function EditBoard2() { global $txt, $db_prefix, $sourcedir, $modSettings; checkSession(); require_once $sourcedir . '/Subs-Boards.php'; $_POST['boardid'] = (int) $_POST['boardid']; // Mode: modify aka. don't delete. if (isset($_POST['edit']) || isset($_POST['add'])) { $boardOptions = array(); // Move this board to a new category? if (!empty($_POST['new_cat'])) { $boardOptions['move_to'] = 'bottom'; $boardOptions['target_category'] = (int) $_POST['new_cat']; } elseif (!empty($_POST['placement']) && !empty($_POST['board_order'])) { if (!in_array($_POST['placement'], array('before', 'after', 'child'))) { fatal_lang_error('mangled_post', false); } $boardOptions['move_to'] = $_POST['placement']; $boardOptions['target_board'] = (int) $_POST['board_order']; } // Checkboxes.... $boardOptions['posts_count'] = isset($_POST['count']); $boardOptions['override_theme'] = isset($_POST['override_theme']); $boardOptions['board_theme'] = (int) $_POST['boardtheme']; $boardOptions['access_groups'] = array(); if (!empty($_POST['groups'])) { foreach ($_POST['groups'] as $group) { $boardOptions['access_groups'][] = (int) $group; } } // Change '1 & 2' to '1 & 2', but not '&' to '&'... $boardOptions['board_name'] = preg_replace('~[&]([^;]{8}|[^;]{0,8}$)~', '&$1', $_POST['board_name']); $boardOptions['board_description'] = preg_replace('~[&]([^;]{8}|[^;]{0,8}$)~', '&$1', $_POST['desc']); // With permission_enable_by_board disabled you can set some predefined permissions. if (empty($modSettings['permission_enable_by_board'])) { $boardOptions['permission_mode'] = (int) $_POST['permission_mode']; $boardOptions['inherit_permissions'] = false; } $boardOptions['moderator_string'] = $_POST['moderators']; // Create a new board... if (isset($_POST['add'])) { // New boards by default go to the bottom of the category. if (empty($_POST['new_cat'])) { $boardOptions['target_category'] = (int) $_POST['cur_cat']; } if (!isset($boardOptions['move_to'])) { $boardOptions['move_to'] = 'bottom'; } createBoard($boardOptions); } else { modifyBoard($_POST['boardid'], $boardOptions); } } elseif (isset($_POST['delete']) && !isset($_POST['confirmation']) && !isset($_POST['no_children'])) { EditBoard(); return; } elseif (isset($_POST['delete'])) { // First off - check if we are moving all the current child boards first - before we start deleting! if (isset($_POST['delete_action']) && $_POST['delete_action'] == 1) { if (empty($_POST['board_to'])) { fatal_error($txt['mboards_delete_board_error']); } deleteBoards(array($_POST['boardid']), (int) $_POST['board_to']); } else { deleteBoards(array($_POST['boardid']), 0); } } redirectexit('action=manageboards'); }
function createBoard($boardOptions) { global $boards, $modSettings, $smcFunc; // Trigger an error if one of the required values is not set. if (!isset($boardOptions['board_name']) || trim($boardOptions['board_name']) == '' || !isset($boardOptions['move_to']) || !isset($boardOptions['target_category'])) { trigger_error('createBoard(): One or more of the required options is not set', E_USER_ERROR); } if (in_array($boardOptions['move_to'], array('child', 'before', 'after')) && !isset($boardOptions['target_board'])) { trigger_error('createBoard(): Target board is not set', E_USER_ERROR); } // Set every optional value to its default value. $boardOptions += array('posts_count' => true, 'override_theme' => false, 'board_theme' => 0, 'access_groups' => array(), 'board_description' => '', 'profile' => 1, 'moderators' => '', 'inherit_permissions' => true, 'dont_log' => true); // Insert a board, the settings are dealt with later. $smcFunc['db_insert']('', '{db_prefix}boards', array('id_cat' => 'int', 'name' => 'string-255', 'description' => 'string', 'board_order' => 'int', 'member_groups' => 'string', 'redirect' => 'string'), array($boardOptions['target_category'], $boardOptions['board_name'], '', 0, '-1,0', ''), array('id_board')); $board_id = $smcFunc['db_insert_id']('{db_prefix}boards', 'id_board'); if (empty($board_id)) { return 0; } // Change the board according to the given specifications. modifyBoard($board_id, $boardOptions); // Do we want the parent permissions to be inherited? if ($boardOptions['inherit_permissions']) { getBoardTree(); if (!empty($boards[$board_id]['parent'])) { $request = $smcFunc['db_query']('', ' SELECT id_profile FROM {db_prefix}boards WHERE id_board = {int:board_parent} LIMIT 1', array('board_parent' => (int) $boards[$board_id]['parent'])); list($boardOptions['profile']) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); $smcFunc['db_query']('', ' UPDATE {db_prefix}boards SET id_profile = {int:new_profile} WHERE id_board = {int:current_board}', array('new_profile' => $boardOptions['profile'], 'current_board' => $board_id)); } } // Clean the data cache. clean_cache('data'); // Created it. logAction('add_board', array('board' => $board_id), 'admin'); // Here you are, a new board, ready to be spammed. return $board_id; }
/** * Make changes to/delete a board. * (function for handling a submitted form saving the board.) * It also handles deletion of a board. * Called by ?action=admin;area=manageboards;sa=board2 * Redirects to ?action=admin;area=manageboards. * It requires manage_boards permission. */ function EditBoard2() { global $txt, $sourcedir, $modSettings, $smcFunc, $context; $_POST['boardid'] = (int) $_POST['boardid']; checkSession(); validateToken('admin-be-' . $_REQUEST['boardid']); require_once $sourcedir . '/Subs-Boards.php'; // Mode: modify aka. don't delete. if (isset($_POST['edit']) || isset($_POST['add'])) { $boardOptions = array(); // Move this board to a new category? if (!empty($_POST['new_cat'])) { $boardOptions['move_to'] = 'bottom'; $boardOptions['target_category'] = (int) $_POST['new_cat']; } elseif (!empty($_POST['placement']) && !empty($_POST['board_order'])) { if (!in_array($_POST['placement'], array('before', 'after', 'child'))) { fatal_lang_error('mangled_post', false); } $boardOptions['move_to'] = $_POST['placement']; $boardOptions['target_board'] = (int) $_POST['board_order']; } // Checkboxes.... $boardOptions['posts_count'] = isset($_POST['count']); $boardOptions['override_theme'] = isset($_POST['override_theme']); $boardOptions['board_theme'] = (int) $_POST['boardtheme']; $boardOptions['access_groups'] = array(); $boardOptions['deny_groups'] = array(); if (!empty($_POST['groups'])) { foreach ($_POST['groups'] as $group => $action) { if ($action == 'allow') { $boardOptions['access_groups'][] = (int) $group; } elseif ($action == 'deny') { $boardOptions['deny_groups'][] = (int) $group; } } } if (strlen(implode(',', $boardOptions['access_groups'])) > 255 || strlen(implode(',', $boardOptions['deny_groups'])) > 255) { fatal_lang_error('too_many_groups', false); } // Change '1 & 2' to '1 & 2', but not '&' to '&'... $boardOptions['board_name'] = preg_replace('~[&]([^;]{8}|[^;]{0,8}$)~', '&$1', $_POST['board_name']); $boardOptions['board_description'] = preg_replace('~[&]([^;]{8}|[^;]{0,8}$)~', '&$1', $_POST['desc']); $boardOptions['moderator_string'] = $_POST['moderators']; if (isset($_POST['moderator_list']) && is_array($_POST['moderator_list'])) { $moderators = array(); foreach ($_POST['moderator_list'] as $moderator) { $moderators[(int) $moderator] = (int) $moderator; } $boardOptions['moderators'] = $moderators; } // Are they doing redirection? $boardOptions['redirect'] = !empty($_POST['redirect_enable']) && isset($_POST['redirect_address']) && trim($_POST['redirect_address']) != '' ? trim($_POST['redirect_address']) : ''; // Profiles... $boardOptions['profile'] = $_POST['profile']; $boardOptions['inherit_permissions'] = $_POST['profile'] == -1; // We need to know what used to be case in terms of redirection. if (!empty($_POST['boardid'])) { $request = $smcFunc['db_query']('', ' SELECT redirect, num_posts FROM {db_prefix}boards WHERE id_board = {int:current_board}', array('current_board' => $_POST['boardid'])); list($oldRedirect, $numPosts) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); // If we're turning redirection on check the board doesn't have posts in it - if it does don't make it a redirection board. if ($boardOptions['redirect'] && empty($oldRedirect) && $numPosts) { unset($boardOptions['redirect']); } elseif (empty($boardOptions['redirect']) != empty($oldRedirect)) { $boardOptions['num_posts'] = 0; } elseif ($boardOptions['redirect'] && !empty($_POST['reset_redirect'])) { $boardOptions['num_posts'] = 