function AddStyleSheet($StyleSheetLocation, $Media = '', $Position = '100', $StyleRoot = '~')
{
if ($StyleRoot == '~') {
$StyleRoot = $this->Context->Configuration['WEB_ROOT'];
}
if (!is_array($this->StyleSheets)) {
$this->StyleSheets = array();
}
$StylePath = $StyleSheetLocation;
if ($StylePath != '') {
$StylePath = ConcatenatePath($StyleRoot, $StyleSheetLocation);
}
$this->InsertItemAt($this->StyleSheets, array('Sheet' => $StylePath, 'Media' => $Media), $Position);
}
function RequestPasswordReset($Username)
{
$Username = FormatStringForDatabaseInput($Username, '');
$Email = false;
if ($Username == '') {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrInvalidUsername'));
} else {
// Attempt to retrieve email address
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect(array('Email', 'Name', 'UserID'), 'u');
$s->AddWhere('u', 'Name', '', $Username, '=');
$UserResult = $this->Context->Database->Select($s, $this->Name, 'RequestPasswordReset', 'An error occurred while retrieving account information.');
if ($this->Context->Database->RowCount($UserResult) == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrAccountNotFound'));
} else {
$Name = '';
$Email = '';
$UserID = 0;
while ($rows = $this->Context->Database->GetRow($UserResult)) {
$UserID = ForceInt($rows['UserID'], 0);
$Email = ForceString($rows['Email'], '');
$Name = FormatStringForDisplay($rows['Name'], 1);
}
// Now that we have the email, generate an email verification key
$EmailVerificationKey = DefineVerificationKey();
// Insert the email verification key into the user table
$s->Clear();
$s->SetMainTable('User', 'u');
$s->AddFieldNameValue('EmailVerificationKey', $EmailVerificationKey, 1);
$s->AddWhere('u', 'UserID', '', $UserID, '=');
$this->Context->Database->Update($s, $this->Name, 'RequestPasswordReset', 'An error occurred while managing your account information.');
// If there are no errors, send the user an email
if ($this->Context->WarningCollector->Count() == 0) {
// Retrieve the email body
$File = $this->Context->Configuration['LANGUAGES_PATH'] . $this->Context->Configuration['LANGUAGE'] . '/email_password_request.txt';
$EmailBody = @file_get_contents($File);
if (!$EmailBody) {
$this->Context->ErrorManager->AddError($this->Context, $this->Name, 'AssignRole', 'Failed to read email template (' . $File . ').');
}
$e = $this->Context->ObjectFactory->NewContextObject($this->Context, 'Email');
$e->HtmlOn = 0;
$e->WarningCollector =& $this->Context->WarningCollector;
$e->ErrorManager =& $this->Context->ErrorManager;
$e->AddFrom($this->Context->Configuration['SUPPORT_EMAIL'], $this->Context->Configuration['SUPPORT_NAME']);
$e->AddRecipient($Email, $Name);
$e->Subject = $this->Context->Configuration['APPLICATION_TITLE'] . ' ' . $this->Context->GetDefinition('PasswordResetRequest');
$e->Body = str_replace(array('{user_name}', '{forum_name}', '{password_url}'), array($Name, $this->Context->Configuration['APPLICATION_TITLE'], ConcatenatePath($this->Context->Configuration['BASE_URL'], GetUrl($this->Context->Configuration, 'people.php', '', '', '', '', 'PostBackAction=PasswordResetForm&u=' . $UserID . '&k=' . $EmailVerificationKey))), $EmailBody);
$e->Send();
}
}
}
return $this->Context->WarningCollector->Iif($Email, false);
}
function NotifyDiscussion($DiscussionForm)
{
$DiscussionID = @$DiscussionForm->DelegateParameters['ResultDiscussion']->DiscussionID;
if ($DiscussionID > 0) {
#Detect if Whispered
$result = mysql_query("SELECT WhisperUserID FROM " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "Discussion WHERE DiscussionID = '{$DiscussionID}'");
$row = mysql_fetch_row($result);
if ($row[0] > 0) {
$Whispered = 1;
} else {
$Whispered = 0;
}
$WhisperUserID = $row[0];
if (CheckSubscribeOwn($DiscussionForm->Context)) {
ChangeNotify($DiscussionForm->Context, 'DISCUSSION', $DiscussionID, 1);
}
} else {
$DiscussionID = @$DiscussionForm->DelegateParameters['ResultComment']->DiscussionID;
#Detect if Whispered
