { $v = self::convert($k, $v); $input[$k] = IPSText::parseCleanValue($v, true); } } } return $input; }
/** * Class entry point * * @param object Registry reference * @return @e void [Outputs to screen/redirects] */ public function doExecute(ipsRegistry $registry) { /* Disabled? */ if (!$this->settings['sl_enable']) { $this->registry->output->showError('forward_turned_off', 103240.1); } /* Permission Check */ $cache = isset($this->caches['sharelinks']) ? $this->caches['sharelinks'] : ipsRegistry::cache()->getCache('sharelinks'); if ($cache['email']['share_groups'] != '*' and !IPSMember::isInGroup($this->memberData, explode(',', $cache['email']['share_groups']))) { $this->registry->output->showError('forward_turned_off', 103240.2); } //----------------------------------------- // Grab skin and lang stuff //----------------------------------------- ipsRegistry::getClass('class_localization')->loadLanguageFile(array('public_emails'), 'core'); /* Via URL and topic title? */ if ($this->request['url'] and $this->request['title']) { $this->page['url'] = IPSText::parseCleanValue(IPSText::base64_decode_urlSafe($this->request['url'])); $this->page['title'] = IPSText::parseCleanValue(urldecode($this->request['title'])); } else { //----------------------------------------- // Check the input //----------------------------------------- $this->request['t'] = intval($this->request['t']); $this->request['f'] = intval($this->request['f']); if (!$this->request['t']) { $this->registry->output->showError('forward_no_tid', 10321); } //----------------------------------------- // Get the topic details //----------------------------------------- $this->topic = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'topics', 'where' => "tid=" . $this->request['t'])); $this->forum = ipsRegistry::getClass('class_forums')->forum_by_id[$this->topic['forum_id']]; //----------------------------------------- // Error out if we can not find the forum //----------------------------------------- if (!$this->forum['id']) { $this->registry->output->showError('forward_no_fid', 10322); } //----------------------------------------- // Error out if we can not find the topic //----------------------------------------- if (!$this->topic['tid']) { $this->registry->output->showError('forward_no_tid', 10323); } //----------------------------------------- // Check viewing permissions, private forums, // password forums, etc //----------------------------------------- if (!$this->memberData['member_id']) { $this->registry->output->showError('forward_only_members', 10324); } ipsRegistry::getClass('class_forums')->forumsCheckAccess($this->forum['id']); } /* last check */ if (!$this->topic['tid'] and !$this->page['url']) { $this->registry->output->showError('forward_no_tid', 10323.2); } /* Ok, I lied. Is this share entry enabled? */ $cache = ipsRegistry::cache()->getCache('sharelinks'); if (!is_array($cache['email']) or !$cache['email']['share_enabled']) { $this->registry->output->showError('forward_turned_off', 103240); } //----------------------------------------- // What to do? //----------------------------------------- if ($this->request['do'] == '01') { $this->_sendEmail(); } else { $this->_showForm(); } }
/** * View all logs for a given admin * * @return @e void [Outputs to screen] */ protected function _view() { ///---------------------------------------- // Basic init //----------------------------------------- $start = intval($this->request['st']) >= 0 ? intval($this->request['st']) : 0; ///---------------------------------------- // No mid or search string? //----------------------------------------- if (!$this->request['search_string'] and !$this->request['mid']) { $this->registry->output->global_message = $this->lang->words['alog_nostring']; $this->_listCurrent(); return; } $this->request['mid'] = $this->request['mid'] == 'zero' ? 0 : $this->request['mid']; ///---------------------------------------- // mid? //----------------------------------------- if (!$this->request['search_string']) { $row = $this->DB->buildAndFetch(array('select' => 'COUNT(id) as count', 'from' => 'admin_logs', 'where' => "member_id=" . intval($this->request['mid']))); $query = "{$this->form_code}&mid=" . ($this->request['mid'] ? $this->request['mid'] : 'zero') . "&do=view"; $this->DB->build(array('select' => 'm.*', 'from' => array('admin_logs' => 'm'), 'where' => 'm.member_id=' . intval($this->request['mid']), 'order' => 'm.ctime DESC', 'limit' => array($start, 20), 'add_join' => array(array('select' => 'mem.members_display_name', 'from' => array('members' => 'mem'), 'where' => 'mem.member_id=m.member_id', 'type' => 'left')))); $this->DB->execute(); } else { $this->request['search_string'] = IPSText::parseCleanValue(urldecode($this->request['search_string'])); if (!$this->DB->checkForField($this->request['search_type'], 'admin_logs')) { $this->registry->output->showError($this->lang->words['alog_whatfield'], 4110, true); } if ($this->request['search_type'] == 'member_id') { $dbq = "m." . $this->request['search_type'] . "='" . $this->request['search_string'] . "'"; } else { $dbq = "m." . $this->request['search_type'] . " LIKE '%" . $this->request['search_string'] . "%'"; } $row = $this->DB->buildAndFetch(array('select' => 'COUNT(m.member_id) as count', 'from' => 'admin_logs m', 'where' => $dbq)); $query = "{$this->form_code}&do=view&search_type=" . $this->request['search_type'] . "&search_string=" . urlencode($this->request['search_string']); $this->DB->build(array('select' => 'm.*', 'from' => array('admin_logs' => 'm'), 'where' => $dbq, 'order' => 'm.ctime DESC', 'limit' => array($start, 20), 'add_join' => array(array('select' => 'mem.members_display_name', 'from' => array('members' => 'mem'), 'where' => 'mem.member_id=m.member_id', 'type' => 'left')))); $this->DB->execute(); } ///---------------------------------------- // Page links //----------------------------------------- $links = $this->registry->output->generatePagination(array('totalItems' => $row['count'], 'itemsPerPage' => 20, 'currentStartValue' => $start, 'baseUrl' => $this->settings['base_url'] . $query)); ///---------------------------------------- // Get db results //----------------------------------------- while ($row = $this->DB->fetch()) { if (!$row['member_id']) { $row['member_id'] = 'zero'; } if (!$row['members_display_name']) { $row['members_display_name'] = $this->lang->words['noname_availabl']; } $row['_time'] = $this->registry->class_localization->getDate($row['ctime'], 'LONG'); $rows[] = $row; } ///---------------------------------------- // And output //----------------------------------------- $this->registry->output->html .= $this->html->adminlogsView($rows, $links); }
/** * Returns topics based on request params * * @param string $api_key Authentication Key * @param string $api_module Module * @param string $forum_ids Comma separated list of forum ids * @param string $order_field DB field to order by * @param string $order_by One of "asc" or "desc" * @param integer $offset Start point offset for results * @param integer $limit Number of results to pull * @param bool $view_as_guest Treat user as a guest * @return string xml */ public function fetchTopics($api_key, $api_module, $forum_ids, $order_field, $order_by, $offset, $limit, $view_as_guest, $parse_display) { //----------------------------------------- // INIT //----------------------------------------- $api_key = IPSText::md5Clean($api_key); $api_module = IPSText::parseCleanValue($api_module); $forum_ids = IPSText::parseCleanValue($forum_ids); $order_field = IPSText::parseCleanValue($order_field); $order_by = strtolower($order_by) == 'asc' ? 'asc' : 'desc'; $offset = intval($offset); $limit = intval($limit); $view_as_guest = intval($view_as_guest); $parse_display = intval($parse_display); //----------------------------------------- // Authenticate //----------------------------------------- if ($this->__authenticate($api_key, $api_module, 'fetchTopics') !== FALSE) { //----------------------------------------- // Add log //----------------------------------------- $this->addLogging($api_key); //----------------------------------------- // Get API classes //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/api/forums/api_topic_view.php', 'apiTopicView'); $topic_view = new $classToLoad(); //----------------------------------------- // Fetch topic list //----------------------------------------- $topic_view->topic_list_config['order_field'] = $order_field; $topic_view->topic_list_config['order_by'] = $order_by; $topic_view->topic_list_config['forums'] = $forum_ids; $topic_view->topic_list_config['offset'] = $offset; $topic_view->topic_list_config['limit'] = $limit; $topics = $topic_view->return_topic_list_data($view_as_guest, $parse_display); //----------------------------------------- // Return the data //----------------------------------------- $this->classApiServer->apiSendReply($topics); exit; } }
/** * handshake_server::handshake_end() * * Returns all data... * * @access public * @param integer $reg_id Converge reg ID * @param string $reg_code Converge API Code (MUST BE PRESENT IN ALL RETURNED API REQUESTS). * @param integer $reg_date Unix stamp of converge request start time * @param integer $reg_product_id Converge product ID (MUST BE PRESENT IN ALL RETURNED API REQUESTS) * @param string $converge_url Converge application base url (no slashes or paths) * @param integer $handshake_completed All done flag * @return mixed xml / boolean false **/ public function handshakeEnd($reg_id = '', $reg_code = '', $reg_date = '', $reg_product_id = '', $converge_url = '', $handshake_completed = '') { //----------------------------------------- // INIT //----------------------------------------- $reg_id = intval($reg_id); $reg_code = IPSText::md5Clean($reg_code); $reg_date = intval($reg_date); $reg_product_id = intval($reg_product_id); $converge_url = IPSText::parseCleanValue($converge_url); $handshake_completed = intval($handshake_completed); $this->registry->getClass('class_localization')->loadLanguageFile(array('api_langbits'), 'core'); //----------------------------------------- // Grab data from the DB //----------------------------------------- $converge = $this->registry->DB()->buildAndFetch(array('select' => '*', 'from' => 'converge_local', 'where' => "converge_api_code='" . $reg_code . "' AND converge_product_id=" . $reg_product_id)); //----------------------------------------- // Got it? //----------------------------------------- if ($converge['converge_api_code']) { $this->registry->DB()->update('converge_local', array('converge_active' => 0)); $this->registry->DB()->update('converge_local', array('converge_active' => 1), "converge_api_code = '" . $reg_code . "'"); //----------------------------------------- // Update log in methods //----------------------------------------- $this->registry->DB()->update("login_methods", array("login_enabled" => 1, "login_login_url" => '', "login_maintain_url" => '', 'login_user_id' => 'email', "login_logout_url" => '', "login_register_url" => ''), "login_folder_name='ipconverge'"); $cache = array(); $this->registry->DB()->build(array('select' => '*', 'from' => 'login_methods', 'where' => 'login_enabled=1')); $this->registry->DB()->execute(); while ($r = $this->registry->DB()->fetch()) { $cache[$r['login_id']] = $r; } ipsRegistry::cache()->setCache('login_methods', $cache, array('array' => 1, 'deletefirst' => 1)); $this->classApiServer->apiSendReply(array('handshake_updated' => 1)); } else { $this->classApiServer->apiSendError(500, $this->lang->words['no_handshake']); return false; } }
