require PUN_ROOT . 'header.php'; generate_profile_menu('display'); ?> <div class="blockform"> <h2><span><?php echo pun_htmlspecialchars($user['username']) . ' - ' . $lang_profile['Section display']; ?> </span></h2> <div class="box"> <form id="profile5" method="post" action="profile.php?section=display&id=<?php echo $id; ?> "> <div><input type="hidden" name="form_sent" value="1" /></div> <?php $styles = forum_list_styles(); // Only display the style selection box if there's more than one style available if (count($styles) == 1) { echo "\t\t\t" . '<div><input type="hidden" name="form[style]" value="' . $styles[0] . '" /></div>' . "\n"; } else { if (count($styles) > 1) { ?> <div class="inform"> <fieldset> <legend><?php echo $lang_profile['Style legend']; ?> </legend> <div class="infldset"> <label><?php echo $lang_profile['Styles'];
public static function validate_config($username, $password1, $password2, $email, $title, $default_lang, $default_style) { $alerts = array(); // Validate username and passwords if (luna_strlen($username) < 2) { $alerts[] = __('Usernames must be at least 2 characters long.', 'luna'); } elseif (luna_strlen($username) > 25) { // This usually doesn't happen since the form element only accepts 25 characters $alerts[] = __('Usernames must not be more than 25 characters long.', 'luna'); } elseif (!strcasecmp($username, 'Guest')) { $alerts[] = __('The username guest is reserved.', 'luna'); } elseif (preg_match('%[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}%', $username) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $username)) { $alerts[] = __('Usernames may not be in the form of an IP address.', 'luna'); } elseif ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false) { $alerts[] = __('Usernames may not contain all the characters \', " and [ or ] at once.', 'luna'); } elseif (preg_match('%(?:\\[/?(?:b|u|i|h|colou?r|quote|code|img|url|email|list)\\]|\\[(?:code|quote|list)=)%i', $username)) { $alerts[] = __('Usernames may not contain any of the text formatting tags (BBCode) that the forum uses.', 'luna'); } if (luna_strlen($password1) < 4) { $alerts[] = __('Passwords must be at least 6 characters long.', 'luna'); } elseif ($password1 != $password2) { $alerts[] = __('Passwords do not match.', 'luna'); } // Validate email require FORUM_ROOT . 'include/email.php'; if (!is_valid_email($email)) { $alerts[] = __('The administrator email address you entered is invalid.', 'luna'); } if ($title == '') { $alerts[] = __('You must enter a board title.', 'luna'); } $languages = forum_list_langs(); if (!in_array($default_lang, $languages)) { $alerts[] = __('The default language chosen doesn\'t seem to exist.', 'luna'); } $styles = forum_list_styles(); if (!in_array($default_style, $styles)) { $alerts[] = __('The default style chosen doesn\'t seem to exist.', 'luna'); } return $alerts; }
if ($panther_config['o_reputation'] == '1') { switch (true) { case $user['reputation'] > '0': $type = 'positive'; break; case $user['reputation'] < '0': $type = 'negative'; break; default: $type = 'zero'; break; } $reputation = array('type' => $type, 'value' => forum_number_format($user['reputation'])); } $tpl = load_template('profile_display.tpl'); echo $tpl->render(array('lang_profile' => $lang_profile, 'lang_common' => $lang_common, 'user' => $user, 'checkboxes' => $checkboxes, 'styles' => forum_list_styles(), 'form_action' => panther_link($panther_url['profile_display'], array($id)), 'csrf_token' => generate_csrf_token(), 'given_link' => panther_link($panther_url['profile_rep_given'], array($id)), 'received_link' => panther_link($panther_url['profile_rep_received'], array($id)), 'reputation' => isset($reputation) ? $reputation : '', 'panther_config' => $panther_config)); } elseif ($section == 'rep_received' || $section == 'rep_given') { if ($panther_config['o_reputation'] == '0') { message($lang_common['Bad request']); } define('REPUTATION', 1); $page = !isset($_GET['p']) || $_GET['p'] <= '1' ? '1' : intval($_GET['p']); $data = array(':id' => $id); if ($section == 'rep_received') { $sql = "SELECT COUNT(r.id) FROM " . $db->prefix . "reputation AS r LEFT JOIN " . $db->prefix . "posts AS p ON r.post_id=p.id WHERE p.poster_id=:id"; } else { $sql = "SELECT COUNT(id) FROM " . $db->prefix . "reputation WHERE given_by=:id"; } $ps = $db->run($sql, $data); $total = $ps->fetchColumn(); //What page are we on?