$mTitle = @$DiscussionForm->DelegateParameters['ResultComment']->Title;
$CommentID = @$DiscussionForm->DelegateParameters['ResultComment']->CommentID;
$result = mysql_query("SELECT WhisperUserID FROM " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "Discussion WHERE DiscussionID = '{$DiscussionID}'");
$row = mysql_fetch_row($result);
if ($row[0] > 0) {
$Whispered = 1;
} else {
$Whispered = 0;
}
$WhisperUserID = $row[0];
if ($Whispered == 0) {
$result = mysql_query("SELECT WhisperUserID FROM " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "Comment WHERE CommentID = '{$CommentID}'");
$row = mysql_fetch_row($result);
if ($row[0] > 0) {
$Whispered = 1;
} else {
$Whispered = 0;
}
$WhisperUserID = $row[0];
}
}
if ($DiscussionID > 0) {
$Notifieusers = array();
$SelfUser = $DiscussionForm->Context->Session->UserID;
if ($DiscussionForm->Context->Configuration['NOTIFY_AUTO_ALL'] == 0) {
#Add all users who have subscribed to all, aren't already notified except the posting user
if ($DiscussionForm->Context->Configuration['NOTIFY_ALLOW_ALL'] == 1) {
$result = mysql_query("SELECT A.UserID,Email,FirstName, LastName FROM " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "Notify AS A, " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "User AS B WHERE A.Method = 'ALL' AND A.UserID <> '{$SelfUser}' AND A.UserID = B.UserID AND B.Notified = 0", $DiscussionForm->Context->Database->Connection);
while ($row = mysql_fetch_row($result)) {
if ($Whispered == 1 and $WhisperUserID == $row[0] or $Whispered == 0) {
array_push($Notifieusers, array($row[0], $row[1], $row[2], $row[3]));
}
}
}
#Add all users who have subscribed to this category , aren't already notified except the posting user
if ($DiscussionForm->Context->Configuration['NOTIFY_ALLOW_CATEGORY'] == 1) {
$result = mysql_query("SELECT CategoryID FROM " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "Discussion WHERE DiscussionID = '{$DiscussionID}'", $DiscussionForm->Context->Database->Connection);
$row = mysql_fetch_row($result);
$result2 = mysql_query("SELECT A.UserID,Email,FirstName, LastName FROM " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "Notify AS A, " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "User AS B WHERE A.Method = 'CATEGORY' AND A.SelectID = '{$row['0']}' AND A.UserID <> '{$SelfUser}' AND A.UserID = B.UserID AND B.Notified = 0", $DiscussionForm->Context->Database->Connection);
while ($row2 = mysql_fetch_row($result2)) {
if ($Whispered == 1 and $WhisperUserID == $row[0] or $Whispered == 0) {
array_push($Notifieusers, array($row2[0], $row2[1], $row2[2], $row2[3]));
}
}
}
#Add all users who have subscribed to this discussion , aren't already notified except the posting user
if ($DiscussionForm->Context->Configuration['NOTIFY_ALLOW_DISCUSSION'] == 1) {
$result2 = mysql_query("SELECT A.UserID,Email,FirstName, LastName FROM " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "Notify AS A, " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "User AS B WHERE A.Method = 'DISCUSSION' AND A.SelectID = '{$DiscussionID}' AND A.UserID <> '{$SelfUser}' AND A.UserID = B.UserID AND B.Notified = 0", $DiscussionForm->Context->Database->Connection);
while ($row2 = mysql_fetch_row($result2)) {
if ($Whispered == 1 and $WhisperUserID = $row[0] or $Whispered == 0) {
array_push($Notifieusers, array($row2[0], $row2[1], $row2[2], $row2[3]));
}
}
}
} else {
#Add all users
$result = mysql_query("SELECT UserID,Email,FirstName, LastName FROM " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "User WHERE UserID <> '{$SelfUser}' AND Notified = 0", $DiscussionForm->Context->Database->Connection);
while ($row = mysql_fetch_row($result)) {
if ($Whispered == 1 and $WhisperUserID == $row[0] or $Whispered == 0) {
array_push($Notifieusers, array($row[0], $row[1], $row[2], $row[3]));
}
}
}
#Remove double inserted users
array_unique($Notifieusers);
#Send an email for each user:
$mailsent = array();
$e = $DiscussionForm->Context->ObjectFactory->NewContextObject($DiscussionForm->Context, 'Email');