/** * Sends the PM * * @access private * @return void, or HTML form */ private function _sendNewPersonalTopic() { //----------------------------------------- // INIT //----------------------------------------- if ($this->messengerFunctions->checkHasHitMax()) { $this->registry->getClass('output')->showError('maxperday_hit', 10272); } $msgTitle = IPSText::getTextClass('bbcode')->stripBadWords(trim(IPSText::parseCleanValue($_POST['msg_title']))); $authKey = $this->request['auth_key']; $sendToName = $this->request['entered_name']; $sendToID = intval($this->request['toMemberID']); $sendType = trim($this->request['sendType']); $_inviteUsers = trim($this->request['inviteUsers']); $msgContent = $_POST['Post']; $topicID = $this->request['topicID']; $inviteUsers = array(); $draft = $this->request['save'] ? TRUE : FALSE; //----------------------------------------- // Error checking //----------------------------------------- if (IPSText::mbstrlen(trim($msgTitle)) < 2) { return $this->_showNewTopicForm($this->lang->words['err_no_title']); } if (IPSText::mbstrlen(trim(IPSText::br2nl($_POST['Post']))) < 3) { return $this->_showNewTopicForm($this->lang->words['err_no_msg']); } if ($this->request['auth_key'] != $this->member->form_hash) { $this->registry->getClass('output')->_showNewTopicForm('messenger_bad_key', 2024); } if ($sendToID and $sendToName == "") { return $this->_showNewTopicForm($this->lang->words['err_no_chosen_member']); } //----------------------------------------- // Invite Users //----------------------------------------- if ($this->memberData['g_max_mass_pm'] and $_inviteUsers) { $_tmp = array(); foreach (explode(',', $_inviteUsers) as $name) { $name = trim($name); if ($name) { $inviteUsers[] = $name; } } } //----------------------------------------- // Grab member ID //----------------------------------------- $toMember = $sendToID ? IPSMember::load($sendToID, 'core') : IPSMember::load($sendToName, 'core', 'displayname'); if (!$toMember['member_id']) { return $this->_showNewTopicForm($this->lang->words['err_no_chosen_member']); } //----------------------------------------- // Send .. or.. save... //----------------------------------------- try { $this->messengerFunctions->sendNewPersonalTopic($toMember['member_id'], $this->memberData['member_id'], $inviteUsers, $msgTitle, $msgContent, array('isDraft' => $draft, 'topicID' => $topicID, 'sendMode' => $sendType, 'postKey' => $this->_postKey)); } catch (Exception $error) { $msg = $error->getMessage(); if (strstr($msg, 'BBCODE_')) { $msg = str_replace('BBCODE_', '', $msg); return $this->_showNewTopicForm($this->lang->words[$msg]); } else { if (isset($this->lang->words['err_' . $msg])) { $_msgString = $this->lang->words['err_' . $msg]; $_msgString = str_replace('#NAMES#', implode(",", $this->messengerFunctions->exceptionData), $_msgString); $_msgString = str_replace('#TONAME#', $toMember['members_display_name'], $_msgString); $_msgString = str_replace('#FROMNAME#', $this->memberData['members_display_name'], $_msgString); $_msgString = str_replace('#DATE#', $this->messengerFunctions->exceptionData[0], $_msgString); } else { $_msgString = $this->lang->words['err_UNKNOWN'] . ' ' . $msg; } } return $this->_showNewTopicForm($_msgString); } //----------------------------------------- // Swap and serve... //----------------------------------------- if ($draft !== TRUE) { $text = str_replace("<#FROM_MEMBER#>", $this->memberData['members_display_name'], $this->lang->words['sent_text']); $text = str_replace("<#MESSAGE_TITLE#>", $msgTitle, $text); } else { $text = "Your message has been saved as a draft"; } $this->registry->getClass('output')->redirectScreen($text, $this->settings['base_url'] . 'app=members&module=messaging&section=view&do=inbox'); }
/** * Rebuild the RSS Stream cache * * @param mixed $rss_import_id ID of the stream to import * @param bool $return Set to true to return true/false * @param bool $id_is_array Set to true if the first paramter is an array of ids * @return mixed */ public function rssImportRebuildCache($rss_import_id, $return = true, $id_is_array = false) { /* INIT */ $errors = array(); $affected_forum_ids = array(); $rss_error = array(); $rss_import_ids = array(); $items_imported = 0; /* Check the ID */ if (!$rss_import_id) { $rss_import_id = $this->request['rss_import_id'] == 'all' ? 'all' : intval($this->request['rss_import_id']); } /* No ID Found */ if (!$rss_import_id) { $this->registry->output->global_error = $this->lang->words['im_noid']; $this->rssImportOverview(); return; } /* Create an array of ids */ if ($id_is_array == 1) { $rss_import_ids = explode(",", $rss_import_id); } /* Load the classes we need */ if (!$this->classes_loaded) { /* Get the RSS Class */ if (!is_object($this->class_rss)) { $classToLoad = IPSLib::loadLibrary(IPS_KERNEL_PATH . 'classRss.php', 'classRss'); $this->class_rss = new $classToLoad(); $this->class_rss->rss_max_show = 100; } /* Get the post class */ require_once IPSLib::getAppDir('forums') . '/sources/classes/post/classPost.php'; /*noLibHook*/ $classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir('forums') . '/sources/classes/post/classPostForms.php', 'classPostForms', 'forums'); $this->post = new $classToLoad($this->registry); /* Load the mod libarry */ if (!$this->func_mod) { $classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir('forums') . '/sources/classes/moderate.php', 'moderatorLibrary', 'forums'); $this->func_mod = new $classToLoad($this->registry); } $this->classes_loaded = 1; } /* INIT Forums */ if (!is_array($this->registry->class_forums->forum_by_id) or !count($this->registry->class_forums->forum_by_id)) { $this->registry->class_forums->forumsInit(); } /* Sort out which IDs to load.. */ if ($rss_import_id == 'all') { $where = 'rss_import_enabled=1'; // Update only enabled ones! } elseif ($id_is_array == 1) { $where = 'rss_import_id IN (' . implode(',', $rss_import_ids) . ')'; } else { $where = 'rss_import_id=' . $rss_import_id; } /* Query the RSS imports */ $this->DB->build(array('select' => '*', 'from' => 'rss_import', 'where' => $where)); $outer = $this->DB->execute(); /* Loop through and build cache */ while ($row = $this->DB->fetch($outer)) { /* Skip non-existent forums - bad stuff happens */ if (empty($this->registry->class_forums->forum_by_id[$row['rss_import_forum_id']])) { continue; } /* Allowing badwords? */ IPSText::getTextClass('bbcode')->bypass_badwords = $row['rss_import_allow_html']; /* Set this import's doctype */ $this->class_rss->doc_type = strtoupper(IPS_DOC_CHAR_SET); /* Set this import's authentication */ $this->class_rss->auth_req = $row['rss_import_auth']; $this->class_rss->auth_user = $row['rss_import_auth_user']; $this->class_rss->auth_pass = $row['rss_import_auth_pass']; /* Clear RSS object's error cache first */ $this->class_rss->errors = array(); $this->class_rss->rss_items = array(); /* Reset the rss count as this is a new feed */ $this->class_rss->rss_count = 0; $this->class_rss->rss_max_show = $row['rss_import_pergo']; /* Parse RSS */ $this->class_rss->parseFeedFromUrl($row['rss_import_url']); /* Check for errors */ if (is_array($this->class_rss->errors) and count($this->class_rss->errors)) { $rss_error = array_merge($rss_error, $this->class_rss->errors); continue; } if (!is_array($this->class_rss->rss_channels) or !count($this->class_rss->rss_channels)) { $rss_error[] = sprintf($this->lang->words['im_noopen'], $row['rss_import_url']); continue; } /* Update last check time */ $this->DB->update('rss_import', array('rss_import_last_import' => IPS_UNIX_TIME_NOW), 'rss_import_id=' . $row['rss_import_id']); /* Apparently so: Parse feeds and check for already imported GUIDs */ $final_items = array(); $items = array(); $check_guids = array(); $final_guids = array(); $count = 0; if (!is_array($this->class_rss->rss_items) or !count($this->class_rss->rss_items)) { $rss_error[] = $row['rss_import_url'] . $this->lang->words['im_noimport']; continue; } /* Loop through the channels */ foreach ($this->class_rss->rss_channels as $channel_id => $channel_data) { if (is_array($this->class_rss->rss_items[$channel_id]) and count($this->class_rss->rss_items[$channel_id])) { /* Loop through the items in this channel */ foreach ($this->class_rss->rss_items[$channel_id] as $item_data) { /* Item Data */ $item_data['content'] = $item_data['content'] ? $item_data['content'] : $item_data['description']; $item_data['guid'] = md5($row['rss_import_id'] . ($item_data['guid'] ? $item_data['guid'] : preg_replace('#\\s|\\r|\\n#is', "", $item_data['title'] . $item_data['link'] . $item_data['description']))); $item_data['unixdate'] = intval($item_data['unixdate']) ? intval($item_data['unixdate']) : IPS_UNIX_TIME_NOW; /* If feed charset doesn't match original, we converted to utf-8 and need to convert back now */ if ($this->class_rss->doc_type != $this->class_rss->orig_doc_type) { $item_data['title'] = IPSText::convertCharsets($item_data['title'], "UTF-8", IPS_DOC_CHAR_SET); $item_data['content'] = IPSText::convertCharsets($item_data['content'], "UTF-8", IPS_DOC_CHAR_SET); } /* Error check */ if (!$item_data['title'] or !$item_data['content']) { $rss_error[] = sprintf($this->lang->words['im_notitle'], $item_data['title']); continue; } /* Dates */ if ($item_data['unixdate'] < 1) { $item_data['unixdate'] = IPS_UNIX_TIME_NOW; } else { if ($item_data['unixdate'] > IPS_UNIX_TIME_NOW) { $item_data['unixdate'] = IPS_UNIX_TIME_NOW; } } /* Add to array */ $items[$item_data['guid']] = $item_data; $check_guids[] = $item_data['guid']; } } } /* Check GUIDs */ if (!count($check_guids)) { $rss_error[] = $this->lang->words['im_noitems']; continue; } $this->DB->build(array('select' => '*', 'from' => 'rss_imported', 'where' => "rss_imported_guid IN ('" . implode("','", $check_guids) . "')")); $this->DB->execute(); while ($guid = $this->DB->fetch()) { $final_guids[$guid['rss_imported_guid']] = $guid['rss_imported_guid']; } /* Compare GUIDs */ $item_count = 0; foreach ($items as $guid => $data) { if (in_array($guid, $final_guids)) { continue; } else { $item_count++; /* Make sure each item has a unique date */ $final_items[$data['unixdate'] . $item_count] = $data; } } /* Sort Array */ krsort($final_items); /* Pick off last X */ $count = 1; $tmp_final_items = $final_items; $final_items = array(); foreach ($tmp_final_items as $date => $data) { $final_items[$date] = $data; if ($count >= $row['rss_import_pergo']) { break; } $count++; } /* Anything left? */ if (!count($final_items)) { continue; } /* Figure out MID */ $member = $this->DB->buildAndFetch(array('select' => 'member_id, name, members_display_name, ip_address', 'from' => 'members', 'where' => "member_id={$row['rss_import_mid']}")); if (!$member['member_id']) { continue; } /* Set member in post class */ $this->post->setAuthor($member['member_id']); $this->post->setForumData($this->registry->getClass('class_forums')->forum_by_id[$row['rss_import_forum_id']]); $this->post->setBypassPermissionCheck(true); $this->post->setForumID($row['rss_import_forum_id']); /* Make 'dem posts */ $affected_forum_ids[] = $row['rss_import_forum_id']; /* Get editor */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/editor/composite.php', 'classes_editor_composite'); $editor = new $classToLoad(); /* Force RTE */ $editor->setForceRte(true); $editor->setRteEnabled(true); $editor->setLegacyMode(false); foreach ($final_items as $topic_item) { /* Fix & */ $topic_item['title'] = str_replace('&', '&', $topic_item['title']); $topic_item['title'] = str_replace(array("\r", "\n"), ' ', $topic_item['title']); $topic_item['title'] = str_replace(array("<br />", "<br>"), ' ', $topic_item['title']); $topic_item['title'] = trim($topic_item['title']); $topic_item['title'] = strip_tags($topic_item['title']); $topic_item['title'] = IPSText::parseCleanValue($topic_item['title']); /* Fix up &reg; */ $topic_item['title'] = str_replace('&reg;', '®', $topic_item['title']); if ($row['rss_import_topic_pre']) { $topic_item['title'] = str_replace(' ', ' ', str_replace('&nbsp;', ' ', $row['rss_import_topic_pre'])) . ' ' . $topic_item['title']; } $this->post->setTopicTitle(IPSText::mbsubstr($topic_item['title'], 0, $this->settings['topic_title_max_len'])); $this->post->setDate($topic_item['unixdate']); $this->post->setPublished($row['rss_import_topic_hide'] ? false : true); $this->post->setPublishedRedirectSkip(true); /* Clean up.. */ $topic_item['content'] = preg_replace("#<br />(\r)?\n#is", "<br />", $topic_item['content']); if (!$row['rss_import_allow_html']) { $topic_item['content'] = stripslashes($topic_item['content']); $post_content = $editor->process($topic_item['content']); } else { $post_content = stripslashes($topic_item['content']); } /* Add in Show link... */ if ($row['rss_import_showlink'] and $topic_item['link']) { $the_link = str_replace('{url}', trim($topic_item['link']), $row['rss_import_showlink']); $the_link = "<br /><br />" . stripslashes($the_link); $post_content .= $the_link; } /* Make sure HTML mode is enabled correctly */ $this->request['post_htmlstatus'] = 1; /* Prevent invalid img extensions from breaking */ $_hack = $this->settings['img_ext']; $_zack = $this->settings['max_quotes_per_post']; $this->settings['img_ext'] = null; $this->settings['max_quotes_per_post'] = 500; $tmpForum = $this->post->getForumData(); $tmpAuthor = $this->post->getAuthor(); $this->post->setForumData(array_merge($tmpForum, array('use_html' => 1))); $this->post->setAuthor(array_merge($tmpAuthor, array('g_dohtml' => 1))); $this->post->setPostContentPreFormatted($post_content); /* Insert */ try { $this->post->addTopic(); } catch (Exception $e) { } /* Reset */ $this->settings['img_ext'] = $_hack; $this->settings['max_quotes_per_post'] = $_zack; $this->request['post_htmlstatus'] = 0; $this->post->setForumData($tmpForum); $this->post->setAuthor($tmpAuthor); if (!$row['rss_import_topic_open']) { if (!$this->modLibrary) { $classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir('forums') . '/sources/classes/moderate.php', 'moderatorLibrary', 'forums'); $this->modLibrary = new $classToLoad($this->registry); } $this->modLibrary->init($row['rss_import_forum_id']); $this->modLibrary->topicClose($this->post->getTopicData('tid')); } /* Insert GUID match */ $this->DB->insert('rss_imported', array('rss_imported_impid' => $row['rss_import_id'], 'rss_imported_guid' => $topic_item['guid'], 'rss_imported_tid' => $this->post->getTopicData('tid'))); $this->import_count++; } } /* Uncomment when testing imports */ //$this->DB->delete( 'rss_imported', '1=1'); /* Recount Stats */ if (count($affected_forum_ids)) { foreach ($affected_forum_ids as $fid) { $this->func_mod->forumRecount($fid); } $this->cache->rebuildCache('stats', 'global'); } /* Return */ if ($return) { $this->registry->output->global_message = $this->lang->words['im_recached']; if (count($rss_error)) { $this->registry->output->global_message .= "<br />" . implode("<br />", $rss_error); } $this->rssImportOverview(); return; } else { return TRUE; } }
