コード例 #1
1
ファイル: change_email.php プロジェクト: neymanna/fusionforge
    $newemail = getStringFromRequest('newemail');
    if (!validate_email($newemail)) {
        form_release_key(getStringFromRequest('form_key'));
        exit_error(_('Error'), _('Invalid email address.'));
    }
    $confirm_hash = substr(md5($session_hash . time()), 0, 16);
    $u =& user_get_object(user_getid());
    if (!$u || !is_object($u)) {
        form_release_key(getStringFromRequest('form_key'));
        exit_error('Error', 'Could Not Get User');
    } elseif ($u->isError()) {
        form_release_key(getStringFromRequest('form_key'));
        exit_error('Error', $u->getErrorMessage());
    }
    if (!$u->setNewEmailAndHash($newemail, $confirm_hash)) {
        form_release_key(getStringFromRequest('form_key'));
        exit_error('Could Not Complete Operation', $u->getErrorMessage());
    }
    $message = stripcslashes(sprintf(_('You have requested a change of email address on %1$s.
Please visit the following URL to complete the email change:

%2$s

 -- the %1$s staff'), $GLOBALS['sys_name'], util_make_url('/account/change_email-complete.php?ch=_' . $confirm_hash)));
    util_send_message($newemail, sprintf(_('%1$s Verification'), $GLOBALS['sys_name']), $message);
    site_user_header(array('title' => _('Email Change Confirmation')));
    printf(_('<p>An email has been sent to the new address. Follow the instructions in the email to complete the email change. </p><a href="%1$s">[ Home ]</a>'), util_make_url('/'));
    site_user_footer(array());
    exit;
}
site_user_header(array('title' => _('Email change')));
コード例 #2
0
ファイル: admin_table.php プロジェクト: neymanna/fusionforge
/**
 *	admin_table_postadd() - update the database based on a submitted change
 *
 *	@param $table - the table to act on
 *	@param $unit - the name of the "units" described by the table's records
 *	@param $primary_key - the primary key of the table
 */
function admin_table_postadd($table, $unit, $primary_key)
{
    if (!form_key_is_valid(getStringFromRequest('form_key'))) {
        exit_form_double_submit();
    }
    $field_list = getStringFromRequest('__fields__');
    $fields = split(",", $field_list);
    $values = array();
    foreach ($fields as $field) {
        $values[] = "'" . getStringFromPost($field) . "'";
    }
    $sql = "INSERT INTO {$table} (" . $field_list . ") VALUES (" . implode(",", $values) . ")";
    if (db_query($sql)) {
        printf(_('%1$s successfully added.'), ucfirst(getUnitLabel($unit)));
    } else {
        form_release_key(getStringFromRequest('form_key'));
        echo db_error();
    }
}
コード例 #3
0
ファイル: addversion.php プロジェクト: neymanna/fusionforge
<?php 
                        echo util_make_url('/snippet/add_snippet_to_package.php?snippet_package_version_id=' . $snippet_package_version_id, _('Add snippets to package'), array('target' => '_blank'));
                        ?>
</p>
<p><?php 
                        echo _('<strong>Browse the library</strong> to find the snippets you want to add, then add them using the new window link shown above.');
                        ?>
</p>
<p>

					<?php 
                        snippet_footer(array());
                        exit;
                    }
                } else {
                    form_release_key(getStringFromRequest("form_key"));
                    exit_error(_('Error - Go back and fill in all the information'));
                }
            }
            snippet_header(array('title' => _('New snippet version')));
            ?>
		</p>
		<p>
		<?php 
            echo _('If you have modified a version of a package and you feel it is significant enough to share with others, please do so.');
            ?>
</p>
		<p>
		<form action="<?php 
            echo getStringFromServer('PHP_SELF');
            ?>
コード例 #4
0
    /**
     *  ExecuteAction - Executes the action passed as parameter
     *
     *  @param  string	 action to execute.