$e->HtmlOn = 0;
foreach ($Notifieusers as $val) {
$mName = '';
if ($val[2] != '') {
$mName = ' ' . $val[2];
}
if ($val[1] != "" and !in_array($val[1], $mailsent)) {
if ($val[2] != "" and $val[3] != "") {
$NotifyName = '';
} else {
$NotifyName = $val[2] . ' ' . $val[3];
}
$e->Clear();
$e->AddFrom($DiscussionForm->Context->Configuration['SUPPORT_EMAIL'], $DiscussionForm->Context->Configuration['SUPPORT_NAME']);
$e->AddRecipient($val[1], $NotifyName);
$e->Subject = $DiscussionForm->Context->Configuration['APPLICATION_TITLE'] . ' ' . $DiscussionForm->Context->GetDefinition('Notification');
$EmailBody = @file_get_contents($DiscussionForm->Context->Configuration['EXTENSIONS_PATH'] . 'Notify/email_notify.txt');
$e->Body = str_replace(array("{name}", "{forum_name}", "{title}", "{comment}", "{user}", "{topic_url}", "{support_name}"), array($mName, $DiscussionForm->Context->Configuration['APPLICATION_TITLE'], $mTitle, $mComment, $mUser, ConcatenatePath($DiscussionForm->Context->Configuration['BASE_URL'] . 'comments.php?DiscussionID=' . $DiscussionID, ''), $DiscussionForm->Context->Configuration['SUPPORT_NAME']), $EmailBody);
$e->Send();
array_push($mailsent, $val[1]);
mysql_query("UPDATE " . $DiscussionForm->Context->Configuration['DATABASE_TABLE_PREFIX'] . "User SET Notified = 1 WHERE UserID = '{$val['0']}'");
}
}
}
}
function GetRequestUri()
{
global $Configuration;
$Host = ForceString($_SERVER['HTTP_HOST'], '');
if ($Host != '') {
$Host = PrependString($Configuration['HTTP_METHOD'] . '://', $Host);
}
$Path = @$_SERVER['REQUEST_URI'];
// If the path wasn't provided in the REQUEST_URI variable, let's look elsewhere for it
if ($Path == '') {
$Path = @$_SERVER['HTTP_X_REWRITE_URL'];
}
// Some servers use this instead
// If the path still wasn't found, let's try building it with other variables
if ($Path == '') {
$Path = @$_SERVER['SCRIPT_NAME'];
$Path .= @$_SERVER['QUERY_STRING'] == '' ? '' : '?' . @$_SERVER['QUERY_STRING'];
}
$FullPath = ConcatenatePath($Host, $Path);
return FormatStringForDisplay($FullPath);
}
/*
Extension Name: Guest Welcome Message
Extension Url: http://vanillaforums.org/addon/9/guest-welcome-message
Description: Adds a welcome message to the panel if the person viewing the forum doesn't have an active session.
Version: 4.0
Author: Mark O'Sullivan
Author Url: http://markosullivan.ca/
*
*
* Copyright 2006 Mark O'Sullivan <http://markosullivan.ca/>
* Copyright 2010 Damien Lebrun <*****@*****.**>
*
* Changes:
*
* 4.0:
*
* - GuestWelcome definition is deprecated. It uses GuestWelcomeMessage
* definition instead. This definition doesn't need to include the
* sign-in and registration URLs.
*
*/
$Context->SetDefinition("GuestWelcomeMessage", '<strong>Welcome Guest!</strong><br />' . 'Want to take part in these discussions? If you have an account, ' . '<a href="%s">sign in now</a>. <br />' . 'If you don\'t have an account, ' . '<a href="%s">apply for one now</a>.');
$GuestWelcomeMessagePage = array("account.php", "categories.php", "comments.php", "index.php", "search.php");
if (in_array($Context->SelfUrl, $GuestWelcomeMessagePage) && $Context->Session->UserID == 0) {
$SignInUrl = empty($Configuration['SIGNIN_URL']) ? GetUrl($Configuration, "people.php") : ConcatenatePath($Configuration['BASE_URL'], $Configuration['SIGNIN_URL']);
$RegisterUrl = empty($Configuration['REGISTRATION_URL']) ? GetUrl($Configuration, "people.php", "", "", "", "", "PostBackAction=ApplyForm") : ConcatenatePath($Configuration['BASE_URL'], $Configuration['REGISTRATION_URL']);
$NoticeCollector->AddNotice(sprintf($Context->GetDefinition('GuestWelcomeMessage'), $SignInUrl, $RegisterUrl));
unset($SignInUrl, $RegisterUrl);
}
unset($GuestWelcomeMessagePage);
include '../../appg/init_vanilla.php';
$PostBackKey = ForceIncomingString('PostBackKey', '');
$PostBackAction = ForceIncomingString('PostBackAction', '');
$Type = ForceIncomingString('Type', '');
$ElementID = ForceIncomingInt('ElementID', 0);