0; } } // Create a new board... if (isset($_POST['add'])) { // New boards by default go to the bottom of the category. if (empty($_POST['new_cat'])) { $boardOptions['target_category'] = (int) $_POST['cur_cat']; } if (!isset($boardOptions['move_to'])) { $boardOptions['move_to'] = 'bottom'; } createBoard($boardOptions); } else { modifyBoard($_POST['boardid'], $boardOptions); } } elseif (isset($_POST['delete']) && !isset($_POST['confirmation']) && !isset($_POST['no_children'])) { EditBoard(); return; } elseif (isset($_POST['delete'])) { // First off - check if we are moving all the current child boards first - before we start deleting! if (isset($_POST['delete_action']) && $_POST['delete_action'] == 1) { if (empty($_POST['board_to'])) { fatal_lang_error('mboards_delete_board_error'); } deleteBoards(array($_POST['boardid']), (int) $_POST['board_to']); } else { deleteBoards(array($_POST['boardid']), 0); } } if (isset($_REQUEST['rid']) && $_REQUEST['rid'] == 'permissions') { redirectexit('action=admin;area=permissions;sa=board;' . $context['session_var'] . '=' . $context['session_id']); } else { redirectexit('action=admin;area=manageboards'); } }
/** * Reorders the boards in response to an ajax sortable request */ public function action_boardorder() { global $context, $txt, $boards, $cat_tree; // Start off clean $context['xml_data'] = array(); $errors = array(); $order = array(); $board_tree = array(); $board_moved = null; // Chances are we will need these loadLanguage('Errors'); loadLanguage('ManageBoards'); require_once SUBSDIR . '/ManageFeatures.subs.php'; require_once SUBSDIR . '/Boards.subs.php'; // Validating that you can do this is always a good idea $validation_token = validateToken('admin-sort', 'post', true, false); $validation_session = validateSession(); if (empty($validation_session) && $validation_token === true) { // No question that we are doing some board reordering if (isset($_POST['order']) && $_POST['order'] === 'reorder' && isset($_POST['moved'])) { $list_order = 0; $moved_key = 0; // What board was drag and dropped? list(, $board_moved, ) = explode(',', $_POST['moved']); $board_moved = (int) $board_moved; // The board ids arrive in 1-n view order ... foreach ($_POST['cbp'] as $id) { list($category, $board, $childof) = explode(',', $id); if ($board == -1) { continue; } $board_tree[] = array('category' => $category, 'parent' => $childof, 'order' => $list_order, 'id' => $board); // Keep track of where the moved board is in the sort stack if ($board == $board_moved) { $moved_key = $list_order; } $list_order++; } // Look behind for the previous board and previous sibling $board_previous = isset($board_tree[$moved_key - 1]) && $board_tree[$moved_key]['category'] == $board_tree[$moved_key - 1]['category'] ? $board_tree[$moved_key - 1] : null; $board_previous_sibling = null; for ($i = $moved_key - 1; $i >= 0; $i--) { // Sibling must have the same category and same parent tree if ($board_tree[$moved_key]['category'] == $board_tree[$i]['category']) { if ($board_tree[$moved_key]['parent'] == $board_tree[$i]['parent']) { $board_previous_sibling = $board_tree[$i]; break; } elseif ($board_tree[$i]['parent'] == 0) { break; } } else { break; } } // Retrieve the current saved state, returned in global $boards getBoardTree(); $boardOptions = array(); $board_current = $boards[$board_moved]; $board_new = $board_tree[$moved_key]; // Dropped on a sibling node, move after that if (isset($board_previous_sibling)) { $boardOptions = array('move_to' => 'after', 'target_board' => $board_previous_sibling['id']); $order[] = array('value' => $board_current['name'] . ' ' . $txt['mboards_order_after'] . ' ' . $boards[$board_previous_sibling['id']]['name']); } elseif (isset($board_previous)) { $boardOptions = array('move_to' => 'child', 'target_board' => $board_previous['id'], 'move_first_child' => true); $order[] = array('value' => $board_current['name'] . ' ' . $txt['mboards_order_child_of'] . ' ' . $boards[$board_previous['id']]['name']); } elseif (!isset($board_previous)) { $boardOptions = array('move_to' => 'top', 'target_category' => $board_new['category']); $order[] = array('value' => $board_current['name'] . ' ' . $txt['mboards_order_in_category'] . ' ' . $cat_tree[$board_new['category']]['node']['name']); } // If