$tpl->readTemplatesFromFile('./dummy.tpl'); if ($activation_code != '') { if (isset($activate_email)) { // New email address activation if ($user->_db_getList('email_new != ', 'email_new_activation_code = ' . md5($activation_code), 1)) { // Requested email address found and activation code is OK $user->_db_setObject($user->_db_list[0]); $user->email = $user->email_new; $user->email_new = ''; $user->email_new_date = ''; $user->email_new_activation_code = ''; $user->_db_updateObj($user->id); $message = $l->g('new_email_activated'); if ($session->_db_getList('_s_room_id', '_s_user_id = ' . $user->id, 1)) { // User is online $msg->addMessage(1010, 'n', 0, '', $session->_db_list[0]['_s_room_id'], 0, $user->id); } } else { // Invalid activation code $message = $l->g('invalid_activation_code'); } } elseif (isset($activate_account)) { // New account activation if ($user->_db_getList('id,language_id', 'activated = n', 'activation_code = ' . md5($activation_code), 1)) { // Load language if ($l->id != $user->_db_list[0]['language_id']) { $old_language_id = $l->id; if (true !== $l->setLanguage($user->_db_list[0]['language_id'])) { $l->setLanguage($old_language_id); } }
* it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * "PCPIN Chat 6" is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ _pcpin_loadClass('message'); $msg = new PCPIN_Message($session); if (!isset($target_user_id) || !is_scalar($target_user_id)) { $target_user_id = 0; } if (!empty($current_user->id) && $current_user->is_admin === 'y' && $session->_s_user_id == $current_user->id) { $xmlwriter->setHeaderStatus(1); if (!empty($target_user_id) && $current_user->_db_getList('banned_permanently,banned_until', 'id = ' . $target_user_id, 1)) { // User exists $xmlwriter->setHeaderStatus(0); $xmlwriter->setHeaderMessage('OK'); if ($current_user->_db_list[0]['banned_permanently'] == 'y' || $current_user->_db_list[0]['banned_until'] > date('Y-m-d H:i:s')) { // Add new message $msg->addMessage(10107, 'n', $current_user->id, $current_nickname, 0, 0, $target_user_id . '/' . $current_user->id, date('Y-m-d H:i:s'), 0, ''); // Unban user $current_user->banUnban($target_user_id, 0); } } }
$reason = trim($reason); } if (!empty($current_user->id)) { $xmlwriter->setHeaderStatus(1); if (!empty($target_user_id) && $current_user->_db_getList('is_admin,moderated_rooms', 'id = ' . $target_user_id, 1)) { // User exists if ($session->_db_getList('_s_ip,_s_id,_s_room_id', '_s_user_id = ' . $target_user_id, 1)) { // User is online $tgt_session_id = $session->_db_list[0]['_s_id']; $tgt_session_ip = $session->_db_list[0]['_s_ip']; // Check permissions $allowed = $current_user->is_admin === 'y' || $current_user->_db_list[0]['is_admin'] != 'y' && !empty($session->_db_list[0]['_s_room_id']) && $current_user->moderated_rooms != '' && false !== strpos(',' . $current_user->moderated_rooms . ',', ',' . $session->_db_list[0]['_s_room_id'] . ',') && false === strpos(',' . $current_user->_db_list[0]['moderated_rooms'] . ',', ',' . $session->_db_list[0]['_s_room_id'] . ','); if (true == $allowed) { $xmlwriter->setHeaderStatus(0); $xmlwriter->setHeaderMessage('OK'); // Action permitted // Add new message $msg->addMessage(10101, 'n', $current_user->id, $current_nickname, $session->_db_list[0]['_s_room_id'], 0, $target_user_id . '/' . $current_user->id . '/' . $reason, date('Y-m-d H:i:s'), 0, ''); // Ban, if needed if (!empty($session->_conf_all['ban_kicked'])) { $current_user->banUnban($target_user_id, 1, $session->_conf_all['ban_kicked'], $reason, $current_user->id, $current_nickname); } // Kick user if (!empty($tgt_session_id)) { $session->_s_updateSession($tgt_session_id, false, true, null, null, null, null, null, null, null, null, 'y'); $session->_s_cleanUp(); } } } } }