/** * Track * * @param string HTTP Referrer * @param string Query string * @param int Member ID */ public static function track($referrer, $queryString, $memberId) { foreach (self::$engines as $engine) { if (preg_match($engine['match'], $referrer)) { $obj = new self(); $keywords = trim($obj->{$engine['parser']}($referrer)); if (!empty($keywords)) { ipsRegistry::DB()->allow_sub_select = 1; ipsRegistry::DB()->loadCacheFile(IPSLib::getAppDir('core') . '/sql/' . ips_DBRegistry::getDriverType() . '_seo_queries.php', 'core_seo_queries'); ipsRegistry::DB()->buildFromCache('ipseo_increment_keyword_count', IPSText::parseCleanValue($keywords), 'core_seo_queries'); ipsRegistry::DB()->allow_sub_select = 1; ipsRegistry::DB()->execute(); ipsRegistry::DB()->insert('search_visitors', array('date' => time(), 'member' => intval($memberId), 'engine' => $engine['name'], 'keywords' => $keywords, 'url' => $queryString)); } break; } } }
/** * Get a cookie. * Abstract layer allows us to do some checking, etc * * @access public * @param string Cookie name * @return mixed * @since 2.0 */ public static function get($name) { /* Check internal data first */ if (isset(self::$_cookiesSet[$name])) { return self::$_cookiesSet[$name]; } else { if (isset($_COOKIE[ipsRegistry::$settings['cookie_id'] . $name])) { $_value = $_COOKIE[ipsRegistry::$settings['cookie_id'] . $name]; if (substr($_value, 0, 2) == 'a:') { return unserialize(stripslashes(urldecode($_value))); } else { return IPSText::parseCleanValue(urldecode($_value)); } } else { return FALSE; } } }
/** * Search. Do it. * * @param string Any error text * @return string returns HTML */ protected function _search($error = '') { //----------------------------------------- // INIT //----------------------------------------- $start = intval($this->request['st']); $p_end = $this->settings['show_max_msg_list'] > 0 ? $this->settings['show_max_msg_list'] : 50; $searchFor_TAINTED = IPSText::parseCleanValue(urldecode($_REQUEST['searchFor'])); $searchIn = ''; /* Got an error? */ if ($error) { $this->_errorString = $error; } /* Search for owt? */ if (!$searchFor_TAINTED) { $error = $this->lang->words['search_convo_no_keywords']; } else { if ($this->settings['min_search_word'] && strlen($searchFor_TAINTED) < $this->settings['min_search_word']) { $error = sprintf($this->lang->words['search_term_short'], $this->settings['min_search_word']); } else { $searchResults = $this->messengerFunctions->searchMessages($this->memberData['member_id'], $searchFor_TAINTED, $start, $p_end, array()); $totalMsg = $searchResults['totalMatches']; $messages = $searchResults['results']; /* Got anything? */ if (!$totalMsg or !count($messages)) { $error = $this->lang->words['search_convo_no_results']; } } } //----------------------------------------- // Generate Pagination //----------------------------------------- $pages = $this->registry->getClass('output')->generatePagination(array('totalItems' => $totalMsg, 'itemsPerPage' => $p_end, 'currentStartValue' => $start, 'baseUrl' => "app=members&module=messaging&section=search&do=search&searchFor=" . urlencode($searchFor_TAINTED))); //----------------------------------------- // Set title //----------------------------------------- $this->_title = $this->lang->words['t_welcome'] . ' ' . $this->lang->words['search_results_pt']; //----------------------------------------- // Set navigation //----------------------------------------- //$this->_navigation[] = array( $this->messengerFunctions->_dirData[ $this->messengerFunctions->_currentFolderID ]['real'], $this->settings['base_url']."app=members&module=messaging&section=view&do=showFolder&folderID=".$this->messengerFunctions->_currentFolderID."&sort=".$this->request['sort'] ); //----------------------------------------- // Done... //----------------------------------------- return $this->registry->getClass('output')->getTemplate('messaging')->showSearchResults($messages, $pages, $error); }
/** * Upload personal photo function * Assumes all security checks have been performed by this point * * @access public * @param integer [Optional] member id instead of current member * @return array [ error (error message), status (status message [ok/fail] ) ] */ public function uploadPhoto($member_id = 0) { //----------------------------------------- // INIT //----------------------------------------- $return = array('error' => '', 'status' => '', 'final_location' => '', 'final_width' => '', 'final_height' => '', 't_final_location' => '', 't_final_width' => '', 't_final_height' => ''); $member_id = $member_id ? intval($member_id) : intval($this->memberData['member_id']); $memberData = IPSMember::load($member_id); $real_name = ''; $upload_dir = ''; $t_real_name = ''; $p_max = $memberData['photoMaxKb']; if (IN_ACP) { $p_max = 10000; } if (!$member_id) { return array('status' => 'cannot_find_member'); } /* Fix up upload directory */ $paths = $this->_getProfileUploadPaths(); $upload_path = $paths['path']; $upload_dir = $paths['dir']; /* Check for an upload */ if ($_FILES['upload_photo']['name'] != "" and $_FILES['upload_photo']['name'] != "none") { if (!IPSMember::canUploadPhoto($memberData)) { $return['status'] = 'fail'; $return['error'] = 'no_photo_upload_permission'; return $return; } $real_name = 'photo-' . $member_id; /* Fetch library */ require_once IPS_KERNEL_PATH . 'classUpload.php'; /*noLibHook*/ $upload = new classUpload(); /* Bit of set up */ $upload->out_file_name = 'photo-' . $member_id; $upload->out_file_dir = $upload_path; $upload->max_file_size = $p_max * 1024; $upload->upload_form_field = 'upload_photo'; /* Set up our allowed types */ $upload->allowed_file_ext = array('gif', 'png', 'jpg', 'jpeg'); /* http://community.invisionpower.com/resources/bugs.html/_/ip-board/problem-change-avatar-too-large-r42679 This is not ideal but is no longer an issue in 4.x - the alternative is a lot of refactoring of classUpload */ $filename = IPSText::parseCleanValue(str_replace(array('<', '>'), '-', $_FILES['upload_photo']['name'])); $extension = $upload->_getFileExtension($filename); if ($_FILES['upload_photo']['size'] <= $upload->max_file_size && in_array($extension, $upload->allowed_file_ext)) { /* Remove any current photos - http://community.invisionpower.com/resources/bugs.html/_/ip-board/profile-picture-not-removed-on-replacement-r41405 */ $this->removeUploadedPhotos($member_id, $upload_path); } /* Upload */ $upload->process(); /* Oops, what happened? */ if ($upload->error_no) { switch ($upload->error_no) { case 1: // No upload $return['status'] = 'fail'; $return['error'] = 'upload_failed'; break; case 2: // Invalid file ext $return['status'] = 'fail'; $return['error'] = 'invalid_file_extension'; break; case 3: // Too big... $return['status'] = 'fail'; $return['error'] = 'upload_to_big'; break; case 4: // Cannot move uploaded file $return['status'] = 'fail'; $return['error'] = 'upload_failed'; break; case 5: // Possible XSS attack (image isn't an image) $return['status'] = 'fail'; $return['error'] = 'upload_failed'; break; } return $return; } /* We got this far.. */ $real_name = $upload->parsed_file_name; $t_real_name = $upload->parsed_file_name; /* Now build sized copies */ $return = $this->buildSizedPhotos($upload->parsed_file_name, $member_id); } return $return; }
if ($row["members_pass_hash"] == "ffffffffffffffffffffffffffffffff") { if (!defined('IPS_ENFORCE_ACCESS')) { define('IPS_ENFORCE_ACCESS', true); } if (!defined('IPB_THIS_SCRIPT')) { define('IPB_THIS_SCRIPT', 'public'); } if (!isset($THIS_BASEPATH) || empty($THIS_BASEPATH)) { $THIS_BASEPATH = dirname(__FILE__); } require_once $THIS_BASEPATH . '/ipb/initdata.php'; require_once IPS_ROOT_PATH . 'sources/base/ipsRegistry.php'; require_once IPS_ROOT_PATH . 'sources/base/ipsController.php'; $registry = ipsRegistry::instance(); $registry->init(); $password = IPSText::parseCleanValue(urldecode(trim($pwd))); $ipbhash = md5(md5($row["members_pass_salt"]) . md5($password)); $salt = pass_the_salt(5); $rehash = md5(md5($salt) . md5($password)); IPSMember::save($row["ipb_fid"], array("members" => array("member_login_key" => "", "member_login_key_expire" => "0", "members_pass_hash" => "{$rehash}", "members_pass_salt" => "{$salt}"))); set_ipb_cookie($row["ipb_fid"]); } else { set_ipb_cookie($row["ipb_fid"]); } } if (isset($_GET["returnto"])) { $url = urldecode($_GET["returnto"]); } else { $url = "index.php"; } //Invalid Login System Hack
public function changePW($newPass, $member, $currentPass = false) { //----------------------------------------- // INIT //----------------------------------------- $save_array = array(); //----------------------------------------- // Generate a new random password //----------------------------------------- $new_pass = IPSText::parseCleanValue(urldecode($newPass)); //----------------------------------------- // Generate a new salt //----------------------------------------- $salt = IPSMember::generatePasswordSalt(5); $salt = str_replace('\\', "\\\\", $salt); //----------------------------------------- // New log in key //----------------------------------------- $key = IPSMember::generateAutoLoginKey(); //----------------------------------------- // Update... //----------------------------------------- $save_array['members_pass_salt'] = $salt; $save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass)); $save_array['member_login_key'] = $key; $save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24; $save_array['failed_logins'] = null; $save_array['failed_login_count'] = 0; //----------------------------------------- // Load handler... //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); $this->han_login->changePass($member['email'], md5($new_pass), $new_pass, $member); IPSMember::save($member['member_id'], array('members' => $save_array)); IPSMember::updatePassword($member['member_id'], md5($new_pass)); IPSLib::runMemberSync('onPassChange', $member['member_id'], $new_pass); }
/** * Processes the upload * * @return @e boolean */ public function process() { $this->_cleanPaths(); //------------------------------------------------- // Check for getimagesize //------------------------------------------------- if (!function_exists('getimagesize')) { $this->image_check = 0; } //------------------------------------------------- // Set up some variables to stop carpals developing //------------------------------------------------- $FILE_NAME = IPSText::parseCleanValue(str_replace(array('<', '>'), '-', isset($_FILES[$this->upload_form_field]['name']) ? $_FILES[$this->upload_form_field]['name'] : '')); $FILE_SIZE = isset($_FILES[$this->upload_form_field]['size']) ? $_FILES[$this->upload_form_field]['size'] : ''; $FILE_TYPE = isset($_FILES[$this->upload_form_field]['type']) ? $_FILES[$this->upload_form_field]['type'] : ''; //------------------------------------------------- // Naughty Opera adds the filename on the end of the // mime type - we don't want this. //------------------------------------------------- $FILE_TYPE = preg_replace("/^(.+?);.*\$/", "\\1", $FILE_TYPE); //------------------------------------------------- // Naughty Mozilla likes to use "none" to indicate an empty upload field. // I love universal languages that aren't universal. //------------------------------------------------- if (!isset($_FILES[$this->upload_form_field]['name']) or $_FILES[$this->upload_form_field]['name'] == "" or !$_FILES[$this->upload_form_field]['name'] or !$_FILES[$this->upload_form_field]['size'] or $_FILES[$this->upload_form_field]['name'] == "none") { if ($_FILES[$this->upload_form_field]['error'] == 2) { $this->error_no = 3; } else { if ($_FILES[$this->upload_form_field]['error'] == 1) { $this->error_no = 3; } else { $this->error_no = 1; } } return false; } if (!is_uploaded_file($_FILES[$this->upload_form_field]['tmp_name'])) { $this->error_no = 1; return false; } //------------------------------------------------- // Do we have allowed file_extensions? //------------------------------------------------- if ($this->check_file_ext) { if (!is_array($this->allowed_file_ext) or !count($this->allowed_file_ext)) { $this->error_no = 2; return false; } } $this->allowed_file_ext = array_map('strtolower', $this->allowed_file_ext); //------------------------------------------------- // Get file extension //------------------------------------------------- $this->file_extension = $this->_getFileExtension($FILE_NAME); if (!$this->file_extension) { $this->error_no = 2; return false; } $this->real_file_extension = $this->file_extension; //------------------------------------------------- // Valid extension? //------------------------------------------------- if ($this->check_file_ext and !in_array($this->file_extension, $this->allowed_file_ext)) { $this->error_no = 2; return false; } //------------------------------------------------- // Check the file size //------------------------------------------------- if ($this->max_file_size and $FILE_SIZE > $this->max_file_size) { $this->error_no = 3; return false; } //------------------------------------------------- // Make the uploaded file safe // Storing original_file_name before replacements //------------------------------------------------- $this->original_file_name = $FILE_NAME; $FILE_NAME = preg_replace('/[^\\w\\.]