function calendar_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
$id = $vars["cid"];
$calendar = $phpcdb->get_calendar($id);
if (empty($calendar)) {
soft_error(__("Invalid calendar ID."));
}
if (empty($vars["confirm"])) {
$html->add(tag('p', __('Confirm you want to delete calendar:') . $calendar->get_title()));
$html->add(" [ ", create_action_link(__('Confirm'), "calendar_delete", array("cid" => $id, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
if (!$calendar->can_admin()) {
$html->add(tag('p', __("You do not have permission to remove calendar") . ": {$id}"));
return $html;
}
if ($phpcdb->delete_calendar($id)) {
$html->add(tag('p', __("Removed calendar") . ": {$id}"));
} else {
$html->add(tag('p', __("Could not remove calendar") . ": {$id}"));
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function occurrence_delete()
{
global $vars, $phpcdb, $phpcid, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["oid"])) {
$message = __('No occurrence selected.');
$html->add(tag('p', $message));
return $html;
}
if (is_array($vars["oid"])) {
$oids = $vars["oid"];
} else {
$oids = array($vars["oid"]);
}
$removed_occurs = array();
$unremoved_occurs = array();
$permission_denied = array();
foreach ($oids as $oid) {
$occur = $phpcdb->get_occurrence_by_oid($oid);
if (!$occur->can_modify()) {
$permission_denied[] = $oid;
} else {
if ($phpcdb->delete_occurrence($oid)) {
$removed_occurs[] = $oid;
// TODO: Verify that the event still has occurences.
$eid = $occur->get_eid();
} else {
$unremoved_occurs[] = $oid;
}
}
}
if (sizeof($removed_occurs) > 0) {
if (sizeof($removed_occurs) == 1) {
$text = __("Removed occurrence");
} else {
$text = __("Removed occurrences");
}
$text .= ': ' . implode(', ', $removed_occurs);
$html->add(tag('p', $text));
}
if (sizeof($unremoved_occurs) > 0) {
if (sizeof($unremoved_occurs) == 1) {
$text = __("Could not remove occurrence");
} else {
$text = __("Could not remove occurrences");
}
$text .= ': ' . implode(', ', $unremoved_occurs);
$html->add(tag('p', $text));
}
if (sizeof($permission_denied) > 0) {
if (sizeof($permission_denied) == 1) {
$text = __("You do not have permission to remove the occurrence.");
} else {
$text = __("You do not have permission to remove occurrences.");
}
$text .= ': ' . implode(', ', $permission_denied);
$html->add(tag('p', $text));
}
return message_redirect($html, "{$phpc_script}?action=display_event&phpcid={$phpcid}&eid={$eid}");
}
function category_delete()
{
global $vars, $phpcdb, $phpcid, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["catid"])) {
return message_redirect(__('No category selected.'), "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
if (is_array($vars["catid"])) {
$ids = $vars["catid"];
} else {
$ids = array($vars["catid"]);
}
$categories = array();
foreach ($ids as $id) {
$categories[] = $phpcdb->get_category($id);
}
foreach ($categories as $category) {
if (empty($category['cid']) && !is_admin() || !$phpcdb->get_calendar($category['cid'])->can_admin()) {
$html->add(tag('p', __("You do not have permission to delete category: ") . $category['catid']));
continue;
}
if ($phpcdb->delete_category($category['catid'])) {
$html->add(tag('p', __("Removed category: ") . $category['catid']));
} else {
$html->add(tag('p', __("Could not remove category: ") . $category['catid']));
}
}
return message_redirect($html, "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
function user_permissions_submit()
{
global $phpcid, $phpc_cal, $vars, $phpcdb, $phpc_script;
if (!$phpc_cal->can_admin()) {
return tag('div', __('Permission denied'));
}
if (empty($vars['uid'])) {
return tag('div', __('No users'));
}
$users = array();
foreach ($vars['uid'] as $uid) {
$perm_names = array('read', 'write', 'readonly', 'modify', 'admin');
$old_perms = $phpcdb->get_permissions($phpcid, $uid);
$new_perms = array();
$different = false;
foreach ($perm_names as $perm_name) {
$new_perms[$perm_name] = asbool(!empty($vars["{$perm_name}{$uid}"]));
if (empty($old_perms[$perm_name]) != empty($vars["{$perm_name}{$uid}"])) {
$different = true;
}
}
if ($different) {
$user = $phpcdb->get_user($uid);
$users[] = $user->get_username();
$phpcdb->update_permissions($phpcid, $uid, $new_perms);
}
}
if (sizeof($users) == 0) {
$message = __('No changes to make.');
} else {
$message = __('Updated user(s):') . ' ' . implode(', ', $users);
}
return message_redirect($message, "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
function user_settings_submit()
{
global $phpcid, $vars, $phpcdb, $phpc_user_tz, $phpc_user_lang, $phpc_prefix, $phpc_user, $phpc_script;
verify_token();
// If we have a timezone, make sure it's valid
if (!empty($vars["timezone"]) && !in_array($vars['timezone'], timezone_identifiers_list())) {
soft_error(__("Invalid timezone."));
}
// Expire 20 years in the future, give or take.
