function validate_search_word($word, $idx)
{
static $stopwords;
// If the word is a keyword we don't want to index it, but we do want to be allowed to search it
if (is_keyword($word)) {
return !$idx;
}
if (!isset($stopwords)) {
if (file_exists(FORUM_CACHE_DIR . 'cache_stopwords.php')) {
include FORUM_CACHE_DIR . 'cache_stopwords.php';
}
if (!defined('FEATHER_STOPWORDS_LOADED')) {
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
require FEATHER_ROOT . 'include/cache.php';
}
generate_stopwords_cache();
require FORUM_CACHE_DIR . 'cache_stopwords.php';
}
}
// If it is a stopword it isn't valid
if (in_array($word, $stopwords)) {
return false;
}
// If the word is CJK we don't want to index it, but we do want to be allowed to search it
if (is_cjk($word)) {
return !$idx;
}
// Exclude % and * when checking whether current word is valid
$word = str_replace(array('%', '*'), '', $word);
// Check the word is within the min/max length
$num_chars = feather_strlen($word);
return $num_chars >= FEATHER_SEARCH_MIN_WORD && $num_chars <= FEATHER_SEARCH_MAX_WORD;
}
public function check_errors_before_edit($id, $can_edit_subject, $errors)
{
global $lang_post, $pd;
// If it's a topic it must contain a subject
if ($can_edit_subject) {
$subject = feather_trim($this->request->post('req_subject'));
if ($this->config['o_censoring'] == '1') {
$censored_subject = feather_trim(censor_words($subject));
}
if ($subject == '') {
$errors[] = $lang_post['No subject'];
} elseif ($this->config['o_censoring'] == '1' && $censored_subject == '') {
$errors[] = $lang_post['No subject after censoring'];
} elseif (feather_strlen($subject) > 70) {
$errors[] = $lang_post['Too long subject'];
} elseif ($this->config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$this->user->is_admmod) {
$errors[] = $lang_post['All caps subject'];
}
}
// Clean up message from POST
$message = feather_linebreaks(feather_trim($this->request->post('req_message')));
// Here we use strlen() not feather_strlen() as we want to limit the post to FEATHER_MAX_POSTSIZE bytes, not characters
if (strlen($message) > FEATHER_MAX_POSTSIZE) {
$errors[] = sprintf($lang_post['Too long message'], forum_number_format(FEATHER_MAX_POSTSIZE));
} elseif ($this->config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$this->user->is_admmod) {
$errors[] = $lang_post['All caps message'];
}
// Validate BBCode syntax
if ($this->config['p_message_bbcode'] == '1') {
require FEATHER_ROOT . 'include/parser.php';
$message = preparse_bbcode($message, $errors);
}
if (empty($errors)) {
if ($message == '') {
$errors[] = $lang_post['No message'];
} elseif ($this->config['o_censoring'] == '1') {
// Censor message to see if that causes problems
$censored_message = feather_trim(censor_words($message));
if ($censored_message == '') {
$errors[] = $lang_post['No message after censoring'];
}
}
}
return $errors;
}
public function split_posts($tid, $fid, $p = null)
{
global $lang_common, $lang_misc, $lang_post;
$posts = $this->request->post('posts') ? $this->request->post('posts') : array();
if (empty($posts)) {
message($lang_misc['No posts selected']);
}
if ($this->request->post('split_posts_comply')) {
if (@preg_match('%[^0-9,]%', $posts)) {
message($lang_common['Bad request'], '404');
}
$move_to_forum = $this->request->post('move_to_forum') ? intval($this->request->post('move_to_forum')) : 0;
if ($move_to_forum < 1) {
message($lang_common['Bad request'], '404');
}
// How many posts did we just split off?
$num_posts_splitted = substr_count($posts, ',') + 1;
// Verify that the post IDs are valid
$posts_array = explode(',', $posts);
$result = DB::for_table('posts')->where_in('id', $posts_array)->where('topic_id', $tid)->find_many();
if (count($result) != $num_posts_splitted) {
message($lang_common['Bad request'], '404');
}
// Verify that the move to forum ID is valid
$where_split_posts = array(array('fp.post_topics' => 'IS NULL'), array('fp.post_topics' => '1'));
$result = DB::for_table('forums')->table_alias('f')->left_outer_join('forum_perms', array('fp.forum_id', '=', $move_to_forum), 'fp', true)->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where_any_is($where_split_posts)->where_null('f.redirect_url')->find_one();
if (!$result) {
message($lang_common['Bad request'], '404');
}
// Load the post.php language file
require FEATHER_ROOT . 'lang/' . $this->user->language . '/post.php';
// Check subject
$new_subject = $this->request->post('new_subject') ? feather_trim($this->request->post('new_subject')) : '';
if ($new_subject == '') {
message($lang_post['No subject']);
} elseif (feather_strlen($new_subject) > 70) {
message($lang_post['Too long subject']);
}
// Get data from the new first post
$select_first_post = array('id', 'poster', 'posted');
$first_post_data = DB::for_table('posts')->select_many($select_first_post)->where_in('id', $posts_array)->order_by_asc('id')->find_one();
// Create the new topic
$insert_topic = array('poster' => $first_post_data['poster'], 'subject' => $new_subject, 'posted' => $first_post_data['posted'], 'first_post_id' => $first_post_data['id'], 'forum_id' => $move_to_forum);
DB::for_table('topics')->create()->set($insert_topic)->save();
$new_tid = DB::get_db()->lastInsertId($this->feather->prefix . 'topics');
// Move the posts to the new topic
DB::for_table('posts')->where_in('id', $posts_array)->find_one()->set('topic_id', $new_tid)->save();
// Apply every subscription to both topics
DB::for_table('topic_subscriptions')->raw_query('INSERT INTO ' . $this->feather->prefix . 'topic_subscriptions (user_id, topic_id) SELECT user_id, ' . $new_tid . ' FROM ' . $this->feather->prefix . 'topic_subscriptions WHERE topic_id=:tid', array('tid' => $tid));
// Get last_post, last_post_id, and last_poster from the topic and update it
$select_last_post = array('id', 'poster', 'posted');