if (true !== $message_ok) { continue; } // Check message type switch ($type) { case '3001': // A text message if ($privacy == 2) { // PM does not needs a target room ID (will be delivered to user's room) $target_room_id = 0; } // Check message for containing bad words if (!empty($session->_conf_all['bad_language_mute']) && $current_user->is_admin !== 'y' && false === $badword->checkString($body)) { // Message contains bad words. Mute user. $current_user->globalMuteUnmute($current_user->id, 1, $session->_conf_all['bad_language_mute'], $l->g('watch_your_language')); $msg->addMessage(10110, 'n', 0, $l->g('server'), $session->_s_room_id, 0, $current_user->id . '/0/' . $session->_conf_all['bad_language_mute'] . '/' . $l->g('watch_your_language'), date('Y-m-d H:i:s'), 0, ''); } break; case '10001': // "/clear" command if (empty($target_room_id)) { // "/clear all" $message_ok = $current_user->is_admin === 'y'; if ($message_ok) { // Delete all messages $msg->deleteMessages(null, time()); } } else { // "/clear <room>" $message_ok = $current_user->is_admin === 'y' || false !== strpos(',' . $current_user->moderated_rooms . ',', ',' . $target_room_id . ','); if ($message_ok) {
/** * Set new online status * @param int $status New online status * @param string $status_msg New online status message * @return boolean TRUE on success or FALSE on error */ function _s_setOnlineStatus($status = 0, $status_msg = '') { if (!empty($this->_s_id) && !empty($status) && is_scalar($status)) { $status_msg = trim($status_msg); // Update session $this->_s_updateSession($this->_s_id, true, true, null, null, null, null, null, null, null, null, null, $status, $status_msg); // Insert new system message (only if user in a room) if (!empty($this->_s_room_id)) { _pcpin_loadClass('message'); $message = new PCPIN_Message($this); $message->addMessage(102, 'n', 0, '', $this->_s_room_id, 0, $this->_s_user_id . '/' . $status . '/' . $status_msg); } } }
// Email address needs to be activated $activation_required = 1; $email_new_activation_code = PCPIN_Common::randomString(18, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'); $profile_user->email_new = $email; $profile_user->email_new_date = date('Y-m-d H:i:s'); $profile_user->email_new_activation_code = md5($email_new_activation_code); $profile_user->_db_updateObj($profile_user->id); $email_body = $l->g('email_email_address_activation'); $email_body = str_replace('[HOURS]', $session->_conf_all['new_email_activation_timeout'], $email_body); $email_body = str_replace('[SENDER]', $session->_conf_all['chat_email_sender_name'], $email_body); $email_body = str_replace('[ACTIVATION_URL]', str_replace(' ', '%20', $session->_conf_all['base_url']) . '?activate_email&activation_code=' . urlencode($email_new_activation_code), $email_body); $email_body = str_replace('[CHAT_NAME]', $session->_conf_all['chat_name'], $email_body); PCPIN_Email::send('"' . $session->_conf_all['chat_email_sender_name'] . '"' . ' <' . $session->_conf_all['chat_email_sender_address'] . '>', $email, $l->g('email_address_activation'), null, null, $email_body); $xmlwriter->setHeaderStatus(0); $xmlwriter->setHeaderMessage(str_replace('[EMAIL]', $email, $l->g('email_address_activation_sent'))); } else { // Save new email address $activation_required = 0; $profile_user->email = $email; $profile_user->email_new = ''; $profile_user->email_new_date = ''; $profile_user->email_new_activation_code = ''; $profile_user->_db_updateObj($profile_user->id); $xmlwriter->setHeaderStatus(0); $xmlwriter->setHeaderMessage($l->g('email_address_changed')); $msg->addMessage(1010, 'n', 0, '', $session->_s_room_id, 0, $profile_user_id); } } } } $xmlwriter->setData(array('email' => $email, 'activation_required' => $activation_required));