$expiration_time = time() + 20 * 365 * 24 * 60 * 60;
// One hour in the past
$past_time = time() - 3600;
if (!empty($vars["timezone"])) {
setcookie("{$phpc_prefix}tz", $vars['timezone'], $expiration_time);
} else {
setcookie("{$phpc_prefix}tz", '', $past_time);
}
if (!empty($vars["language"])) {
setcookie("{$phpc_prefix}lang", $vars['language'], $expiration_time);
} else {
setcookie("{$phpc_prefix}lang", '', $past_time);
}
if (is_user()) {
$uid = $phpc_user->get_uid();
$phpcdb->set_user_default_cid($uid, $vars['default_cid']);
$phpcdb->set_timezone($uid, $vars['timezone']);
$phpcdb->set_language($uid, $vars['language']);
$phpc_user_tz = $vars["timezone"];
$phpc_user_lang = $vars["language"];
}
return message_redirect(__('Settings updated.'), "{$phpc_script}?action=user_settings&phpcid={$phpcid}");
}
function user_enable()
{
global $vars, $phpcid, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (!is_admin()) {
$html->add(tag('p', __('You must be an admin to enable users.')));
return $html;
}
if (empty($vars["uid"])) {
$html->add(tag('p', __('No user selected.')));
return $html;
}
if (is_array($vars["uid"])) {
$ids = $vars["uid"];
} else {
$ids = array($vars["uid"]);
}
foreach ($ids as $id) {
if ($phpcdb->enable_user($id)) {
$html->add(tag('p', __("Enabled user: {$id}")));
} else {
$html->add(tag('p', __("Could not enable user: {$id}")));
}
}
return message_redirect($html, "{$phpc_script}?action=admin&phpcid={$phpcid}");
}
function category_submit()
{
global $vars, $phpcdb, $phpc_script, $phpc_cal;
if (empty($vars["text-color"]) || empty($vars["bg-color"])) {
$page = "{$phpc_script}?action=category_form";
if (!empty($vars["cid"])) {
$page .= "&cid={$vars["cid"]}";
}
if (!empty($vars["catid"])) {
$page .= "&catid={$vars["catid"]}";
}
return message_redirect(__("Color not specified."), $page);
}
// The current widget produces hex values without the "#".
// We may in the future want to allow different input, so store the
// values with the "#"
$text_color = '#' . $vars["text-color"];
$bg_color = '#' . $vars["bg-color"];
if (empty($vars['gid']) || strlen($vars['gid']) == 0) {
$gid = 0;
} else {
$gid = $vars['gid'];
}
if (!check_color($text_color) || !check_color($bg_color)) {
soft_error(__("Invalid color."));
}
if (!isset($vars['catid'])) {
$modify = false;
if (!isset($vars['cid'])) {
$cid = null;
if (!is_admin()) {
permission_error(__('You do not have permission to add categories to all calendars.'));
}
} else {
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_admin()) {
permission_error(__('You do not have permission to add categories to this calendar.'));
}
}
$catid = $phpcdb->create_category($cid, $vars["name"], $text_color, $bg_color, $gid);
} else {
$modify = true;
$catid = $vars['catid'];
$category = $phpcdb->get_category($catid);
if (!(empty($category['cid']) && is_admin() || $phpcdb->get_calendar($category["cid"])->can_admin())) {
soft_error(__("You do not have permission to modify this category."));
}
$phpcdb->modify_category($catid, $vars['name'], $text_color, $bg_color, $gid);
}
$page = "{$phpc_script}?action=cadmin&phpcid=" . $vars['phpcid'];
if ($modify) {
return message_redirect(__("Modified category: ") . $catid, $page);
}
if ($catid > 0) {
return message_redirect(__("Created category: ") . $catid, $page);
}
return tag('div', attributes('class="phpc-error"'), __('Error submitting category.'));
}
function field_submit()
{
global $vars, $phpcdb, $phpc_script, $phpc_cal;
$form_page = "{$phpc_script}?action=field_form";
if (!empty($vars["cid"])) {
$form_page .= "&cid={$vars["cid"]}";
}
if (!empty($vars["fid"])) {
$form_page .= "&fid={$vars["fid"]}";
}
if (empty($vars["name"])) {
return input_error(__("Name not specified."), $form_page);
}
$required = !empty($vars['name']) && $vars['required'] == '1';
if (empty($vars['format'])) {
$format = false;
} else {
$format = $vars['format'];
}
if (!isset($vars['fid'])) {
$modify = false;
if (!isset($vars['cid'])) {
$cid = null;
if (!is_admin()) {
permission_error(__('You do not have permission to add fields to all calendars.'));
}
} else {
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_admin()) {
permission_error(__('You do not have permission to add fields to this calendar.'));
}
}
$fid = $phpcdb->create_field($cid, $vars["name"], $required, $format);
} else {
$modify = true;
$fid = $vars['fid'];
$field = $phpcdb->get_field($fid);
if (!(empty($field['cid']) && is_admin() || $phpcdb->get_calendar($field["cid"])->can_admin())) {
permission_error(__("You do not have permission to modify this field."));
}
$phpcdb->modify_field($fid, $vars['name'], $required, $format);
}
$page = "{$phpc_script}?action=cadmin&phpcid={$vars['phpcid']}#phpc-fields";
if ($modify) {
return message_redirect(__("Modified field: ") . $fid, $page);
}
if ($fid > 0) {
return message_redirect(__("Created field: ") . $fid, $page);
}
return tag('div', attributes('class="phpc-error"'), __('Error submitting field.'));
}
function default_calendar()
{
global $vars, $phpcdb, $phpc_script, $phpc_user;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
if ($phpc_user->is_admin()) {
$phpcdb->set_config('default_cid', $vars['cid']);
$html->add(tag('p', __('Default calendar set to: ') . $vars['cid']));
