/** * Reads settings from the settings then saves the values to the datastore * * After reading the contents of the setting table, the function will rebuild * the $vbulletin->options array, then serialize the array and save that serialized * array into the 'options' entry of the datastore in the database * * @return array The $vbulletin->options array */ function build_options() { require_once DIR . '/includes/adminfunctions_options.php'; global $vbulletin; $vbulletin->options = array(); $settings = $vbulletin->db->query_read("SELECT varname, value, datatype FROM " . TABLE_PREFIX . "setting"); while ($setting = $vbulletin->db->fetch_array($settings)) { $vbulletin->options["{$setting['varname']}"] = validate_setting_value($setting['value'], $setting['datatype'], true, false); } if (substr($vbulletin->options['cookiepath'], -1, 1) != '/') { $vbulletin->options['cookiepath'] .= '/'; $vbulletin->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "setting\n\t\t\tSET value = '" . $vbulletin->db->escape_string($vbulletin->options['cookiepath']) . "'\n\t\t\tWHERE varname = 'cookiepath'\n\t\t"); } build_datastore('options', serialize($vbulletin->options), 1); return $vbulletin->options; }
/** * Updates the setting table based on data passed in then rebuilds the datastore. * Only entries in the array are updated (allows partial updates). * * @param array Array of settings. Format: [setting_name] = new_value */ function save_settings($settings) { global $vbulletin, $vbphrase, $stylevar; $varnames = array(); foreach (array_keys($settings) as $varname) { $varnames[] = $vbulletin->db->escape_string($varname); } $oldsettings = $vbulletin->db->query_read("\n\t\tSELECT value, varname, datatype, optioncode\n\t\tFROM " . TABLE_PREFIX . "setting\n\t\tWHERE varname IN ('" . implode("', '", $varnames) . "')\n\t\tORDER BY varname\n\t"); while ($oldsetting = $vbulletin->db->fetch_array($oldsettings)) { switch ($oldsetting['varname']) { // ************************************************** case 'bbcode_html_colors': $settings['bbcode_html_colors'] = serialize($settings['bbcode_html_colors']); break; // ************************************************** // ************************************************** case 'styleid': $vbulletin->db->query_write("\n\t\t\t\t\tUPDATE " . TABLE_PREFIX . "style\n\t\t\t\t\tSET userselect = 1\n\t\t\t\t\tWHERE styleid = " . $settings['styleid'] . "\n\t\t\t\t"); break; // ************************************************** // ************************************************** case 'banemail': build_datastore('banemail', $settings['banemail']); $settings['banemail'] = ''; break; // ************************************************** // ************************************************** case 'editormodes': $vbulletin->input->clean_array_gpc('p', array('fe' => TYPE_UINT, 'qr' => TYPE_UINT, 'qe' => TYPE_UINT)); $settings['editormodes'] = serialize(array('fe' => $vbulletin->GPC['fe'], 'qr' => $vbulletin->GPC['qr'], 'qe' => $vbulletin->GPC['qe'])); break; // ************************************************** // ************************************************** case 'cookiepath': case 'cookiedomain': if ($settings[$oldsetting['varname'] . '_other'] and $settings[$oldsetting['varname'] . '_value']) { $settings[$oldsetting['varname']] = $settings[$oldsetting['varname'] . '_value']; } break; // ************************************************** // ************************************************** default: ($hook = vBulletinHook::fetch_hook('admin_options_processing')) ? eval($hook) : false; if ($oldsetting['optioncode'] == 'multiinput') { $store = array(); foreach ($settings["{$oldsetting['varname']}"] as $value) { if ($value != '') { $store[] = $value; } } $settings["{$oldsetting['varname']}"] = serialize($store); } else { if (preg_match('#^usergroup:[0-9]+$#', $oldsetting['optioncode'])) { // serialize the array of usergroup inputs if (!is_array($settings["{$oldsetting['varname']}"])) { $settings["{$oldsetting['varname']}"] = array(); } $settings["{$oldsetting['varname']}"] = array_map('intval', $settings["{$oldsetting['varname']}"]); $settings["{$oldsetting['varname']}"] = serialize($settings["{$oldsetting['varname']}"]); } } } $newvalue = validate_setting_value($settings["{$oldsetting['varname']}"], $oldsetting['datatype']); // this is a strict type check because we want '' to be different from 0 // some special cases below only use != checks to see if the logical value has changed if (strval($oldsetting['value']) !