$last_old_post_data = DB::for_table('posts')->select_many($select_last_post)->where('topic_id', $tid)->order_by_desc('id')->find_one();
// Update the old topic
$update_old_topic = array('last_post' => $last_old_post_data['posted'], 'last_post_id' => $last_old_post_data['id'], 'last_poster' => $last_old_post_data['poster']);
DB::for_table('topics')->where('id', $tid)->find_one()->set($update_old_topic)->set_expr('num_replies', 'num_replies-' . $num_posts_splitted)->save();
// Get last_post, last_post_id, and last_poster from the new topic and update it
$select_new_post = array('id', 'poster', 'posted');
$last_new_post_data = DB::for_table('posts')->select_many($select_new_post)->where('topic_id', $new_tid)->order_by_desc('id')->find_one();
// Update the new topic
$update_new_topic = array('last_post' => $last_new_post_data['posted'], 'last_post_id' => $last_new_post_data['id'], 'last_poster' => $last_new_post_data['poster']);
DB::for_table('topics')->where('id', $new_tid)->find_one()->set($update_new_topic)->set_expr('num_replies', 'num_replies-' . $num_posts_splitted - 1)->save();
update_forum($fid);
update_forum($move_to_forum);
redirect(get_link('topic/' . $new_tid . '/'), $lang_misc['Split posts redirect']);
}
return $posts;
}
function check_username($username, $errors, $exclude_id = null)
{
global $feather, $feather_config, $errors, $lang_prof_reg, $lang_register, $lang_common, $feather_bans;
// Include UTF-8 function
require_once FEATHER_ROOT . 'include/utf8/strcasecmp.php';
// Convert multiple whitespace characters into one (to prevent people from registering with indistinguishable usernames)
$username = preg_replace('%\\s+%s', ' ', $username);
// Validate username
if (feather_strlen($username) < 2) {
$errors[] = $lang_prof_reg['Username too short'];
} elseif (feather_strlen($username) > 25) {
// This usually doesn't happen since the form element only accepts 25 characters
$errors[] = $lang_prof_reg['Username too long'];
} elseif (!strcasecmp($username, 'Guest') || !utf8_strcasecmp($username, $lang_common['Guest'])) {
$errors[] = $lang_prof_reg['Username guest'];
} elseif (preg_match('%[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}%', $username) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $username)) {
$errors[] = $lang_prof_reg['Username IP'];
} elseif ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false) {
$errors[] = $lang_prof_reg['Username reserved chars'];
} elseif (preg_match('%(?:\\[/?(?:b|u|s|ins|del|em|i|h|colou?r|quote|code|img|url|email|list|\\*|topic|post|forum|user)\\]|\\[(?:img|url|quote|list)=)%i', $username)) {
$errors[] = $lang_prof_reg['Username BBCode'];
}
// Check username for any censored words
if ($feather_config['o_censoring'] == '1' && censor_words($username) != $username) {
$errors[] = $lang_register['Username censor'];
}
// Check that the username (or a too similar username) is not already registered
$query = !is_null($exclude_id) ? ' AND id!=' . $exclude_id : '';
$result = \DB::for_table('online')->raw_query('SELECT username FROM ' . $feather->prefix . 'users WHERE (UPPER(username)=UPPER(:username1) OR UPPER(username)=UPPER(:username2)) AND id>1' . $query, array(':username1' => $username, ':username2' => ucp_preg_replace('%[^\\p{L}\\p{N}]%u', '', $username)))->find_one();
if ($result) {
$busy = $result['username'];
$errors[] = $lang_register['Username dupe 1'] . ' ' . feather_escape($busy) . '. ' . $lang_register['Username dupe 2'];
}
// Check username for any banned usernames
foreach ($feather_bans as $cur_ban) {
if ($cur_ban['username'] != '' && utf8_strtolower($username) == utf8_strtolower($cur_ban['username'])) {
$errors[] = $lang_prof_reg['Banned username'];
break;
}
}
return $errors;
}
public function check_for_errors()
{
global $lang_register, $lang_prof_reg, $lang_common, $lang_antispam, $lang_antispam_questions;
$user = array();
$user['errors'] = '';
// Check that someone from this IP didn't register a user within the last hour (DoS prevention)
$already_registered = DB::for_table('users')->where('registration_ip', get_remote_address())->where_gt('registered', time() - 3600)->find_one();
if ($already_registered) {
message($lang_register['Registration flood']);
}
$user['username'] = feather_trim($this->request->post('req_user'));
$user['email1'] = strtolower(feather_trim($this->request->post('req_email1')));
if ($this->config['o_regs_verify'] == '1') {
$email2 = strtolower(feather_trim($this->request->post('req_email2')));
$user['password1'] = random_pass(12);
$password2 = $user['password1'];
} else {
$user['password1'] = feather_trim($this->request->post('req_password1'));
$password2 = feather_trim($this->request->post('req_password2'));
}
// Validate username and passwords
$user['errors'] = check_username($user['username'], $user['errors']);
if (feather_strlen($user['password1']) < 6) {
$user['errors'][] = $lang_prof_reg['Pass too short'];
} elseif ($user['password1'] != $password2) {
$user['errors'][] = $lang_prof_reg['Pass not match'];
}
// Antispam feature
$question = $this->request->post('captcha_q') ? trim($this->request->post('captcha_q')) : '';
$answer = $this->request->post('captcha') ? strtoupper(trim($this->request->post('captcha'))) : '';
$lang_antispam_questions_array = array();
foreach ($lang_antispam_questions as $k => $v) {
$lang_antispam_questions_array[md5($k)] = strtoupper($v);
}
if (empty($lang_antispam_questions_array[$question]) || $lang_antispam_questions_array[$question] != $answer) {
$user['errors'][] = $lang_antispam['Robot test fail'];
}
// Validate email
require FEATHER_ROOT . 'include/email.php';
if (!is_valid_email($user['email1'])) {
$user['errors'][] = $lang_common['Invalid email'];
} elseif ($this->config['o_regs_verify'] == '1' && $user['email1'] != $email2) {
$user['errors'][] = $lang_register['Email not match'];
}
// Check if it's a banned email address
