/**
* Checks whether user is logged in and outputs login box
* for guests or returns error response for registered users.
*
* @return Response object
*/
public function needs_auth()
{
if (!$this->user->data['is_registered']) {
login_box($this->get_current_url());
}
return $this->error($this->user->lang['NO_AUTH'], 403);
}
public function base()
{
$note = utf8_normalize_nfc($this->request->variable('note', '', true));
$submit = isset($_POST['submit']) ? true : false;
$error = array();
// check if user s logged in, since this page can be used only after registration...
if (!$this->user->data['is_registered']) {
login_box($this->helper->route('vinny_usersnotes_controller'));
}
// ... and also this is not for bots (especially for bad ones :)
if ($this->user->data['is_bot']) {
redirect(append_sid("{$this->phpbb_root_path}index.{$this->phpEx}"));
}
$s_action = $this->helper->route('vinny_usersnotes_controller');
$s_hidden_fields = '';
add_form_key('postform');
// create a template variables
$this->template->assign_vars(array('S_POST_ACTION' => $s_action, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'ERROR' => sizeof($error) ? implode('<br />', $error) : ''));
if ($submit) {
/*if(!check_form_key('postform'))
{
trigger_error('FORM_INVALID');
}*/
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_note = "' . $note . '"
WHERE user_id = ' . $this->user->data['user_id'];
$this->db->sql_query($sql);
meta_refresh(3, $this->helper->route('vinny_usersnotes_controller'));
trigger_error(sprintf($this->user->lang['NOTES_SAVED'], $this->helper->route('vinny_usersnotes_controller')));
}
// create a template variables
$this->template->assign_vars(array('NOTE' => $this->user->data['user_note']));
$this->template->assign_block_vars('navlinks', array('FORUM_NAME' => $this->user->lang['NOTES']));
return $this->helper->render('notes.html', $this->user->lang['NOTES']);
}
public function login_redirect()
{
if (!$this->user->data['is_registered']) {
login_box();
}
$this->template->assign_var('A_VARIABLE', 'I am a variable');
return $this->helper->render('foo_bar_body.html');
}
function main()
{
// Only registered users can go beyond this point
if (!$this->user->data['is_registered']) {
if ($this->user->data['is_bot']) {
redirect(append_sid("{$this->phpbb_root_path}index.{$this->phpEx}"));
}
login_box('', $this->user->lang['LOGIN_INFO']);
}
$adm_points = $this->request->variable('adm_points', false);
$u_id = $this->request->variable('user_id', 0);
$post_id = $this->request->variable('post_id', 0);
if (empty($u_id)) {
$message = $this->user->lang['EDIT_NO_ID_SPECIFIED'] . '<br /><br /><a href="' . $this->helper->route('dmzx_ultimatepoints_controller', array('mode' => 'bank_edit')) . '">« ' . $this->user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
$user_id = $u_id;
add_form_key('bank_edit');
if ($adm_points != false && ($this->auth->acl_get('a_') || $this->auth->acl_get('m_chg_bank'))) {
$this->template->assign_block_vars('administer_bank', array());
$submit = isset($_POST['submit']) ? true : false;
if ($submit) {
if (!check_form_key('bank_edit')) {
trigger_error('FORM_INVALID');
}
$new_points = round($this->request->variable('points', 0.0), 2);
$this->functions_points->set_bank($u_id, $new_points);
$sql_array = array('SELECT' => 'user_id, username, user_points, user_colour', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $u_id);
$sql = $this->db->sql_build_query('SELECT', $sql_array);
$result = $this->db->sql_query($sql);
$points_user = $this->db->sql_fetchrow($result);
// Add logs
$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_MOD_BANK', false, array($points_user['username']));
$message = $post_id ? sprintf($this->user->lang['EDIT_P_RETURN_POST'], '<a href="' . append_sid("{$this->phpbb_root_path}viewtopic.{$this->phpEx}", "p=" . $post_id) . '">', '</a>') : sprintf($this->user->lang['EDIT_P_RETURN_INDEX'], '<a href="' . append_sid("{$this->phpbb_root_path}index.{$this->phpEx}") . '">', '</a>');
trigger_error(sprintf($this->user->lang['EDIT_POINTS_SET'], $this->config['points_name']) . $message);
} else {
$sql_array = array('SELECT' => 'u.user_id, u.username, u.user_points, u.user_colour, b.holding', 'FROM' => array(USERS_TABLE => 'u'), 'LEFT_JOIN' => array(array('FROM' => array($this->points_bank_table => 'b'), 'ON' => 'u.user_id = b.user_id')), 'WHERE' => 'u.user_id = ' . (int) $u_id);
$sql = $this->db->sql_build_query('SELECT', $sql_array);
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
if (empty($u_id)) {
$message = $this->user->lang['EDIT_USER_NOT_EXIST'] . '<br /><br /><a href="' . $this->helper->route('dmzx_ultimatepoints_controller', array('mode' => 'bank_edit')) . '">« ' . $this->user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
$hidden_fields = build_hidden_fields(array('user_id' => $u_id, 'post_id' => $post_id));
$this->template->assign_vars(array('USER_NAME' => get_username_string('full', $u_id, $row['username'], $row['user_colour']), 'BANK_POINTS' => sprintf($this->functions_points->number_format_points($row['holding'])), 'POINTS_NAME' => $this->config['points_name'], 'CURRENT_VALUE' => $row['holding'], 'L_POINTS_MODIFY' => sprintf($this->user->lang['EDIT_BANK_MODIFY'], $this->config['points_name']), 'L_P_BANK_TITLE' => sprintf($this->user->lang['EDIT_P_BANK_TITLE'], $this->config['points_name']), 'L_USERNAME' => $this->user->lang['USERNAME'], 'L_SET_AMOUNT' => $this->user->lang['EDIT_SET_AMOUNT'], 'U_USER_LINK' => append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", "mode=viewprofile&u=" . $u_id), 'S_ACTION' => $this->helper->route('dmzx_ultimatepoints_controller', array('mode' => 'bank_edit', 'adm_points' => '1')), 'S_HIDDEN_FIELDS' => $hidden_fields));
}
}
// Generate the page
page_header($this->user->lang['EDIT_POINTS_ADMIN']);
// Generate the page template
$this->template->set_filenames(array('body' => 'points/points_bank_edit.html'));
page_footer();
}
public static function not_authorised($backlink, $loginlink = '', $login_explain = '')
{
global $user, $phpbb_container;
$url = $phpbb_container->get('phpbbgallery.core.url');
if (!$user->data['is_registered'] && $loginlink) {
if ($login_explain && isset($user->lang[$login_explain])) {
$login_explain = $user->lang[$login_explain];
} else {
$login_explain = '';
}
login_box($loginlink, $login_explain);
} else {
$url->meta_refresh(3, $backlink);
trigger_error('NOT_AUTHORISED');
}
}
public function handle($notify_id = 0)
{
$this->user->add_lang_ext('gn36/versionchecknotifier', 'global');
if (!$notify_id) {
trigger_error('INVALID_NOTIFICATION_ID_REDIRECT');
}
if (!$this->user->data['is_registered']) {
login_box();
}
$notifications = $this->manager->load_notifications(array('notification_id' => intval($notify_id)));
if (!isset($notifications['notifications'][$notify_id])) {
trigger_error('INVALID_NOTIFICATION_ID_REDIRECT');
}
/** @var $notification \phpbb\notification\type\base */
$notification = $notifications['notifications'][$notify_id];
$url = $notification->get_url();
redirect($url, false, true);
}
trigger_error($message);
break;
default:
$default = true;
break;
}
// We use this approach because it does not impose large code changes
if (!$default) {
return true;
}
// Only registered users can go beyond this point
if (!$user->data['is_registered']) {
if ($user->data['is_bot']) {
redirect(append_sid("{$phpbb_root_path}index.{$phpEx}"));
}
login_box('', $user->lang['LOGIN_EXPLAIN_UCP']);
}
// Instantiate module system and generate list of available modules
$module->list_modules('ucp');
// Check if the zebra module is set
if ($module->is_active('zebra', 'friends')) {
// Output listing of friends online
$update_time = $config['load_online_time'] * 60;
$sql = $db->sql_build_query('SELECT_DISTINCT', array('SELECT' => 'u.user_id, u.username, u.username_clean, u.user_colour, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline', 'FROM' => array(USERS_TABLE => 'u', ZEBRA_TABLE => 'z'), 'LEFT_JOIN' => array(array('FROM' => array(SESSIONS_TABLE => 's'), 'ON' => 's.session_user_id = z.zebra_id')), 'WHERE' => 'z.user_id = ' . $user->data['user_id'] . '
AND z.friend = 1
AND u.user_id = z.zebra_id', 'GROUP_BY' => 'z.zebra_id, u.user_id, u.username_clean, u.user_colour, u.username', 'ORDER_BY' => 'u.username_clean ASC'));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$which = time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline')) ? 'online' : 'offline';
$template->assign_block_vars("friends_{$which}", array('USER_ID' => $row['user_id'], 'U_PROFILE' => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']), 'USER_COLOUR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']), 'USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']), 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'])));
}
/**
* Method to render the page data
*
* @var bool Bool if the rendering is only for index
* @return array Data for page rendering
*/
public function render_data_for_page($only_for_index = false)
{
$include_on_index = $only_for_index === true;
// Add lang file
$this->user->add_lang('posting');
//chat enabled
if (!$this->config['mchat_enable']) {
trigger_error($this->user->lang['MCHAT_ENABLE'], E_USER_NOTICE);
}
// avatars
if (!function_exists('get_user_avatar')) {
include $this->phpbb_root_path . 'includes/functions_display.' . $this->phpEx;
}
if (($this->config_mchat = $this->cache->get('_mchat_config')) === false) {
$this->functions_mchat->mchat_cache();
}
$this->config_mchat = $this->cache->get('_mchat_config');
// Access rights
$mchat_allow_bbcode = $this->config['allow_bbcode'] && $this->auth->acl_get('u_mchat_bbcode') ? true : false;
$mchat_smilies = $this->config['allow_smilies'] && $this->auth->acl_get('u_mchat_smilies') ? true : false;
$mchat_urls = $this->config['allow_post_links'] && $this->auth->acl_get('u_mchat_urls') ? true : false;
$mchat_ip = $this->auth->acl_get('u_mchat_ip') ? true : false;
$mchat_pm = $this->auth->acl_get('u_mchat_pm') ? true : false;
$mchat_like = $this->auth->acl_get('u_mchat_like') ? true : false;
$mchat_quote = $this->auth->acl_get('u_mchat_quote') ? true : false;
$mchat_add_mess = $this->auth->acl_get('u_mchat_use') ? true : false;
$mchat_view = $this->auth->acl_get('u_mchat_view') ? true : false;
$mchat_no_flood = $this->auth->acl_get('u_mchat_flood_ignore') ? true : false;
$mchat_read_archive = $this->auth->acl_get('u_mchat_archive') ? true : false;
$mchat_founder = $this->user->data['user_type'] == USER_FOUNDER ? true : false;
$mchat_session_time = !empty($this->config_mchat['timeout']) ? $this->config_mchat['timeout'] : (!empty($this->config['load_online_time']) ? $this->config['load_online_time'] * 60 : $this->config['session_length']);
$mchat_rules = !empty($this->config_mchat['rules']) || isset($this->user->lang[strtoupper('mchat_rules')]) ? true : false;
$mchat_avatars = !empty($this->config_mchat['avatars']) && $this->user->optionget('viewavatars') && $this->user->data['user_mchat_avatars'] ? true : false;
// needed variables
// Request options.