public function get_styles() { $styles = forum_list_styles(); $output = ''; foreach ($styles as $temp) { if ($this->config['o_default_style'] == $temp) { $output .= "\t\t\t\t\t\t\t\t\t\t\t" . '<option value="' . $temp . '" selected="selected">' . str_replace('_', ' ', $temp) . '</option>' . "\n"; } else { $output .= "\t\t\t\t\t\t\t\t\t\t\t" . '<option value="' . $temp . '">' . str_replace('_', ' ', $temp) . '</option>' . "\n"; } } return $output; }
// Regenerate the config cache if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require PANTHER_ROOT . 'include/cache.php'; } generate_config_cache(); clear_feed_cache(); if ($form['url_type'] != $panther_config['o_url_type']) { //Load new URL pack to avoid 404 error after redirecting if (file_exists(PANTHER_ROOT . 'include/url/' . $form['url_type'] . '.php')) { require PANTHER_ROOT . 'include/url/' . $form['url_type'] . '.php'; } else { require PANTHER_ROOT . 'include/url/default.php'; } generate_quickjump_cache(); } redirect(panther_link($panther_url['admin_options']), $lang_admin_options['Options updated redirect']); } $page_title = array($panther_config['o_board_title'], $lang_admin_common['Admin'], $lang_admin_common['Options']); define('PANTHER_ACTIVE_PAGE', 'admin'); require PANTHER_ROOT . 'header.php'; generate_admin_menu('options'); $diff = ($panther_user['timezone'] + $panther_user['dst']) * 3600; $timestamp = time() + $diff; $schemes = get_url_schemes(); $scheme_options = array(); foreach ($schemes as $scheme) { $scheme_options[] = array('file' => $scheme, 'title' => substr(ucwords(str_replace('_', ' ', $scheme)), 0, -4)); } $tpl = load_template('admin_options.tpl'); echo $tpl->render(array('lang_admin_options' => $lang_admin_options, 'lang_admin_common' => $lang_admin_common, 'panther_config' => $panther_config, 'form_action' => panther_link($panther_url['admin_options']), 'csrf_token' => generate_csrf_token(PANTHER_ADMIN_DIR . '/options.php'), 'max_file_size' => $max_file_size, 'types' => $scheme_options, 'languages' => forum_list_langs(), 'styles' => forum_list_styles(), 'time_format' => gmdate($panther_config['o_time_format'], $timestamp), 'date_format' => gmdate($panther_config['o_date_format'], $timestamp), 'censoring_link' => panther_link($panther_url['admin_censoring']), 'archive_link' => panther_link($panther_url['admin_archive']), 'ranks_link' => panther_link($panther_url['admin_ranks']), 'tasks_link' => panther_link($panther_url['admin_tasks']), 'feeds' => array(5, 15, 30, 60), 'smtp_pass' => !empty($panther_config['o_smtp_pass']) ? random_key(panther_strlen($panther_config['o_smtp_pass']), true) : '', 'themes' => forum_list_themes())); require PANTHER_ROOT . 'footer.php';
public function update_profile($id, $info, $section) { global $lang_common, $lang_profile, $lang_prof_reg, $pd; $username_updated = false; // Validate input depending on section switch ($section) { case 'essentials': $form = array('timezone' => floatval($this->request->post('form_timezone')), 'dst' => $this->request->post('form_dst') ? '1' : '0', 'time_format' => intval($this->request->post('form_time_format')), 'date_format' => intval($this->request->post('form_date_format'))); // Make sure we got a valid language string if ($this->request->post('form_language')) { $languages = forum_list_langs(); $form['language'] = feather_trim($this->request->post('form_language')); if (!in_array($form['language'], $languages)) { message($lang_common['Bad request'], '404'); } } if ($this->user->is_admmod) { $form['admin_note'] = feather_trim($this->request->post('admin_note')); // Are we allowed to change usernames? if ($this->user->g_id == FEATHER_ADMIN || $this->user->g_moderator == '1' && $this->user->g_mod_rename_users == '1') { $form['username'] = feather_trim($this->request->post('req_username')); if ($form['username'] != $info['old_username']) { // Check username require FEATHER_ROOT . 