     */
    function ExecuteAction($action)
    {
        global $HTML;
        if ($action == "change_status") {
            //change a forum
            $forum_name = getStringFromRequest('forum_name');
            $description = getStringFromRequest('description');
            $send_all_posts_to = getStringFromRequest('send_all_posts_to');
            $allow_anonymous = getIntFromRequest('allow_anonymous');
            $is_public = getIntFromRequest('is_public');
            $moderation_level = getIntFromRequest('moderation_level');
            $group_forum_id = getIntFromRequest('group_forum_id');
            /*
            	Change a forum
            */
            $f = new Forum($this->g, $group_forum_id);
            if (!$f || !is_object($f)) {
                exit_error(_('Error'), _('Error getting Forum'));
            } elseif ($f->isError()) {
                exit_error(_('Error'), $f->getErrorMessage());
            }
            if (!$f->userIsAdmin()) {
                exit_permission_denied();
            }
            if (!$f->update($forum_name, $description, $allow_anonymous, $is_public, $send_all_posts_to, $moderation_level)) {
                exit_error(_('Error'), $f->getErrorMessage());
            } else {
                $feedback = _('Forum Info Updated Successfully');
            }
            return $feedback;
        }
        if ($action == "add_forum") {
            //add forum
            $forum_name = getStringFromRequest('forum_name');
            $description = getStringFromRequest('description');
            $is_public = getStringFromRequest('is_public');
            $send_all_posts_to = getStringFromRequest('send_all_posts_to');
            $allow_anonymous = getStringFromRequest('allow_anonymous');
            $moderation_level = getIntFromRequest('moderation_level');
            /*
            	Adding forums to this group
            */
            if (!$this->p->isForumAdmin()) {
                form_release_key(getStringFromRequest("form_key"));
                exit_permission_denied();
            }
            $f = new Forum($this->g);
            if (!$f || !is_object($f)) {
                form_release_key(getStringFromRequest("form_key"));
                exit_error(_('Error'), _('Error getting Forum'));
            } elseif ($f->isError()) {
                form_release_key(getStringFromRequest("form_key"));
                exit_error(_('Error'), $f->getErrorMessage());
            }
            if (!$f->create($forum_name, $description, $is_public, $send_all_posts_to, 1, $allow_anonymous, $moderation_level)) {
                form_release_key(getStringFromRequest("form_key"));
                exit_error(_('Error'), $f->getErrorMessage());
            } else {
                $feedback = _('Forum created successfully');
            }
            return $feedback;
        }
        if ($action == "delete") {
            //Deleting messages or threads
            $msg_id = getStringFromRequest('deletemsg');
            $forum_id = getIntFromRequest('forum_id');
            $f = new Forum($this->g, $forum_id);
            if (!$f || !is_object($f)) {
                exit_error(_('Error'), _('Error getting Forum'));
            } elseif ($f->isError()) {
                exit_error(_('Error'), $f->getErrorMessage());
            }
            if (!$f->userIsAdmin()) {
                exit_permission_denied();
            }
            $fm = new ForumMessage($f, $msg_id);
            if (!$fm || !is_object($fm)) {
                exit_error(_('Error'), _('Error Getting ForumMessage'));
            } elseif ($fm->isError()) {
                exit_error(_('Error'), $fm->getErrorMessage());
            }
            $count = $fm->delete();
            if (!$count || $fm->isError()) {
                exit_error(_('Error'), $fm->getErrorMessage());
            } else {
                $feedback = sprintf(ngettext('%1$s message deleted', '%1$s messages deleted', $count), $count);
            }
            return $feedback;
        }
        if ($action == "delete_forum") {
            //delete the forum
            /*
            	Deleting entire forum
            */
            $group_forum_id = getIntFromRequest('group_forum_id');
            $f = new Forum($this->g, $group_forum_id);
            if (!$f || !is_object($f)) {
                exit_error(_('Error'), _('Error getting Forum'));
            } elseif ($f->isError()) {
                exit_error(_('Error'), $f->getErrorMessage());
            }
            if (!$f->userIsAdmin()) {
                exit_permission_denied();
            }
            if (!$f->delete(getStringFromRequest('sure'), getStringFromRequest('really_sure'))) {
                exit_error(_('Error'), $f->getErrorMessage());
            } else {
                $feedback = _('Successfully Deleted');
            }
            return $feedback;
        }
        if ($action == "view_pending") {
            //show the pending messages, awaiting moderation
            $group_id = $this->group_id;
            $forum_id = getStringFromRequest("forum_id");
            if ($this->isGroupAdmin()) {
                $this->PrintAdminOptions();
            }
            $sql = "SELECT forum_name, group_forum_id FROM forum_group_list WHERE group_id='{$group_id}' and moderation_level > 0";
            $res = db_query($sql);
            if (!$res) {
                echo db_error();
                return;
            }
            global $sys_db_row_pointer;
            $moderated_forums = array();
            for ($i = 0; $i < db_numrows($res); $i++) {
                $aux = db_fetch_array($res);
                $moderated_forums[$aux[1]] = $aux[0];
            }
            if (count($moderated_forums) == 0) {
                echo $HTML->feedback(_('No forums are moderated for this group'));
