$moddays = 2;
}
if (isset($_POST['onlyunapproved']) && is_numeric($_POST['onlyunapproved'])) {
$showwaiting = (int) $_POST['onlyunapproved'];
} elseif (isset($PHORUM['args']['onlyunapproved']) && !empty($PHORUM["args"]['onlyunapproved']) && is_numeric($PHORUM["args"]['onlyunapproved'])) {
$showwaiting = (int) $PHORUM['args']['onlyunapproved'];
} else {
$showwaiting = phorum_api_user_get_setting('cc_messages_onlyunapproved');
}
if (empty($showwaiting)) {
$showwaiting = 0;
}
$PHORUM['DATA']['SELECTED'] = $moddays;
$PHORUM['DATA']['SELECTED_2'] = $showwaiting ? true : false;
// Store current selection for the user.
phorum_api_user_save_settings(array("cc_messages_moddays" => $moddays, "cc_messages_onlyunapproved" => $showwaiting));
// some needed vars
$numunapproved = 0;
$oldforum = $PHORUM['forum_id'];
$mod_forums = phorum_api_user_check_access(PHORUM_USER_ALLOW_MODERATE_MESSAGES, PHORUM_ACCESS_LIST);
$gotforums = count($mod_forums) > 0;
if ($gotforums && isset($_POST['deleteids']) && count($_POST['deleteids'])) {
//print_var($_POST['deleteids']);
$deleteids = $_POST['deleteids'];
foreach ($deleteids as $did => $did_var) {
$deleteids[$did] = (int) $did_var;
}
$delete_messages = phorum_db_get_message(array_keys($deleteids), 'message_id', true);
//print_var($delete_messages);
foreach ($deleteids as $msgthd_id => $doit) {
// A hook to allow modules to implement extra or different
} elseif (!empty($_POST['continue'])) {
if (!empty($_POST['target'])) {
$url = phorum_admin_build_url($_POST['target'], TRUE);
} else {
$url = phorum_admin_build_url(NULL, TRUE);
}
phorum_api_redirect($url);
}
exit;
}
}
// We have no token or our token expired.
// Generate a fresh token.
$admin_token_time = time();
$admin_token = phorum_api_sign($PHORUM['user']['user_id'] . microtime() . $PHORUM['user']['username'] . $PHORUM['user']['sessid_st']);
phorum_api_user_save_settings(array('admin_token_time' => $admin_token_time, 'admin_token' => $admin_token));
$PHORUM['admin_token'] = $admin_token;
// If there are no POST or GET variables in the request, besides
// "module" and/or "phorum_admin_token", then we can safely load
// the requested admin page, without bugging the admin about the
// token timeout.
$post = $_POST;
unset($post['module']);
unset($post['phorum_admin_token']);
$get = $_GET;
unset($get['module']);
unset($get['phorum_admin_token']);
if (empty($post) && empty($get)) {
$module = '';
if (isset($_POST['module'])) {
$module = basename($_POST['module']);
}
}
// the number of days to show
if (isset($_POST['subdays']) && is_numeric($_POST['subdays'])) {
$subdays = $_POST['subdays'];
} elseif (isset($PHORUM['args']['subdays']) && !empty($PHORUM["args"]['subdays']) && is_numeric($PHORUM["args"]['subdays'])) {
$subdays = $PHORUM['args']['subdays'];
} else {
$subdays = phorum_api_user_get_setting('cc_subscriptions_subdays');
}
if ($subdays === NULL) {
$subdays = 2;
}
$PHORUM['DATA']['SELECTED'] = $subdays;
// Store current selection for the user.
phorum_api_user_save_settings(array("cc_subscriptions_subdays" => $subdays));
// reading all forums for the current vroot
$forums = phorum_db_get_forums(0, NULL, $PHORUM["vroot"]);
// reading all subscriptions to messages in the current vroot.