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function group_delete()
{
global $vars, $phpcdb, $phpcid, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["gid"])) {
return message_redirect(__('No group selected.'), "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
if (is_array($vars["gid"])) {
$ids = $vars["gid"];
} else {
$ids = array($vars["gid"]);
}
$groups = array();
foreach ($ids as $id) {
$groups[] = $phpcdb->get_group($id);
}
if (empty($vars["confirm"])) {
$list = tag('ul');
foreach ($groups as $group) {
$list->add(tag('li', "{$id}: " . $group['name']));
}
$html->add(tag('p', __('Confirm you want to delete:')));
$html->add($list);
$html->add(" [ ", create_action_link(__('Confirm'), "group_delete", array("gid" => $ids, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
foreach ($groups as $group) {
if (empty($group['cid']) && !is_admin() || !$phpcdb->get_calendar($group['cid'])->can_admin()) {
$html->add(tag('p', __("You do not have permission to delete group: ") . $group['gid']));
continue;
}
if ($phpcdb->delete_group($group['gid'])) {
$html->add(tag('p', __("Removed group: ") . $group['gid']));
} else {
$html->add(tag('p', __("Could not remove group: ") . $group['gid']));
}
}
return message_redirect($html, "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
function calendar_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
if (is_array($vars["cid"])) {
$ids = $vars["cid"];
} else {
$ids = array($vars["cid"]);
}
if (empty($vars["confirm"])) {
$list = tag('ul');
foreach ($ids as $id) {
$calendar = $phpcdb->get_calendar($id);
$list->add(tag('li', "{$id}: " . $calendar->get_title()));
}
$html->add(tag('p', __('Confirm you want to delete:')));
$html->add($list);
$html->add(" [ ", create_action_link(__('Confirm'), "calendar_delete", array("cid" => $ids, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
foreach ($ids as $id) {
$calendar = $phpcdb->get_calendar($id);
if (!$calendar->can_admin()) {
$html->add(tag('p', __("You do not have permission to remove calendar") . ": {$id}"));
continue;
}
if ($phpcdb->delete_calendar($id)) {
$html->add(tag('p', __("Removed calendar") . ": {$id}"));
} else {
$html->add(tag('p', __("Could not remove calendar") . ": {$id}"));
}
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function user_delete()
{
global $vars, $phpcid, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (!is_admin()) {
$html->add(tag('p', __('You must be an admin to delete users.')));
return $html;
}
if (empty($vars["uid"])) {
$html->add(tag('p', __('No user selected.')));
return $html;
}
if (is_array($vars["uid"])) {
$ids = $vars["uid"];
} else {
$ids = array($vars["uid"]);
}
if (empty($vars["confirm"])) {
$list = tag('ul');
foreach ($ids as $id) {
$user = $phpcdb->get_user($id);
$list->add(tag('li', "{$id}: " . $user->get_username()));
}
$html->add(tag('p', __('Confirm you want to delete:')));
$html->add($list);
$html->add(" [ ", create_action_link(__('Confirm'), "user_delete", array("uid" => $ids, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
foreach ($ids as $id) {
if ($phpcdb->delete_user($id)) {
$html->add(tag('p', __("Removed user: {$id}")));
} else {
$html->add(tag('p', __("Could not remove user: {$id}")));
}
}
return message_redirect($html, "{$phpc_script}?action=admin&phpcid={$phpcid}");
}
function calendar_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
$id = $vars["cid"];
$calendar = $phpcdb->get_calendar($id);
if (empty($calendar)) {
soft_error(__("Calendar does not exist") . ": {$id}");
}
if (!$calendar->can_admin()) {
soft_error(__("You do not have permission to remove calendar") . ": {$id}");
}
if ($phpcdb->delete_calendar($id)) {
$html->add(tag('p', __("Removed calendar") . ": {$id}"));
} else {
$html->add(tag('p', __("Could not remove calendar") . ": {$id}"));
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function group_submit()
{
global $vars, $phpcdb, $phpc_script, $phpc_cal;
if (!isset($vars['gid'])) {
$modify = false;
if (!isset($vars['cid'])) {
$cid = null;
if (!is_admin()) {
permission_error(__('You do not have permission to add a global group.'));
}
} else {
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_admin()) {
permission_error(__('You do not have permission to add a group to this calendar.'));
}
}
$gid = $phpcdb->create_group($cid, $vars["name"]);
} else {
$modify = true;
$gid = $vars['gid'];
$group = $phpcdb->get_group($gid);
if (!(empty($group['cid']) && is_admin() || $phpcdb->get_calendar($group["cid"])->can_admin())) {
soft_error(__("You do not have permission to modify this group."));
}
$phpcdb->modify_group($gid, $vars['name']);
}
$page = "{$phpc_script}?action=cadmin&phpcid=" . $vars['cid'];
if ($modify) {
return message_redirect(__("Modified group: ") . $gid, $page);
}
if ($gid > 0) {
return message_redirect(__("Created group: ") . $gid, $page);
}
return tag('div', attributes('class="phpc-error"'), __('Error submitting group.'));
}
function cadmin_submit()
{
global $phpcid, $phpc_cal, $vars, $phpcdb, $phpc_script;
if (!$phpc_cal->can_admin()) {
return tag('div', __('Permission denied'));
}
foreach (get_config_options() as $item) {
if ($item[2] == PHPC_CHECK) {
if (isset($vars[$item[0]])) {