== strval($newvalue)) { switch ($oldsetting['varname']) { case 'activememberdays': case 'activememberoptions': if ($oldsetting['value'] != $newvalue) { $vbulletin->options["{$oldsetting['varname']}"] = $newvalue; require_once DIR . '/includes/functions_databuild.php'; build_birthdays(); } break; case 'showevents': case 'showholidays': if ($oldsetting['value'] != $newvalue) { $vbulletin->options["{$oldsetting['varname']}"] = $newvalue; require_once DIR . '/includes/functions_calendar.php'; build_events(); } break; case 'languageid': if ($oldsetting['value'] != $newvalue) { $vbulletin->options['languageid'] = $newvalue; require_once DIR . '/includes/adminfunctions_language.php'; build_language($vbulletin->options['languageid']); } break; case 'cpstylefolder': $admindm =& datamanager_init('Admin', $vbulletin, ERRTYPE_CP); $admindm->set_existing($vbulletin->userinfo); $admindm->set('cssprefs', $newvalue); $admindm->save(); unset($admindm); break; case 'storecssasfile': if (!is_demo_mode() and $oldsetting['value'] != $newvalue) { $vbulletin->options['storecssasfile'] = $newvalue; require_once DIR . '/includes/adminfunctions_template.php'; print_rebuild_style(-1, '', 1, 0, 0, 0); } break; case 'loadlimit': update_loadavg(); break; case 'view_tagcloud_as_usergroup': build_datastore('tagcloud', serialize(''), 1); break; case 'censorwords': case 'codemaxlines': if ($oldsetting['value'] != $newvalue) { $vbulletin->db->query_write("TRUNCATE TABLE " . TABLE_PREFIX . "postparsed"); if ($vbulletin->options['templateversion'] >= '3.6') { $vbulletin->db->query_write("TRUNCATE TABLE " . TABLE_PREFIX . "sigparsed"); } } ($hook = vBulletinHook::fetch_hook('admin_options_processing_censorcode')) ? eval($hook) : false; break; default: ($hook = vBulletinHook::fetch_hook('admin_options_processing_build')) ? eval($hook) : false; } if (is_demo_mode() and in_array($oldsetting['varname'], array('storecssasfile', 'attachfile', 'usefileavatar', 'errorlogdatabase', 'errorlogsecurity', 'safeupload', 'tmppath'))) { continue; } $vbulletin->db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "setting\n\t\t\t\tSET value = '" . $vbulletin->db->escape_string($newvalue) . "'\n\t\t\t\tWHERE varname = '" . $vbulletin->db->escape_string($oldsetting['varname']) . "'\n\t\t\t"); } } build_options(); }
/** * Save Block Config * * @param int Block ID * @param array Settings value * @param string Optional blocktype name. If provided, one query will be saved */ public function saveBlockConfig($blockid, $settings) { $blockid = intval($blockid); // try to load blocktypeinfo from $blockid $block = $this->createBlock($blockid); // Save settings require_once(DIR . '/includes/adminfunctions_options.php'); $options = $block->getBlockType()->getSettings(); foreach($settings AS $varname => $value) { if ($options[$varname]) { if (!$options[$varname]['datatype']) { $options[$varname]['datatype'] = 'free'; } $value = validate_setting_value($value, $options[$varname]['datatype']); if (is_object($value) OR is_array($value)) { $serialized = 1; $value = serialize($value); } else { $serialized = 0; } // Do save $this->registry->db->query("REPLACE INTO " . TABLE_PREFIX . "blockconfig (blockid, name, value, serialized) VALUES ( $blockid, '". $this->registry->db->escape_string($varname) . "', '". $this->registry->db->escape_string($value) . "', $serialized )"); } } // There may be new options that doesn't exist in $settings array, if so we create the blockconfig records with their defaultvalue foreach ($options as $varname => $v) { if (!in_array($varname, array_keys($settings))) { $value = $v['defaultvalue']; if (is_object($value) OR is_array($value)) { $serialized = 1; $value = serialize($value); } else { $serialized = 0; } // Do save $this->registry->db->query("REPLACE INTO " . TABLE_PREFIX . "blockconfig (blockid, name, value, serialized) VALUES ( $blockid, '". $this->registry->db->escape_string($varname) . "', '". $this->registry->db->escape_string($value) . "', $serialized )"); } } $this->rebuildBlockConfigCache($blockid); }