$forum_ids = array($PHORUM["vroot"]);
foreach ($forums as $forum) {
$forum_ids[] = $forum["forum_id"];
}
$subscr_array = phorum_api_user_list_subscriptions($PHORUM['user']['user_id'], $subdays, $forum_ids);
// storage for newflags
$PHORUM['user']['newinfo'] = array();
// go through all subscriptions
$subscr_array_final = array();
unset($subscr_array["forum_ids"]);
foreach ($subscr_array as $id => $data) {
$data['forum'] = $forums[$data['forum_id']]['name'];
function testUserApiSettings()
{
// now handling user-settings
$user_id = phorum_api_user_search('username', 'testuser' . $this->sharedFixture, '=');
$ret = phorum_api_user_save_settings(array());
$this->assertNull($ret, 'Saving user-settings (no user_id).');
$GLOBALS['PHORUM']['user']['user_id'] = $user_id;
$ret = phorum_api_user_save_settings(array());
$this->assertTrue($ret, 'Saving user-settings (empty settings).');
$ret = phorum_api_user_save_settings(array('foo' => 'bar'));
$this->assertTrue($ret, 'Saving user-settings.');
// getting settings
$ret = phorum_api_user_get_setting('foo');
$this->assertEquals($ret, 'bar', 'Getting user-settings.');
$ret = phorum_api_user_get_setting('bar');
$this->assertNull($ret, 'Getting user-settings (unknown key).');
}
} elseif (isset($_GET["module"]) && is_scalar($_GET["module"])) {
$module = @basename($_GET["module"]);
}
if (empty($module) || !file_exists("./include/admin/{$module}.php")) {
$module = "default";
}
// check the admin token
if (!empty($GLOBALS["PHORUM"]["user"]['settings_data']['admin_token']) && $PHORUM['admin_token'] != $GLOBALS["PHORUM"]["user"]['settings_data']['admin_token'] || $GLOBALS["PHORUM"]["user"]['settings_data']['admin_token_time'] <= time() - PHORUM_ADMIN_TOKEN_TIMEOUT) {
// 900 = timeout after 15 minutes of inactivity
// echo "invalid token or timeout ...";
// var_dump($PHORUM['admin_token'],$GLOBALS["PHORUM"]["user"]['settings_data']['admin_token'],$GLOBALS["PHORUM"]["user"]['settings_data']['admin_token_time'],(time()-PHORUM_ADMIN_TOKEN_TIMEOUT));
$PHORUM['admin_token'] = "";
}
if (empty($PHORUM['admin_token'])) {
$module = "tokenmissing";
} else {
// update the token time
phorum_api_user_save_settings(array('admin_token_time' => time()));
}
}
}
$module = phorum_hook("admin_pre", $module);
ob_start();
if ($module != "help") {
include_once "./include/admin/header.php";
}
include_once "./include/admin/{$module}.php";
if ($module != "help") {
include_once "./include/admin/footer.php";
}
ob_end_flush();
/**
* This function can be used to delete a user setting that was stored by
* the {@link phorum_api_user_save_settings()} function for the active
* Phorum user.
*
* @param string $name
* The name of the setting to delete.
*/
function phorum_api_user_delete_setting($name)
{
phorum_api_user_save_settings(array($name => NULL));
}
<?php
if (!defined('PHORUM') || phorum_page !== 'moderation') {
return;
}
$template = "merge_form";
$PHORUM['DATA']['HEADING'] = $PHORUM['DATA']['LANG']['Moderate'] . ': ' . $PHORUM['DATA']['LANG']['MergeThread'];
$PHORUM['DATA']['BREADCRUMBS'][] = array('URL' => NULL, 'TEXT' => $PHORUM['DATA']['HEADING'], 'TYPE' => 'merge');
$PHORUM['DATA']["FORM"]["forum_id"] = $PHORUM["forum_id"];
$PHORUM['DATA']["FORM"]["thread_id"] = $msgthd_id;
$PHORUM['DATA']["FORM"]["mod_step"] = PHORUM_DO_THREAD_MERGE;
$PHORUM['DATA']['URL']["ACTION"] = phorum_api_url(PHORUM_MODERATION_ACTION_URL);
// The moderator selects the target thread to merge to.
$merge_t1 = phorum_api_user_get_setting('merge_t1');
$merge_time = phorum_api_user_get_setting('merge_t1_time');
if (!$merge_t1 || !$merge_time || $merge_t1 == $msgthd_id || $merge_time < time() - PHORUM_MODERATE_MERGE_TIME) {
// Save moderation info temporarily in the user's settings data.
phorum_api_user_save_settings(array('merge_t1' => $msgthd_id, 'merge_t1_time' => time()));
$PHORUM['DATA']['FORM']['merge_none'] = TRUE;
$message = $PHORUM['DB']->get_message($msgthd_id, 'message_id', TRUE);
$PHORUM['DATA']['FORM']['merge_subject1'] = htmlspecialchars($message['subject'], ENT_COMPAT, $PHORUM['DATA']['HCHARSET']);
} else {
$PHORUM['DATA']['FORM']['merge_t1'] = $merge_t1;
$message = $PHORUM['DB']->get_message($merge_t1, 'message_id', true);
$PHORUM['DATA']['FORM']['merge_subject1'] = htmlspecialchars($message['subject'], ENT_COMPAT, $PHORUM['DATA']['HCHARSET']);
$message = $PHORUM['DB']->get_message($msgthd_id);
$PHORUM['DATA']['FORM']['thread_subject'] = htmlspecialchars($message['subject'], ENT_COMPAT, $PHORUM['DATA']['HCHARSET']);
}
