/**
* Standard modular run function for snippet hooks. Generates XHTML to insert into a page using AJAX.
*
* @return tempcode The snippet
*/
function run()
{
$type = get_param('type');
if (!has_zone_access(get_member(), 'adminzone')) {
return new ocp_tempcode();
}
decache('main_staff_checklist');
require_lang('staff_checklist');
switch ($type) {
case 'add':
$recurinterval = get_param_integer('recurinterval', 0);
$task_title = get_param('tasktitle', false, true);
$id = $GLOBALS['SITE_DB']->query_insert('customtasks', array('tasktitle' => $task_title, 'datetimeadded' => time(), 'recurinterval' => $recurinterval, 'recurevery' => get_param('recurevery'), 'taskisdone' => NULL), true);
require_code('notifications');
$subject = do_lang('CT_NOTIFICATION_MAIL_SUBJECT', get_site_name(), $task_title);
$mail = do_lang('CT_NOTIFICATION_MAIL', comcode_escape(get_site_name()), comcode_escape($task_title));
dispatch_notification('checklist_task', NULL, $subject, $mail);
return do_template('BLOCK_MAIN_STAFF_CHECKLIST_CUSTOM_TASK', array('TASKTITLE' => comcode_to_tempcode(get_param('tasktitle', false, true)), 'DATETIMEADDED' => display_time_period(time()), 'RECURINTERVAL' => $recurinterval == 0 ? '' : integer_format($recurinterval), 'RECUREVERY' => get_param('recurevery'), 'TASKDONE' => 'not_completed', 'ID' => strval($id)));
case 'delete':
$GLOBALS['SITE_DB']->query_delete('customtasks', array('id' => get_param_integer('id')), '', 1);
break;
case 'mark_done':
$GLOBALS['SITE_DB']->query_update('customtasks', array('taskisdone' => time()), array('id' => get_param_integer('id')), '', 1);
break;
case 'mark_undone':
$GLOBALS['SITE_DB']->query_update('customtasks', array('taskisdone' => NULL), array('id' => get_param_integer('id')), '', 1);
break;
}
return new ocp_tempcode();
}
/**
* Standard modular run function.
*
* @param MEMBER The ID of the member we are getting detail hooks for
* @return ?tempcode Results (NULL: no action)
*/
function run($member_id)
{
global $OCWORLD_MEMBER_CACHE;
if (!isset($OCWORLD_MEMBER_CACHE)) {
$OCWORLD_MEMBER_CACHE = array();
}
if (array_key_exists($member_id, $OCWORLD_MEMBER_CACHE)) {
return $OCWORLD_MEMBER_CACHE[$member_id];
}
$zone = get_page_zone('ocworld', false);
if (is_null($zone)) {
return NULL;
}
if (!has_zone_access(get_member(), $zone)) {
return NULL;
}
$rows = $GLOBALS['SITE_DB']->query_select('w_members m LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'w_realms r ON m.location_realm=r.id', array('*'), array('m.id' => $member_id), '', 1, 0, true);
if (!is_null($rows) && array_key_exists(0, $rows)) {
$row = $rows[0];
$room = $GLOBALS['SITE_DB']->query_value_null_ok('w_rooms', 'name', array('location_x' => $row['location_x'], 'location_y' => $row['location_y'], 'location_realm' => $row['location_realm']));
if (is_null($room)) {
return NULL;
}
require_lang('ocworld');
$a = do_template('OCF_TOPIC_POST_CUSTOM_FIELD', array('_GUID' => '3d36d5ae8bcb66d59a0676200571fb1a', 'NAME' => do_lang_tempcode('_W_ROOM'), 'VALUE' => do_lang_tempcode('W_ROOM_COORD', escape_html($room), strval($row['location_realm']), array(strval($row['location_x']), strval($row['location_y'])))));
$b = do_template('OCF_TOPIC_POST_CUSTOM_FIELD', array('_GUID' => '72c62771f7796d69d1f1a616c2591206', 'NAME' => do_lang_tempcode('_W_REALM'), 'VALUE' => $row['name']));
$a->attach($b);
$OCWORLD_MEMBER_CACHE[$member_id] = $a;
return $a;
}
return NULL;
}
/**
* Standard modular run function for snippet hooks. Generates XHTML to insert into a page using AJAX.
*
* @return tempcode The snippet
*/
function run()
{
if (has_zone_access(get_member(), 'adminzone')) {
require_code('menus');
return build_stored_menu('popup', '_management');
}
return new ocp_tempcode();
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
if (!array_key_exists('param', $map)) {
return new ocp_tempcode();
}
if (!has_zone_access(get_member(), $map['param'])) {
access_denied('ZONE_ACCESS', $map['param']);
}
return new ocp_tempcode();
}
/**
* Standard modular run function.
*
* @param MEMBER The ID of the member we are getting link hooks for
* @return array List of tuples for results. Each tuple is: type,title,url
*/
function run($member_id)
{
if (!has_zone_access(get_member(), 'adminzone') && $member_id !== get_member()) {
return array();
}
require_code('ocf_join');
if (!referrer_is_qualified($member_id)) {
return array();
}
require_lang('referrals');
$keep = symbol_tempcode('KEEP');
return array(array('usage', do_lang_tempcode('REFERRALS'), find_script('referrer_report') . '?member_id=' . strval($member_id) . $keep->evaluate()));
}
/**
* Standard modular run function.
*
* @param MEMBER The ID of the member we are getting link hooks for
* @return array List of tuples for results. Each tuple is: type,title,url
*/
function run($member_id)
{
if (!addon_installed('filedump')) {
return array();
}
$zone = get_page_zone('filedump', false);
if (is_null($zone)) {
return array();
}
if (!has_zone_access(get_member(), $zone)) {
return array();
}
require_lang('filedump');
$path = $GLOBALS['FORUM_DRIVER']->get_username($member_id);
return array(array('content', do_lang_tempcode('FILE_DUMP'), build_url(array('page' => 'filedump', 'type' => 'misc', 'place' => '/' . $path . '/'), $zone)));
}
/**
* Standard modular run function.
*
* @param MEMBER The ID of the member we are getting link hooks for
* @return array List of tuples for results. Each tuple is: type,title,url
*/
function run($member_id)
{
if (!addon_installed('ocworld')) {
return array();
}
$zone = get_page_zone('ocworld', false);
if (is_null($zone)) {
return array();
}
if (!has_zone_access(get_member(), $zone)) {
return array();
}
$id = $GLOBALS['SITE_DB']->query_value_null_ok('w_members', 'id', array('id' => $member_id), '', true);
if (!is_null($id)) {
require_lang('ocworld');
return array(array('usage', do_lang_tempcode('OCWORLD'), build_url(array('page' => 'ocworld', 'type' => 'inventory', 'user' => $member_id), get_page_zone('ocworld'))));
}
return array();
}
/**
* Further filter results from _all_members_who_have_enabled.
*
* @param array Members from main query (we'll filter them)
* @param ID_TEXT The zone
* @param ID_TEXT Notification code
* @param ?SHORT_TEXT The category within the notification code (NULL: none)
* @param ?array List of member IDs we are restricting to (NULL: no restriction). This effectively works as a intersection set operator against those who have enabled.
* @param integer Start position (for pagination)
* @param integer Maximum (for pagination)
* @return array A pair: Map of members to their notification setting, and whether there may be more
*/
function _all_members_who_have_enabled_with_zone_access($to_filter, $zone, $only_if_enabled_on__notification_code, $only_if_enabled_on__category, $to_member_ids, $start, $max)
{
list($_members, $possibly_has_more) = $to_filter;
$members = array();
foreach ($_members as $member => $setting) {
if (has_zone_access($member, $zone)) {
$members[$member] = $setting;
}
}
return array($members, $possibly_has_more);
}
/**
* Render a menu branch to tempcode.
*
* @param array The menu branch map
* @param SHORT_TEXT An identifier for the menu (will be used as a unique id by menu javascript code)
* @param MEMBER The member the menu is being built as
* @param integer The depth into the menu that this branch resides at
* @param ID_TEXT The menu type (determines what templates get used)
* @param boolean Whether to generate Comcode with admin privilege
* @param array Array of all other branches
* @param integer The level
* @return array A pair: array of parameters of the menu branch (or NULL if unrenderable, or Tempcode of something to attach), and whether it is expanded
*/
function render_menu_branch($branch, $codename, $source_member, $level, $type, $as_admin, $all_branches, $the_level = 1)
{
global $REDIRECTED_TO;
$caption = mixed();
// Initialise type to mixed
if (is_string($branch['caption']) && strpos($branch['caption'], '[') !== false) {
$caption = comcode_to_tempcode($branch['caption'], $source_member, $as_admin);
} else {
$caption = $branch['caption'];
}
if (!is_null($branch['only_on_page']) && $branch['only_on_page'] != '') {
if (strpos($branch['only_on_page'], '{') !== false) {
require_code('tempcode_compiler');
$branch['only_on_page'] = static_evaluate_tempcode(template_to_tempcode($branch['only_on_page']));
}
if ($branch['only_on_page'] != '' && !match_key_match($branch['only_on_page'])) {
return array(NULL, false);
}
// We are not allowed to render this on this page
}
$current_zone = false;
$current_page = false;
$expand_this = false;
$tooltip = array_key_exists('caption_long', $branch) ? $branch['caption_long'] : '';
if (is_null($tooltip)) {
$tooltip = '';
}
// Caused by corrupt in DB. translate table join failed due to corrupt lang string reference
$dp = $GLOBALS['ZONE']['zone_default_page'];
$url = mixed();
// Spacers
if ($branch['type'] == 'blank') {
return array(do_template('MENU_SPACER_' . filter_naughty_harsh($type), array('MENU' => $codename, 'TOP_LEVEL' => $the_level == 1, 'THE_LEVEL' => strval($the_level), 'CURRENT' => $current_page, 'CURRENT_ZONE' => $current_zone), NULL, false, 'MENU_SPACER_tree'), false);
}
// Normal branches...
$users_current_zone = get_zone_name();
// Work out the final URL to use
$url = $branch['special'];
if (is_object($url)) {
if (isset($url->seq_parts) && isset($url->seq_parts[0]) && $url->seq_parts[0][3] == 'PAGE_LINK') {
$url = $url->seq_parts[0][1][0];
if (is_object($url)) {
$url = $url->evaluate();
}
} elseif (isset($url->bits) && isset($url->bits[0]) && $url->bits[0][2] == 'PAGE_LINK') {
$url = $url->bits[0][3][0];
if (is_object($url)) {
$url = $url->evaluate();
}
} elseif (substr($url->evaluate(), 0, strlen(get_base_url())) == get_base_url()) {
$page_link = url_to_pagelink($url->evaluate(), true, true);
if ($page_link != '') {
$url = $page_link;
}
}
}
if (!is_object($url)) {
$parts = array();
if (preg_match('#([\\w-]*):([\\w-]+|[^/]|$)((:(.*))*)#', $url, $parts) != 0 && $parts[1] != 'mailto') {
$page_link = $url;
list($zone_name, $map, $hash) = page_link_decode($url);
if ($zone_name == 'forum' && get_forum_type() != 'ocf') {
return array(NULL, false);
}
if (!isset($map['page'])) {
$map['page'] = get_zone_default_page($zone_name);
}
// If we need to check access
if (array_key_exists('check_perms', $branch['modifiers'])) {
if (!has_zone_access(get_member(), $zone_name)) {
return array(NULL, false);
}
if (!has_page_access(get_member(), $map['page'], $zone_name)) {
return array(NULL, false);
}
}
// Scan for Tempcode symbols etc
foreach ($map as $key => $val) {
if (strpos($val, '{') !== false) {
require_code('tempcode_compiler');
$map[$key] = template_to_tempcode($val);
}
}
$url = build_url($map, $zone_name, NULL, false, false, false, $hash);
// See if this is current page
$somewhere_definite = false;
$_parts = array();
foreach ($all_branches as $_branch) {
if (!is_string($_branch['special'])) {
continue;
}
if (preg_match('#([\\w-]*):([\\w-]+|[^/]|$)((:(.*))*)#', $_branch['special'], $_parts) != 0) {
if ($_parts[1] == $users_current_zone) {
$somewhere_definite = true;
}
}
}
$current_zone = $zone_name == $users_current_zone || !is_null($REDIRECTED_TO) && $zone_name == $REDIRECTED_TO['r_to_zone'] && !$somewhere_definite;
// This code is a bit smart, as zone menus usually have a small number of zones on them - redirects will be counted into the zone redirected to, so long as there is no more suitable zone and so long as it is not a transparent redirect
if ($zone_name == $users_current_zone || !is_null($REDIRECTED_TO) && $zone_name == $REDIRECTED_TO['r_to_zone'] && array_key_exists('page', $map) && $map['page'] == $REDIRECTED_TO['r_to_page']) {
$current_page = true;
foreach ($map as $k => $v) {
if (is_integer($v)) {
$v = strval($v);
}
if (is_object($v)) {
$v = $v->evaluate();
}
if ($v == '' && $k == 'page') {
$v = 'start';
if ($zone_name == $users_current_zone) {
global $ZONE;
$v = $ZONE['zone_default_page'];
}
}
$pv = get_param($k, $k == 'page' ? $dp : NULL, true);
if ($pv !== $v && ($k != 'page' || is_null($REDIRECTED_TO) || !is_null($REDIRECTED_TO) && ($v !== $REDIRECTED_TO['r_to_page'] || $zone_name != $REDIRECTED_TO['r_to_zone'])) && ($k != 'type' || $v != 'misc') && ($v != $dp || $k != 'page' || get_param('page', '') != '') && substr($k, 0, 5) != 'keep_') {
$current_page = false;
break;
}
}
}
} else {
$page_link = '';
$sym_pos = mixed();
$sym_pos = is_null($url) ? false : strpos($url, '{$');
if ($sym_pos !== false) {
$_url = new ocp_tempcode();
$len = strlen($url);
$prev = 0;
do {
$p_len = $sym_pos + 1;
$balance = 1;
while ($p_len < $len && $balance != 0) {
if ($url[$p_len] == '{') {
$balance++;
} elseif ($url[$p_len] == '}') {
$balance--;
}
$p_len++;
}
$_url->attach(substr($url, $prev, $sym_pos - $prev));
$_ret = new ocp_tempcode();
$_ret->parse_from($url, $sym_pos, $p_len);
$_url->attach($_ret);
$prev = $p_len;
$sym_pos = strpos($url, '{$', $sym_pos + 1);
} while ($sym_pos !== false);
$_url->attach(substr($url, $prev));
$url = $_url;
}
}
} else {
$page_link = NULL;
}
// Children
$children = new ocp_tempcode();
$display = 'block';
if ($branch['type'] == 'drawer') {
$new_children = array();
foreach ($branch['children'] as $i => $child) {
list($children2, $_expand_this) = render_menu_branch($child, $codename, $source_member, $level + 1, $type, $as_admin, $all_branches, $the_level + 1);
if ($_expand_this) {
$expand_this = true;
}
if ($children2 !== '' && !is_null($children2)) {
$new_children[] = $children2;
}
}
$num = count($new_children);
foreach ($new_children as $i => $child) {
if (is_object($child)) {
$children->attach($child);
} else {
$children->attach(do_template('MENU_BRANCH_' . filter_naughty_harsh($type), $child + array('POSITION' => strval($i), 'LAST' => $i == $num - 1, 'BRETHREN_COUNT' => strval($num)), NULL, false, 'MENU_BRANCH_tree'));
}
}
if ($children->is_empty()) {
return array(NULL, false);
}
// Nothing here!
if (!array_key_exists('expanded', $branch['modifiers']) && !$expand_this && !$current_page) {
$display = has_js() ? 'none' : 'block';
// We remap to 'none' using JS. If no JS, it remains visible. Once we have learn't we have JS, we don't need to do it again
} else {
$display = 'block';
}
}
// Data cleanups
$escape = is_string($caption) && !array_key_exists('comcode', $branch['modifiers']);
if ($escape) {
$caption = escape_html($caption);
}
// Access key
if ($page_link === '_SEARCH:help') {
$accesskey = '6';
} elseif ($page_link === '_SEARCH:rules') {
$accesskey = '7';
} elseif ($page_link === '_SEARCH:staff:type=misc') {
$accesskey = '5';
} else {
$accesskey = '';
}
// Other properties
$popup = array_key_exists('popup', $branch['modifiers']);
$popup_width = '';
$popup_height = '';
if ($popup) {
$popup_width = strval($branch['width']);
$popup_height = strval($branch['height']);
}
$new_window = array_key_exists('new_window', $branch['modifiers']);
// Render!
$rendered_branch = array('RANDOM' => substr(md5(uniqid('')), 0, 7), 'CAPTION' => $caption, 'IMG' => array_key_exists('img', $branch) ? $branch['img'] : '', 'URL' => $url, 'PAGE_LINK' => $page_link, 'ACCESSKEY' => $accesskey, 'POPUP' => $popup, 'POPUP_WIDTH' => $popup_width, 'POPUP_HEIGHT' => $popup_height, 'NEW_WINDOW' => $new_window, 'TOOLTIP' => $tooltip, 'CHILDREN' => $children, 'DISPLAY' => $display, 'MENU' => $codename, 'TOP_LEVEL' => $the_level == 1, 'THE_LEVEL' => strval($the_level), 'CURRENT' => $current_page, 'CURRENT_ZONE' => $current_zone);
return array($rendered_branch, $current_page || $expand_this);
}
/**
* Standard code module initialisation function.
*/
function init__site()
{
if (defined('BREADCRUMB_CROP_LENGTH')) {
return;
}
global $HELPER_PANEL_TEXT, $HELPER_PANEL_HTML, $HELPER_PANEL_PIC, $HELPER_PANEL_TUTORIAL;
$HELPER_PANEL_TEXT = '';
$HELPER_PANEL_HTML = '';
$HELPER_PANEL_PIC = '';
$HELPER_PANEL_TUTORIAL = '';
global $REQUEST_PAGE_NEST_LEVEL;
$REQUEST_PAGE_NEST_LEVEL = 0;
global $REDIRECT_CACHE;
$REDIRECT_CACHE = array();
global $REDIRECTED_TO;
$REDIRECTED_TO = NULL;
global $REFRESH_URL, $FORCE_META_REFRESH, $EXTRA_HEAD, $EXTRA_FOOT, $QUICK_REDIRECT;
$REFRESH_URL[0] = '';
$REFRESH_URL[1] = 0;
$FORCE_META_REFRESH = false;
if (!isset($EXTRA_HEAD)) {
$EXTRA_HEAD = new ocp_tempcode();
}
if (!isset($EXTRA_FOOT)) {
$EXTRA_FOOT = new ocp_tempcode();
}
$QUICK_REDIRECT = false;
global $FEED_URL, $FEED_URL_2;
$FEED_URL = NULL;
$FEED_URL_2 = NULL;
global $NON_CANONICAL_PARAMS;
// We only bother listing ones the software itself may inject - otherwise admin responsible for their own curation of canonical settings
$NON_CANONICAL_PARAMS = array('wide_high', 'wide', 'wide_print', 'root', 'filtered', 'utheme', 'active_filter', 'redirected', 'redirect_url', 'redirect', 'redirect_passon');
$canonical_keep_params = explode(',', is_null(get_value('canonical_keep_params')) ? '' : get_value('canonical_keep_params'));
foreach (array_keys($_GET) as $key) {
if (substr($key, 0, 5) == 'keep_' && !@in_array($key, $canonical_keep_params)) {
$NON_CANONICAL_PARAMS[] = $key;
}
}
global $ATTACHED_MESSAGES, $ATTACHED_MESSAGES_RAW, $FAILED_TO_ATTACH_ALL_ERRORS;
$ATTACHED_MESSAGES = new ocp_tempcode();
$ATTACHED_MESSAGES_RAW = array();
$FAILED_TO_ATTACH_ALL_ERRORS = false;
global $DONE_HEADER;
$DONE_HEADER = false;
// We may fill these in from the code, or we may not
global $SEO_KEYWORDS, $SEO_DESCRIPTION, $SEO_TITLE;
$SEO_KEYWORDS = NULL;
$SEO_DESCRIPTION = NULL;
$SEO_TITLE = NULL;
global $PAGE_STRING, $LAST_COMCODE_PARSED_TITLE;
$PAGE_STRING = NULL;
$LAST_COMCODE_PARSED_TITLE = '';
global $BREADCRUMBS, $BREADCRUMB_SET_PARENTS, $BREADCRUMB_EXTRA_SEGMENTS, $DISPLAYED_TITLE, $BREADCRUMB_SET_SELF;
$BREADCRUMBS = NULL;
$BREADCRUMB_SET_PARENTS = array();
$BREADCRUMB_EXTRA_SEGMENTS = new ocp_tempcode();
$DISPLAYED_TITLE = NULL;
$BREADCRUMB_SET_SELF = NULL;
$bcl = get_value('breadcrumb_crop_length');
define('BREADCRUMB_CROP_LENGTH', is_null($bcl) ? 26 : intval($bcl));
global $PT_PAIR_CACHE_CP;
$PT_PAIR_CACHE_CP = array();
global $ATTACH_MESSAGE_CALLED;
$ATTACH_MESSAGE_CALLED = 0;
global $ZONE, $RELATIVE_PATH;
$zone = get_zone_name();
$real_zone = $RELATIVE_PATH == '_tests' || $RELATIVE_PATH == 'data' || $RELATIVE_PATH == 'data_custom' ? get_param('zone', '') : $zone;
$ZONE = persistant_cache_get(array('ZONE', $real_zone));
if ($ZONE === NULL) {
$zones = $GLOBALS['SITE_DB']->query_select('zones', array('*'), array('zone_name' => $real_zone), '', 1);
if (!array_key_exists(0, $zones) && is_dir(get_file_base() . '/' . $real_zone . '/' . 'pages')) {
$GLOBALS['SITE_DB']->query_insert('zones', array('zone_name' => $real_zone, 'zone_title' => insert_lang($real_zone, 1), 'zone_default_page' => 'start', 'zone_header_text' => insert_lang($real_zone, 1), 'zone_theme' => 'default', 'zone_wide' => 0, 'zone_require_session' => 0, 'zone_displayed_in_menu' => 0));
require_code('menus2');
add_menu_item_simple('zone_menu', NULL, $real_zone, $real_zone . ':', 0, 1);
$zones = $GLOBALS['SITE_DB']->query_select('zones z LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'translate t ON ' . db_string_equal_to('language', user_lang()) . ' AND z.zone_header_text=t.id', array('z.*', 'text_original AS zone_header_text_trans'), array('zone_name' => $real_zone), '', 1);
}
if (array_key_exists(0, $zones)) {
$ZONE = $zones[0];
$ZONE['zone_header_text_trans'] = get_translated_text($ZONE['zone_header_text']);
persistant_cache_set(array('ZONE', $real_zone), $ZONE);
}
if ($ZONE === NULL) {
$zones = $GLOBALS['SITE_DB']->query_select('zones', array('*'), array('zone_name' => ''), '', 1);
$ZONE = $zones[0];
$ZONE['zone_header_text_trans'] = get_translated_text($ZONE['zone_header_text']);
warn_exit(do_lang_tempcode('BAD_ZONE', escape_html($real_zone)));
}
unset($zones);
}
if ($ZONE !== NULL && $ZONE['zone_wide'] === NULL) {
$ZONE['zone_wide'] = get_forum_type() == 'ocf' ? $GLOBALS['FORUM_DRIVER']->get_member_row_field(get_member(), 'm_zone_wide') : 1;
}
if ($ZONE['zone_name'] == 'adminzone' || $ZONE['zone_name'] == 'cms') {
require_css('adminzone');
}
$_zone = get_zone_name();
$REDIRECT_CACHE = array($_zone => array());
if (addon_installed('redirects_editor')) {
$redirect = persistant_cache_get(array('REDIRECT', $_zone));
if ($redirect === NULL) {
$redirect = $GLOBALS['SITE_DB']->query_select('redirects', array('*'));
persistant_cache_set(array('REDIRECT', $_zone), $redirect);
}
foreach ($redirect as $r) {
if ($r['r_from_zone'] == $r['r_to_zone'] && $r['r_from_page'] == $r['r_to_page']) {
continue;
}
$REDIRECT_CACHE[$r['r_from_zone']][$r['r_from_page']] = $r;
}
}
// SEO redirection
require_code('urls');
if (can_try_mod_rewrite()) {
$ruri = ocp_srv('REQUEST_URI');
$old_style = get_option('htm_short_urls') != '1';
if (!headers_sent() && running_script('index') && isset($_SERVER['HTTP_HOST']) && count($_POST) == 0 && (strpos($ruri, '/pg/') === false || !$old_style) && (strpos($ruri, '.htm') === false || $old_style)) {
$GLOBALS['HTTP_STATUS_CODE'] = '301';
header('HTTP/1.0 301 Moved Permanently');
header('Location: ' . get_self_url(true));
exit;
}
}
// Search engine having session in URL, we don't like this
if (get_bot_type() !== NULL && isset($_SERVER['HTTP_HOST']) && count($_POST) == 0 && get_param_integer('keep_session', NULL) !== NULL) {
$GLOBALS['HTTP_STATUS_CODE'] = '301';
header('HTTP/1.0 301 Moved Permanently');
header('Location: ' . get_self_url(true, false, array('keep_session' => NULL, 'keep_print' => NULL)));
exit;
}
// Detect bad access domain
global $SITE_INFO;
$access_host = preg_replace('#:.*#', '', ocp_srv('HTTP_HOST'));
if ($access_host != '' && isset($_SERVER['HTTP_HOST'])) {
$parsed_base_url = parse_url(get_base_url());
if (array_key_exists('host', $parsed_base_url) && strtolower($parsed_base_url['host']) != strtolower($access_host)) {
if (!array_key_exists('ZONE_MAPPING_' . get_zone_name(), $SITE_INFO)) {
if ($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
attach_message(do_lang_tempcode('BAD_ACCESS_DOMAIN', escape_html($parsed_base_url['host']), escape_html($access_host)), 'warn');
}
header('Location: ' . str_replace(chr(13), '', str_replace(chr(10), '', str_replace($access_host, $parsed_base_url['host'], get_self_url_easy()))));
exit;
}
}
}
// The most important security check
global $SESSION_CONFIRMED;
get_member();
// Make sure we've loaded our backdoor if installed
require_code('permissions');
if ($ZONE['zone_require_session'] == 1) {
header('X-Frame-Options: SAMEORIGIN');
}
// Clickjacking protection
if ($ZONE['zone_name'] != '' && !is_httpauth_login() && (get_session_id() == -1 || $SESSION_CONFIRMED == 0) && $ZONE['zone_require_session'] == 1 && get_page_name() != 'login') {
access_denied($real_zone == 'data' || has_zone_access(get_member(), $ZONE['zone_name']) ? 'ZONE_ACCESS_SESSION' : 'ZONE_ACCESS', $ZONE['zone_name'], true);
} else {
if ($real_zone == 'data' || has_zone_access(get_member(), $ZONE['zone_name'])) {
global $NON_PAGE_SCRIPT;
if ($NON_PAGE_SCRIPT == 0 && !has_page_access(get_member(), get_page_name(), $ZONE['zone_name'], true)) {
access_denied('PAGE_ACCESS');
}
} else {
/* if ($ZONE['zone_name']=='adminzone') GoogleAds will pick up on ANY URL any go and CRAWL IT. So don't use with googleads unless you want googlead-triggering-heart-attacks ;)
log_hack_attack_and_exit('ADMINZONE_ACCESS_DENIED');*/
if (get_page_name() != 'login') {
access_denied('ZONE_ACCESS', $ZONE['zone_name'], true);
}
}
}
}
/**
* Get a list of zones.
