Esempio n. 1
0
function show_message_row($thread, $parent_post)
{
    global $g_logged_in_user;
    global $content;
    global $preview;
    $x1 = "Message:" . html_info() . post_warning();
    $x2 = "";
    if ($parent_post) {
        $x2 .= " reply to <a href=#" . $parent_post->id . ">Message ID " . $parent_post->id . "</a>:";
    }
    $x2 .= "<form action=forum_reply.php?thread=" . $thread->id;
    if ($parent_post) {
        $x2 .= "&post=" . $parent_post->id;
    }
    $x2 .= " method=\"post\">\n";
    $x2 .= form_tokens($g_logged_in_user->authenticator);
    $x2 .= "<textarea name=\"content\" rows=\"18\" cols=\"80\">";
    $no_quote = get_int("no_quote", true) == 1;
    if ($preview) {
        $x2 .= htmlspecialchars($content);
    } else {
        if (!$no_quote) {
            if ($parent_post) {
                $x2 .= quote_text(htmlspecialchars($parent_post->content), 80) . "\n";
            }
        }
    }
    if (!$g_logged_in_user->prefs->no_signature_by_default) {
        $enable_signature = "checked=\"true\"";
    } else {
        $enable_signature = "";
    }
    $x2 .= "</textarea><p>\r\n\t\t<input type=\"submit\" name=\"preview\" value=\"" . tra("Preview") . "\">\r\n\t\t<input type=\"submit\" value=\"Post reply\">\r\n\t\t<input name=\"add_signature\" id=\"add_signature\" value=\"add_it\" " . $enable_signature . " type=\"checkbox\">\r\n\t\t<label for=\"add_signature\">Add my signature to this reply</label>\r\n\r\n\t\t</form>\r\n\t";
    row2($x1, $x2);
}
Esempio n. 2
0
function show_message_row($thread, $parent_post)
{
    global $logged_in_user, $bbcode_html;
    global $content, $preview;
    $x1 = tra("Message:") . html_info() . post_warning();
    $x2 = "";
    if ($parent_post) {
        $x2 .= " " . tra("reply to %1Message ID%2:", "<a href=#" . $parent_post->id . ">", " " . $parent_post->id . "</a>");
    }
    $x2 .= "<form action=forum_reply.php?thread=" . $thread->id;
    if ($parent_post) {
        $x2 .= "&post=" . $parent_post->id;
    }
    $x2 .= " method=\"post\" name=\"post\" onsubmit=\"return checkForm(this)\">\n";
    $x2 .= form_tokens($logged_in_user->authenticator);
    $x2 .= $bbcode_html . "<textarea name=\"content\" rows=\"18\" cols=\"80\">";
    $no_quote = get_int("no_quote", true) == 1;
    if ($preview) {
        $x2 .= htmlspecialchars($content);
    } else {
        if (!$no_quote) {
            if ($parent_post) {
                $x2 .= quote_text(htmlspecialchars($parent_post->content)) . "\n";
            }
        }
    }
    if (!$logged_in_user->prefs->no_signature_by_default) {
        $enable_signature = "checked=\"true\"";
    } else {
        $enable_signature = "";
    }
    $x2 .= "</textarea><p>\n        <input type=\"submit\" name=\"preview\" value=\"" . tra("Preview") . "\">\n        <input type=\"submit\" value=\"" . tra("Post reply") . "\">\n        &nbsp;&nbsp;&nbsp;\n        <input type=\"checkbox\" name=\"add_signature\" id=\"add_signature\" value=\"add_it\" " . $enable_signature . ">\n        <label for=\"add_signature\">" . tra("Add my signature to this reply") . "</label>\n\n        </form>\n    ";
    row2($x1, $x2);
}
Esempio n. 3
0
function show_message($group, $group_filter, $start, $msg, $search, $threaded)
{
    global $PHP_SELF, $_COOKIE, $options;
    //  print("<!-- show_message(group='$group', group_filter='$group_filter', "
    //       ."start=$start, msg=$msg, search='$search', threaded=$threaded) -->\n");
    // Figure out which messages to show...
    $stream = nntp_connect();
    $matches = nntp_search($stream, $group, $search, $threaded);
    $count = count($matches);
    if ($msg[0] == ':') {
        // Lookup a specific message ID...
        $msg = (int) substr($msg, 1);
        for ($i = 0; $i < $count; $i++) {
            $fields = explode("\t", $matches[$i]);
            if ($msg == $fields[0]) {
                break;
            }
        }
        if ($i >= $count) {
            nntp_error("We were unable to show the requested message for the following " . "reason:", "The message number ({$msg}) is out of range.", $group);
            nntp_close($stream);
            return;
        }
        $msg = $i;
    } else {
        // Lookup index into search...
        if ($msg < 1 || $msg > $count) {
            nntp_error("We were unable to show the requested message for the following " . "reason:", "The message number is out of range.", $group);
            nntp_close($stream);
            return;
        }
        $fields = explode("\t", $matches[$msg - 1]);
    }
    //  print("<!-- fields =");
    //  print_r($fields);
    //  print("-->\n");
    $msgnum = (int) $fields[0];
    $subject = htmlspecialchars(eregi_replace("\\[[a-z]+\\.[a-z]+\\] ", "", $fields[1]), ENT_QUOTES);