'lang/' . $this->user->language . '/register.php'; $errors = ''; $errors = check_username($form['username'], $errors, $id); if (!empty($errors)) { message($errors[0]); } $username_updated = true; } } // We only allow administrators to update the post count if ($this->user->g_id == FEATHER_ADMIN) { $form['num_posts'] = intval($this->request->post('num_posts')); } } if ($this->config['o_regs_verify'] == '0' || $this->user->is_admmod) { require FEATHER_ROOT . 'include/email.php'; // Validate the email address $form['email'] = strtolower(feather_trim($this->request->post('req_email'))); if (!is_valid_email($form['email'])) { message($lang_common['Invalid email']); } } break; case 'personal': $form = array('realname' => $this->request->post('form_realname') ? feather_trim($this->request->post('form_realname')) : '', 'url' => $this->request->post('form_url') ? feather_trim($this->request->post('form_url')) : '', 'location' => $this->request->post('form_location') ? feather_trim($this->request->post('form_location')) : ''); // Add http:// if the URL doesn't contain it already (while allowing https://, too) if ($this->user->g_post_links == '1') { if ($form['url'] != '') { $url = url_valid($form['url']); if ($url === false) { message($lang_profile['Invalid website URL']); } $form['url'] = $url['url']; } } else { if (!empty($form['url'])) { message($lang_profile['Website not allowed']); } $form['url'] = ''; } if ($this->user->g_id == FEATHER_ADMIN) { $form['title'] = feather_trim($this->request->post('title')); } elseif ($this->user->g_set_title == '1') { $form['title'] = feather_trim($this->request->post('title')); if ($form['title'] != '') { // A list of words that the title may not contain // If the language is English, there will be some duplicates, but it's not the end of the world $forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower($lang_common['Member']), utf8_strtolower($lang_common['Moderator']), utf8_strtolower($lang_common['Administrator']), utf8_strtolower($lang_common['Banned']), utf8_strtolower($lang_common['Guest'])); if (in_array(utf8_strtolower($form['title']), $forbidden)) { message($lang_profile['Forbidden title']); } } } break; case 'messaging': $form = array('jabber' => feather_trim($this->request->post('form_jabber')), 'icq' => feather_trim($this->request->post('form_icq')), 'msn' => feather_trim($this->request->post('form_msn')), 'aim' => feather_trim($this->request->post('form_aim')), 'yahoo' => feather_trim($this->request->post('form_yahoo'))); // If the ICQ UIN contains anything other than digits it's invalid if (preg_match('%[^0-9]%', $form['icq'])) { message($lang_prof_reg['Bad ICQ']); } break; case 'personality': $form = array(); // Clean up signature from POST if ($this->config['o_signatures'] == '1') { $form['signature'] = feather_linebreaks(feather_trim($this->request->post('signature'))); // Validate signature if (feather_strlen($form['signature']) > $this->config['p_sig_length']) { message(sprintf($lang_prof_reg['Sig too long'], $this->config['p_sig_length'], feather_strlen($form['signature']) - $this->config['p_sig_length'])); } elseif (substr_count($form['signature'], "\n") > $this->config['p_sig_lines'] - 1) { message(sprintf($lang_prof_reg['Sig too many lines'], $this->config['p_sig_lines'])); } elseif ($form['signature'] && $this->config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$this->user->is_admmod) { $form['signature'] = utf8_ucwords(utf8_strtolower($form['signature'])); } // Validate BBCode syntax if ($this->config['p_sig_bbcode'] == '1') { require FEATHER_ROOT . 