*
* @param ?ID_TEXT The zone in the list to select by default (NULL: use first)
* @param ?array A list of zone to not put into the list (NULL: none to skip)
* @param ?array A reordering (NULL: no reordering)
* @return tempcode The list
*/
function nice_get_zones($sel = NULL, $no_go = NULL, $reorder = NULL)
{
if (is_null($no_go)) {
$no_go = array();
}
if ($sel === 'site' && get_option('collapse_user_zones') == '1') {
$sel = '';
}
$zones = find_all_zones(false, true);
$content = new ocp_tempcode();
if (!is_null($reorder)) {
$_zones_a = array();
$_zones_b = array();
foreach ($zones as $_zone) {
list($zone, $title, ) = $_zone;
if (in_array($zone, $reorder)) {
$_zones_a[] = $_zone;
} else {
$_zones_b[] = $_zone;
}
}
$zones = array_merge($_zones_a, $_zones_b);
}
foreach ($zones as $_zone) {
list($zone, $title, ) = $_zone;
if (has_zone_access(get_member(), $zone) && !in_array($zone, $no_go)) {
$content->attach(form_input_list_entry($zone, !is_null($sel) && $zone == $sel, $title));
}
}
return $content;
}
/**
* Outputs the staff tips iframe.
*
* @param boolean Whether to get the output instead of outputting it directly
* @return ?object Output (NULL: outputted it already)
*/
function staff_tips_script($ret = false)
{
// Check we are allowed here
if (!has_zone_access(get_member(), 'adminzone')) {
access_denied('ZONE_ACCESS');
}
require_css('adminzone');
// Anything to dismiss?
$dismiss = get_param('dismiss', '');
if ($dismiss != '') {
$GLOBALS['SITE_DB']->query_delete('staff_tips_dismissed', array('t_tip' => $dismiss, 't_member' => get_member()), '', 1);
$GLOBALS['SITE_DB']->query_insert('staff_tips_dismissed', array('t_tip' => $dismiss, 't_member' => get_member()));
}
// What tips have been permanently dismissed by the current member?
$read = collapse_1d_complexity('t_tip', $GLOBALS['SITE_DB']->query_select('staff_tips_dismissed', array('t_tip'), array('t_member' => get_member())));
// Load up tips by searching for the correctly named language files; also choose level
require_lang('tips');
$tips = array();
$level = 0;
$letters = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z');
for ($i = 0; $i < 5; $i++) {
$tips[$i] = array();
foreach ($letters as $j) {
$tip_id = strval($i) . $j;
if (!in_array($tip_id, $read)) {
$lang2 = do_lang('TIP_' . $tip_id, NULL, NULL, NULL, NULL, false);
if (!is_null($lang2)) {
$lang = do_lang_tempcode('TIP_' . $tip_id);
$tips[$i][$tip_id] = $lang;
}
}
}
if (count($tips[$level]) == 0) {
$level = $i + 1;
}
}
// Choose a tip from the level we're on
if (!array_key_exists($level, $tips)) {
$tip = do_lang_tempcode('ALL_TIPS_READ');
$level = 5;
$tip_code = '';
$count = 0;
} else {
$tip_pool = array_values($tips[$level]);
$count = count($tip_pool);
$choose_id = mt_rand(0, $count - 1);
$tip = $tip_pool[$choose_id];
$tip_keys = array_keys($tips[$level]);
$tip_code = $tip_keys[$choose_id];
}
$content = do_template('BLOCK_MAIN_STAFF_TIPS', array('_GUID' => 'c2cffc480b7bd9beef7f78a8ee7b7359', 'TIP' => $tip, 'TIP_CODE' => $tip_code, 'LEVEL' => integer_format($level), 'COUNT' => integer_format($count)));
if ($ret) {
return $content;
}
global $EXTRA_HEAD;
if (!isset($EXTRA_HEAD)) {
$EXTRA_HEAD = new ocp_tempcode();
}
$EXTRA_HEAD->attach('<meta name="robots" content="noindex" />');
// XHTMLXHTML
// Display
$echo = do_template('STYLED_HTML_WRAP', array('_GUID' => '3b5596a12c46295081f09ebe5349a479', 'FRAME' => true, 'TITLE' => do_lang_tempcode('TIPS'), 'CONTENT' => $content));
$echo->handle_symbol_preprocessing();
$echo->evaluate_echo();
return NULL;
}
/**
* The UI to do a search.
*
* @return tempcode The UI
*/
function form()
{
global $NON_CANONICAL_PARAMS;
$id = get_param('id', '');
$title = get_page_title('SEARCH_TITLE');
require_code('templates_internalise_screen');
if ($id != '') {
require_code('hooks/modules/search/' . filter_naughty_harsh($id), true);
$object = object_factory('Hook_search_' . filter_naughty_harsh($id));
$info = $object->info();
if (!is_null($info)) {
$title = get_page_title('_SEARCH_TITLE', true, array($info['lang']));
}
breadcrumb_set_parents(array(array('_SELF:_SELF', do_lang_tempcode('SEARCH_FOR'))));
breadcrumb_set_self($info['lang']);
$under = get_param('search_under', '!', true);
if (!is_null($info) && method_exists($object, 'get_tree')) {
$object->get_tree($under);
}
if (!is_null($info)) {
$test_tpl = internalise_own_screen($title);
} else {
$test_tpl = NULL;
}
} else {
$test_tpl = internalise_own_screen($title);
}
if (is_object($test_tpl)) {
return $test_tpl;
}
require_javascript('javascript_ajax');
require_javascript('javascript_ajax_people_lists');
$content = get_param('content', NULL, true);
$user_label = do_lang_tempcode('SEARCH_USER');
$days_label = do_lang_tempcode('SUBMITTED_WITHIN');
$extra_sort_fields = array();
if ($id != '') {
$url_map = array('page' => '_SELF', 'type' => 'results', 'id' => $id, 'specific' => 1);
$catalogue_name = get_param('catalogue_name', '');
if ($catalogue_name != '') {
$url_map['catalogue_name'] = $catalogue_name;
}
$force_non_tabular = get_param_integer('force_non_tabular', 0);
if ($force_non_tabular == 1) {
$url_map['force_non_tabular'] = 1;
}
$url = build_url($url_map, '_SELF', NULL, false, true);
require_code('hooks/modules/search/' . filter_naughty_harsh($id), true);
$object = object_factory('Hook_search_' . filter_naughty_harsh($id));
$info = $object->info();
if (is_null($info)) {
warn_exit(do_lang_tempcode('SEARCH_HOOK_NOT_AVAILABLE'));
}
if (array_key_exists('user_label', $info)) {
$user_label = $info['user_label'];
}
if (array_key_exists('days_label', $info)) {
$days_label = $info['days_label'];
}
$extra_sort_fields = array_key_exists('extra_sort_fields', $info) ? $info['extra_sort_fields'] : array();
$under = NULL;
if (method_exists($object, 'ajax_tree')) {
require_javascript('javascript_tree_list');
require_javascript('javascript_more');
$ajax = true;
$under = get_param('search_under', '', true);
list($ajax_hook, $ajax_options) = $object->ajax_tree();
require_code('hooks/systems/ajax_tree/' . $ajax_hook);
$tree_hook_object = object_factory('Hook_' . $ajax_hook);
$simple_content = $tree_hook_object->simple(NULL, $ajax_options, preg_replace('#,.*$#', '', $under));
$nice_label = $under;
if (!is_null($under)) {
$simple_content_evaluated = $simple_content->evaluate();
$matches = array();
if (preg_match('#<option [^>]*value="' . str_replace('#', '\\#', preg_quote($under)) . '(' . (strpos($under, ',') === false ? ',' : '') . '[^"]*)?"[^>]*>([^>]* > )?([^>]*)</option>#', $simple_content_evaluated, $matches) != 0) {
if (strpos($under, ',') === false) {
$under = $under . $matches[1];
}
$nice_label = trim($matches[3]);
}
}
require_code('form_templates');
$tree = do_template('FORM_SCREEN_INPUT_TREE_LIST', array('_GUID' => '25368e562be3b4b9c6163aa008b47c91', 'TABINDEX' => strval(get_form_field_tabindex()), 'NICE_LABEL' => is_null($nice_label) || $nice_label == '-1' ? '' : $nice_label, 'END_OF_FORM' => true, 'REQUIRED' => '', 'USE_SERVER_ID' => false, 'NAME' => 'search_under', 'DEFAULT' => $under, 'HOOK' => $ajax_hook, 'ROOT_ID' => '', 'OPTIONS' => serialize($ajax_options)));
} else {
$ajax = false;
$tree = form_input_list_entry('!', false, do_lang_tempcode('NA_EM'));
if (method_exists($object, 'get_tree')) {
$under = get_param('search_under', '!', true);
$tree->attach($object->get_tree($under));
}
}
$options = new ocp_tempcode();
if (array_key_exists('special_on', $info)) {
foreach ($info['special_on'] as $name => $display) {
$options->attach(do_template('SEARCH_FOR_SEARCH_DOMAIN_OPTION', array('_GUID' => 'c1853f42d0a110026453f8b94c9f623c', 'CHECKED' => is_null($content) || get_param_integer('option_' . $id . '_' . $name, 0) == 1, 'NAME' => 'option_' . $id . '_' . $name, 'DISPLAY' => $display)));
}
}
if (array_key_exists('special_off', $info)) {
foreach ($info['special_off'] as $name => $display) {
$options->attach(do_template('SEARCH_FOR_SEARCH_DOMAIN_OPTION', array('_GUID' => '2223ada7636c85e6879feb9a6f6885d2', 'CHECKED' => get_param_integer('option_' . $id . '_' . $name, 0) == 1, 'NAME' => 'option_' . $id . '_' . $name, 'DISPLAY' => $display)));
}
}
if (method_exists($object, 'get_fields')) {
$fields = $object->get_fields();
foreach ($fields as $field) {
$options->attach(do_template('SEARCH_FOR_SEARCH_DOMAIN_OPTION' . $field['TYPE'], array('_GUID' => 'a223ada7636c85e6879feb9a6f6885d2', 'NAME' => 'option_' . $field['NAME'], 'DISPLAY' => $field['DISPLAY'], 'SPECIAL' => $field['SPECIAL'], 'CHECKED' => array_key_exists('checked', $field) ? $field['CHECKED'] : false)));
}
}
$specialisation = do_template('SEARCH_ADVANCED', array('_GUID' => 'fad0c147b8291ba972f105c65715f1ac', 'AJAX' => $ajax, 'OPTIONS' => $options, 'TREE' => $tree, 'UNDERNEATH' => !is_null($under)));
} else {
$map = array('page' => '_SELF', 'type' => 'results');
$under = get_param('search_under', '-1', true);
if ($under != '-1') {
$map['search_under'] = $under;
}
$url = build_url($map, '_SELF', NULL, false, true);
$search_domains = new ocp_tempcode();
$_search_domains = array();
$_hooks = find_all_hooks('modules', 'search');
foreach (array_keys($_hooks) as $hook) {
require_code('hooks/modules/search/' . filter_naughty_harsh($hook));
$object = object_factory('Hook_search_' . filter_naughty_harsh($hook), true);
if (is_null($object)) {
continue;
}
$info = $object->info();
if (is_null($info)) {
continue;
}
$NON_CANONICAL_PARAMS[] = 'search_' . $hook;
$is_default_or_advanced = $info['default'] && $id == '' || $hook == $id;
$checked = get_param_integer('search_' . $hook, is_null($content) || get_param_integer('all_defaults', 0) == 1 ? $is_default_or_advanced ? 1 : 0 : 0) == 1;
$options = array_key_exists('special_on', $info) || array_key_exists('special_off', $info) || array_key_exists('extra_sort_fields', $info) || method_exists($object, 'get_fields') || method_exists($object, 'get_tree') || method_exists($object, 'get_ajax_tree') ? build_url(array('page' => '_SELF', 'id' => $hook), '_SELF', NULL, false, true) : new ocp_tempcode();
$_search_domains[] = array('_GUID' => '3d3099872184923aec0f49388f52c750', 'ADVANCED_ONLY' => array_key_exists('advanced_only', $info) && $info['advanced_only'], 'CHECKED' => $checked, 'OPTIONS' => $options, 'LANG' => $info['lang'], 'NAME' => $hook);
}
global $M_SORT_KEY;
$M_SORT_KEY = 'LANG';
usort($_search_domains, 'multi_sort');
foreach ($_search_domains as $sd) {
$search_domains->attach(do_template('SEARCH_FOR_SEARCH_DOMAIN', $sd));
}
$specialisation = do_template('SEARCH_DOMAINS', array('_GUID' => '1fd8718b540ec475988070ee7a444dc1', 'SEARCH_DOMAINS' => $search_domains));
}
$author = get_param('author', '');
$author_id = $author != '' ? $GLOBALS['FORUM_DRIVER']->get_member_from_username($author) : NULL;
$days = get_param_integer('days', 60);
$sort = get_param('sort', 'relevance');
$direction = get_param('direction', 'DESC');
if (!in_array(strtoupper($direction), array('ASC', 'DESC'))) {
log_hack_attack_and_exit('ORDERBY_HACK');
}
$NON_CANONICAL_PARAMS[] = 'sort';
$NON_CANONICAL_PARAMS[] = 'direction';
$only_titles = get_param_integer('only_titles', 0) == 1;
$search_under = get_param('search_under', '!', true);
if ($search_under == '') {
$search_under = '!';
}
$boolean_operator = get_param('conjunctive_operator', 'OR');
$NON_CANONICAL_PARAMS[] = 'search_under';
$NON_CANONICAL_PARAMS[] = 'all_defaults';
$NON_CANONICAL_PARAMS[] = 'days';
$NON_CANONICAL_PARAMS[] = 'only_titles';
$NON_CANONICAL_PARAMS[] = 'conjunctive_operator';
$NON_CANONICAL_PARAMS[] = 'boolean_search';
$NON_CANONICAL_PARAMS[] = 'only_search_meta';
$NON_CANONICAL_PARAMS[] = 'content';
$NON_CANONICAL_PARAMS[] = 'author';
$test = db_has_full_text($GLOBALS['SITE_DB']->connection_read);
$old_mysql = !$test;
$can_order_by_rating = db_has_subqueries($GLOBALS['SITE_DB']->connection_read);
// Perform search, if we did one
$out = NULL;
$results_browser = '';
$num_results = 0;
if (!is_null($content)) {
list($out, $results_browser, $num_results) = $this->results($id, $author, $author_id, $days, $sort, $direction, $only_titles, $search_under);
if (has_zone_access(get_member(), 'adminzone')) {
$admin_search_url = build_url(array('page' => 'admin', 'type' => 'search', 'search_content' => $content), 'adminzone');
attach_message(do_lang_tempcode('ALSO_ADMIN_ZONE_SEARCH', escape_html($admin_search_url->evaluate())), 'inform');
}
}
return do_template('SEARCH_FORM_SCREEN', array('_GUID' => '8bb208185740183323a6fe6e89d55de5', 'SEARCH_TERM' => is_null($content) ? '' : $content, 'NUM_RESULTS' => integer_format($num_results), 'CAN_ORDER_BY_RATING' => $can_order_by_rating, 'EXTRA_SORT_FIELDS' => $extra_sort_fields, 'USER_LABEL' => $user_label, 'DAYS_LABEL' => $days_label, 'BOOLEAN_SEARCH' => $this->_is_boolean_search(), 'AND' => $boolean_operator == 'AND', 'ONLY_TITLES' => $only_titles, 'DAYS' => is_null($days) ? '' : strval($days), 'SORT' => $sort, 'DIRECTION' => $direction, 'CONTENT' => $content, 'RESULTS' => $out, 'RESULTS_BROWSER' => $results_browser, 'OLD_MYSQL' => $old_mysql, 'TITLE' => $title, 'AUTHOR' => $author, 'SPECIALISATION' => $specialisation, 'URL' => $url));
}
/**
* Evaluate a conventional tempcode variable, handling escaping
*
* @param LANGUAGE_NAME The language to evaluate this symbol in (some symbols refer to language elements)
* @param array Array of escaping operations
* @param integer The type of symbol this is (TC_SYMBOL, TC_LANGUAGE_REFERENCE)
* @set 0 2
* @param ID_TEXT The name of the symbol
* @param array Parameters to the symbol. For all but directive it is an array of strings. For directives it is an array of Tempcode objects. Actually there may be template-style parameters in here, as an influence of singular_bind and these may be Tempcode, but we ignore them.
* @return mixed The result. Either tempcode, or a string.
