$newemail = getStringFromRequest('newemail'); if (!validate_email($newemail)) { form_release_key(getStringFromRequest('form_key')); exit_error(_('Error'), _('Invalid email address.')); } $confirm_hash = substr(md5($session_hash . time()), 0, 16); $u =& user_get_object(user_getid()); if (!$u || !is_object($u)) { form_release_key(getStringFromRequest('form_key')); exit_error('Error', 'Could Not Get User'); } elseif ($u->isError()) { form_release_key(getStringFromRequest('form_key')); exit_error('Error', $u->getErrorMessage()); } if (!$u->setNewEmailAndHash($newemail, $confirm_hash)) { form_release_key(getStringFromRequest('form_key')); exit_error('Could Not Complete Operation', $u->getErrorMessage()); } $message = stripcslashes(sprintf(_('You have requested a change of email address on %1$s. Please visit the following URL to complete the email change: %2$s -- the %1$s staff'), $GLOBALS['sys_name'], util_make_url('/account/change_email-complete.php?ch=_' . $confirm_hash))); util_send_message($newemail, sprintf(_('%1$s Verification'), $GLOBALS['sys_name']), $message); site_user_header(array('title' => _('Email Change Confirmation'))); printf(_('<p>An email has been sent to the new address. Follow the instructions in the email to complete the email change. </p><a href="%1$s">[ Home ]</a>'), util_make_url('/')); site_user_footer(array()); exit; } site_user_header(array('title' => _('Email change')));
/** * admin_table_postadd() - update the database based on a submitted change * * @param $table - the table to act on * @param $unit - the name of the "units" described by the table's records * @param $primary_key - the primary key of the table */ function admin_table_postadd($table, $unit, $primary_key) { if (!form_key_is_valid(getStringFromRequest('form_key'))) { exit_form_double_submit(); } $field_list = getStringFromRequest('__fields__'); $fields = split(",", $field_list); $values = array(); foreach ($fields as $field) { $values[] = "'" . getStringFromPost($field) . "'"; } $sql = "INSERT INTO {$table} (" . $field_list . ") VALUES (" . implode(",", $values) . ")"; if (db_query($sql)) { printf(_('%1$s successfully added.'), ucfirst(getUnitLabel($unit))); } else { form_release_key(getStringFromRequest('form_key')); echo db_error(); } }
<?php echo util_make_url('/snippet/add_snippet_to_package.php?snippet_package_version_id=' . $snippet_package_version_id, _('Add snippets to package'), array('target' => '_blank')); ?> </p> <p><?php echo _('<strong>Browse the library</strong> to find the snippets you want to add, then add them using the new window link shown above.'); ?> </p> <p> <?php snippet_footer(array()); exit; } } else { form_release_key(getStringFromRequest("form_key")); exit_error(_('Error - Go back and fill in all the information')); } } snippet_header(array('title' => _('New snippet version'))); ?> </p> <p> <?php echo _('If you have modified a version of a package and you feel it is significant enough to share with others, please do so.'); ?> </p> <p> <form action="<?php echo getStringFromServer('PHP_SELF'); ?>
/** * ExecuteAction - Executes the action passed as parameter * * @param string action to execute. */ function ExecuteAction($action) { global $HTML; if ($action == "change_status") { //change a forum $forum_name = getStringFromRequest('forum_name'); $description = getStringFromRequest('description'); $send_all_posts_to = getStringFromRequest('send_all_posts_to'); $allow_anonymous = getIntFromRequest('allow_anonymous'); $is_public = getIntFromRequest('is_public'); $moderation_level = getIntFromRequest('moderation_level'); $group_forum_id = getIntFromRequest('group_forum_id'); /* Change a forum */ $f = new Forum($this->g, $group_forum_id); if (!