$value = "1";
} else {
$value = "0";
}
} else {
if (isset($vars[$item[0]])) {
$value = $vars[$item[0]];
} else {
soft_error($item[0] . __(" was not set."));
}
}
$phpcdb->update_config($phpcid, $item[0], $value);
}
return message_redirect(__('Updated options'), "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
$addtime = $board_time;
// write postdata
db_query("INSERT INTO " . $pref . "post SET\n\t\t\t user_id='" . U_ID . "',\n\t\t\t\t post_time='{$addtime}',\n\t\t\t\t post_text='" . addslashes($text) . "',\n\t\t\t\t guest_name='" . (U_ID == 0 ? $autor : '') . "',\n\t\t\t\t thread_id='{$threadid}',\n\t\t\t\t board_id='{$boardid}',\n\t\t\t\t post_ip='" . getenv('REMOTE_ADDR') . "',\n\t\t\t\t post_smilies='" . (isset($do_smilies) ? '1' : '0') . "',\n\t\t\t\t bcode='" . (isset($b_code) ? '1' : '0') . "',\n\t\t\t\t sendmail='" . (isset($abbo) ? '1' : '0') . "'");
// update thread --------------------------------------
$last_post_id = mysql_insert_id();
$replies = $thread['replies'] + 1;
db_query("UPDATE " . $pref . "thread SET\n\t\t\t last_act_time='{$addtime}',\n\t\t\t last_act_user='******',\n\t\t\t last_post_id='{$last_post_id}',\n\t\t\t\t replies='{$replies}'\n\t\t\t WHERE thread_id='{$threadid}'");
// boarddata
$posts = $board['posts'] + 1;
db_query("UPDATE " . $pref . "board SET\n\t\t\t last_act_time='{$addtime}',\n\t\t\t\t last_post_id='{$last_post_id}',\n\t\t\t\t last_thread_id='{$threadid}',\n\t\t\t\t last_act_user='******',\n\t\t\t\t last_act_thread='" . addslashes($new['topic']) . "',\n\t\t\t\t posts='{$posts}'\n\t\t\t WHERE board_id='{$boardid}'");
// update userdata
if (U_ID != 0) {
$post_count = U_COUNT + 1;
db_query("UPDATE " . $pref . "user SET\n\t\t\t\t user_lastacttime='{$addtime}',\n\t\t\t\t\t post_count='{$post_count}',\n\t\t\t\t\t user_lasttopic='" . addslashes($new['topic']) . "',\n\t\t\t\t\t user_lastpostt='{$addtime}',\n\t\t\t\t\t user_lastpostid='{$last_post_id}'\n\t\t\t\t WHERE user_id='" . U_ID . "'");
}
// statiks
$r_stats = db_query("SELECT\n\t\t\t posts\n\t\t\t FROM " . $pref . "stats");
$stats = db_result($r_stats);
$stats['posts']++;
db_query("UPDATE " . $pref . "stats SET\n\t\t\t posts='" . $stats['posts'] . "'");
// last_act_time
if (U_ID == 0) {
db_query("UPDATE " . $pref . "guest SET\n\t\t\t\t last_act_time='{$addtime}'\n\t\t\t\t WHERE session_id='{$sid}'");
} else {
db_query("UPDATE " . $pref . "user SET\n\t\t\t\t user_lastpostt='{$addtime}'\n\t\t\t\t WHERE user_id='" . U_ID . "'");
}
message_redirect('Danke für Deinen Beitrag, bitte warten ...', 'showtopic.php?boardid=' . $boardid . '&threadid=' . $threadid . '&page=last#p' . $last_post_id);
}
}
}
echo Output(Template($TBoard));
function process_form()
{
global $vars, $phpcdb, $phpc_script, $phpc_user, $phpc_cal;
// When modifying events, this is the value of the checkbox that
// determines if the date should change
$modify_occur = !isset($vars['eid']) || !empty($vars['phpc-modify']);
if ($modify_occur) {
$start_ts = get_timestamp("start");
$end_ts = get_timestamp("end");
switch ($vars["time-type"]) {
case 'normal':
$time_type = 0;
break;
case 'full':
$time_type = 1;
break;
case 'tba':
$time_type = 2;
break;
default:
soft_error(__("Unrecognized Time Type."));
}
$duration = $end_ts - $start_ts;
if ($duration < 0) {
throw new Exception(__("An event cannot have an end earlier than its start."));
}
}
verify_token();
if (!isset($vars['cid'])) {
throw new Exception(__("Calendar ID is not set."));
}
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_write()) {
permission_error(__('You do not have permission to write to this calendar.'));
}
if ($calendar->can_create_readonly() && !empty($vars['readonly'])) {
$readonly = true;
} else {
$readonly = false;
}
$catid = empty($vars['catid']) ? false : $vars['catid'];
if (!isset($vars['eid'])) {
$modify = false;
$eid = $phpcdb->create_event($cid, $phpc_user->get_uid(), $vars["subject"], $vars["description"], $readonly, $catid);
} else {
$modify = true;
$eid = $vars['eid'];
$phpcdb->modify_event($eid, $vars['subject'], $vars['description'], $readonly, $catid);
if ($modify_occur) {
$phpcdb->delete_occurrences($eid);
}
}
foreach ($phpc_cal->get_fields() as $field) {
$fid = $field['fid'];
if (empty($vars["phpc-field-{$fid}"])) {
if ($field['required']) {
throw new Exception(sprintf(__('Field "%s" is required but was not set.'), $field['name']));
}
continue;
}
$phpcdb->add_event_field($eid, $fid, $vars["phpc-field-{$fid}"]);
}
if ($modify_occur) {
$occurrences = 0;
$n = 1;
$until = $start_ts;
switch ($vars['repeats']) {
case 'daily':
check_input("every-day");
$n = $vars["every-day"];
$until = get_timestamp("daily-until");
break;
case 'weekly':
check_input("every-week");
$n = $vars["every-week"] * 7;
$until = get_timestamp("weekly-until");
break;
case 'monthly':
check_input("every-month");
$n = $vars["every-month"];
$until = get_timestamp("monthly-until");
break;
case 'yearly':
check_input("every-year");
$n = $vars["every-year"];
$until = get_timestamp("yearly-until");
break;
}
if ($n < 1) {
soft_error(__('Increment must be 1 or greater.'));
}
while ($occurrences <= 730 && days_between($start_ts, $until) >= 0) {
$oid = $phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