$mchat_mode = $this->request->variable('mode', '');
$mchat_read_mode = $mchat_archive_mode = $mchat_custom_page = $mchat_no_message = false;
// set redirect if on index or custom page
$on_page = $include_on_index ? 'index' : 'mchat';
// grab fools..uhmmm, foes the user has
$foes_array = array();
$sql = 'SELECT * FROM ' . ZEBRA_TABLE . '
WHERE user_id = ' . $this->user->data['user_id'] . ' AND foe = 1';
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
$foes_array[] = $row['zebra_id'];
}
$this->db->sql_freeresult($result);
// Request mode...
switch ($mchat_mode) {
// rules popup..
case 'rules':
// If the rules are defined in the language file use them, else just use the entry in the database
if ($mchat_rules || isset($this->user->lang[strtoupper('mchat_rules')])) {
if (isset($this->user->lang[strtoupper('mchat_rules')])) {
$this->template->assign_var('MCHAT_RULES', $this->user->lang[strtoupper('mchat_rules')]);
} else {
$mchat_rules = $this->config_mchat['rules'];
$mchat_rules = explode("\n", $mchat_rules);
foreach ($mchat_rules as $mchat_rule) {
$mchat_rule = utf8_htmlspecialchars($mchat_rule);
$this->template->assign_block_vars('rule', array('MCHAT_RULE' => $mchat_rule));
}
}
// Output the page
// Return for: \$this->helper->render(filename, lang_title);
return array('filename' => 'mchat_rules.html', 'lang_title' => $this->user->lang['MCHAT_HELP']);
} else {
// Show no rules
trigger_error('MCHAT_NO_RULES', E_USER_NOTICE);
}
break;
// whois function..
// whois function..
case 'whois':
// Must have auths
if ($mchat_mode == 'whois' && $mchat_ip) {
// function already exists..
if (!function_exists('user_ipwhois')) {
include $this->phpbb_root_path . 'includes/functions_user.' . $this->phpEx;
}
$this->user_ip = $this->request->variable('ip', '');
$this->template->assign_var('WHOIS', user_ipwhois($this->user_ip));
// Output the page
// Return for: \$this->helper->render(filename, lang_title);
return array('filename' => 'viewonline_whois.html', 'lang_title' => $this->user->lang['WHO_IS_ONLINE']);
} else {
// Show not authorized
trigger_error('NO_AUTH_OPERATION', E_USER_NOTICE);
}
break;
// Clean function...
// Clean function...
case 'clean':
// User logged in?
if (!$this->user->data['is_registered'] || !$mchat_founder) {
if (!$this->user->data['is_registered']) {
// Login box...
login_box('', $this->user->lang['LOGIN']);
} else {
if (!$mchat_founder) {
// Show not authorized
trigger_error('NO_AUTH_OPERATION', E_USER_NOTICE);
}
}
}
$mchat_redirect = $this->request->variable('redirect', '');
$mchat_redirect = $mchat_redirect == 'index' ? append_sid("{$this->phpbb_root_path}index.{$this->phpEx}") : $this->helper->route('dmzx_mchat_controller', array('#mChat'));
if (confirm_box(true)) {
// Run cleaner
$sql = 'TRUNCATE TABLE ' . $this->mchat_table;
$this->db->sql_query($sql);
meta_refresh(3, $mchat_redirect);
trigger_error($this->user->lang['MCHAT_CLEANED'] . '<br /><br />' . sprintf($this->user->lang['RETURN_PAGE'], '<a href="' . $mchat_redirect . '">', '</a>'));
} else {
// Display confirm box
confirm_box(false, $this->user->lang['MCHAT_DELALLMESS']);
}
$this->phpbb_log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_MCHAT_TABLE_PRUNED');
redirect($mchat_redirect);
break;
// Archive function...
// Archive function...
case 'archive':
if (!$mchat_read_archive || !$mchat_view) {
// redirect to correct page
$mchat_redirect = append_sid("{$this->phpbb_root_path}index.{$this->phpEx}");
// Redirect to previous page
meta_refresh(3, $mchat_redirect);
trigger_error($this->user->lang['MCHAT_NOACCESS_ARCHIVE'] . '<br /><br />' . sprintf($this->user->lang['RETURN_PAGE'], '<a href="' . $mchat_redirect . '">', '</a>'));
}
if ($this->config['mchat_enable'] && $mchat_read_archive && $mchat_view) {
// how many chats do we have?
$sql = 'SELECT COUNT(message_id) AS messages FROM ' . $this->mchat_table;
$result = $this->db->sql_query($sql);
$mchat_total_messages = $this->db->sql_fetchfield('messages');
$this->db->sql_freeresult($result);
// prune the chats if necessary and amount in ACP not empty
if ($this->config_mchat['prune_enable'] && ($mchat_total_messages > $this->config_mchat['prune_num'] && $this->config_mchat['prune_num'] > 0)) {
$this->functions_mchat->mchat_prune((int) $this->config_mchat['prune_num']);
}
// Reguest...
$mchat_archive_start = $this->request->variable('start', 0);
$sql_where = $this->user->data['user_mchat_topics'] ? '' : 'WHERE m.forum_id = 0';
// Message row
$sql = 'SELECT m.*, u.username, u.user_colour, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_allow_pm
FROM ' . $this->mchat_table . ' m
LEFT JOIN ' . USERS_TABLE . ' u ON m.user_id = u.user_id
' . $sql_where . '
ORDER BY m.message_id DESC';
$result = $this->db->sql_query_limit($sql, (int) $this->config_mchat['archive_limit'], $mchat_archive_start);
$rows = $this->db->sql_fetchrowset($result);
$this->db->sql_freeresult($result);
foreach ($rows as $row) {
// auth check
if ($row['forum_id'] != 0 && !$this->auth->acl_get('f_read', $row['forum_id'])) {
continue;
}
// edit, delete and permission auths
$mchat_ban = $this->auth->acl_get('a_authusers') && $this->user->data['user_id'] != $row['user_id'] ? true : false;
$mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false;
$mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false;
$mchat_avatar = $row['user_avatar'] ? get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'] > $row['user_avatar_height'] ? 40 : 40 / $row['user_avatar_height'] * $row['user_avatar_width'], $row['user_avatar_height'] > $row['user_avatar_width'] ? 40 : 40 / $row['user_avatar_width'] * $row['user_avatar_height']) : '';
$message_edit = $row['message'];
decode_message($message_edit, $row['bbcode_uid']);
$message_edit = str_replace('"', '"', $message_edit);
// Edit Fix ;)
if (sizeof($foes_array)) {
if (in_array($row['user_id'], $foes_array)) {
$row['message'] = sprintf($this->user->lang['MCHAT_FOE'], get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']));
}
}
$row['username'] = mb_ereg_replace("'", "’", $row['username']);
$this->template->assign_block_vars('mchatrow', array('MCHAT_ALLOW_BAN' => $mchat_ban, 'MCHAT_ALLOW_EDIT' => $mchat_edit, 'MCHAT_ALLOW_DEL' => $mchat_del, 'MCHAT_USER_AVATAR' => $mchat_avatar, 'U_VIEWPROFILE' => $row['user_id'] != ANONYMOUS ? append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'U_USER_IDS' => $row['user_id'] != ANONYMOUS && $this->user->data['user_id'] != $row['user_id'] ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'BOT_USER_ID' => $row['user_id'] != '1', 'U_USER_ID' => $row['user_id'] != ANONYMOUS && $this->config['allow_privmsg'] && $this->auth->acl_get('u_sendpm') && $this->user->data['user_id'] != $row['user_id'] && $row['user_id'] != '1' && ($row['user_allow_pm'] || $this->auth->acl_gets('a_', 'm_') || $this->auth->acl_getf_global('m_')) ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'MCHAT_MESSAGE_EDIT' => $message_edit, 'MCHAT_MESSAGE_ID' => $row['message_id'], 'MCHAT_USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USER_IP' => $row['user_ip'], 'MCHAT_U_WHOIS' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'whois', 'ip' => $row['user_ip'])), 'MCHAT_U_BAN' => append_sid("{$this->phpbb_root_path}adm/index.{$this->phpEx}", 'i=permissions&mode=setting_user_global&user_id[0]=' . $row['user_id'], true, $this->user->session_id), 'MCHAT_MESSAGE' => generate_text_for_display($row['message'], $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options']), 'MCHAT_TIME' => $this->user->format_date($row['message_time'], $this->config_mchat['date']), 'MCHAT_CLASS' => $row['message_id'] % 2 ? 1 : 2));
}
// Write no message
if (empty($rows)) {
$mchat_no_message = true;
}
}
// Run query again to get the total message rows...
$sql = 'SELECT COUNT(message_id) AS mess_id FROM ' . $this->mchat_table;
$result = $this->db->sql_query($sql);
$mchat_total_message = $this->db->sql_fetchfield('mess_id');
$this->db->sql_freeresult($result);
// Page list function...
$pagination_url = $this->helper->route('dmzx_mchat_controller', array('mode' => 'archive'));
$start = $this->request->variable('start', 0);
$this->pagination->generate_template_pagination($pagination_url, 'pagination', 'start', $mchat_total_message, (int) $this->config_mchat['archive_limit'], $mchat_archive_start);
$this->template->assign_vars(array('MCHAT_TOTAL_MESSAGES' => sprintf($this->user->lang['MCHAT_TOTALMESSAGES'], $mchat_total_message)));
//add to navlinks
$this->template->assign_block_vars('navlinks', array('FORUM_NAME' => $this->user->lang['MCHAT_ARCHIVE_PAGE'], 'U_VIEW_FORUM' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'archive'))));
// If archive mode request set true
$mchat_archive_mode = true;
$old_mode = 'archive';
break;
// Read function...
// Read function...