$f || !is_object($f)) { exit_error(_('Error'), _('Error getting Forum')); } elseif ($f->isError()) { exit_error(_('Error'), $f->getErrorMessage()); } if (!$f->userIsAdmin()) { exit_permission_denied(); } if (!$f->update($forum_name, $description, $allow_anonymous, $is_public, $send_all_posts_to, $moderation_level)) { exit_error(_('Error'), $f->getErrorMessage()); } else { $feedback = _('Forum Info Updated Successfully'); } return $feedback; } if ($action == "add_forum") { //add forum $forum_name = getStringFromRequest('forum_name'); $description = getStringFromRequest('description'); $is_public = getStringFromRequest('is_public'); $send_all_posts_to = getStringFromRequest('send_all_posts_to'); $allow_anonymous = getStringFromRequest('allow_anonymous'); $moderation_level = getIntFromRequest('moderation_level'); /* Adding forums to this group */ if (!$this->p->isForumAdmin()) { form_release_key(getStringFromRequest("form_key")); exit_permission_denied(); } $f = new Forum($this->g); if (!$f || !is_object($f)) { form_release_key(getStringFromRequest("form_key")); exit_error(_('Error'), _('Error getting Forum')); } elseif ($f->isError()) { form_release_key(getStringFromRequest("form_key")); exit_error(_('Error'), $f->getErrorMessage()); } if (!$f->create($forum_name, $description, $is_public, $send_all_posts_to, 1, $allow_anonymous, $moderation_level)) { form_release_key(getStringFromRequest("form_key")); exit_error(_('Error'), $f->getErrorMessage()); } else { $feedback = _('Forum created successfully'); } return $feedback; } if ($action == "delete") { //Deleting messages or threads $msg_id = getStringFromRequest('deletemsg'); $forum_id = getIntFromRequest('forum_id'); $f = new Forum($this->g, $forum_id); if (!$f || !is_object($f)) { exit_error(_('Error'), _('Error getting Forum')); } elseif ($f->isError()) { exit_error(_('Error'), $f->getErrorMessage()); } if (!$f->userIsAdmin()) { exit_permission_denied(); } $fm = new ForumMessage($f, $msg_id); if (!$fm || !is_object($fm)) { exit_error(_('Error'), _('Error Getting ForumMessage')); } elseif ($fm->isError()) { exit_error(_('Error'), $fm->getErrorMessage()); } $count = $fm->delete(); if (!$count || $fm->isError()) { exit_error(_('Error'), $fm->getErrorMessage()); } else { $feedback = sprintf(ngettext('%1$s message deleted', '%1$s messages deleted', $count), $count); } return $feedback; } if ($action == "delete_forum") { //delete the forum /* Deleting entire forum */ $group_forum_id = getIntFromRequest('group_forum_id'); $f = new Forum($this->g, $group_forum_id); if (!$f || !is_object($f)) { exit_error(_('Error'), _('Error getting Forum')); } elseif ($f->isError()) { exit_error(_('Error'), $f->getErrorMessage()); } if (!$f->userIsAdmin()) { exit_permission_denied(); } if (!$f->delete(getStringFromRequest('sure'), getStringFromRequest('really_sure'))) { exit_error(_('Error'), $f->getErrorMessage()); } else { $feedback = _('Successfully Deleted'); } return $feedback; } if ($action == "view_pending") { //show the pending messages, awaiting moderation $group_id = $this->group_id; $forum_id = getStringFromRequest("forum_id"); if ($this->isGroupAdmin()) { $this->PrintAdminOptions(); } $sql = "SELECT forum_name, group_forum_id FROM forum_group_list WHERE group_id='{$group_id}' and moderation_level > 0"; $res = db_query($sql); if (!$res) { echo db_error(); return; } global $sys_db_row_pointer; $moderated_forums = array(); for ($i = 0; $i < db_numrows($res); $i++) { $aux = db_fetch_array($res); $moderated_forums[$aux[1]] = $aux[0]; } if (count($moderated_forums) == 0) { echo $HTML->feedback(_('No forums are moderated for this group')); forum_footer(array()); exit; } if (!