*/
function ecv($lang, $escaped, $type, $name, $param)
{
global $TEMPCODE_SETGET, $CYCLES, $PREPROCESSABLE_SYMBOLS, $DISPLAYED_TITLE;
//echo '<!--'.$name.'-->'."\n";
if ($type == TC_SYMBOL) {
$escaped_codes = $name . ($escaped == array() ? '' : serialize($escaped));
$cacheable = $param == array() && !isset($GLOBALS['NON_CACHEABLE_SYMBOLS'][$name]);
if ($cacheable) {
global $SYMBOL_CACHE;
if (isset($SYMBOL_CACHE[$escaped_codes])) {
return $SYMBOL_CACHE[$escaped_codes];
}
}
$value = '';
if ($GLOBALS['XSS_DETECT']) {
ocp_mark_as_escaped($value);
}
$temp_array = array();
if (isset($PREPROCESSABLE_SYMBOLS[$name]) && $name != 'PAGE_LINK') {
handle_symbol_preprocessing(array($escaped, $type, $name, $param), $temp_array);
}
// Late preprocessing. Should not be needed in case of full screen output (as this was properly preprocessed), but is in other cases
switch ($name) {
case 'PAGE_LINK':
if (isset($param[0])) {
list($zone, $map, $hash) = page_link_decode(is_object($param[0]) ? $param[0]->evaluate() : $param[0]);
$skip = NULL;
if (isset($param[4])) {
$skip = array_flip(explode('|', $param[4]));
}
$avoid_remap = isset($param[1]) && $param[1] == '1';
$skip_keep = isset($param[2]) && $param[2] == '1';
$keep_all = isset($param[3]) && $param[3] == '1';
foreach ($map as $key => $val) {
if (is_object($val)) {
$map[$key] = $val->evaluate();
}
}
$value = _build_url($map, $zone, $skip, $keep_all, $avoid_remap, $skip_keep, $hash);
} else {
$value = get_zone_name() . ':' . get_page_name();
foreach ($_GET as $key => $val) {
if ($key == 'page') {
continue;
}
if (is_array($val)) {
continue;
}
if (substr($key, 0, 5) == 'keep_' && !skippable_keep($key, $val)) {
continue;
}
$value .= ':' . $key . '=' . $val;
}
}
break;
case 'SET':
if (isset($param[1])) {
if (isset($param[1]) && is_object($param[1])) {
$TEMPCODE_SETGET[$param[0]] = $param[1];
} else {
$param_copy = $param;
unset($param_copy[0]);
$TEMPCODE_SETGET[$param[0]] = implode(',', $param_copy);
}
}
break;
case 'GET':
if (isset($param[0])) {
if (isset($TEMPCODE_SETGET[$param[0]])) {
if (is_object($TEMPCODE_SETGET[$param[0]])) {
$TEMPCODE_SETGET[$param[0]] = $TEMPCODE_SETGET[$param[0]]->evaluate();
}
$value = $TEMPCODE_SETGET[$param[0]];
}
}
break;
case 'EQ':
if (isset($param[1])) {
$first = array_shift($param);
$count = 0;
foreach ($param as $test) {
if ($first == $test) {
$count++;
break;
}
}
$value = $count != 0 ? '1' : '0';
}
break;
case 'NEQ':
if (isset($param[1])) {
$first = array_shift($param);
$count = 0;
foreach ($param as $test) {
if ($first == $test) {
$count++;
}
}
$value = $count == 0 ? '1' : '0';
}
break;
case 'NOT':
if (isset($param[0])) {
$value = $param[0] == '1' || $param[0] == '1' ? '0' : '1';
}
break;
case 'OR':
$count = 0;
foreach ($param as $test) {
if ($test == '1' || $test == '1') {
$count++;
}
}
$value = $count > 0 ? '1' : '0';
break;
case 'AND':
$count = 0;
foreach ($param as $test) {
if ($test == '1' || $test == '1') {
$count++;
}
}
$value = $count == count($param) ? '1' : '0';
break;
case 'HAS_ACTUAL_PAGE_ACCESS':
if (isset($param[0])) {
$value = has_actual_page_access($param !== NULL && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], isset($param[1]) ? $param[1] : NULL) ? '1' : '0';
}
break;
case '?':
if (isset($param[1])) {
$value = $param[0] == '1' || $param[0] == '1' ? $param[1] : (isset($param[2]) ? $param[2] : $value);
}
break;
case 'IMG':
if (isset($param[0]) && isset($GLOBALS['SITE_DB']) && function_exists('find_theme_image') && $GLOBALS['IN_MINIKERNEL_VERSION'] == 0) {
$value = find_theme_image($param[0], isset($param[3]) && $param[3] == '1', false, array_key_exists(2, $param) && $param[2] != '' ? $param[2] : NULL, NULL, isset($param[1]) && $param[1] == '1' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB']);
}
break;
case '':
break;
case 'META_DATA':
if (isset($param[0])) {
global $META_DATA;
if (isset($param[1])) {
$matches = array();
if ($param[0] == 'image' && preg_match('#^' . preg_quote(find_script('attachment'), '#') . '\\?id=(\\d+)#', $param[1], $matches) != 0) {
require_code('attachments');
if (!has_attachment_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), intval($matches[1]))) {
break;
}
}
$META_DATA[$param[0]] = $param[1];
} else {
$value = isset($META_DATA[$param[0]]) ? strip_comcode($META_DATA[$param[0]]) : '';
if ($value === NULL) {
$value = '';
}
}
}
break;
case 'SPECIAL_CLICK_TO_EDIT':
$_value = do_lang_tempcode('SPECIAL_CLICK_TO_EDIT');
$value = $_value->evaluate();
break;
case 'KEEP':
// What needs preserving in the URL
$value = keep_symbol($param);
break;
case 'BROWSER':
if (isset($param[1])) {
$q = false;
foreach (explode('|', $param[0]) as $browser) {
$q = browser_matches($browser);
if ($q) {
break;
}
}
$value = $q ? $param[1] : (isset($param[2]) ? $param[2] : '');
if ($GLOBALS['XSS_DETECT']) {
ocp_mark_as_escaped($value);
}
}
break;
case 'JAVASCRIPT_INCLUDE':
if (isset($param[0])) {
require_javascript($param[0]);
/*// Has to do this inline, as you're not allowed to reference scripts outside head
if (!array_key_exists($param[0],$GLOBALS['JAVASCRIPTS']))
{
$GLOBALS['JAVASCRIPTS'][$param[0]]=1;
$file=javascript_enforce($param[0]);
$_value=do_template('JAVASCRIPT_NEED_INLINE',array('_GUID'=>'d6c907e26c5a8dd8c65f1d36a1a674a9','CODE'=>file_get_contents($file,FILE_TEXT)));
$value=$_value->evaluate();
}*/
}
break;
case 'FACILITATE_AJAX_BLOCK_CALL':
if (isset($param[0])) {
require_javascript('javascript_ajax');
require_code('blocks');
$_block_constraints = block_params_to_block_signature(block_params_str_to_arr($param[0]));
if (array_key_exists(1, $param)) {
$_block_constraints = array_merge($_block_constraints, block_params_str_to_arr($param[1]));
ksort($_block_constraints);
}
$block_constraints = block_params_arr_to_str($_block_constraints);
// Store permissions
$_auth_key = $GLOBALS['SITE_DB']->query_select('temp_block_permissions', array('id', 'p_time'), array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints), '', 1);
if (!array_key_exists(0, $_auth_key)) {
$auth_key = $GLOBALS['SITE_DB']->query_insert('temp_block_permissions', array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints, 'p_time' => time()), true);
} else {
$auth_key = $_auth_key[0]['id'];
if (time() - $_auth_key[0]['p_time'] > 100) {
$GLOBALS['SITE_DB']->query_update('temp_block_permissions', array('p_time' => time()), array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints), '', 1);
}
}
$keep = symbol_tempcode('KEEP');
$value = find_script('snippet') . '?snippet=block&auth_key=' . urlencode(strval($auth_key)) . '&block_map=' . urlencode($param[0]) . $keep->evaluate();
}
break;
case 'LANG':
$value = user_lang();
break;
case '_GET':
if (isset($param[0])) {
$value = get_param($param[0], isset($param[1]) ? $param[1] : '', true);
}
break;
case 'QUERY_STRING':
$value = ocp_srv('QUERY_STRING');
break;
case 'USER_AGENT':
$value = ocp_srv('HTTP_USER_AGENT');
break;
case 'STRIP_TAGS':
if (isset($param[0])) {
if (isset($param[1]) && $param[1] == '1') {
$value = strip_tags(str_replace('))', ')', str_replace('((', '(', str_replace('<em>', '(', str_replace('</em>', ')', $param[0])))));
} else {
$value = strip_tags($param[0], array_key_exists(2, $param) ? $param[2] : '');
}
if (isset($param[1]) && $param[1] == '1') {
$value = @html_entity_decode($value, ENT_QUOTES, get_charset());
}
}
break;
case 'CONFIG_OPTION':
if (isset($param[0])) {
if (!isset($GLOBALS['OPTIONS'])) {
$value = '0';
} else {
$value = get_option($param[0], true);
if ($value === NULL) {
$value = '';
}
}
}
break;
case 'TRUNCATE_LEFT':
// Truncate the left length of a string. 0: text to truncate, 1: the truncate length, 2: whether to use a tooltip mouse-over if it is truncated, 3: whether it is encoded as HTML (0=no [default, plain-text], 1=yes)
$value = symbol_truncator($param, 'left');
break;
case 'TRUNCATE_RIGHT':
$value = symbol_truncator($param, 'right');
break;
case 'TRUNCATE_SPREAD':
$value = symbol_truncator($param, 'spread');
break;
case 'TRUNCATE_EXPAND':
$value = symbol_truncator($param, 'expand');
break;
case 'THEME':
if (isset($GLOBALS['FORUM_DRIVER'])) {
$value = $GLOBALS['FORUM_DRIVER']->get_theme();
} else {
$value = 'default';
}
break;
case 'REVERSE':
if (isset($param[0])) {
$value = implode(',', array_reverse(explode(',', $param[0])));
}
break;
case 'COMMA_LIST_GET':
if (isset($param[1])) {
require_code('blocks');
$values = block_params_str_to_arr($param[0]);
$value = isset($values[$param[1]]) ? $values[$param[1]] : '';
}
break;
case 'COMMA_LIST_SET':
if (isset($param[2])) {
require_code('blocks');
$values = block_params_str_to_arr($param[0]);
$values[$param[1]] = $param[2];
$value = block_params_arr_to_str($values);
}
break;
case 'IS_EMPTY':
if (isset($param[0])) {
$value = $param[0] == '' ? '1' : '0';
}
break;
case 'IS_NON_EMPTY':
if (isset($param[0])) {
$value = $param[0] != '' ? '1' : '0';
}
break;
case 'CUSTOM_BASE_URL':
$value = get_custom_base_url(isset($param[0]) && $param[0] != '' ? $param[0] == '1' : NULL);
if (isset($param[1]) && $param[1] == '1') {
$value = cdn_filter($value);
}
break;
case 'LOAD_PANEL':
foreach ($param as $i => $p) {
if (is_object($p)) {
$param[$i] = $p->evaluate();
}
}
global $LOADED_PANELS;
if (strpos($param[0], ':') !== false) {
$param = array_reverse(explode(':', $param[0], 2));
}
if (substr($param[0], 0, 6) == 'panel_') {
$param[0] = substr($param[0], 6);
}
$sr = serialize($param);
$value = array_key_exists($sr, $LOADED_PANELS) ? $LOADED_PANELS[$sr] : '';
break;
case 'HAS_JS':
case 'JS_ON':
if (isset($param[1])) {
$value = has_js() ? $param[0] : $param[1];
} else {
$value = has_js() ? '1' : '0';
}
break;
case 'BASE_URL_NOHTTP':
$value = preg_replace('#^https?://[^/]+#', '', get_base_url());
if (substr($value, 0, 2) == '//') {
$value = substr($value, 1);
}
if (!$GLOBALS['DEBUG_MODE']) {
break;
}
// Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
// Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
case 'CUSTOM_BASE_URL_NOHTTP':
$value = preg_replace('#^https?://[^/]+/#', '/', get_custom_base_url());
if (substr($value, 0, 2) == '//') {
$value = substr($value, 1);
}
if (!$GLOBALS['DEBUG_MODE']) {
break;
}
// Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
// Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
case 'BASE_URL':
$value = get_base_url(isset($param[0]) ? $param[0] == '1' : NULL);
break;
case 'ZONE':
$value = get_zone_name();
break;
case 'PAGE':
$value = get_page_name();
break;
case 'SITE_NAME':
$value = get_site_name();
break;
case 'HEADER_TEXT':
global $ZONE;
$value = $ZONE['zone_header_text_trans'];
break;
case 'PANEL_WIDTH':
if (isset($TEMPCODE_SETGET['PANEL_WIDTH']) && $TEMPCODE_SETGET['PANEL_WIDTH'] != '') {
$value = $TEMPCODE_SETGET['PANEL_WIDTH'];
} else {
$value = get_option('panel_width', true);
if ($value === NULL) {
$value = '13.3em';
}
}
break;
case 'PANEL_WIDTH_SPACED':
if (isset($TEMPCODE_SETGET['PANEL_WIDTH_SPACED']) && $TEMPCODE_SETGET['PANEL_WIDTH_SPACED'] != '') {
$value = $TEMPCODE_SETGET['PANEL_WIDTH_SPACED'];
} else {
$value = get_option('panel_width_spaced', true);
if (is_null($value)) {
$value = '14.3em';
}
}
break;
case 'TRIM':
if (isset($param[0])) {
$value = preg_replace(array('#^\\s+#', '#^(<br\\s*/?' . '>\\s*)+#', '#^( )+#', '#\\s+$#', '#(<br\\s*/?' . '>\\s*)+$#', '#( )+$#'), array('', '', '', '', '', ''), $param[0]);
}
break;
case 'CPF_VALUE':
if (isset($param[0])) {
if (is_numeric($param[0])) {
require_code('ocf_members');
$fields = ocf_get_custom_fields_member(isset($param[1]) ? intval($param[1]) : get_member());
if (array_key_exists(intval($param[0]), $fields)) {
$_value = $fields[intval($param[0])];
}
} elseif (substr($param[0], 0, 2) == 'm_' && strpos(strtolower($param[0]), 'hash') === false && strpos(strtolower($param[0]), 'salt') === false) {
$_value = $GLOBALS['FORUM_DRIVER']->get_member_row_field(isset($param[1]) ? intval($param[1]) : get_member(), $param[0]);
} else {
$_value = get_ocp_cpf($param[0], isset($param[1]) ? intval($param[1]) : NULL);
}
if (!is_string($_value)) {
$value = is_null($_value) ? '' : strval($_value);
} else {
$value = $_value;
}
}
break;
case 'BANNER':
if (addon_installed('banners')) {
global $SITE_INFO;
$is_on_banners = get_option('is_on_banners') == '1' && (!has_specific_permission(get_member(), 'banner_free') || $GLOBALS['FORUM_DRIVER']->is_super_admin(get_member()) && get_option('admin_banners') == '1' || !is_null($GLOBALS['CURRENT_SHARE_USER']));
if (array_key_exists('throttle_bandwidth_registered', $SITE_INFO)) {
$views_till_now = intval(get_value('page_views'));
$bandwidth_allowed = $SITE_INFO['throttle_bandwidth_registered'];
$total_bandwidth = intval(get_value('download_bandwidth'));
if ($bandwidth_allowed * 1024 * 1024 >= $total_bandwidth) {
$is_on_banners = false;
}
}
if ($is_on_banners && !is_page_https(get_zone_name(), get_page_name())) {
require_code('banners');
$b_type = isset($param[0]) ? $param[0] : '';
$internal_only = isset($param[1]) ? intval($param[1]) : ($b_type == '' ? 0 : 1);
if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
$_value = banners_script(true, '', '', $b_type, $internal_only, '');
$value = $_value->evaluate();
} else {
$value = 'Banner goes here';
}
}
}
break;
case 'AVATAR':
$value = $GLOBALS['FORUM_DRIVER']->get_member_avatar_url(isset($param[0]) ? intval($param[0]) : get_member());
if (url_is_local($value) && $value != '') {
$value = get_custom_base_url() . '/' . $value;
}
break;
case 'IS_GUEST':
if (isset($param[0])) {
$value = is_guest(intval($param[0])) ? '1' : '0';
} else {
$value = is_guest() ? '1' : '0';
}
break;
case 'MEMBER':
$value = strval(get_member());
break;
case 'USER':
if (!isset($param[0])) {
$value = strval(get_member());
} else {
$member_id = $GLOBALS['FORUM_DRIVER']->get_member_from_username($param[0]);
$value = is_null($member_id) ? '' : strval($member_id);
}
break;
case 'CSS_INCLUDE':
if (isset($param[0])) {
require_css($param[0]);
/*// Has to do this inline, as you're not allowed to reference sheets outside head
if (!array_key_exists($param[0],$GLOBALS['CSSS']))
{
$GLOBALS['CSSS'][$param[0]]=1;
$file=css_enforce($param[0]);
$_value=do_template('CSS_NEED_INLINE',array('_GUID'=>'9de994d2f6d47a622d49347feb7ebe96','CSS'=>str_replace('../../../../',get_base_url().'/',file_get_contents($file,FILE_TEXT))));
$value=$_value->evaluate();
}*/
}
break;
case 'USER_OVERIDE':
$value = get_param('id', '');
if (!is_numeric($value) || $value == '') {
$value = strval(get_member());
}
break;
case 'IS_HTTPAUTH_LOGIN':
$value = is_httpauth_login() ? '1' : '0';
break;
case 'MEMBER_PROFILE_LINK':
$value = $GLOBALS['FORUM_DRIVER']->member_profile_url(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member(), false, true);
if (is_null($value)) {
$value = '';
}
break;
case 'USERNAME':
$value = $GLOBALS['FORUM_DRIVER']->get_username(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member());
if (is_null($value)) {
$value = do_lang('UNKNOWN');
}
break;
case 'CYCLE':
if (isset($param[0])) {
if (!isset($CYCLES[$param[0]])) {
$CYCLES[$param[0]] = 0;
}
if (!isset($param[1])) {
$value = strval($CYCLES[$param[0]]);
} else {
if (count($param) == 2) {
$param = array_merge(array($param[0]), explode(',', $param[1]));
}
++$CYCLES[$param[0]];
if (!array_key_exists($CYCLES[$param[0]], $param)) {
$CYCLES[$param[0]] = 1;
}
$value = $param[$CYCLES[$param[0]]];
}
}
break;
case 'THUMBNAIL':
require_code('images');
$value = _symbol_thumbnail($param);
break;
case 'IMAGE_WIDTH':
require_code('images');
list($value, ) = _symbol_image_dims($param);
break;
case 'IMAGE_HEIGHT':
require_code('images');
list(, $value) = _symbol_image_dims($param);
break;
case 'IS_IN_GROUP':
if (isset($param[0])) {
if (in_array($param[count($param) - 1], array('', 'primary', 'secondary'))) {
$last_param = $param[count($param) - 1];
unset($param[count($param) - 1]);
} else {
$last_param = '';
}
$member_id = get_member();
$new_param = '';
$param_2 = array();
foreach ($param as $group) {
if (substr($group, 0, 1) == '!' && is_numeric(substr($group, 1))) {
$member_id = intval(substr($group, 1));
} else {
$param_2 = array_merge($param_2, explode(',', $group));
}
}
foreach ($param_2 as $group) {
if ($new_param != '') {
$new_param .= ',';
}
$new_param .= $group;
}
if ($last_param == 'primary') {
$member_row = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id);
$real_group_list = array($GLOBALS['FORUM_DRIVER']->pname_group($member_row));
} elseif ($last_param == 'secondary') {
$real_group_list = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id);
$member_row = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id);
$real_group_list = array_diff($real_group_list, array($GLOBALS['FORUM_DRIVER']->pname_group($member_row)));
} else {
$real_group_list = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id);
}
require_code('ocfiltering');
$value = count(array_intersect(ocfilter_to_idlist_using_memory($new_param, $GLOBALS['FORUM_DRIVER']->get_usergroup_list()), $real_group_list)) != 0 ? '1' : '0';
}
break;
case 'IS_STAFF':
if (isset($GLOBALS['FORUM_DRIVER'])) {
$value = $GLOBALS['FORUM_DRIVER']->is_staff(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()) ? '1' : '0';
} else {
$value = '0';
}
break;
case 'IS_SUPER_ADMIN':
if (isset($GLOBALS['FORUM_DRIVER'])) {
$value = $GLOBALS['FORUM_DRIVER']->is_super_admin(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()) ? '1' : '0';
} else {
$value = '0';
}
break;
case 'PHOTO':
if (isset($param[0])) {
$value = $GLOBALS['FORUM_DRIVER']->get_member_photo_url(intval($param[0]));
if (url_is_local($value) && $value != '') {
$value = get_custom_base_url() . '/' . $value;
}
}
break;
case 'OCF_RANK_IMAGE':
if (addon_installed('ocf_forum')) {
require_code('ocf_groups');
$rank_images = new ocp_tempcode();
$member_id = isset($param[0]) ? intval($param[0]) : get_member();
$posters_groups = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id, true);
foreach ($posters_groups as $group) {
$rank_image = ocf_get_group_property($group, 'rank_image');
$group_leader = ocf_get_group_property($group, 'group_leader');
$group_name = ocf_get_group_name($group);
$rank_image_pri_only = ocf_get_group_property($group, 'rank_image_pri_only');
if ($rank_image != '' && ($rank_image_pri_only == 0 || $group == $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_primary_group'))) {
$rank_images->attach(do_template('OCF_RANK_IMAGE', array('USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($member_id), 'GROUP_NAME' => $group_name, 'IMG' => $rank_image, 'IS_LEADER' => $group_leader == $member_id)));
}
}
$value = $rank_images->evaluate();
}
break;
case 'TOTAL_POINTS':
if (addon_installed('points')) {
require_code('points');
$value = strval(total_points(isset($param[0]) ? intval($param[0]) : get_member()));
}
break;
case 'POINTS_USED':
if (addon_installed('points')) {
require_code('points');
$value = strval(points_used(isset($param[0]) ? intval($param[0]) : get_member()));
}
break;
case 'AVAILABLE_POINTS':
if (addon_installed('points')) {
require_code('points');
$value = strval(available_points(isset($param[0]) ? intval($param[0]) : get_member()));
}
break;
case 'URL_FOR_GET_FORM':
if (isset($param[0])) {
$url_bits = parse_url($param[0]);
if (array_key_exists('scheme', $url_bits)) {
$value = $url_bits['scheme'] . '://' . (array_key_exists('host', $url_bits) ? $url_bits['host'] : 'localhost');
if (array_key_exists('port', $url_bits) && $url_bits['port'] != 80) {
$value .= ':' . strval($url_bits['port']);
}
}
if (array_key_exists('path', $url_bits)) {
$value .= $url_bits['path'];
}
}
break;
case 'HIDDENS_FOR_GET_FORM':
$_value = new ocp_tempcode();
$url_bits = parse_url($param[0]);
if (array_key_exists('query', $url_bits) && $url_bits['query'] != '') {
foreach (explode('&', $url_bits['query']) as $exp) {
$parts = explode('=', $exp, 2);
if (count($parts) == 2) {
if (!in_array($parts[0], $param)) {
$_value->attach(form_input_hidden($parts[0], urldecode($parts[1])));
}
}
}
}
$value = $_value->evaluate();
break;
case 'NOTIFICATIONS_ENABLED':
$value = '';
if (array_key_exists(0, $param)) {
require_code('notifications');
$value = notifications_enabled(array_key_exists(1, $param) ? $param[1] : get_page_name(), $param[0]) ? '1' : '0';
}
break;
case 'DOCUMENT_HELP':
global $DOCUMENT_HELP, $HELPER_PANEL_TUTORIAL;
$value = $DOCUMENT_HELP;
if ($value == '' && $HELPER_PANEL_TUTORIAL != '') {
$value = brand_base_url() . '/docs' . strval(ocp_version()) . '/pg/' . $HELPER_PANEL_TUTORIAL;
}
break;
case 'HTTP_STATUS_CODE':
global $HTTP_STATUS_CODE;
$value = $HTTP_STATUS_CODE;
break;
case 'TEMPCODE':
if (isset($param[0])) {
require_code('tempcode_compiler');
$_value = template_to_tempcode($param[0]);
$value = $_value->evaluate();
}
break;
case 'COMCODE':
if (isset($param[0])) {
$_value = comcode_to_tempcode($param[0], NULL, true);
$value = $_value->evaluate();
}
break;
case 'FLAGRANT':
$_value = get_flagrant();
$value = $_value->evaluate();
break;
case 'IMG_WIDTH':
case 'IMG_HEIGHT':
if (isset($param[0]) && isset($GLOBALS['SITE_DB']) && function_exists('find_theme_image') && $GLOBALS['IN_MINIKERNEL_VERSION'] == 0) {
global $THEME_IMG_DIMS_CACHE;
if (!isset($THEME_IMG_DIMS_CACHE)) {
$THEME_IMG_DIMS_CACHE = function_exists('persistant_cache_get') ? persistant_cache_get('THEME_IMG_DIMS') : array();
}
if (isset($THEME_IMG_DIMS_CACHE[$param[0]])) {
list($width, $height) = $THEME_IMG_DIMS_CACHE[$param[0]];
$value = $name == 'IMG_WIDTH' ? $width : $height;
} else {
if (strpos($param[0], '://') === false) {
$img_url = find_theme_image($param[0], false, false, array_key_exists(2, $param) ? $param[2] : NULL, NULL, isset($param[1]) && $param[1] == '1' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB']);
} else {
$img_url = $param[0];
}
require_code('images');
list($width, $height) = _symbol_image_dims(array($img_url));
$value = $name == 'IMG_WIDTH' ? $width : $height;
$THEME_IMG_DIMS_CACHE[$param[0]] = array($width, $height);
if (function_exists('persistant_cache_set')) {
persistant_cache_set('THEME_IMG_DIMS', $THEME_IMG_DIMS_CACHE);
}
}
}
break;
case 'CLEAN_FILE_SIZE':
if (isset($param[0])) {
$bytes = is_numeric($param[0]) ? intval($param[0]) : NULL;
require_code('files');
$value = clean_file_size($bytes);
}
break;
case 'TIME_PERIOD':
if (isset($param[0])) {
$value = display_time_period(intval($param[0]));
}
break;
case 'MAKE_RELATIVE_DATE':
if (isset($param[0])) {
if (get_option('use_contextual_dates') == '0' && (!array_key_exists(1, $param) || $param[1] != '1')) {
$value = get_timezoned_date(intval($param[0]));
} else {
$value = display_time_period(time() - intval($param[0]));
}
}
break;
case 'TIMEZONE':
$value = make_nice_timezone_name(get_site_timezone());
break;
case 'LOAD_PAGE':
foreach ($param as $i => $p) {
if (is_object($p)) {
$param[$i] = $p->evaluate();
}
}
global $LOADED_PAGES;
if (strpos($param[0], ':') !== false) {
$param = array_reverse(explode(':', $param[0], 2));
}
$_value = $LOADED_PAGES[serialize($param)];
$value = $_value->evaluate();
break;
case 'RUNNING_SCRIPT':
if (isset($param[0])) {
$value = running_script($param[0]) ? '1' : '0';
}
break;
case 'MATCH_KEY_MATCH':
$value = '0';
foreach ($param as $match_key) {
if ($match_key == '1' || $match_key == '0' || $match_key == '') {
continue;
}
if (match_key_match($match_key, isset($param[1]) && $match_key == '1')) {
$value = '1';
}
}
break;
case 'VERSION':
$value = strval(ocp_version());
break;
case 'PREVIEW_VALIDATION':
$value = get_option('is_on_preview_validation') == '1' ? '1' : '0';
break;
case 'BLOCK':
if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
foreach ($param as $i => $p) {
if (is_object($p)) {
$param[$i] = $p->evaluate();
}
}
if (count($param) == 1 && strpos($param[0], ',') !== false) {
$param = preg_split('#((?<!\\\\)|(?<=\\\\\\\\)|(?<=^)),#', $param[0]);
foreach ($param as $key => $val) {
$param[$key] = str_replace('\\,', ',', $val);
}
}
global $LOADED_BLOCKS;
if (isset($LOADED_BLOCKS[serialize($param)])) {
// Will always be set
$value = $LOADED_BLOCKS[serialize($param)]->evaluate();
}
}
break;
case 'CURRENCY':
if (addon_installed('ecommerce')) {
if (isset($param[0])) {
require_code('currency');
$value = currency_convert(floatval(str_replace(',', '', $param[0])), isset($param[1]) && $param[1] != '' ? $param[1] : get_option('currency'), isset($param[2]) && $param[2] != '' ? $param[2] : NULL, isset($param[3]) && $param[3] == '1');
if (is_null($value)) {
$value = do_lang('INTERNAL_ERROR');
}
} else {
$value = get_option('currency');
}
}
break;
case 'CURRENCY_SYMBOL':
if (addon_installed('ecommerce')) {
require_code('ecommerce');
$value = ecommerce_get_currency_symbol();
}
break;
case 'GEOLOCATE':