we have figured out what to do if (!empty($boardOptions)) { modifyBoard($board_moved, $boardOptions); } else { $errors[] = array('value' => $txt['mboards_board_error']); } } } else { if (!empty($validation_session)) { $errors[] = array('value' => $txt[$validation_session]); } if (empty($validation_token)) { $errors[] = array('value' => $txt['token_verify_fail']); } } // New generic token for use createToken('admin-sort', 'post'); $tokens = array(array('value' => $context['admin-sort_token'], 'attributes' => array('type' => 'token')), array('value' => $context['admin-sort_token_var'], 'attributes' => array('type' => 'token_var'))); // Return the response $context['sub_template'] = 'generic_xml'; $context['xml_data'] = array('orders' => array('identifier' => 'order', 'children' => $order), 'tokens' => array('identifier' => 'token', 'children' => $tokens), 'errors' => array('identifier' => 'error', 'children' => $errors)); }
function createBoard($boardOptions) { global $boards, $db_prefix, $modSettings; // Trigger an error if one of the required values is not set. if (!isset($boardOptions['board_name']) || trim($boardOptions['board_name']) == '' || !isset($boardOptions['move_to']) || !isset($boardOptions['target_category'])) { trigger_error('createBoard(): One or more of the required options is not set', E_USER_ERROR); } if (in_array($boardOptions['move_to'], array('child', 'before', 'after')) && !isset($boardOptions['target_board'])) { trigger_error('createBoard(): Target board is not set', E_USER_ERROR); } // Set every optional value to its default value. $boardOptions += array('posts_count' => true, 'override_theme' => false, 'board_theme' => 0, 'access_groups' => array(), 'board_description' => '', 'permission_mode' => 0, 'moderators' => '', 'inherit_permissions' => true); // Insert a board, the settings are dealt with later. db_query("\n\t\tINSERT INTO {$db_prefix}boards\n\t\t\t(ID_CAT, name, description, boardOrder, memberGroups)\n\t\tVALUES ({$boardOptions['target_category']}, SUBSTRING('{$boardOptions['board_name']}', 1, 255), '', 0, '-1,0')", __FILE__, __LINE__); $board_id = db_insert_id(); if (empty($board_id)) { return 0; } // Change the board according to the given specifications. modifyBoard($board_id, $boardOptions); // Do we want the parent permissions to be inherited? if ($boardOptions['inherit_permissions']) { getBoardTree(); if (empty($modSettings['permission_enable_by_board']) && !empty($boards[$board_id]['parent']) && empty($boards[$boards[$board_id]['parent']]['use_local_permissions'])) { $request = db_query("\n\t\t\t\tSELECT permission_mode\n\t\t\t\tFROM {$db_prefix}boards\n\t\t\t\tWHERE ID_BOARD = " . (int) $boards[$board_id]['parent'] . "\n\t\t\t\tLIMIT 1", __FILE__, __LINE__); list($boardOptions['permission_mode']) = mysql_fetch_row($request); mysql_free_result($request); db_query("\n\t\t\t\tUPDATE {$db_prefix}boards\n\t\t\t\tSET permission_mode = {$boardOptions['permission_mode']}\n\t\t\t\tWHERE ID_BOARD = {$board_id}", __FILE__, __LINE__); } elseif (!empty($modSettings['permission_enable_by_board']) && !empty($boards[$board_id]['parent']) && !empty($boards[$boards[$board_id]['parent']]['use_local_permissions'])) { // Select all the parents permissions. $request = db_query("\n\t\t\t\tSELECT ID_GROUP, permission, addDeny\n\t\t\t\tFROM {$db_prefix}board_permissions\n\t\t\t\tWHERE ID_BOARD = " . (int) $boards[$board_id]['parent'], __FILE__, __LINE__); $boardPerms = array(); while ($row = mysql_fetch_assoc($request)) { $boardPerms[] = "{$board_id}, {$row['ID_GROUP']}, '{$row['permission']}', {$row['addDeny']}"; } mysql_free_result($request); if (!empty($boardPerms)) { // Do the insert! db_query("\n\t\t\t\t\tINSERT IGNORE INTO {$db_prefix}board_permissions\n\t\t\t\t\t\t(ID_BOARD, ID_GROUP, permission, addDeny)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t(" . implode('), (', $boardPerms) . ")", __FILE__, __LINE__); } // Update the board. db_query("\n\t\t\t\tUPDATE {$db_prefix}boards\n\t\t\t\tSET permission_mode = 1\n\t\t\t\tWHERE ID_BOARD = {$board_id}", __FILE__, __LINE__); } } // Here you are, a new board, ready to be spammed. return $board_id; }