function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$joined, &$pm, &$email, &$www, &$user_time, &$avatar) { global $lang, $images, $bb_cfg; $from = !empty($row['user_from']) ? $row['user_from'] : ''; $joined = bb_date($row['user_regdate']); $user_time = !empty($row['user_time']) ? bb_date($row['user_time']) : $lang['NONE']; $posts = $row['user_posts'] ? $row['user_posts'] : 0; $pm = $bb_cfg['text_buttons'] ? '<a class="txtb" href="' . (PM_URL . "?mode=post&" . POST_USERS_URL . "=" . $row['user_id']) . '">' . $lang['SEND_PM_TXTB'] . '</a>' : '<a href="' . (PM_URL . "?mode=post&" . POST_USERS_URL . "=" . $row['user_id']) . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['SEND_PRIVATE_MESSAGE'] . '" title="' . $lang['SEND_PRIVATE_MESSAGE'] . '" border="0" /></a>'; $avatar = get_avatar($row['user_id'], $row['avatar_ext_id'], !bf($row['user_opt'], 'user_opt', 'dis_avatar'), '', 50, 50); if (bf($row['user_opt'], 'user_opt', 'user_viewemail') || $group_mod) { $email_uri = $bb_cfg['board_email_form'] ? "profile.php?mode=email&" . POST_USERS_URL . "=" . $row['user_id'] : 'mailto:' . $row['user_email']; $email = '<a class="editable" href="' . $email_uri . '">' . $row['user_email'] . '</a>'; } else { $email = ''; } if ($row['user_website']) { $www = $bb_cfg['text_buttons'] ? '<a class="txtb" href="' . $row['user_website'] . '" target="_userwww">' . $lang['VISIT_WEBSITE_TXTB'] . '</a>' : '<a class="txtb" href="' . $row['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['VISIT_WEBSITE'] . '" title="' . $lang['VISIT_WEBSITE'] . '" border="0" /></a>'; } else { $www = ''; } return; }
} $ban_user_id = array(); $sql = DB()->fetch_rowset("SELECT ban_userid FROM " . BB_BANLIST . " WHERE ban_userid != 0"); foreach ($sql as $row) { $ban_user_id[] = ',' . $row['ban_userid']; } $ban_user_id = join('', $ban_user_id); $user_list = DB()->fetch_rowset("\n\tSELECT DISTINCT dl.user_id, u.user_opt, tr.user_id as active_dl\n\tFROM " . BB_BT_DLSTATUS . " dl\n\tLEFT JOIN " . BB_USERS . " u ON(u.user_id = dl.user_id)\n\tLEFT JOIN " . BB_BT_TRACKER . " tr ON(tr.user_id = dl.user_id)\n\tWHERE dl.topic_id = {$topic_id}\n\t\tAND dl.user_status IN (" . DL_STATUS_COMPLETE . ", " . DL_STATUS_DOWN . ")\n\t\tAND dl.user_id NOT IN ({$userdata['user_id']}, " . EXCLUDED_USERS_CSV . $ban_user_id . ")\n\t\tAND u.user_active = 1\n\tGROUP BY dl.user_id\n"); $subject = sprintf($lang['CALLSEED_SUBJECT'], $t_data['topic_title']); $message = sprintf($lang['CALLSEED_TEXT'], make_url(TOPIC_URL . $topic_id), $t_data['topic_title'], make_url(DOWNLOAD_URL . $t_data['attach_id'])); if ($user_list) { foreach ($user_list as $row) { if (!empty($row['active_dl'])) { continue; } if (bf($row['user_opt'], 'user_opt', 'user_callseed')) { send_pm($row['user_id'], $subject, $message, BOT_UID); } } } else { send_pm($t_data['poster_id'], $subject, $message, BOT_UID); } DB()->query("UPDATE " . BB_BT_TORRENTS . " SET call_seed_time = " . TIMENOW . " WHERE topic_id = {$topic_id} LIMIT 1"); meta_refresh(TOPIC_URL . $topic_id); bb_die($lang['CALLSEED_MSG_OK']); function topic_info($topic_id) { global $lang; $sql = "\n\t\tSELECT\n\t\t\ttor.poster_id, tor.forum_id, tor.attach_id, tor.call_seed_time,\n\t\t\tt.topic_title, sn.seeders\n\t\tFROM " . BB_BT_TORRENTS . " tor\n\t\tLEFT JOIN " . BB_TOPICS . " t USING(topic_id)\n\t\tLEFT JOIN " . BB_BT_TRACKER_SNAP . " sn USING(topic_id)\n\t\tWHERE tor.topic_id = {$topic_id}\n\t"; if (!($torrent = DB()->fetch_row($sql))) { bb_die($lang['TOPIC_POST_NOT_EXIST']);