if (is_banned_email($user['email1'])) {
if ($this->config['p_allow_banned_email'] == '0') {
$user['errors'][] = $lang_prof_reg['Banned email'];
}
$user['banned_email'] = 1;
// Used later when we send an alert email
}
// Check if someone else already has registered with that email address
$dupe_list = array();
$dupe_mail = DB::for_table('users')->select('username')->where('email', $user['email1'])->find_many();
if ($dupe_mail) {
if ($this->config['p_allow_dupe_email'] == '0') {
$user['errors'][] = $lang_prof_reg['Dupe email'];
}
foreach ($dupe_mail as $cur_dupe) {
$dupe_list[] = $cur_dupe['username'];
}
}
// Make sure we got a valid language string
if ($this->request->post('language')) {
$user['language'] = preg_replace('%[\\.\\\\/]%', '', $this->request->post('language'));
if (!file_exists(FEATHER_ROOT . 'lang/' . $user['language'] . '/common.php')) {
message($lang_common['Bad request'], '404');
}
} else {
$user['language'] = $this->config['o_default_lang'];
}
return $user;
}
public function check_errors_before_post($fid, $tid, $qid, $pid, $page, $errors)
{
global $lang_post, $lang_common, $lang_prof_reg, $lang_register, $lang_antispam, $lang_antispam_questions, $pd;
// Antispam feature
if ($this->user->is_guest) {
// It's a guest, so we have to validate the username
$errors = check_username(feather_trim($this->request->post('req_username')), $errors);
$question = $this->request->post('captcha_q') ? trim($this->request->post('captcha_q')) : '';
$answer = $this->request->post('captcha') ? strtoupper(trim($this->request->post('captcha'))) : '';
$lang_antispam_questions_array = array();
foreach ($lang_antispam_questions as $k => $v) {
$lang_antispam_questions_array[md5($k)] = strtoupper($v);
}
if (empty($lang_antispam_questions_array[$question]) || $lang_antispam_questions_array[$question] != $answer) {
$errors[] = $lang_antispam['Robot test fail'];
}
}
// Flood protection
if ($this->request->post('preview') != '' && $this->user->last_post != '' && time() - $this->user->last_post < $this->user->g_post_flood) {
$errors[] = sprintf($lang_post['Flood start'], $this->user->g_post_flood, $this->user->g_post_flood - (time() - $this->user->last_post));
}
if ($tid) {
$subject_tid = DB::for_table('topics')->where('id', $tid)->find_one_col('subject');
if (!$subject_tid) {
message($lang_common['Bad request'], '404');
}
$url_subject = url_friendly($subject_tid);
} else {
$url_subject = '';
}
// If it's a new topic
if ($fid) {
$subject = feather_trim($this->request->post('req_subject'));
if ($this->config['o_censoring'] == '1') {
$censored_subject = feather_trim(censor_words($subject));
}
if ($subject == '') {
$errors[] = $lang_post['No subject'];
} elseif ($this->config['o_censoring'] == '1' && $censored_subject == '') {
$errors[] = $lang_post['No subject after censoring'];
} elseif (feather_strlen($subject) > 70) {
$errors[] = $lang_post['Too long subject'];
} elseif ($this->config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$this->user->is_admmod) {
$errors[] = $lang_post['All caps subject'];
}
}
if ($this->user->is_guest) {
$email = strtolower(feather_trim($this->config['p_force_guest_email'] == '1' ? $this->request->post('req_email') : $this->request->post('email')));
// Load the register.php/prof_reg.php language files
require FEATHER_ROOT . 'lang/' . $this->user->language . '/prof_reg.php';
require FEATHER_ROOT . 'lang/' . $this->user->language . '/register.php';
if ($this->config['p_force_guest_email'] == '1' || $email != '') {
require FEATHER_ROOT . 'include/email.php';
if (!is_valid_email($email)) {
$errors[] = $lang_common['Invalid email'];
}
// Check if it's a banned email address
// we should only check guests because members' addresses are already verified
if ($this->user->is_guest && is_banned_email($email)) {
if ($this->config['p_allow_banned_email'] == '0') {
$errors[] = $lang_prof_reg['Banned email'];
}
$errors['banned_email'] = 1;
// Used later when we send an alert email
}
}
}
// Clean up message from POST
$message = feather_linebreaks(feather_trim($this->request->post('req_message')));
// Here we use strlen() not feather_strlen() as we want to limit the post to FEATHER_MAX_POSTSIZE bytes, not characters
if (strlen($message) > FEATHER_MAX_POSTSIZE) {
$errors[] = sprintf($lang_post['Too long message'], forum_number_format(FEATHER_MAX_POSTSIZE));
} elseif ($this->config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$this->user->is_admmod) {
$errors[] = $lang_post['All caps message'];
}
// Validate BBCode syntax
if ($this->config['p_message_bbcode'] == '1') {
require FEATHER_ROOT . 'include/parser.php';
$message = preparse_bbcode($message, $errors);
}
if (empty($errors)) {
if ($message == '') {
$errors[] = $lang_post['No message'];
} elseif ($this->config['o_censoring'] == '1') {
// Censor message to see if that causes problems
$censored_message = feather_trim(censor_words($message));
if ($censored_message == '') {
$errors[] = $lang_post['No message after censoring'];
}
}
}
return $errors;
}
?> </span> </td> </tr> <tr> <th scope="row"><?php echo $lang_admin_options['SMTP password label']; ?> </th> <td> <label><input type="checkbox" name="form_smtp_change_pass" value="1" /> <?php echo $lang_admin_options['SMTP change password help']; ?> </label> <?php $smtp_pass = !empty($feather_config['o_smtp_pass']) ? random_key(feather_strlen($feather_config['o_smtp_pass']), true) : ''; ?> <input type="password" name="form_smtp_pass1" size="25" maxlength="50" value="<?php echo $smtp_pass; ?> " /> <input type="password" name="form_smtp_pass2" size="25" maxlength="50" value="<?php echo $smtp_pass; ?> " /> <span><?php echo $lang_admin_options['SMTP password help']; ?> </span> </td> </tr>
public function get_search_results()
{
global $db_type, $lang_common, $lang_search;
$search = array();