/', "_", $FILE_NAME); //------------------------------------------------- // Convert file name? // In any case, file name is WITHOUT extension //------------------------------------------------- if ($this->out_file_name) { $this->parsed_file_name = $this->out_file_name; } else { $this->parsed_file_name = str_replace('.' . $this->file_extension, "", $FILE_NAME); } //------------------------------------------------- // Make safe? //------------------------------------------------- $renamed = 0; if ($this->make_script_safe) { if (preg_match('/\\.(cgi|pl|js|asp|php|html|htm|jsp|jar)(\\.|$)/i', $FILE_NAME)) { $FILE_TYPE = 'text/plain'; $this->file_extension = 'txt'; $this->parsed_file_name = preg_replace('/\\.(cgi|pl|js|asp|php|html|htm|jsp|jar)(\\.|$)/i', "\$2", $this->parsed_file_name); $renamed = 1; } } //------------------------------------------------- // Is it an image? //------------------------------------------------- if (is_array($this->image_ext) and count($this->image_ext)) { if (in_array($this->real_file_extension, $this->image_ext)) { $this->is_image = 1; } } //------------------------------------------------- // Add on the extension... //------------------------------------------------- if ($this->force_data_ext and !$this->is_image) { $this->file_extension = str_replace(".", "", $this->force_data_ext); } $this->parsed_file_name .= '.' . $this->file_extension; //------------------------------------------------- // Copy the upload to the uploads directory // ^^ We need to do this before checking the img // size for the openbasedir restriction peeps // We'll just unlink if it doesn't checkout //------------------------------------------------- $this->saved_upload_name = $this->out_file_dir . '/' . $this->parsed_file_name; if (!@move_uploaded_file($_FILES[$this->upload_form_field]['tmp_name'], $this->saved_upload_name)) { $this->error_no = 4; return; } else { @chmod($this->saved_upload_name, IPS_FILE_PERMISSION); } if (!$renamed and $this->file_extension != 'txt') { $this->_checkXSSInfile(); if ($this->error_no) { return false; } } //------------------------------------------------- // Is it an image? //------------------------------------------------- if ($this->is_image) { //------------------------------------------------- // Are we making sure its an image? //------------------------------------------------- if ($this->image_check) { $img_attributes = @getimagesize($this->saved_upload_name); if (!is_array($img_attributes) or !count($img_attributes)) { @unlink($this->saved_upload_name); $this->error_no = 5; return false; } else { if (!$img_attributes[2]) { @unlink($this->saved_upload_name); $this->error_no = 5; return false; } else { if ($img_attributes[2] == 1 and ($this->file_extension == 'jpg' or $this->file_extension == 'jpeg')) { // Potential XSS attack with a fake GIF header in a JPEG @unlink($this->saved_upload_name); $this->error_no = 5; return false; } } } } } //------------------------------------------------- // If filesize and $_FILES['size'] don't match then // either file is corrupt, or there was funny // business between when it hit tmp and was moved //------------------------------------------------- if (filesize($this->saved_upload_name) != $_FILES[$this->upload_form_field]['size']) { @unlink($this->saved_upload_name); $this->error_no = 1; return false; } }
/** * Compiles an array of poll questions * * @return array */ protected function compilePollData() { //----------------------------------------- // Check poll //----------------------------------------- $questions = array(); $choices_count = 0; $is_mod = $this->getAuthor('g_is_supmod') ? $this->getAuthor('g_is_supmod') : (isset($this->moderator['edit_topic']) ? intval($this->moderator['edit_topic']) : 0); if ($this->can_add_poll) { if (isset($_POST['question']) and is_array($_POST['question']) and count($_POST['question'])) { foreach ($_POST['question'] as $id => $q) { if (!$q or !$id) { continue; } $questions[intval($id)]['question'] = IPSText::truncate(IPSText::getTextClass('bbcode')->stripBadWords(IPSText::parseCleanValue(IPSText::stripAttachTag($q))), 255); } } if (isset($_POST['multi']) and is_array($_POST['multi']) and count($_POST['multi'])) { foreach ($_POST['multi'] as $id => $q) { if (!$q or !$id) { continue; } $questions[intval($id)]['multi'] = intval($q); } } //----------------------------------------- // Choices... //----------------------------------------- if (isset($_POST['choice']) and is_array($_POST['choice']) and count($_POST['choice'])) { foreach ($_POST['choice'] as $mainid => $choice) { if (trim($choice) == '') { continue; } list($question_id, $choice_id) = explode("_", $mainid); $question_id = intval($question_id); $choice_id = intval($choice_id); if (!$question_id or !isset($choice_id)) { continue; } if (!$questions[$question_id]['question']) { continue; } $questions[$question_id]['choice'][$choice_id] = IPSText::truncate(IPSText::getTextClass('bbcode')->stripBadWords(IPSText::parseCleanValue(IPSText::stripAttachTag($choice))), 255); if (!$is_mod or $this->request['poll_view_voters'] or $this->poll_data['poll_view_voters']) { $questions[$question_id]['votes'][$choice_id] = intval($this->poll_answers[$question_id]['votes'][$choice_id]); } else { $_POST['votes'] = isset($_POST['votes']) ? $_POST['votes'] : 0; $questions[$question_id]['votes'][$choice_id] = intval($_POST['votes'][$question_id . '_' . $choice_id]); } $this->poll_total_votes += $questions[$question_id]['votes'][$choice_id]; } } //----------------------------------------- // Make sure we have choices for each //----------------------------------------- foreach ($questions as $id => $data) { if (!is_array($data['choice']) or !count($data['choice']) or count($data['choice']) < 2) { unset($questions[$id]); } else { $choices_count += intval(count($data['choice'])); } } //----------------------------------------- // Error check... //----------------------------------------- if (count($questions) > $this->max_poll_questions) { $this->_postErrors = 'poll_to_many'; } if (count($choices_count) > $this->max_poll_questions * $this->max_poll_choices_per_question) { $this->_postErrors = 'poll_to_many'; } } return $questions; }
/** * Class entry point * * @param object Registry reference * @return @e void [Outputs to screen/redirects] */ public function doExecute(ipsRegistry $registry) { //----------------------------------------- // Get HTML and skin //----------------------------------------- $this->registry->class_localization->loadLanguageFile(array('public_list'), 'members'); //----------------------------------------- // Can we access? //----------------------------------------- if (!$this->memberData['g_mem_info']) { $this->registry->output->showError('cannot_view_memberlist', 10221, null, null, 403); } //----------------------------------------- // Init variables //----------------------------------------- $see_groups = array(); $the_filter = array('ALL' => $this->lang->words['show_all']); $the_members = array(); $query = array("m.members_l_display_name !='' AND m.members_l_display_name " . $this->DB->buildIsNull(false)); $url = array(); $pp_rating_real = isset($this->request['pp_rating_real']) ? intval($this->request['pp_rating_real']) : 0; $this->first = isset($this->request['st']) ? intval($this->request['st']) : 0; $this->max_results = !empty($this->request['max_results']) ? $this->request['max_results'] : $this->max_results; $this->sort_key = !empty($this->request['sort_key']) ? $this->request['sort_key'] : 'members_display_name'; $this->sort_order = !empty($this->request['sort_order']) ? $this->request['sort_order'] : 'asc'; $this->filter = !empty($this->request['filter']) ? $this->request['filter'] == 'ALL' ? 'ALL' : intval($this->request['filter']) : 'ALL'; $this->request['showall'] = isset($this->request['showall']) ? intval($this->request['showall']) : 0; $this->request['name_box'] = isset($this->request['name_box']) ? $this->request['name_box'] : ''; $this->request['quickjump'] = isset($this->request['quickjump']) ? $this->request['quickjump'] : 0; $_queryPP = false; //----------------------------------------- // Set some of the URL params //----------------------------------------- if ($this->request['quickjump']) { $this->request['name_box'] = 'begins'; $this->request['name'] = $this->request['quickjump']; } $url['app'] = "app=members&module=list"; $url['showall'] = 'showall=' . $this->request['showall']; $url['sort_key'] = "sort_key={$this->sort_key}"; $url['sort_order'] = "sort_order={$this->sort_order}"; $url['max_results'] = "max_results={$this->max_results}"; $url['quickjump'] = "quickjump={$this->request['quickjump']}"; $url['name_box'] = 'name_box=' . $this->request['name_box']; $url['name'] = isset($this->request['name']) ? "name={$this->request['name']}" : "name="; //----------------------------------------- // Sort the member group info //----------------------------------------- foreach ($this->caches['group_cache'] as $row) { if ($row['g_hide_from_list']) { if (!($this->memberData['g_access_cp'] and $this->request['showall'])) { $hide_ids[] = $row['g_id']; continue; } } $see_groups[] = $row['g_id']; $this->mem_groups[$row['g_id']] = array('TITLE' => $row['g_title'], 'ICON' => $row['g_icon']); if ($row['g_id'] == $this->settings['guest_group']) { continue; } $the_filter[$row['g_id']] = $row['g_title']; } //----------------------------------------- // Init some arrays //----------------------------------------- $the_sort_key = array('members_l_display_name' => 'sort_by_name', 'posts' => 'pcount', 'joined' => 'sort_by_joined', 'members_profile_views' => 'm_dd_views'); $the_max_results = array(10 => '10', 20 => '20', 40 => '40', 60 => '60'); $the_sort_order = array('desc' => 'descending_order', 'asc' => 'ascending_order'); $dropdowns = array('filter' => $the_filter, 'sort_key' => $the_sort_key, 'sort_order' => $the_sort_order, 'max_results' => $the_max_results); $defaults = array('filter' => $this->filter, 'sort_key' => $this->sort_key, 'sort_order' => $this->sort_order, 'max_results' => $this->max_results, 'photoonly' => !empty($this->request['photoonly']) ? 1 : 0); //----------------------------------------- // Final vars for query //----------------------------------------- $this->sort_key = isset($the_sort_key[$this->sort_key]) ? $this->sort_key : 'members_l_display_name'; $this->sort_order = isset($the_sort_order[$this->sort_order]) ? $this->sort_order : 'asc'; $this->filter = isset($the_filter[$this->filter]) ? $this->filter : 'ALL'; $this->max_results = isset($the_max_results[$this->max_results]) ? $this->max_results : 20; //----------------------------------------- // Get custom profile information //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields'); $this->custom_fields = new $classToLoad(); $this->custom_fields->initData('edit', 1); $this->custom_fields->parseToEdit('mlist'); //----------------------------------------- // Member Groups... //----------------------------------------- if ($this->filter != 'ALL') { if (!in_array($this->filter, $see_groups)) { $query[] = 'm.member_group_id IN(' . implode(',', $see_groups) . ')'; } else { $query[] = 'm.member_group_id=' . $this->filter; } $url['filter'] = 'filter=' . $this->filter; } //----------------------------------------- // NOT IN Member Groups... //----------------------------------------- if (count($hide_ids)) { $query[] = "m.member_group_id NOT IN(" . implode(",", $hide_ids) . ")"; } /* Not banned */ $query[] = "m.member_banned=0"; /* Not a spammer */ $query[] = '( ! ' . IPSBWOptions::sql('bw_is_spammer', 'members_bitoptions', 'members', 'global', 'has') . ')'; //----------------------------------------- // Build query //----------------------------------------- $dates = array('lastpost', 'lastvisit', 'joined'); $mapit = array('posts' => 'm.posts', 'joined' => 'm.joined', 'lastpost' => 'm.last_post', 'lastvisit' => 'm.last_visit', 'signature' => 'pp.signature', 'name' => 'm.members_display_name', 'photoonly' => 'pp.pp_main_photo'); //----------------------------------------- // Do search //----------------------------------------- foreach ($mapit as $in => $tbl) { /** * Leave isset && != '', can't use empty or 0 values are skipped as well * @link http://community.invisionpower.com/tracker/issue-37350-sorting-members-by-post-count/ */ $this->request[$in] = isset($this->request[$in]) && $this->request[$in] != '' ? $this->request[$in] : ''; $inbit = $this->request[$in] = IPSText::parseCleanValue(trim(urldecode(IPSText::stripslashes($this->request[$in])))); $url[$in] = $in . '=' . urlencode($this->request[$in]); //----------------------------------------- // Name... //----------------------------------------- if ($in == 'name' and $inbit != "") { if ($this->request['name_box'] == 'begins') { $query[] = "m.members_l_display_name LIKE '" . strtolower($inbit) . "%'"; } else { $query[] = "m.members_l_display_name LIKE '%" . strtolower($inbit) . "%'"; } } else { if ($in == 'posts' and is_numeric($inbit) and intval($inbit) > -1) { $ltmt = $this->request[$in . '_ltmt'] == 