$emailer->reset(); $message = $lang['PROFILE_UPDATED_INACTIVE']; $user->session_end(); } else { meta_refresh('index.php', 10); $message = $lang['PROFILE_UPDATED']; } $sql_args = DB()->build_array('UPDATE', $db_data); DB()->query("UPDATE " . BB_USERS . " SET {$sql_args} WHERE user_id = {$pr_data['user_id']} LIMIT 1"); if ($pr_data['user_id'] != $userdata['user_id']) { if ($pr_data['user_level'] == MOD && !empty($db_data['username'])) { $datastore->update('moderators'); } } cache_rm_user_sessions($pr_data['user_id']); if ($adm_edit) { bb_die($lang['PROFILE_USER'] . ' <b>' . profile_url($pr_data) . '</b> ' . $lang['GOOD_UPDATE']); } elseif (!$pr_data['user_active']) { bb_die($lang['PROFILE_UPDATED_INACTIVE']); } else { meta_refresh('index.php', 10); bb_die($lang['PROFILE_UPDATED']); } } else { bb_die($lang['NOTHING_HAS_CHANGED']); } } } $template->assign_vars($tp_data); $template->assign_vars(array('PAGE_TITLE' => $mode == 'editprofile' ? $lang['EDIT_PROFILE'] . ($adm_edit ? " :: {$pr_data['username']}" : '') : $lang['REGISTER'], 'SHOW_REG_AGREEMENT' => $mode == 'register' && !IS_ADMIN, 'ERROR_MESSAGE' => $errors ? join('<br />', array_unique($errors)) : '', 'MODE' => $mode, 'EDIT_PROFILE' => $mode == 'editprofile', 'ADM_EDIT' => $adm_edit, 'SHOW_PASS' => $adm_edit || $mode == 'register' && IS_ADMIN, 'CAPTCHA_HTML' => $need_captcha ? bb_captcha('get') : '', 'LANGUAGE_SELECT' => language_select($pr_data['user_lang'], 'user_lang'), 'TIMEZONE_SELECT' => tz_select($pr_data['user_timezone'], 'user_timezone'), 'USER_TIMEZONE' => $pr_data['user_timezone'], 'AVATAR_EXPLAIN' => sprintf($lang['AVATAR_EXPLAIN'], $bb_cfg['avatars']['max_width'], $bb_cfg['avatars']['max_height'], round($bb_cfg['avatars']['max_size'] / 1024)), 'AVATAR_DISALLOWED' => bf($pr_data['user_opt'], 'user_opt', 'dis_avatar'), 'AVATAR_DIS_EXPLAIN' => sprintf($lang['AVATAR_DISABLE'], $bb_cfg['terms_and_conditions_url']), 'AVATAR_IMG' => get_avatar($pr_data['user_id'], $pr_data['avatar_ext_id'], !bf($pr_data['user_opt'], 'user_opt', 'dis_avatar')), 'SIGNATURE_EXPLAIN' => sprintf($lang['SIGNATURE_EXPLAIN'], $bb_cfg['max_sig_chars']), 'SIG_DISALLOWED' => bf($pr_data['user_opt'], 'user_opt', 'dis_sig'), 'PR_USER_ID' => $pr_data['user_id'], 'U_RESET_AUTOLOGIN' => LOGIN_URL . "?logout=1&reset_autologin=1&sid={$userdata['session_id']}")); print_page('usercp_register.tpl');