$action = $this->request->get('action') ? $this->request->get('action') : null;
$forums = $this->request->get('forums') ? is_array($this->request->get('forums')) ? $this->request->get('forums') : array_filter(explode(',', $this->request->get('forums'))) : ($this->request->get('forums') ? array($this->request->get('forums')) : array());
$sort_dir = $this->request->get('sort_dir') && $this->request->get('sort_dir') == 'DESC' ? 'DESC' : 'ASC';
$forums = array_map('intval', $forums);
// Allow the old action names for backwards compatibility reasons
if ($action == 'show_user') {
$action = 'show_user_posts';
} elseif ($action == 'show_24h') {
$action = 'show_recent';
}
// If a search_id was supplied
if ($this->request->get('search_id')) {
$search_id = intval($this->request->get('search_id'));
if ($search_id < 1) {
message($lang_common['Bad request'], '404');
}
} elseif ($action == 'search') {
$keywords = $this->request->get('keywords') ? utf8_strtolower(feather_trim($this->request->get('keywords'))) : null;
$author = $this->request->get('author') ? utf8_strtolower(feather_trim($this->request->get('author'))) : null;
if (preg_match('%^[\\*\\%]+$%', $keywords) || feather_strlen(str_replace(array('*', '%'), '', $keywords)) < FEATHER_SEARCH_MIN_WORD && !is_cjk($keywords)) {
$keywords = '';
}
if (preg_match('%^[\\*\\%]+$%', $author) || feather_strlen(str_replace(array('*', '%'), '', $author)) < 2) {
$author = '';
}
if (!$keywords && !$author) {
message($lang_search['No terms']);
}
if ($author) {
$author = str_replace('*', '%', $author);
}
$show_as = $this->request->get('show_as') && $this->request->get('show_as') == 'topics' ? 'topics' : 'posts';
$sort_by = $this->request->get('sort_by') ? intval($this->request->get('sort_by')) : 0;
$search_in = !$this->request->get('search_in') || $this->request->get('search_in') == '0' ? 0 : ($this->request->get('search_in') == '1' ? 1 : -1);
} elseif ($action == 'show_user_posts' || $action == 'show_user_topics' || $action == 'show_subscriptions') {
$user_id = $this->request->get('user_id') ? intval($this->request->get('user_id')) : $this->user->id;
if ($user_id < 2) {
message($lang_common['Bad request'], '404');
}
// Subscribed topics can only be viewed by admins, moderators and the users themselves
if ($action == 'show_subscriptions' && !$this->user->is_admmod && $user_id != $this->user->id) {
message($lang_common['No permission'], '403');
}
} elseif ($action == 'show_recent') {
$interval = $this->request->get('value') ? intval($this->request->get('value')) : 86400;
} elseif ($action == 'show_replies') {
if ($this->user->is_guest) {
message($lang_common['Bad request'], '404');
}
} elseif ($action != 'show_new' && $action != 'show_unanswered') {
message($lang_common['Bad request'], '404');
}
// If a valid search_id was supplied we attempt to fetch the search results from the db
if (isset($search_id)) {
$ident = $this->user->is_guest ? get_remote_address() : $this->user->username;
$search_data = DB::for_table('search_cache')->where('id', $search_id)->where('ident', $ident)->find_one_col('search_data');
if ($search_data) {
$temp = unserialize($search_data);
$search_ids = unserialize($temp['search_ids']);
$num_hits = $temp['num_hits'];
$sort_by = $temp['sort_by'];
$sort_dir = $temp['sort_dir'];
$show_as = $temp['show_as'];
$search_type = $temp['search_type'];
unset($temp);
} else {
message($lang_search['No hits']);
}
} else {
$keyword_results = $author_results = array();
// Search a specific forum?
$forum_sql = !empty($forums) || empty($forums) && $this->config['o_search_all_forums'] == '0' && !$this->user->is_admmod ? ' AND t.forum_id IN (' . implode(',', $forums) . ')' : '';
if (!empty($author) || !empty($keywords)) {
// Flood protection
if ($this->user->last_search && time() - $this->user->last_search < $this->user->g_search_flood && time() - $this->user->last_search >= 0) {
message(sprintf($lang_search['Search flood'], $this->user->g_search_flood, $this->user->g_search_flood - (time() - $this->user->last_search)));
}
if (!$this->user->is_guest) {
DB::for_table('users')->where('id', $this->user->id)->update_many('last_search', time());
} else {
DB::for_table('online')->where('ident', get_remote_address())->update_many('last_search', time());
}
switch ($sort_by) {
case 1:
$sort_by_sql = $show_as == 'topics' ? 't.poster' : 'p.poster';
$sort_type = SORT_STRING;
break;
case 2:
$sort_by_sql = 't.subject';
$sort_type = SORT_STRING;
break;
case 3:
$sort_by_sql = 't.forum_id';
$sort_type = SORT_NUMERIC;
break;
case 4:
$sort_by_sql = 't.last_post';
$sort_type = SORT_NUMERIC;
break;
default:
$sort_by_sql = $show_as == 'topics' ? 't.last_post' : 'p.posted';
$sort_type = SORT_NUMERIC;
break;
}
// If it's a search for keywords
if ($keywords) {
// split the keywords into words
$keywords_array = split_words($keywords, false);
if (empty($keywords_array)) {
message($lang_search['No hits']);
}
// Should we search in message body or topic subject specifically?
$search_in_cond = $search_in ? $search_in > 0 ? ' AND m.subject_match = 0' : ' AND m.subject_match = 1' : '';
$word_count = 0;
$match_type = 'and';
$sort_data = array();
foreach ($keywords_array as $cur_word) {
switch ($cur_word) {
case 'and':
case 'or':
case 'not':
$match_type = $cur_word;
break;
default:
if (is_cjk($cur_word)) {
$where_cond = str_replace('*', '%', $cur_word);
$where_cond_cjk = $search_in ? $search_in > 0 ? 'p.message LIKE %:where_cond%' : 't.subject LIKE %:where_cond%' : 'p.message LIKE %:where_cond% OR t.subject LIKE %:where_cond%';
$result = DB::for_table('posts')->raw_query('SELECT p.id AS post_id, p.topic_id, ' . $sort_by_sql . ' AS sort_by FROM ' . $this->feather->prefix . 'posts AS p INNER JOIN ' . $this->feather->prefix . 'topics AS t ON t.id=p.topic_id LEFT JOIN ' . $this->feather->prefix . 'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id=' . $this->user->g_id . ') WHERE (' . $where_cond_cjk . ') AND (fp.read_forum IS NULL OR fp.read_forum=1)' . $forum_sql, array(':where_cond' => $where_cond))->find_many();