case 'read':
// If mChat disabled or user can't view the chat
if (!$this->config['mchat_enable'] || !$mchat_view) {
// Forbidden (for jQ AJAX request)
throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN');
}
// if we're reading on the custom page, then we are chatting
if ($mchat_custom_page) {
// insert user into the mChat sessions table
$this->functions_mchat->mchat_sessions($mchat_session_time, true);
}
// Request
$mchat_message_last_id = $this->request->variable('message_last_id', 0);
$sql_and = $this->user->data['user_mchat_topics'] ? '' : 'AND m.forum_id = 0';
$sql = 'SELECT m.*, u.username, u.user_colour, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_allow_pm
FROM ' . $this->mchat_table . ' m, ' . USERS_TABLE . ' u
WHERE m.user_id = u.user_id
AND m.message_id > ' . (int) $mchat_message_last_id . '
' . $sql_and . '
ORDER BY m.message_id DESC';
$result = $this->db->sql_query_limit($sql, (int) $this->config_mchat['message_limit']);
$rows = $this->db->sql_fetchrowset($result);
$this->db->sql_freeresult($result);
// Reverse the array wanting messages appear in reverse
if ($this->config['mchat_message_top']) {
$rows = array_reverse($rows);
}
foreach ($rows as $row) {
// auth check
if ($row['forum_id'] != 0 && !$this->auth->acl_get('f_read', $row['forum_id'])) {
continue;
}
// edit auths
if ($this->user->data['user_id'] == ANONYMOUS && $this->user->data['user_id'] == $row['user_id']) {
$chat_auths = $this->user->data['session_ip'] == $row['user_ip'] ? true : false;
} else {
$chat_auths = $this->user->data['user_id'] == $row['user_id'] ? true : false;
}
// edit, delete and permission auths
$mchat_ban = $this->auth->acl_get('a_authusers') && $this->user->data['user_id'] != $row['user_id'] ? true : false;
$mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $chat_auths) ? true : false;
$mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $chat_auths) ? true : false;
$mchat_avatar = $row['user_avatar'] ? get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'] > $row['user_avatar_height'] ? 40 : 40 / $row['user_avatar_height'] * $row['user_avatar_width'], $row['user_avatar_height'] > $row['user_avatar_width'] ? 40 : 40 / $row['user_avatar_width'] * $row['user_avatar_height']) : '';
$message_edit = $row['message'];
decode_message($message_edit, $row['bbcode_uid']);
$message_edit = str_replace('"', '"', $message_edit);
$message_edit = mb_ereg_replace("'", "’", $message_edit);
// Edit Fix ;)
if (sizeof($foes_array)) {
if (in_array($row['user_id'], $foes_array)) {
$row['message'] = sprintf($this->user->lang['MCHAT_FOE'], get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']));
}
}
$row['username'] = mb_ereg_replace("'", "’", $row['username']);
$this->template->assign_block_vars('mchatrow', array('MCHAT_ALLOW_BAN' => $mchat_ban, 'MCHAT_ALLOW_EDIT' => $mchat_edit, 'MCHAT_ALLOW_DEL' => $mchat_del, 'MCHAT_USER_AVATAR' => $mchat_avatar, 'U_VIEWPROFILE' => $row['user_id'] != ANONYMOUS ? append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'U_USER_IDS' => $row['user_id'] != ANONYMOUS && $this->user->data['user_id'] != $row['user_id'] ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'BOT_USER_ID' => $row['user_id'] != '1', 'U_USER_ID' => $row['user_id'] != ANONYMOUS && $this->config['allow_privmsg'] && $this->auth->acl_get('u_sendpm') && $this->user->data['user_id'] != $row['user_id'] && $row['user_id'] != '1' && ($row['user_allow_pm'] || $this->auth->acl_gets('a_', 'm_') || $this->auth->acl_getf_global('m_')) ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'MCHAT_MESSAGE_EDIT' => $message_edit, 'MCHAT_MESSAGE_ID' => $row['message_id'], 'MCHAT_USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USER_IP' => $row['user_ip'], 'MCHAT_U_WHOIS' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'whois', 'ip' => $row['user_ip'])), 'MCHAT_U_BAN' => append_sid("{$this->phpbb_root_path}adm/index.{$this->phpEx}", 'i=permissions&mode=setting_user_global&user_id[0]=' . $row['user_id'], true, $this->user->session_id), 'MCHAT_MESSAGE' => generate_text_for_display($row['message'], $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options']), 'MCHAT_TIME' => $this->user->format_date($row['message_time'], $this->config_mchat['date']), 'MCHAT_CLASS' => $row['message_id'] % 2 ? 1 : 2));
}
// Write no message
if (empty($rows)) {
$mchat_no_message = true;
}
// If read mode request set true
$mchat_read_mode = true;
break;
// Stats function...
// Stats function...
case 'stats':
// If mChat disabled or user can't view the chat
if (!$this->config['mchat_enable'] || !$mchat_view || !$this->config_mchat['whois']) {
// Forbidden (for jQ AJAX request)
throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN');
}
$mchat_stats = $this->functions_mchat->mchat_users($mchat_session_time);
if (!empty($mchat_stats['online_userlist'])) {
$message = '<div class="mChatStats" id="mChatStats"><a href="#" onclick="mChat.toggle(\'UserList\'); return false;">' . $mchat_stats['mchat_users_count'] . '</a> ' . $mchat_stats['refresh_message'] . '<br /><span id="mChatUserList" style="display: none; float: left;">' . $mchat_stats['online_userlist'] . '</span></div>';
} else {
$message = '<div class="mChatStats" id="Div1">' . $this->user->lang['MCHAT_NO_CHATTERS'] . ' (' . $mchat_stats['refresh_message'] . ')</div>';
}
if ($this->request->is_ajax()) {
// Return for: \Symfony\Component\HttpFoundation\JsonResponse
return array('json' => true, 'message' => $message);
} else {
throw new \phpbb\exception\http_exception(501, 'MCHAT_ERROR_NOT_IMPLEMENTED');
}
break;
// Add function...
// Add function...
case 'add':
// If mChat disabled
if (!$this->config['mchat_enable'] || !$mchat_add_mess || !check_form_key('mchat_posting', -1)) {
// Forbidden (for jQ AJAX request)
if ($this->request->is_ajax()) {
// FOR DEBUG
throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN');
}
}
// Reguest...
$message = utf8_ucfirst(utf8_normalize_nfc($this->request->variable('message', '', true)));
// must have something other than bbcode in the message
if (empty($mchatregex)) {
//let's strip all the bbcode
$mchatregex = '#\\[/?[^\\[\\]]+\\]#mi';
}
$message_chars = preg_replace($mchatregex, '', $message);
$message_chars = utf8_strlen(trim($message_chars)) > 0 ? true : false;
if (!$message || !$message_chars) {
// Not Implemented (for jQ AJAX request)
throw new \phpbb\exception\http_exception(501, 'MCHAT_ERROR_NOT_IMPLEMENTED');
}
// Flood control
if (!$mchat_no_flood && $this->config_mchat['flood_time']) {
$mchat_flood_current_time = time();
$sql = 'SELECT message_time FROM ' . $this->mchat_table . '
WHERE user_id = ' . (int) $this->user->data['user_id'] . '
ORDER BY message_time DESC';
$result = $this->db->sql_query_limit($sql, 1);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
if ($row['message_time'] > 0 && $mchat_flood_current_time - $row['message_time'] < (int) $this->config_mchat['flood_time']) {
// Locked (for jQ AJAX request)
throw new \phpbb\exception\http_exception(400, 'MCHAT_BAD_REQUEST');
}
}
// insert user into the mChat sessions table
$this->functions_mchat->mchat_sessions($mchat_session_time, true);
// we override the $this->config['min_post_chars'] entry?
if ($this->config_mchat['override_min_post_chars']) {
$old_cfg['min_post_chars'] = $this->config['min_post_chars'];
$this->config['min_post_chars'] = 0;
}
//we do the same for the max number of smilies?
if ($this->config_mchat['override_smilie_limit']) {
$old_cfg['max_post_smilies'] = $this->config['max_post_smilies'];
$this->config['max_post_smilies'] = 0;
}
// Add function part code from http://wiki.phpbb.com/Parsing_text
$uid = $bitfield = $options = '';
// will be modified by generate_text_for_storage
generate_text_for_storage($message, $uid, $bitfield, $options, $mchat_allow_bbcode, $mchat_urls, $mchat_smilies);
// Not allowed bbcodes
if (!$mchat_allow_bbcode || $this->config_mchat['bbcode_disallowed']) {
if (!$mchat_allow_bbcode) {
$bbcode_remove = '#\\[/?[^\\[\\]]+\\]#Usi';
$message = preg_replace($bbcode_remove, '', $message);
} else {
if ($this->config_mchat['bbcode_disallowed']) {
if (empty($bbcode_replace)) {
$bbcode_replace = array('#\\[(' . $this->config_mchat['bbcode_disallowed'] . ')[^\\[\\]]+\\]#Usi', '#\\[/(' . $this->config_mchat['bbcode_disallowed'] . ')[^\\[\\]]+\\]#Usi');
}
$message = preg_replace($bbcode_replace, '', $message);
}
}
}
$sql_ary = array('forum_id' => 0, 'post_id' => 0, 'user_id' => $this->user->data['user_id'], 'user_ip' => $this->user->data['session_ip'], 'message' => str_replace('\'', '’', $message), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'bbcode_options' => $options, 'message_time' => time());
$sql = 'INSERT INTO ' . $this->mchat_table . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);
$this->db->sql_query($sql);
// reset the config settings
if (isset($old_cfg['min_post_chars'])) {
$this->config['min_post_chars'] = $old_cfg['min_post_chars'];
unset($old_cfg['min_post_chars']);
}
if (isset($old_cfg['max_post_smilies'])) {
$this->config['max_post_smilies'] = $old_cfg['max_post_smilies'];
unset($old_cfg['max_post_smilies']);
}
// Stop run code!
if ($this->request->is_ajax()) {
// Return for: \Symfony\Component\HttpFoundation\JsonResponse
return array('json' => true, 'success' => true);
} else {
exit_handler();
}
break;
// Edit function...
// Edit function...
case 'edit':
$message_id = $this->request->variable('message_id', 0);
// If mChat disabled and not edit
if (!$this->config['mchat_enable'] || !$message_id) {
// Forbidden (for jQ AJAX request)
throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN');
}
// check for the correct user
$sql = 'SELECT *
FROM ' . $this->mchat_table . '
WHERE message_id = ' . (int) $message_id;
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
// edit and delete auths
$mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false;
$mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false;
// If mChat disabled and not edit
if (!$mchat_edit) {
// Forbidden (for jQ AJAX request)
throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN');
}
// Reguest...
$message = $this->request->variable('message', '', true);
// must have something other than bbcode in the message
if (empty($mchatregex)) {
//let's strip all the bbcode
$mchatregex = '#\\[/?[^\\[\\]]+\\]#mi';
}
$message_chars = preg_replace($mchatregex, '', $message);
$message_chars = utf8_strlen(trim($message_chars)) > 0 ? true : false;
if (!$message || !$message_chars) {
// Not Implemented (for jQ AJAX request)
throw new \phpbb\exception\http_exception(501, 'MCHAT_ERROR_NOT_IMPLEMENTED');
}
// Message limit
$message = $this->config_mchat['max_message_lngth'] != 0 && utf8_strlen($message) >= $this->config_mchat['max_message_lngth'] + 3 ? utf8_substr($message, 0, $this->config_mchat['max_message_lngth']) . '...' : $message;
// we override the $this->config['min_post_chars'] entry?
if ($this->config_mchat['override_min_post_chars']) {
$old_cfg['min_post_chars'] = $this->config['min_post_chars'];
$this->config['min_post_chars'] = 0;
}
//we do the same for the max number of smilies?