                forum_footer(array());
                exit;
            }
            if (!$forum_id) {
                //get the first one
                $keys = array_keys($moderated_forums);
                $forum_id = $keys[0];
            }
            echo '
			<script language="JavaScript" type="text/javascript">
		
			function confirmDel() {
				var agree=confirm("Proceed? Actions are permanent!");
				if (agree) {
					return true;
				} else {
					return false;
				}
			}
			</script>
			<p><form name="pending" action="pending.php" method="post">
			<input type="hidden" name="action" value="update_pending" />
			<input type="hidden" name="form_key" value="' . form_generate_key() . '">
			<input type="hidden" name="group_id" value="' . getIntFromRequest("group_id") . '" />
			<input type="hidden" name="forum_id" value="' . $forum_id . '" />

			';
            //$moderated_forums["A"] = "All Forums for this group"; // to show all
            echo html_build_select_box_from_assoc($moderated_forums, forum_id, $forum_id);
            echo '    <input name="Go" type="submit" value="Go"><p>';
            $title = array();
            $title[] = _('Forum Name');
            $title[] = _('Message');
            $title[] = "Action";
            $sql = "SELECT msg_id,subject,pm.group_forum_id,gl.forum_name FROM forum_pending_messages pm, forum_group_list gl WHERE pm.group_forum_id='{$forum_id}' AND pm.group_forum_id=gl.group_forum_id AND gl.group_forum_id='{$forum_id}'";
            $res = db_query($sql);
            if (!$res) {
                echo db_error();
                return;
            }
            $options = array("1" => "No action", "2" => "Delete", "3" => "Release");
            //array with the supported actions
            //i�ll make a hidden variable, helps to determine when the user updates the info, which action corresponds to which msgID
            for ($i = 0; $i < db_numrows($res); $i++) {
                $ids .= db_result($res, $i, 'msg_id') . ",";
            }
            $i = 2;
            echo $HTML->listTableTop($title);
            while ($onemsg = db_fetch_array($res)) {
                //$url = 'pendingmsgdetail.php?msg_id=' . $onemsg[msg_id];
                //<a href=\"javascript:msgdetail('$url');\">$onemsg[subject]</a>
                $url = "http://www.google.com";
                echo "\n\t\t\t\t<tr" . $HTML->boxGetAltRowStyle($i++) . ">\n\t\t\t\t\t<td>{$onemsg['forum_name']}</td>\t\n\t\t\t\t\t<td><a href=\"#\" OnClick=\"window.open('pendingmsgdetail.php?msg_id={$onemsg['msg_id']}&forum_id={$onemsg['group_forum_id']}&group_id={$group_id}','PendingMessageDetail','width=800,height=600,status=no,resizable=yes');\">{$onemsg['subject']}</a></td>\n\t\t\t\t\t<td><div align=\"right\">" . html_build_select_box_from_assoc($options, "doaction[]", 1) . "</div></td>\n\t\t\t\t</tr>";
            }
            echo $HTML->listTableBottom();
            echo '
			<p>
			<input type="hidden" name="msgids" value="' . $ids . '">
			<div align="right"><input type="submit" onClick="return confirmDel();" name="update" value="' . _('Update') . '"></div>
			</form>
			';
        }
        if ($action == "update_pending") {
            $group_id = getIntFromRequest("group_id");
            $forum_id = getIntFromRequest("forum_id");
            $msgids = getStringFromRequest("msgids");
            //the message ids to update
            $doaction = getArrayFromRequest("doaction");
            //the actions for the messages
            $msgids = split(",", $msgids);
            array_pop($msgids);
            //this last one is empty
            /*if ($this->isGroupAdmin()) {
            			$this->PrintAdminOptions();
            		}*/
            $results = array();
            //messages
            for ($i = 0; $i < count($msgids); $i++) {
                switch ($doaction[$i]) {
                    case 1:
                        //no action
                        break;
                    case 2:
                        //delete
                        db_begin();
                        $sql = "DELETE FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
                        if (!db_query($sql)) {
                            $feedback .= "DB Error ";
                            $feedback .= db_error() . "<br>";
                            db_rollback();
                            break;
                        }
                        $sql = "DELETE FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
                        if (!db_query($sql)) {
                            $feedback .= "DB Error ";
                            $feedback .= db_error() . "<br>";
                            db_rollback();
                            break;
                        }
                        db_commit();
                        $feedback .= _('Forum deleted');
                        break;
                    case 3:
                        //release
                        $sql = "SELECT * FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
                        $res1 = db_query($sql);
                        if (!$res1) {
                            $feedback .= "DB Error " . db_error() . "<br>";
                            break;
                        }
                        $sql = "SELECT * FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
                        $res2 = db_query($sql);
                        if (!$res2) {
                            $feedback .= "DB Error " . db_error() . "<br>";
                            break;
                        }
                        $f = new Forum($this->g, $forum_id);
                        if (!$f || !is_object($f)) {
                            exit_error(_('Error'), _('Error getting new Forum'));