$xmlwriter->setHeaderStatus(1); $errortext[] = $l->g('password_too_short'); } } } if (empty($errortext)) { // Check image $background_image = 0; if (!empty($image) && $tmpdata->_db_getList('id, binaryfile_id', 'user_id = ' . $current_user->id, 'type = 1', 1)) { // There is an image $background_image = $tmpdata->_db_list[0]['binaryfile_id']; // Delete temporary data $tmpdata->_db_freeList(); $tmpdata->deleteUserRecords($session->_s_user_id, 1, 0, true); } if ($room->createRoom($category_id, 'u', $name, $description, $session->_conf_all['default_message_color'], !empty($password_protect) ? $password : '', $background_image)) { $xmlwriter->setHeaderStatus(0); $xmlwriter->setHeaderMessage('OK'); // Room created $room_id = $room->id; // Add system message $msg->addMessage(1100, 'n', 0, '', 0, 0, '-', date('Y-m-d H:i:s'), 0, ''); } else { $xmlwriter->setHeaderStatus(1); $xmlwriter->setHeaderMessage($l->g('error')); } } else { $xmlwriter->setHeaderMessage(implode("\n", $errortext)); } } $xmlwriter->setData(array('room_id' => $room_id));
if (!isset($target_user_id) || !is_scalar($target_user_id)) { $target_user_id = 0; } if (!isset($action)) { $action = 0; } if (empty($post_control_message)) { $post_control_message = false; } if (empty($profile_user_id) || $profile_user_id != $current_user->id && $current_user->is_admin !== 'y') { $profile_user_id = $current_user->id; } if ($profile_user_id != $current_user->id) { $action_user = new PCPIN_User($session); $action_user->_db_loadObj($profile_user_id); } else { $action_user =& $current_user; } if (!empty($action_user->id)) { $xmlwriter->setHeaderMessage('OK'); $xmlwriter->setHeaderStatus(0); if (!empty($target_user_id) && ($action == 1 || $action == 0)) { $action_user->muteUnmuteLocally($target_user_id, $action); if (!empty($post_control_message)) { _pcpin_loadClass('message'); $message = new PCPIN_Message($session); $message->addMessage(10200, 'n', $current_user->id, $current_nickname, 0, $action_user->id, $action_user->id, '', 1, ''); } } } $xmlwriter->setData(array('muted_users' => $action_user->muted_users));
if (empty($moderators)) { // Room has no moderators. Admin(s) will receive an abuse then. $moderators = $current_user->getAdmins(); } _pcpin_loadClass('nickname'); $nickname = new PCPIN_Nickname($session); $old_language_id = $l->id; // Create message body $body = $current_user->id . '/' . $session->_s_room_id . '/' . $abuse_category * 1 . '/' . trim(str_replace('/', ' ', $abuse_nickname)) . '/' . trim($abuse_description); foreach ($moderators as $data) { _pcpin_loadClass('user'); $tmp_user = new PCPIN_User($session); $tmp_user->_db_loadObj($data['id']); if (!empty($data['is_online'])) { // User is online $msg->addMessage(4001, 'n', $session->_s_user_id, $current_nickname, 0, $data['id'], $body, date('Y-m-d H:i:s'), 2); } else { // Add offline message // $msg->addMessage(4001, 'y', $session->_s_user_id, $current_nickname, 0, $data['id'], $body, date('Y-m-d H:i:s'), 2); } // Load language if ($tmp_user->language_id != $l->id) { if (true !== $l->setLanguage($tmp_user->language_id) && (empty($session->_conf_all['default_language']) || true !== $l->setLanguage($session->_conf_all['default_language']))) { $l->setLanguage($old_language_id); } } $violation_category = ''; switch ($abuse_category) { case 1: $violation_category = $l->g('spam'); break;