$value = geolocate_ip(isset($param[0]) ? $param[0] : NULL);
break;
case 'NO_SAFE_MODE':
$value = str_replace(array('on', 'true', 'yes'), array('1', '1', '1'), strtolower(ini_get('safe_mode'))) == '1' ? '0' : '1';
break;
case 'FORCE_PREVIEWS':
if (get_option('forced_preview_option') == '1') {
if (get_forum_type() == 'ocf') {
if (is_guest() && get_option('default_preview_guests') == '0') {
$value = '0';
} else {
$value = $GLOBALS['FORUM_DRIVER']->get_member_row_field(get_member(), 'm_preview_posts') == 1 ? '1' : '0';
}
} else {
$value = get_option('default_preview_guests') == '0' ? '0' : '1';
}
} else {
$value = '0';
}
break;
case 'PREVIEW_URL':
$value = find_script('preview');
$value .= '?page=' . get_page_name();
$value .= '&type=' . get_param('type', '', true);
break;
case 'ADDON_INSTALLED':
if (isset($param[0]) && !running_script('install')) {
$value = addon_installed($param[0]) ? '1' : '0';
}
break;
case 'VALUE_OPTION':
if (isset($param[0])) {
$value = function_exists('get_value') ? get_value($param[0]) : '';
if (is_null($value)) {
$value = function_exists('get_long_value') ? get_long_value($param[0]) : '';
if (is_null($value)) {
$value = isset($param[1]) ? $param[1] : '';
if ($param[0] == 'textmate' && (ocp_srv('HTTP_HOST') == 'localhost' && strpos(ocp_srv('HTTP_USER_AGENT'), 'Macintosh') !== false)) {
$value = '1';
}
}
}
}
break;
case 'KEEP_INDEX':
// What needs preserving in the URL
$value = 'index.php';
if (count($_GET) > 0) {
foreach ($_GET as $key => $val) {
if (is_array($val)) {
continue;
}
if (get_magic_quotes_gpc()) {
$val = stripslashes($val);
}
if (substr($key, 0, 5) == 'keep_' && !skippable_keep($key, $val) && strpos($key, '_expand_') === false) {
$value .= ($value == 'index.php' ? '?' : '&') . urlencode($key) . '=' . ocp_url_encode($val);
}
}
}
break;
case 'HIDE_HELP_PANEL':
$value = array_key_exists('hide_help_panel', $_COOKIE) && $_COOKIE['hide_help_panel'] == '1' ? '1' : '0';
break;
case 'URLISE_LANG':
if (isset($param[1])) {
$_value = urlise_lang($param[0], $param[1], isset($param[2]) ? $param[2] : '', isset($param[3]) ? $param[3] == '1' : false);
$value = $_value->evaluate();
}
break;
case 'FIND_SCRIPT_NOHTTP':
if (isset($param[0]) && function_exists('find_script')) {
$value = preg_replace('#^https?://[^/]+#', '', find_script($param[0], false, isset($param[1]) ? intval($param[1]) : 0));
}
if (!$GLOBALS['DEBUG_MODE']) {
break;
}
// Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
// Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
case 'FIND_SCRIPT':
if (isset($param[0]) && function_exists('find_script')) {
$value = find_script($param[0], false, isset($param[1]) ? intval($param[1]) : 0);
}
break;
case 'MOBILE':
$value = is_mobile(NULL, array_key_exists(0, $param) ? $param[0] == '1' : false) ? '1' : '0';
break;
case 'VALID_FILE_TYPES':
$value = get_option('valid_types');
$types = array_flip(explode(',', $value));
$value = '';
ksort($types);
foreach (array_flip($types) as $val) {
$value .= $val . ',';
}
$value = substr($value, 0, strlen($value) - 1);
break;
case 'BROWSER_UA':
$browser = get_browser_string();
$value = $browser;
break;
case 'OS':
$os = get_os_string();
if (is_null($os)) {
$os = '';
}
$value = $os;
break;
case 'ANCHOR':
if (isset($param[0])) {
$_value = do_template('ANCHOR', array('_GUID' => '8795c70c9dd7c6217bb765264ac24092', 'NAME' => $param[0]));
$value = $_value->evaluate();
}
break;
case 'CSS_TEMPCODE':
$_value = css_tempcode();
$value = $_value->evaluate();
break;
case 'JS_TEMPCODE':
$_value = javascript_tempcode(isset($param[0]) ? $param[0] : NULL);
$value = $_value->evaluate();
break;
case 'PAD_LEFT':
if (array_key_exists(1, $param)) {
$value = str_pad($param[0], intval($param[1]), array_key_exists(2, $param) ? $param[2] : '', STR_PAD_LEFT);
}
break;
case 'PAD_RIGHT':
if (array_key_exists(1, $param)) {
$value = str_pad($param[0], intval($param[1]), array_key_exists(2, $param) ? $param[2] : '', STR_PAD_RIGHT);
}
break;
case 'PAGE_TITLE':
$value = is_null($DISPLAYED_TITLE) ? '' : $DISPLAYED_TITLE->evaluate();
break;
case 'SET_TITLE':
if (array_key_exists(0, $param)) {
get_page_title($param[0], false);
}
break;
case 'EXTRA_HEAD':
$_value = $GLOBALS['EXTRA_HEAD'];
if ($_value === NULL) {
$_value = new ocp_tempcode();
}
$value = $_value->evaluate();
break;
case 'EXTRA_FOOT':
if ($GLOBALS['EXTRA_FOOT'] === NULL) {
$GLOBALS['EXTRA_FOOT'] = new ocp_tempcode();
}
$_value = $GLOBALS['EXTRA_FOOT'];
if (array_key_exists(0, $param)) {
$GLOBALS['EXTRA_FOOT']->attach($param[0]);
} else {
$value = $_value->evaluate();
}
break;
case 'RAND':
if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['RAND'])) {
$GLOBALS['NO_EVAL_CACHE'] = true;
$value = strval(mt_rand(0, 32000));
} else {
$value = '4';
}
break;
case 'SET_RAND':
if (isset($param[0])) {
if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
$GLOBALS['NO_EVAL_CACHE'] = true;
$value = $param[mt_rand(0, count($param) - 1)];
} else {
$value = $param[0];
}
}
break;
case 'COPYRIGHT':
$value = str_replace('$CURRENT_YEAR', date('Y'), get_option('copyright'));
break;
case 'KEYWORDS_SPACED':
$value = str_replace(',', ' ', get_option('keywords'));
break;
case 'STAFF_ADDRESS_PURE':
$value = get_option('staff_address');
break;
case 'STAFF_ADDRESS':
require_code('obfuscate');
$value = obfuscate_email_address(get_option('staff_address'));
break;
case 'DOMAIN':
$value = get_domain();
break;
case 'BRAND_NAME':
$value = function_exists('get_value') ? get_value('rebrand_name') : NULL;
if (is_null($value)) {
$value = 'ocPortal';
}
break;
case 'BRAND_BASE_URL':
$value = brand_base_url();
break;
case 'SHOW_DOCS':
$value = get_option('show_docs') === '0' ? '0' : '1';
break;
case 'MEMBER_EMAIL':
$value = $GLOBALS['FORUM_DRIVER']->get_member_email_address(isset($param[0]) ? intval($param[0]) : get_member());
break;
case 'OCF_MEMBER_HTML':
if (get_forum_type() == 'ocf') {
require_code('ocf_members');
require_code('ocf_members2');
$_value = ocf_show_member_box(isset($param[0]) ? intval($param[0]) : get_member());
$value = $_value->evaluate();
}
break;
case 'HAS_SPECIFIC_PERMISSION':
if (isset($param[0])) {
$value = has_specific_permission(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
}
break;
case 'HAS_ZONE_ACCESS':
if (isset($param[0])) {
$value = has_zone_access(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
}
break;
case 'HAS_PAGE_ACCESS':
if (isset($param[0]) && isset($param[1])) {
$value = has_page_access(!is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], $param[1], !is_null($param) && isset($param[3]) ? $param[3] == '1' : false) ? '1' : '0';
}
break;
case 'HAS_CATEGORY_ACCESS':
if (isset($param[0])) {
$value = has_category_access(!is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], $param[1]) ? '1' : '0';
}
break;
case 'HAS_ATTACHMENT_ACCESS':
if (isset($param[0])) {
require_code('attachments');
$value = has_attachment_access(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
}
break;
case 'HAS_SUBMIT_PERMISSION':
if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high')) {
$value = has_submit_permission(strtolower($param[0]), !is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), !is_null($param) && isset($param[2]) ? $param[2] : get_ip_address(), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
}
break;
case 'HAS_DELETE_PERMISSION':
if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high') && isset($param[1])) {
$value = has_delete_permission(strtolower($param[0]), !is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), intval($param[1]), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
}
break;
case 'HAS_EDIT_PERMISSION':
if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high') && isset($param[1])) {
$value = has_edit_permission(strtolower($param[0]), !is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), intval($param[1]), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
}
break;
case 'ENTITY_DECODE':
if (isset($param[0])) {
$value = @html_entity_decode($param[0], ENT_QUOTES, get_charset());
}
break;
case 'RESET_CYCLE':
if (isset($param[0])) {
$CYCLES[$param[0]] = 0;
}
break;
case 'SITE_SCOPE':
$value = get_option('site_scope');
break;
case 'LAST_VISIT_TIME':
if (get_forum_type() == 'ocf') {
$member_info = ocf_read_in_member_profile(get_member(), true);
$value = strval($member_info['last_visit_time']);
}
break;
case 'NUM_NEW_TOPICS':
if (get_forum_type() == 'ocf') {
$member_info = ocf_read_in_member_profile(get_member(), true);
$_new_topics = $GLOBALS['FORUM_DB']->query('SELECT COUNT(*) AS mycnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_topics WHERE NOT t_forum_id IS NULL AND t_cache_first_time>' . strval((int) $member_info['last_visit_time']));
$new_topics = $_new_topics[0]['mycnt'];
$value = strval($new_topics);
}
break;
case 'NUM_NEW_POSTS':
if (get_forum_type() == 'ocf') {
$member_info = ocf_read_in_member_profile(get_member(), true);
$_new_posts = $GLOBALS['FORUM_DB']->query('SELECT COUNT(*) AS mycnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_posts WHERE NOT p_cache_forum_id IS NULL AND p_time>' . strval((int) $member_info['last_visit_time']));
$new_posts = $_new_posts[0]['mycnt'];
$value = strval($new_posts);
}
break;
case 'HAS_FORUM':
$value = has_no_forum() ? '0' : '1';
break;
case 'OCF':
$value = get_forum_type() == 'ocf' ? '1' : '0';
break;
case 'BOARD_PREFIX':
$value = get_forum_base_url();
break;
case 'DATE_AND_TIME':
$use_contextual_dates = isset($param[0]) && $param[0] == '1';
$verbose = isset($param[1]) && $param[1] == '1';
$server_time = isset($param[2]) && $param[2] == '1';
$time = isset($param[3]) ? intval($param[3]) : time();
$value = get_timezoned_date($time, true, $verbose, $server_time, !$use_contextual_dates);
break;
case 'DATE':
$use_contextual_dates = isset($param[0]) && $param[0] == '1';
$verbose = isset($param[1]) && $param[1] == '1';
$server_time = isset($param[2]) && $param[2] == '1';
$time = isset($param[3]) ? intval($param[3]) : time();
$value = get_timezoned_date($time, false, $verbose, $server_time, !$use_contextual_dates);
break;
case 'TIME':
$time = isset($param[0]) ? intval($param[0]) : time();
$value = get_timezoned_time($time);
break;
case 'SECONDS_PERIOD':
if (array_key_exists(0, $param)) {
$value = display_seconds_period(intval($param[0]));
}
break;
case 'FROM_TIMESTAMP':
if (isset($param[0])) {
$timestamp = isset($param[1]) ? intval($param[1]) : time();
if (!array_key_exists(2, $param) || $param[2] == '1') {
$timestamp = utctime_to_usertime($timestamp);
}
$value = locale_filter(my_strftime($param[0], $timestamp));
if ($value == $param[0]) {
// If no conversion happened then the syntax must have been for 'date' not 'strftime'
$value = date($param[0], $timestamp);
}
} else {
$timestamp = time();
$value = strval($timestamp);
}
break;
case 'TO_TIMESTAMP':
if (isset($param[0])) {
$value = strval(strtotime($param[0]));
if (array_key_exists(1, $param) && $param[1] == '1') {
$value = strval(usertime_to_utctime(intval($value)));
}
// '1' means date was in user-time so needs converting to a UTC timestamp
} else {
$value = strval(time());
}
break;
case 'SESSION_HASHED':
$value = md5(strval(get_session_id()));
break;
case 'SESSION':
$value = strval(get_session_id());
break;
case 'IN_ARRAY':
if (isset($param[1])) {
$array = array_slice($param, 1);
$value = in_array($param[0], $array) ? '1' : '0';
}
break;
case 'MULT':
if (isset($param[1])) {
$value = float_to_raw_string(floatval($param[0]) * floatval($param[1]), 2, true);
}
break;
case 'ROUND':
if (isset($param[0])) {
$amount = isset($param[1]) ? intval($param[1]) : 0;
if ($amount > 0) {
$value = float_format(floatval($param[0]), $amount);
} else {
$value = strval(intval(round(floatval($param[0]), $amount)));
}
}
break;
case 'DEV_MODE':
$value = $GLOBALS['DEBUG_MODE'] ? '1' : '0';
break;
case 'BROWSER_MATCHES':
if (isset($param[0])) {
$q = false;
foreach (explode('|', $param[0]) as $browser) {
$q = browser_matches($browser);
if ($q) {
break;
}
}
$value = $q ? '1' : '0';
}
break;
case 'ISSET':
if (isset($param[0])) {
$value = isset($TEMPCODE_SETGET[$param[0]]) ? '1' : '0';
}
break;
case 'INIT':
if (isset($param[1])) {
if (!isset($TEMPCODE_SETGET[$param[0]])) {
$TEMPCODE_SETGET[$param[0]] = $param[1];
}
}
break;
case 'INC':
if (isset($param[0])) {
if (!isset($TEMPCODE_SETGET[$param[0]])) {
$TEMPCODE_SETGET[$param[0]] = '0';
}
$TEMPCODE_SETGET[$param[0]] = strval(intval($TEMPCODE_SETGET[$param[0]]) + 1);
}
break;
case 'DEC':
if (isset($param[0])) {
if (!isset($TEMPCODE_SETGET[$param[0]])) {
$TEMPCODE_SETGET[$param[0]] = '0';
}
$TEMPCODE_SETGET[$param[0]] = strval(intval($TEMPCODE_SETGET[$param[0]]) - 1);
}
break;
case 'PREG_MATCH':
if (isset($param[1])) {
$value = preg_match('#' . str_replace('#', '\\#', $param[0]) . '#' . (isset($param[2]) ? str_replace('e', '', $param[2]) : ''), $param[1]) != 0 ? '1' : '0';
}
break;
case 'PREG_REPLACE':
if (isset($param[2])) {
$value = preg_replace('#' . str_replace('#', '\\#', $param[0]) . '#' . (isset($param[3]) ? str_replace('e', '', $param[3]) : ''), $param[1], $param[2]);
}
break;
case 'MAX':
if (isset($param[0])) {
$value = strval(max(intval($param[0]), intval($param[1])));
}
break;
case 'MIN':
if (isset($param[0])) {
$value = strval(min(intval($param[0]), intval($param[1])));
}
break;
case 'MOD':
if (isset($param[0])) {
$value = strval(max(intval($param[0]), -intval($param[0])));
}
break;
case 'REM':
if (isset($param[1])) {
$value = strval(intval($param[0]) % intval($param[1]));
}
break;
case 'DIV_FLOAT':
if (isset($param[1])) {
$value = float_to_raw_string(floatval($param[0]) / floatval($param[1]), 2, true);
}
break;
case 'DIV':
if (isset($param[1])) {
$value = strval(intval(floor(floatval($param[0]) / floatval($param[1]))));
}
break;
case 'SUBTRACT':
if (isset($param[1])) {
$value = float_to_raw_string(floatval(str_replace(',', '', $param[0])) - floatval(str_replace(',', '', $param[1])), 2, true);
}
break;
case 'ADD':
if (isset($param[1])) {
$value = float_to_raw_string(floatval(str_replace(',', '', $param[0])) + floatval(str_replace(',', '', $param[1])), 2, true);
}
break;
case 'WCASE':
if (isset($param[0])) {
$value = ucwords($param[0]);
}
break;
case 'LCASE':
if (isset($param[0])) {
$value = ocp_mb_strtolower($param[0]);
}
break;
case 'UCASE':
if (isset($param[0])) {
$value = ocp_mb_strtoupper($param[0]);
}
break;
case '_POST':
if (isset($param[0])) {
$value = post_param($param[0], isset($param[1]) ? $param[1] : '');
}
break;
case 'REPLACE':
if (isset($param[2])) {
$value = str_replace($param[0], $param[1], $param[2]);
if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
ocp_mark_as_escaped($value);
}
}
break;
case 'AT':
if (isset($param[1])) {
$value = ocp_mb_substr($param[0], intval($param[1]), 1);
}
break;
case 'STRPOS':
if (isset($param[1])) {
$t_value = strpos($param[0], $param[1]);
$value = $t_value === false ? '0' : strval($t_value);
}
break;
case 'IN_STR':
if (isset($param[1])) {
if ($param[1] == '') {
$value = '0';
} else {
$value = '0';
foreach ($param as $i => $check) {
if (is_integer($i) && $i != 0 && $check != '') {
if (strpos($param[0], $check) !== false) {
$value = '1';
break;
}
}
}
}
}
break;
case 'SUBSTR_COUNT':
if (isset($param[1])) {
$value = strval(substr_count($param[0], $param[1]));
}
break;
case 'SUBSTR':
if (isset($param[1])) {
$value = ocp_mb_substr($param[0], intval($param[1]), isset($param[2]) ? intval($param[2]) : strlen($param[0]));
}
break;
case 'LENGTH':
if (isset($param[0])) {
$value = strval(ocp_mb_strlen($param[0]));
}
break;
case 'WORDWRAP':
if (isset($param[1])) {
$cut = isset($param[3]) && $param[3] == '1';
$value = wordwrap($param[0], intval($param[1]), isset($param[2]) ? $param[2] : '<br />', $cut);
if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
ocp_mark_as_escaped($value);
}
}
break;
case 'ALTERNATOR_TRUNCATED':
// Alternate values according to whether some given text WOULD have been truncated. 0: text to check against, 1: the truncate length, 2:IF would not be do this, 3: if it would be do this, 4: whether given text is encoded as HTML (0=no [default, plain-text], 1=yes)
if (isset($param[3])) {
$amount = intval($param[1]);
$is_html = isset($param[4]) && $param[4] == '1';
if (strlen($is_html ? strip_tags($param[0]) : $param[0]) > $amount) {
$value = $param[3];
} else {
$value = $param[2];
}
}
break;
case 'ESCAPE':
if (isset($param[0])) {
$d_escaping = array(isset($param[1]) ? constant($param[1]) : ENTITY_ESCAPED);
if (is_string($param[0])) {
apply_tempcode_escaping($d_escaping, $param[0]);
}
$value = $param[0];
}
break;
case 'COOKIE_PATH':
$value = function_exists('get_cookie_path') ? get_cookie_path() : '/';
break;
case 'COOKIE_DOMAIN':
$s_value = function_exists('get_cookie_domain') ? get_cookie_domain() : '';
$value = is_null($s_value) ? '' : $s_value;
break;
case 'IS_A_COOKIE_LOGIN':
global $IS_A_COOKIE_LOGIN;
$value = $IS_A_COOKIE_LOGIN && ini_get('suhosin.cookie.max_name_length') !== '64' ? '1' : '0';
break;
case 'GROUP_ID':
if (isset($param[0])) {
$groups = $GLOBALS['FORUM_DRIVER']->get_members_groups(isset($param[1]) ? intval($param[1]) : get_member());
$value = array_key_exists(intval($param[0]), $groups) ? strval($groups[intval($param[0])]) : '';
}
break;
case 'GROUP_NAME':
if (isset($param[0])) {
$groups = $GLOBALS['FORUM_DRIVER']->get_members_groups(isset($param[1]) ? intval($param[1]) : get_member());
if (array_key_exists(intval($param[0]), $groups)) {
$all_usergroups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list();
$value = $all_usergroups[$groups[intval($param[0])]];
}
if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
ocp_mark_as_escaped($value);
}
}
break;
case 'NEGATE':
if (isset($param[0])) {
$value = strval(-intval($param[0]));
}
break;
case 'XOR':
$count = 0;
foreach ($param as $test) {
if ($test == '1' || $test == '1') {
$count++;
}
}
$value = $count == 1 ? '1' : '0';
break;
case 'NOR':
$count = 0;
foreach ($param as $test) {
if ($test == '1' || $test == '1') {
$count++;
}
}
$value = $count > 0 ? '0' : '1';
break;
case 'NAND':
$count = 0;
foreach ($param as $test) {
if ($test == '1' || $test == '1') {
$count++;
}
}
$value = $count == count($param) ? '0' : '1';
break;
case 'LT':
if (isset($param[1])) {
$value = intval($param[0]) < intval($param[1]) ? '1' : '0';
}
break;
case 'GT':
if (isset($param[1])) {
$value = intval($param[0]) > intval($param[1]) ? '1' : '0';
}
break;
case 'COPPA_ON':
$value = get_option('is_on_coppa') == '1' ? '1' : '0';
break;
case 'OBFUSCATE':
if (isset($param[0])) {
require_code('obfuscate');
$value = obfuscate_entities($param[0]);
}
break;
case 'FIX_ID':
if (isset($param[0])) {
$value = fix_id($param[0]);
if ($GLOBALS['XSS_DETECT']) {
ocp_mark_as_escaped($value);
}
}
break;
case 'MAILTO':
require_code('obfuscate');
$value = mailto_obfuscated();
break;
case 'INLINE_STATS':
$value = get_option('show_inline_stats') == '1' ? '1' : '0';
break;
case 'ATTACHMENT_DOWNLOADS':
if (isset($param[0])) {
$db = $GLOBALS['SITE_DB'];
if (isset($param[1]) && $param[1] == '1') {
$db = $GLOBALS['FORUM_DB'];
}
$_value = $db->query_value_null_ok('attachments', 'a_num_downloads', array('id' => intval($param[0])));
$value = is_null($_value) ? '?' : strval($_value);
}
break;
case 'CSS_DIMENSION_REDUCE':
if (isset($param[1])) {
$value = $param[0];
if (substr($value, -2) == 'px') {
$b = $param[1];
$value = strval(intval(substr($value, 0, -2)) - intval($b)) . 'px';
}
if ($value == '') {
$value = '0px';
}
}
break;
case 'COMMENT_COUNT':
if (isset($param[1])) {
if (get_option('is_on_comments') == '1') {
$count = 0;
$_comments = $GLOBALS['FORUM_DRIVER']->get_forum_topic_posts($GLOBALS['FORUM_DRIVER']->find_topic_id_for_topic_identifier(get_option('comments_forum_name'), $param[0] . '_' . $param[1]), $count, 0, 0, false);
$_value = do_lang_tempcode('_COMMENTS', integer_format(0));
if (is_array($_comments)) {
$_value = do_lang_tempcode('_COMMENTS', escape_html(integer_format($count)));
}
$value = $_value->evaluate();
} else {
$value = do_lang('VIEW');
}
}
break;
case 'CAN_SPELLCHECK':
$value = function_exists('pspell_check') ? '1' : '0';
break;
case 'AWARD_ID':
if (array_key_exists(0, $param)) {
$value = $GLOBALS['SITE_DB']->query_value_null_ok('award_archive', 'content_id', array('a_type_id' => intval($param[0])), 'ORDER BY date_and_time DESC');
if (is_null($value)) {
$value = '';
}
}
break;
case 'SELF_PAGE_LINK':
$value = '';
if (running_script('index') || running_script('iframe')) {
$value = get_zone_name() . ':' . get_page_name();
foreach ($_GET as $key => $val) {
if ($key == 'page') {
continue;
}
if (is_array($val)) {
continue;
}
if (substr($key, 0, 5) == 'keep_') {
continue;
}
$value .= ':' . $key . '=' . $val;
}
}
break;
case 'SET_TUTORIAL_LINK':
$value = '';
if (array_key_exists(1, $param) && $param[1] != '' && $param[1][0] != '#') {
set_tutorial_link($param[0], $param[1]);
}
break;
case 'DISPLAY_CONCEPT':
$value = '';
if (array_key_exists(0, $param)) {
$key = $param[0];
$page_link = get_tutorial_link('concept___' . preg_replace('#[^\\w_]#', '_', $key));
if (is_null($page_link)) {
$temp_tpl = make_string_tempcode($key);
} else {
list($zone, $attributes, $hash) = page_link_decode($page_link);
$_url = build_url($attributes, $zone, NULL, false, false, false, $hash);
$temp_tpl = do_template('COMCODE_CONCEPT', array('_GUID' => 'ee0cd05f87329923f05145180004d8a8', 'TEXT' => $key, 'URL' => $_url));
}
$value = $temp_tpl->evaluate();
}
break;
case 'SELF_URL':
$extra_params = NULL;
if (isset($param[3])) {
$extra_params = array();
$i = 3;
while (isset($param[$i])) {
$bits = explode('=', $param[$i], 2);
if ($bits[1] == '<null>') {
$bits[1] = NULL;
}
$extra_params[$bits[0]] = $bits[1];
$i++;
}
}
$value = get_self_url(true, isset($param[0]) && $param[0] == '1', $extra_params, isset($param[1]) && $param[1] == '1', isset($param[2]) && $param[2] == '1');
break;
case 'SHIFT_DECODE':
if (isset($param[0])) {
global $SHIFT_VARIABLES;
$key = $param[0];
$value = isset($SHIFT_VARIABLES[$key]) ? $SHIFT_VARIABLES[$key]->evaluate() : '';
}
break;
case 'NUMBER_FORMAT':
if (isset($param[0])) {
$value = integer_format(intval($param[0]));
}
break;
case 'FLOAT_FORMAT':
if (isset($param[0])) {
$value = float_format(floatval($param[0]));
}
break;
case 'CURRENTLY_INVISIBLE':
$value = is_invisible() ? '1' : '0';
break;
case 'IS_FRIEND':
if (isset($param[0])) {
$test = $GLOBALS['SITE_DB']->query_value_null_ok('chat_buddies', 'member_likes', array('member_likes' => isset($param[1]) ? intval($param[1]) : get_member(), 'member_liked' => intval($param[0])));
$value = is_null($test) ? '0' : '1';
}
break;
case 'SSW':
$value = get_option('ssw') == '1' ? '1' : '0';
break;
case 'RATING':
if (isset($param[1])) {
require_code('feedback');
$rating = get_rating_simple_array(array_key_exists(3, $param) ? $param[3] : get_self_url(true), array_key_exists(4, $param) ? $param[4] : (is_null($DISPLAYED_TITLE) ? '' : $DISPLAYED_TITLE->evaluate()), $param[0], $param[1], array_key_exists(5, $param) ? $param[5] : 'RATING_FORM', array_key_exists(2, $param) ? $param[2] : NULL);
if ($rating !== NULL) {
if (!array_key_exists(2, $param) || $param[2] == '0') {
$value = isset($rating['ALL_RATING_CRITERIA'][0]['RATING']) ? $rating['ALL_RATING_CRITERIA'][0]['RATING'] : '';
} else {
$value = do_template('RATING_INLINE_STATIC', $rating);
}
if (is_object($value)) {
$value = $value->evaluate();
}
}
}
break;
case 'VIEWS':
if (isset($param[2])) {
$id_field = 'id';
// Not allowed for security reasons
if (preg_match('#^\\w*views\\w*$#', $param[1]) != 0) {
$test = $GLOBALS['SITE_DB']->query_value_null_ok($param[0], $param[1], array($id_field => $param[2]));
if (!is_null($test)) {
$value = integer_format($test);
}
}
}
break;
default:
global $EXTRA_SYMBOLS;
if (is_null($EXTRA_SYMBOLS)) {
$EXTRA_SYMBOLS = array();
$hooks = find_all_hooks('systems', 'symbols');
foreach (array_keys($hooks) as $hook) {
$EXTRA_SYMBOLS[$hook] = array();
}
}
if (array_key_exists($name, $EXTRA_SYMBOLS)) {
if (!array_key_exists('ob', $EXTRA_SYMBOLS[$name])) {
require_code('hooks/systems/symbols/' . filter_naughty_harsh($name));
$EXTRA_SYMBOLS[$name]['ob'] = object_factory('Hook_symbol_' . filter_naughty_harsh($name));
}
$value = $EXTRA_SYMBOLS[$name]['ob']->run($param);
break;
}
if (defined($name)) {
$value = @strval(constant($name));
break;
}
$value = '';
require_code('site');
attach_message(do_lang_tempcode('MISSING_SYMBOL', escape_html($name)), 'warn');
}
if ($escaped != array()) {
if (is_object($value)) {
$value = $value->evaluate();
}
apply_tempcode_escaping($escaped, $value);
}
if ($cacheable) {
$SYMBOL_CACHE[$escaped_codes] = $value;
}
return $value;
}
// Is it a directive?