switch ($vars["repeats"]) {
case 'daily':
case 'weekly':
$start_ts = add_days($start_ts, $n);
$end_ts = add_days($end_ts, $n);
break;
case 'monthly':
$start_ts = add_months($start_ts, $n);
$end_ts = add_months($end_ts, $n);
break;
case 'yearly':
$start_ts = add_years($start_ts, $n);
$end_ts = add_years($end_ts, $n);
break;
default:
break 2;
}
}
}
if ($eid != 0) {
if ($modify) {
$message = __("Modified event: ");
} else {
$message = __("Created event: ");
}
return message_redirect(tag('', $message, create_event_link($eid, 'display_event', $eid)), "{$phpc_script}?action=display_event&eid={$eid}");
} else {
return message_redirect(__('Error submitting event.'), "{$phpc_script}?action=display_month&phpcid={$cid}");
}
}
function phpc_updatedb($dbh)
{
global $phpc_script, $phpcdb;
$message_tags = tag('div', tag('div', __("Updating calendar")));
$updated = false;
foreach (phpc_table_schemas() as $table) {
$tags = $table->update($dbh);
$message_tags->add($tags);
if (sizeof($tags) > 0) {
$updated = true;
}
}
$phpcdb->set_config("version", PHPC_DB_VERSION);
if (!$updated) {
$message_tags->add(tag('div', __('Already up to date.')));
}
message_redirect($message_tags, $phpc_script);
}
}
}
}
// read styles
$r_style = db_query("SELECT\n *\n FROM " . $pref . "style WHERE " . $where . " ");
$style = db_result($r_style);
$style['smallfont'] = '<font size="1">';
$style['smallfontend'] = '</font>';
// script basename
$basename = basename($HTTP_SERVER_VARS["SCRIPT_NAME"]);
$data['loginscript'] = $basename;
if ($basename == 'category.php') {
$data['loginscript'] = $basename . '?catid=' . $catid;
}
if ($basename == 'board.php') {
$data['loginscript'] = $basename . '?boardid=' . $boardid;
}
if ($basename == 'showtopic.php') {
$data['loginscript'] = $basename . '?boardid=' . $boardid . '&threadid=' . $threadid;
}
// U_ID == 0 then Logintemplate
if (U_ID == 0) {
$data['login'] = Template(Get_Template('templates/' . $style['styletemplate'] . '/login.html'));
}
$data['javascript'] = '';
// JUMP ----- if boardid negativ then it is catid
if (isset($boardid)) {
if ($boardid < 0) {
message_redirect('Du wirst zur gewünschten Kategorie weiter geleitet, bitte warten ...', 'category.php?catid=' . abs($boardid));
}
}
<?php
/* $Id: login.php,v 1.3 2003/06/16 18:08:20 master_mario Exp $ */
include 'inc/header.inc.php';
$r_login = db_query("SELECT\n user_id,\n user_pw,\n user_lastacttime\n FROM " . $pref . "user WHERE user_name='" . addslashes($login['name']) . "'");
if (db_rows($r_login) == 1) {
$a_login = db_result($r_login);
if (md5(addslashes($login['pw'])) == $a_login['user_pw']) {
// login --------------------------
db_query("UPDATE " . $pref . "user SET\n user_session='" . $sid . "',\n user_oldsavet='" . $a_login['user_lastacttime'] . "'\n WHERE user_id='" . $a_login['user_id'] . "'");
// gast l�schen -------------------
db_query("DELETE FROM " . $pref . "guest WHERE session_id='{$sid}'");
db_query("OPTIMIZE TABLE " . $pref . "guest");
setNewposts($a_login['user_lastacttime']);
// Weiterleitung ------------------
message_redirect('Du hast Dich erfolgreich eingeloggt, bitte warten ...', $loginscript);
} else {
$TBoard = Get_Template('templates/' . $style['styletemplate'] . '/board.html');
message('Das Passwort ist falsch.', 'Fehler', 0);
}
} else {
$TBoard = Get_Template('templates/' . $style['styletemplate'] . '/board.html');
message('Es ist kein User mit diesem Namen registriert.', 'Fehler', 0);
}
function process_form()
{
global $vars, $phpcdb, $phpc_cal, $phpcid, $phpc_script, $phpc_user;
// When modifying events, this is the value of the checkbox that
// determines if the date should change
$modify_occur = !isset($vars['eid']) || !empty($vars['phpc-modify']);
if ($modify_occur) {
$start_ts = get_timestamp("start");
$end_ts = get_timestamp("end");
switch ($vars["time-type"]) {
case 'normal':
$time_type = 0;
break;
case 'full':
$time_type = 1;
break;
case 'tba':
$time_type = 2;
break;
default:
soft_error(__("Unrecognized Time Type."));
}
$duration = $end_ts - $start_ts;
if ($duration < 0) {
message(__("An event cannot have an end earlier than its start."));
return display_form();
}
}
verify_token();
if (0) {
permission_error(__('You do not have permission to write to this calendar.'));
}
if ($phpc_cal->can_create_readonly() && !empty($vars['readonly'])) {
$readonly = true;
} else {
$readonly = false;
}
$catid = empty($vars['catid']) ? false : $vars['catid'];
if (!isset($vars['eid'])) {
$modify = false;
$eid = $phpcdb->create_event($phpcid, $phpc_user->get_uid(), $vars["subject"], $vars["description"], $readonly, $catid);
} else {
$modify = true;
$eid = $vars['eid'];
$phpcdb->modify_event($eid, $vars['subject'], $vars['description'], $readonly, $catid);
if ($modify_occur) {
$phpcdb->delete_occurrences($eid);
}
}
if ($modify_occur) {
$oid = $phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences = 1;
switch ($vars["repeats"]) {
case "never":
break;
case 'daily':
if (!isset($vars["every-day"])) {
soft_error(__("Required field \"every-day\" is not set."));
}
$ndays = $vars["every-day"];
if ($ndays < 1) {
soft_error(__("every-day must be greater than 1"));
}
$daily_until = get_timestamp("daily-until");
while ($occurrences <= 730) {
