<?php
if ($config->get('news', 'rss') == '1') {
$newslist = $db->selectList('news', '*', '1', '`timestamp` DESC');
$h = fopen("./media/rss/news.rss", "w");
fwrite($h, '<?xml version="1.0" encoding="utf-8"?>');
fwrite($h, '<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">');
fwrite($h, '<channel>');
fwrite($h, '<atom:link href="' . getSelfURL() . '/media/rss/news.rss" type="application/rss+xml" />');
fwrite($h, '<title>' . $config->get('core', 'title') . '</title>');
fwrite($h, '<link>' . getSelfURL() . '</link>');
fwrite($h, '<description></description>');
fwrite($h, '<language>' . $config->get('core', 'language') . '</language>');
fwrite($h, '<copyright></copyright>');
fwrite($h, '<pubDate>' . date('D, d M Y H:i:s O') . '</pubDate>');
foreach ($newslist as $item) {
$u = $db->selectOneRow('users', 'email, nickname', "`userid`=" . $item['userid']);
$url = getSelfURL() . '/' . makeURL($mod, array('newsid' => $item['newsid']));
fwrite($h, '<item>');
fwrite($h, '<title>' . $item['title'] . '</title>');
fwrite($h, '<description>' . replaceXmlEntities($bbcode->parse($item['text'])) . '</description>');
fwrite($h, '<link>' . $url . '</link>');
fwrite($h, '<author>' . $u['email'] . ' (' . $u['nickname'] . ')' . '</author>');
fwrite($h, '<guid>' . $url . '</guid>');
fwrite($h, '<pubDate>' . date('D, d M Y H:i:s O', $item['timestamp']) . '</pubDate>');
fwrite($h, '</item>');
}
fwrite($h, '</channel>');
fwrite($h, '</rss>');
fclose($h);
}
function createUser($email, $password, $nickname, $lastname, $prename, $birthday, $company = '', $address = '')
{
/* return-codes
* 0 = success
* 1 = user exists
* 2 = something went terribly wrong
*/
global $config;
global $log;
global $notify;
global $lang;
global $eMail;
if (trim($email) == '' || trim($password) == '' || trim($nickname) == '' || trim($lastname) == '' || trim($prename) == '' || $birthday == 0) {
return 2;
}
// Escape strings and strip html tags
$m_nickname = secureMySQL($nickname);
$m_email = secureMySQL($email);
$m_password = generatePasswordHash(secureMySQL($password));
$m_company = secureMySQL($company);
$m_address = secureMySQL($address);
$key = calculateActivationKey($m_email, $m_nickname, $m_password, secureMySQL($prename));
// Check if user already exists and create, otherwise notify
if (!$this->userExists($m_email, $m_nickname)) {
// Read mail config values
$activation_required = $config->get('login', 'register-activation-required');
$send_mail = $config->get('login', 'register-send-email');
if ($activation_required == 1 && $_GET['mod'] != 'admin') {
$activated = 0;
} else {
$activated = 1;
}
// create query
$sql = "INSERT INTO `" . $this->table . "`\r\n\t\t\t\t\t\t(`userid`, \t`email`, \t\t\t`password`, \t\t\t`nickname`\t\t,\t\t`regdate`,\r\n\t\t\t\t\t\t`lastname`, `prename`, `birthday`, `activation_key`, `activated`, `company`, `address`)\r\n\t\t\t\t\t\tVALUES\r\n\t\t\t\t\t\t(NULL, \t\t'" . $m_email . "',\t'" . $m_password . "', \t'" . $m_nickname . "',\t\t" . time() . ",\r\n\t\t\t\t\t\t'" . secureMySQL($lastname) . "', '" . secureMySQL($prename) . "', " . $birthday . ",\r\n\t\t\t\t\t\t'" . $key . "', " . $activated . ", '" . $m_company . "', '" . $m_address . "');";
if ($activation_required == 1 || $send_mail == 1) {
// check if user is created by admin module
if ($_GET['mod'] != 'admin' || @$_POST['email_send'] == '1') {
$subject = $config->get('login', 'register-mail-subject');
$text = $config->get('login', 'register-mail-text');
$sender = $config->get('login', 'register-mail-sender');
$url = getSelfURL() . '/' . makeURL('login', array('mode' => 'unlock', 'key' => $key));
$text = str_replace(array("%key%", "%nickname%", "%prename%", "%lastname%", "%url%", "\r\n"), array($key, $m_nickname, $prename, $lastname, $url, "<br />"), $text);
@($mail_sent = $eMail->send($subject, $text, $m_email));
if ($mail_sent) {
$log->add('register', 'mail successfully sent to ' . $m_email);
$notify->add($lang->get('register'), $lang->get('mail_sent'));
} else {
$log->add('register', 'mail to ' . $m_email . ' failed');
$notify->add($lang->get('register'), $lang->get('mail_error'));