if ($type == TC_DIRECTIVE) {
$value = '';
if ($GLOBALS['XSS_DETECT']) {
ocp_mark_as_escaped($value);
}
// In our param we should have a map of bubbled template parameters (under 'vars') and our numbered directive parameters
if ($param === NULL) {
$param = array();
}
// Closure-based Tempcode parser may send in strings, so we need to adapt...
foreach ($param as $key => $val) {
if (is_string($val)) {
$param[$key] = make_string_tempcode($val);
}
}
if (!isset($param['vars'])) {
$param['vars'] = array();
}
switch ($name) {
case 'SHIFT_ENCODE':
break;
case 'PARAM_INFO':
$_value = do_template('PARAM_INFO', array('MAP' => $param['vars']));
$value = $_value->evaluate();
break;
case 'CSS_INHERIT':
// e.g. {+START,CSS_INHERIT,global,default,#886aa9}{+END}
if (isset($param[0])) {
require_code('css_and_js');
$css_file = $param[0]->evaluate();
$theme = isset($param[1]) ? $param[1]->evaluate() : 'default';
$seed = isset($param[2]) ? $param[2]->evaluate() : NULL;
if ($seed == '') {
$seed = NULL;
}
$dark = isset($param[3]) ? $param[3]->evaluate() == '1' : false;
$algorithm = isset($param[4]) ? $param[4]->evaluate() : 'equations';
$value = css_inherit($css_file, $theme, $GLOBALS['FORUM_DRIVER']->get_theme(), $seed, $dark, $algorithm);
}
break;
case 'FRACTIONAL_EDITABLE':
foreach (array_keys($param) as $key) {
if (!is_numeric($key)) {
unset($param[$key]);
}
}
if (isset($param[3])) {
$edit_text = $param[0]->evaluate();
$edit_param_name = $param[1]->evaluate();
$edit_pagelink = $param[2]->evaluate();
$supports_comcode = (isset($param[4]) ? $param[3]->evaluate() : '0') == '1';
list($zone, $attributes, ) = page_link_decode($edit_pagelink);
if ($zone == '_SEARCH') {
$zone = get_module_zone($attributes['page']);
}
if (has_actual_page_access(get_member(), $attributes['page'], $zone) && has_zone_access(get_member(), 'adminzone')) {
$keep = symbol_tempcode('KEEP');
$url = find_script('fractional_edit') . '?edit_param_name=' . urlencode($edit_param_name) . '&supports_comcode=' . ($supports_comcode ? '1' : '0') . '&zone=' . urlencode($zone) . $keep->evaluate();
foreach ($attributes as $key => $val) {
$url .= '&' . $key . '=' . urlencode($val);
}
$_value = $param[count($param) - 1];
$_value = do_template('FRACTIONAL_EDIT', array('_GUID' => '075ac126c427d28b309004bc67b32b08', 'VALUE' => $_value, 'URL' => $url, 'EDIT_TEXT' => $edit_text, 'EDIT_PARAM_NAME' => $edit_param_name));
$value = $_value->evaluate();
} else {
$value = $param[count($param) - 1]->evaluate();
}
}
break;
case 'SET':
if (isset($param[1])) {
$var = $param[0]->evaluate();
$set_val = '';
$i = 1;
while (isset($param[$i])) {
if ($i != 1) {
$set_val .= ',';
}
$set_val .= $param[1]->evaluate();
$i++;
}
$TEMPCODE_SETGET[$var] = $set_val;
}
break;
case 'IN_ARRAY':
if (isset($param[1])) {
$key = $param[1]->evaluate();
$array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
$value = in_array($param[0]->evaluate(), $array) ? '1' : '0';
}
break;
case 'NOT_IN_ARRAY':
if (isset($param[1])) {
$key = $param[1]->evaluate();
$array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
$value = in_array($param[0]->evaluate(), $array) ? '0' : '1';
}
break;
case 'IF_IN_ARRAY':
if (isset($param[2])) {
$key = $param[1]->evaluate();
$array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
$value = in_array($param[0]->evaluate(), $array) ? $param[2]->evaluate() : '';
}
break;
case 'IF_NOT_IN_ARRAY':
if (isset($param[2])) {
$key = $param[1]->evaluate();
$array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
$value = in_array($param[0]->evaluate(), $array) ? '' : $param[2]->evaluate();
}
break;
case 'IMPLODE':
if (isset($param[1])) {
$key = $param[1]->evaluate();
$array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
if (isset($param[2]) && $param[2]->evaluate() == '1') {
$delim = $param[0]->evaluate();
foreach ($array as $key => $val) {
if ($value != '') {
$value .= $delim;
}
$value .= (is_integer($key) ? integer_format($key) : $key) . ' = ' . $val;
}
} else {
$value = implode($param[0]->evaluate(), $array);
}
}
break;
case 'COUNT':
if (isset($param[0])) {
$key = $param[0]->evaluate();
$array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
$value = strval(count($array));
}
break;
case 'BOX':
unset($param['vars']);
$title = isset($param[1]) ? $param[0]->evaluate() : '';
$dimensions = isset($param[2]) ? $param[1]->evaluate() : '100%';
if ($dimensions == '') {
$dimensions = '100%';
}
$box_type = isset($param[3]) ? $param[2]->evaluate() : 'classic';
$options = isset($param[4]) ? $param[3]->evaluate() : '';
$meta = isset($param[5]) ? $param[4]->evaluate() : '';
$links = isset($param[6]) ? $param[5]->evaluate() : '';
$expand = isset($param[7]) ? $param[6]->evaluate() == '1' : false;
$toplink = isset($param[8]) ? $param[7]->evaluate() : '';
$tmp = put_in_standard_box(array_pop($param), $title, $dimensions, $box_type, $options, $meta, $links, $expand, $toplink);
$value = $tmp->evaluate();
break;
case 'IF_NON_EMPTY':
if (isset($param[1])) {
if (!$param[0]->is_really_empty()) {
$value = $param[1]->evaluate();
}
}
break;
case 'IF_PASSED':
if (isset($param[1])) {
$t = $param[0]->evaluate();
if (isset($param['vars'][$t])) {
$value = $param[1]->evaluate();
}
}
break;
case 'IF_NON_PASSED':
if (isset($param[1])) {
$t = $param[0]->evaluate();
if (!isset($param['vars'][$t])) {
$value = $param[1]->evaluate();
}
}
break;
case 'IF_EMPTY':
if (isset($param[1])) {
if ($param[0]->is_really_empty()) {
$value = $param[1]->evaluate();
}
}
break;
case 'IF_ARRAY_EMPTY':
if (isset($param[0])) {
$looking_at = $param[0]->evaluate();
if (array_key_exists($looking_at, $param['vars'])) {
if (count($param['vars'][$looking_at]) == 0) {
$value = $param[1]->evaluate();
}
}
}
break;
case 'IF_ARRAY_NON_EMPTY':
if (isset($param[0])) {
$looking_at = $param[0]->evaluate();
if (array_key_exists($looking_at, $param['vars'])) {
if (count($param['vars'][$looking_at]) != 0) {
$value = $param[1]->evaluate();
}
}
}
break;
case 'OF':
if (isset($param[1])) {
$key = $param[0]->evaluate();
$x = $param[1]->evaluate();
$array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
$x2 = is_numeric($x) ? intval($x) : $x;
if (is_integer($x2)) {
if ($x2 < 0) {
$x2 = count($array) - 1;
} elseif ($x2 >= count($array)) {
$x2 -= count($array);
}
}
$value = array_key_exists($x2, $array) ? $array[$x2] : '';
if (is_object($value)) {
$value = $value->evaluate();
}
}
break;
case 'INCLUDE':
if (isset($param[1])) {
$tpl_params = $param['vars'];
$explode = explode(chr(10), $param[1]->evaluate());
foreach ($explode as $val) {
$bits = explode('=', $val, 2);
if (count($bits) == 2) {
$tpl_params[ltrim($bits[0])] = $bits[1];
}
}
$td = isset($param[3]) ? $param[2]->evaluate() : '';
if ($td == '') {
$td = 'templates';
}
$ex = isset($param[2]) ? $param[1]->evaluate() : '';
if ($ex == '') {
$ex = '.tpl';
}
$_value = do_template($param[0]->evaluate(), $tpl_params, NULL, false, NULL, $ex, $td);
$value = $_value->evaluate();
}
break;
case 'WHILE':
if (isset($param[1])) {
$_p = $param[0]->evaluate();
if ($_p == '1' || $_p == '1') {
$value = '';
$value .= $param[1]->evaluate();
$value .= ecv($lang, $escaped, $type, $name, $param);
}
}
break;
case 'IF':
if (isset($param[1])) {
$_p = $param[0]->evaluate();
if ($_p == '1' || $_p == '1') {
$value = $param[1]->evaluate();
}
}
break;
case 'LOOP':
if (isset($param[0])) {
if (!array_key_exists($param[0]->evaluate(), $param['vars'])) {
require_code('site');
attach_message(do_lang_tempcode('MISSING_TEMPLATE_PARAMETER', $param[0]->evaluate(), '???'), 'warn');
return '';
}
$array_key = $param[0]->evaluate();
if (is_numeric($array_key) || strpos($array_key, ',') !== false) {
$array = explode(',', $array_key);
} else {
$array = array_key_exists($array_key, $param['vars']) ? $param['vars'][$array_key] : array();
if (!is_array($array)) {
$array = array();
}
}
$value = '';
if (array_key_exists(1 + 1, $param)) {
$columns = $param[1]->evaluate();
$row_starter = array_key_exists(2 + 1, $param) ? $param[2]->evaluate() : '<tr>';
$row_terminator = array_key_exists(3 + 1, $param) ? $param[3]->evaluate() : '</tr>';
$value .= $row_starter;
// Sorting
if (array_key_exists(4 + 1, $param)) {
$sort_key = $param[4]->evaluate();
$rev = array_key_exists(5 + 1, $param) && $param[5]->evaluate() == 'DESC';
if ($sort_key != '') {
global $M_SORT_KEY;
$M_SORT_KEY = $sort_key;
uasort($array, 'multi_sort');
}
if ($rev) {
$array = array_reverse($array);
}
}
}
$last = count($param) - 2;
$col = 0;
$first = true;
foreach ($array as $go_key => $go) {
if (!is_array($go)) {
$go = array('_loop_key' => make_string_tempcode(is_integer($go_key) ? strval($go_key) : $go_key), '_loop_var' => make_string_tempcode($go));
}
// In case it's not a list of maps, but just a list
if (isset($param[2]) && $col % $columns == 0 && $col != 0) {
$value .= $row_starter;
}
$ps = $go + $param['vars'] + array('_loop_key' => make_string_tempcode(is_integer($go_key) ? strval($go_key) : $go_key), '_i' => strval($col), '_first' => $first, '_last' => $col == count($array) - 1);
$bound = $param[$last]->bind($ps, '');
$value .= $bound->evaluate();
++$col;
if (isset($param[3]) && $col % $columns == 0) {
$value .= $row_terminator;
}
$first = false;
}
if (isset($param[2]) && $col % $columns != 0) {
$value .= $row_terminator;
}
}
break;
default:
require_code('site');
attach_message(do_lang_tempcode('UNKNOWN_DIRECTIVE', escape_html($name)), 'warn');
}
if ($escaped != array()) {
apply_tempcode_escaping($escaped, $value);
}
return $value;
}
// By elimination, it's language
$a = isset($param[0]) ? is_object($param[0]) ? $param[0]->evaluate() : $param[0] : NULL;
$b = isset($param[1]) ? is_object($param[1]) ? $param[1]->evaluate() : $param[1] : NULL;
$c = isset($param[2]) ? array_splice($param, 2) : NULL;
if ($c !== NULL) {
foreach ($c as $i => $cc) {
if (is_object($cc)) {
$c[$i] = $cc->evaluate();
}
}
}
static $dle = false;
if (!$dle) {
$dle = function_exists('do_lang');
}
$ret = $dle ? do_lang($name, $a, $b, $c, $lang, false) : escape_html($name . ':' . (!is_null($a) ? $a : '') . ',' . (!is_null($b) ? $b : ''));
if ($ret === NULL) {
if ($type != TC_PARAMETER) {
require_code('site');
attach_message(do_lang_tempcode('MISSING_LANG_ENTRY', escape_html($name)), 'warn');
}
$value = '';
if ($GLOBALS['XSS_DETECT']) {
ocp_mark_as_escaped($value);
}
return $value;
}
if ($escaped != array() && $escaped != array(ENTITY_ESCAPED)) {
apply_tempcode_escaping(array_diff($escaped, array(ENTITY_ESCAPED)), $ret);
}
// Escape but without ENTITY_ESCAPED because we don't do that on lang strings
return $ret;
}
/**
* Start up a search for page-links, writing results into the callback. Usually we pass a callback that builds a Sitemap XML file, but we don't need to- it can be anything.
*
* @param string Callback function to send discovered page-links to.
* @param MEMBER The member we are finding stuff for (we only find what the member can view).
* @param ?array Page-links to skip (NULL: none). Currently this only works on pages, but may be expanded in the future.
* @param integer Code for how deep we are tunnelling down, in terms of what kinds of things we'll go so far as to collect. Use DEPTH__* constants for the values.
*/
function spawn_page_crawl($callback, $member_id, $extra_filters = NULL, $depth = 1)
{
require_all_lang();
require_code('zones2');
if (is_null($extra_filters)) {
$extra_filters = array();
}
$comcode_page_rows = $GLOBALS['SITE_DB']->query_select('comcode_pages', array('*'));
$_zones = array();
$zones = find_all_zones(false, true, true);
// Reorder a bit
$zones2 = array();
foreach (array('', 'site') as $zone_match) {
foreach ($zones as $i => $zone) {
if ($zone[0] == $zone_match) {
$zones2[] = $zone;
unset($zones[$i]);
}
}
}
$zones2 = array_merge($zones2, $zones);
if (function_exists('set_time_limit')) {
@set_time_limit(0);
}
disable_php_memory_limit();
$GLOBALS['MEMORY_OVER_SPEED'] = true;
foreach ($zones2 as $z) {
list($zone, $zone_title, , $zone_default_page) = $z;
if (has_zone_access($member_id, $zone)) {
$done_zone_level = false;
$_pages = array();
$pages = find_all_pages_wrap($zone, false, false, FIND_ALL_PAGES__ALL);
foreach ($pages as $page => $page_type) {
if (is_integer($page)) {
$page = strval($page);
}
if (substr($page, 0, 6) == 'panel_') {
continue;
}
if (substr($page, 0, 1) == '_') {
continue;
}
if (in_array($zone . ':' . $page, $extra_filters)) {
continue;
}
if ($page == '404') {
continue;
}
if ($page == 'forums' && substr($page_type, 0, 7) == 'modules' && (get_forum_type() == 'ocf' || get_forum_type() == 'none')) {
continue;
}
if ($page == 'join' && substr($page_type, 0, 7) == 'modules' && !is_guest($member_id)) {
continue;
}
if (has_page_access($member_id, $page, $zone)) {
// Page level
$_entrypoints = array();
$__entrypoints = extract_module_functions_page($zone, $page, array('get_entry_points'));
if (!is_null($__entrypoints[0])) {
$entrypoints = is_array($__entrypoints[0]) ? call_user_func_array($__entrypoints[0][0], $__entrypoints[0][1]) : (strpos($__entrypoints[0], '::') !== false ? NULL : eval($__entrypoints[0]));
// The strpos thing is a little hack that allows it to work for base-class derived modules
if (is_null($entrypoints)) {
$path = zone_black_magic_filterer($zone . ($zone == '' ? '' : '/') . 'pages/' . $page_type . '/' . $page . '.php', true);
if (!defined('HIPHOP_PHP') && (ini_get('memory_limit') != '-1' && ini_get('memory_limit') != '0' || get_option('has_low_memory_limit') === '1') && strpos(file_get_contents(get_file_base() . '/' . $path), ' extends standard_aed_module') !== false) {
$new_code = str_replace(',parent::get_entry_points()', '', str_replace('parent::get_entry_points(),', '', $__entrypoints[0]));
if (strpos($new_code, 'parent::') !== false) {
continue;
}
$entrypoints = eval($new_code);
} else {
require_code($path);
if (class_exists('Mx_' . filter_naughty_harsh($page))) {
$object = object_factory('Mx_' . filter_naughty_harsh($page));
} else {
$object = object_factory('Module_' . filter_naughty_harsh($page));
}
$entrypoints = $object->get_entry_points();
}
}
} else {
$entrypoints = array('!');
}
if (!is_array($entrypoints)) {
$entrypoints = array('!');
}
if ($entrypoints == array('!')) {
if ($zone_default_page == $page) {
$done_zone_level = true;
}
$add_date = NULL;
$edit_date = NULL;
$pagelink = $zone_default_page == $page ? $zone : $zone . ':' . $page;
$title = ucwords(str_replace('_', ' ', $page));
if (substr($page_type, 0, 7) == 'comcode') {
foreach ($comcode_page_rows as $page_row) {
if ($page_row['p_validated'] == 0 && $page_row['the_page'] == $page && $page_row['the_zone'] == $zone) {
continue 2;
}
}
$path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt');
$add_date = filectime($path);
$edit_date = filemtime($path);
$page_contents = file_get_contents($path);
$matches = array();
if (preg_match('#\\[title[^\\]]*\\]#', $page_contents, $matches) != 0) {
$start = strpos($page_contents, $matches[0]) + strlen($matches[0]);
$end = strpos($page_contents, '[/title]', $start);
$matches = array();
if (preg_match('#^[^\\[\\{\\&]*$#', substr($page_contents, $start, $end - $start), $matches) != 0) {
$title = $matches[0];
} else {
$_title = comcode_to_tempcode(substr($page_contents, $start, $end - $start), NULL, true);
$title = strip_tags(@html_entity_decode($_title->evaluate(), ENT_QUOTES, get_charset()));
}
}
} elseif (substr($page_type, 0, 4) == 'html') {
$path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.htm');
$add_date = filectime($path);
$edit_date = filemtime($path);
$page_contents = file_get_contents($path);
$matches = array();
if (preg_match('#\\<title[^\\>]*\\>#', $page_contents, $matches) != 0) {
$start = strpos($page_contents, $matches[0]) + strlen($matches[0]);
$end = strpos($page_contents, '</title>', $start);
$title = strip_tags(@html_entity_decode(substr($page_contents, $start, $end - $start), ENT_QUOTES, get_charset()));
}
}
// Callback
call_user_func_array($callback, array($pagelink, $zone, $add_date, $edit_date, $zone_default_page == $page ? 1.0 : 0.8, $title));
} elseif (count($entrypoints) != 0) {
// Entry point level
$done_top = false;
if ($depth >= DEPTH__ENTRY_POINTS) {
foreach ($entrypoints as $entrypoint => $title) {
if ($entrypoint == '!') {
$pagelink = $zone . ':' . $page;
$done_top = true;
if ($zone_default_page == $page) {
$done_zone_level = true;
}
} else {
$pagelink = $zone . ':' . $page . ':' . $entrypoint;
if ($zone_default_page == $page && $entrypoint == 'misc') {
$done_zone_level = true;
}
}
// Callback
call_user_func_array($callback, array($pagelink, count($_entrypoints) > 1 && $entrypoint != '!' ? $zone . ':' . $page : $zone, NULL, NULL, $entrypoint == '!' || $entrypoint == 'misc' ? 0.8 : 0.7, $title));
}
}
//ksort($_entrypoints);
$title = do_lang('MODULE_TRANS_NAME_' . $page, NULL, NULL, NULL, NULL, false);
if (is_null($title)) {
$title = ucwords(str_replace('_', ' ', preg_replace('#^ocf\\_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote($zone)) . '_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote(str_replace('zone', '', $zone))) . '_#', '', $page)))));
}
if (count($_entrypoints) > 1 && !$done_top) {
// Callback
call_user_func_array($callback, array($zone . ':' . $page, $zone, NULL, NULL, 0.8, $title, false));
}
}
// Categories
if ($depth >= DEPTH__CATEGORIES) {
$__sitemap_pagelinks = extract_module_functions_page($zone, $page, array('get_sitemap_pagelinks'), array($callback, $member_id, $depth, $zone . ':' . $page . ':'));
if (!is_null($__sitemap_pagelinks[0])) {
if (is_array($__sitemap_pagelinks[0])) {
call_user_func_array($__sitemap_pagelinks[0][0], $__sitemap_pagelinks[0][1]);
} else {
eval($__sitemap_pagelinks[0]);
}
}
}
}
}
// Zone level
if (!$done_zone_level) {
// Callback
call_user_func_array($callback, array($zone, '', filectime(get_file_base() . '/' . $zone), NULL, 1.0, $zone_title));
}
}
}
}
function activities_ajax_removal_handler()
{
$is_guest = false;
//Can't be doing with overcomplicated SQL breakages. Weed it out.
$guest_id = intval($GLOBALS['FORUM_DRIVER']->get_guest_id());
$viewer_id = intval(get_member());
//We'll need this later anyway.
if ($guest_id == $viewer_id) {
$is_guest = true;
}
$can_remove_others = has_zone_access($viewer_id, 'adminzone') ? true : false;
header('Content-Type: text/xml');
header("Cache-Control: no-cache, must-revalidate");
// HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
// Date in the past
$response = '<' . '?xml version="1.0" encoding="' . get_charset() . '" ?' . '>';
$response .= '<response>';
$stat_id = post_param_integer('removal_id', -1);
$stat_owner = $stat_id != -1 ? $GLOBALS['SITE_DB']->query_value_null_ok('activities', 'a_member_id', array('id' => $stat_id)) : NULL;
if ($is_guest !== true && !is_null($stat_owner)) {
if ($stat_owner != $viewer_id && $can_remove_others !== true) {
$response .= '<success>0</success><err>perms</err>';
$response .= '<feedback>You do not have permission to remove this status message.</feedback><status_id>' . strval($stat_id) . '</status_id>';
} else {
$GLOBALS['SITE_DB']->query_delete('activities', array('id' => $stat_id), '', 1);
$response .= '<success>1</success><feedback>Message deleted.</feedback><status_id>' . strval($stat_id) . '</status_id>';
}
} elseif (is_null($stat_owner)) {
$response .= '<success>0</success><err>missing</err><feedback>Missing ID for status removal or id does not exist.</feedback>';
} else {
$response .= '<success>0</success><feedback>Login expired, you must log in again to post</feedback>';
}
$response .= '</response>';
echo $response;
}
/**
* Standard code module initialisation function.