if ($this->config_mchat['override_smilie_limit']) {
$old_cfg['max_post_smilies'] = $this->config['max_post_smilies'];
$this->config['max_post_smilies'] = 0;
}
// Edit function part code from http://wiki.phpbb.com/Parsing_text
$uid = $bitfield = $options = '';
// will be modified by generate_text_for_storage
generate_text_for_storage($message, $uid, $bitfield, $options, $mchat_allow_bbcode, $mchat_urls, $mchat_smilies);
// Not allowed bbcodes
if (!$mchat_allow_bbcode || $this->config_mchat['bbcode_disallowed']) {
if (!$mchat_allow_bbcode) {
$bbcode_remove = '#\\[/?[^\\[\\]]+\\]#Usi';
$message = preg_replace($bbcode_remove, '', $message);
} else {
if ($this->config_mchat['bbcode_disallowed']) {
if (empty($bbcode_replace)) {
$bbcode_replace = array('#\\[(' . $this->config_mchat['bbcode_disallowed'] . ')[^\\[\\]]+\\]#Usi', '#\\[/(' . $this->config_mchat['bbcode_disallowed'] . ')[^\\[\\]]+\\]#Usi');
}
$message = preg_replace($bbcode_replace, '', $message);
}
}
}
$sql_ary = array('message' => str_replace('\'', '’', $message), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'bbcode_options' => $options);
$sql = 'UPDATE ' . $this->mchat_table . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
WHERE message_id = ' . (int) $message_id;
$this->db->sql_query($sql);
// Message edited...now read it
$sql = 'SELECT m.*, u.username, u.user_colour, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_allow_pm
FROM ' . $this->mchat_table . ' m, ' . USERS_TABLE . ' u
WHERE m.user_id = u.user_id
AND m.message_id = ' . (int) $message_id . '
ORDER BY m.message_id DESC';
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
$message_edit = $row['message'];
decode_message($message_edit, $row['bbcode_uid']);
$message_edit = str_replace('"', '"', $message_edit);
// Edit Fix ;)
$message_edit = mb_ereg_replace("'", "’", $message_edit);
// Edit Fix ;)
$mchat_ban = $this->auth->acl_get('a_authusers') && $this->user->data['user_id'] != $row['user_id'] ? true : false;
$mchat_avatar = $row['user_avatar'] ? get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'] > $row['user_avatar_height'] ? 40 : 40 / $row['user_avatar_height'] * $row['user_avatar_width'], $row['user_avatar_height'] > $row['user_avatar_width'] ? 40 : 40 / $row['user_avatar_width'] * $row['user_avatar_height']) : '';
$this->template->assign_block_vars('mchatrow', array('MCHAT_ALLOW_BAN' => $mchat_ban, 'MCHAT_ALLOW_EDIT' => $mchat_edit, 'MCHAT_ALLOW_DEL' => $mchat_del, 'MCHAT_MESSAGE_EDIT' => $message_edit, 'MCHAT_USER_AVATAR' => $mchat_avatar, 'U_VIEWPROFILE' => $row['user_id'] != ANONYMOUS ? append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'U_USER_IDS' => $row['user_id'] != ANONYMOUS && $this->user->data['user_id'] != $row['user_id'] ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'BOT_USER_ID' => $row['user_id'] != '1', 'U_USER_ID' => $row['user_id'] != ANONYMOUS && $this->config['allow_privmsg'] && $this->auth->acl_get('u_sendpm') && $this->user->data['user_id'] != $row['user_id'] && $row['user_id'] != '1' && ($row['user_allow_pm'] || $this->auth->acl_gets('a_', 'm_') || $this->auth->acl_getf_global('m_')) ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'MCHAT_MESSAGE_ID' => $row['message_id'], 'MCHAT_USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USER_IP' => $row['user_ip'], 'MCHAT_U_WHOIS' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'whois', 'ip' => $row['user_ip'])), 'MCHAT_U_BAN' => append_sid("{$this->phpbb_root_path}adm/index.{$this->phpEx}", 'i=permissions&mode=setting_user_global&user_id[0]=' . $row['user_id'], true, $this->user->session_id), 'MCHAT_MESSAGE' => censor_text(generate_text_for_display($row['message'], $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options'])), 'MCHAT_TIME' => $this->user->format_date($row['message_time'], $this->config_mchat['date']), 'MCHAT_CLASS' => $row['message_id'] % 2 ? 1 : 2));
// reset the config settings
if (isset($old_cfg['min_post_chars'])) {
$this->config['min_post_chars'] = $old_cfg['min_post_chars'];
unset($old_cfg['min_post_chars']);
}
if (isset($old_cfg['max_post_smilies'])) {
$this->config['max_post_smilies'] = $old_cfg['max_post_smilies'];
unset($old_cfg['max_post_smilies']);
}
//adds a log
// $message_author = get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']);
// add_log('admin', 'LOG_EDITED_MCHAT', $message_author);
$this->phpbb_log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_EDITED_MCHAT', false, array($row['username']));
// insert user into the mChat sessions table
$this->functions_mchat->mchat_sessions($mchat_session_time, true);
// If read mode request set true
$mchat_read_mode = true;
break;
// Delete function...
// Delete function...
case 'delete':
$message_id = $this->request->variable('message_id', 0);
// If mChat disabled
if (!$this->config['mchat_enable'] || !$message_id) {
// Forbidden (for jQ AJAX request)
throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN');
}
// check for the correct user
$sql = 'SELECT m.*, u.username, u.user_colour
FROM ' . $this->mchat_table . ' m
LEFT JOIN ' . USERS_TABLE . ' u ON m.user_id = u.user_id
WHERE m.message_id = ' . (int) $message_id;
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
// edit and delete auths
$mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false;
$mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false;
// If mChat disabled
if (!$mchat_del) {
// Forbidden (for jQ AJAX request)
throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN');
}
// Run delete!
$sql = 'DELETE FROM ' . $this->mchat_table . '
WHERE message_id = ' . (int) $message_id;
$this->db->sql_query($sql);
//adds a log
$this->phpbb_log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_DELETED_MCHAT', false, array($row['username']));
// insert user into the mChat sessions table
$this->functions_mchat->mchat_sessions($mchat_session_time, true);
// Stop running code
if ($this->request->is_ajax()) {
// Return for: \Symfony\Component\HttpFoundation\JsonResponse
return array('json' => true, 'success' => true);
} else {
exit_handler();
}
break;
// Default function...
// Default function...
default:
// If not include in index.php set mchat.php page true
if (!$include_on_index) {
// Yes its custom page...
$mchat_custom_page = true;
// If custom page false mchat.php page redirect to index...
if (!$this->config_mchat['custom_page'] && $mchat_custom_page) {
$mchat_redirect = append_sid("{$this->phpbb_root_path}index.{$this->phpEx}");
// Redirect to previous page
meta_refresh(3, $mchat_redirect);
trigger_error($this->user->lang['MCHAT_NO_CUSTOM_PAGE'] . '<br /><br />' . sprintf($this->user->lang['RETURN_PAGE'], '<a href="' . $mchat_redirect . '">', '</a>'));
}
// user has permissions to view the custom chat?
if (!$mchat_view && $mchat_custom_page) {
trigger_error('NOT_AUTHORISED', E_USER_NOTICE);
}
// if whois true
if ($this->config_mchat['whois']) {
// Grab group details for legend display for who is online on the custom page.
$order_legend = $this->config['legend_sort_groupname'] ? 'group_name' : 'group_legend';
if ($this->auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) {
$sql = 'SELECT group_id, group_name, group_colour, group_type FROM ' . GROUPS_TABLE . '
WHERE group_legend <> 0
ORDER BY ' . $order_legend . ' ASC';
} else {
$sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_type FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (g.group_id = ug.group_id AND ug.user_id = ' . $this->user->data['user_id'] . ' AND ug.user_pending = 0)
WHERE g.group_legend <> 0
AND (g.group_type <> ' . GROUP_HIDDEN . '
OR ug.user_id = ' . (int) $this->user->data['user_id'] . ')
ORDER BY g.' . $order_legend . ' ASC';
}
$result = $this->db->sql_query($sql);
$legend = array();
while ($row = $this->db->sql_fetchrow($result)) {
$colour_text = $row['group_colour'] ? ' style="color:#' . $row['group_colour'] . '"' : '';
$group_name = $row['group_type'] == GROUP_SPECIAL ? $this->user->lang['G_' . $row['group_name']] : $row['group_name'];
if ($row['group_name'] == 'BOTS' || $this->user->data['user_id'] != ANONYMOUS && !$this->auth->acl_get('u_viewprofile')) {
$legend[] = '<span' . $colour_text . '>' . $group_name . '</span>';
} else {
$legend[] = '<a' . $colour_text . ' href="' . append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=group&g=' . $row['group_id']) . '">' . $group_name . '</a>';
}
}
$this->db->sql_freeresult($result);
$legend = implode(', ', $legend);
// Assign index specific vars
$this->template->assign_vars(array('LEGEND' => $legend));
}
$this->template->assign_block_vars('navlinks', array('FORUM_NAME' => $this->user->lang['MCHAT_TITLE'], 'U_VIEW_FORUM' => $this->helper->route('dmzx_mchat_controller')));
}
// Run code...
if ($mchat_view) {
$message_number = $mchat_custom_page ? $this->config_mchat['message_limit'] : $this->config_mchat['message_num'];
$sql_where = $this->user->data['user_mchat_topics'] ? '' : 'WHERE m.forum_id = 0';
// Message row
$sql = 'SELECT m.*, u.username, u.user_colour, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_allow_pm
FROM ' . $this->mchat_table . ' m
LEFT JOIN ' . USERS_TABLE . ' u ON m.user_id = u.user_id
' . $sql_where . '
ORDER BY message_id DESC';
$result = $this->db->sql_query_limit($sql, $message_number);
$rows = $this->db->sql_fetchrowset($result);
$this->db->sql_freeresult($result);
if ($this->config['mchat_message_top']) {
$rows = array_reverse($rows, true);
}
foreach ($rows as $row) {
// auth check
if ($row['forum_id'] != 0 && !$this->auth->acl_get('f_read', $row['forum_id'])) {
continue;
}
// edit, delete and permission auths
$mchat_ban = $this->auth->acl_get('a_authusers') && $this->user->data['user_id'] != $row['user_id'] ? true : false;
// edit auths
if ($this->user->data['user_id'] == ANONYMOUS && $this->user->data['user_id'] == $row['user_id']) {
$chat_auths = $this->user->data['session_ip'] == $row['user_ip'] ? true : false;
} else {
$chat_auths = $this->user->data['user_id'] == $row['user_id'] ? true : false;
}
$mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $chat_auths) ? true : false;
$mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $chat_auths) ? true : false;
$mchat_avatar = $row['user_avatar'] ? get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'] > $row['user_avatar_height'] ? 40 : 40 / $row['user_avatar_height'] * $row['user_avatar_width'], $row['user_avatar_height'] > $row['user_avatar_width'] ? 40 : 40 / $row['user_avatar_width'] * $row['user_avatar_height']) : '';
$message_edit = $row['message'];
decode_message($message_edit, $row['bbcode_uid']);
$message_edit = str_replace('"', '"', $message_edit);
// Edit Fix ;)
$message_edit = mb_ereg_replace("'", "’", $message_edit);
if (sizeof($foes_array)) {
if (in_array($row['user_id'], $foes_array)) {
$row['message'] = sprintf($this->user->lang['MCHAT_FOE'], get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']));
}
}
$row['username'] = mb_ereg_replace("'", "’", $row['username']);
$message = str_replace('\'', '’', $row['message']);
$this->template->assign_block_vars('mchatrow', array('MCHAT_ALLOW_BAN' => $mchat_ban, 'MCHAT_ALLOW_EDIT' => $mchat_edit, 'MCHAT_ALLOW_DEL' => $mchat_del, 'MCHAT_USER_AVATAR' => $mchat_avatar, 'U_VIEWPROFILE' => $row['user_id'] != ANONYMOUS ? append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'U_USER_IDS' => $row['user_id'] != ANONYMOUS && $this->user->data['user_id'] != $row['user_id'] ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'BOT_USER_ID' => $row['user_id'] != '1', 'U_USER_ID' => $row['user_id'] != ANONYMOUS && $this->config['allow_privmsg'] && $this->auth->acl_get('u_sendpm') && $this->user->data['user_id'] != $row['user_id'] && $row['user_id'] != '1' && ($row['user_allow_pm'] || $this->auth->acl_gets('a_', 'm_') || $this->auth->acl_getf_global('m_')) ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'MCHAT_MESSAGE_EDIT' => $message_edit, 'MCHAT_MESSAGE_ID' => $row['message_id'], 'MCHAT_USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USER_IP' => $row['user_ip'], 'MCHAT_U_WHOIS' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'whois', 'ip' => $row['user_ip'])), 'MCHAT_U_BAN' => append_sid("{$this->phpbb_root_path}adm/index.{$this->phpEx}", 'i=permissions&mode=setting_user_global&user_id[0]=' . $row['user_id'], true, $this->user->session_id), 'MCHAT_MESSAGE' => generate_text_for_display($message, $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options']), 'MCHAT_TIME' => $this->user->format_date($row['message_time'], $this->config_mchat['date']), 'MCHAT_CLASS' => $row['message_id'] % 2 ? 1 : 2));
}
// Write no message
if (empty($rows)) {
$mchat_no_message = true;
}
// display custom bbcodes
if ($mchat_allow_bbcode && $this->config['allow_bbcode']) {
$this->functions_mchat->display_mchat_bbcodes();
}
// Smile row
if ($mchat_smilies) {
if (!function_exists('generate_smilies')) {
include $this->phpbb_root_path . 'includes/functions_posting.' . $this->phpEx;
}
generate_smilies('inline', 0);
}
// If the static message is defined in the language file use it, else just use the entry in the database
if (isset($this->user->lang[strtoupper('static_message')]) || !empty($this->config_mchat['static_message'])) {
$this->config_mchat['static_message'] = $this->config_mchat['static_message'];
if (isset($this->user->lang[strtoupper('static_message')])) {
$this->config_mchat['static_message'] = $this->user->lang[strtoupper('static_message')];
}
}
// If the static message is defined in the language file use it, else just use the entry in the database
if (isset($this->user->lang[strtoupper('mchat_rules')]) || !empty($this->config_mchat['rules'])) {
if (isset($this->user->lang[strtoupper('mchat_rules')])) {
$this->config_mchat['rules'] = $this->user->lang[strtoupper('mchat_rules')];
}
}
// a list of users using the chat
if ($mchat_custom_page) {
$mchat_users = $this->functions_mchat->mchat_users($mchat_session_time, true);
} else {
$mchat_users = $this->functions_mchat->mchat_users($mchat_session_time);
}
$this->template->assign_vars(array('MCHAT_USERS_COUNT' => $mchat_users['mchat_users_count'], 'MCHAT_USERS_LIST' => $mchat_users['online_userlist']));
}
break;
}
// show index stats
if (!empty($this->config['mchat_stats_index']) && !empty($this->user->data['user_mchat_stats_index'])) {
// stats display
$mchat_session_time = !empty($this->config_mchat['timeout']) ? $this->config_mchat['timeout'] : $this->config['session_length'];
$mchat_stats = $this->functions_mchat->mchat_users($mchat_session_time);
$this->template->assign_vars(array('MCHAT_INDEX_STATS' => true, 'MCHAT_INDEX_USERS_COUNT' => $mchat_stats['mchat_users_count'], 'MCHAT_INDEX_USERS_LIST' => !empty($mchat_stats['online_userlist']) ? $mchat_stats['online_userlist'] : '', 'L_MCHAT_ONLINE_EXPLAIN' => $mchat_stats['refresh_message']));
}
$copyright = base64_decode('PGEgaHJlZj0iaHR0cDovL3JtY2dpcnI4My5vcmciPlJNY0dpcnI4MzwvYT4gJmNvcHk7IDxhIGhyZWY9Imh0dHA6Ly93d3cuZG16eC13ZWIubmV0IiB0aXRsZT0id3d3LmRtengtd2ViLm5ldCI+ZG16eDwvYT4=');
add_form_key('mchat_posting');
// Template function...
