Esempio n. 1
0
     // end new mode
     array_unshift($Y_N, 'Select one...');
     $renderer->assign('show_options', $Y_N);
     $renderer->assign('permissions', $CHECKBOXES);
     $renderer->assign('permission_defaults', $CHECKBOX_DEFAULTS);
     $renderer->assign('group', $GROUP);
     if ($group != null) {
         $renderer->display('admin/permissions/edit.tpl');
     } else {
         $renderer->display('admin/permissions/new.tpl');
     }
     break;
     // end default
 // end default
 case 'save':
     $GROUP = array('name' => trim(stripinput($_POST['group']['name'])), 'description' => trim(clean_xhtml($_POST['group']['descr'], false)), 'order_by' => trim(stripinput($_POST['group']['order_by'])), 'show' => trim(stripinput($_POST['group']['show'])));
     // If the group could not be loaded, start making a new one.
     if ($group == null) {
         $group = new StaffGroup($db);
     }
     if ($GROUP['name'] == null) {
         $ERRORS[] = 'No name specified.';
     } elseif (strlen($GROUP['name']) > 50) {
         $ERRORS[] = 'There is a maxlength=50 on that field for a reason.';
     }
     if ($GROUP['description'] == null) {
         $ERRORS[] = 'No description specified.';
     }
     if (in_array($GROUP['show'], array_keys($Y_N)) == false) {
         $ERRORS[] = 'Invalid option for show on staff list specified.';
     }
Esempio n. 2
0
 * 
 * You should have received a copy of the GNU General
 * Public License along with 'Kitto_Kitto_Kitto'; if not,
 * write to the Free Software Foundation, Inc., 51
 * Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 *
 * @author Nicholas 'Owl' Evans <*****@*****.**>
 * @copyright Nicolas Evans, 2007
 * @license http://www.gnu.org/licenses/gpl-3.0.txt GPLv3
 * @package Kitto_Kitto_Kitto
 * @subpackage Messages
 * @version 1.0.0
 **/
$ERRORS = array();
$TO = $_POST['to'];
$MESSAGE = array('title' => stripinput($_POST['message']['title']), 'body' => clean_xhtml($_POST['message']['body']));
// Clean TO up.
$CLEAN_TO = array();
$USERS = array();
// for doing notifies with
foreach ($TO as $key => $recipient) {
    $recipient = stripinput(trim($recipient));
    if ($recipient != null) {
        $user = new User($db);
        $user = $user->findOneByUserName($recipient);
        if ($user != null) {
            $USERS[$user->getUserId()] = $user;
            $CLEAN_TO[$user->getUserId()] = $user->getUserName();
        } else {
            $ERRORS[] = "The user <strong>{$recipient}</strong> does not exist.";
        }
Esempio n. 3
0
    draw_errors($ERRORS);
} else {
    switch ($_REQUEST['state']) {
        default:
            $BOARD = array('category' => $board->getCategoryName(), 'id' => $board->getBoardId(), 'name' => $board->getBoardName());
            $THREAD = array('id' => $thread->getBoardThreadId(), 'name' => $thread->getThreadName(), 'sticky' => $thread->getStickied());
            $renderer->assign('board', $BOARD);
            $renderer->assign('thread', $THREAD);
            $renderer->assign('page', $page);
            $renderer->assign('post_id', $post->getBoardThreadPostId());
            $renderer->assign('text', $post->getPostText());
            $renderer->display('boards/edit_post.tpl');
            break;
            // end default
        // end default
        case 'save':
            $html = trim(clean_xhtml($_POST['post_text']));
            if ($html == null) {
                draw_errors('You cannot blank the message out.');
            } else {
                $post->setPostText($html);
                $post->save();
                $_SESSION['board_notice'] = 'You have edited the post.';
                redirect(null, null, "threads/{$thread->getBoardShortName()}/{$thread->getBoardThreadId()}/{$page}#p{$post->getBoardThreadPostId()}");
            }
            break;
            // end save
    }
    // end state switch
}
// end no errors
Esempio n. 4
0
     if ($specie != null) {
         $SPECIE = array('id' => $specie->getPetSpecieId(), 'name' => $specie->getSpecieName(), 'description' => $specie->getSpecieDescr(), 'image_dir' => $specie->getRelativeImageDir(), 'available' => $specie->getAvailable(), 'max_hunger' => $specie->getMaxHunger(), 'max_happiness' => $specie->getMaxHappiness());
     }
     // end edit mode
     $renderer->assign('specie', $SPECIE);
     $renderer->assign('available_options', array('' => 'Select one...', 'N' => 'No', 'Y' => 'Yes'));
     if ($specie != null) {
         $renderer->display('admin/pets/species/edit.tpl');
     } else {
         $renderer->display('admin/pets/species/new.tpl');
     }
     break;
     // end default
 // end default
 case 'save':
     $SPECIE = array('name' => trim(stripinput($_POST['specie']['name'])), 'description' => trim(clean_xhtml($_POST['specie']['descr'])), 'image_dir' => trim(stripinput($_POST['specie']['image_dir'])), 'hunger' => trim(stripinput($_POST['specie']['hunger'])), 'happiness' => trim(stripinput($_POST['specie']['happiness'])), 'available' => trim(stripinput($_POST['specie']['available'])));
     // If the group could not be loaded, start making a new one.