$Value = ForceIncomingInt('Value', 0);
if ($PostBackAction !== 'ChangeNotifi') {
header("HTTP/1.1 404 Not Found");
$Context->Unload();
echo 'Wrong address.';
exit;
}
if ($Context->Session->UserID === 0) {
header("HTTP/1.1 401 Unauthorised");
header('WWW-Authenticate: Vanilla-Login-1.0');
header('Location: ' . ConcatenatePath($Context->Configuration['BASE_URL'], $Context->Configuration['SIGNIN_URL']));
$Context->Unload();
echo 'You are not logged-in';
exit;
}
if ($PostBackKey == '' || $PostBackKey === $Context->Session->GetCsrfValidationKey()) {
header("HTTP/1.1 401 Unauthorized");
header('Www-Authenticate: Vanilla-Csrf-Check key="' . $Context->Session->GetCsrfValidationKey() . '"');
echo 'Unable to authenticate this request.';
$Context->Unload();
exit;
}
if ($Type != 'OWN') {
if ($Type != 'KEEPEMAILING') {
ChangeNotifi($Context, $Type, $ElementID, $Value);
}
function Upload($InputName, $DestinationFolder, $DestinationName = '', $TimeStampName = '0', $OverwriteExistingFile = '0')
{
$Return = "";
if (array_key_exists($InputName, $_FILES)) {
$FileName = basename($_FILES[$InputName]['name']);
$FilePieces = explode('.', $FileName);
$FileExtension = $FilePieces[count($FilePieces) - 1];
if ($FileExtension == 'gz' && $FilePieces[count($FilePieces) - 2] == 'tar') {
$FileExtension = 'tar.gz';
}
if ($FileName != '') {
// Define file properties
if ($DestinationName == '') {
$DestinationName = $FileName;
}
$TempFileName = $_FILES[$InputName]['tmp_name'];
$FileType = $_FILES[$InputName]['type'];
$this->CurrentFileSize = $_FILES[$InputName]['size'];
// Ensure the file is not empty
if ($this->CurrentFileSize == 0) {
$this->Context->WarningCollector->Add('The file you attempted to upload (' . $FileName . ') was empty.');
}
// Ensure that the file's type is allowed
if (!array_key_exists($FileType, $this->AllowedFileTypes)) {
$this->Context->WarningCollector->Add('You are not allowed to upload (' . $FileName . ') the requested file type: ' . $FileType);
} else {
// Now make sure that the file type has the proper extension
if (!in_array(strtoupper($FileExtension), explode(',', strtoupper(join(',', $this->AllowedFileTypes[$FileType]))))) {
$Message = '';
for ($i = 0; $i < count($this->AllowedFileTypes[$FileType]); $i++) {
if ($Message != '') {
$Message .= ', ';
}
$Message .= $this->AllowedFileTypes[$FileType][$i];
}
$Message = 'The file you attempted to upload (' . $FileName . ') was of type "' . $FileType . '", but the file extension "' . $FileExtension . '" did not match the accepted extensions for this type of file: ' . $Message;
$this->Context->WarningCollector->Add($Message);
}
}
// Ensure that the file is not beyond the maximum allowable size
if ($this->CurrentFileSize > $this->MaximumFileSize) {
$this->Context->WarningCollector->Add('The file you have attempted to upload (' . $FileName . ') is larger than the allowed size: ' . FormatFileSize($this->MaximumFileSize));
}
if ($this->Context->WarningCollector->Count() == 0) {
// Redefine new file to include proper file extension
$DestinationNameOnly = substr($DestinationName, 0, strpos($DestinationName, '.' . $FileExtension));
if ($TimeStampName) {
$DestinationNameOnly .= date('-Y-m-d', mktime());
$DestinationName = $DestinationNameOnly . '.' . $FileExtension;
}
$Return = $DestinationName;
$NewFilePath = ConcatenatePath($DestinationFolder, $Return);
if (!$OverwriteExistingFile) {
$Loop = 2;
while (file_exists($NewFilePath)) {
$Return = $DestinationNameOnly . $Loop . '.' . $FileExtension;
$NewFilePath = ConcatenatePath($DestinationFolder, $Return);
$Loop++;
}
}
if (!move_uploaded_file($_FILES[$InputName]['tmp_name'], $NewFilePath)) {
$this->Context->WarningCollector->Add('Failed to upload the file: ' . $FileName);
}
}
} else {
$this->Context->WarningCollector->Add('You must provide a file to be uploaded.');
}
} else {
$this->Context->WarningCollector->Add('The file you attempted to upload could not be found in postback data.');
}
return $Return;
}
