/** * Add menus item to the side bar block. * * @param array Array of menu items to add. Each menu item should be a nested array of id, link and title. * @param string The ID of the active menu item if there is one. */ function add_menu_items($items, $active) { global $run_module; $this->_contents = "<ul class=\"menu\">"; foreach ($items as $item) { if (!check_admin_permissions(array("module" => $run_module, "action" => $item['id']), false)) { continue; } $class = ""; if ($item['id'] == $active) { $class = "active"; } $item['link'] = htmlspecialchars_uni($item['link']); $this->_contents .= "<li class=\"{$class}\"><a href=\"{$item['link']}\">{$item['title']}</a></li>\n"; } $this->_contents .= "</ul>"; }
$current_module = explode("-", $mybb->input['module'], 2); } if (!isset($current_module[1])) { $current_module[1] = 'home'; } if ($mybb->input['module'] && isset($modules[$current_module[0]])) { $run_module = $current_module[0]; } else { $run_module = "home"; } $action_handler = $run_module . "_action_handler"; $action_file = $action_handler($current_module[1]); // Set our POST validation code here $mybb->post_code = generate_post_check(); if ($run_module != "home") { check_admin_permissions(array('module' => $page->active_module, 'action' => $page->active_action)); } // Only POST actions with a valid post code can modify information. Here we check if the incoming request is a POST and if that key is valid. $post_check_ignores = array("example/page" => array("action")); // An array of modules/actions to ignore POST checks for. if ($mybb->request_method == "post") { if (in_array($mybb->input['module'], $post_check_ignores)) { $k = array_search($mybb->input['module'], $post_check_ignores); if (in_array($mybb->input['action'], $post_check_ignores[$k])) { $post_verify = false; } } if ($post_verify == true) { // If the post key does not match we switch the action to GET and set a message to show the user if (!isset($mybb->input['my_post_key']) || $mybb->post_code != $mybb->input['my_post_key']) { $mybb->request_method = "get";
/** * @param string $action * * @return string */ function home_action_handler($action) { global $page, $db, $lang, $plugins; $page->active_module = "home"; $actions = array('preferences' => array('active' => 'preferences', 'file' => 'preferences.php'), 'credits' => array('active' => 'credits', 'file' => 'credits.php'), 'version_check' => array('active' => 'version_check', 'file' => 'version_check.php'), 'dashboard' => array('active' => 'dashboard', 'file' => 'index.php')); if (!isset($actions[$action])) { $page->active_action = "dashboard"; } else { $page->active_action = $actions[$action]['active']; } $actions = $plugins->run_hooks("admin_home_action_handler", $actions); if ($page->active_action == "dashboard") { // Quick Access $sub_menu = array(); $sub_menu['10'] = array("id" => "add_forum", "title" => $lang->add_new_forum, "link" => "index.php?module=forum-management&action=add", "module" => "forum", "action" => "management"); $sub_menu['20'] = array("id" => "search", "title" => $lang->search_for_users, "link" => "index.php?module=user-users&action=search", "module" => "user", "action" => "users"); $sub_menu['30'] = array("id" => "themes", "title" => $lang->themes, "link" => "index.php?module=style-themes", "module" => "style", "action" => "themes"); $sub_menu['40'] = array("id" => "templates", "title" => $lang->templates, "link" => "index.php?module=style-templates", "module" => "style", "action" => "templates"); $sub_menu['50'] = array("id" => "plugins", "title" => $lang->plugins, "link" => "index.php?module=config-plugins", "module" => "config", "action" => "plugins"); $sub_menu['60'] = array("id" => "backupdb", "title" => $lang->database_backups, "link" => "index.php?module=tools-backupdb", "module" => "tools", "action" => "backupdb"); foreach ($sub_menu as $id => $sub) { if (!check_admin_permissions(array("module" => $sub['module'], "action" => $sub['action']), false)) { unset($sub_menu[$id]); } } $sub_menu = $plugins->run_hooks("admin_home_menu_quick_access", $sub_menu); if (!empty($sub_menu)) { $sidebar = new SidebarItem($lang->quick_access); $sidebar->add_menu_items($sub_menu, $page->active_action); $page->sidebar .= $sidebar->get_markup(); } // Online Administrators in the last 30 minutes $timecut = TIME_NOW - 60 * 30; $query = $db->simple_select("adminsessions", "uid, ip, useragent", "lastactive > {$timecut}"); $online_users = "<ul class=\"menu online_admins\">"; $online_admins = array(); // If there's only 1 user online, it has to be us. if ($db->num_rows($query) == 1) { $user = $db->fetch_array($query); global $mybb; // Are we on a mobile device? // Stolen from http://stackoverflow.com/a/10989424 $user_type = "desktop"; if (is_mobile($user["useragent"])) { $user_type = "mobile"; } $online_admins[$mybb->user['username']] = array("uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "ip" => $user["ip"], "type" => $user_type); } else { $uid_in = array(); while ($user = $db->fetch_array($query)) { $uid_in[] = $user['uid']; $user_type = "desktop"; if (is_mobile($user['useragent'])) { $user_type = "mobile"; } $online_admins[$user['uid']] = array("ip" => $user['ip'], "type" => $user_type); } $query = $db->simple_select("users", "uid, username", "uid IN(" . implode(',', $uid_in) . ")", array('order_by' => 'username')); while ($user = $db->fetch_array($query)) { $online_admins[$user['username']] = array("uid" => $user['uid'], "username" => $user['username'], "ip" => $online_admins[$user['uid']]['ip'], "type" => $online_admins[$user['uid']]['type']); unset($online_admins[$user['uid']]); } } $done_users = array(); asort($online_admins); foreach ($online_admins as $user) { if (!isset($done_users["{$user['uid']}.{$user['ip']}"])) { if ($user['type'] == "mobile") { $class = " class=\"mobile_user\""; } else { $class = ""; } $ip_address = my_inet_ntop($db->unescape_binary($user['ip'])); $online_users .= "<li title=\"{$lang->ipaddress} {$ip_address}\"{$class}>" . build_profile_link($user['username'] . ' (' . $ip_address . ')', $user['uid'], "_blank") . "</li>"; $done_users["{$user['uid']}.{$user['ip']}"] = 1; } } $online_users .= "</ul>"; $sidebar = new SidebarItem($lang->online_admins); $sidebar->set_contents($online_users); $page->sidebar .= $sidebar->get_markup(); } if (isset($actions[$action])) { $page->active_action = $actions[$action]['active']; return $actions[$action]['file']; } else { $page->active_action = "dashboard"; return "index.php"; } }