$this->template->assign_vars(array('MCHAT_FILE_NAME' => $this->helper->route('dmzx_mchat_controller'), 'MCHAT_REFRESH_JS' => 1000 * $this->config_mchat['refresh'], 'MCHAT_ADD_MESSAGE' => $mchat_add_mess, 'MCHAT_READ_MODE' => $mchat_read_mode, 'MCHAT_ARCHIVE_MODE' => $mchat_archive_mode, 'MCHAT_INPUT_TYPE' => $this->user->data['user_mchat_input_area'], 'MCHAT_RULES' => $mchat_rules, 'MCHAT_ALLOW_SMILES' => $mchat_smilies, 'MCHAT_ALLOW_IP' => $mchat_ip, 'MCHAT_ALLOW_PM' => $mchat_pm, 'MCHAT_ALLOW_LIKE' => $mchat_like, 'MCHAT_ALLOW_QUOTE' => $mchat_quote, 'MCHAT_NOMESSAGE_MODE' => $mchat_no_message, 'MCHAT_ALLOW_BBCODES' => $mchat_allow_bbcode && $this->config['allow_bbcode'] ? true : false, 'MCHAT_MESSAGE_TOP' => $this->config['mchat_message_top'] ? true : false, 'MCHAT_ENABLE' => $this->config['mchat_enable'], 'MCHAT_ARCHIVE_URL' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'archive')), 'MCHAT_CUSTOM_PAGE' => $mchat_custom_page, 'MCHAT_INDEX_HEIGHT' => $this->config_mchat['index_height'], 'MCHAT_CUSTOM_HEIGHT' => $this->config_mchat['custom_height'], 'MCHAT_READ_ARCHIVE_BUTTON' => $mchat_read_archive, 'MCHAT_FOUNDER' => $mchat_founder, 'MCHAT_CLEAN_URL' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'clean', 'redirect' => $on_page)), 'MCHAT_STATIC_MESS' => !empty($this->config_mchat['static_message']) ? htmlspecialchars_decode($this->config_mchat['static_message']) : '', 'L_MCHAT_COPYRIGHT' => $copyright, 'MCHAT_WHOIS' => $this->config_mchat['whois'], 'MCHAT_MESSAGE_LNGTH' => $this->config_mchat['max_message_lngth'], 'L_MCHAT_MESSAGE_LNGTH_EXPLAIN' => intval($this->config_mchat['max_message_lngth']) ? sprintf($this->user->lang['MCHAT_MESSAGE_LNGTH_EXPLAIN'], intval($this->config_mchat['max_message_lngth'])) : '', 'MCHAT_MESS_LONG' => sprintf($this->user->lang['MCHAT_MESS_LONG'], $this->config_mchat['max_message_lngth']), 'MCHAT_USER_TIMEOUT' => $this->config_mchat['timeout'] ? 1000 * $this->config_mchat['timeout'] : false, 'MCHAT_WHOIS_REFRESH' => 1000 * $this->config_mchat['whois_refresh'], 'MCHAT_PAUSE_ON_INPUT' => $this->config_mchat['pause_on_input'] ? true : false, 'L_MCHAT_ONLINE_EXPLAIN' => $this->functions_mchat->mchat_session_time($mchat_session_time), 'MCHAT_REFRESH_YES' => sprintf($this->user->lang['MCHAT_REFRESH_YES'], $this->config_mchat['refresh']), 'L_MCHAT_WHOIS_REFRESH_EXPLAIN' => sprintf($this->user->lang['WHO_IS_REFRESH_EXPLAIN'], $this->config_mchat['whois_refresh']), 'S_MCHAT_AVATARS' => $mchat_avatars, 'S_MCHAT_LOCATION' => $this->config_mchat['location'], 'S_MCHAT_SOUND_YES' => $this->user->data['user_mchat_sound'], 'S_MCHAT_INDEX_STATS' => $this->user->data['user_mchat_stats_index'], 'U_MORE_SMILIES' => append_sid("{$this->phpbb_root_path}posting.{$this->phpEx}", 'mode=smilies'), 'U_MCHAT_RULES' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'rules')), 'S_MCHAT_ON_INDEX' => $this->config['mchat_on_index'] && !empty($this->user->data['user_mchat_index']) ? true : false));
// Return for: \$this->helper->render(filename, lang_title);
return array('filename' => 'mchat_body.html', 'lang_title' => $this->user->lang['MCHAT_TITLE']);
}
$db->sql_freeresult($result);
if (!$forum_data) {
trigger_error('NO_FORUM');
}
// Configure style, language, etc.
$user->setup('viewforum', $forum_data['forum_style']);
// Redirect to login upon emailed notification links
if (isset($_GET['e']) && !$user->data['is_registered']) {
login_box('', $user->lang['LOGIN_NOTIFY_FORUM']);
}
// Permissions check
if (!$auth->acl_gets('f_list', 'f_read', $forum_id) || $forum_data['forum_type'] == FORUM_LINK && $forum_data['forum_link'] && !$auth->acl_get('f_read', $forum_id)) {
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('SORRY_AUTH_READ');
}
login_box('', $user->lang['LOGIN_VIEWFORUM']);
}
// Forum is passworded ... check whether access has been granted to this
// user this session, if not show login box
if ($forum_data['forum_password']) {
login_forum_box($forum_data);
}
// Is this forum a link? ... User got here either because the
// number of clicks is being tracked or they guessed the id
if ($forum_data['forum_type'] == FORUM_LINK && $forum_data['forum_link']) {
// Does it have click tracking enabled?
if ($forum_data['forum_flags'] & FORUM_FLAG_LINK_TRACK) {
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET forum_posts_approved = forum_posts_approved + 1
WHERE forum_id = ' . $forum_id;
$db->sql_query($sql);
if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id)) {
$is_authed = true;
}
break;
case 'delete':
if ($user->data['is_registered'] && $auth->acl_gets('f_delete', 'm_delete', $forum_id)) {
$is_authed = true;
}
break;
}
if (!$is_authed) {
$check_auth = $mode == 'quote' ? 'reply' : $mode;
if ($user->data['is_registered']) {
trigger_error('USER_CANNOT_' . strtoupper($check_auth));
}
login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
}
// Is the user able to post within this forum?
if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) {
trigger_error('USER_CANNOT_FORUM_POST');
}
// Forum/Topic locked?
if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) {
trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
}
// Can we edit this post ... if we're a moderator with rights then always yes
// else it depends on editing times, lock status and if we're the correct user
if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) {
if ($user->data['user_id'] != $post_data['poster_id']) {
trigger_error('USER_CANNOT_EDIT');
}
extract($phpbb_dispatcher->trigger_event('core.viewtopic_before_f_read_check', compact($vars)));
// Start auth check
if (!$overrides_f_read_check && !$auth->acl_get('f_read', $forum_id)) {
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('SORRY_AUTH_READ');
}
login_box('', $user->lang['LOGIN_VIEWFORUM']);
}
// Forum is passworded ... check whether access has been granted to this
// user this session, if not show login box
if (!$overrides_forum_password_check && $topic_data['forum_password']) {
login_forum_box($topic_data);
}
// Redirect to login upon emailed notification links if user is not logged in.
if (isset($_GET['e']) && $user->data['user_id'] == ANONYMOUS) {
login_box(build_url('e') . '#unread', $user->lang['LOGIN_NOTIFY_TOPIC']);
}
// What is start equal to?
if ($post_id) {
$start = floor($topic_data['prev_posts'] / $config['posts_per_page']) * $config['posts_per_page'];
}
// Get topic tracking info
if (!isset($topic_tracking_info)) {
$topic_tracking_info = array();
// Get topic tracking info
if ($config['load_db_lastread'] && $user->data['is_registered']) {
$tmp_topic_data = array($topic_id => $topic_data);
$topic_tracking_info = get_topic_tracking($forum_id, $topic_id, $tmp_topic_data, array($forum_id => $topic_data['forum_mark_time']));
unset($tmp_topic_data);
} else {
if ($config['load_anon_lastread'] || $user->data['is_registered']) {
*/
/**
* @ignore
*/
define('IN_PHPBB', true);
$phpbb_root_path = defined('PHPBB_ROOT_PATH') ? PHPBB_ROOT_PATH : '../';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include $phpbb_root_path . 'common.' . $phpEx;
require $phpbb_root_path . 'ads/constants.' . $phpEx;
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup('mods/info_acp_ads');
// Display a login box if they are not logged in
if (!$user->data['is_registered']) {
login_box();
}
if (!file_exists($phpbb_root_path . 'umil/umil_frontend.' . $phpEx)) {
trigger_error('Please download the latest UMIL (Unified MOD Install Library) from: <a href="http://www.phpbb.com/mods/umil/">phpBB.com/mods/umil</a>', E_USER_ERROR);
}
include $phpbb_root_path . 'umil/umil_frontend.' . $phpEx;
$umil = new umil_frontend('ACP_ADVERTISEMENT_MANAGEMENT', true);
// Check after initiating UMIL.