$forum_id) { //get the first one $keys = array_keys($moderated_forums); $forum_id = $keys[0]; } echo ' <script language="JavaScript" type="text/javascript"> function confirmDel() { var agree=confirm("Proceed? Actions are permanent!"); if (agree) { return true; } else { return false; } } </script> <p><form name="pending" action="pending.php" method="post"> <input type="hidden" name="action" value="update_pending" /> <input type="hidden" name="form_key" value="' . form_generate_key() . '"> <input type="hidden" name="group_id" value="' . getIntFromRequest("group_id") . '" /> <input type="hidden" name="forum_id" value="' . $forum_id . '" /> '; //$moderated_forums["A"] = "All Forums for this group"; // to show all echo html_build_select_box_from_assoc($moderated_forums, forum_id, $forum_id); echo ' <input name="Go" type="submit" value="Go"><p>'; $title = array(); $title[] = _('Forum Name'); $title[] = _('Message'); $title[] = "Action"; $sql = "SELECT msg_id,subject,pm.group_forum_id,gl.forum_name FROM forum_pending_messages pm, forum_group_list gl WHERE pm.group_forum_id='{$forum_id}' AND pm.group_forum_id=gl.group_forum_id AND gl.group_forum_id='{$forum_id}'"; $res = db_query($sql); if (!$res) { echo db_error(); return; } $options = array("1" => "No action", "2" => "Delete", "3" => "Release"); //array with the supported actions //i�ll make a hidden variable, helps to determine when the user updates the info, which action corresponds to which msgID for ($i = 0; $i < db_numrows($res); $i++) { $ids .= db_result($res, $i, 'msg_id') . ","; } $i = 2; echo $HTML->listTableTop($title); while ($onemsg = db_fetch_array($res)) { //$url = 'pendingmsgdetail.php?msg_id=' . $onemsg[msg_id]; //<a href=\"javascript:msgdetail('$url');\">$onemsg[subject]</a> $url = "http://www.google.com"; echo "\n\t\t\t\t<tr" . $HTML->boxGetAltRowStyle($i++) . ">\n\t\t\t\t\t<td>{$onemsg['forum_name']}</td>\t\n\t\t\t\t\t<td><a href=\"#\" OnClick=\"window.open('pendingmsgdetail.php?msg_id={$onemsg['msg_id']}&forum_id={$onemsg['group_forum_id']}&group_id={$group_id}','PendingMessageDetail','width=800,height=600,status=no,resizable=yes');\">{$onemsg['subject']}</a></td>\n\t\t\t\t\t<td><div align=\"right\">" . html_build_select_box_from_assoc($options, "doaction[]", 1) . "</div></td>\n\t\t\t\t</tr>"; } echo $HTML->listTableBottom(); echo ' <p> <input type="hidden" name="msgids" value="' . $ids . '"> <div align="right"><input type="submit" onClick="return confirmDel();" name="update" value="' . _('Update') . '"></div> </form> '; } if ($action == "update_pending") { $group_id = getIntFromRequest("group_id"); $forum_id = getIntFromRequest("forum_id"); $msgids = getStringFromRequest("msgids"); //the message ids to update $doaction = getArrayFromRequest("doaction"); //the actions for the messages $msgids = split(",", $msgids); array_pop($msgids); //this last one is empty /*if ($this->isGroupAdmin()) { $this->PrintAdminOptions(); }*/ $results = array(); //messages for ($i = 0; $i < count($msgids); $i++) { switch ($doaction[$i]) { case 1: //no action break; case 2: //delete db_begin(); $sql = "DELETE FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'"; if (!db_query($sql)) { $feedback .= "DB Error "; $feedback .= db_error() . "<br>"; db_rollback(); break; } $sql = "DELETE FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'"; if (!db_query($sql)) { $feedback .= "DB Error "; $feedback .= db_error() . "<br>"; db_rollback(); break; } db_commit(); $feedback .