} else {
$result = DB::for_table('posts')->raw_query('SELECT m.post_id, p.topic_id, ' . $sort_by_sql . ' AS sort_by FROM ' . $this->feather->prefix . 'search_words AS w INNER JOIN ' . $this->feather->prefix . 'search_matches AS m ON m.word_id = w.id INNER JOIN ' . $this->feather->prefix . 'posts AS p ON p.id=m.post_id INNER JOIN ' . $this->feather->prefix . 'topics AS t ON t.id=p.topic_id LEFT JOIN ' . $this->feather->prefix . 'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id=' . $this->user->g_id . ') WHERE w.word LIKE :where_cond' . $search_in_cond . ' AND (fp.read_forum IS NULL OR fp.read_forum=1)' . $forum_sql, array(':where_cond' => str_replace('*', '%', $cur_word)))->find_many();
}
$row = array();
foreach ($result as $temp) {
$row[$temp['post_id']] = $temp['topic_id'];
if (!$word_count) {
$keyword_results[$temp['post_id']] = $temp['topic_id'];
$sort_data[$temp['post_id']] = $temp['sort_by'];
} elseif ($match_type == 'or') {
$keyword_results[$temp['post_id']] = $temp['topic_id'];
$sort_data[$temp['post_id']] = $temp['sort_by'];
} elseif ($match_type == 'not') {
unset($keyword_results[$temp['post_id']]);
unset($sort_data[$temp['post_id']]);
}
}
if ($match_type == 'and' && $word_count) {
foreach ($keyword_results as $post_id => $topic_id) {
if (!isset($row[$post_id])) {
unset($keyword_results[$post_id]);
unset($sort_data[$post_id]);
}
}
}
++$word_count;
$pdo = DB::get_db();
$pdo = null;
break;
}
}
// Sort the results - annoyingly array_multisort re-indexes arrays with numeric keys, so we need to split the keys out into a separate array then combine them again after
$post_ids = array_keys($keyword_results);
$topic_ids = array_values($keyword_results);
array_multisort(array_values($sort_data), $sort_dir == 'DESC' ? SORT_DESC : SORT_ASC, $sort_type, $post_ids, $topic_ids);
// combine the arrays back into a key=>value array (array_combine is PHP5 only unfortunately)
$num_results = count($keyword_results);
$keyword_results = array();
for ($i = 0; $i < $num_results; $i++) {
$keyword_results[$post_ids[$i]] = $topic_ids[$i];
}
unset($sort_data, $post_ids, $topic_ids);
}
// If it's a search for author name (and that author name isn't Guest)
if ($author && $author != 'guest' && $author != utf8_strtolower($lang_common['Guest'])) {
$username_exists = DB::for_table('users')->select('id')->where_like('username', $author)->find_many();
if ($username_exists) {
$user_ids = array();
foreach ($username_exists as $row) {
$user_ids[] = $row['id'];
}
$result = DB::for_table('posts')->raw_query('SELECT p.id AS post_id, p.topic_id FROM ' . $this->feather->prefix . 'posts AS p INNER JOIN ' . $this->feather->prefix . 'topics AS t ON t.id=p.topic_id LEFT JOIN ' . $this->feather->prefix . 'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id=' . $this->user->g_id . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.poster_id IN(' . implode(',', $user_ids) . ')' . $forum_sql . ' ORDER BY ' . $sort_by_sql . ' ' . $sort_dir)->find_many();
foreach ($result as $temp) {
$author_results[$temp['post_id']] = $temp['topic_id'];
}
$pdo = DB::get_db();
$pdo = null;
}
}
// If we searched for both keywords and author name we want the intersection between the results
if ($author && $keywords) {
$search_ids = array_intersect_assoc($keyword_results, $author_results);
$search_type = array('both', array($keywords, feather_trim($this->request->get('author'))), implode(',', $forums), $search_in);
} elseif ($keywords) {
$search_ids = $keyword_results;
$search_type = array('keywords', $keywords, implode(',', $forums), $search_in);
} else {
$search_ids = $author_results;
$search_type = array('author', feather_trim($this->request->get('author')), implode(',', $forums), $search_in);
}
unset($keyword_results, $author_results);
if ($show_as == 'topics') {
$search_ids = array_values($search_ids);
} else {
$search_ids = array_keys($search_ids);
}
$search_ids = array_unique($search_ids);
$num_hits = count($search_ids);
if (!$num_hits) {
message($lang_search['No hits']);
}
} elseif ($action == 'show_new' || $action == 'show_recent' || $action == 'show_replies' || $action == 'show_user_posts' || $action == 'show_user_topics' || $action == 'show_subscriptions' || $action == 'show_unanswered') {
$search_type = array('action', $action);
$show_as = 'topics';
// We want to sort things after last post
$sort_by = 0;
$sort_dir = 'DESC';
$where_search_action = array(array('fp.read_forum' => 'IS NULL'), array('fp.read_forum' => '1'));
// If it's a search for new posts since last visit
if ($action == 'show_new') {
if ($this->user->is_guest) {
message($lang_common['No permission'], '403');
}
$result = DB::for_table('topics')->table_alias('t')->select('t.id')->left_outer_join('forum_perms', array('fp.forum_id', '=', 't.forum_id'), 'fp')->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where_any_is($where_search_action)->where_gt('t.last_post', $this->user->last_visit)->where_null('t.moved_to')->order_by_desc('t.last_post');
if ($this->request->get('fid')) {
$result = $result->where('t.forum_id', intval($this->request->get('fid')));
}
$result = $result->find_many();
$num_hits = count($result);
if (!$num_hits) {
message($lang_search['No new posts']);
}
} elseif ($action == 'show_recent') {
$result = DB::for_table('topics')->table_alias('t')->select('t.id')->left_outer_join('forum_perms', array('fp.forum_id', '=', 't.forum_id'), 'fp')->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where_any_is($where_search_action)->where_gt('t.last_post', time() - $interval)->where_null('t.moved_to')->order_by_desc('t.last_post');
if ($this->request->get('fid')) {
$result = $result->where('t.forum_id', intval($this->request->get('fid')));
}