if ($user->data['user_type'] != USER_FOUNDER) {
trigger_error('FOUNDERS_ONLY');
}
if ($umil->confirm_box(true)) {
include $phpbb_root_path . 'ads/versions.' . $phpEx;
$umil->run_actions('uninstall', $versions, 'ads_version');
} else {
$umil->display_stages(array('CONFIRM', 'UNINSTALL'));
// Start session management
//$user->session_begin();
//$auth->acl($user->data);
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
$db->return_on_error = 1;
if (!$user->data['is_registered'])
{
if ($user->data['is_bot'])
{
redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
}
login_box('', 'LOGIN');
}
else if ($user->data['user_type'] != USER_FOUNDER)
{
die('You are not allowed in here. :)');
}
//if (isset($config['photo_gallery_version']) && version_compare($config['photo_gallery_version'], '0.1.0', '>='))
//{
// trigger_error('you already have the latest photo gallery installed');
// exit;
//}
switch ($db->sql_layer)
{
case 'mysql':
function main($id, $mode)
{
global $config, $phpbb_root_path, $phpEx;
global $db, $user, $auth, $template;
$user_id = request_var('u', 0);
$key = request_var('k', '');
$sql = 'SELECT user_id, username, user_type, user_email, user_newpasswd, user_lang, user_notify_type, user_actkey, user_inactive_reason
FROM ' . USERS_TABLE . "\n\t\t\tWHERE user_id = {$user_id}";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$user_row) {
trigger_error('NO_USER');
}
if ($user_row['user_type'] != USER_INACTIVE && !$user_row['user_newpasswd']) {
meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
trigger_error('ALREADY_ACTIVATED');
}
if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL || $user_row['user_actkey'] != $key) {
trigger_error('WRONG_ACTIVATION');
}
// Do not allow activating by non administrators when admin activation is on
// Only activation type the user should be able to do is INACTIVE_REMIND
// or activate a new password which is not an activation state :@
if (!$user_row['user_newpasswd'] && $user_row['user_inactive_reason'] != INACTIVE_REMIND && $config['require_activation'] == USER_ACTIVATION_ADMIN && !$auth->acl_get('a_user')) {
if (!$user->data['is_registered']) {
login_box('', $user->lang['NO_AUTH_OPERATION']);
}
trigger_error('NO_AUTH_OPERATION');
}
$update_password = $user_row['user_newpasswd'] ? true : false;
if ($update_password) {
$sql_ary = array('user_actkey' => '', 'user_password' => $user_row['user_newpasswd'], 'user_newpasswd' => '', 'user_pass_convert' => 0, 'user_login_attempts' => 0);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user_row['user_id'];
$db->sql_query($sql);
add_log('user', $user_row['user_id'], 'LOG_USER_NEW_PASSWORD', $user_row['username']);
}
if (!$update_password) {
include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx;
user_active_flip('activate', $user_row['user_id']);
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_actkey = ''\n\t\t\t\tWHERE user_id = {$user_row['user_id']}";
$db->sql_query($sql);
// Create the correct logs
add_log('user', $user_row['user_id'], 'LOG_USER_ACTIVE_USER');
if ($auth->acl_get('a_user')) {
add_log('admin', 'LOG_USER_ACTIVE', $user_row['username']);
}
}
if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) {
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$messenger = new messenger(false);
$messenger->template('admin_welcome_activated', $user_row['user_lang']);
$messenger->to($user_row['user_email'], $user_row['username']);
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($user_row['username'])));
$messenger->send($user_row['user_notify_type']);
$message = 'ACCOUNT_ACTIVE_ADMIN';
} else {
if (!$update_password) {
$message = $user_row['user_inactive_reason'] == INACTIVE_PROFILE ? 'ACCOUNT_ACTIVE_PROFILE' : 'ACCOUNT_ACTIVE';
} else {
$message = 'PASSWORD_ACTIVATED';
}
}
meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
trigger_error($user->lang[$message]);
}
if (!$config['load_unreads_search'])
{
$template->assign_var('S_NO_SEARCH', true);
trigger_error('NO_SEARCH_UNREADS');
}
else if (!$config['load_anon_lastread'] && !$user->data['is_registered'])
{
login_box('', $user->lang['LOGIN_EXPLAIN_UNREADSEARCH']);
}
break;
// The "new posts" search uses user_lastvisit which is user based, so it should require user to log in.
case 'newposts':
if ($user->data['user_id'] == ANONYMOUS)
{
login_box('', $user->lang['LOGIN_EXPLAIN_NEWPOSTS']);
}
break;
default:
// There's nothing to do here for now ;)
break;
}
// Is user able to search? Has search been disabled?
if (!$auth->acl_get('u_search') || !$auth->acl_getf_global('f_search') || !$config['load_search'])
{
$template->assign_var('S_NO_SEARCH', true);
trigger_error('NO_SEARCH');
}
$result = $_CLASS['core_db']->query($sql);
$posting_data = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$posting_data) {
trigger_error('NO_POST');
}
require_once $site_file_root . 'includes/forums/message_parser.php';
require_once $site_file_root . 'includes/forums/functions_admin.php';
require_once $site_file_root . 'includes/forums/functions_posting.php';
// remove
extract($posting_data);
if ($posting_data['forum_type'] == FORUM_POST && !$_CLASS['auth']->acl_get('f_' . $mode, $forum_id) && !$_CLASS['auth']->acl_get('m_' . $mode, $forum_id)) {
if ($_CLASS['core_user']->is_user) {
trigger_error('USER_CANNOT_' . strtoupper($mode));
}
login_box(array('explain' => $_CLASS['core_user']->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]));
}
$forum_id = (int) $posting_data['forum_id'];
$topic_id = (int) $topic_id;
$post_id = (int) $post_id;
$posting_data['post_edit_locked'] = isset($posting_data['post_edit_locked']) ? (int) $posting_data['post_edit_locked'] : false;
$_CLASS['core_user']->add_lang(array('posting', 'mcp', 'viewtopic'));
$_CLASS['core_user']->add_img();
if ($forum_password) {
$forum_info = array('forum_id' => $forum_id, 'forum_password' => $forum_password);
login_forum_box($forum_info);
unset($forum_info);
}
$post_subject = in_array($mode, array('quote', 'edit', 'delete')) ? $posting_data['post_subject'] : (isset($posting_data['topic_title']) ? $posting_data['topic_title'] : '');
$topic_time_limit = isset($posting_data['topic_time_limit']) && $posting_data['topic_time_limit'] ? (int) $posting_data['topic_time_limit'] / 86400 : 0;
$poll_length = isset($poll_length) ? $poll_length ? (int) $poll_length / 86400 : (int) $poll_length : 0;
//$fb_uid = $facebook->get_loggedin_user();
$fb_uid = $facebook->require_login();
if (!$fb_uid) {
exit;
}
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup('mods/facebook-connect');
$module = new p_master();
// phpBB login
if (!$user->data['is_registered']) {
if ($user->data['is_bot']) {
redirect(append_sid("{$phpbb_root_path}index.{$phpEx}"));
}
login_box('', $user->lang['LOGIN_EXPLAIN_FACEBOOK']);
}
// At this point, we are connected to both facebook and phpBB
// id facebook et user courant correspondent
// id facebook et user courant ne correspondent pas:
// id facebook 'trusted' présent mais pour un autre compte (et le facebok id de ce compte est vide ... ou pas)
// le compte courant a un facebook id autre que celui annoncé
// The facebook id is in the user row ?
if ($user->data['facebook_id']) {
// The facebook id is registered, and owned by the user connected
if ($user->data['facebook_id'] == $fb_uid) {
meta_refresh(3, append_sid("{$phpbb_root_path}/index.{$phpEx}"));
$message = $user->lang['FACEBOOK_ACCOUNT_ALREADY_LINKED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>');
trigger_error($message);
} else {
// Check who own the faceebook id
* @var bool is_authed Does the user have the required permissions?
* @since 3.1.3-RC1
*/
$vars = array('post_id', 'topic_id', 'forum_id', 'draft_id', 'lastclick', 'submit', 'preview', 'save', 'load', 'refresh', 'mode', 'error', 'is_authed');
extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars)));
if (!$is_authed) {
$check_auth = $mode == 'quote' ? 'reply' : $mode;
if ($user->data['is_registered']) {
trigger_error('USER_CANNOT_' . strtoupper($check_auth));
}
$message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)];
if ($request->is_ajax()) {
$json = new phpbb\json_response();
$json->send(array('title' => $user->lang['INFORMATION'], 'message' => $message));
}
login_box('', $message);
}
// Is the user able to post within this forum?
if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) {
trigger_error('USER_CANNOT_FORUM_POST');
}
// Forum/Topic locked?