*/
function init__global2()
{
global $BOOTSTRAPPING, $CHECKING_SAFEMODE, $BAD_WORD_CHARS, $FIXED_WORD_CHARS, $FIXED_WORD_CHARS_HTML, $BROWSER_DECACHEING, $CHARSET, $TEMP_CHARSET, $RELATIVE_PATH, $CURRENTLY_HTTPS, $RUNNING_SCRIPT_CACHE, $SERVER_TIMEZONE, $HAS_SET_ERROR_HANDLER, $DYING_BADLY, $XSS_DETECT, $SITE_INFO, $JAVASCRIPTS, $JAVASCRIPT, $CSSS, $IN_MINIKERNEL_VERSION, $EXITING, $FILE_BASE, $MOBILE, $CACHE_TEMPLATES, $BASE_URL_HTTP, $BASE_URL_HTTPS, $WORDS_TO_FILTER, $FIELD_RESTRICTIONS, $VALID_ENCODING, $CONVERTED_ENCODING, $MICRO_BOOTUP, $MICRO_AJAX_BOOTUP, $QUERY_LOG, $_CREATED_FILES, $CURRENT_SHARE_USER, $CACHE_FIND_SCRIPT;
if (str_replace(array('on', 'true', 'yes'), array('1', '1', '1'), strtolower(ini_get('output_buffering'))) == '1') {
@ob_end_clean();
}
if (array_key_exists('HTTP_X_REWRITE_URL', $_SERVER)) {
foreach ($_GET as $key => $val) {
if ($key[0] == '?') {
unset($_GET[$key]);
$_GET[substr($key, 1)] = $val;
}
}
$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_REWRITE_URL'];
} elseif (!array_key_exists('REQUEST_URI', $_SERVER) && !array_key_exists('REQUEST_URI', $_ENV)) {
$_SERVER['REQUEST_URI'] = $_SERVER['PHP_SELF'];
$first = true;
foreach ($_GET as $key => $val) {
$_SERVER['REQUEST_URI'] .= $first ? '?' : '&';
$_SERVER['REQUEST_URI'] .= urlencode($key) . '=' . urlencode($val);
$first = false;
}
}
if (array_key_exists('SCRIPT_FILENAME', $_SERVER) && !array_key_exists('PHP_SELF', $_SERVER)) {
$_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_FILENAME'];
} elseif (array_key_exists('SCRIPT_NAME', $_SERVER) && defined('HIPHOP_PHP')) {
$_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_NAME'];
}
@header('Expires: Mon, 20 Dec 1998 01:00:00 GMT');
@header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
@header('Cache-Control: no-cache, max-age=0');
@header('Pragma: no-cache');
// for proxies, and also IE
if (is_file('closed.html') && get_param_integer('keep_force_open', 0) == 0) {
if (strpos($_SERVER['PHP_SELF'], 'upgrader.php') === false && strpos($_SERVER['PHP_SELF'], 'execute_temp.php') === false && (!isset($SITE_INFO['no_extra_closed_file']) || $SITE_INFO['no_extra_closed_file'] == '0')) {
if (@strpos($_SERVER['SERVER_SOFTWARE'], 'IIS') === false) {
header('HTTP/1.0 503 Service Temporarily Unavailable');
}
header('Location: ' . (is_file($RELATIVE_PATH . 'closed.html') ? 'closed.html' : '../closed.html'));
exit;
}
}
// Cover up holes in old PHP versions functionality
if (!function_exists('str_word_count')) {
/**
* Isolate the words in the input string.
*
* @param string String to count words in
* @param integer The format
* @set 0 1 2
* @return mixed Typically a list - the words of the input string
*/
function str_word_count($input, $format = 0)
{
//count words
$pattern = "/[^(\\w|\\d|\\'|\"|\\.|\\!|\\?|;|,|\\|\\/|\\-\\-|:|\\&|@)]+/";
$all_words = trim(preg_replace($pattern, ' ', $input));
$a = array();
$pos = 0;
while (true) {
$old_pos = $pos;
$pos = strpos($all_words, ' ', $pos);
if ($pos === false) {
$a[$old_pos] = substr($all_words, $old_pos);
break;
}
$a[$old_pos] = substr($all_words, $old_pos, $pos - $old_pos);
}
if ($format == 0) {
return count($a);
}
return $a;
}
}
if (!function_exists('html_entity_decode')) {
/**
* Decode the HTML entitity encoded input string.
*
* @param string The text to decode
* @param integer The quote style code
* @param ?string Character set to decode to (NULL: default)
* @return string The decoded text
*/
function html_entity_decode($input, $quote_style, $charset = NULL)
{
unset($quote_style);
unset($charset);
/* // NB:   does not go to <space>. It's not something you use with html escaping, it's for hard-space-formatting. URL's don't contain spaces, but that's due to URL escaping (%20)
$replace_array=array(
'&'=>'&',
'>'=>'>',
'<'=>'<',
'''=>'\'',
'"'=>'"',
);
foreach ($replace_array as $from=>$to)
{
$input=str_replace($from,$to,$input);
}
return $input;*/
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
$trans_tbl = array_flip($trans_tbl);
return strtr($input, $trans_tbl);
}
}
if (version_compare(phpversion(), '4.3.0') >= 0) {
if (!function_exists('unichrm_hex')) {
/**
* Convert a unicode character number to a unicode string. Callback for preg_replace.
*
* @param array Regular expression match array.
* @return ~string Converted data (false: could not convert).
*/
function unichrm_hex($matches)
{
return unichr(hexdec($matches[1]));
}
}
if (!function_exists('unichrm')) {
/**
* Convert a unicode character number to a unicode string. Callback for preg_replace.
*
* @param array Regular expression match array.
* @return ~string Converted data (false: could not convert).
*/
function unichrm($matches)
{
return unichr(intval($matches[1]));
}
}
if (!function_exists('unichr')) {
/**
* Convert a unicode character number to a HTML-entity enabled string, using lower ASCII characters where possible.
*
* @param integer Character number.
* @return ~string Converted data (false: could not convert).
*/
function unichr($c)
{
if ($c <= 0x7f) {
return chr($c);
} else {
return '#&' . strval($c) . ';';
}
}
}
}
$BOOTSTRAPPING = 1;
$CHECKING_SAFEMODE = false;
$BAD_WORD_CHARS = array(chr(128), chr(130), chr(131), chr(132), chr(133), chr(134), chr(135), chr(136), chr(137), chr(138), chr(139), chr(140), chr(142), chr(145), chr(146), chr(147), chr(148), chr(149), chr(150), chr(151), chr(152), chr(153), chr(154), chr(155), chr(156), chr(158), chr(159));
$FIXED_WORD_CHARS = array('(EUR-)', ',', '{f.}', '"', '...', '-|-', '=|=', '^', '{%o}', '{~S}', '<', 'CE', '{~Z}', "'", "'", '"', '"', '-', '-', '--', '~', '(TM)', '{~s}', '>', 'ce', '{~z}', '{.Y.}');
// some of these are Comcode shortcuts. We can't use entities as we can't assume we're converting into Comcode.
$FIXED_WORD_CHARS_HTML = array('€', '‚', 'ƒ', '„', '…', '†', '‡', 'ˆ', '‰', 'Š', '‹', 'Œ', 'Ž', "‘", "’", '“', '”', '•', '–', '—', '˜', '™', 'š', '›', 'œ', 'ž', 'Ÿ');
$RUNNING_SCRIPT_CACHE = array();
$BROWSER_DECACHEING = NULL;
$CHARSET = NULL;
$TEMP_CHARSET = NULL;
$CURRENTLY_HTTPS = NULL;
$CACHE_FIND_SCRIPT = array();
error_reporting(E_ALL);
@ini_set('html_errors', '1');
@ini_set('docref_root', 'http://www.php.net/manual/en/');
@ini_set('docref_ext', '.php');
$SERVER_TIMEZONE = function_exists('date_default_timezone_get') ? @date_default_timezone_get() : ini_get('date.timezone');
@ini_set('date.timezone', 'UTC');
if (function_exists('date_default_timezone_set')) {
date_default_timezone_set('UTC');
}
// Needed for HPHP
$HAS_SET_ERROR_HANDLER = false;
$DYING_BADLY = false;
// If ocPortal is bailing out uncontrollably, setting this will make sure the error hander does not try and suppress
$XSS_DETECT = function_exists('ocp_mark_as_escaped');
$GLOBALS['DEBUG_MODE'] = (!array_key_exists('debug_mode', $SITE_INFO) || $SITE_INFO['debug_mode'] == '1') && (is_dir(get_file_base() . '/.svn') || is_dir(get_file_base() . '/.git') || function_exists('ocp_mark_as_escaped')) && (!array_key_exists('keep_no_debug_mode', $_GET) || $_GET['keep_no_debug_mode'] == '0');
$GLOBALS['SEMI_DEBUG_MODE'] = (!array_key_exists('debug_mode', $SITE_INFO) || $SITE_INFO['debug_mode'] == '1') && (is_dir(get_file_base() . '/.svn') || is_dir(get_file_base() . '/.git') || function_exists('ocp_mark_as_escaped'));
if (function_exists('set_time_limit')) {
@set_time_limit(60);
}
if ($GLOBALS['DEBUG_MODE']) {
if (function_exists('set_time_limit')) {
@set_time_limit(10);
}
@ini_set('ocproducts.type_strictness', '1');
@ini_set('ocproducts.xss_detect', '1');
}
if ($GLOBALS['DEBUG_MODE']) {
require_code('developer_tools');
}
$JAVASCRIPTS = array('javascript' => 1, 'javascript_thumbnails' => 1);
if ($GLOBALS['CURRENT_SHARE_USER'] !== NULL || get_domain() == 'myocp.com') {
$JAVASCRIPTS['javascript_ajax'] = 1;
}
$CSSS = array('no_cache' => 1, 'global' => 1);
// Try and make the PHP environment as we need it
if (function_exists('set_magic_quotes_runtime')) {
@set_magic_quotes_runtime(0);
}
// @'d because it's deprecated and PHP 5.3 may give an error
@ini_set('auto_detect_line_endings', '0');
@ini_set('include_path', '');
@ini_set('default_socket_timeout', '60');
@ini_set('allow_url_fopen', '0');
@ini_set('suhosin.executor.disable_emodifier', '1');
// Extra security if suhosin is available
@ini_set('suhosin.executor.multiheader', '1');
// Extra security if suhosin is available
@ini_set('suhosin.executor.disable_eval', '0');
@ini_set('suhosin.executor.eval.whitelist', '');
@ini_set('suhosin.executor.func.whitelist', '');
// Load most basic config
$IN_MINIKERNEL_VERSION = 0;
$EXITING = 0;
if (array_key_exists('use_ocf', $_GET) && running_script('upgrader')) {
$SITE_INFO['forum_type'] = 'ocf';
$SITE_INFO['ocf_table_prefix'] = $SITE_INFO['table_prefix'];
}
$CACHE_TEMPLATES = true;
// The URL to our install (no trailing /)
$BASE_URL_HTTP = NULL;
$BASE_URL_HTTPS = NULL;
$WORDS_TO_FILTER = NULL;
$FIELD_RESTRICTIONS = NULL;
$VALID_ENCODING = false;
$CONVERTED_ENCODING = false;
if (!isset($MICRO_BOOTUP)) {
$MICRO_BOOTUP = 0;
}
if (!isset($MICRO_AJAX_BOOTUP)) {
$MICRO_AJAX_BOOTUP = 0;
}
require_code_no_override('version');
if ($MICRO_BOOTUP == 0 && $MICRO_AJAX_BOOTUP == 0) {
//@header('X-Powered-By: ocPortal '.ocp_version_full().' (PHP '.phpversion().')');
@header('X-Powered-By: ocPortal');
// Better to keep it vague, for security reasons
$QUERY_LOG = false;
if (isset($_REQUEST['special_page_type']) && $_REQUEST['special_page_type'] == 'query') {
$QUERY_LOG = true;
}
}
// Most critical things
require_code('support');
// A lot of support code is present in this
srand(make_seed());
mt_srand(make_seed());
if ($MICRO_BOOTUP == 0 && $MICRO_AJAX_BOOTUP == 0) {
if (running_script('index') && count($_POST) == 0) {
$bot_type = get_bot_type();
if ($bot_type !== NULL && isset($SITE_INFO['fast_spider_cache']) && $SITE_INFO['fast_spider_cache'] != '0') {
fast_spider_cache(true);
}
}
}
require_code('caches');
// Recently taken out of 'support' so makes sense to load it here
require_code('database');
// There's nothing without the database
if ((!isset($SITE_INFO['known_suexec']) || $SITE_INFO['known_suexec'] == '0') && !is_writable_wrap(get_file_base() . '/.htaccess')) {
require_code('support2');
if (ip_banned(get_ip_address())) {
critical_error('BANNED');
}
}
if (running_script('messages') && get_param('action', 'new') == 'new' && get_param_integer('routine_refresh', 0) == 0) {
require_code('chat_poller');
chat_poller();
}
if ($MICRO_BOOTUP == 0) {
load_user_stuff();
}
// For any kind of niceness we need these. The order is chosen for complex dependency reasons - don't mess with it
if ($MICRO_AJAX_BOOTUP == 0) {
require_code('themes');
// Output needs to know about themes
require_code('templates');
// So that we can do error templates
require_code('tempcode');
// Output is done with tempcode
if ($MICRO_BOOTUP == 0) {
require_code('comcode');
// Much output goes through comcode
}
}
require_code('zones');
// Zone is needed because zones are where all ocPortal pages reside
require_code('config');
// Config is needed for much active stuff
if (get_option('collapse_user_zones', true) === '1' && $RELATIVE_PATH == 'site') {
get_base_url();
/*force calculation first*/
$RELATIVE_PATH = '';
}
require_code('users');
// Users are important due to permissions
if ($MICRO_BOOTUP == 0 && $MICRO_AJAX_BOOTUP == 0) {
if (running_script('index') && count($_POST) == 0) {
if (isset($SITE_INFO['any_guest_cached_too']) && $SITE_INFO['any_guest_cached_too'] == '1' && is_guest(NULL, true)) {
fast_spider_cache(false);
}
}
}
$CACHE_TEMPLATES = (get_option('is_on_template_cache') == '1' || get_param_integer('keep_cache', 0) == 1 || get_param_integer('cache', 0) == 1) && get_param_integer('keep_cache', NULL) !== 0 && get_param_integer('cache', NULL) !== 0;
if ($MICRO_AJAX_BOOTUP == 0) {
require_code('temporal');
// Date/time functions
require_code('files');
// Contains fix_permissions, needed for 'lang'
require_code('lang');
// So that we can do language stuff (e.g. errors)
convert_data_encodings();
if ($MICRO_BOOTUP == 0) {
require_code('permissions');
// So we can check access
}
}
// At this point we can display errors nicely
$GLOBALS['SUPPRESS_ERROR_DEATH'] = false;
set_error_handler('ocportal_error_handler');
if (function_exists('error_get_last')) {
register_shutdown_function('catch_fatal_errors');
}
$HAS_SET_ERROR_HANDLER = true;
if ($MICRO_BOOTUP == 0) {
if (method_exists($GLOBALS['FORUM_DRIVER'], 'forum_layer_initialise')) {
$GLOBALS['FORUM_DRIVER']->forum_layer_initialise();
}
}
if ($MICRO_AJAX_BOOTUP == 0) {
$JAVASCRIPT = new ocp_tempcode();
}
if ($MICRO_BOOTUP == 0) {
if ($IN_MINIKERNEL_VERSION != 1 && $MICRO_AJAX_BOOTUP == 0) {
has_cookies();
// Will determine at early point whether we have cookie support
get_num_users_site();
// Will kill site if there are too many users
}
}
require_code('urls');
// URL building is crucial
@header('Content-type: text/html; charset=' . get_charset());
if ($MICRO_AJAX_BOOTUP == 0 && $MICRO_BOOTUP == 0) {
// Before anything gets outputted
handle_logins();
require_code('site');
// This powers the site (top level page generation)
// Are we installed?
get_option('site_name');
}
// Our logging (change false to true for temporarily changing it so staff get logging)
if (get_option('log_php_errors') == '1') {
@ini_set('log_errors', '1');
if (addon_installed('errorlog')) {
@ini_set('error_log', get_custom_file_base() . '/data_custom/errorlog.php');
}
}
if ($MICRO_BOOTUP == 0 && $MICRO_AJAX_BOOTUP == 0 && (get_option('display_php_errors') == '1' || running_script('upgrader') || has_specific_permission(get_member(), 'see_php_errors'))) {
@ini_set('display_errors', '1');
} elseif (!$GLOBALS['DEBUG_MODE']) {
@ini_set('display_errors', '0');
}
// G-zip?
@ini_set('zlib.output_compression', get_option('gzip_output') == '1' ? 'On' : 'Off');
if (function_exists('setlocale') && $MICRO_AJAX_BOOTUP == 0) {
$locales = explode(',', do_lang('locale'));
setlocale(LC_ALL, $locales[0]);
@setlocale(LC_ALL, $locales);
unset($locales);
}
if ($MICRO_AJAX_BOOTUP == 0 && $MICRO_BOOTUP == 0 && (!isset($SITE_INFO['no_installer_checks']) || $SITE_INFO['no_installer_checks'] == '0')) {
if (is_file(get_file_base() . '/install.php') && !is_file(get_file_base() . '/install_ok') && running_script('index')) {
warn_exit(do_lang_tempcode('MUST_DELETE_INSTALLER'));
}
}
if ($MICRO_AJAX_BOOTUP == 0 && $MICRO_BOOTUP == 0) {
$changed_base_url = !array_key_exists('base_url', $SITE_INFO) && get_long_value('last_base_url') !== get_base_url(false);
if (running_script('index') && (is_browser_decacheing() || $changed_base_url)) {
require_code('view_modes');
erase_tempcode_cache();
erase_cached_templates(!$changed_base_url);
erase_comcode_cache();
erase_cached_language();
persistant_cache_empty();
if ($changed_base_url) {
require_lang('zones');
require_code('zones3');
erase_comcode_page_cache();
set_long_value('last_base_url', get_base_url(false));
}
}
if (has_zone_access(get_member(), 'adminzone')) {
$JAVASCRIPTS['javascript_staff'] = 1;
$JAVASCRIPTS['javascript_ajax'] = 1;
if (addon_installed('occle')) {
$JAVASCRIPTS['javascript_button_occle'] = 1;
}
}
if (addon_installed('realtime_rain') && get_option('bottom_show_realtime_rain_button', true) === '1') {
$JAVASCRIPTS['javascript_button_realtime_rain'] = 1;
}
}
/*ocp_memory_profile('startup');
$func=get_defined_functions();
print_r($func['user']);*/
if (tacit_https() || is_page_https(get_zone_name(), get_page_name())) {
@header('Cache-Control: private');
@header('Pragma: private');
}
$BOOTSTRAPPING = 0;
if ($GLOBALS['SEMI_DEBUG_MODE'] && $MICRO_AJAX_BOOTUP == 0) {
if ($GLOBALS['SEMI_DEBUG_MODE']) {
/*if ((mt_rand(0,2)==1) && ($GLOBALS['DEBUG_MODE']) && (running_script('index'))) We know this works now, so let's stop messing up our development speed
{
require_code('view_modes');
erase_cached_templates(true); // Stop anything trying to read a template cache item (E.g. CSS, JS) that might not exist!
}*/
if (strpos(ocp_srv('HTTP_REFERER'), ocp_srv('HTTP_HOST')) !== false && strpos(ocp_srv('HTTP_REFERER'), 'keep_devtest') !== false && !running_script('attachment') && !running_script('upgrader') && strpos(ocp_srv('HTTP_REFERER'), 'login') === false && is_null(get_param('keep_devtest', NULL))) {
$_GET['keep_devtest'] = '1';
fatal_exit('URL not constructed properly: development mode in use but keep_devtest was not specified. This indicates that links have been made without build_url (in PHP) or keep_stub (in Javascript). Whilst not fatal this time, failure to use these functions can cause problems when your site goes live. See the ocPortal codebook for more details.');
} else {
$_GET['keep_devtest'] = '1';
}
}
if (browser_matches('true_xhtml') && get_value('html5') !== '1' && get_value('html5') !== '_true' && get_param_integer('keep_no_xhtml', 0) == 0 && !running_script('upgrader')) {
@header('Content-type: application/xhtml+xml; charset=' . get_charset());
}
if (isset($_CREATED_FILES)) {
/**
* Run after-tests for debug mode, to make sure coding standards are met.
*/
function debug_mode_aftertests()
{
global $_CREATED_FILES, $_MODIFIED_FILES;
// Use the info from ocProduct's custom PHP version to make sure that all files that were created/modified got synched as they should have been.
foreach ($_CREATED_FILES as $file) {
if (substr($file, 0, strlen(get_file_base())) == get_file_base() && substr($file, -4) != '.log' && basename($file) != 'permissioncheckslog.php') {
@exit(escape_html('File not permission-synched: ' . $file));
}
}
foreach ($_MODIFIED_FILES as $file) {
if (strpos($file, '_cache') === false && substr($file, 0, strlen(get_file_base())) == get_file_base() && substr($file, -4) != '.log' && basename($file) != 'permissioncheckslog.php') {
@exit(escape_html('File not change-synched: ' . $file));
}
}
global $TITLE_CALLED, $SCREEN_TEMPLATE_CALLED, $EXITING;
if (is_null($SCREEN_TEMPLATE_CALLED) && $EXITING == 0 && strpos(ocp_srv('PHP_SELF'), 'index.php') !== false) {
@exit(escape_html('No screen template called.'));
}
if (!$TITLE_CALLED && (is_null($SCREEN_TEMPLATE_CALLED) || $SCREEN_TEMPLATE_CALLED != '') && $EXITING == 0 && strpos(ocp_srv('PHP_SELF'), 'index.php') !== false) {
@exit(escape_html('No title used on screen.'));
}
}
register_shutdown_function('debug_mode_aftertests');
}
if (ocp_srv('SCRIPT_FILENAME') != '' && $GLOBALS['DEBUG_MODE'] && strpos(ocp_srv('SCRIPT_FILENAME'), 'data_custom') === false) {
if (@strlen(file_get_contents(ocp_srv('SCRIPT_FILENAME'), FILE_TEXT)) > 4500) {
fatal_exit('Entry scripts (front controllers) should not be shoved full of code.');
}
}
}
// FirePHP console support, only for administrators
if ((get_param_integer('keep_firephp', 0) == 1 || get_param_integer('keep_queries', 0) == 1) && ($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member()) || $GLOBALS['IS_ACTUALLY_ADMIN'])) {
require_code('firephp');
}
$default_memory_limit = get_value('memory_limit');
if (is_null($default_memory_limit) || $default_memory_limit == '' || $default_memory_limit == '0' || $default_memory_limit == '-1') {
$default_memory_limit = '64M';
}
@ini_set('memory_limit', $default_memory_limit);
if (isset($GLOBALS['FORUM_DRIVER']) && $GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
if (get_param_integer('keep_avoid_memory_limit', 0) == 1) {
disable_php_memory_limit();
}
$memory_test = get_param_integer('keep_memory_limit_test', 0);
if ($memory_test != 0 && $memory_test <= 32) {
@ini_set('memory_limit', strval($memory_test) . 'M');
}
}
if (get_option('sitewide_im', true) === '1' && running_script('index') && get_param('type', 'misc', true) != 'room') {
require_code('chat');
enter_chat_lobby();
}
// Startup hooks
if (!running_script('upgrader')) {
$startup_hooks = find_all_hooks('systems', 'startup');
foreach (array_keys($startup_hooks) as $hook) {
require_code('hooks/systems/startup/' . filter_naughty_harsh($hook));
$ob = object_factory('Hook_startup_' . filter_naughty_harsh($hook), true);
if ($ob === NULL) {
continue;
}
$ob->run($MICRO_BOOTUP, $MICRO_AJAX_BOOTUP, 0);
}
if ($CURRENT_SHARE_USER !== NULL && float_to_raw_string(ocp_version_number()) != get_value('version')) {
require_code('upgrade');
clear_caches_2();
version_specific();
upgrade_modules();
ocf_upgrade();
}
}
}
/**
* Creates a Comcode editor.
*
* @param string The name of the field the editor is working for
* @param boolean Whether to make a cut-down version
* @return tempcode The Comcode editor
*/
function get_comcode_editor($field_name = 'post', $cut_down = false)
{
require_lang('comcode');
$buttons = new ocp_tempcode();
$_buttons = array();
// Non-wrappers
if (!$cut_down) {
$_buttons[] = get_option('is_on_gd') == '0' ? 'img' : 'thumb';
}
if (has_specific_permission(get_member(), 'comcode_dangerous')) {
$_buttons[] = 'block';
}
$_buttons[] = 'comcode';
if (!$cut_down) {
$_buttons[] = 'list';
}
// NB: list isn't actually a comcode tag, it's a textcode syntax
// Links
if (!$cut_down) {
$_buttons[] = 'url';
}
if (has_zone_access(get_member(), 'adminzone')) {
$_buttons[] = 'page';
}
//if (!$cut_down) $_buttons[]='email'; Not enough space any more
// Wrappers
$_buttons[] = 'quote';
if (get_value('simplify_wysiwyg_by_permissions') !== '1' || has_specific_permission(get_member(), 'allow_html')) {
$_buttons[] = 'box';
}
$_buttons[] = 'code';
//$_buttons[]='hide';
if (has_specific_permission(get_member(), 'allow_html')) {
if (!$cut_down) {
$_buttons[] = 'html';
}
}
foreach ($_buttons as $i => $button) {
$divider = false;
if ($button == 'url' || $button == 'quote' || $i == 0) {
$divider = true;
}
$buttons->attach(do_template('COMCODE_EDITOR_BUTTON', array('_GUID' => 'e4fe3bc16cec070e06532fedc598d075', 'DIVIDER' => $divider, 'FIELD_NAME' => $field_name, 'TITLE' => do_lang_tempcode('INPUT_COMCODE_' . $button), 'B' => $button)));
}
$micro_buttons = new ocp_tempcode();
if (!$cut_down) {
$_micro_buttons = array(array('t' => 'b'), array('t' => 'i'));
foreach ($_micro_buttons as $button) {
$micro_buttons->attach(do_template('COMCODE_EDITOR_MICRO_BUTTON', array('_GUID' => 'dbab001b3fa5480bb590ffed3ca81eaf', 'FIELD_NAME' => $field_name, 'TITLE' => do_lang_tempcode('INPUT_COMCODE_' . $button['t']), 'B' => $button['t'])));
}
}
return do_template('COMCODE_EDITOR', array('_GUID' => 'ebff3145776a0441d115f2e4e13617d6', 'POSTING_FIELD' => $field_name, 'BUTTONS' => $buttons, 'MICRO_BUTTONS' => $micro_buttons));
}
/**
* Standard modular run function for search results.