    $author = sanitize_email($fields[2]);
    $date = format_date($fields[3]);
    if ($subject == "") {
        $subject = "(No Subject)";
    }
    // Save last message read...
    $cookie = str_replace(".", "_", $group);
    if ($search == "" && (!array_key_exists($group, $_COOKIE) || (int) $_COOKIE[$cookie] < $msgnum)) {
        setcookie($cookie, $msgnum, time() + 90 * 86400, "/");
    }
    $status = nntp_command($stream, "BODY {$msgnum}", 222);
    if ((int) $status != 222) {
        nntp_close($stream);
        nntp_error("We were unable to show the requested message for the following " . "reason:", $status, $group);
        return NULL;
    }
    $body = "";
    while ($line = fgets($stream, 1024)) {
        $line = rtrim($line);
        if ($line == ".") {
            break;
        }
        $body = $body . $line . "\n";
    }
    nntp_close($stream);
    $body = quote_text($body);
    nntp_header("{$subject}", array("All Forums" => "forums.php?g{$options}", "Back to {$group}" => "forums.php?g{$group}+s{$start}{$options}"));
    show_prevnext_msg($group, $group_filter, $start, $count, $msg, $threaded);
    html_start_table(array($subject, $author, $date), "", "", TRUE);
    html_start_row();
    print "<td colspan='3'><tt>{$body}</tt><br />\n" . "[&nbsp;<a href='{$PHP_SELF}?g{$group}+v:{$msgnum}'>Direct&nbsp;Link" . "&nbsp;to&nbsp;Message</a>&nbsp;]</td>";
    html_end_row();
    html_end_table();
    show_prevnext_msg($group, $group_filter, $start, $count, $msg, $threaded);
    html_footer();
}
Esempio n. 4
0
 /**
  * Send forgotten password
  *		@param $email
  */
 public function SendPassword($email)
 {
     global $objSettings;
     $lang = Application::Get('lang');
     // deny all operations in demo version
     if (strtolower(SITE_MODE) == 'demo') {
         $this->error = _OPERATION_BLOCKED;
         return false;
     }
     if (!empty($email)) {
         if (check_email_address($email)) {
             if (!PASSWORDS_ENCRYPTION) {
                 $sql = 'SELECT id, first_name, last_name, user_name, password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text(encode_text($email)) . ' AND is_active = 1';
             } else {
                 if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'aes') {
                     $sql = 'SELECT id, first_name, last_name, user_name, AES_DECRYPT(password, ' . quote_text(PASSWORDS_ENCRYPT_KEY) . ') as password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text(encode_text($email)) . ' AND is_active = 1';
                 } else {
                     if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'md5') {
                         $sql = 'SELECT id, first_name, last_name, user_name, \'\' as password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text($email) . ' AND is_active = 1';
                     }
                 }
             }
             $temp = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY);
             if (is_array($temp) && count($temp) > 0) {
                 //////////////////////////////////////////////////////////////////
                 if (!PASSWORDS_ENCRYPTION) {
                     $password = $temp['password'];
                 } else {
                     if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'aes') {
                         $password = $temp['password'];
                     } else {
                         if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'md5') {
                             $password = get_random_string(8);
                             $sql = 'UPDATE ' . TABLE_ACCOUNTS . ' SET password = '******' WHERE id = ' . (int) $temp['id'];
                             database_void_query($sql);
                         }
                     }
                 }
                 send_email($email, $objSettings->GetParameter('admin_email'), 'password_forgotten', array('{FIRST NAME}' => $temp['first_name'], '{LAST NAME}' => $temp['last_name'], '{USER NAME}' => $temp['user_name'], '{USER PASSWORD}' => $password, '{BASE URL}' => APPHP_BASE, '{WEB SITE}' => $_SERVER['SERVER_NAME'], '{YEAR}' => date('Y')), $temp['preferred_language']);
                 //////////////////////////////////////////////////////////////////
                 return true;
             } else {
                 $this->error = _EMAIL_NOT_EXISTS;
                 return false;
             }
         } else {
             $this->error = _EMAIL_IS_WRONG;
             return false;
         }
     } else {
         $this->error = _EMAIL_EMPTY_ALERT;
         return false;
     }
     return true;
 }
Esempio n. 5
0
function				// O - Sanitized text
sanitize_text($text)			// I - Original text
{
  $len   = strlen($text);
  $word  = "";
  $qtext = "";