} else { $template->assign_vars(array('DOWN_TOTAL_BYTES' => false, 'MIN_DL_BYTES' => false)); } if (IS_ADMIN) { $ajax_user_opt = Zend\Json\Json::encode(array('dis_avatar' => bf($profiledata['user_opt'], 'user_opt', 'dis_avatar'), 'dis_sig' => bf($profiledata['user_opt'], 'user_opt', 'dis_sig'), 'dis_passkey' => bf($profiledata['user_opt'], 'user_opt', 'dis_passkey'), 'dis_pm' => bf($profiledata['user_opt'], 'user_opt', 'dis_pm'), 'dis_post' => bf($profiledata['user_opt'], 'user_opt', 'dis_post'), 'dis_post_edit' => bf($profiledata['user_opt'], 'user_opt', 'dis_post_edit'), 'dis_topic' => bf($profiledata['user_opt'], 'user_opt', 'dis_topic'))); $template->assign_vars(array('EDITABLE_TPLS' => true, 'AJAX_USER_OPT' => $ajax_user_opt, 'U_MANAGE' => "profile.php?mode=editprofile&u={$profiledata['user_id']}", 'U_PERMISSIONS' => "admin/admin_ug_auth.php?mode=user&u={$profiledata['user_id']}")); } $user_restrictions = array(); if (bf($profiledata['user_opt'], 'user_opt', 'dis_avatar')) { $user_restrictions[] = $lang['HIDE_AVATARS']; } if (bf($profiledata['user_opt'], 'user_opt', 'dis_sig')) { $user_restrictions[] = $lang['SHOW_CAPTION']; } if (bf($profiledata['user_opt'], 'user_opt', 'dis_passkey')) { $user_restrictions[] = $lang['DOWNLOAD_TORRENT']; } if (bf($profiledata['user_opt'], 'user_opt', 'dis_pm')) { $user_restrictions[] = $lang['SEND_PM']; } if (bf($profiledata['user_opt'], 'user_opt', 'dis_post')) { $user_restrictions[] = $lang['SEND_MESSAGE']; } if (bf($profiledata['user_opt'], 'user_opt', 'dis_post_edit')) { $user_restrictions[] = $lang['EDIT_POST']; } if (bf($profiledata['user_opt'], 'user_opt', 'dis_topic')) { $user_restrictions[] = $lang['NEW_THREADS']; } $template->assign_var('USER_RESTRICTIONS', join('</li><li>', $user_restrictions)); print_page('usercp_viewprofile.tpl');
bbcode.addTag("codeImg", "img", null, "R", ctrl); bbcode.addTag("codeUrl", "url", "/url", "W", ctrl); bbcode.addTag("codeCode", "code", null, "K", ctrl); bbcode.addTag("codeList", "list", null, "L", ctrl); bbcode.addTag("codeOpt", "*", "", "0", ctrl); </script> </form>'; } $this->response['post_id'] = $post_id; break; case 'add': if (!isset($this->request['topic_id'])) { $this->ajax_die('empty topic_id'); } if (bf($userdata['user_opt'], 'user_opt', 'dis_post')) { $this->ajax_die(strip_tags($lang['RULES_REPLY_CANNOT'])); } elseif (!$is_auth['auth_reply']) { $this->ajax_die(sprintf($lang['SORRY_AUTH_REPLY'], strip_tags($is_auth['auth_reply_type']))); } if ($post['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod']) { $this->ajax_die($lang['TOPIC_LOCKED']); } $message = (string) $this->request['message']; $message = prepare_message($message); // Flood control $where_sql = IS_GUEST ? "p.poster_ip = '" . USER_IP . "'" : "p.poster_id = {$userdata['user_id']}"; $sql = "SELECT MAX(p.post_time) AS last_post_time FROM " . BB_POSTS . " p WHERE {$where_sql}"; if ($row = DB()->fetch_row($sql) and $row['last_post_time']) { if ($userdata['user_level'] == USER) { if (TIMENOW - $row['last_post_time'] < $bb_cfg['flood_interval']) {
function map($fn, $lst) { return empty($lst) ? array() : cons($fn(first($lst)), map($fn, bf($lst))); }