     if ($specie == null) {
         $specie = new PetSpecie($db);
     }
     if ($SPECIE['name'] == null) {
         $ERRORS[] = 'No name specified.';
     } elseif (strlen($SPECIE['name']) > 50) {
         $ERRORS[] = 'There is a maxlength=50 on that field for a reason.';
     }
     if ($SPECIE['image_dir'] == null) {
         $ERRORS[] = 'No image directory specified.';
     } elseif (strlen($SPECIE['image_dir']) > 200) {
         $ERRORS[] = 'There is a maxlength=200 on that field for a reason.';
     }
     if ($SPECIE['hunger'] <= 0) {
Esempio n. 5
0
         }
         $User->setEmail($PASSWORD['email']);
         $User->save();
         // Refresh the cookie with the new password.
         $User->logout();
         $User->login();
         $_SESSION['pref_notice'] = 'Your settings have been updated.';
         redirect('preferences');
     }
     // end no errors
     break;
     // end save account
 // end save account
 case 'save_preferences':
     $ERRORS = array();
     $USER = array('profile' => clean_xhtml($_POST['user']['profile']), 'signature' => clean_xhtml($_POST['user']['signature']), 'avatar_image' => stripinput($_POST['user']['avatar']), 'datetime_format' => stripinput($_POST['user']['datetime_format']), 'timezone' => stripinput($_POST['user']['timezone']), 'show_online_status' => stripinput($_POST['user']['show_online_status']), 'default_post_as' => stripinput($_POST['user']['default_post_as']));
     if ($USER['avatar_image'] == null) {
         $avatar_id = 0;
     } else {
         $avatar = new Avatar($db);
         $avatar = $avatar->findOneByAvatarImage($USER['avatar_image']);
         if ($avatar == null) {
             $ERRORS[] = 'Invalid avatar specified.';
         } else {
             $avatar_id = $avatar->getAvatarId();
         }
     }
     // end avatar specified
     $datetime_format = new DatetimeFormat($db);
     $datetime_format = $datetime_format->findOneByDatetimeFormatId($USER['datetime_format']);
     if ($datetime_format == null) {
 default:
     $BOARD_DATA = array('category' => $board->getCategoryName(), 'id' => $board->getBoardId(), 'name' => $board->getBoardName());
     // POSTback from a failed attempt to post.
     if (is_array($_REQUEST['error']) == true) {
         $POST = array('title' => stripinput($_REQUEST['error']['title']), 'body' => clean_xhtml($_REQUEST['error']['body']));
         $renderer->assign('post', $POST);
     }
     // end handle postback errors
     $renderer->assign('board', $BOARD_DATA);
     $renderer->display('boards/new_thread.tpl');
     break;
     // end default
 // end default
 case 'post':
     $title = stripinput(trim($_POST['post']['title']));
     $text = clean_xhtml(trim($_POST['post']['text']));
     if ($title == null) {
         $ERRORS[] = 'You must specify a title.';
     } elseif (strlen($title) > 60) {
         $ERRORS[] = 'There is a maxlength=60 on that field for a reason.';
     }
     if ($text == null) {
         $ERRORS[] = 'No message specified. It is possible that your HTML was so badly mal-formed that it was dropped by the HTML filter.';
     }
     if (strtotime($User->getDatetimeLastPost()) + $APP_CONFIG['post_interval'] > time()) {
         $text = secondsToMinutes($APP_CONFIG['post_interval']);
         $ERRORS[] = "You may only post once every {$text}.";
     }
     // end user posted too quickly
     if (sizeof($ERRORS) > 0) {
         draw_errors($ERRORS);
Esempio n. 7
0
 * 
 * You should have received a copy of the GNU General
 * Public License along with 'Kitto_Kitto_Kitto'; if not,
 * write to the Free Software Foundation, Inc., 51
 * Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 *
 * @author Nicholas 'Owl' Evans <*****@*****.**>
 * @copyright Nicolas Evans, 2007
 * @license http://www.gnu.org/licenses/gpl-3.0.txt GPLv3
 * @package Kitto_Kitto_Kitto
 * @subpackage Board
 * @version 1.0.0
 **/
$ERRORS = array();
$thread_id = $_REQUEST['thread_id'];
$post_text = trim(clean_xhtml($_REQUEST['post']['text']));
if (strtotime($User->getDatetimeLastPost()) + $APP_CONFIG['post_interval'] > time()) {
    $text = secondsToMinutes($APP_CONFIG['post_interval']);
    $ERRORS[] = "You may only post once every {$text}.";
}
// end user posted too quickly
if ($post_text == null) {