$result = $result->find_many();
$num_hits = count($result);
if (!$num_hits) {
message($lang_search['No recent posts']);
}
} elseif ($action == 'show_replies') {
$result = DB::for_table('topics')->table_alias('t')->select('t.id')->inner_join('posts', array('t.id', '=', 'p.topic_id'), 'p')->left_outer_join('forum_perms', array('fp.forum_id', '=', 't.forum_id'), 'fp')->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where_any_is($where_search_action)->where('p.poster_id', $this->user->id)->group_by('t.id');
if ($db_type == 'pgsql') {
$result = $result->group_by('t.last_post');
}
$result = $result->find_many();
$num_hits = count($result);
if (!$num_hits) {
message($lang_search['No user posts']);
}
} elseif ($action == 'show_user_posts') {
$show_as = 'posts';
$result = DB::for_table('posts')->table_alias('p')->select('p.id')->inner_join('topics', array('p.topic_id', '=', 't.id'), 't')->left_outer_join('forum_perms', array('fp.forum_id', '=', 't.forum_id'), 'fp')->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where_any_is($where_search_action)->where('p.poster_id', $user_id)->order_by_desc('p.posted');
$result = $result->find_many();
$num_hits = count($result);
if (!$num_hits) {
message($lang_search['No user posts']);
}
// Pass on the user ID so that we can later know whose posts we're searching for
$search_type[2] = $user_id;
} elseif ($action == 'show_user_topics') {
$result = DB::for_table('topics')->table_alias('t')->select('t.id')->inner_join('posts', array('t.first_post_id', '=', 'p.id'), 'p')->left_outer_join('forum_perms', array('fp.forum_id', '=', 't.forum_id'), 'fp')->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where_any_is($where_search_action)->where('p.poster_id', $user_id)->order_by_desc('t.last_post');
$result = $result->find_many();
$num_hits = count($result);
if (!$num_hits) {
message($lang_search['No user topics']);
}
// Pass on the user ID so that we can later know whose topics we're searching for
$search_type[2] = $user_id;
} elseif ($action == 'show_subscriptions') {
if ($this->user->is_guest) {
message($lang_common['Bad request'], '404');
}
$result = DB::for_table('topics')->table_alias('t')->select('t.id')->inner_join('topic_subscriptions', array('t.id', '=', 's.topic_id'), 's')->inner_join('topic_subscriptions', array('s.user_id', '=', $user_id), null, true)->left_outer_join('forum_perms', array('fp.forum_id', '=', 't.forum_id'), 'fp')->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where_any_is($where_search_action)->order_by_desc('t.last_post');
$result = $result->find_many();
$num_hits = count($result);
if (!$num_hits) {
message($lang_search['No subscriptions']);
}
// Pass on user ID so that we can later know whose subscriptions we're searching for
$search_type[2] = $user_id;
} else {
$result = DB::for_table('topics')->table_alias('t')->select('t.id')->left_outer_join('forum_perms', array('fp.forum_id', '=', 't.forum_id'), 'fp')->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where('t.num_replies', 0)->where_null('t.moved_to')->where_any_is($where_search_action)->order_by_desc('t.last_post');
$result = $result->find_many();
$num_hits = count($result);
if (!$num_hits) {
message($lang_search['No unanswered']);
}
}
$search_ids = array();
foreach ($result as $row) {
$search_ids[] = $row['id'];
}
$pdo = DB::get_db();
$pdo = null;
} else {
message($lang_common['Bad request'], '404');
}
// Prune "old" search results
$old_searches = array();
$result = DB::for_table('online')->select('ident')->find_many();
if ($result) {
foreach ($result as $row) {
$old_searches[] = $row['ident'];
}
DB::for_table('search_cache')->where_not_in('ident', $old_searches)->delete_many();
}
// Fill an array with our results and search properties
$temp = serialize(array('search_ids' => serialize($search_ids), 'num_hits' => $num_hits, 'sort_by' => $sort_by, 'sort_dir' => $sort_dir, 'show_as' => $show_as, 'search_type' => $search_type));
$search_id = mt_rand(1, 2147483647);
$ident = $this->user->is_guest ? get_remote_address() : $this->user->username;
$insert_cache = array('id' => $search_id, 'ident' => $ident, 'search_data' => $temp);
DB::for_table('search_cache')->create()->set($insert_cache)->save();
if ($search_type[0] != 'action') {
$this->db->end_transaction();
$this->db->close();
// Redirect the user to the cached result page
header('Location: ' . get_link('search/?search_id=' . $search_id));
exit;
}
}
// If we're on the new posts search, display a "mark all as read" link
if (!$this->user->is_guest && $search_type[0] == 'action' && $search_type[1] == 'show_new') {
$search['forum_actions'][] = '<a href="' . get_link('mark-read/') . '">' . $lang_common['Mark all as read'] . '</a>';
}
// Fetch results to display
if (!empty($search_ids)) {
// We have results
$search['is_result'] = true;
switch ($sort_by) {
case 1:
$sort_by_sql = $show_as == 'topics' ? 't.poster' : 'p.poster';
break;
case 2:
$sort_by_sql = 't.subject';
break;
case 3:
$sort_by_sql = 't.forum_id';
break;
default:
$sort_by_sql = $show_as == 'topics' ? 't.last_post' : 'p.posted';
break;
}
// Determine the topic or post offset (based on $_GET['p'])
$per_page = $show_as == 'posts' ? $this->user->disp_posts : $this->user->disp_topics;
$num_pages = ceil($num_hits / $per_page);
$p = !$this->request->get('p') || $this->request->get('p') <= 1 || $this->request->get('p') > $num_pages ? 1 : intval($this->request->get('p'));
$start_from = $per_page * ($p - 1);
$search['start_from'] = $start_from;
// Generate paging links
$search['paging_links'] = '<span class="pages-label">' . $lang_common['Pages'] . ' </span>' . paginate_old($num_pages, $p, '?search_id=' . $search_id);
// throw away the first $start_from of $search_ids, only keep the top $per_page of $search_ids
$search_ids = array_slice($search_ids, $start_from, $per_page);
// Run the query and fetch the results