display_post_attachments($post_id, $postrow[$i]['post_attachment']); } if ($moderation && !defined('SPLIT_FORM_START') && ($start || $post_id == $t_data['topic_first_post_id'])) { define('SPLIT_FORM_START', TRUE); } if ($poster_id != BOT_UID) { $prev_post_time = $postrow[$i]['post_time']; } } set_tracks(COOKIE_TOPIC, $tracking_topics, $topic_id, $max_post_time); if (defined('SPLIT_FORM_START')) { $template->assign_vars(array('SPLIT_FORM' => true, 'START' => $start, 'S_SPLIT_ACTION' => "modcp.php", 'POST_FORUM_URL' => POST_FORUM_URL, 'POST_TOPIC_URL' => POST_TOPIC_URL)); } // Quick Reply if ($bb_cfg['show_quick_reply']) { if ($is_auth['auth_reply'] && !($t_data['forum_status'] == FORUM_LOCKED || $t_data['topic_status'] == TOPIC_LOCKED)) { $template->assign_vars(array('QUICK_REPLY' => true, 'QR_POST_ACTION' => POSTING_URL, 'QR_TOPIC_ID' => $topic_id, 'CAPTCHA_HTML' => IS_GUEST ? bb_captcha('get') : '')); if (!IS_GUEST) { $notify_user = bf($userdata['user_opt'], 'user_opt', 'user_notify'); $template->assign_vars(array('QR_NOTIFY_CHECKED' => $notify_user ? $notify_user && $is_watching_topic : $is_watching_topic)); } } } foreach ($is_auth as $name => $is) { $template->assign_vars(array(strtoupper($name) => $is)); } $template->assign_vars(array('PG_ROW_CLASS' => isset($pg_row_class) ? $pg_row_class : 'row1')); if (IS_ADMIN) { $template->assign_vars(array('U_LOGS' => "admin/admin_log.php?sid={$userdata['session_id']}&t={$topic_id}&db=900")); } print_page('viewtopic.tpl');
/** * Enqueue ads */ function enqueue_ads() { global $datastore, $bb_cfg; if ($bb_cfg['show_ads'] && !bf($this->opt, 'user_opt', 'user_hide_ads') && !defined('IN_ADMIN') && !defined('IN_AJAX')) { $datastore->enqueue('ads'); $this->show_ads = true; } }
// synch unread pm count if (defined('IN_PM')) { $row = DB()->fetch_row("\n\t\t\t\tSELECT COUNT(*) AS pm_count\n\t\t\t\tFROM " . BB_PRIVMSGS . "\n\t\t\t\tWHERE privmsgs_to_userid = " . $userdata['user_id'] . "\n\t\t\t\t\tAND privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . "\n\t\t\t\tGROUP BY privmsgs_to_userid\n\t\t\t"); $real_unread_pm_count = (int) $row['pm_count']; if ($userdata['user_unread_privmsg'] != $real_unread_pm_count) { $userdata['user_unread_privmsg'] = $real_unread_pm_count; db_update_userdata($userdata, array('user_unread_privmsg' => $real_unread_pm_count)); } } $pm_info = declension($userdata['user_unread_privmsg'], $lang['UNREAD_PMS_DECLENSION'], $lang['UNREAD_PMS_FORMAT']); $have_unread_pm = true; } } $template->assign_vars(array('HAVE_NEW_PM' => $have_new_pm, 'HAVE_UNREAD_PM' => $have_unread_pm)); // The following assigns all _common_ variables that may be used at any point in a template $template->assign_vars(array('SIMPLE_HEADER' => !empty($gen_simple_header), 'CONTENT_ENCODING' => $bb_cfg['lang'][$userdata['user_lang']]['encoding'], 'IN_ADMIN' => defined('IN_ADMIN'), 'SHOW_ADS' => !