$start_ts = add_days($start_ts, $ndays);
$end_ts = add_days($end_ts, $ndays);
if (days_between($start_ts, $daily_until) < 0) {
break;
}
$phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
}
break;
case 'weekly':
if (!isset($vars["every-week"])) {
soft_error(__("Required field \"every-week\" is not set."));
}
if ($vars["every-week"] < 1) {
soft_error(__("every-week must be greater than 1"));
}
$ndays = $vars["every-week"] * 7;
$weekly_until = get_timestamp("weekly-until");
while ($occurrences <= 730) {
$start_ts = add_days($start_ts, $ndays);
$end_ts = add_days($end_ts, $ndays);
if (days_between($start_ts, $weekly_until) < 0) {
break;
}
$phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
}
break;
case 'monthly':
if (!isset($vars["every-month"])) {
soft_error(__("Required field \"every-month\" is not set."));
}
if ($vars["every-month"] < 1) {
soft_error(__("every-month must be greater than 1"));
}
$nmonths = $vars["every-month"];
$monthly_until = get_timestamp("monthly-until");
while ($occurrences <= 730) {
$start_ts = add_months($start_ts, $nmonths);
$end_ts = add_months($end_ts, $nmonths);
if (days_between($start_ts, $monthly_until) < 0) {
break;
}
$phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
}
break;
case 'yearly':
if (!isset($vars["every-year"])) {
soft_error(__("Required field \"every-year\" is not set."));
}
if ($vars["every-year"] < 1) {
soft_error(__("every-month must be greater than 1"));
}
$nyears = $vars["every-year"];
$yearly_until = get_timestamp("yearly-until");
while ($occurrences <= 730) {
$start_ts = add_years($start_ts, $nyears);
$end_ts = add_years($end_ts, $nyears);
if (days_between($start_ts, $yearly_until) < 0) {
break;
}
$phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
}
break;
default:
soft_error(__("Invalid event type."));
}
}
if ($eid != 0) {
if ($modify) {
$message = __("Modified event: ");
} else {
$message = __("Created event: ");
}
/* before
return message_redirect(tag($eid, $message,
create_event_link('', 'display_event',
$eid)), */
return message_redirect(tag('', $message, create_event_link('', 'display_event', '')), "{$phpc_script}?action=display_event&phpcid={$phpcid}&oid={$oid}");
/* <-- before last paremeter was &eid=$eid instead of &oid=$oid */
} else {
return message_redirect(__('Error submitting event.'), "{$phpc_script}?action=display_month&phpcid={$phpcid}");
}
}
if (U_ID != 0) {
$r_board = db_query("SELECT\n board_id\n FROM " . $pref . "board WHERE category!='0' AND disabled!='1'");
if (db_rows($r_board) > 0) {
while ($a_board = db_result($r_board)) {
$session_var_name = 'b' . $a_board['board_id'];
$r_post_id = db_query("SELECT\n MAX(post_id)\n FROM " . $pref . "post WHERE board_id='{$a_board['board_id']}'");
if (db_rows($r_post_id) == 0) {
$_SESSION[$session_var_name] = 0;
} else {
$a_post_id = db_result($r_post_id);
list(, $poid) = each($a_post_id);
$_SESSION[$session_var_name] = $poid;
}
}
}
}
message_redirect('Alle Foren wurden als gelesen makiert, bitte warten ...', 'index.php');
} else {
if (U_ID != 0) {
$session_var_name = 'b' . $boardid;
$r_post_id = db_query("SELECT\n MAX(post_id)\n FROM " . $pref . "post WHERE board_id='{$boardid}'");
if (db_rows($r_post_id) == 0) {
$_SESSION[$session_var_name] = 0;
} else {
$a_post_id = db_result($r_post_id);
list(, $poid) = each($a_post_id);
$_SESSION[$session_var_name] = $poid;
}
}
message_redirect('Board wurde als gelesen makiert, bitte warten ...', 'board.php?boardid=' . $boardid);
}
$text = trim($text);
$legalchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 [|](){}.-_äöüÄÖÜß,";
for ($i = 0; $i < strlen($text); $i++) {
if (!strstr($legalchars, $text[$i])) {
$err_mess .= ($err_mess == '' ? '' : '<br />') . 'Der Text enthält nicht erlaubte Zeichen. ( ' . $text[$i] . ' )';
}
}
if (strlen($text) > $config['report_max_len']) {
$err_mess .= ($err_mess == '' ? '' : '<br />') . 'Der Text ist zu lang.';
}
if (strlen($text) < $config['report_min_len']) {
$err_mess .= ($err_mess == '' ? '' : '<br />') . 'Der Text ist zu kurz.';
}
if ($err_mess != '') {
$mess = '<form action="report.php" method="post" name="sendback">
' . $err_mess . '
<input type="hidden" name="boardid" value="' . $boardid . '" />
<input type="hidden" name="threadid" value="' . $threadid . '" />
<input type="hidden" name="postid" value="' . $postid . '" />
<input type="hidden" name="page" value="' . $page . '" />
<input type="hidden" name="back" value="1" />
<input type="hidden" name="text" value="' . $text . '" />
</form>';
message($mess, 'Fehler', 1);
} else {
db_query("INSERT INTO " . $pref . "report SET\n\t\t report_time='{$board_time}',\n\t\t\t user_name='" . U_NAME . "',\n\t\t\t user_id='" . U_ID . "',\n\t\t\t user_ip='" . getenv('REMOTE_ADDR') . "',\n\t\t\t report='" . addslashes($text) . "',\n\t\t\t post_id='{$postid}'");
message_redirect('Die Meldung ist erfolgt, bitte warten ...', 'showtopic.php?boardid=' . $boardid . '&threadid=' . $threadid . '&page=' . $page . '#p' . $postid);
}
}
$data['boardtable'] = $TReport;
echo Output(Template($TBoard));
$mess = '<form action="threadopt.php" method="post" name="weiter">
Durch löschen dieses Beitrags wird der gesamte Thread gelöscht<br />
Wenn Du sicher bist, dann bestätige mit weiter.