if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) {
trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
}
// Can we edit this post ... if we're a moderator with rights then always yes
// else it depends on editing times, lock status and if we're the correct user
if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) {
$force_edit_allowed = false;
$s_cannot_edit = $user->data['user_id'] != $post_data['poster_id'];
$s_cannot_edit_time = $config['edit_time'] && $post_data['post_time'] <= time() - $config['edit_time'] * 60;
// egosearch is an author search
if ($search_id == 'egosearch')
{
$author_id = $user->data['user_id'];
if ($user->data['user_id'] == ANONYMOUS)
{
login_box('', $user->lang['LOGIN_EXPLAIN_EGOSEARCH']);
}
}
// search for unread posts needs user to be logged in
// if topics tracking for guests is disabled
if ($search_id == 'unreadposts' && !$config['load_anon_lastread'] && !$user->data['is_registered'])
{
login_box('', $user->lang['LOGIN_EXPLAIN_UNREADSEARCH']);
}
// If we are looking for authors get their ids
$author_id_ary = array();
$sql_author_match = '';
if ($author_id)
{
$author_id_ary[] = $author_id;
}
else if ($author)
{
if ((strpos($author, '*') !== false) && (utf8_strlen(str_replace(array('*', '%'), '', $author)) < $config['min_search_author_chars']))
{
trigger_error(sprintf($user->lang['TOO_FEW_AUTHOR_CHARS'], $config['min_search_author_chars']));
}
$user->setup(array('posting', 'lang_meeting', 'meetings', 'viewtopic', 'mods/gallery'));
$gallery_root_path = GALLERY_ROOT_PATH;
include_once "{$phpbb_root_path}{$gallery_root_path}includes/common.{$phpEx}";
include_once "{$phpbb_root_path}{$gallery_root_path}includes/permissions.{$phpEx}";
add_form_key('gallery');
/**
*/
// Set start point for meeting overview list
$config['posts_per_page'] = $user->data['user_posts_per_page'];
$per_page = $config['posts_per_page'];
// Start auth check
if (!$auth->acl_get('u_meeting_view')) {
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('MEETING_AUTH_NO_VIEW');
}
login_box('', $user->lang['LOGIN_VIEWMEETING']);
}
// Grab Meeting config
$sql = 'SELECT *
FROM ' . MEETING_CONFIG_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$meeting_config[$row['config_name']] = $row['config_value'];
}
$db->sql_freeresult($result);
// Grab only parameters needed here
$id = request_var('id', 0);
$mode = request_var('mode', '');
$video = request_var('album_video', '');
//++++++++++++++++++++++++++++++++++++++++++++++++
$mode = !$mode ? 'detail' : $mode;
define('IN_PHPBB', true);
$phpbb_root_path = defined('PHPBB_ROOT_PATH') ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include $phpbb_root_path . 'common.' . $phpEx;
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup('viewforum');
// Mark notifications read
if ($mark_notification = $request->variable('mark_notification', 0)) {
if ($user->data['user_id'] == ANONYMOUS) {
if ($request->is_ajax()) {
trigger_error('LOGIN_REQUIRED');
}
login_box('', $user->lang['LOGIN_REQUIRED']);
}
if (check_link_hash($request->variable('hash', ''), 'mark_notification_read')) {
/* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
$notification = $phpbb_notifications->load_notifications(array('notification_id' => $mark_notification));
if (isset($notification['notifications'][$mark_notification])) {
$notification = $notification['notifications'][$mark_notification];
$notification->mark_read();
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => true));
}
if ($redirect = $request->variable('redirect', '')) {
redirect(append_sid($phpbb_root_path . $redirect));
}
$template->assign_block_vars('pic_row', array('U_IMAGE' => ($gallery_data[$i]['attach_id'] and $gallery_data[$i]['attach_is_image'] and !empty($gallery_data[$i]['attach_thumb_location']) and !empty($gallery_data[$i]['attach_location'])) ? append_sid("{$phpbb_root_path}garage.{$phpEx}", "mode=view_image&image_id=" . $gallery_data[$i]['attach_id']) : '', 'U_REMOVE_IMAGE' => append_sid("{$phpbb_root_path}garage_track.{$phpEx}", "mode=remove_lap_image&&VID={$vid}&LID={$lid}&image_id=" . $gallery_data[$i]['attach_id']), 'U_SET_HILITE' => $gallery_data[$i]['hilite'] == 0 ? append_sid("{$phpbb_root_path}garage_track.{$phpEx}", "mode=set_lap_hilite&image_id=" . $gallery_data[$i]['attach_id'] . "&VID={$vid}&LID={$lid}") : '', 'IMAGE' => $phpbb_root_path . GARAGE_UPLOAD_PATH . $gallery_data[$i]['attach_thumb_location'], 'IMAGE_TITLE' => $gallery_data[$i]['attach_file']));
}
$garage_template->sidemenu();
break;
/**
* Update existing lap
*/
/**
* Update existing lap
*/
case 'update_lap':
/**
* Check user logged in, else redirecting to login with return address to get them back
*/
if ($user->data['user_id'] == ANONYMOUS) {
login_box("garage_track.{$phpEx}?mode=edit_lap&LID={$lid}&VID={$vid}");
}
/**
* Check vehicle ownership, only owners & moderators with correct permissions get past here
*/
$garage_vehicle->check_ownership($vid);
/**
* Get all required/optional data and check required data is present
*/
$params = array('track_id' => '', 'condition_id' => '', 'type_id' => '', 'minute' => '', 'second' => '', 'millisecond' => '', 'redirect' => '');
$data = $garage->process_vars($params);
$params = array('track_id', 'condition_id', 'type_id', 'minute', 'second', 'millisecond');
$garage->check_required_vars($params);
/**
* Perform required DB work to update lap
*/
function main($id, $mode)
{
global $config, $phpbb_root_path, $phpEx;
global $db, $user, $auth, $template, $phpbb_container, $phpbb_dispatcher;
$user_id = request_var('u', 0);
$key = request_var('k', '');
$sql = 'SELECT user_id, username, user_type, user_email, user_newpasswd, user_lang, user_notify_type, user_actkey, user_inactive_reason
FROM ' . USERS_TABLE . "\n\t\t\tWHERE user_id = {$user_id}";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$user_row) {
trigger_error('NO_USER');
}
if ($user_row['user_type'] != USER_INACTIVE && !$user_row['user_newpasswd']) {
meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
trigger_error('ALREADY_ACTIVATED');
}
if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL || $user_row['user_actkey'] !== $key) {
trigger_error('WRONG_ACTIVATION');
}
// Do not allow activating by non administrators when admin activation is on
// Only activation type the user should be able to do is INACTIVE_REMIND
// or activate a new password which is not an activation state :@
if (!$user_row['user_newpasswd'] && $user_row['user_inactive_reason'] != INACTIVE_REMIND && $config['require_activation'] == USER_ACTIVATION_ADMIN && !$auth->acl_get('a_user')) {
if (!$user->data['is_registered']) {
login_box('', $user->lang['NO_AUTH_OPERATION']);
}
trigger_error('NO_AUTH_OPERATION');
}
$update_password = $user_row['user_newpasswd'] ? true : false;
if ($update_password) {
$sql_ary = array('user_actkey' => '', 'user_password' => $user_row['user_newpasswd'], 'user_newpasswd' => '', 'user_login_attempts' => 0);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user_row['user_id'];
$db->sql_query($sql);
add_log('user', $user_row['user_id'], 'LOG_USER_NEW_PASSWORD', $user_row['username']);
}
if (!$update_password) {
include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx;
user_active_flip('activate', $user_row['user_id']);
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_actkey = ''\n\t\t\t\tWHERE user_id = {$user_row['user_id']}";
$db->sql_query($sql);
// Create the correct logs
add_log('user', $user_row['user_id'], 'LOG_USER_ACTIVE_USER');
if ($auth->acl_get('a_user')) {
add_log('admin', 'LOG_USER_ACTIVE', $user_row['username']);
}
}
if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) {
$phpbb_notifications = $phpbb_container->get('notification_manager');
$phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']);
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$messenger = new messenger(false);
$messenger->template('admin_welcome_activated', $user_row['user_lang']);
$messenger->set_addresses($user_row);
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($user_row['username'])));
$messenger->send($user_row['user_notify_type']);
$message = 'ACCOUNT_ACTIVE_ADMIN';
} else {
if (!$update_password) {
$message = $user_row['user_inactive_reason'] == INACTIVE_PROFILE ? 'ACCOUNT_ACTIVE_PROFILE' : 'ACCOUNT_ACTIVE';
} else {
$message = 'PASSWORD_ACTIVATED';
}
}
/**
* This event can be used to modify data after user account's activation
*
* @event core.ucp_activate_after
* @var array user_row Array with some user data
* @var string message Language string of the message that will be displayed to the user
* @since 3.1.6-RC1
*/
$vars = array('user_row', 'message');
extract($phpbb_dispatcher->trigger_event('core.ucp_activate_after', compact($vars)));
meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
trigger_error($user->lang[$message]);
}
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('SORRY_AUTH_READ');
}
login_box('', $user->lang['LOGIN_VIEWFORUM']);
}
// Forum is passworded ... check whether access has been granted to this
// user this session, if not show login box
if ($topic_data['forum_password']) {
login_forum_box($topic_data);
}
// Redirect to login or to the correct post upon emailed notification links
if (isset($_GET['e'])) {
$jump_to = request_var('e', 0);
$redirect_url = append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", "f={$forum_id}&t={$topic_id}");
if ($user->data['user_id'] == ANONYMOUS) {
login_box($redirect_url . "&p={$post_id}&e={$jump_to}", $user->lang['LOGIN_NOTIFY_TOPIC']);
}
if ($jump_to > 0) {
// We direct the already logged in user to the correct post...
redirect($redirect_url . (!$post_id ? "&p={$jump_to}" : "&p={$post_id}") . "#p{$jump_to}");
}
}
// What is start equal to?
if ($post_id) {
$start = floor($topic_data['prev_posts'] / $config['posts_per_page']) * $config['posts_per_page'];
}
// Get topic tracking info
if (!isset($topic_tracking_info)) {
$topic_tracking_info = array();
// Get topic tracking info
if ($config['load_db_lastread'] && $user->data['is_registered']) {
$auth->acl($user->data);
$user->setup('memberlist');
// Get and set some variables
$mode = $request->variable('mode', '');
$session_id = $request->variable('s', '');
$start = $request->variable('start', 0);
$sort_key = $request->variable('sk', 'b');
$sort_dir = $request->variable('sd', 'd');
$show_guests = $config['load_online_guests'] ? $request->variable('sg', 0) : 0;
// Can this user view profiles/memberlist?
if (!$auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) {
if ($user->data['user_id'] != ANONYMOUS) {
send_status_line(403, 'Forbidden');
trigger_error('NO_VIEW_USERS');
}
login_box('', $user->lang['LOGIN_EXPLAIN_VIEWONLINE']);
}
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
/* @var $viewonline_helper \phpbb\viewonline_helper */
$viewonline_helper = $phpbb_container->get('viewonline_helper');
$sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_JOINED'], 'c' => $user->lang['SORT_LOCATION']);
$sort_key_sql = array('a' => 'u.username_clean', 'b' => 's.session_time', 'c' => 's.session_page');
// Sorting and order
if (!isset($sort_key_text[$sort_key])) {
$sort_key = 'b';
}
$order_by = $sort_key_sql[$sort_key] . ' ' . ($sort_dir == 'a' ? 'ASC' : 'DESC');
// Whois requested
if ($mode == 'whois' && $auth->acl_get('a_') && $session_id) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
$template->assign_block_vars('pic_row', array('U_IMAGE' => ($gallery_data[$i]['attach_id'] and $gallery_data[$i]['attach_is_image'] and !empty($gallery_data[$i]['attach_thumb_location']) and !empty($gallery_data[$i]['attach_location'])) ? append_sid("{$phpbb_root_path}garage.{$phpEx}", "mode=view_image&image_id=" . $gallery_data[$i]['attach_id']) : '', 'U_REMOVE_IMAGE' => append_sid("{$phpbb_root_path}garage_dynorun.{$phpEx}", "mode=remove_dynorun_image&&VID={$vid}&DID={$did}&image_id=" . $gallery_data[$i]['attach_id']), 'U_SET_HILITE' => $gallery_data[$i]['hilite'] == 0 ? append_sid("{$phpbb_root_path}garage_dynorun.{$phpEx}", "mode=set_dynorun_hilite&image_id=" . $gallery_data[$i]['attach_id'] . "&VID={$vid}&DID={$did}") : '', 'IMAGE' => $phpbb_root_path . GARAGE_UPLOAD_PATH . $gallery_data[$i]['attach_thumb_location'], 'IMAGE_TITLE' => $gallery_data[$i]['attach_file']));
}
$garage_template->sidemenu();
break;
/**
* Update existing dynorun
*/
/**
* Update existing dynorun
*/
case 'update_dynorun':
/**
* Check user logged in, else redirecting to login with return address to get them back
*/
if ($user->data['user_id'] == ANONYMOUS) {
login_box("garage_dynorun.{$phpEx}?mode=edit_dynorun&DID={$did}&VID={$vid}");
}
/**
* Check vehicle ownership, only owners & moderators with correct permissions get past here
*/
$garage_vehicle->check_ownership($vid);
/**
* Get all required/optional data and check required data is present
*/
$params = array('dynocentre_id' => '', 'bhp' => '', 'bhp_decimal' => '', 'torque' => '', 'torque_decimal' => '', 'boost' => '', 'boost_decimal' => '', 'nitrous' => '', 'peakpoint' => '', 'peakpoint_decimal' => '', 'editupload' => '', 'image_id' => '', 'redirect' => '');
$data = $garage->process_vars($params);
$params = array('bhp_unit' => '', 'torque_unit' => '', 'boost_unit' => '');
$data += $garage->process_mb_vars($params);
$params = array('dynocentre_id', 'bhp', 'bhp_decimal', 'bhp_unit');
$garage->check_required_vars($params);
/**
$group_id = request_var('g', 0);
$topic_id = request_var('t', 0);
// Check our mode...
if (!in_array($mode, array('', 'group', 'viewprofile', 'email', 'contact', 'searchuser', 'leaders'))) {
trigger_error('NO_MODE');
}
switch ($mode) {
case 'email':
break;
default:
// Can this user view profiles/memberlist?
if (!$auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) {
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('NO_VIEW_USERS');
}
login_box('', isset($user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]) ? $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)] : $user->lang['LOGIN_EXPLAIN_MEMBERLIST']);
}
break;
}
$start = request_var('start', 0);
$submit = isset($_POST['submit']) ? true : false;
$default_key = 'c';
$sort_key = request_var('sk', $default_key);
$sort_dir = request_var('sd', 'a');
// Grab rank information for later
$ranks = $cache->obtain_ranks();
// What do you want to do today? ... oops, I think that line is taken ...