$logged_in || isset($bb_cfg['show_ads_users'][$user->id]) || !IS_AM && $user->show_ads, 'USER_HIDE_CAT' => BB_SCRIPT == 'index', 'USER_LANG' => $userdata['user_lang'], 'INCLUDE_BBCODE_JS' => !empty($page_cfg['include_bbcode_js']), 'USER_OPTIONS_JS' => IS_GUEST ? '{}' : Zend\Json\Json::encode($user->opt_js), 'USE_TABLESORTER' => !empty($page_cfg['use_tablesorter']), 'SITENAME' => $bb_cfg['sitename'], 'U_INDEX' => BB_ROOT . "index.php", 'T_INDEX' => sprintf($lang['FORUM_INDEX'], $bb_cfg['sitename']), 'IS_GUEST' => IS_GUEST, 'IS_USER' => IS_USER, 'IS_ADMIN' => IS_ADMIN, 'IS_MOD' => IS_MOD, 'IS_AM' => IS_AM, 'FORUM_PATH' => FORUM_PATH, 'FULL_URL' => FULL_URL, 'CURRENT_TIME' => sprintf($lang['CURRENT_TIME'], bb_date(TIMENOW, $bb_cfg['last_visit_date_format'], false)), 'S_TIMEZONE' => preg_replace('/\\(.*?\\)/', '', sprintf($lang['ALL_TIMES'], $lang['TZ'][str_replace(',', '.', floatval($bb_cfg['board_timezone']))])), 'BOARD_TIMEZONE' => $bb_cfg['board_timezone'], 'PM_INFO' => $pm_info, 'PRIVMSG_IMG' => $icon_pm, 'LOGGED_IN' => $logged_in, 'SESSION_USER_ID' => $userdata['user_id'], 'POINTS' => $userdata['user_points'], 'THIS_USER' => profile_url($userdata), 'THIS_AVATAR' => get_avatar($userdata['user_id'], $userdata['avatar_ext_id'], !bf($userdata['user_opt'], 'user_opt', 'dis_avatar')), 'SHOW_LOGIN_LINK' => !defined('IN_LOGIN'), 'AUTOLOGIN_DISABLED' => !$bb_cfg['allow_autologin'], 'S_LOGIN_ACTION' => LOGIN_URL, 'U_CUR_DOWNLOADS' => PROFILE_URL . $userdata['user_id'], 'U_FORUM' => "viewforum.php", 'U_GROUPS' => "group.php", 'U_LOGIN_LOGOUT' => $u_login_logout, 'U_MEMBERLIST' => "memberlist.php", 'U_MODCP' => "modcp.php", 'U_OPTIONS' => "profile.php?mode=editprofile", 'U_PRIVATEMSGS' => PM_URL . "?folder=inbox", 'U_PROFILE' => PROFILE_URL . $userdata['user_id'], 'U_READ_PM' => PM_URL . "?folder=inbox" . ($userdata['user_newest_pm_id'] && $userdata['user_new_privmsg'] == 1 ? "&mode=read&p={$userdata['user_newest_pm_id']}" : ''), 'U_REGISTER' => "profile.php?mode=register", 'U_SEARCH' => "search.php", 'U_SEND_PASSWORD' => "profile.php?mode=sendpassword", 'U_TERMS' => $bb_cfg['terms_and_conditions_url'], 'U_TRACKER' => "tracker.php", 'SHOW_SIDEBAR1' => !empty($page_cfg['show_sidebar1'][BB_SCRIPT]) || $bb_cfg['show_sidebar1_on_every_page'], 'SHOW_SIDEBAR2' => !empty($page_cfg['show_sidebar2'][BB_SCRIPT]) || $bb_cfg['show_sidebar2_on_every_page'], 'HTML_AGREEMENT' => LANG_DIR . 'html/user_agreement.html', 'HTML_COPYRIGHT' => LANG_DIR . 'html/copyright_holders.html', 'HTML_ADVERT' => LANG_DIR . 'html/advert.html', 'HTML_SIDEBAR_1' => LANG_DIR . 'html/sidebar1.html', 'HTML_SIDEBAR_2' => LANG_DIR . 'html/sidebar2.html', 'AVATARS_URL' => 'data/avatars', 'CAT_URL' => BB_ROOT . CAT_URL, 'DOWNLOAD_URL' => BB_ROOT . DOWNLOAD_URL, 'FORUM_URL' => BB_ROOT . FORUM_URL, 'GROUP_URL' => BB_ROOT . GROUP_URL, 'LOGIN_URL' => $bb_cfg['login_url'], 'NEWEST_URL' => '&view=newest#newest', 'PM_URL' => $bb_cfg['pm_url'], 'POST_URL' => BB_ROOT . POST_URL, 'POSTING_URL' => $bb_cfg['posting_url'], 'PROFILE_URL' => BB_ROOT . PROFILE_URL, 'TOPIC_URL' => BB_ROOT . TOPIC_URL, 'AJAX_HTML_DIR' => AJAX_HTML_DIR, 'ONLY_NEW_POSTS' => ONLY_NEW_POSTS, 'ONLY_NEW_TOPICS' => ONLY_NEW_TOPICS, 'BOT_UID' => BOT_UID, 'COOKIE_MARK' => COOKIE_MARK, 'SID' => $userdata['session_id'], 'SID_HIDDEN' => '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />', 'CHECKED' => HTML_CHECKED, 