} $session->_s_logIn($userdata['id'], $userdata['last_message_id'], $language_id, $backend_login); // Update user $current_user->_db_loadObj($userdata['id']); $current_user->previous_login = $current_user->last_login; $current_user->last_login = date('Y-m-d H:i:s'); $current_user->time_zone_offset = $time_zone_offset; if ($new_password_ok) { $current_user->password = $current_user->password_new; } $current_user->password_new = md5(PCPIN_Common::randomString(mt_rand(30, 120))); $current_user->activated = 'y'; $current_user->activation_code = ''; $current_user->_db_updateObj($session->_s_user_id); // Insert system message $msg->addMessage(101, 'n', 0, '', 0, 0, $session->_s_user_id); } } } else { // Invalid password $xmlwriter->setHeaderMessage($l->g('login_failed')); $login_failed = true; } unset($userdata); } else { // User does not exists $xmlwriter->setHeaderMessage($l->g('login_failed')); $login_failed = true; } if (!empty($login_failed)) { $failed_login_class->increaseCounter(PCPIN_CLIENT_IP, $l->g('too_many_failed_logins'));
/** * Put user into/out of a room * @param int $user_id User ID * @param int $target_room_id ID of room where to put user into * @param boolean $skip_msg If TRUE, then system message 115 will be NOT inserted * @param string $stealth_mode "Stealth" mode flag ("y"/"n") * @return boolean TRUE on success or FALSE on error */ function putUser($user_id = 0, $target_room_id = 0, $skip_msg = false, $stealth_mode = 'n') { $ok = false; _pcpin_loadClass('message'); $message = new PCPIN_Message($this); _pcpin_loadClass('session'); $session = new PCPIN_Session($this, '', true); // Get user's session if (!empty($user_id) && $session->_db_getList('_s_user_id = ' . $user_id, 1)) { // Session exists if ($target_room_id != $session->_db_list[0]['_s_room_id']) { if (!empty($session->_db_list[0]['_s_room_id'])) { // Put user out of a room $ok = true; if ($this->_db_getList('users_count', 'id = ' . $session->_db_list[0]['_s_room_id'], 1)) { $this->updateRoom($session->_db_list[0]['_s_room_id'], false, true, null, null, null, null, $this->_db_list[0]['users_count'] - 1, null, null, null, date('Y-m-d H:i:s')); } if (true !== $skip_msg) { $message->addMessage(115, 'n', 0, '', $session->_db_list[0]['_s_room_id'], 0, $user_id . '/' . $session->_db_list[0]['_s_room_id']); } } if (!empty($target_room_id)) { // Put user into a room if ($this->_db_getList('users_count', 'id = ' . $target_room_id, 1)) { $ok = true; $this->updateRoom($target_room_id, false, true, null, null, null, null, $this->_db_list[0]['users_count'] + 1, null, null, null, date('Y-m-d H:i:s')); } else { // Room does not exists $target_room_id = 0; } if (true !== $skip_msg) { $message->addMessage(111, 'n', 0, '', $target_room_id, 0, $user_id . '/' . $target_room_id); } } // Update session $session->_s_updateSession($session->_db_list[0]['_s_id'], false, true, null, null, $target_room_id, null, null, null, null, !empty($target_room_id) ? date('Y-m-d H:i:s') : '', null, null, null, $stealth_mode, null, null, '0000-00-00 00:00:00', ''); if ($session->_db_list[0]['_s_online_status'] != 1) { $session->_db_setObject($session->_db_list[0]); $session->_s_setOnlineStatus(1); } } else { $ok = true; } // Delete temporary message attachments _pcpin_loadClass('tmpdata'); $tmpdata = new PCPIN_TmpData($this); $tmpdata->deleteUserRecords($user_id, 3); } return $ok; }