'include/parser.php'; $errors = array(); $form['signature'] = preparse_bbcode($form['signature'], $errors, true); if (count($errors) > 0) { message('<ul><li>' . implode('</li><li>', $errors) . '</li></ul>'); } } } break; case 'display': $form = array('disp_topics' => feather_trim($this->request->post('form_disp_topics')), 'disp_posts' => feather_trim($this->request->post('form_disp_posts')), 'show_smilies' => $this->request->post('form_show_smilies') ? '1' : '0', 'show_img' => $this->request->post('form_show_img') ? '1' : '0', 'show_img_sig' => $this->request->post('form_show_img_sig') ? '1' : '0', 'show_avatars' => $this->request->post('form_show_avatars') ? '1' : '0', 'show_sig' => $this->request->post('form_show_sig') ? '1' : '0'); if ($form['disp_topics'] != '') { $form['disp_topics'] = intval($form['disp_topics']); if ($form['disp_topics'] < 3) { $form['disp_topics'] = 3; } elseif ($form['disp_topics'] > 75) { $form['disp_topics'] = 75; } } if ($form['disp_posts'] != '') { $form['disp_posts'] = intval($form['disp_posts']); if ($form['disp_posts'] < 3) { $form['disp_posts'] = 3; } elseif ($form['disp_posts'] > 75) { $form['disp_posts'] = 75; } } // Make sure we got a valid style string if ($this->request->post('form_style')) { $styles = forum_list_styles(); $form['style'] = feather_trim($this->request->post('form_style')); if (!in_array($form['style'], $styles)) { message($lang_common['Bad request'], '404'); } } break; case 'privacy': $form = array('email_setting' => intval($this->request->post('form_email_setting')), 'notify_with_post' => $this->request->post('form_notify_with_post') ? '1' : '0', 'auto_notify' => $this->request->post('form_auto_notify') ? '1' : '0'); if ($form['email_setting'] < 0 || $form['email_setting'] > 2) { $form['email_setting'] = $this->config['o_default_email_setting']; } break; default: message($lang_common['Bad request'], '404'); } // Single quotes around non-empty values and nothing for empty values $temp = array(); foreach ($form as $key => $input) { $temp[$key] = $input; } if (empty($temp)) { message($lang_common['Bad request'], '404'); } DB::for_table('users')->where('id', $id)->find_one()->set($temp)->save(); // If we changed the username we have to update some stuff if ($username_updated) { $bans_updated = DB::for_table('bans')->where('username', $info['old_username'])->update_many('username', $form['username']); DB::for_table('posts')->where('poster_id', $id)->update_many('poster', $form['username']); DB::for_table('posts')->where('edited_by', $info['old_username'])->update_many('edited_by', $form['username']); DB::for_table('topics')->where('poster', $info['old_username'])->update_many('poster', $form['username']); DB::for_table('topics')->where('last_poster', $info['old_username'])->update_many('last_poster', $form['username']); DB::for_table('forums')->where('last_poster', $info['old_username'])->update_many('last_poster', $form['username']); DB::for_table('online')->where('ident', $info['old_username'])->update_many('ident', $form['username']); // If the user is a moderator or an administrator we have to update the moderator lists $group_id = DB::for_table('users')->where('id', $id)->find_one_col('group_id'); $group_mod = DB::for_table('groups')->where('g_id', $group_id)->find_one_col('g_moderator'); if ($group_id == FEATHER_ADMIN || $group_mod == '1') { $select_mods = array('id', 'moderators'); $result = DB::for_table('forums')->select_many($select_mods)->find_many(); foreach ($result as $cur_forum) { $cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array(); if (in_array($id, $cur_moderators)) { unset($cur_moderators[$info['old_username']]); $cur_moderators[$form['username']] = $id; uksort($cur_moderators, 'utf8_strcasecmp'); DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators))->save(); } } } // Regenerate the users info cache if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require FEATHER_ROOT . 'include/cache.php'; } generate_users_info_cache(); // Check if the bans table was updated and regenerate the bans cache when needed if ($bans_updated) { generate_bans_cache(); } } redirect(get_link('user/' . $id . '/section/' . $section . '/'), $lang_profile['Profile redirect']); }