'DISABLED' => HTML_DISABLED, 'READONLY' => HTML_READONLY, 'SELECTED' => HTML_SELECTED, 'U_SEARCH_SELF_BY_LAST' => "search.php?uid={$userdata['user_id']}&o=5", 'U_WATCHED_TOPICS' => "profile.php?mode=watch")); if (!empty($page_cfg['show_torhelp'][BB_SCRIPT]) && !empty($userdata['torhelp'])) { $ignore_time = !empty($_COOKIE['torhelp']) ? (int) $_COOKIE['torhelp'] : 0; if (TIMENOW > $ignore_time) { if ($ignore_time) { bb_setcookie('torhelp', '', COOKIE_EXPIRED); } $sql = "\n\t\t\tSELECT topic_id, topic_title\n\t\t\tFROM " . BB_TOPICS . "\n\t\t\tWHERE topic_id IN(" . $userdata['torhelp'] . ")\n\t\t\tLIMIT 8\n\t\t"; $torhelp_topics = array(); foreach (DB()->fetch_rowset($sql) as $row) { $torhelp_topics[] = '<a href="viewtopic.php?t=' . $row['topic_id'] . '">' . $row['topic_title'] . '</a>'; } $template->assign_vars(array('TORHELP_TOPICS' => join("</li>\n<li>", $torhelp_topics))); } } // Ads
$privmsg_message = $privmsg['privmsgs_text']; $msg_date = bb_date($privmsg['privmsgs_date']); $privmsg_message = '[quote="' . $to_username . '"]' . $privmsg_message . '[/quote]'; $mode = 'reply'; } } else { $privmsg_subject = $privmsg_message = $to_username = ''; } } } } } // // Has admin prevented user from sending PM's? // if (bf($userdata['user_opt'], 'user_opt', 'dis_pm') && $mode != 'edit') { $message = $lang['CANNOT_SEND_PRIVMSG']; } // // Start output, first preview, then errors then post form // $page_title = $lang['SEND_PRIVATE_MESSAGE']; if ($preview && !$error) { $orig_word = array(); $replacement_word = array(); obtain_word_list($orig_word, $replacement_word); $preview_message = htmlCHR($privmsg_message, false, ENT_NOQUOTES); $preview_message = bbcode2html($privmsg_message); if (count($orig_word)) { $preview_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject); $preview_message = preg_replace($orig_word, $replacement_word, $preview_message);
// per-letter selection end $sql = "SELECT username, user_id, user_rank, user_opt, user_posts, user_regdate, user_from, user_website, user_email FROM " . BB_USERS . " WHERE user_id NOT IN(" . EXCLUDED_USERS_CSV . ")"; if ($username) { $username = preg_replace('/\\*/', '%', clean_username($username)); $letter_sql = "username LIKE '" . DB()->escape($username) . "'"; } $sql .= $letter_sql ? " AND {$letter_sql}" : ''; $sql .= " ORDER BY {$order_by}"; if ($result = DB()->fetch_rowset($sql)) { foreach ($result as $i => $row) { $user_id = $row['user_id']; $from = $row['user_from']; $joined = bb_date($row['user_regdate'], $bb_cfg['date_format']); $posts = $row['user_posts']; $pm = $bb_cfg['text_buttons'] ? '<a class="txtb" href="' . (PM_URL . "?mode=post&" . POST_USERS_URL . "={$user_id}") . '">' . $lang['SEND_PM_TXTB'] . '</a>' : '<a href="' . (PM_URL . "?mode=post&" . POST_USERS_URL . "={$user_id}") . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['SEND_PRIVATE_MESSAGE'] . '" title="' . $lang['SEND_PRIVATE_MESSAGE'] . '" border="0" /></a>'; if (bf($row['user_opt'], 'user_opt', 'user_viewemail') || IS_ADMIN) { $email_uri = $bb_cfg['board_email_form'] ? "profile.php?mode=email&" . POST_USERS_URL . "={$user_id}" : 'mailto:' . $row['user_email']; $email = '<a class="editable" href="' . $email_uri . '">' . $row['user_email'] . '</a>'; } else { $email = ''; } if ($row['user_website']) { $www = $bb_cfg['text_buttons'] ? '<a class="txtb" href="' . $row['user_website'] . '" target="_userwww">' . $lang['VISIT_WEBSITE_TXTB'] . '</a>' : '<a class="txtb" href="' . $row['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['VISIT_WEBSITE'] . '" title="' . $lang['VISIT_WEBSITE'] . '" border="0" /></a>'; } else { $www = ''; } $row_class = !($i % 2) ? 'row1' : 'row2'; $template->assign_block_vars('memberrow', array('ROW_NUMBER' => $i + ($start + 1), 'ROW_CLASS' => $row_class, 'USER' => profile_url($row), 'FROM' => $from, 'JOINED_RAW' => $row['user_regdate'], 'JOINED' => $joined, 'POSTS' => $posts, 'PM' => $pm, 'EMAIL' => $email, 'WWW' => $www, 'U_VIEWPROFILE' => PROFILE_URL . $user_id)); } } else { $template->assign_block_vars('no_username', array('NO_USER_ID_SPECIFIED' => $lang['NO_USER_ID_SPECIFIED']));
bb_die('Could not obtain reged user / online information'); } $onlinerow_reg = DB()->sql_fetchrowset($result); $sql = "SELECT session_logged_in, session_time, session_ip, session_start\n\t\t\tFROM " . BB_SESSIONS . "\n\t\t\tWHERE session_logged_in = 0\n\t\t\t\tAND session_time >= " . (TIMENOW - 300) . "\n\t\t\tORDER BY session_ip ASC, session_time DESC"; if (!($result = DB()->sql_query($sql))) { bb_die('Could not obtain guest user / online information'); } $onlinerow_guest = DB()->sql_fetchrowset($result); $reg_userid_ary = array(); if (count($onlinerow_reg)) { $registered_users = $hidden_users = 0; for ($i = 0, $cnt = count($onlinerow_reg); $i < $cnt; $i++) { if (!in_array($onlinerow_reg[$i]['user_id'], $reg_userid_ary)) { $reg_userid_ary[] = $onlinerow_reg[$i]['user_id']; $username = $onlinerow_reg[$i]['username']; if (bf($onlinerow_reg[$i]['user_opt'], 'user_opt', 'user_viewonline')) { $hidden_users++; $hidden = TRUE; } else { $registered_users++; $hidden = FALSE; } $row_class = 'row1'; $reg_ip = decode_ip($onlinerow_reg[$i]['session_ip']); $template->assign_block_vars('reg_user_row', array('ROW_CLASS' => $row_class, 'USER' => profile_url($onlinerow_reg[$i]), 'STARTED' => bb_date($onlinerow_reg[$i]['session_start'], 'H:i', false), 'LASTUPDATE' => bb_date($onlinerow_reg[$i]['user_session_time'], 'H:i', false), 'IP_ADDRESS' => $reg_ip, 'U_WHOIS_IP' => $bb_cfg['whois_info'] . $reg_ip)); } } } // Guest users if (count($onlinerow_guest)) { $guest_users = 0;
// Topics read tracks $tracking_topics = get_tracks('topic'); $tracking_forums = get_tracks('forum'); if ($mark_read && !IS_GUEST) { set_tracks(COOKIE_FORUM, $tracking_forums, $forum_id); set_die_append_msg($forum_id); $message = $lang['TOPICS_MARKED_READ']; bb_die($message); } // Subforums $show_subforums = $bb_cfg['sf_on_first_page_only'] ? !$start : true; if (!($forums = $datastore->get('cat_forums'))) { $datastore->update('cat_forums'); $forums = $datastore->get('cat_forums'); } if ($forums['forum'][$forum_id]['allow_porno_topic'] && bf($userdata['user_opt'], 'user_opt', 'user_porn_forums')) { bb_die($lang['ERROR_PORNO_FORUM']); } if (!