<input type="hidden" name="action" value="delete" />
<input type="hidden" name="boardid" value="' . $boardid . '" />
<input type="hidden" name="threadid" value="' . $threadid . '" />
<input type="hidden" name="postid" value="' . $postid . '" />
<input type="hidden" name="new[page]" value="' . $page . '" />
</form>';
message($mess, 'Fehler', 2);
} else {
// threaddaten lesen
$r_thread = db_query("SELECT\n\t\t replies,\n\t\t\t replies_del\n\t\t FROM " . $pref . "thread WHERE thread_id='{$threadid}'");
$thread = db_result($r_thread);
// Boarddaten lesen
$r_board = db_query("SELECT\n\t\t posts,\n\t\t\t posts_del\n\t\t FROM " . $pref . "board WHERE board_id='{$boardid}'");
// post updaten
db_query("UPDATE " . $pref . "post SET\n\t\t deleted='1'\n\t\t WHERE post_id='{$postid}'");
// threaddaten updaten
db_query("UPDATE " . $pref . "thread SET\n\t\t replies='" . ($thread['replies'] - 1) . "',\n\t\t replies_del='" . ($thread['replies_del'] + 1) . "'\n\t\t WHERE thread_id='{$threadid}'");
// boarddaten updaten
db_query("UPDATE " . $pref . "board SET\n\t\t posts='" . ($board['posts'] - 1) . "',\n\t\t posts_del='" . ($board['posts_del'] + 1) . "'\n\t\t WHERE board_id='{$boardid}'");
// modlog
$basename = basename($HTTP_SERVER_VARS["SCRIPT_NAME"]);
db_query("INSERT INTO " . $pref . "modlog SET\n logtime='{$board_time}',\n loguser='******'Gast' : U_NAME) . "',\n logip='" . getenv('REMOTE_ADDR') . "',\n logfile='{$basename}',\n action='" . $action . "(p" . $postid . ")'");
message_redirect('Der Beitrag wurde als gelöscht makiert, bitte warten ...', 'showtopic.php?boardid=' . $boardid . '&threadid=' . $threadid . '&page=' . $page . '#p' . $postid);
}
} else {
message('Bitte wäle eine Funktion aus.', 'Fehler', 0);
}
echo Output(Template($TBoard));
}
$user = mysql_fetch_array($r_user);
if ($user['userpassword'] != md5($login_password)) {
$msg .= "Das Passwort ist leider falsch.<br>";
possible_flood(FLOOD_LOGIN);
}
if ($user['useractivate']) {
$msg .= "Sie haben ihren Account noch nicht aktiviert.";
}
if (isset($msg) && strlen($msg) > 0) {
message("Fehler", "Es sind leider Fehler aufgetreten:<font color='{$style['color_err']}'><br><br>{$msg}</font>");
}
global $g_user, $s;
$g_user = array();
$g_user['userisadmin'] = false;
$g_user['userid'] = $user['userid'];
$g_user['have_cookie'] = $login_cookie;
$s = new_session();
$g_user['have_cookie'] = false;
if ($login_cookie) {
setcookie("thwb_cookie", md5($login_password) . $user['userid'], time() + 60 * 60 * 24 * 365);
}
if (empty($source)) {
$source = 'index.php';
} else {
$source = urldecode($source);
}
// $source xss vuln fix by tendor
$source = str_replace(array('"', '<', '>'), array('%22', '%3c', '%3e'), $source);
message_redirect('Sie wurden erfolgreich eingeloggt, bitte warten ...', $source);
}
if (strlen($text) > $config['max_event_len']) {
$err_mess .= ($err_mess == '' ? '' : '<br />') . 'Der Text ist zu lang, es darf maximal ' . $config['max_event_len'] . ' Zeichen lang sein.';
}
if ($event['hours'] < 0 || $event['hours'] > 23) {
$err_mess .= ($err_mess == '' ? '' : '<br />') . 'Die Angegebene Uhrzeit ist nicht korrekt (Stunden).';
}
if ($event['min'] < 0 || $event['min'] > 59) {
$err_mess .= ($err_mess == '' ? '' : '<br />') . 'Die Angegebene Uhrzeit ist nicht korrekt (Minuten).';
}
if ($err_mess != '') {
$mess = '<form action="calevent.php" name="sendback" method="post">
' . $err_mess . '
<input type="hidden" name="back" value="1" />
<input type="hidden" name="event[day]" value="' . $event['day'] . '" />
<input type="hidden" name="m" value="' . $event['month'] . '" />
<input type="hidden" name="y" value="' . $event['year'] . '" />
<input type="hidden" name="event[hours]" value="' . $event['hours'] . '" />
<input type="hidden" name="event[min]" value="' . $event['min'] . '" />
<input type="hidden" name="event[topic]" value="' . $event['topic'] . '" />
<input type="hidden" name="event[text]" value="' . $text . '" />
<input type="hidden" name="event[report]" value="' . (isset($event['report']) ? 1 : 0) . '" />
</form>';
message($mess, 'Folgende Fehler sind aufgetreten', 1);
} else {
db_query("INSERT INTO " . $pref . "calendar SET\n\t\t caltime='" . mktime($event['hours'], $event['min'], 0, $event['month'], $event['day'], $event['year']) . "',\n\t\t\t caltopic='" . addslashes($event['topic']) . "',\n\t\t\t calautor='" . U_NAME . "',\n\t\t\t caltext='" . addslashes($text) . "',\n\t\t\t showasevent='" . (isset($event['report']) ? 1 : 0) . "',\n\t\t\t aktiv='1'");
message_redirect('Dein Kalendereintrag wurde aufgenommen, bitte warten ...', 'calendar.php?m=' . intval($event['month']) . '&y=' . $event['year']);
}
}
$data['boardtable'] = Template($TNewevent);
echo Output(Template($TBoard));
$r_pm = db_query("SELECT\n\t COUNT(pm_id)\n\t FROM " . $pref . "pm WHERE pm_empf='" . U_NAME . "' AND pm_gelesen='0'");
$pm = db_result($r_pm);
list(, $pm_noread) = each($pm);
db_query("UPDATE " . $pref . "user SET\n\t pm_count='{$pm_count}',\n\t\t pm_overflow='" . ($pm_count <= $config['max_pm_count'] ? 0 : 1) . "',\n\t\t pm_new='" . ($pm_noread == 0 ? 0 : 1) . "'\n\t WHERE user_id='" . U_ID . "'");
if ($no_delete == 1) {
message('<form action="pm.php" method="post" name="weiter">
Mindestens eine der gewälten PM wurde durch Dich geschützt.</form>', 'Geschützte PM gefunden', 2);
}
message_redirect('PM gelöscht, bitte warten ...', 'pm.php');
} elseif ($action == 'save') {