    $ERRORS[] = 'No message specified. It is possible that your HTML was so badly mal-formed that it was dropped by the HTML filter.';
}
$thread = new BoardThread($db);
$thread = $thread->findOneByBoardThreadId($thread_id);
if ($thread == null) {
    $ERRORS[] = 'Thread does not exist.';
} else {
    if ($thread->getLocked() != 'N') {
        $ERRORS[] = 'That thread is locked.';
Esempio n. 8
0
             continue;
         }
         // end item specific
         $ITEM[$field['name']] = $item->get($field['name']);
     }
     // end extra field loop
     $YN = array_merge(array('' => 'Select one...'), $YN);
     $renderer->assign('yes_no', $YN);
     $renderer->assign('extra_fields', $fields);
     $renderer->assign('item', $ITEM);
     $renderer->display('admin/items/edit.tpl');
     break;
     // end default
 // end default
 case 'save':
     $ITEM = array('name' => trim(stripinput($_POST['item']['name'])), 'image' => trim(stripinput($_POST['item']['image'])), 'description' => trim(clean_xhtml($_POST['item']['description'], false)), 'transferable' => $_POST['item_transferable'], 'unique' => $_POST['item_unique']);
     // Load the data for extra, item-specific fields.
     $EXTRA = array();
     $fields = $item->listAttributes();
     foreach ($fields as $field) {
         $EXTRA[$field['name']] = trim(stripinput($_POST['extra'][$field['name']]));
         // If it's a select, make sure the ID is valid. These are
         // usually used for picking an option from another table, so
         // the item could break if this is crap...
         if ($field['type'] == 'select') {
             if (in_array($EXTRA[$field['name']], array_keys($field['values'])) == false) {
                 $ERRORS[] = "Invalid option specified for {$field['label']}.";
             }
         }
         // end validate select
     }
Esempio n. 9
0
        $ERRORS[] = 'That is not your pet.';
    }
}
// end pet found
if (sizeof($ERRORS) > 0) {
    draw_errors($ERRORS);
} else {
    switch ($_POST['state']) {
        default:
            $PET = array('id' => $pet->getUserPetId(), 'name' => $pet->getPetName(), 'profile' => $pet->getProfile());
            if ($_SESSION['pet_notice'] != null) {
                $renderer->assign('notice', $_SESSION['pet_notice']);
                unset($_SESSION['pet_notice']);
            }
            $renderer->assign('pet', $PET);
            $renderer->display('pets/edit_profile.tpl');
            break;
            // end default
        // end default
        case 'save':
            $profile = clean_xhtml($_POST['pet']['profile']);
            $pet->setProfile($profile);
            $pet->save();
            $_SESSION['pet_notice'] = "You have updated the profile of <strong>{$pet->getPetName()}</strong>.";
            redirect(null, null, "edit-pet/{$pet->getUserPetId()}");
            break;
            // end save
    }
    // end state switch
}
// end no errors
Esempio n. 10
0
     }
     // end group reformatter
     array_unshift($STATUSES, 'Select one...');
     if ($_SESSION['user_notice'] != null) {
         $renderer->assign('notice', $_SESSION['user_notice']);
         unset($_SESSION['user_notice']);
     }
     $renderer->assign('user_info', $USER);
     $renderer->assign('groups', $ALL_GROUPS);
     $renderer->assign('statuses', $STATUSES);
     $renderer->display('admin/user/edit.tpl');
     break;
     // end default
 // end default
 case 'save':
     $USER = array('id' => $user->getUserId(), 'status' => stripinput(trim($_POST['user']['status'])), 'title' => stripinput(trim($_POST['user']['title'])), 'profile' => clean_xhtml(trim($_POST['user']['profile'])), 'signature' => clean_xhtml(trim($_POST['user']['signature'])), 'groups' => $_POST['user']['groups']);
     if (in_array($USER['status'], $STATUSES) == false) {
         $ERRORS[] = 'Invalid user status.';
     }
     if ($USER['title'] == null) {
         $ERRORS[] = 'Title must be specified.';
     } elseif (strlen($USER['title']) > 20) {
         $ERRORS[] = 'There is a maxlength=20 on that field for a reason.';
     }
     $user->setAccessLevel($USER['status']);
     $user->setUserTitle($USER['title']);
     $user->setProfile($USER['profile']);
     $user->setSignature($USER['signature']);
     $user->save();
     $user->updateGroups($USER['groups']);
     $_SESSION['user_notice'] = 'Your changes have been saved.';