*
* @param string Search string
* @param boolean Whether to only do a META (tags) search
* @param ID_TEXT Order direction
* @param integer Start position in total results
* @param integer Maximum results to return in total
* @param boolean Whether only to search titles (as opposed to both titles and content)
* @param string Where clause that selects the content according to the main search string (SQL query fragment) (blank: full-text search)
* @param SHORT_TEXT Username/Author to match for
* @param ?MEMBER Member-ID to match for (NULL: unknown)
* @param TIME Cutoff date
* @param string The sort type (gets remapped to a field in this function)
* @set title add_date
* @param integer Limit to this number of results
* @param string What kind of boolean search to do
* @set or and
* @param string Where constraints known by the main search code (SQL query fragment)
* @param string Comma-separated list of categories to search under
* @param boolean Whether it is a boolean search
* @return array List of maps (template, orderer)
*/
function run($content, $only_search_meta, $direction, $max, $start, $only_titles, $content_where, $author, $author_id, $cutoff, $sort, $limit_to, $boolean_operator, $where_clause, $search_under, $boolean_search)
{
$remapped_orderer = '';
switch ($sort) {
case 'title':
$remapped_orderer = 'the_page';
break;
case 'add_date':
$remapped_orderer = 'the_zone';
// Stucked
break;
}
load_up_all_self_page_permissions(get_member());
$sq = build_search_submitter_clauses('p_submitter', $author_id, $author);
if (is_null($sq)) {
return array();
} else {
$where_clause .= $sq;
}
if (!$GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
$where_clause .= ' AND ';
$where_clause .= 'z.zone_name IS NOT NULL';
}
if (strpos($content, 'panel_') === false) {
$where_clause .= ' AND ';
$where_clause .= '(r.the_page NOT LIKE \'' . db_encode_like('panel\\_%') . '\') AND (r.the_page NOT LIKE \'' . db_encode_like('\\_%') . '\')';
}
if (!is_null($search_under) && $search_under != '!') {
$where_clause .= ' AND ';
$where_clause .= '(' . db_string_equal_to('r.the_zone', $search_under) . ')';
}
if (!has_specific_permission(get_member(), 'see_unvalidated')) {
$where_clause .= ' AND ';
$where_clause .= 'p_validated=1';
}
require_lang('zones');
$g_or = _get_where_clause_groups(get_member(), false);
// Calculate and perform query
if ($g_or == '') {
$rows = get_search_rows('comcode_page', 'the_zone:the_page', $content, $boolean_search, $boolean_operator, $only_search_meta, $direction, $max, $start, $only_titles, 'cached_comcode_pages r LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'comcode_pages q ON (q.the_zone=r.the_zone AND q.the_page=r.the_page)', array('r.cc_page_title', 'r.string_index'), $where_clause, $content_where, $remapped_orderer, 'r.*');
} else {
$rows = get_search_rows('comcode_page', 'the_zone:the_page', $content, $boolean_search, $boolean_operator, $only_search_meta, $direction, $max, $start, $only_titles, 'cached_comcode_pages r LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'comcode_pages q ON (q.the_zone=r.the_zone AND q.the_page=r.the_page) LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'group_zone_access z ON (z.zone_name=r.the_zone AND (' . str_replace('group_id', 'z.group_id', $g_or) . '))', array('r.cc_page_title', 'r.string_index'), $where_clause, $content_where, $remapped_orderer, 'r.*');
}
if (addon_installed('redirects_editor')) {
$redirects = $GLOBALS['SITE_DB']->query_select('redirects', array('*'));
} else {
$redirects = array();
}
$out = array();
$pages_found = array();
foreach ($rows as $i => $row) {
foreach ($redirects as $redirect) {
if ($redirect['r_from_page'] == $row['the_page'] && $redirect['r_from_zone'] == $row['the_zone']) {
continue 2;
}
}
if ($row['the_zone'] == '!') {
continue;
}
if (array_key_exists($row['the_zone'] . ':' . $row['the_page'], $pages_found)) {
continue;
}
$pages_found[$row['the_zone'] . ':' . $row['the_page']] = 1;
$out[$i]['data'] = $row + array('extra' => array($row['the_zone'], $row['the_page'], $limit_to));
if ($remapped_orderer != '' && array_key_exists($remapped_orderer, $row)) {
$out[$i]['orderer'] = $row[$remapped_orderer];
} elseif (substr($remapped_orderer, 0, 7) == '_rating') {
$out[$i]['orderer'] = $row['compound_rating'];
}
if (!has_page_access(get_member(), $row['the_page'], $row['the_zone'])) {
$out[$i]['restricted'] = true;
}
}
if ($author == '') {
// Make sure we record that for all cached Comcode pages, we know of them (only those not cached would not have been under the scope of the current search)
$all_pages = $GLOBALS['SITE_DB']->query_select('cached_comcode_pages', array('the_zone', 'the_page'));
foreach ($all_pages as $row) {
$pages_found[$row['the_zone'] . ':' . $row['the_page']] = 1;
}
// Now, look on disk for non-cached comcode pages
$zones = find_all_zones();
$i = count($out);
if (!is_null($search_under) && $search_under != '!') {
$zones = array($search_under);
}
foreach ($zones as $zone) {
if (!has_zone_access(get_member(), $zone)) {
continue;
}
$pages = find_all_pages($zone, 'comcode/' . user_lang(), 'txt') + find_all_pages($zone, 'comcode_custom/' . user_lang(), 'txt') + find_all_pages($zone, 'comcode/' . get_site_default_lang(), 'txt') + find_all_pages($zone, 'comcode_custom/' . get_site_default_lang(), 'txt');
foreach ($pages as $page => $dir) {
if (!is_string($page)) {
$page = strval($page);
}
if (!array_key_exists($zone . ':' . $page, $pages_found)) {
if (!has_page_access(get_member(), $page, $zone)) {
continue;
}
if (strpos($content, 'panel_') === false) {
if (substr($page, 0, 6) == 'panel_') {
continue;
}
}
if (substr($page, 0, 1) == '_') {
continue;
}
foreach ($redirects as $redirect) {
if ($redirect['r_from_page'] == $page && $redirect['r_from_zone'] == $zone) {
continue 2;
}
}
$path = zone_black_magic_filterer(($dir == 'comcode_custom' ? get_custom_file_base() : get_file_base()) . '/' . $zone . '/pages/' . $dir . '/' . $page . '.txt');
if (!is_null($cutoff) && filemtime($path) < $cutoff) {
continue;
}
$contents = file_get_contents($path, FILE_TEXT);
if ($only_titles) {
$contents = preg_replace('#^.*\\[title(="1")?\\](.*)\\[/title\\].*$#Us', '${2}', $contents);
}
if (in_memory_search_match(array('content' => $content, 'conjunctive_operator' => $boolean_operator), $contents)) {
$out[$i]['data'] = array('the_zone' => $zone, 'the_page' => $page) + array('extra' => array($zone, $page, $limit_to));
if ($remapped_orderer == 'the_page') {
$out[$i]['orderer'] = $page;
} elseif ($remapped_orderer == 'the_zone') {
$out[$i]['orderer'] = $zone;
}
$i++;
$GLOBALS['TOTAL_RESULTS']++;
// Let it cache for next time
if (get_option('is_on_comcode_page_cache') == '1') {
request_page($page, false, $zone, $dir, false, true);
}
}
}
}
}
}
return $out;
}
/**
* Find if a member's has access to a specified page. Zone permissions are taken into account for wherever the page is found at. Also support for category access and privileges. No support for entry-point checks, which are only carried out as an extension of page permissions when actually at a page.
*
* @param ?MEMBER The member being checked whether to have the access (NULL: current member)
* @param ?ID_TEXT The ID code for the page being checked (NULL: current page)
* @param ?ID_TEXT The ID code for the zone being checked (NULL: search)
* @param ?array A list of cat details to require access to (c-type-1,c-id-1,c-type-2,c-d-2,...) (NULL: N/A)
* @param ?mixed Either the ID code of a privilege, an array of alternatives that are acceptable (NULL: none required)
* @return boolean Whether the member has zone and page access
*/
function has_actual_page_access($member = NULL, $page = NULL, $zone = NULL, $cats = NULL, $sp = NULL)
{
if (running_script('upgrader')) {
return true;
}
if ($member === NULL) {
$member = get_member();
}
if ($page === NULL) {
$page = get_page_name();
$zone = get_zone_name();
} else {
if ($zone === '_SELF') {
$zone = get_zone_name();
} elseif ($zone === NULL || $zone == '_SEARCH') {
$zone = get_module_zone($page);
}
if ($zone === NULL) {
$zone = get_zone_name();
}
// Weird problem that can happen on some AJAX hooks
}
if (!has_zone_access($member, $zone)) {
return false;
}
if (!has_page_access($member, $page, $zone)) {
return false;
}
if ($cats !== NULL) {
for ($i = 0; $i < intval(floor(floatval(count($cats)) / 2.0)); $i++) {
if (is_null($cats[$i * 2])) {
continue;
}
if (!has_category_access($member, $cats[$i * 2 + 0], $cats[$i * 2 + 1])) {
return false;
}
}
}
if ($sp !== NULL) {
if (!is_array($sp)) {
$sp = array($sp);
}
$sp_acceptable = false;
foreach ($sp as $perm) {
if (has_specific_permission($member, $perm, $page, $cats)) {
$sp_acceptable = true;
}
}
if (!$sp_acceptable) {
return false;
}
}
return true;
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
require_lang('activities');
require_css('activities');
require_javascript('javascript_activities');
require_javascript('javascript_jquery');
require_javascript('javascript_base64');
if (!array_key_exists('max', $map)) {
$map['max'] = '10';
}
if (array_key_exists('param', $map)) {
$title = $map['param'];
} else {
$title = do_lang_tempcode('ACTIVITIES_TITLE');
}
// See if we're displaying for a specific member
if (array_key_exists('member', $map)) {
$member_ids = array_map('intval', explode(',', $map['member']));
} else {
// No specific user. Use ourselves.
$member_ids = array(get_member());
}
require_css('side_blocks');
require_lang('activities');
require_code('activities');
require_code('addons_overview');
$mode = array_key_exists('mode', $map) ? $map['mode'] : 'all';
$viewer_id = get_member();
//We'll need this later anyway.
$guest_id = $GLOBALS['FORUM_DRIVER']->get_guest_id();
list($proceed_selection, $whereville) = find_activities($viewer_id, $mode, $member_ids);
$can_remove_others = has_zone_access($viewer_id, 'adminzone') ? true : false;
$content = array();
global $NON_CANONICAL_PARAMS;
$NON_CANONICAL_PARAMS[] = 'act_start';
$start = get_param_integer('act_start', 0);
$max = get_param_integer('act_max', intval($map['max']));
if ($proceed_selection === true) {
$max_rows = $GLOBALS['SITE_DB']->query_value_null_ok_full('SELECT COUNT(*) FROM ' . get_table_prefix() . 'activities WHERE ' . $whereville);
require_code('templates_results_browser');
$results_browser = results_browser(do_lang('ACTIVITIES_TITLE'), NULL, $start, 'act_start', $max, 'act_max', $max_rows, NULL, NULL, true, false, 7, NULL, 'tab__activities');
$activities = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . get_table_prefix() . 'activities WHERE ' . $whereville . ' ORDER BY a_time DESC', $max, $start);
if (!is_null($activities) && count($activities) > 0) {
foreach ($activities as $row) {
list($message, $memberpic, $datetime, $member_url, $lang_string) = render_activity($row);
$content[] = array('LANG_STRING' => $lang_string, 'ADDON_ICON' => find_addon_icon($row['a_addon']), 'BITS' => $message, 'MEMPIC' => $memberpic, 'USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($row['a_member_id']), 'DATETIME' => strval($datetime), 'MEMBER_URL' => $member_url, 'LIID' => strval($row['id']), 'ALLOW_REMOVE' => $row['a_member_id'] == $viewer_id || $can_remove_others ? '1' : '0');
}
}
} else {
$results_browser = new ocp_tempcode();
}
// No entries
return do_template('BLOCK_MAIN_ACTIVITIES', array('TITLE' => $title, 'MODE' => $mode, 'MEMBER_IDS' => implode(',', $member_ids), 'CONTENT' => $content, 'GROW' => array_key_exists('grow', $map) ? $map['grow'] == '1' : true, 'RESULTS_BROWSER' => $results_browser, 'MAX' => $start == 0 ? strval($max) : NULL));
}
/**
* Standard modular run function for RSS hooks.
*
* @param string A list of categories we accept from
* @param TIME Cutoff time, before which we do not show results from
* @param string Prefix that represents the template set we use
* @set RSS_ ATOM_
* @param string The standard format of date to use for the syndication type represented in the prefix
* @param integer The maximum number of entries to return, ordering by date
* @return ?array A pair: The main syndication section, and a title (NULL: error)
*/
function run($_filters, $cutoff, $prefix, $date_string, $max)
{
$filters = explode(',', $_filters);
$content = new ocp_tempcode();
$_rows = $GLOBALS['SITE_DB']->query_select('cached_comcode_pages', array('the_page', 'the_zone', 'cc_page_title'));
$rows = array();
foreach ($_rows as $row) {
$rows[$row['the_zone'] . ':' . $row['the_page']] = $row;
}
$_rows2 = $GLOBALS['SITE_DB']->query_select('seo_meta', array('*'), array('meta_for_type' => 'comcode_page'));
$rows2 = array();
foreach ($_rows2 as $row) {
$rows2[$row['meta_for_id']] = $row;
}
$_rows3 = $GLOBALS['SITE_DB']->query_select('comcode_pages');
$rows3 = array();
foreach ($_rows3 as $row) {
$rows3[$row['the_zone'] . ':' . $row['the_page']] = $row;
}
$zones = find_all_zones(false, true);
foreach ($zones as $zone => $zone_details) {
if (!has_zone_access(get_member(), $zone)) {
continue;
}
if ($filters != array('')) {
$ok = false;
foreach ($filters as $filter) {
if ($zone == $filter) {
$ok = true;
}
}
if (!$ok) {
continue;
}
}
$pages = find_all_pages($zone, 'comcode_custom/' . get_site_default_lang(), 'txt', false, $cutoff);
foreach (array_keys($pages) as $i => $page) {
if ($i == $max) {
break;
}
if (substr($page, 0, 6) == 'panel_') {
continue;
}
if (!has_page_access(get_member(), $page, $zone)) {
continue;
}
$id = $zone . ':' . $page;
$page_request = _request_page($page, $zone);
if (strpos($page_request[0], 'COMCODE') === false) {
continue;
}
$path = $page_request[count($page_request) - 1];
$news_date = date($date_string, filectime($path));
$edit_date = date($date_string, filemtime($path));
if ($news_date == $edit_date) {
$edit_date = '';
}
$summary = '';
$news = '';
$author = '';
$news_title = xmlentities($page);
if (array_key_exists($id, $rows)) {
$_news_title = get_translated_text($rows[$id]['cc_page_title'], NULL, NULL, true);
if (is_null($_news_title)) {
$_news_title = '';
}
$news_title = xmlentities($_news_title);
}
if (array_key_exists($id, $rows2)) {
$summary = xmlentities(get_translated_text($rows2[$id]['meta_description']));
}
if (array_key_exists($id, $rows3)) {
if (!has_specific_permission(get_member(), 'see_unvalidated') && $rows3[$id]['p_validated'] == 0) {
continue;
}
$author = $GLOBALS['FORUM_DRIVER']->get_username($rows3[$id]['p_submitter']);
$news_date = date($date_string, $rows3[$id]['p_add_date']);
$edit_date = date($date_string, $rows3[$id]['p_edit_date']);
if ($news_date == $edit_date) {
$edit_date = '';
}
}
if (is_null($author)) {
$author = '';
}
$category = $zone_details[1];
$category_raw = $zone;
$view_url = build_url(array('page' => $page), $zone, NULL, false, false, true);
$if_comments = new ocp_tempcode();
$content->attach(do_template($prefix . 'ENTRY', array('VIEW_URL' => $view_url, 'SUMMARY' => $summary, 'EDIT_DATE' => $edit_date, 'IF_COMMENTS' => $if_comments, 'TITLE' => $news_title, 'CATEGORY_RAW' => $category_raw, 'CATEGORY' => $category, 'AUTHOR' => $author, 'ID' => $id, 'NEWS' => $news, 'DATE' => $news_date)));
}
}
require_lang('zones');
return array($content, do_lang('COMCODE_PAGES'));
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
unset($map);
require_css('side_blocks');
$member = get_member();
$forum = get_forum_type();
$content = new ocp_tempcode();
$links = new ocp_tempcode();
if (!is_guest()) {
// Admins can jump user
$has_su = get_option('ocp_show_su') == '1' && has_specific_permission(get_member(), 'assume_any_member');
$staff_actions = new ocp_tempcode();
$username = $GLOBALS['FORUM_DRIVER']->get_username(get_member());
if ($forum != 'none') {
if (!has_no_forum() && get_option('forum_show_personal_stats_posts') == '1') {
// Post count
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('_GUID' => '371dfee46e8c40b1b109e0350055f8cc', 'KEY' => do_lang_tempcode('COUNT_POSTSCOUNT'), 'VALUE' => integer_format($GLOBALS['FORUM_DRIVER']->get_post_count($member)))));
}
if (!has_no_forum() && get_option('forum_show_personal_stats_topics') == '1') {
// Topic count
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('KEY' => do_lang_tempcode('COUNT_TOPICSCOUNT'), 'VALUE' => integer_format($GLOBALS['FORUM_DRIVER']->get_topic_count($member)))));
}
// Member profile view link
if (get_option('ocf_show_profile_link') == '1') {
$url = $GLOBALS['FORUM_DRIVER']->member_profile_url($member, true, true);
$links->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINK', array('_GUID' => '2c8648c953c802a9de41c3adeef0e97f', 'NAME' => do_lang_tempcode('MY_PROFILE'), 'URL' => $url, 'REL' => 'me')));
}
}
// Point count and point profile link
if (addon_installed('points')) {
require_lang('points');
require_code('points');
if (get_option('points_show_personal_stats_points_left') == '1') {
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('_GUID' => '6241e58e30457576735f3a2618fd7fff', 'KEY' => do_lang_tempcode('COUNT_POINTS_LEFT'), 'VALUE' => integer_format(available_points($member)))));
}
if (get_option('points_show_personal_stats_points_used') == '1') {
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('_GUID' => '6241e58edfdsf735f3a2618fd7fff', 'KEY' => do_lang_tempcode('COUNT_POINTS_USED'), 'VALUE' => integer_format(points_used($member)))));
}
if (get_option('points_show_personal_stats_total_points') == '1') {
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('_GUID' => '3e6183abf9054574c0cd292d25a4fe5c', 'KEY' => do_lang_tempcode('COUNT_POINTS_EVER'), 'VALUE' => integer_format(total_points($member)))));
}
if (get_option('points_show_personal_stats_gift_points_left') == '1') {
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('_GUID' => '6241e5ssd45ddsdsdsa2618fd7fff', 'KEY' => do_lang_tempcode('COUNT_GIFT_POINTS_LEFT'), 'VALUE' => integer_format(get_gift_points_to_give($member)))));
}
if (get_option('points_show_personal_stats_gift_points_used') == '1') {
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('_GUID' => '6241eddsd4sdddssdsa2618fd7fff', 'KEY' => do_lang_tempcode('COUNT_GIFT_POINTS_USED'), 'VALUE' => integer_format(get_gift_points_used($member)))));
}
}
if (get_option('ocp_show_personal_usergroup') == '1') {
$group_id = $GLOBALS['FORUM_DRIVER']->pname_group($GLOBALS['FORUM_DRIVER']->pget_row($username));
$usergroups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list();
if (array_key_exists($group_id, $usergroups)) {
if (get_forum_type() == 'ocf') {
$group_url = build_url(array('page' => 'groups', 'type' => 'view', 'id' => $group_id), get_module_zone('groups'));
$hyperlink = hyperlink($group_url, $usergroups[$group_id], false, true);
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE_COMPLEX', array('_GUID' => 'sas41eddsd4sdddssdsa2618fd7fff', 'KEY' => do_lang_tempcode('GROUP'), 'VALUE' => $hyperlink)));
} else {
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('_GUID' => '65180134fbc4cf7e227011463d466677', 'KEY' => do_lang_tempcode('GROUP'), 'VALUE' => $usergroups[$group_id])));
}
}
}
if (get_option('ocp_show_personal_last_visit') == '1') {
$row = $GLOBALS['FORUM_DRIVER']->pget_row($username);
if (get_forum_type() == 'ocf') {
$last_visit = intval(ocp_admirecookie('last_visit', strval($GLOBALS['FORUM_DRIVER']->pnamelast_visit($row))));
} else {
$last_visit = $GLOBALS['FORUM_DRIVER']->pnamelast_visit($row);
}
$_last_visit = get_timezoned_date($last_visit, false);
$content->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINE', array('_GUID' => 'sas41eddsdsdsdsdsa2618fd7fff', 'KEY' => do_lang_tempcode('LAST_HERE'), 'RAW_KEY' => strval($last_visit), 'VALUE' => $_last_visit)));
}
$avatar_url = '';
if (!has_no_forum()) {
if (get_option('ocp_show_avatar') === '1') {
$avatar_url = $GLOBALS['FORUM_DRIVER']->get_member_avatar_url($member);
}
}
// Subscription links
if (get_forum_type() == 'ocf' && addon_installed('ecommerce') && get_option('ocp_show_personal_sub_links') == '1' && !has_zone_access(get_member(), 'adminzone') && has_actual_page_access(get_member(), 'purchase')) {
$usergroup_subs = $GLOBALS['FORUM_DB']->query_select('f_usergroup_subs', array('id', 's_title', 's_group_id', 's_cost'), array('s_enabled' => 1));
$in_one = false;
$members_groups = $GLOBALS['FORUM_DRIVER']->get_members_groups($member);
foreach ($usergroup_subs as $i => $sub) {
$usergroup_subs[$i]['s_cost'] = floatval($sub['s_cost']);
if (in_array($sub['s_group_id'], $members_groups)) {
$in_one = true;
break;
}
}
if (!$in_one) {
global $M_SORT_KEY;
$M_SORT_KEY = 's_cost';
usort($usergroup_subs, 'multi_sort');
foreach ($usergroup_subs as $sub) {
$url = build_url(array('page' => 'purchase', 'type' => 'message', 'product' => 'USERGROUP' . strval($sub['id'])), get_module_zone('purchase'));
$links->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINK', array('NAME' => do_lang_tempcode('UPGRADE_TO', escape_html(get_translated_text($sub['s_title']))), 'URL' => $url)));
}
}
}
// Admin Zone link
if (get_option('ocp_show_personal_adminzone_link') == '1' && has_zone_access(get_member(), 'adminzone')) {
$url = build_url(array('page' => ''), 'adminzone');
$links->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINK', array('_GUID' => 'ae243058f780f9528016f7854763a5fa', 'ACCESSKEY' => 'I', 'NAME' => do_lang_tempcode('ADMIN_ZONE'), 'URL' => $url)));
}
// Conceded mode link
if ($GLOBALS['SESSION_CONFIRMED'] == 1 && get_option('ocp_show_conceded_mode_link') == '1') {
$url = build_url(array('page' => 'login', 'type' => 'concede', 'redirect' => get_page_name() == 'login' ? NULL : SELF_REDIRECT), get_module_zone('login'));
$links->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINK_2', array('_GUID' => '81fa81cfd3130e42996bf72b0e03d8aa', 'POST' => true, 'NAME' => do_lang_tempcode('CONCEDED_MODE'), 'DESCRIPTION' => do_lang_tempcode('DESCRIPTION_CONCEDED_MODE'), 'URL' => $url)));
}
// Becomes-invisible link
if (get_option('is_on_invisibility') == '1') {
$visible = array_key_exists(get_session_id(), $GLOBALS['SESSION_CACHE']) && $GLOBALS['SESSION_CACHE'][get_session_id()]['session_invisible'] == 0;
$url = build_url(array('page' => 'login', 'type' => 'invisible', 'redirect' => get_page_name() == 'login' ? NULL : SELF_REDIRECT), get_module_zone('login'));
$links->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LINK_2', array('NAME' => do_lang_tempcode($visible ? 'INVISIBLE' : 'BE_VISIBLE'), 'DESCRIPTION' => '', 'URL' => $url)));
}
// Logout link
$url = build_url(array('page' => 'login', 'type' => 'logout'), get_module_zone('login'));
if (!is_httpauth_login()) {
$links->attach(do_template('BLOCK_SIDE_PERSONAL_STATS_LOGOUT', array('_GUID' => 'd1caacba272a7ee3bf5b2a758e4e54ee', 'NAME' => do_lang_tempcode('LOGOUT'), 'URL' => $url)));
}
return do_template('BLOCK_SIDE_PERSONAL_STATS', array('_GUID' => '99f9bc3387102daaeeedf99843b0502e', 'AVATAR_URL' => $avatar_url, 'LINKS' => $links, 'HAS_SU' => $has_su, 'CONTENT' => $content, 'USERNAME' => $username, 'STAFF_ACTIONS' => $staff_actions));
} else {
$title = do_lang_tempcode('NOT_LOGGED_IN');
if (get_page_name() != 'join' && get_page_name() != 'login') {
if (count($_POST) > 0) {
$_this_url = build_url(array('page' => ''), '', array('keep_session' => 1, 'redirect' => 1));
} else {
$_this_url = build_url(array('page' => '_SELF'), '_SELF', array('keep_session' => 1, 'redirect' => 1), true);
}
} else {
$_this_url = build_url(array('page' => ''), '', array('keep_session' => 1, 'redirect' => 1));
}
$this_url = $_this_url->evaluate();
$login_url = build_url(array('page' => 'login', 'type' => 'login', 'redirect' => $this_url), get_module_zone('login'));
$full_link = build_url(array('page' => 'login', 'type' => 'misc', 'redirect' => $this_url), get_module_zone('login'));
$join_url = get_forum_type() != 'none' ? $GLOBALS['FORUM_DRIVER']->join_url() : '';
return do_template('BLOCK_SIDE_PERSONAL_STATS_NO', array('_GUID' => '32aade68b98dfd191f0f84c6648f7dde', 'TITLE' => $title, 'FULL_LINK' => $full_link, 'JOIN_LINK' => $join_url, 'LOGIN_URL' => $login_url));
}
}
/**
* Render that the page wasn't found. Show alternate likely candidates based on misspellings.