}
}
}
// query
$this->db->query($sql);
$log->add('user', 'created user ' . $nickname . ' (' . $email . ')');
return 0;
} else {
return 1;
}
}
$breadcrumbs->addElement($lang->get('createcategory'), makeURL($mod, array('mode' => 'createcategory')));
$smarty->assign('path', $template_dir . "/createcategory.tpl");
break;
}
}
default:
if (isVisible($categoryid)) {
$showcategories = true;
if ($downloadid > 0) {
$dl = getDownload($downloadid);
if (isset($_POST['download'])) {
increaseDownloadCounter($downloadid);
$dl['counter']++;
$addr = trim($config->get('media', 'mail-notification-address'));
if ($addr != '') {
$text = '<p><strong><a href="' . getSelfURL() . '/' . makeURL($mod, array('categoryid' => $categoryid, 'downloadid' => $downloadid)) . '">' . $dl['name'] . '</a></strong></p>';
$text .= '<p>' . $lang->get('timestamp') . ': ' . date('d.m.Y H:i') . '</p>';
$text .= '<p>IP: ' . getRemoteAdr() . '</p>';
$me = $login->currentUser();
if (null != $me) {
$text .= '<p>UserID: ' . $me['userid'] . '</p>';
$text .= '<p>' . $lang->get('nickname') . ': ' . $me['nickname'] . '</p>';
$text .= '<p>' . $lang->get('email') . ': ' . $me['email'] . '</p>';
}
$eMail->send($lang->get('download_notification'), $text, $addr);
}
}
if ($login->currentUser() !== false) {
$smarty->assign('loggedin', true);
if (isset($_POST['add'])) {
$comments->add($mod, $login->currentUserID(), $_POST['comment'], $downloadid);
function redirect($url = '')
{
global $config, $notify, $debug;
$_SESSION['notifications'] = $notify->getAll();
if (!isset($url) || '' == $url) {
$url = getSelfURL() . '?' . $_SERVER['QUERY_STRING'];
}
if (substr($url, 0, strlen('http://')) != 'http://') {
$url = getSelfURL() . $url;
}
$url = str_replace('&', '&', $url);
if ($config->get('core', 'mod_rewrite') == '1') {
$url = str_replace('index.php', '', $url);
}
$debug->add('core::redirect', $url);
header('Location: ' . $url);
}
if ($u !== false) {
// check if inbox is full
$otherinbox = $db->num_rows($tbl_inbox, "`recieverid`=" . $u[0]['userid']);
$allowed = $config->get($mod, 'inbox_limit');
if ($otherinbox < $allowed) {
// insert into inbox
$db->insert($tbl_inbox, array('pmid', 'senderid', 'recieverid', 'timestamp', 'subject', 'message'), array('NULL', $login->currentUserID(), $u[0]['userid'], time(), "'" . $_POST['subject'] . "'", "'" . $_POST['message'] . "'"));
// insert into outbox
$db->insert($tbl_outbox, array('pmid', 'senderid', 'recieverid', 'timestamp', 'subject', 'message'), array('NULL', $login->currentUserID(), $u[0]['userid'], time(), "'" . $_POST['subject'] . "'", "'" . $_POST['message'] . "'"));
// notify about success
$notify->add($lang->get('pmbox'), $lang->get('pm_sent'));
// Send email, if enabled
if ($config->get($mod, 'email-notification') == '1') {
$me = $login->currentUser();
$eMail->setVar('sender', $me['nickname']);
$eMail->setVar('url', getSelfURL());
$result = $eMail->send($lang->get('pm_recieved_subject'), $lang->get('pm_recieved_text'), $u[0]['email']);
if ($result) {
$notify->add($lang->get('pmbox'), $lang->get('pm_mail_sent'));
}
}
redirect(makeUrl('pmbox'));
} else {
// inbox of reciever is full, notify
$notify->add($lang->get('pmbox'), $lang->get('inbox_full'));
}
} else {
// no user found, notify
$notify->add($lang->get('pmbox'), $lang->get('user_not_found'));
}
} else {
$buttons .= '</a></li>
<li><a href="/forum/merge_thread/?tid=' . $tid . '">' . $forum_language['merge_thread'] . '</a></li>
<li><a href="/forum/delete_thread/?tid=' . $tid . '" onclick="return confirm(\'' . $forum_language['confirm_thread_deletion'] . '\')">' . $forum_language['delete_thread'] . '</a></li>
<li><a href="/forum/move_thread/?tid=' . $tid . '">' . $forum_language['move_thread'] . '</a></li>
<li><a href="/forum/sticky_thread/?tid=' . $tid . '">' . $forum_language['sticky_thread'] . '</a></li>
</ul>
</div>';
}
$buttons .= '
<div class="btn-group">
<button type="button" class="btn btn-primary dropdown-toggle" data-toggle="dropdown">
' . $forum_language["sm-share"] . ' <span class="caret"></span>
</button>
<ul class="dropdown-menu" role="menu">