if ($show_as == 'posts') {
$select_search_post = array('pid' => 'p.id', 'pposter' => 'p.poster', 'pposted' => 'p.posted', 'p.poster_id', 'p.message', 'p.hide_smilies', 'tid' => 't.id', 't.poster', 't.subject', 't.first_post_id', 't.last_post', 't.last_post_id', 't.last_poster', 't.num_replies', 't.forum_id', 'f.forum_name');
$result = DB::for_table('posts')->table_alias('p')->select_many($select_search_post)->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')->where_in('p.id', $search_ids)->order_by($sort_by_sql, $sort_dir)->find_many();
} else {
$select_search_topic = array('tid' => 't.id', 't.poster', 't.subject', 't.last_post', 't.last_post_id', 't.last_poster', 't.num_replies', 't.closed', 't.sticky', 't.forum_id', 'f.forum_name');
$result = DB::for_table('topics')->table_alias('t')->select_many($select_search_topic)->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')->where_in('t.id', $search_ids)->order_by($sort_by_sql, $sort_dir)->find_many();
}
$search['search_set'] = array();
foreach ($result as $row) {
$search['search_set'][] = $row;
}
$search['crumbs_text']['show_as'] = $lang_search['Search'];
if ($search_type[0] == 'action') {
if ($search_type[1] == 'show_user_topics') {
$search['crumbs_text']['search_type'] = '<a href="' . get_link('search/?action=show_user_topics&user_id=' . $search_type[2]) . '">' . sprintf($lang_search['Quick search show_user_topics'], feather_escape($search['search_set'][0]['poster'])) . '</a>';
} elseif ($search_type[1] == 'show_user_posts') {
$search['crumbs_text']['search_type'] = '<a href="' . get_link('search/?action=show_user_posts&user_id=' . $search_type[2]) . '">' . sprintf($lang_search['Quick search show_user_posts'], feather_escape($search['search_set'][0]['pposter'])) . '</a>';
} elseif ($search_type[1] == 'show_subscriptions') {
// Fetch username of subscriber
$subscriber_id = $search_type[2];
$subscriber_name = DB::for_table('users')->where('id', $subscriber_id)->find_one_col('username');
if (!$subscriber_name) {
message($lang_common['Bad request'], '404');
}
$search['crumbs_text']['search_type'] = '<a href="' . get_link('search/?action=show_subscription&user_id=' . $subscriber_id) . '">' . sprintf($lang_search['Quick search show_subscriptions'], feather_escape($subscriber_name)) . '</a>';
} else {
$search_url = str_replace('_', '/', $search_type[1]);
$search['crumbs_text']['search_type'] = '<a href="' . get_link('search/' . $search_url . '/') . '">' . $lang_search['Quick search ' . $search_type[1]] . '</a>';
}
} else {
$keywords = $author = '';
if ($search_type[0] == 'both') {
list($keywords, $author) = $search_type[1];
$search['crumbs_text']['search_type'] = sprintf($lang_search['By both show as ' . $show_as], feather_escape($keywords), feather_escape($author));
} elseif ($search_type[0] == 'keywords') {
$keywords = $search_type[1];
$search['crumbs_text']['search_type'] = sprintf($lang_search['By keywords show as ' . $show_as], feather_escape($keywords));
} elseif ($search_type[0] == 'author') {
$author = $search_type[1];
$search['crumbs_text']['search_type'] = sprintf($lang_search['By user show as ' . $show_as], feather_escape($author));
}
$search['crumbs_text']['search_type'] = '<a href="' . get_link('search/?action=search&keywords=' . urlencode($keywords) . '&author=' . urlencode($author) . '&forums=' . $search_type[2] . '&search_in=' . $search_type[3] . '&sort_by=' . $sort_by . '&sort_dir=' . $sort_dir . '&show_as=' . $show_as) . '">' . $search['crumbs_text']['search_type'] . '</a>';
}
}
$search['show_as'] = $show_as;
return $search;
}
// Validate username and passwords
if (feather_strlen($username) < 2) {
$alerts[] = $lang_install['Username 1'];
} elseif (feather_strlen($username) > 25) {
// This usually doesn't happen since the form element only accepts 25 characters
$alerts[] = $lang_install['Username 2'];
} elseif (!strcasecmp($username, 'Guest')) {
$alerts[] = $lang_install['Username 3'];
} elseif (preg_match('%[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}%', $username) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $username)) {
$alerts[] = $lang_install['Username 4'];
} elseif ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false) {
$alerts[] = $lang_install['Username 5'];
} elseif (preg_match('%(?:\\[/?(?:b|u|i|h|colou?r|quote|code|img|url|email|list)\\]|\\[(?:code|quote|list)=)%i', $username)) {
$alerts[] = $lang_install['Username 6'];
}
if (feather_strlen($password1) < 6) {
$alerts[] = $lang_install['Short password'];
} elseif ($password1 != $password2) {
$alerts[] = $lang_install['Passwords not match'];
}
// Validate email
require FEATHER_ROOT . 'include/email.php';
if (!is_valid_email($email)) {
$alerts[] = $lang_install['Wrong email'];
}
if ($title == '') {
$alerts[] = $lang_install['No board title'];
}
$languages = forum_list_langs();
if (!in_array($default_lang, $languages)) {
$alerts[] = $lang_install['Error default language'];
public function update_profile($id, $info, $section)
{
global $lang_common, $lang_profile, $lang_prof_reg, $pd;
$username_updated = false;
// Validate input depending on section
switch ($section) {
case 'essentials':
$form = array('timezone' => floatval($this->request->post('form_timezone')), 'dst' => $this->request->post('form_dst') ? '1' : '0', 'time_format' => intval($this->request->post('form_time_format')), 'date_format' => intval($this->request->post('form_date_format')));
// Make sure we got a valid language string
if ($this->request->post('form_language')) {
$languages = forum_list_langs();
$form['language'] = feather_trim($this->request->post('form_language'));
if (!in_array($form['language'], $languages)) {
message($lang_common['Bad request'], '404');
}
}
if ($this->user->is_admmod) {
$form['admin_note'] = feather_trim($this->request->post('admin_note'));
// Are we allowed to change usernames?