'lt' ? '<' : '>'; $query[] = $tbl . ' ' . $ltmt . ' ' . intval($inbit); $url[$in] = $in . '_ltmt=' . $this->request[$in . '_ltmt'] . '&posts=' . intval($inbit); } else { if (in_array($in, $dates) and $inbit) { if (preg_match('/\\d{2}-\\d{2}-\\d{4}/', $this->request[$in])) { $_tmp = explode('-', $this->request[$in]); $time_int = mktime(23, 59, 59, $_tmp[0], $_tmp[1], $_tmp[2]); } else { $time_int = strtotime($inbit); } if ($time_int) { $ltmt = $this->request[$in . '_ltmt'] == 'lt' ? '<' : '>'; $query[] = $tbl . ' ' . $ltmt . ' ' . $time_int; $url[$in . '_ltmt'] = $in . '_ltmt=' . $this->request[$in . '_ltmt']; } } else { if ($in == 'photoonly') { if ($this->request['photoonly'] == 1) { $_queryPP = true; $query[] = $tbl . "<> ''"; $url[] = 'photoonly=1'; } } else { if ($inbit != "" and $in != 'posts') { $_queryPP = true; $query[] = $tbl . " LIKE '%{$inbit}%'"; } } } } } } //----------------------------------------- // Custom fields? //----------------------------------------- if (count($this->custom_fields->out_fields)) { foreach ($this->custom_fields->out_fields as $id => $data) { if (!empty($this->request['field_' . $id])) { $_queryPP = true; if (is_array($this->request['field_' . $id])) { foreach ($this->request['field_' . $id] as $k => $v) { $this->request['field_' . $id][$k] = urldecode($v); $url['field_' . $id] = "field_{$id}[{$k}]=" . $v; } } else { $url['field_' . $id] = "field_{$id}=" . $this->request['field_' . $id]; $this->request['field_' . $id] = urldecode($this->request['field_' . $id]); } if ($this->custom_fields->cache_data[$id]['pf_type'] == 'drop') { $query[] = "p.field_{$id}='" . $this->request['field_' . $id] . "'"; } else { if ($this->custom_fields->cache_data[$id]['pf_type'] == 'cbox') { if (count($this->request['field_' . $id])) { foreach ($this->request['field_' . $id] as $k => $v) { $query[] = "p.field_{$id} LIKE '%|{$k}|%'"; } } } else { $query[] = $this->custom_fields->cache_data[$id]['pf_search_type'] == 'loose' ? "p.field_{$id} LIKE '%" . $this->request['field_' . $id] . "%'" : "p.field_{$id} = '" . $this->request['field_' . $id] . "'"; } } } } } //----------------------------------------- // Rating.. //----------------------------------------- if ($pp_rating_real) { $_queryPP = true; $query[] = "pp.pp_rating_real > " . $pp_rating_real; $url['pp_rating_real'] = "pp_rating_real=" . $pp_rating_real; } //----------------------------------------- // Finish query //----------------------------------------- //$query[] = "m.members_l_display_name != ''"; $joins = array(); if ($_queryPP) { $joins[] = array('from' => array('pfields_content' => 'p'), 'where' => 'p.member_id=m.member_id', 'type' => 'left'); $joins[] = array('from' => array('profile_portal' => 'pp'), 'where' => 'pp.pp_member_id=m.member_id', 'type' => 'left'); } //----------------------------------------- // Reputation //----------------------------------------- if (!ipsRegistry::isClassLoaded('repCache')) { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_reputation_cache.php', 'classReputationCache'); ipsRegistry::setClass('repCache', new $classToLoad()); } //----------------------------------------- // START THE LISTING //----------------------------------------- $notInMembers = 0; foreach ($query as $q) { if (!strstr($q, 'm.')) { $notInMembers++; } } /* Get the count */ if ($notInMembers > 0 or $this->sort_key != 'members_l_display_name' or $this->request['request_method'] == 'post') { $_max = $this->DB->buildAndFetch(array('select' => 'COUNT( * ) as cnt', 'from' => array('members' => 'm'), 'where' => implode(" AND ", $query), 'add_join' => $joins)); $this->DB->build(array('select' => ' m.member_id', 'from' => array('members' => 'm'), 'where' => implode(" AND ", $query), 'order' => 'm.' . $this->sort_key . ' ' . $this->sort_order, 'limit' => array($this->first, $this->max_results), 'add_join' => $joins)); } else { $_max = $this->DB->buildAndFetch(array('select' => 'COUNT( * ) as cnt', 'from' => 'members m', 'where' => implode(" AND ", $query))); $this->DB->build(array('select' => 'm.member_id', 'from' => array('members' => 'm'), 'where' => implode(" AND ", $query), 'order' => 'm.' . $this->sort_key . ' ' . $this->sort_order, 'limit' => array($this->first, $this->max_results))); } /* Fetch IDs */ $mids = array(); $this->DB->execute(); while ($m = $this->DB->fetch()) { if ($m['member_id']) { $mids[] = $m['member_id']; } } if (count($mids)) { $members = array(); $_members = IPSMember::load($mids, 'all'); /* Make sure that we keep the ordering from the query */ foreach ($mids as $id) { $members[$id] = $_members[$id]; } } $max = $_max['cnt']; if (is_array($members) and count($members)) { foreach ($members as $id => $member) { /* Damn SQL thing with member_id */ if (!$member['member_id']) { $member['member_id'] = $member['member_table_id']; } $member['members_display_name'] = $member['members_display_name'] ? $member['members_display_name'] : $member['name']; $member['members_seo_name'] = IPSMember::fetchSeoName($member); $member['group'] = $this->mem_groups[$member['member_group_id']]['TITLE']; $member = IPSMember::buildProfilePhoto($member); $member['pp_reputation_points'] = $member['pp_reputation_points'] ? $member['pp_reputation_points'] : 0; $member['author_reputation'] = ipsRegistry::getClass('repCache')->getReputation($member['pp_reputation_points']); /* Reputation */ if ($this->settings['reputation_protected_groups']) { if (in_array($member['member_group_id'], explode(",", $this->settings['reputation_protected_groups']))) { $member['pp_reputation_points'] = null; $member['author_reputation'] = null; } } $the_members[] = $member; } } /* make sure URL doesn't contain empty params */ $_url = $url; $url = array(); foreach ($_url as $key => $bit) { if (strrpos($bit, '=') + 1 == strlen($bit)) { continue; } $url[] = $bit; } $pages = $this->registry->output->generatePagination(array('totalItems' => $max, 'itemsPerPage' => $this->max_results, 'currentStartValue' => $this->first, 'seoTitle' => "false", 'seoTemplate' => 'members_list', 'baseUrl' => implode('&', $url))); //----------------------------------------- // Print... //----------------------------------------- $this->output .= $this->registry->getClass('output')->getTemplate('mlist')->member_list_show($the_members, $pages, $dropdowns, $defaults, $this->custom_fields, implode('&', $url)); //----------------------------------------- // Push to print handler //----------------------------------------- $this->registry->output->addContent($this->output); $this->registry->output->setTitle($this->lang->words['page_title'] . ' - ' . ipsRegistry::$settings['board_name']); $this->registry->output->addNavigation($this->lang->words['page_title'], 'app=members', "false", 'members_list'); $this->registry->output->sendOutput(); }
/** * Display error * * @access public * @param string Error message * @param integer Error code * @return mixed You can print a custom message here, or return formatted data to be sent do registry->output->sendOutput */ public function displayError($message, $code = 0) { list($em_1, $em_2) = explode('@', $this->settings['email_in']); //----------------------------------------- // If we're a guest, show the log in box.. //----------------------------------------- if (!$this->memberData['member_id']) { $safe_string = $this->settings['base_url'] . str_replace('&', '&', IPSText::parseCleanValue(my_getenv('QUERY_STRING'))); $has_openid = false; $uses_name = false; $uses_email = false; $this->registry->getClass('class_localization')->loadLanguageFile(array('public_login'), 'core'); foreach ($this->cache->getCache('login_methods') as $method) { if ($method['login_folder_name'] == 'openid') { $has_openid = true; } if ($method['login_user_id'] == 'username') { $uses_name = true; } if ($method['login_user_id'] == 'email') { $uses_email = true; } } if ($uses_name and $uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_name_and_email']; } else { if ($uses_email) { $this->lang->words['enter_name'] = $this->lang->words['enter_useremail']; } else { $this->lang->words['enter_name'] = $this->lang->words['enter_username']; } } $login_thing = $this->registry->getClass('output')->getTemplate('global_other')->error_log_in(str_replace('&', '&', $safe_string)); } //----------------------------------------- // Do we have any post data to keepy? //----------------------------------------- // Why even bother checking action? If they posted something and we're here, let 'em save it! //if ( $this->request['act'] == 'post' OR $this->request['module'] == 'messenging' OR $this->request['act'] == 'calendar' ) //{ if ($_POST['Post']) { $post_thing = $this->registry->getClass('output')->getTemplate('global_other')->error_post_textarea(IPSText::htmlspecialchars(IPSText::stripslashes($_POST['Post']))); } //} //----------------------------------------- // Show error //----------------------------------------- $html = $this->registry->getClass('output')->getTemplate('global_other')->Error($message, $code, $em_1, $em_2, 1, $login_thing, $post_thing); return $html; }
/** * Formats search term for SQL * * @access private * @param string Raw IPB santized form input * @return array array( 'search_term' => Safe string to use in SQL, 'removed' => array of removed search terms ) */ public function formatSearchTerm($search_term) { $isBoolean = $this->isBoolean(); $andor = isset($this->request['andor_type']) ? $this->request['andor_type'] : $this->settings['s_andor_type']; $removedTerms = array(); /* Fix up some sanitized HTML */ $search_term = str_replace("&", '&', IPSText::parseCleanValue(rawurldecode($search_term))); $search_term = str_replace(""", '"', $search_term); $search_term = IPSText::mbstrtolower($search_term); /* Check for disallowed search terms */ while (preg_match_all('/(?:^|\\s+)(img|quote|code|html|javascript|a href|color|span|div|border|style)(?:\\s+|$)/', $search_term, $removed_search_terms)) { $removedTerms[] = $removed_search_terms[0][0]; $search_term = preg_replace('/(^|\\s+)(?:img|quote|code|html|javascript|a href|color|span|div|border|style)(\\s+|$)/', str_replace(" ", " ", "\$1\$2"), $search_term); } /* remove < min char words */ if (substr_count($search_term, '"') != 2) { $_words = explode(' ', $search_term); $search_term = ''; foreach ($_words as $_w) { if (IPSText::mbstrlen($_w) >= $this->settings['min_search_word']) { $search_term .= $_w . ' '; } else { if ($_w) { $removedTerms[] = $_w; } } } } /* Remove some formatting */ //$search_term = str_replace( array( '|', '\\', '/' ), '', $search_term ); // | is an OR operator for sphinx - don't want to block globally if ($search_term) { $search_term = str_replace(array('\\', '/'), '', trim($search_term)); /* Sphinx chars are not allowed */ $search_term = str_replace(array('.', ')', '(', '!', '@', '[', ']', '~', '^'), '', $search_term); $search_term = preg_replace('#(?!\\s)-#', '\\1‐', $search_term); if ($andor == 'and' and !(substr_count($search_term, '"') == 2)) { $search_term = '+' . preg_replace('/\\s+(?!-|~)/', " +", $search_term); } } return array('search_term' => $search_term, 'removed' => $removedTerms); }
/** * List the current logs * * @return @e void [Outputs to screen] */ protected function _listCurrent() { $start = intval($this->request['st']) >= 0 ? intval($this->request['st']) : 0; //----------------------------------------- // Check URL parameters //----------------------------------------- $url_query = array(); $db_query = array(); if ($this->request['type'] and $this->request['type'] != "") { $string = IPSText::parseCleanValue(urldecode($this->request['string'])); if ($string == "") { $this->registry->output->showError($this->lang->words['erlog_enter_sumthang_yo'], 11116); } $url_query[] = 'type=' . $this->request['type']; $url_query[] = 'string=' . urlencode($string); switch ($this->request['type']) { case 'subject': $db_query[] = $this->request['match'] == 'loose' ? "mlog_subject LIKE '%" . preg_replace_callback('/([=_\\?\\x00-\\x1F\\x80-\\xFF])/', create_function('$match', 'return "=" . strtoupper( dechex( ord( "$match[1]" ) ) );'), $string) . "%'" : "mlog_subject='{$string}'"; break; case 'email_from': $db_query[] = $this->request['match'] == 'loose' ? "mlog_from LIKE '%{$string}%'" : "mlog_from='{$string}'"; break; case 'email_to': $db_query[] = $this->request['match'] == 'loose' ? "mlog_to LIKE '%{$string}%'" : "mlog_to='{$string}'"; break; case 'error': $db_query[] = $this->request['match'] == 'loose' ? "mlog_msg LIKE '%{$string}%' or mlog_smtp_msg LIKE '%{$string}%'" : "mlog_msg='{$string} or mlog_smtp_msg='{$string}'"; break; } } if ($this->request['match']) { $url_query[] = 'match=' . $this->request['match']; } //----------------------------------------- // LIST 'EM //----------------------------------------- $dbe = ""; $url = ""; if (count($db_query) > 0) { $dbe = implode(' AND ', $db_query); } if (count($url_query) > 0) { $url = '&' . implode('&', $url_query); } $count = $this->DB->buildAndFetch(array('select' => 'count(*) as cnt', 'from' => 'mail_error_logs', 'where' => $dbe)); $links = $this->registry->output->generatePagination(array('totalItems' => $count['cnt'], 'itemsPerPage' => 25, 'currentStartValue' => $start, 'baseUrl' => $this->settings['base_url'] . "&{$this->form_code}" . $url)); $this->DB->build(array('select' => '*', 'from' => 'mail_error_logs', 'where' => $dbe, 'order' => 'mlog_date DESC', 'limit' => array($start, 25))); $this->DB->execute(); while ($row = $this->DB->fetch()) { $row['_date'] = $this->registry->class_localization->getDate($row['mlog_date'], 'SHORT'); $row['mlog_subject'] = empty($row['mlog_subject']) ? '--' : $row['mlog_subject']; $row['mlog_subject'] = strpos($row['mlog_subject'], "=?" . IPS_DOC_CHAR_SET . "?Q?") !== FALSE ? str_replace("=?" . IPS_DOC_CHAR_SET . "?Q?", "", str_replace("?=", "", preg_replace_callback('/=([A-F0-9]{2})/', create_function('$match', 'return chr( hexdec( "$match[1]" ) );'), $row['mlog_subject']))) : $row['mlog_subject']; $rows[] = $row; } $this->registry->output->html .= $this->html->emailerrorlogsWrapper($rows, $links); }