<li><a target="_blank" href="https://twitter.com/intent/tweet?text=' . getSelfURL() . 'forum/view_topic/?tid=' . $tid . '">' . $forum_language["sm-share-twitter"] . '</a></li>
<li><a target="_blank" href="https://www.facebook.com/sharer/sharer.php?u=' . getSelfURL() . 'forum/view_topic/?tid=' . $tid . '">' . $forum_language["sm-share-facebook"] . '</a></li>
</ul>
</div>
</span>';
$smarty->assign('BUTTONS', $buttons);
// Pagination
$pagination->setCurrent($p);
$pagination->setTotal(count($posts));
$pagination->alwaysShowPagination();
// Get number of users we should display on the page
$paginate = PaginateArray($p);
$n = $paginate[0];
$f = $paginate[1];
// Get the number we need to finish on ($d)
if (count($posts) > $f) {
$d = $p * 10;
$limit = (int) $config->get($mod, 'news-per-page');
$newsid = isset($_GET['newsid']) ? (int) $_GET['newsid'] : 0;
// add submenu if is allowed
if ($isallowed) {
$menu->addSubElement($mod, $lang->get('news_add'), 'add');
$menu->addSubElement($mod, $lang->get('news_edit'), 'edit');
}
$menu->addSubElement($mod, $lang->get('archive'), 'archive');
if ($config->get($mod, 'rss') == '1') {
$menu->addSubElement($mod, 'RSS-Feed', 'rss');
}
switch ($_GET['mode']) {
case 'rss':
$breadcrumbs->addElement('RSS-Feed', makeURL($mod, array('mode' => 'rss')));
$smarty->assign('path', $template_dir . "/rss.tpl");
$smarty->assign('rss_url', getSelfURL() . "/media/rss/news.rss");
break;
case 'beamer':
$news = $db->selectOneRow($table, "*", "`newsid`=" . $newsid);
$news['text'] = str_replace("\n", "<br />", $news['text']);
$smarty->assign('news', $news);
$smarty->assign('path', $template_dir . "/beamer.tpl");
break;
case 'archive':
function makeNews(&$comments, &$db, $table, $tbl_users, $start, $end, $title)
{
global $lng;
$news = '';
$result = $db->query("SELECT * FROM `" . $table . "`, `" . $tbl_users . "`\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `" . $table . "`.`userid` = `" . $tbl_users . "`.`userid` \r\n\t\t\t\t\t\t\t\t\t\t\t\tAND `timestamp`>" . $start . " \r\n\t\t\t\t\t\t\t\t\t\t\t\tAND `timestamp`<" . $end . " \r\n\t\t\t\t\t\t\t\t\t\t\t\tAND (`language` = '" . secureMySQL($lng) . "' OR `language` = '')\r\n\t\t\t\t\t\t\t\t\t\t\t\tAND (`domainid` = 0 OR `domainid` = " . getCurrentDomainIndex() . ")\r\n\t\t\t\t\t\t\t\t\t\t\t\tORDER BY `timestamp` DESC;");
while ($row = mysql_fetch_assoc($result)) {
$row['time'] = timeElapsed($row['timestamp']);
}
// ------------------------------------------------------------------ //
@($birthday = mktime(0, 0, 0, $_POST['Date_Month'], $_POST['Date_Day'], $_POST['Date_Year']));
// everything valid, create the user
if ($everything_valid) {
$result = $user->createUser($_POST['email'], $_POST['password'], $_POST['nickname'], $_POST['lastname'], $_POST['prename'], $birthday);
if ($result == 0) {
$notify->add($lang->get('register'), $lang->get('register_success'));
$addr = trim($config->get('login', 'register-notification-mail-address'));
if ($addr != '') {
$text = '<p><strong>' . $lang->get('register_mail_notification_descr') . '</strong></p>';
$text .= '<p>' . $lang->get('email') . ': ' . strip_tags($_POST['email']) . '<br />';
$text .= $lang->get('nickname') . ': ' . strip_tags($_POST['nickname']) . '<br />';
$text .= $lang->get('prename') . ': ' . strip_tags($_POST['prename']) . '<br />';
$text .= $lang->get('lastname') . ': ' . strip_tags($_POST['lastname']) . '<br />';
$text .= '<a href="' . getSelfURL() . '/' . makeURL('profile', array('userid' => mysql_insert_id())) . '">' . $lang->get('view_profile') . '</a></p>';
$eMail->send($lang->get('register_mail_notification_subject'), $text, $addr);
}
} else {
$notify->add($lang->get('register'), $lang->get('register_failed') . ' (' . $result . ')');
}
$_GET['mode'] = '';
$hide_submenu = true;
} else {
$smarty->assign('email', $_POST['email']);
@$smarty->assign('email_repeat', $_POST['email_repeat']);
$smarty->assign('nickname', $_POST['nickname']);
$smarty->assign('password', $_POST['password']);
$smarty->assign('password_repeat', $_POST['password_repeat']);
$smarty->assign('prename', $_POST['prename']);
$smarty->assign('lastname', $_POST['lastname']);