$r_pm = db_query("SELECT\n\t pm_saved\n\t FROM " . $pref . "pm WHERE pm_empf='" . U_NAME . "' AND pm_id='{$pmid}'");
if (db_rows($r_pm) == 1) {
$pm = db_result($r_pm);
$save = 0;
if ($pm['pm_saved'] == 0) {
$save = 1;
}
$r_pm = db_query("SELECT\n\t\t COUNT(pm_id)\n\t\t FROM " . $pref . "pm WHERE pm_empf='" . U_NAME . "' AND pm_saved='1'");
$pm = db_result($r_pm);
list(, $saved_pms) = each($pm);
if ($saved_pms >= $config['max_pm_saved'] && $save == 1) {
message('Du kannst maximal ' . $config['max_pm_saved'] . ' PMs schützen.', 'Maximum erreicht', 0);
}
db_query("UPDATE " . $pref . "pm SET\n\t\t pm_saved='{$save}'\n\t\t WHERE pm_id='{$pmid}'");
}
message_redirect('PM-Sicherung bearbeitet, bitte warten ...', 'pm.php');
} else {
message('Bitte Eine Funktion wählen.', 'Fehler', 0);
}
$data['boardtable'] = Template($TPm);
echo Output(Template($TBoard));
function event_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["eid"])) {
$message = __('No event selected.');
$html->add(tag('div', $message));
return $html;
}
if (is_array($vars["eid"])) {
$eids = $vars["eid"];
} else {
$eids = array($vars["eid"]);
}
if (empty($vars["confirm"])) {
$list = tag('ul');
foreach ($eids as $eid) {
$event = new PhpcEvent($phpcdb->get_event_by_eid($eid));
$list->add(tag('li', "{$eid}: " . $event->get_subject()));
}
$html->add(tag('div', __('Confirm you want to delete:')));
$html->add($list);
$html->add(" [ ", create_action_link(__('Confirm'), "event_delete", array("eid" => $eids, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
$removed_events = array();
$unremoved_events = array();
$permission_denied = array();
foreach ($eids as $eid) {
$event = new PhpcEvent($phpcdb->get_event_by_eid($eid));
if (!$event->can_modify()) {
$permission_denied[] = $eid;
} else {
if ($phpcdb->delete_event($eid)) {
$removed_events[] = $eid;
} else {
$unremoved_events[] = $eid;
}
}
}
if (sizeof($removed_events) > 0) {
if (sizeof($removed_events) == 1) {
$text = __("Removed event");
} else {
$text = __("Removed events");
}
$text .= ': ' . implode(', ', $removed_events);
$html->add(tag('div', $text));
}
if (sizeof($unremoved_events) > 0) {
if (sizeof($unremoved_events) == 1) {
$text = __("Could not remove event");
} else {
$text = __("Could not remove events");
}
$text .= ': ' . implode(', ', $unremoved_events);
$html->add(tag('div', $text));
}
if (sizeof($permission_denied) > 0) {
if (sizeof($permission_denied) == 1) {
$text = __("You do not have permission to remove event");
} else {
$text = __("You do not have permission to remove events");
}
$text .= ': ' . implode(', ', $permission_denied);
$html->add(tag('div', $text));
}
return message_redirect($html, $phpc_script);
}
function process_form()
{
global $vars, $phpcdb, $phpc_cal, $phpcid, $phpc_script;
if (!isset($vars['eid']) && !isset($vars['oid'])) {
soft_error(__("Cannot create occurrence."));
}
$start_ts = get_timestamp("start");
$end_ts = get_timestamp("end");
switch ($vars["time-type"]) {
case 'normal':
$time_type = 0;
break;
case 'full':
$time_type = 1;
break;
case 'tba':
$time_type = 2;
break;
default:
soft_error(__("Unrecognized Time Type."));
}
$duration = $end_ts - $start_ts;
if ($duration < 0) {
soft_error(__("An event cannot have an end earlier than its start."));
}
verify_token();
if (!$phpc_cal->can_write()) {
permission_error(__('You do not have permission to write to this calendar.'));
}
if (!isset($vars['oid'])) {
$modify = false;
if (!isset($vars["eid"])) {
soft_error(__("EID not set."));
}
$oid = $phpcdb->create_occurrence($vars["eid"], $time_type, $start_ts, $end_ts);
} else {
$modify = true;
$oid = $vars["oid"];
$phpcdb->modify_occurrence($oid, $time_type, $start_ts, $end_ts);
}
if ($oid != 0) {
if ($modify) {
$message = __("Modified occurence: ");
} else {
$message = __("Created occurence: ");
}
return message_redirect(tag('', $message, create_event_link($oid, 'display_event', $oid)), "{$phpc_script}?action=display_event&phpcid={$phpcid}&oid={$oid}");
} else {
return message_redirect(__('Error submitting occurrence.'), "{$phpc_script}?action=display_month&phpcid={$phpcid}");
}
}
function display_phpc()
{
global $phpc_messages, $phpc_redirect, $phpc_script, $phpc_prefix;
$navbar = false;
try {
$content = do_action();
$navbar = navbar();
if (sizeof($phpc_messages) > 0) {
$messages = tag('div', attrs('class="phpc-message"'));
foreach ($phpc_messages as $message) {
$messages->add($message);
}
// If we're redirecting, the messages might not get
// seen, so don't clear them
if (empty($phpc_redirect)) {
$_SESSION["{$phpc_prefix}messages"] = NULL;
}
} else {
$messages = '';
}
return tag('', $navbar, $messages, $content, footer());
} catch (PermissionException $e) {
$results = tag('');
// TODO: make navbar show if there is an error in do_action()
if ($navbar !== false) {
$results->add($navbar);
}
$msg = __('You do not have permission to do that: ') . $e->getMessage();
$results->add(tag('div', attrs('class="phpc-message ui-state-error"'), $msg));
if (is_user()) {
return $results;
} else {
return message_redirect($msg, "{$phpc_script}?action=login");
}
} catch (Exception $e) {
$results = tag('');
if ($navbar !== false) {
$results->add($navbar);
}
$results->add(tag('div', attrs('class="phpc-main"'), tag('h2', __('Error')), tag('p', $e->getMessage()), tag('h3', __('Backtrace')), tag('pre', phpc_html_escape($e->getTraceAsString()))));
return $results;
}
}