*
* @param ID_TEXT The codename of the page to load
* @param ID_TEXT The zone the page is being loaded in
* @return tempcode Message
*/
function page_not_found($codename, $zone)
{
$GLOBALS['HTTP_STATUS_CODE'] = '404';
if (!headers_sent()) {
if (!browser_matches('ie') && strpos(ocp_srv('SERVER_SOFTWARE'), 'IIS') === false) {
header('HTTP/1.0 404 Not Found');
}
}
// Maybe problem with SEO URLs
if (get_zone_name() == '' && get_option('htm_short_urls') == '1' && has_zone_access(get_member(), 'adminzone')) {
$self_url = get_self_url_easy();
$zones = find_all_zones();
foreach ($zones as $_zone) {
if ($_zone != '' && $_zone != 'site' && strpos($self_url, '/' . $_zone . '/') !== false) {
attach_message(do_lang_tempcode('HTACCESS_SEO_PROBLEM'), 'warn');
}
}
}
// "Did you mean?" support
$all_pages_in_zone = array_keys(find_all_pages_wrap($zone));
$did_mean = array();
foreach ($all_pages_in_zone as $possibility) {
if (is_integer($possibility)) {
$possibility = strval($possibility);
}
// e.g. '404' page has been converted to integer by PHP, grr
$from = str_replace('cms_', '', str_replace('admin_', '', $possibility));
$to = str_replace('cms_', '', str_replace('admin_', '', $codename));
//$dist=levenshtein($from,$to); If we use this, change > to < also
//$threshold=4;
$dist = 0.0;
similar_text($from, $to, $dist);
$threshold = 75.0;
if ($dist > $threshold && has_page_access(get_member(), $codename, $zone)) {
$did_mean[$dist] = $possibility;
}
}
ksort($did_mean);
$_did_mean = array_pop($did_mean);
if ($_did_mean == '') {
$_did_mean = NULL;
}
if (ocp_srv('HTTP_REFERER') != '' && !handle_has_checked_recently('request-' . $zone . ':' . $codename)) {
require_code('failure');
relay_error_notification(do_lang('_MISSING_RESOURCE', $zone . ':' . $codename) . ' ' . do_lang('REFERRER', ocp_srv('HTTP_REFERER'), substr(get_browser_string(), 0, 255)), false, 'error_occurred_missing_page');
}
$title = get_page_title('ERROR_OCCURRED');
$add_access = has_actual_page_access(get_member(), 'cms_comcode_pages', NULL, NULL, 'submit_highrange_content');
$redirect_access = addon_installed('redirects_editor') && has_actual_page_access(get_member(), 'admin_redirects');
require_lang('zones');
$add_url = $add_access ? build_url(array('page' => 'cms_comcode_pages', 'type' => '_ed', 'page_link' => $zone . ':' . $codename), get_module_zone('cms_comcode_pages')) : new ocp_tempcode();
$add_redirect_url = $redirect_access ? build_url(array('page' => 'admin_redirects', 'type' => 'misc', 'page_link' => $zone . ':' . $codename), get_module_zone('admin_redirects')) : new ocp_tempcode();
return do_template('MISSING_SCREEN', array('_GUID' => '22f371577cd2ba437e7b0cb241931575', 'TITLE' => $title, 'DID_MEAN' => $_did_mean, 'ADD_URL' => $add_url, 'ADD_REDIRECT_URL' => $add_redirect_url, 'PAGE' => $codename));
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
require_all_lang();
require_code('zones2');
$skip_pages = array_key_exists('skip', $map) ? explode(',', $map['skip']) : array();
$comcode_page_rows = $GLOBALS['SITE_DB']->query_select('comcode_pages', array('*'));
$_zones = array();
$zones = find_all_zones(false, true);
$GLOBALS['MEMORY_OVER_SPEED'] = true;
$low_memory = ini_get('memory_limit') != '-1' && ini_get('memory_limit') != '0' && ini_get('memory_limit') != '' && intval(preg_replace('#M$#', '', ini_get('memory_limit'))) < 26 || get_option('has_low_memory_limit') === '1';
// Reorder a bit
$zones2 = array();
foreach (array('', 'site') as $zone_match) {
foreach ($zones as $i => $zone) {
if ($zone[0] == $zone_match) {
$zones2[] = $zone;
unset($zones[$i]);
}
}
}
$zones2 = array_merge($zones2, $zones);
foreach ($zones2 as $z) {
list($zone, $zone_title, , $zone_default_page) = $z;
if (has_zone_access(get_member(), $zone)) {
$_pages = array();
$pages = find_all_pages_wrap($zone);
if (isset($pages[$zone_default_page])) {
$default = $pages[$zone_default_page];
$pages = array($zone_default_page => $default) + $pages;
}
foreach ($pages as $page => $page_type) {
if (is_integer($page)) {
$page = strval($page);
}
if (substr($page, 0, 6) == 'panel_') {
continue;
}
if (substr($page, 0, 1) == '_') {
continue;
}
if (in_array($page, $skip_pages)) {
continue;
}
if (in_array($zone . ':' . $page, $skip_pages)) {
continue;
}
if ($page == '404') {
continue;
}
if (strpos($page, '_tree_made') !== false) {
continue;
}
if ($page == 'sitemap') {
continue;
}
if ($page == 'forums' && substr($page_type, 0, 7) == 'modules' && (get_forum_type() == 'ocf' || get_forum_type() == 'none')) {
continue;
}
if ($page == 'join' && substr($page_type, 0, 7) == 'modules' && !is_guest()) {
continue;
}
if (has_page_access(get_member(), $page, $zone)) {
$_entrypoints = array();
$__entrypoints = $low_memory ? array(NULL) : extract_module_functions_page($zone, $page, array('get_entry_points'));
if (!is_null($__entrypoints[0])) {
$entrypoints = is_array($__entrypoints[0]) ? call_user_func_array($__entrypoints[0][0], $__entrypoints[0][1]) : (strpos($__entrypoints[0], '::') !== false ? NULL : eval($__entrypoints[0]));
// The strpos thing is a little hack that allows it to work for base-class derived modules
if (is_null($entrypoints)) {
$path = zone_black_magic_filterer($zone . ($zone == '' ? '' : '/') . 'pages/' . $page_type . '/' . $page . '.php', true);
if ($low_memory && !defined('HIPHOP_PHP') && strpos(file_get_contents(get_file_base() . '/' . $path), ' extends standard_aed_module') !== false) {
$new_code = str_replace(',parent::get_entry_points()', '', str_replace('parent::get_entry_points(),', '', $__entrypoints[0]));
if (strpos($new_code, 'parent::') !== false) {
continue;
}
$entrypoints = eval($new_code);
} else {
require_code($path);
if (class_exists('Mx_' . filter_naughty_harsh($page))) {
$object = object_factory('Mx_' . filter_naughty_harsh($page));
} else {
$object = object_factory('Module_' . filter_naughty_harsh($page));
}
$entrypoints = $object->get_entry_points();
}
}
} else {
$entrypoints = array('!');
}
if (!is_array($entrypoints)) {
$entrypoints = array('!');
}
if ($entrypoints == array('!')) {
$url = build_url(array('page' => $page), $zone, NULL, false, false, true);
$title = ucwords(str_replace('_', ' ', $page));
if (substr($page_type, 0, 7) == 'comcode') {
foreach ($comcode_page_rows as $page_row) {
if ($page_row['p_validated'] == 0 && $page_row['the_page'] == $page && $page_row['the_zone'] == $zone) {
continue 2;
}
}
$path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt');
if (!is_file($path)) {
$path = zone_black_magic_filterer(get_file_base() . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt');
}
$page_contents = file_get_contents($path);
$matches = array();
if (preg_match('#\\[title[^\\]]*\\]#', $page_contents, $matches) != 0) {
$start = strpos($page_contents, $matches[0]) + strlen($matches[0]);
$end = strpos($page_contents, '[/title]', $start);
$matches = array();
$title_portion = str_replace('{$SITE_NAME}', get_site_name(), substr($page_contents, $start, $end - $start));
if (preg_match('#\\{\\!([\\w:]+)\\}#', $title_portion, $matches) != 0) {
$title_portion = str_replace($matches[0], do_lang($matches[1]), $title_portion);
}
if (preg_match('#^[^<>\\[\\{\\&]*$#', $title_portion, $matches) != 0) {
$title = $matches[0];
} elseif (!$low_memory) {
$_title = comcode_to_tempcode($title_portion);
$title = strip_tags(@html_entity_decode($_title->evaluate(), ENT_QUOTES, get_charset()));
}
}
} elseif (substr($page_type, 0, 4) == 'html') {
$path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.htm');
$page_contents = file_get_contents($path);
$matches = array();
if (preg_match('#\\<title[^\\>]*\\>#', $page_contents, $matches) != 0) {
$start = strpos($page_contents, $matches[0]) + strlen($matches[0]);
$end = strpos($page_contents, '</title>', $start);
$title = strip_tags(@html_entity_decode(substr($page_contents, $start, $end - $start), ENT_QUOTES, get_charset()));
}
}
$temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => '92e657f8b9a3642df053f54e724e66f6', 'URL' => $url, 'NAME' => $title, 'CHILDREN' => array()));
$_pages[$title] = $temp->evaluate();
// FUDGEFUDGE
} elseif (count($entrypoints) != 0) {
foreach ($entrypoints as $entrypoint => $title) {
if (($entrypoint == 'concede' || $entrypoint == 'invisible' || $entrypoint == 'logout') && is_guest()) {
continue;
}
if ($entrypoint == '!') {
$url = build_url(array('page' => $page), $zone, NULL, false, false, true);
} else {
$url = build_url(array('page' => $page, 'type' => $entrypoint), $zone, NULL, false, false, true);
}
$_entrypoints[$title] = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => 'ae2ed2549644a8e699e0938b3ab98ddb', 'URL' => $url, 'NAME' => do_lang_tempcode($title), 'CHILDREN' => array()));
}
//ksort($_entrypoints);
$title = do_lang('MODULE_TRANS_NAME_' . $page, NULL, NULL, NULL, NULL, false);
if (is_null($title)) {
$title = ucwords(str_replace('_', ' ', preg_replace('#^ocf\\_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote($zone)) . '_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote(str_replace('zone', '', $zone))) . '_#', '', $page)))));
}
if (count($_entrypoints) == 1) {
$temp_keys = array_keys($_entrypoints);
$temp = $_entrypoints[$temp_keys[0]];
} else {
$temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => 'dfc5cc7db0301acd938d3b2e3fceaab8', 'URL' => new ocp_tempcode(), 'NAME' => $title, 'CHILDREN' => $_entrypoints));
}
$_pages[$title] = $temp->evaluate();
// FUDGEFUDGE
}
}
}
$url = new ocp_tempcode();
if ($_pages != array()) {
$keys = array_keys($_pages);
$first = $_pages[$keys[0]];
ksort($_pages);
$_pages = array($keys[0] => $first) + $_pages;
}
$temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => '38abb0a0e5bec968b28b4791320dd0dc', 'URL' => $url, 'NAME' => $zone_title, 'CHILDREN' => $_pages));
$_zones[] = $temp->evaluate();
// FUDGEFUDGE
}
}
// To avoid running out of memory
$out = do_template('BLOCK_MAIN_SITEMAP', array('_GUID' => 'd0807b30925e47d10cdb2c36231436ab', 'CHILDREN' => $_zones));
$e = $out->evaluate();
$explode = explode('__keep__', $e);
// the URLs are build without keep and the templates tack it on the end
if (strpos($e, '__keep__') !== false) {
$out = new ocp_tempcode();
foreach ($explode as $i => $bit) {
if ($i != 0) {
$out->attach(symbol_tempcode('KEEP', NULL, array(ENTITY_ESCAPED)));
}
if ($GLOBALS['XSS_DETECT']) {
ocp_mark_as_escaped($bit);
}
$out->attach($bit);
}
}
$e = $out->evaluate();
if (strpos($e, '__keep1__') !== false) {
$explode = explode('__keep1__', $e);
$out = new ocp_tempcode();
foreach ($explode as $i => $bit) {
if ($i != 0) {
$out->attach(symbol_tempcode('KEEP', array('1'), array(ENTITY_ESCAPED)));
}
if ($GLOBALS['XSS_DETECT']) {
ocp_mark_as_escaped($bit);
}
$out->attach($bit);
}
}
return $out;
}
$a = strrpos($FILE_BASE, '/');
$b = strrpos($FILE_BASE, '\\');
$FILE_BASE = substr($FILE_BASE, 0, $a > $b ? $a : $b);
}
$RELATIVE_PATH = '';
@chdir($FILE_BASE);
global $NON_PAGE_SCRIPT;
$NON_PAGE_SCRIPT = 1;
if (!is_file($FILE_BASE . '/sources/global.php')) {
exit('<html><head><title>Critical startup error</title></head><body><h1>ocPortal startup error</h1><p>The second most basic ocPortal startup file, sources/global.php, could not be located. This is almost always due to an incomplete upload of the ocPortal system, so please check all files are uploaded correctly.</p><p>Once all ocPortal files are in place, ocPortal must actually be installed by running the installer. You must be seeing this message either because your system has become corrupt since installation, or because you have uploaded some but not all files from our manual installer package: the quick installer is easier, so you might consider using that instead.</p><p>ocProducts maintains full documentation for all procedures and tools, especially those for installation. These may be found on the <a href="http://ocportal.com">ocPortal website</a>. If you are unable to easily solve this problem, we may be contacted from our website and can help resolve it for you.</p><hr /><p style="font-size: 0.8em">ocPortal is a website engine created by ocProducts.</p></body></html>');
}
require $FILE_BASE . '/sources/global.php';
require_code('developer_tools');
destrictify();
css_enforce('global');
if (!has_zone_access(get_member(), 'adminzone')) {
exit('Security error (did you get logged out?)');
}
$max_width = 800;
$large_image_location = $_GET['file'];
if (get_magic_quotes_gpc()) {
$large_image_location = stripslashes($large_image_location);
}
$thumb_image_location = $_GET['thumb'];
if (get_magic_quotes_gpc()) {
$thumb_image_location = stripslashes($thumb_image_location);
}
if (substr($large_image_location, 0, strlen('uploads/attachments/')) != 'uploads/attachments/') {
exit('Security error');
}
if (strpos($large_image_location, '..') !== false) {
$zones = find_all_zones(false, true);
// Reorder a bit
$zones2 = array();
foreach (array('', 'site') as $zone_match) {
foreach ($zones as $i => $zone) {
if ($zone[0] == $zone_match) {
$zones2[] = $zone;
unset($zones[$i]);
}
}
}
$zones2 = array_merge($zones2, $zones);
require_code('zones2');
foreach ($zones2 as $z) {
list($zone, $zone_title, , ) = $z;
if (has_zone_access(get_member(), $zone)) {
$_pages = array();
$pages = find_all_pages_wrap($zone);
foreach ($pages as $page => $page_type) {
if (is_integer($page)) {
$page = strval($page);
}
if (substr($page, 0, 6) == 'panel_') {
continue;
}
if (substr($page, 0, 1) == '_') {
continue;
}
if ($page == '404') {
continue;
}
function referrer_report_script($ret = false)
{
$member_id = get_param_integer('member_id', NULL);
if (!has_zone_access(get_member(), 'adminzone') && $member_id !== get_member()) {
access_denied('ZONE_ACCESS', 'adminzone');
}
require_lang('referrals');
$csv = get_param_integer('csv', 0) == 1;
$where = db_string_not_equal_to('i_email_address', '') . ' AND i_inviter<>' . strval($GLOBALS['FORUM_DRIVER']->get_guest_id());
if ($member_id !== NULL) {
$where .= ' AND referrer.id=' . strval($member_id);
}
$max = get_param_integer('max', $csv ? 10000 : 30);
$start = get_param_integer('start', 0);
$data = array();
$table = 'f_invites i LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members referrer ON referrer.id=i_inviter LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members referee ON referee.m_email_address=i_email_address';
$referrals = $GLOBALS['FORUM_DB']->query('SELECT i_time AS time,referrer.id AS referrer_id,referrer.m_username AS referrer,referrer.m_email_address AS referrer_email,referee.id AS referee_id,referee.m_username AS referee,referee.m_email_address AS referee_email,i_taken AS qualified
FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . $table . ' WHERE ' . $where . ' ORDER BY i_time DESC', $max, $start);
$max_rows = $GLOBALS['FORUM_DB']->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . $table . ' WHERE ' . $where);
if (count($referrals) == 0) {
inform_exit(do_lang_tempcode('NO_ENTRIES'));
}
foreach ($referrals as $ref) {
$data_row = array();
$data_row[do_lang('DATE_TIME')] = get_timezoned_date($ref['time'], true, true, false, true);
if (is_null($member_id)) {
if ($csv) {
$deleted = true;
$data_row[do_lang('TYPE_REFERRER')] = is_null($ref['referrer']) ? do_lang($deleted ? 'REFEREE_DELETED' : 'REFEREE_NOT_SIGNED_UP') : $ref['referrer'];
} else {
$data_row[do_lang('TYPE_REFERRER')] = is_null($ref['referrer_id']) ? '' : strval($ref['referrer_id']);
}
$data_row[do_lang('TYPE_REFERRER') . ' (' . do_lang('EMAIL_ADDRESS') . ')'] = $ref['referrer_email'];
$data_row[do_lang('QUALIFIED_REFERRER')] = do_lang(referrer_is_qualified($ref['referrer_id']) ? 'YES' : 'NO');
}
$deleted = false;
if (is_null($ref['referee'])) {
$deleted = $ref['qualified'] == 1;
//!is_null($GLOBALS['SITE_DB']->query_value_null_ok('adminlogs','id',array('the_type'=>'DELETE_MEMBER','param_b'=>TODO Unfortunately we can't tell)));
}
if ($csv) {
$data_row[do_lang('REFEREE')] = is_null($ref['referee']) ? do_lang($deleted ? 'REFEREE_DELETED' : 'REFEREE_NOT_SIGNED_UP') : $ref['referee'];
} else {
$data_row[do_lang('REFEREE')] = is_null($ref['referee_id']) ? '' : strval($ref['referee_id']);
}
$data_row[do_lang('REFEREE') . ' (' . do_lang('EMAIL_ADDRESS') . ')'] = is_null($ref['referee_email']) ? '' : $ref['referee_email'];
$data_row[do_lang('QUALIFIED_REFERRAL')] = do_lang($ref['qualified'] == 1 ? 'YES' : 'NO');
$data[] = $data_row;
}
if ($csv) {
require_code('files2');
make_csv($data, (is_null($member_id) ? get_site_name() : $GLOBALS['FORUM_DRIVER']->get_username($member_id)) . ' referrals.csv');
} else {
require_code('templates_results_table');
$fields_title = new ocp_tempcode();
$fields = new ocp_tempcode();
foreach ($data as $i => $data_row) {
if ($i == 0) {
$fields_title->attach(results_field_title(array_keys($data_row)));
}
foreach ($data_row as $key => $val) {
if ($key == do_lang('REFEREE') || $key == do_lang('TYPE_REFERRER')) {
if ($val == '') {
$val = do_lang('UNKNOWN');
} else {
$val = $GLOBALS['FORUM_DRIVER']->member_profile_hyperlink($val, true);
}
}
$data_row[$key] = escape_html($val);
}
$fields->attach(results_entry($data_row));
}
$table = results_table(do_lang('REFERRALS'), $start, 'start', $max, 'max', $max_rows, $fields_title, $fields);
if ($ret) {
return $table;
}
$title = get_page_title('REFERRALS');
$out = new ocp_tempcode();
$out->attach($title);
$out->attach($table);
$out = globalise($out, NULL, '', true);
$out->evaluate_echo();
}
return NULL;
}
/**
* Lookup error on ocportal.com, to see if there is more information.
*
* @param mixed The error message (string or tempcode)
* @return ?string The result from the web service (NULL: no result)
*/
function get_webservice_result($error_message)
{
if (get_domain() == 'ocportal.com') {
return NULL;
}
if (!function_exists('has_zone_access') || !has_zone_access(get_member(), 'adminzone')) {
return NULL;
}
require_code('files');
global $DONE_ONE_WEB_SERVICE;
if ($GLOBALS['DOWNLOAD_LEVEL'] > 0 || $DONE_ONE_WEB_SERVICE) {
return NULL;
}
$DONE_ONE_WEB_SERVICE = true;
if (is_object($error_message)) {
$error_message = $error_message->evaluate();
}
if ($GLOBALS['HTTP_STATUS_CODE'] == '401') {
return NULL;
}
// Get message IN ENGLISH
if (user_lang() != fallback_lang()) {
global $LANGUAGE;
foreach ($LANGUAGE as $_) {
foreach ($_ as $key => $val) {
$regexp = preg_replace('#\\\\{\\d+\\\\}#', '.*', str_replace('#', '\\#', preg_quote($val)));
if ($regexp != '.*') {
if (preg_match('#' . $regexp . '#', $error_message) != 0) {
$_error_message = do_lang($key, '', '', '', fallback_lang(), false);
if (!is_null($_error_message)) {
$error_message = $_error_message;
}
break;
}
}
}
}
}
// Talk to web service
$brand = get_value('rebrand_name');
if (is_null($brand)) {
$brand = 'ocPortal';
}
$result = http_download_file('http://ocportal.com/uploads/website_specific/ocportal.com/scripts/errorservice.php?version=' . float_to_raw_string(ocp_version_number()) . '&error_message=' . rawurlencode($error_message) . '&product=' . rawurlencode($brand), NULL, false);
if ($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'] != 'text/plain') {
return NULL;
}
if ($result == '') {
return NULL;
}
if (function_exists('ocp_mark_as_escaped')) {
ocp_mark_as_escaped($result);
}
return $result;
}
/**
* Get the tempcode for a do next manager. A do next manager is a series of linked icons that are presented after performing an action. Modules that do not use do-next pages, usually use REFRESH_PAGE's.
*
* @param array A list of items (each item is a pair or a triple: <option,url[,field name=do_lang(option)]> ; url is a pair or a triple or a quarto also: <page,map[,zone[,warning]]>)
* @param tempcode The title for the section
* @return tempcode The do next manager section
*/
function _do_next_section($list, $title)
{
if (count($list) == 0) {
return new ocp_tempcode();
}
$next_items = new ocp_tempcode();
$i = 0;
foreach ($list as $_option) {
$option = $_option[0];
$url = $_option[1];
if (is_null($url)) {
continue;
}
$zone = array_key_exists(2, $url) ? $url[2] : '';
$page = $url[0];
if ($page == '_SELF') {
$page = get_page_name();
}
if (is_null($page) && has_zone_access(get_member(), $zone) || !is_null($page) && has_actual_page_access(get_member(), $page, $zone)) {
$description = array_key_exists(2, $_option) && !is_null($_option[2]) ? $_option[2] : do_lang_tempcode('NEXT_ITEM_' . $option);
$link = is_null($page) ? build_url(array_merge($url[1], array('page' => '')), $zone) : build_url(array_merge(array('page' => $page), $url[1]), $zone);
$doc = array_key_exists(3, $_option) ? $_option[3] : '';
if (is_string($doc) && $doc != '') {
if (preg_match('#^[\\w\\d]+$#', $doc) == 0) {
$doc = comcode_to_tempcode($doc, NULL, true);
} else {
$doc = comcode_lang_string($doc);
}
}
$target = array_key_exists(4, $_option) ? $_option[4] : NULL;
$auto_add = array_key_exists(5, $_option) ? $_option[5] : NULL;
$next_items->attach(do_template('DO_NEXT_ITEM', array('_GUID' => 'f39b6055d1127edb452595e7eeaf2f01', 'AUTO_ADD' => $auto_add, 'I' => strval($i), 'I2' => strval(mt_rand(0, 32000)) . '_' . strval($i), 'TARGET' => $target, 'PICTURE' => $option, 'DESCRIPTION' => $description, 'LINK' => $link, 'DOC' => $doc, 'WARNING' => array_key_exists(3, $url) ? $url[3] : '')));
$i++;
}
}
if ($next_items->is_empty()) {
return new ocp_tempcode();
}
return do_template('DO_NEXT_SECTION', array('_GUID' => '18589e9e8ec1971f692cb76d71f33ec1', 'I' => strval($i), 'TITLE' => $title, 'CONTENT' => $next_items));
}