switch ($mode) {
case 'leaders':
// Display a listing of board admins, moderators
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
$sql_order = $sort_by_sql[$sort_key] . ' ' . ($sort_dir == 'd' ? 'DESC' : 'ASC');
/**
* Search
*/
if ($keywords || $username || $user_id || $search_id || $submit) {
// clear arrays
$id_ary = array();
// This is what our Search could so far
if ($user_id) {
$search_id = 'usersearch';
}
// egosearch is an user search
if ($search_id == 'egosearch') {
$user_id = $user->data['user_id'];
if ($user->data['user_id'] == ANONYMOUS) {
login_box('', $user->lang['LOGIN_EXPLAIN_EGOSEARCH']);
}
}
// If we are looking for authors get their ids
$user_id_ary = array();
if ($username) {
if (strpos($username, '*') !== false && utf8_strlen(str_replace(array('*', '%'), '', $username)) < $config['min_search_author_chars']) {
trigger_error(sprintf($user->lang['TOO_FEW_AUTHOR_CHARS'], $config['min_search_author_chars']));
}
$sql_where = strpos($username, '*') !== false ? ' username_clean ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($username))) : " username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
// Missing images and comments of guests/deleted users
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . "\n\t\t\tWHERE {$sql_where}\n\t\t\t\tAND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
$result = $db->sql_query_limit($sql, 100);
while ($row = $db->sql_fetchrow($result)) {
$user_id_ary[] = (int) $row['user_id'];
/**
* Check for banned user
*
* Checks whether the supplied user is banned by id, ip or email. If no parameters
* are passed to the method pre-existing session data is used.
*
* @param int|false $user_id The user id
* @param mixed $user_ips Can contain a string with one IP or an array of multiple IPs
* @param string|false $user_email The user email
* @param bool $return If $return is false this routine does not return on finding a banned user,
* it outputs a relevant message and stops execution.
*/
function check_ban($user_id = false, $user_ips = false, $user_email = false, $return = false)
{
global $config, $db, $phpbb_dispatcher;
if (defined('IN_CHECK_BAN') || defined('SKIP_CHECK_BAN')) {
return;
}
$banned = false;
$cache_ttl = 3600;
$where_sql = array();
$sql = 'SELECT ban_ip, ban_userid, ban_email, ban_exclude, ban_give_reason, ban_end
FROM ' . BANLIST_TABLE . '
WHERE ';
// Determine which entries to check, only return those
if ($user_email === false) {
$where_sql[] = "ban_email = ''";
}
if ($user_ips === false) {
$where_sql[] = "(ban_ip = '' OR ban_exclude = 1)";
}
if ($user_id === false) {
$where_sql[] = '(ban_userid = 0 OR ban_exclude = 1)';
} else {
$cache_ttl = $user_id == ANONYMOUS ? 3600 : 0;
$_sql = '(ban_userid = ' . $user_id;
if ($user_email !== false) {
$_sql .= " OR ban_email <> ''";
}
if ($user_ips !== false) {
$_sql .= " OR ban_ip <> ''";
}
$_sql .= ')';
$where_sql[] = $_sql;
}
$sql .= sizeof($where_sql) ? implode(' AND ', $where_sql) : '';
$result = $db->sql_query($sql, $cache_ttl);
$ban_triggered_by = 'user';
while ($row = $db->sql_fetchrow($result)) {
if ($row['ban_end'] && $row['ban_end'] < time()) {
continue;
}
$ip_banned = false;
if (!empty($row['ban_ip'])) {
if (!is_array($user_ips)) {
$ip_banned = preg_match('#^' . str_replace('\\*', '.*?', preg_quote($row['ban_ip'], '#')) . '$#i', $user_ips);
} else {
foreach ($user_ips as $user_ip) {
if (preg_match('#^' . str_replace('\\*', '.*?', preg_quote($row['ban_ip'], '#')) . '$#i', $user_ip)) {
$ip_banned = true;
break;
}
}
}
}
if (!empty($row['ban_userid']) && intval($row['ban_userid']) == $user_id || $ip_banned || !empty($row['ban_email']) && preg_match('#^' . str_replace('\\*', '.*?', preg_quote($row['ban_email'], '#')) . '$#i', $user_email)) {
if (!empty($row['ban_exclude'])) {
$banned = false;
break;
} else {
$banned = true;
$ban_row = $row;
if (!empty($row['ban_userid']) && intval($row['ban_userid']) == $user_id) {
$ban_triggered_by = 'user';
} else {
if ($ip_banned) {
$ban_triggered_by = 'ip';
} else {
$ban_triggered_by = 'email';
}
}
// Don't break. Check if there is an exclude rule for this user
}
}
}
$db->sql_freeresult($result);
/**
* Event to set custom ban type
*
* @event core.session_set_custom_ban
* @var bool return If $return is false this routine does not return on finding a banned user, it outputs a relevant message and stops execution
* @var bool banned Check if user already banned
* @var array|false ban_row Ban data
* @var string ban_triggered_by Method that caused ban, can be your custom method
* @since 3.1.3-RC1
*/
$ban_row = isset($ban_row) ? $ban_row : false;
$vars = array('return', 'banned', 'ban_row', 'ban_triggered_by');
extract($phpbb_dispatcher->trigger_event('core.session_set_custom_ban', compact($vars)));
if ($banned && !$return) {
global $template, $phpbb_root_path, $phpEx;
// If the session is empty we need to create a valid one...
if (empty($this->session_id)) {
// This seems to be no longer needed? - #14971
// $this->session_create(ANONYMOUS);
}
// Initiate environment ... since it won't be set at this stage
$this->setup();
// Logout the user, banned users are unable to use the normal 'logout' link
if ($this->data['user_id'] != ANONYMOUS) {
$this->session_kill();
}
// We show a login box here to allow founders accessing the board if banned by IP
if (defined('IN_LOGIN') && $this->data['user_id'] == ANONYMOUS) {
$this->setup('ucp');
$this->data['is_registered'] = $this->data['is_bot'] = false;
// Set as a precaution to allow login_box() handling this case correctly as well as this function not being executed again.
define('IN_CHECK_BAN', 1);
login_box("index.{$phpEx}");
// The false here is needed, else the user is able to circumvent the ban.
$this->session_kill(false);
}
// Ok, we catch the case of an empty session id for the anonymous user...
// This can happen if the user is logging in, banned by username and the login_box() being called "again".
if (empty($this->session_id) && defined('IN_CHECK_BAN')) {
$this->session_create(ANONYMOUS);
}
// Determine which message to output
$till_date = $ban_row['ban_end'] ? $this->format_date($ban_row['ban_end']) : '';
$message = $ban_row['ban_end'] ? 'BOARD_BAN_TIME' : 'BOARD_BAN_PERM';
$contact_link = phpbb_get_board_contact_link($config, $phpbb_root_path, $phpEx);
$message = sprintf($this->lang[$message], $till_date, '<a href="' . $contact_link . '">', '</a>');
$message .= $ban_row['ban_give_reason'] ? '<br /><br />' . sprintf($this->lang['BOARD_BAN_REASON'], $ban_row['ban_give_reason']) : '';
$message .= '<br /><br /><em>' . $this->lang['BAN_TRIGGERED_BY_' . strtoupper($ban_triggered_by)] . '</em>';
// To circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again
$this->session_kill(false);
// A very special case... we are within the cron script which is not supposed to print out the ban message... show blank page
if (defined('IN_CRON')) {
garbage_collection();
exit_handler();
exit;
}
trigger_error($message);
}
return $banned && $ban_row['ban_give_reason'] ? $ban_row['ban_give_reason'] : $banned;
}
/**
* Topic and forum watching common code
*/
function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, $notify_status = 'unset', $start = 0)
{
global $template, $db, $user, $phpEx, $start, $phpbb_root_path;
$table_sql = $mode == 'forum' ? FORUMS_WATCH_TABLE : TOPICS_WATCH_TABLE;
$where_sql = $mode == 'forum' ? 'forum_id' : 'topic_id';
$match_id = $mode == 'forum' ? $forum_id : $topic_id;
$u_url = "uid={$user->data['user_id']}";
$u_url .= $mode == 'forum' ? '&f' : '&f=' . $forum_id . '&t';
// Is user watching this thread?
if ($user_id != ANONYMOUS) {
$can_watch = true;
if ($notify_status == 'unset') {
$sql = "SELECT notify_status\n\t\t\t\tFROM {$table_sql}\n\t\t\t\tWHERE {$where_sql} = {$match_id}\n\t\t\t\t\tAND user_id = {$user_id}";
$result = $db->sql_query($sql);
$notify_status = ($row = $db->sql_fetchrow($result)) ? $row['notify_status'] : NULL;
$db->sql_freeresult($result);
}
if (!is_null($notify_status) && $notify_status !== '') {
if (isset($_GET['unwatch'])) {
$uid = request_var('uid', 0);
if ($uid != $user_id) {
$redirect_url = append_sid("{$phpbb_root_path}view{$mode}.{$phpEx}", "{$u_url}={$match_id}&start={$start}");
$message = $user->lang['ERR_UNWATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
trigger_error($message);
}
if ($_GET['unwatch'] == $mode) {
$is_watching = 0;
$sql = 'DELETE FROM ' . $table_sql . "\n\t\t\t\t\t\tWHERE {$where_sql} = {$match_id}\n\t\t\t\t\t\t\tAND user_id = {$user_id}";
$db->sql_query($sql);
}
$redirect_url = append_sid("{$phpbb_root_path}view{$mode}.{$phpEx}", "{$u_url}={$match_id}&start={$start}");
meta_refresh(3, $redirect_url);
$message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
trigger_error($message);
} else {
$is_watching = true;
if ($notify_status) {
$sql = 'UPDATE ' . $table_sql . "\n\t\t\t\t\t\tSET notify_status = 0\n\t\t\t\t\t\tWHERE {$where_sql} = {$match_id}\n\t\t\t\t\t\t\tAND user_id = {$user_id}";
$db->sql_query($sql);
}
}
} else {
if (isset($_GET['watch'])) {
$token = request_var('hash', '');
$redirect_url = append_sid("{$phpbb_root_path}view{$mode}.{$phpEx}", "{$u_url}={$match_id}&start={$start}");
if ($_GET['watch'] == $mode && check_link_hash($token, "{$mode}_{$match_id}")) {
$is_watching = true;
$sql = 'INSERT INTO ' . $table_sql . " (user_id, {$where_sql}, notify_status)\n\t\t\t\t\t\tVALUES ({$user_id}, {$match_id}, 0)";
$db->sql_query($sql);
$message = $user->lang['ARE_WATCHING_' . strtoupper($mode)] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
} else {
$message = $user->lang['ERR_WATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
}
meta_refresh(3, $redirect_url);
trigger_error($message);
} else {
$is_watching = 0;
}
}
} else {
if (isset($_GET['unwatch']) && $_GET['unwatch'] == $mode) {
login_box();
} else {
$can_watch = 0;
$is_watching = 0;
}
}
if ($can_watch) {
$s_watching['link'] = append_sid("{$phpbb_root_path}view{$mode}.{$phpEx}", "{$u_url}={$match_id}&" . ($is_watching ? 'unwatch' : 'watch') . "={$mode}&start={$start}&hash=" . generate_link_hash("{$mode}_{$match_id}"));
$s_watching['title'] = $user->lang[($is_watching ? 'STOP' : 'START') . '_WATCHING_' . strtoupper($mode)];
$s_watching['is_watching'] = $is_watching;
}
return;
}