= _('Forum deleted'); break; case 3: //release $sql = "SELECT * FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'"; $res1 = db_query($sql); if (!$res1) { $feedback .= "DB Error " . db_error() . "<br>"; break; } $sql = "SELECT * FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'"; $res2 = db_query($sql); if (!$res2) { $feedback .= "DB Error " . db_error() . "<br>"; break; } $f = new Forum($this->g, $forum_id); if (!$f || !is_object($f)) { exit_error(_('Error'), _('Error getting new Forum')); } elseif ($f->isError()) { exit_error(_('Error'), $f->getErrorMessage()); } $fm = new ForumMessage($f); // pending = false if (!$fm || !is_object($fm)) { exit_error(_('Error'), "Error getting new ForumMessage"); } elseif ($fm->isError()) { exit_error(_('Error'), "Error getting new ForumMessage: " . $fm->getErrorMessage()); } $group_forum_id = db_result($res1, 0, "group_forum_id"); $subject = db_result($res1, 0, "subject"); $body = db_result($res1, 0, "body"); $post_date = db_result($res1, 0, "post_date"); $thread_id = db_result($res1, 0, "thread_id"); $is_followup_to = db_result($res1, 0, "is_followup_to"); $posted_by = db_result($res1, 0, "posted_by"); $has_followups = db_result($res1, 0, "has_followups"); $most_recent_date = db_result($res1, 0, "most_recent_date"); if ($fm->insertreleasedmsg($group_forum_id, $subject, $body, $post_date, $thread_id, $is_followup_to, $posted_by, $has_followups, time())) { $feedback .= "( {$subject} ) " . _('Pending forum released') . "<br>"; if (db_numrows($res2) > 0) { //if there�s an attachment $am = new AttachManager(); //object that will handle and insert the attachment into the db $am->SetForumMsg($fm); $userid = db_result($res2, 0, "userid"); $dateline = db_result($res2, 0, "dateline"); $filename = db_result($res2, 0, "filename"); $filedata = db_result($res2, 0, "filedata"); $filesize = db_result($res2, 0, "filesize"); $visible = db_result($res2, 0, "visible"); $msg_id = db_result($res2, 0, "msg_id"); $filehash = db_result($res2, 0, "filehash"); $mimetype = db_result($res2, 0, "mimetype"); $am->AddToDBOnly($userid, $dateline, $filename, $filedata, $filesize, $visible, $filehash, $mimetype); foreach ($am->Getmessages() as $item) { $feedback .= "{$msg_id} - " . $item . "<br>"; } } $deleteok = true; } else { if ($fm->isError()) { if ($fm->getErrorMessage() == _('Couldn\'t Update Master Thread parent with current time')) { //the thread which the message was replying to doesn�t exist any more $feedback .= "( " . $subject . " ) " . _('The thread which the message was posted to doesn\'t exist anymore, please delete the message.') . "<br>"; } else { $feedback .= "{$msg_id} - " . $fm->getErrorMessage() . "<br>"; } $deleteok = false; } } if (isset($am) && is_object($am)) { //if there was an attach, check if it was uploaded ok if (!$am->isError()) { $deleteok = true; } else { //undo the changes to the forum table db_begin(); $sql = "DELETE FROM forum WHERE msg_id='{$fm->getID}()'"; if (!db_query($sql)) { $feedback .= "DB Error "; $feedback .= db_error() . "<br>"; db_rollback(); break; } db_commit(); $deleteok = false; } } if ($deleteok) { //delete the message and attach db_begin(); $sql = "DELETE FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'"; if (!db_query($sql)) { $feedback .= "DB Error "; $feedback .= db_error() . "<br>"; db_rollback(); break; } $sql = "DELETE FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'"; if (!db_query($sql)) { $feedback .= "DB Error "; $feedback .= db_error() . "<br>"; db_rollback(); break; } db_commit(); } } } html_feedback_top($feedback); $page = 0; $this->ExecuteAction("view_pending"); } }