  for ($i = 0; $i < $len; $i ++)
  {
    switch ($text[$i])
    {
      case "\n" :
          if (!strncmp($word, "http://", 7) ||
	      !strncmp($word, "https://", 8) ||
	      !strncmp($word, "ftp://", 6))
            $qtext .= "<a href='$word'>$word</a>";
          else if (strchr($word, '@'))
            $qtext .= sanitize_email($word);
	  else
            $qtext .= quote_text($word);

          $qtext .= "<br />";
	  $word  = "";
	  break;

      case "\r" :
	  break;

      case "\t" :
      case " " :
          if (!strncmp($word, "http://", 7) ||
	      !strncmp($word, "https://", 8) ||
	      !strncmp($word, "ftp://", 6))
            $qtext .= "<a href='$word'>$word</a>";
          else if (strchr($word, '@'))
            $qtext .= sanitize_email($word);
	  else
            $qtext .= quote_text($word);

          if ($word)
            $qtext .= " ";
	  else
            $qtext .= "&nbsp;";

	  $word  = "";
	  break;

      default :
          $word .= $text[$i];
	  break;
    }
  }

  if (!strncmp($word, "http://", 7) ||
      !strncmp($word, "https://", 8) ||
      !strncmp($word, "ftp://", 6))
    $qtext .= "<a href='$word'>$word</a>";
  else if (strchr($word, '@'))
    $qtext .= sanitize_email($word);
  else
    $qtext .= quote_text($word);

  return ($qtext);
}
Esempio n. 6
0
         }
         print "</table>\n";
     }
     db_free($result);
     print "<p><b>Trouble Report Dialog:</b> " . "<a href='{$PHP_SELF}?T{$id}{$options}'>Post&nbsp;Text</a>" . "</p>\n";
     $result = db_query("SELECT * FROM strtext WHERE " . "str_id = {$id}");
     if (db_count($result) == 0) {
         print "<p><i>No text</i></p>\n";
     } else {
         print "<table width='100%' border='0' cellpadding='5' " . "cellspacing='0'>\n" . "<tr class='header'><th>Name/Time/Date</th>" . "<th>Text</th></tr>\n";
         $line = 0;
         while ($row = db_next($result)) {
             $date = date("M d, Y", $row['create_date']);
             $time = date("H:i", $row['create_date']);
             $email = sanitize_email($row['create_user']);
             $contents = quote_text($row['contents']);
             print "<tr class='data{$line}'>" . "<td align='center' valign='top'>{$email}<br>{$time} {$date}<br>" . "<form method='POST' action='{$PHP_SELF}?M{$id}{$options}'>" . "<input type='hidden' name='TEXT_ID' value='{$row['id']}'>";
             if ($row['is_published']) {
                 print "<input type='hidden' name='IS_PUBLISHED' value='0'>" . "<input type='submit' value='Hide'>";
             } else {
                 print "<input type='hidden' name='IS_PUBLISHED' value='1'>" . "<input type='submit' value='Show'>";
             }
             print "</form></td>" . "<td valign='top'><tt>{$contents}</tt></td>" . "</tr>\n";
             $line = 1 - $line;
         }
         print "</table>\n";
     }
     db_free($result);
     html_footer();
 }
 break;