/** * Completes the connection * * @access public * @return redirect */ public function finishLogin() { /* From reg flag */ if ($_REQUEST['code']) { /* Load oAuth */ require_once IPS_KERNEL_PATH . 'facebook/facebookoauth.php'; /*noLibHook*/ $this->_oauth = new FacebookOAuth(FACEBOOK_APP_ID, FACEBOOK_APP_SECRET, FACEBOOK_CALLBACK, $this->extendedPerms); /* Load API */ require_once IPS_KERNEL_PATH . 'facebook/facebook.php'; /*noLibHook*/ $this->_api = new Facebook(array('appId' => FACEBOOK_APP_ID, 'secret' => FACEBOOK_APP_SECRET, 'cookie' => true)); /* Ensure URL is correct */ $_urlExtra = ''; if ($_REQUEST['key']) { $_urlExtra .= '&key=' . $_REQUEST['key']; } if ($_REQUEST['_reg']) { $_urlExtra .= '&_reg=1'; } /* Update callback url */ $this->_oauth->setCallBackUrl(FACEBOOK_CALLBACK . $_urlExtra); /* Generate oAuth token */ $rToken = $this->_oauth->getAccessToken($_REQUEST['code']); if (is_string($rToken)) { try { $_userData = $this->_api->api('me', array('access_token' => $rToken)); } catch (Exception $e) { /* Try re-authorising */ if (stristr($e->getMessage(), 'invalid')) { $this->redirectToConnectPage(); } } /* A little gymnastics */ $this->_userData = $_userData; $_userData = $this->fetchUserData($rToken); /* Got a member linked already? */ $_member = IPSMember::load($_userData['id'], 'all', 'fb_uid'); /* Not connected, check email address */ if (!$_member['member_id'] and $_userData['email']) { $_member = IPSMember::load($_userData['email'], 'all', 'email'); /* We do have an existing account, so trash email forcing user to sign up with new */ if ($_member['member_id']) { /* Update row */ IPSMember::save($_member['member_id'], array('core' => array('fb_uid' => $_userData['id'], 'fb_token' => $rToken))); } } if ($_member['member_id']) { $memberData = $_member; /* Ensure user's row is up to date */ IPSMember::save($memberData['member_id'], array('core' => array('fb_token' => $rToken))); /* Here, so log us in!! */ /* changed by denchu 26/12/12 */ $r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE); if (is_array($r)) { if (isset($r[1])) { $this->registry->getClass('output')->redirectScreen($r[0], $r[1]); $this->registry->getClass('output')->silentRedirect($r[1]); } else { $this->registry->getClass('output')->silentRedirect($r[0]); } } elseif (!$r) { throw new Exception('LINKED_MEMBER_LOGIN_FAIL'); } else { $this->registry->getClass('output')->silentRedirect($this->settings['base_url']); } } else { /* No? Create a new member */ foreach (array('fbc_s_pic', 'fbc_s_status', 'fbc_s_aboutme') as $field) { $toSave[$field] = 1; } $fb_bwoptions = IPSBWOptions::freeze($toSave, 'facebook'); $safeFBName = IPS_DOC_CHAR_SET != 'UTF-8' ? IPSText::utf8ToEntities($_userData['name']) : $_userData['name']; /* Make sure usernames are safe */ if ($this->settings['username_characters']) { $check_against = preg_quote($this->settings['username_characters'], "/"); $check_against = str_replace('\\-', '-', $check_against); $safeFBName = preg_replace('/[^' . $check_against . ']+/i', '', $safeFBName); } /* Check ban filters? */ if (IPSMember::isBanned('email', $_userData['email']) or IPSMember::isBanned('name', $safeFBName)) { $this->registry->output->showError('you_are_banned', 1090003); } $displayName = $this->settings['fb_realname'] == 'enforced' ? $safeFBName : ''; /* From reg, so create new account properly */ $toSave = array('core' => array('name' => IPSText::parseCleanValue($safeFBName), 'members_display_name' => IPSText::parseCleanValue($displayName), 'members_created_remote' => 1, 'member_group_id' => $this->settings['fbc_mgid'] ? $this->settings['fbc_mgid'] : $this->settings['member_group'], 'email' => $_userData['email'], 'fb_uid' => $_userData['id'], 'time_offset' => $_userData['timezone'], 'members_auto_dst' => 1, 'fb_token' => $rToken), 'extendedProfile' => array('pp_about_me' => IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($_userData['about'], 'utf-8', IPS_DOC_CHAR_SET)), 'fb_bwoptions' => $fb_bwoptions)); $memberData = IPSMember::create($toSave, FALSE, FALSE, TRUE); if (!$memberData['member_id']) { throw new Exception('CREATION_FAIL'); } /* Sync up photo */ $this->syncMember($memberData['member_id']); $pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id'])); if ($pmember['partial_member_id']) { $this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']); } else { /* Already got a display name */ if ($displayName) { /* Here, so log us in!! */ $r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE); IPSLib::runMemberSync('onCompleteAccount', $memberData); if ($this->settings['new_reg_notify']) { $this->registry->class_localization->loadLanguageFile(array('public_register'), 'core'); IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser")); IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName)); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } if (is_array($r)) { if (isset($r[1])) { $this->registry->getClass('output')->redirectScreen($r[0], $r[1]); $this->registry->getClass('output')->silentRedirect($r[1]); } else { $this->registry->getClass('output')->silentRedirect($r[0]); } } elseif (!$r) { throw new Exception('LINKED_MEMBER_LOGIN_FAIL'); } else { $this->registry->getClass('output')->silentRedirect($this->settings['base_url']); } } else { throw new Exception('CREATION_FAIL'); } } } } else { throw new Exception('CREATION_FAIL'); } } else { /* Need to re-auth */ } }
/** * Try and deconstruct the link if it's a FURRY FURL * * @access protected * @param string Incoming URL * @return array Array of request data or false */ protected function _checkForFurl($url) { $_urlBits = array(); $_toTest = $url; $templates = array(); if (is_file(FURL_CACHE_PATH)) { $templates = array(); require FURL_CACHE_PATH; /*noLibHook*/ $_seoTemplates = $templates; } else { /* Attempt to write it */ $_seoTemplates = IPSLib::buildFurlTemplates(); try { IPSLib::cacheFurlTemplates(); } catch (Exception $e) { } } if (is_array($_seoTemplates) and count($_seoTemplates)) { foreach ($_seoTemplates as $key => $data) { if (empty($data['in']['regex'])) { continue; } if (preg_match($data['in']['regex'], $_toTest, $matches)) { if (is_array($data['in']['matches'])) { foreach ($data['in']['matches'] as $_replace) { $k = IPSText::parseCleanKey($_replace[0]); if (strpos($_replace[1], '$') !== false) { $v = IPSText::parseCleanValue($matches[intval(str_replace('$', '', $_replace[1]))]); } else { $v = IPSText::parseCleanValue($_replace[1]); } $_urlBits[$k] = $v; } } if (strpos($_toTest, $_seoTemplates['__data__']['varBlock']) !== false) { $_parse = substr($_toTest, strpos($_toTest, $_seoTemplates['__data__']['varBlock']) + strlen($_seoTemplates['__data__']['varBlock'])); $_data = explode($_seoTemplates['__data__']['varSep'], $_parse); $_c = 0; foreach ($_data as $_v) { if (!$_c) { $k = IPSText::parseCleanKey($_v); $v = ''; $_c++; } else { $v = IPSText::parseCleanValue($_v); $_c = 0; $_urlBits[$k] = $v; } } } break; } } //----------------------------------------- // If using query string furl, extract any // secondary query string. // Ex: http://localhost/index.php?/path/file.html?key=value // Will pull the key=value properly //----------------------------------------- $_qmCount = substr_count($_toTest, '?'); if ($_qmCount > 1) { $_secondQueryString = substr($_toTest, strrpos($_toTest, '?') + 1); $_secondParams = explode('&', $_secondQueryString); if (count($_secondParams)) { foreach ($_secondParams as $_param) { list($k, $v) = explode('=', $_param); $k = IPSText::parseCleanKey($k); $v = IPSText::parseCleanValue($v); $_urlBits[$k] = $v; } } } /* Process URL bits for extra ? in them */ if (is_array($_urlBits) and count($_urlBits)) { foreach ($_urlBits as $k => $v) { if (strstr($v, '?')) { list($rvalue, $more) = explode('?', $v); if ($rvalue and $more) { /* Reset key with correct value */ $_v = $rvalue; $_urlBits[$k] = $_v; /* Now add in the other value */ if (strstr($more, '=')) { list($_k, $_v) = explode('=', $more); if ($_k and $_v) { $_urlBits[$_k] = $_v; } } } } } } } return count($_urlBits) ? $_urlBits : false; }
/** * Log the user out * * @param string Message to show on the form * @return @e void */ public function loginForm($message = '') { //----------------------------------------- // Hang on, do we need the upgrader? //----------------------------------------- if (!IN_DEV and (!defined('SKIP_UPGRADE_CHECK') or !SKIP_UPGRADE_CHECK)) { require_once IPS_ROOT_PATH . 'setup/sources/base/setup.php'; /*noLibHook*/ foreach (ipsRegistry::$applications as $app_dir => $app) { $_a = ($app_dir == 'forums' or $app_dir == 'members') ? 'core' : $app_dir; $numbers = IPSSetUp::fetchAppVersionNumbers($_a); if ($numbers['latest'][0] and $numbers['latest'][0] > $numbers['current'][0]) { $this->registry->output->silentRedirect($this->settings['base_acp_url'] . '/upgrade/index.php?_acpRedirect=1'); return; } } } //----------------------------------------- // INIT //----------------------------------------- $message = $message ? $message : $this->member->sessionClass()->getMessage(); //------------------------------------------------------- // Remove all out of date sessions, like a good boy. Woof. //------------------------------------------------------- $cut_off_stamp = time() - 60 * 60 * 2; $this->DB->delete('core_sys_cp_sessions', "session_running_time < {$cut_off_stamp}"); //------------------------------------------------------ // Start form //------------------------------------------------------ $qs = str_replace('&', '&', IPSText::parseCleanValue(urldecode(my_getenv('QUERY_STRING')))); $qs = str_replace('adsess=', 'old_adsess=', $qs); $qs = str_replace('module=menu', '', $qs); $additional_data = $this->han_login->additionalFormHTML(); $replace = false; $data = array(); if (!is_null($additional_data) and is_array($additional_data) and count($additional_data)) { $replace = $additional_data[0]; $data = $additional_data[1]; } $uses_name = false; $uses_email = false; foreach (ipsRegistry::cache()->getCache('login_methods') as $method) { $login_methods[$method['login_folder_name']] = $method['login_folder_name']; if ($method['login_user_id'] == 'username' or $method['login_user_id'] == 'either') { $uses_name = true; } if ($method['login_user_id'] == 'email' or $method['login_user_id'] == 'either') { $uses_email = true; } } if ($uses_name and $uses_email) { $this->lang->words['gl_signinname'] = $this->lang->words['enter_name_and_email']; } else { if ($uses_email) { $this->lang->words['gl_signinname'] = $this->lang->words['enter_useremail']; } else { $this->lang->words['gl_signinname'] = $this->lang->words['enter_username']; } } ipsRegistry::getClass('output')->html_title = $this->lang->words['ipb_login']; ipsRegistry::getClass('output')->html_main = ipsRegistry::getClass('output')->global_template->log_in_form($qs, $message, $replace == 'replace' ? true : false, $data); ipsRegistry::getClass('output')->html_main = str_replace('<%TITLE%>', ipsRegistry::getClass('output')->html_title, ipsRegistry::getClass('output')->html_main); @header("Content-type: text/html"); print ipsRegistry::getClass('output')->html_main; exit; }