                        } elseif ($f->isError()) {
                            exit_error(_('Error'), $f->getErrorMessage());
                        }
                        $fm = new ForumMessage($f);
                        // pending = false
                        if (!$fm || !is_object($fm)) {
                            exit_error(_('Error'), "Error getting new ForumMessage");
                        } elseif ($fm->isError()) {
                            exit_error(_('Error'), "Error getting new ForumMessage: " . $fm->getErrorMessage());
                        }
                        $group_forum_id = db_result($res1, 0, "group_forum_id");
                        $subject = db_result($res1, 0, "subject");
                        $body = db_result($res1, 0, "body");
                        $post_date = db_result($res1, 0, "post_date");
                        $thread_id = db_result($res1, 0, "thread_id");
                        $is_followup_to = db_result($res1, 0, "is_followup_to");
                        $posted_by = db_result($res1, 0, "posted_by");
                        $has_followups = db_result($res1, 0, "has_followups");
                        $most_recent_date = db_result($res1, 0, "most_recent_date");
                        if ($fm->insertreleasedmsg($group_forum_id, $subject, $body, $post_date, $thread_id, $is_followup_to, $posted_by, $has_followups, time())) {
                            $feedback .= "( {$subject} ) " . _('Pending forum released') . "<br>";
                            if (db_numrows($res2) > 0) {
                                //if there�s an attachment
                                $am = new AttachManager();
                                //object that will handle and insert the attachment into the db
                                $am->SetForumMsg($fm);
                                $userid = db_result($res2, 0, "userid");
                                $dateline = db_result($res2, 0, "dateline");
                                $filename = db_result($res2, 0, "filename");
                                $filedata = db_result($res2, 0, "filedata");
                                $filesize = db_result($res2, 0, "filesize");
                                $visible = db_result($res2, 0, "visible");
                                $msg_id = db_result($res2, 0, "msg_id");
                                $filehash = db_result($res2, 0, "filehash");
                                $mimetype = db_result($res2, 0, "mimetype");
                                $am->AddToDBOnly($userid, $dateline, $filename, $filedata, $filesize, $visible, $filehash, $mimetype);
                                foreach ($am->Getmessages() as $item) {
                                    $feedback .= "{$msg_id} - " . $item . "<br>";
                                }
                            }
                            $deleteok = true;
                        } else {
                            if ($fm->isError()) {
                                if ($fm->getErrorMessage() == _('Couldn\'t Update Master Thread parent with current time')) {
                                    //the thread which the message was replying to doesn�t exist any more
                                    $feedback .= "( " . $subject . " ) " . _('The thread which the message was posted to doesn\'t exist anymore, please delete the message.') . "<br>";
                                } else {
                                    $feedback .= "{$msg_id} - " . $fm->getErrorMessage() . "<br>";
                                }
                                $deleteok = false;
                            }
                        }
                        if (isset($am) && is_object($am)) {
                            //if there was an attach, check if it was uploaded ok
                            if (!$am->isError()) {
                                $deleteok = true;
                            } else {
                                //undo the changes to the forum table
                                db_begin();
                                $sql = "DELETE FROM forum WHERE msg_id='{$fm->getID}()'";
                                if (!db_query($sql)) {
                                    $feedback .= "DB Error ";
                                    $feedback .= db_error() . "<br>";
                                    db_rollback();
                                    break;
                                }
                                db_commit();
                                $deleteok = false;
                            }
                        }
                        if ($deleteok) {
                            //delete the message and attach
                            db_begin();
                            $sql = "DELETE FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
                            if (!db_query($sql)) {
                                $feedback .= "DB Error ";
                                $feedback .= db_error() . "<br>";
                                db_rollback();
                                break;
                            }
                            $sql = "DELETE FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
                            if (!db_query($sql)) {
                                $feedback .= "DB Error ";
                                $feedback .= db_error() . "<br>";
                                db_rollback();
                                break;
                            }
                            db_commit();
                        }
                }
            }
            html_feedback_top($feedback);
            $page = 0;
            $this->ExecuteAction("view_pending");
        }
    }