$forum_data['forum_parent'] && isset($forums['f'][$forum_id]['subforums']) && $show_subforums) { $not_auth_forums = $user->get_excluded_forums(AUTH_VIEW); $ignore_forum_sql = $not_auth_forums ? "AND f.forum_id NOT IN({$not_auth_forums})" : ''; $sql = "\n\t\tSELECT\n\t\t\tf.forum_id, f.forum_status, f.forum_last_post_id, f.forum_posts, f.forum_topics,\n\t\t\tt.topic_last_post_time, t.topic_id AS last_topic_id, t.topic_title AS last_topic_title,\n\t\t\tp.poster_id AS sf_last_user_id, IF(p.poster_id = {$anon}, p.post_username, u.username) AS sf_last_username, u.user_rank\n\t\tFROM " . BB_FORUMS . " f\n\t\tLEFT JOIN " . BB_TOPICS . " t ON(f.forum_last_post_id = t.topic_last_post_id)\n\t\tLEFT JOIN " . BB_POSTS . " p ON(f.forum_last_post_id = p.post_id)\n\t\tLEFT JOIN " . BB_USERS . " u ON(p.poster_id = u.user_id)\n\t\tWHERE f.forum_parent = {$forum_id}\n\t\t\t{$only_new_sql}\n\t\t\t{$ignore_forum_sql}\n\t\tGROUP BY f.forum_id\n\t\tORDER BY f.forum_order\n\t"; if ($rowset = DB()->fetch_rowset($sql)) { $template->assign_vars(array('SHOW_SUBFORUMS' => true, 'FORUM_IMG' => $images['forum'], 'FORUM_NEW_IMG' => $images['forum_new'], 'FORUM_LOCKED_IMG' => $images['forum_locked'])); } foreach ($rowset as $sf_data) { $sf_forum_id = $sf_data['forum_id']; $sf_last_tid = $sf_data['last_topic_id']; $folder_image = $images['forum']; $last_post = $lang['NO_POSTS']; if (!($fname_html =& $forums['forum_name_html'][$sf_forum_id])) {
function auth_check($bf_ary, $bf_key, $perm_ary, $perm_key, $is_admin = false) { if ($is_admin) { return true; } if (!isset($perm_ary[$perm_key])) { return false; } return bf($perm_ary[$perm_key], $bf_ary, $bf_key); }
function generate_passkey($user_id, $force_generate = false) { global $bb_cfg, $lang, $sql; $user_id = (int) $user_id; // Check if user can change passkey if (!$force_generate) { $sql = "SELECT user_opt FROM " . BB_USERS . " WHERE user_id = {$user_id} LIMIT 1"; if (!($result = DB()->sql_query($sql))) { bb_die('Could not query userdata for passkey'); } if ($row = DB()->sql_fetchrow($result)) { if (bf($row['user_opt'], 'user_opt', 'dis_passkey')) { bb_die($lang['NOT_AUTHORISED']); } } } for ($i = 0; $i < 20; $i++) { $passkey_val = make_rand_str(BT_AUTH_KEY_LENGTH); $old_passkey = null; if ($row = DB()->fetch_row("SELECT auth_key FROM " . BB_BT_USERS . " WHERE user_id = {$user_id} LIMIT 1")) { $old_passkey = $row['auth_key']; } // Insert new row DB()->query("INSERT IGNORE INTO " . BB_BT_USERS . " (user_id, auth_key) VALUES ({$user_id}, '{$passkey_val}')"); if (DB()->affected_rows() == 1) { return $passkey_val; } // Update DB()->query("UPDATE IGNORE " . BB_BT_USERS . " SET auth_key = '{$passkey_val}' WHERE user_id = {$user_id} LIMIT 1"); if (DB()->affected_rows() == 1) { // Ocelot if ($bb_cfg['ocelot']['enabled']) { ocelot_update_tracker('change_passkey', array('oldpasskey' => $old_passkey, 'newpasskey' => $passkey_val)); } return $passkey_val; } } return false; }