if ($this->user->g_id == FEATHER_ADMIN || $this->user->g_moderator == '1' && $this->user->g_mod_rename_users == '1') {
$form['username'] = feather_trim($this->request->post('req_username'));
if ($form['username'] != $info['old_username']) {
// Check username
require FEATHER_ROOT . 'lang/' . $this->user->language . '/register.php';
$errors = '';
$errors = check_username($form['username'], $errors, $id);
if (!empty($errors)) {
message($errors[0]);
}
$username_updated = true;
}
}
// We only allow administrators to update the post count
if ($this->user->g_id == FEATHER_ADMIN) {
$form['num_posts'] = intval($this->request->post('num_posts'));
}
}
if ($this->config['o_regs_verify'] == '0' || $this->user->is_admmod) {
require FEATHER_ROOT . 'include/email.php';
// Validate the email address
$form['email'] = strtolower(feather_trim($this->request->post('req_email')));
if (!is_valid_email($form['email'])) {
message($lang_common['Invalid email']);
}
}
break;
case 'personal':
$form = array('realname' => $this->request->post('form_realname') ? feather_trim($this->request->post('form_realname')) : '', 'url' => $this->request->post('form_url') ? feather_trim($this->request->post('form_url')) : '', 'location' => $this->request->post('form_location') ? feather_trim($this->request->post('form_location')) : '');
// Add http:// if the URL doesn't contain it already (while allowing https://, too)
if ($this->user->g_post_links == '1') {
if ($form['url'] != '') {
$url = url_valid($form['url']);
if ($url === false) {
message($lang_profile['Invalid website URL']);
}
$form['url'] = $url['url'];
}
} else {
if (!empty($form['url'])) {
message($lang_profile['Website not allowed']);
}
$form['url'] = '';
}
if ($this->user->g_id == FEATHER_ADMIN) {
$form['title'] = feather_trim($this->request->post('title'));
} elseif ($this->user->g_set_title == '1') {
$form['title'] = feather_trim($this->request->post('title'));
if ($form['title'] != '') {
// A list of words that the title may not contain
// If the language is English, there will be some duplicates, but it's not the end of the world
$forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower($lang_common['Member']), utf8_strtolower($lang_common['Moderator']), utf8_strtolower($lang_common['Administrator']), utf8_strtolower($lang_common['Banned']), utf8_strtolower($lang_common['Guest']));
if (in_array(utf8_strtolower($form['title']), $forbidden)) {
message($lang_profile['Forbidden title']);
}
}
}
break;
case 'messaging':
$form = array('jabber' => feather_trim($this->request->post('form_jabber')), 'icq' => feather_trim($this->request->post('form_icq')), 'msn' => feather_trim($this->request->post('form_msn')), 'aim' => feather_trim($this->request->post('form_aim')), 'yahoo' => feather_trim($this->request->post('form_yahoo')));
// If the ICQ UIN contains anything other than digits it's invalid
if (preg_match('%[^0-9]%', $form['icq'])) {
message($lang_prof_reg['Bad ICQ']);
}
break;
case 'personality':
$form = array();
// Clean up signature from POST
if ($this->config['o_signatures'] == '1') {
$form['signature'] = feather_linebreaks(feather_trim($this->request->post('signature')));
// Validate signature
if (feather_strlen($form['signature']) > $this->config['p_sig_length']) {
message(sprintf($lang_prof_reg['Sig too long'], $this->config['p_sig_length'], feather_strlen($form['signature']) - $this->config['p_sig_length']));
} elseif (substr_count($form['signature'], "\n") > $this->config['p_sig_lines'] - 1) {
message(sprintf($lang_prof_reg['Sig too many lines'], $this->config['p_sig_lines']));
} elseif ($form['signature'] && $this->config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$this->user->is_admmod) {
$form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
}
// Validate BBCode syntax
if ($this->config['p_sig_bbcode'] == '1') {
require FEATHER_ROOT . 'include/parser.php';
$errors = array();
$form['signature'] = preparse_bbcode($form['signature'], $errors, true);
if (count($errors) > 0) {
message('<ul><li>' . implode('</li><li>', $errors) . '</li></ul>');
}
}
}
break;
case 'display':
$form = array('disp_topics' => feather_trim($this->request->post('form_disp_topics')), 'disp_posts' => feather_trim($this->request->post('form_disp_posts')), 'show_smilies' => $this->request->post('form_show_smilies') ? '1' : '0', 'show_img' => $this->request->post('form_show_img') ? '1' : '0', 'show_img_sig' => $this->request->post('form_show_img_sig') ? '1' : '0', 'show_avatars' => $this->request->post('form_show_avatars') ? '1' : '0', 'show_sig' => $this->request->post('form_show_sig') ? '1' : '0');
if ($form['disp_topics'] != '') {
$form['disp_topics'] = intval($form['disp_topics']);
if ($form['disp_topics'] < 3) {
$form['disp_topics'] = 3;
} elseif ($form['disp_topics'] > 75) {
$form['disp_topics'] = 75;
}
}
if ($form['disp_posts'] != '') {
$form['disp_posts'] = intval($form['disp_posts']);
if ($form['disp_posts'] < 3) {
$form['disp_posts'] = 3;
} elseif ($form['disp_posts'] > 75) {
$form['disp_posts'] = 75;
}
}
// Make sure we got a valid style string
if ($this->request->post('form_style')) {
$styles = forum_list_styles();
$form['style'] = feather_trim($this->request->post('form_style'));
if (!in_array($form['style'], $styles)) {
message($lang_common['Bad request'], '404');
}
}
break;
case 'privacy':
$form = array('email_setting' => intval($this->request->post('form_email_setting')), 'notify_with_post' => $this->request->post('form_notify_with_post') ? '1' : '0', 'auto_notify' => $this->request->post('form_auto_notify') ? '1' : '0');
if ($form['email_setting'] < 0 || $form['email_setting'] > 2) {
$form['email_setting'] = $this->config['o_default_email_setting'];
}
break;
default:
message($lang_common['Bad request'], '404');
}
// Single quotes around non-empty values and nothing for empty values
$temp = array();
foreach ($form as $key => $input) {
$temp[$key] = $input;
}
if (empty($temp)) {
message($lang_common['Bad request'], '404');
}
DB::for_table('users')->where('id', $id)->find_one()->set($temp)->save();
// If we changed the username we have to update some stuff
if ($username_updated) {
$bans_updated = DB::for_table('bans')->where('username', $info['old_username'])->update_many('username', $form['username']);
DB::for_table('posts')->where('poster_id', $id)->update_many('poster', $form['username']);
DB::for_table('posts')->where('edited_by', $info['old_username'])->update_many('edited_by', $form['username']);
DB::for_table('topics')->where('poster', $info['old_username'])->update_many('poster', $form['username']);
DB::for_table('topics')->where('last_poster', $info['old_username'])->update_many('last_poster', $form['username']);
DB::for_table('forums')->where('last_poster', $info['old_username'])->update_many('last_poster', $form['username']);
DB::for_table('online')->where('ident', $info['old_username'])->update_many('ident', $form['username']);
// If the user is a moderator or an administrator we have to update the moderator lists
$group_id = DB::for_table('users')->where('id', $id)->find_one_col('group_id');
$group_mod = DB::for_table('groups')->where('g_id', $group_id)->find_one_col('g_moderator');
if ($group_id == FEATHER_ADMIN || $group_mod == '1') {
$select_mods = array('id', 'moderators');
$result = DB::for_table('forums')->select_many($select_mods)->find_many();
foreach ($result as $cur_forum) {
$cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array();
if (in_array($id, $cur_moderators)) {
unset($cur_moderators[$info['old_username']]);
$cur_moderators[$form['username']] = $id;
uksort($cur_moderators, 'utf8_strcasecmp');
DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators))->save();
}
}
}
// Regenerate the users info cache
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
require FEATHER_ROOT . 'include/cache.php';
}
generate_users_info_cache();
// Check if the bans table was updated and regenerate the bans cache when needed
if ($bans_updated) {
generate_bans_cache();
}
}
redirect(get_link('user/' . $id . '/section/' . $section . '/'), $lang_profile['Profile redirect']);
}