/** * Show the form to edit a forum * * @param string [new|edit] * @param boolean Whether to change forum to category/back * @return @e void Outputs to screen */ public function forumForm($type = 'edit', $changetype = 0) { //----------------------------------------- // INIT //----------------------------------------- $addnew_type = isset($this->request['type']) ? $this->request['type'] : 'forum'; $form = array(); $forum = array(); $forum_id = $this->request['f'] ? intval($this->request['f']) : 0; $parentid = intval($this->request['p']) ? intval($this->request['p']) : -1; $cat_id = $this->request['c'] ? intval($this->request['c']) : 0; $f_name = $this->request['name'] ? $this->request['name'] : ''; $subcanpost = $cat_id == 1 ? 0 : 1; $perm_matrix = ""; $dd_state = array(0 => array(1, $this->lang->words['for_active']), 1 => array(0, $this->lang->words['for_readonly'])); $dd_moderate = array(0 => array(0, $this->lang->words['for_no']), 1 => array(1, $this->lang->words['for_modall']), 2 => array(2, $this->lang->words['for_modtop']), 3 => array(3, $this->lang->words['for_modrep'])); $dd_prune = array(0 => array(1, $this->lang->words['for_today']), 1 => array(5, $this->lang->words['for_last5']), 2 => array(7, $this->lang->words['for_last7']), 3 => array(10, $this->lang->words['for_last10']), 4 => array(15, $this->lang->words['for_last15']), 5 => array(20, $this->lang->words['for_last20']), 6 => array(25, $this->lang->words['for_last25']), 7 => array(30, $this->lang->words['for_last30']), 8 => array(60, $this->lang->words['for_last60']), 9 => array(90, $this->lang->words['for_last90']), 10 => array(100, $this->lang->words['for_showall'])); $dd_order = array(0 => array('last_post', $this->lang->words['for_s_last']), 1 => array('title', $this->lang->words['for_s_topic']), 2 => array('starter_name', $this->lang->words['for_s_name']), 3 => array('posts', $this->lang->words['for_s_post']), 4 => array('views', $this->lang->words['for_s_view']), 5 => array('start_date', $this->lang->words['for_s_date']), 6 => array('last_poster_name', $this->lang->words['for_s_poster'])); $dd_by = array(0 => array('Z-A', $this->lang->words['for_desc']), 1 => array('A-Z', $this->lang->words['for_asc'])); $dd_filter = array(0 => array('all', $this->lang->words['for_all']), 1 => array('open', $this->lang->words['for_open']), 2 => array('hot', $this->lang->words['for_hot']), 3 => array('poll', $this->lang->words['for_poll']), 4 => array('locked', $this->lang->words['for_locked']), 5 => array('moved', $this->lang->words['for_moved']), 6 => array('istarted', $this->lang->words['for_istarted']), 7 => array('ireplied', $this->lang->words['for_ireplied'])); //----------------------------------------- // EDIT //----------------------------------------- if ($type == 'edit' or $this->request['duplicate']) { //----------------------------------------- // Check //----------------------------------------- if (!$forum_id) { $this->registry->output->showError($this->lang->words['for_noforumselected'], 11314); } //----------------------------------------- // Do not show forum in forum list //----------------------------------------- $this->registry->getClass('class_forums')->exclude_from_list = $forum_id; //----------------------------------------- // Get this forum //----------------------------------------- $forum = $this->registry->class_forums->getForumById($forum_id); //----------------------------------------- // Check //----------------------------------------- if (!$forum['id']) { $this->registry->output->showError($this->lang->words['for_noid'], 11315); } //----------------------------------------- // Set up code buttons //----------------------------------------- $addnew_type = $forum['parent_id'] == -1 ? 'category' : 'forum'; if ($changetype) { $addnew_type = $addnew_type == 'category' ? 'forum' : 'category'; } if ($addnew_type == 'category') { $title = sprintf($this->lang->words['for_editcat'], $forum['name']); $button = $this->lang->words['for_editcat_button']; $code = "doedit"; } else { $title = sprintf($this->lang->words['for_editfor'], $forum['name']); $button = $this->lang->words['for_editfor_button']; $code = "doedit"; } //----------------------------------------- // Duplicating? //----------------------------------------- if ($this->request['duplicate']) { $forum['id'] = 0; $this->request['f'] = 0; $code = 'donew'; } } else { # Ensure there is an ID $this->request['f'] = 0; if ($changetype) { $addnew_type = $addnew_type == 'category' ? 'forum' : 'category'; } if ($addnew_type == 'category') { $forum = array('sub_can_post' => $subcanpost, 'name' => $f_name ? $f_name : $this->lang->words['for_newcat'], 'parent_id' => $parentid, 'use_ibc' => 1, 'allow_poll' => 1, 'prune' => 100, 'topicfilter' => 'all', 'sort_key' => 'last_post', 'sort_order' => 'Z-A', 'inc_postcount' => 1, 'description' => '', 'redirect_url' => '', 'password' => '', 'password_override' => '', 'redirect_on' => 0, 'redirect_hits' => 0, 'permission_showtopic' => '', 'permission_custom_error' => '', 'use_html' => 0, 'allow_pollbump' => 0, 'forum_allow_rating' => 0, 'preview_posts' => 0, 'notify_modq_emails' => 0, 'can_view_others' => 1); $title = $this->lang->words['for_addcat']; $button = $this->lang->words['for_addcat']; $code = "donew"; } else { $forum = array('sub_can_post' => $subcanpost, 'name' => $f_name ? $f_name : $this->lang->words['for_newfor'], 'parent_id' => $parentid, 'use_ibc' => 1, 'allow_poll' => 1, 'prune' => 100, 'topicfilter' => 'all', 'sort_key' => 'last_post', 'sort_order' => 'Z-A', 'inc_postcount' => 1, 'description' => '', 'redirect_url' => '', 'password' => '', 'password_override' => '', 'redirect_on' => 0, 'redirect_hits' => 0, 'permission_showtopic' => '', 'permission_custom_error' => '', 'use_html' => 0, 'allow_pollbump' => 0, 'forum_allow_rating' => 0, 'preview_posts' => 0, 'notify_modq_emails' => 0, 'min_posts' => 0, 'hide_last_info' => 0, 'can_view_others' => 1); $title = $this->lang->words['for_addfor']; $button = $this->lang->words['for_addfor']; $code = "donew"; } } //----------------------------------------- // Build forumlist //----------------------------------------- $forumlist = $this->registry->getClass('class_forums')->adForumsForumList(); //----------------------------------------- // Build group list //----------------------------------------- $mem_group = array(); foreach ($this->caches['group_cache'] as $g_id => $group) { $mem_group[] = array($g_id, $group['g_title']); } //----------------------------------------- // Generate form items //----------------------------------------- # Main settings $form['name'] = $this->registry->output->formInput('name', IPSText::parseCleanValue(!empty($_POST['name']) ? $_POST['name'] : $forum['name']), null, null, null, "maxlength='128'"); $form['description'] = $this->registry->output->formTextarea("description", IPSText::br2nl(!empty($_POST['description']) ? $_POST['description'] : $forum['description'])); $form['parent_id'] = $this->registry->output->formDropdown("parent_id", $forumlist, !empty($_POST['parent_id']) ? $_POST['parent_id'] : $forum['parent_id']); $form['sub_can_post'] = $this->registry->output->formYesNo('sub_can_post', !empty($_POST['sub_can_post']) ? $_POST['sub_can_post'] : ($forum['sub_can_post'] == 1 ? 0 : 1)); $form['ipseo_priority'] = $this->registry->getClass('output')->formDropdown('ipseo_priority', array(array('1', '1'), array('0.9', '0.9'), array('0.8', '0.8'), array('0.7', '0.7'), array('0.6', '0.6'), array('0.5', '0.5'), array('0.4', '0.4'), array('0.3', '0.3'), array('0.2', '0.2'), array('0.1', '0.1'), array('0', $this->lang->words['sitemap_priority_ignore']), array('', $this->lang->words['sitemap_priority_inherit'])), $forum['ipseo_priority'] === '' ? 0 : $forum['ipseo_priority']); $form['viglink'] = $this->registry->output->formYesNo('viglink', !empty($_POST['viglink']) ? $_POST['viglink'] : $forum['viglink']); # Redirect options $form['redirect_url'] = $this->registry->output->formInput('redirect_url', !empty($_POST['redirect_url']) ? $_POST['redirect_url'] : $forum['redirect_url']); $form['redirect_on'] = $this->registry->output->formYesNo('redirect_on', !empty($_POST['redirect_on']) ? $_POST['redirect_on'] : $forum['redirect_on']); $form['redirect_hits'] = $this->registry->output->formInput('redirect_hits', !empty($_POST['redirect_hits']) ? $_POST['redirect_hits'] : $forum['redirect_hits']); # Answer system $form['bw_enable_answers'] = $this->registry->output->formYesNo('bw_enable_answers', !empty($_POST['bw_enable_answers']) ? $_POST['bw_enable_answers'] : $forum['bw_enable_answers']); # Permission settings $form['permission_showtopic'] = $this->registry->output->formYesNo('permission_showtopic', !empty($_POST['permission_showtopic']) ? $_POST['permission_showtopic'] : $forum['permission_showtopic']); $form['permission_custom_error'] = $this->registry->output->formTextarea("permission_custom_error", IPSText::br2nl(!empty($_POST['permission_custom_error']) ? $_POST['permission_custom_error'] : $forum['permission_custom_error'])); # Forum settings $form['use_html'] = $this->registry->output->formYesNo('use_html', !empty($_POST['use_html']) ? $_POST['use_html'] : $forum['use_html']); $form['use_ibc'] = $this->registry->output->formYesNo('use_ibc', !empty($_POST['use_ibc']) ? $_POST['use_ibc'] : $forum['use_ibc']); $form['allow_poll'] = $this->registry->output->formYesNo('allow_poll', !empty($_POST['allow_poll']) ? $_POST['allow_poll'] : $forum['allow_poll']); $form['allow_pollbump'] = $this->registry->output->formYesNo('allow_pollbump', !empty($_POST['allow_pollbump']) ? $_POST['allow_pollbump'] : $forum['allow_pollbump']); $form['inc_postcount'] = $this->registry->output->formYesNo('inc_postcount', !empty($_POST['inc_postcount']) ? $_POST['inc_postcount'] : $forum['inc_postcount']); $form['forum_allow_rating'] = $this->registry->output->formYesNo('forum_allow_rating', !empty($_POST['forum_allow_rating']) ? $_POST['forum_allow_rating'] : $forum['forum_allow_rating']); $form['min_posts_post'] = $this->registry->output->formInput('min_posts_post', !empty($_POST['min_posts_post']) ? $_POST['min_posts_post'] : $forum['min_posts_post']); $form['min_posts_view'] = $this->registry->output->formInput('min_posts_view', !empty($_POST['min_posts_view']) ? $_POST['min_posts_view'] : $forum['min_posts_view']); $form['can_view_others'] = $this->registry->output->formYesNo('can_view_others', !empty($_POST['can_view_others']) ? $_POST['can_view_others'] : $forum['can_view_others']); $form['hide_last_info'] = $this->registry->output->formYesNo('hide_last_info', !empty($_POST['hide_last_info']) ? $_POST['hide_last_info'] : $forum['hide_last_info']); $form['disable_sharelinks'] = $this->registry->output->formYesNo('disable_sharelinks', !empty($_POST['disable_sharelinks']) ? $_POST['disable_sharelinks'] : $forum['disable_sharelinks']); # Mod settings $form['preview_posts'] = $this->registry->output->formDropdown("preview_posts", $dd_moderate, !empty($_POST['preview_posts']) ? $_POST['preview_posts'] : $forum['preview_posts']); $form['notify_modq_emails'] = $this->registry->output->formInput('notify_modq_emails', !empty($_POST['notify_modq_emails']) ? $_POST['notify_modq_emails'] : $forum['notify_modq_emails']); $form['password'] = $this->registry->output->formInput('password', !empty($_POST['password']) ? $_POST['password'] : $forum['password']); $form['password_override'] = $this->registry->output->formMultiDropdown('password_override[]', $mem_group, !empty($_POST['password_override']) ? $_POST['password_override'] : explode(",", $forum['password_override'])); # Sorting settings $form['prune'] = $this->registry->output->formDropdown("prune", $dd_prune, !empty($_POST['prune']) ? $_POST['prune'] : $forum['prune']); $form['sort_key'] = $this->registry->output->formDropdown("sort_key", $dd_order, !empty($_POST['sort_key']) ? $_POST['sort_key'] : $forum['sort_key']); $form['sort_order'] = $this->registry->output->formDropdown("sort_order", $dd_by, !empty($_POST['sort_order']) ? $_POST['sort_order'] : $forum['sort_order']); $form['topicfilter'] = $this->registry->output->formDropdown("topicfilter", $dd_filter, !empty($_POST['topicfilter']) ? $_POST['topicfilter'] : $forum['topicfilter']); $form['bw_disable_tagging'] = $this->registry->output->formYesNo("bw_disable_tagging", !empty($_POST['bw_disable_tagging']) ? $_POST['bw_disable_tagging'] : $forum['bw_disable_tagging']); $form['bw_disable_prefixes'] = $this->registry->output->formYesNo("bw_disable_prefixes", !empty($_POST['bw_disable_prefixes']) ? $_POST['bw_disable_prefixes'] : $forum['bw_disable_prefixes']); $form['tag_predefined'] = $this->registry->output->formTextarea("tag_predefined", IPSText::br2nl(!empty($_POST['tag_predefined']) ? $_POST['tag_predefined'] : $forum['tag_predefined'])); # Trim the form for categories... $form['addnew_type'] = $addnew_type; $this->request['type'] = $addnew_type; $form['addnew_type_upper'] = ucwords($addnew_type); //----------------------------------------- // Show permission matrix //----------------------------------------- if ($type != 'edit' or $addnew_type == 'category') { /* Permission Class */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_public_permissions.php', 'classPublicPermissions'); $permissions = new $classToLoad(ipsRegistry::instance()); if ($addnew_type == 'category') { $perm_matrix = $permissions->adminPermMatrix('forum', $forum, 'forums', 'view'); } else { $perm_matrix = $permissions->adminPermMatrix('forum', $forum); } } /* Application Tabs */ $form['tabStrip'] = ''; $form['tabContent'] = ''; $tabsUsed = 2; $firstTab = empty($this->request['_initTab']) ? false : trim($this->request['_initTab']); IPSLib::loadInterface('admin/forum_form.php'); foreach (IPSLib::getEnabledApplications() as $app_dir => $app_data) { if (is_file(IPSLib::getAppDir($app_dir) . '/extensions/admin/forum_form.php')) { $_class = IPSLib::loadLibrary(IPSLib::getAppDir($app_dir) . '/extensions/admin/forum_form.php', 'admin_forum_form__' . $app_dir, $app_dir); if (class_exists($_class)) { $_object = new $_class($this->registry); $data = $_object->getDisplayContent($forum, $tabsUsed); $form['tabContent'] .= $data['content']; $form['tabStrip'] .= $data['tabs']; $tabsUsed = $data['tabsUsed'] ? $tabsUsed + $data['tabsUsed'] : $tabsUsed + 1; if ($this->request['_initTab'] == $app_dir) { $firstTab = $tabsUsed; } } } } //----------------------------------------- // Show form... //----------------------------------------- $this->registry->output->extra_nav[] = array('', $title); $this->registry->output->html .= $this->html->forumForm($form, $button, $code, $title, $forum, $perm_matrix, $firstTab); }
/** * Request additional data from Converge * * @access public * @param string $auth_key Authenticate Key * @param string $product_id Product ID * @param string $gateway_key Gateway key * @param mixed $arg Additional arguments * @return @e void */ public function requestAdditionalData($auth_key, $product_id, $getdata_key, $arg) { //----------------------------------------- // INIT //----------------------------------------- $auth_key = IPSText::md5Clean($auth_key); $product_id = intval($product_id); $data = IPSText::parseCleanValue($data); $getdata_key = IPSText::parseCleanValue($getdata_key); //----------------------------------------- // Authenticate //----------------------------------------- if ($this->__authenticate($auth_key, $product_id) !== FALSE) { //----------------------------------------- // Grab local extension file //----------------------------------------- require_once DOC_IPS_ROOT_PATH . 'converge_local/apis/additional_methods.php'; /*noLibHook*/ $extension = new additional_methods($this->registry); if (is_callable(array($extension, $getdata_key))) { $data = @call_user_func(array($extension, $getdata_key), $arg); } $return = array('data' => base64_encode(serialize($data))); # return complex data $this->classApiServer->apiSendReply($return); exit; } }
/** * Check to ensure a permalink is correct * Accepts a second value of TRUE to simply return a boolean (TRUE means permalink is OK, false means it is not) * By default, it takes action based on your settings * * @access public * @param string Correct SEO title (app_dir) * @param boolean [TRUE, return a boolean (true for OK, false for not). FALSE {default} simply take action based on settings] * @return boolean */ public function checkPermalink($seoTitle, $return = FALSE) { /* Only serve GET requests */ if ($this->request['request_method'] != 'get') { return FALSE; } if (!$this->settings['use_friendly_urls'] or !$seoTitle) { return FALSE; } $_st = $this->seoTemplates['__data__']['start']; $_end = $this->seoTemplates['__data__']['end']; $_sep = $this->seoTemplates['__data__']['varSep']; $_join = $this->seoTemplates['__data__']['varJoin']; $_blk = $this->seoTemplates['__data__']['varBlock']; $_qs = $_SERVER['QUERY_STRING'] ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); $_uri = $_SERVER['REQUEST_URI'] ? $_SERVER['REQUEST_URI'] : @getenv('REQUEST_URI'); $seoTitle = !empty($seoTitle) && !is_array($seoTitle) ? array($seoTitle) : $seoTitle; /* Bug Fix: #20279 */ if ($this->settings['htaccess_mod_rewrite'] && strpos($_uri, IPS_PUBLIC_SCRIPT . '?/')) { $this->registry->getClass('output')->silentRedirect($this->settings['board_url'] . $_qs, $seoTitle, TRUE); } $_toTest = $_uri ? $_uri : $_qs; /* Now we need to strip off the beginning path so we are left with just the FURL part */ $_path = parse_url($this->settings['board_url'], PHP_URL_PATH); $_toTest = ($_path and $_path != '/') ? preg_replace("#^{$_path}#", '', $_toTest) : $_toTest; $_encodedManually = false; /* Shouldn't need to check this, but feel better for doing it: Friendly URL? */ if (!strstr($_toTest, $_end)) { return FALSE; } /* Got index.php in the URL? */ if (!$this->settings['htaccess_mod_rewrite']) { $_toTest = str_replace(IPS_PUBLIC_SCRIPT . '/', '', $_toTest); } // Removing this - see http://community.invisionpower.com/resources/bugs.html/_/ip-board/topic-furl-redirect-r37445 and http://community.invisionpower.com/resources/bugs.html/_/ip-board/transliteration-r37146 // -- Just a note if this is ever restored for some reason - it does not support $seoTitle as array (i.e. for status updates) // // /* If the SEO title has %hex but the incoming URL doesn't, convert the incoming URL */ /*if ( strstr( $seoTitle[0], '%' ) && ! strstr( $_toTest, '%' ) ) { $_toTest = urlencode( $_toTest ); $_encodedManually = true; }*/ /* @link http://community.invisionpower.com/resources/bugs.html/_/ip-board/having-a-followed-by-a-number-%23-in-a-topic-title-breaks-furl-redirection-r41229 */ foreach ($seoTitle as $essEeeOh) { if (strstr($essEeeOh, '%') && IPS_DOC_CHAR_SET != 'UTF-8') { $_encodedManually = true; } } /* Does it contain unicode? */ if (strstr($_toTest, '%')) { /* Lowercase it as some browsers send %E2 but it will be stored as %e2 */ $_toTest = strtolower($_toTest); } /* Try original */ if ($_encodedManually === false && (is_array($seoTitle) or !preg_match("#" . $_st . preg_quote($seoTitle[0], '#') . '(' . $_end . '$|/\\?|' . $_end . '\\w+?' . $_end . "\$|" . preg_quote($_blk, '#') . ")#", $_toTest))) { /* Do we need to encode? */ $_toTest = urldecode($_toTest); } if ($this->settings['url_type'] == 'query_string') { $_toTest = str_replace(IPS_PUBLIC_SCRIPT . '?/', '', $_toTest); // This ends up making /statuses/id/2 (for instance) as statuses/id/2 and does not match FURL templates //$_toTest = ltrim( $_toTest, '/' ); } #print '#\d+?' . $_st . preg_quote( $seoTitle, '#' ) . '(' . $_end . "$|" . $_end . "\w+?" . $_end . "$|" . preg_quote( $_blk, '#' ) . ")#";exit; if (is_array($seoTitle) or !preg_match('#\\d+?' . $_st . preg_quote($seoTitle, '#') . '(' . $_end . "\$|" . $_end . '\\w+?' . $_end . '$|/\\?|' . preg_quote($_blk, '#') . ")#", $_toTest)) { if ($return === TRUE) { return FALSE; } $uri = array(); $storeKey = ''; $storeData = ''; foreach ($this->seoTemplates as $key => $data) { if (!$data['in']['regex']) { continue; } $data['in']['regex'] = str_replace("\\{__varBlock__\\}", preg_quote($_blk, '#'), $data['in']['regex']); if (preg_match($data['in']['regex'], $_toTest, $matches)) { $storeKey = $key; $storeData = $data; $pageNumber = null; /* Handling pages as a special thing? */ if ($data['isPagesMode'] && strstr($_toTest, $this->seoTemplates['__data__']['varPage'])) { preg_match('#(' . preg_quote($this->seoTemplates['__data__']['varPage'], '#') . '(\\d+?))(?:$|' . preg_quote($this->seoTemplates['__data__']['varBlock'], '#') . ')#', $_toTest, $pageMatches); if ($pageMatches[1]) { $pageNumber = intval($pageMatches[2]); /* We want page-1 to 301 to just / */ $pageNumber = $pageNumber > 1 ? $pageNumber : null; } } if (is_array($data['in']['matches'])) { foreach ($this->seoTemplates[$key]['in']['matches'] as $_replace) { $k = IPSText::parseCleanKey($_replace[0]); if (strstr($_replace[1], '$')) { $v = IPSText::parseCleanValue($matches[intval(str_replace('$', '', $_replace[1]))]); } else { $v = IPSText::parseCleanValue($_replace[1]); } $uri[] = $k . '=' . $v; } } if (strstr($_toTest, $_blk)) { $_parse = substr($_toTest, strrpos($_toTest, $_blk) + strlen($_blk)); $_data = explode($_sep, $_parse); $_c = 0; foreach ($_data as $_v) { list($__k, $__v) = explode($_join, $_v); $k = IPSText::parseCleanKey($__k); $v = IPSText::parseCleanValue($__v); $uri[] = $k . '=' . $v; } } if ($data['newTemplate']) { $key = $data['newTemplate']; } break; } } /* Got something? */ if (count($uri)) { if ($pageNumber !== null) { /* add in page */ $uri[] = 'page=' . $pageNumber; } foreach ($seoTitle as $_k => $_v) { if (preg_match('#\\&[\\#a-z0-9]{2,6};#i', $_v)) { $seoTitle[$_k] = urlencode($_v); } } $newurl = $this->registry->getClass('output')->formatUrl($this->registry->getClass('output')->buildUrl(implode('&', $uri), 'public'), $seoTitle, $key); $base_url = (!IN_ACP and $this->member->session_type != 'cookie') ? preg_replace("/s=([a-zA-Z0-9]{32})(&|&)/", '', $this->settings['base_url']) : $this->settings['base_url']; switch ($this->settings['url_type']) { case 'path_info': if ($this->settings['htaccess_mod_rewrite']) { $base_url = str_replace(IPS_PUBLIC_SCRIPT . '?', '', $base_url); } else { $base_url = str_replace(IPS_PUBLIC_SCRIPT . '?', IPS_PUBLIC_SCRIPT . '/', $base_url); } break; default: case 'query_string': $base_url = str_replace(IPS_PUBLIC_SCRIPT . '?', IPS_PUBLIC_SCRIPT . '?/', $base_url); break; } $base_url = rtrim($base_url, '/'); /* preg_match is to prevent redirecting in older Android and IE browsers (Does not affect IE10). They will take %c5%82, break down to separate characters and re-encode as %c3%85%c2%82, creating an infinite redirect loop. Ticket 848516, 853009 and @link http://community.invisionpower.com/resources/bugs.html/_/ip-board/urls-with-multi-byte-characters-causing-infinite-redirect-on-old-android-devices-r41601 */ if ($base_url . $_toTest != $newurl and !preg_match("/(android 2|msie)/i", $this->member->user_agent)) { /* Load information file */ if ($storeData['app'] && is_file(IPSLib::getAppDir($storeData['app']) . '/extensions/furlRedirect.php')) { $_class = IPSLib::loadLibrary(IPSLib::getAppDir($storeData['app']) . '/extensions/furlRedirect.php', 'furlRedirect_' . $storeData['app'], $storeData['app']); $_furl = new $_class(ipsRegistry::instance()); $_testUrl = strstr($this->settings['base_url'], '?') ? $this->settings['base_url'] . implode('&', $uri) : $this->settings['base_url'] . '?' . implode('&', $uri); $_furl->setKeyByUri($_testUrl); $_seoTitle = $_furl->fetchSeoTitle(); if (preg_match('#\\&[\\#a-z0-9]{2,6};#i', $_seoTitle)) { $_seoTitle = urlencode($_seoTitle); } if ($_seoTitle && empty($this->request['debug'])) { $this->registry->getClass('output')->silentRedirect($_testUrl, $_seoTitle, true, $storeKey); } else { $this->registry->getClass('output')->silentRedirect($_testUrl, $seoTitle, TRUE, $key); } } else { $this->registry->getClass('output')->silentRedirect($newurl, $seoTitle, TRUE, $key); } } } else { return FALSE; } } return TRUE; }
/** * Check to ensure a permalink is correct * Accepts a second value of TRUE to simply return a boolean (TRUE means permalink is OK, false means it is not) * By default, it takes action based on your settings * * @access public * @param string Correct SEO title (app_dir) * @param boolean [TRUE, return a boolean (true for OK, false for not). FALSE {default} simply take action based on settings] * @return boolean */ public function checkPermalink($seoTitle, $return = FALSE) { /* Only serve GET requests */ if ($this->request['request_method'] != 'get') { return FALSE; } if (!$this->settings['use_friendly_urls'] or !$seoTitle or !$this->settings['seo_bad_url'] or $this->settings['seo_bad_url'] == 'nothing') { return FALSE; } $_st = $this->seoTemplates['__data__']['start']; $_end = $this->seoTemplates['__data__']['end']; $_sep = $this->seoTemplates['__data__']['varSep']; $_blk = $this->seoTemplates['__data__']['varBlock']; $_qs = $_SERVER['QUERY_STRING'] ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); $_uri = $_SERVER['REQUEST_URI'] ? $_SERVER['REQUEST_URI'] : @getenv('REQUEST_URI'); $_toTest = $_qs ? $_qs : $_uri; /* Shouldn't need to check this, but feel better for doing it: Friendly URL? */ if (!strstr($_toTest, $_end)) { return FALSE; } /* Try original */ if (!preg_match("#" . $_st . preg_quote($seoTitle, '#') . '(' . $_end . "\$|" . preg_quote($_blk, '#') . ")#", $_toTest)) { /* Do we need to encode? */ $_toTest = urldecode($_toTest); } if (!preg_match("#" . $_st . preg_quote($seoTitle, '#') . '(' . $_end . "\$|" . preg_quote($_blk, '#') . ")#", $_toTest)) { if ($return === TRUE) { return FALSE; } /* Still here? */ switch ($this->settings['seo_bad_url']) { default: case 'meta': $this->addMetaTag('robots', 'noindex,nofollow'); break; case 'redirect': $uri = array(); foreach ($this->seoTemplates as $key => $data) { if (!$data['in']['regex']) { continue; } if (preg_match($data['in']['regex'], $_toTest, $matches)) { if (is_array($data['in']['matches'])) { foreach ($data['in']['matches'] as $_replace) { $k = IPSText::parseCleanKey($_replace[0]); if (strstr($_replace[1], '$')) { $v = IPSText::parseCleanValue($matches[intval(str_replace('$', '', $_replace[1]))]); } else { $v = IPSText::parseCleanValue($_replace[1]); } $uri[] = $k . '=' . $v; } } if (strstr($_toTest, $_blk)) { $_parse = substr($_toTest, strrpos($_toTest, $_blk) + strlen($_blk)); $_data = explode($_sep, $_parse); $_c = 0; foreach ($_data as $_v) { if (!$_c) { $k = IPSText::parseCleanKey($_v); $v = ''; $_c++; } else { $v = IPSText::parseCleanValue($_v); $_c = 0; $uri[] = $k . '=' . $v; } } } break; } } /* Got something? */ if (count($uri)) { $newurl = $this->registry->getClass('output')->formatUrl($this->registry->getClass('output')->buildUrl(implode('&', $uri), 'public'), $seoTitle, $key); if ($this->settings['base_url'] . $_toTest != $newurl) { $this->registry->getClass('output')->silentRedirect($newurl, $seoTitle, TRUE); } } else { return FALSE; } break; } } return TRUE; }
function ipb_passgen($pwd) { global $THIS_BASEPATH; if (!isset($THIS_BASEPATH) || empty($THIS_BASEPATH)) { $THIS_BASEPATH = str_replace(array("\\", "/include"), array("/", ""), dirname(__FILE__)); } if (!defined('IPS_ENFORCE_ACCESS')) { define('IPS_ENFORCE_ACCESS', true); } if (!defined('IPB_THIS_SCRIPT')) { define('IPB_THIS_SCRIPT', 'public'); } require_once $THIS_BASEPATH . '/ipb/initdata.php'; require_once IPS_ROOT_PATH . 'sources/base/ipsRegistry.php'; require_once IPS_ROOT_PATH . 'sources/base/ipsController.php'; $registry = ipsRegistry::instance(); $registry->init(); $password = IPSText::parseCleanValue(urldecode(trim($pwd))); $salt = pass_the_salt(5); $passhash = md5(md5($salt) . md5($password)); return array($passhash, $salt); }