require_once DIR . '/includes/functions_file.php'; file_download($doc, 'vbulletin-settings.xml', 'text/xml'); } // ############################################################################# // ajax setting value validation if ($_POST['do'] == 'validate') { $vbulletin->input->clean_array_gpc('p', array('varname' => TYPE_STR, 'setting' => TYPE_ARRAY)); $varname = convert_urlencoded_unicode($vbulletin->GPC['varname']); $value = convert_urlencoded_unicode($vbulletin->GPC['setting']["{$varname}"]); require_once DIR . '/includes/class_xml.php'; $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml'); $xml->add_group('setting'); $xml->add_tag('varname', $varname); if ($setting = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "setting WHERE varname = '" . $db->escape_string($varname) . "'")) { $raw_value = $value; $value = validate_setting_value($value, $setting['datatype']); $valid = exec_setting_validation_code($setting['varname'], $value, $setting['validationcode'], $raw_value); } else { $valid = 1; } $xml->add_tag('valid', $valid); $xml->close_group(); $xml->print_xml(); } // *********************************************************************** print_cp_header($vbphrase['vbulletin_options']); // ###################### Start do import settings XML ####################### if ($_POST['do'] == 'doimport') { $vbulletin->input->clean_array_gpc('p', array('serverfile' => TYPE_STR, 'restore' => TYPE_BOOL, 'blacklist' => TYPE_BOOL)); $vbulletin->input->clean_array_gpc('f', array('settingsfile' => TYPE_FILE)); if (is_demo_mode()) {
/** * Updates the setting table based on data passed in then rebuilds the datastore. * Only entries in the array are updated (allows partial updates). * * @param array Array of settings. Format: [setting_name] = new_value * */ function save_settings($settings) { global $vbulletin, $vbphrase; //a few variables to track changes for processing after all variables are updated. $rebuildstyle = false; $templatecachepathchanged = false; $oldtemplatepath = null; $newtemplatepath = null; $userContext = vB::getUserContext(); $cleaner = vB::getCleaner(); $canAdminAll = $userContext->hasAdminPermission('canadminsettingsall'); $oldsettings = vB::getDbAssertor()->assertQuery('vBAdmincp:getCurrentSettings', array('varname' => array_keys($settings))); foreach ($oldsettings as $oldsetting) { //check the setting and group permissions if (!empty($oldsetting['adminperm']) and !$userContext->hasAdminPermission($oldsetting['adminperm']) or !empty($oldsetting['groupperm']) and !$userContext->hasAdminPermission($oldsetting['groupperm'])) { throw new vB_Exception_Api('no_permission'); } switch ($oldsetting['varname']) { // ************************************************** case 'bbcode_html_colors': $settings['bbcode_html_colors'] = serialize($settings['bbcode_html_colors']); break; // ************************************************** // ************************************************** case 'styleid': vB::getDbAssertor()->assertQuery('vBForum:style', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, 'userselect' => 1, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'styleid', 'value' => $settings['styleid'], 'operator' => vB_dB_Query::OPERATOR_EQ)))); break; // ************************************************** // ************************************************** case 'banemail': vB::getDatastore()->build('banemail', $settings['banemail']); $settings['banemail'] = ''; break; // ************************************************** // ************************************************** case 'editormodes': $vbulletin->input->clean_array_gpc('p', array('fe' => vB_Cleaner::TYPE_UINT, 'qr' => vB_Cleaner::TYPE_UINT, 'qe' => vB_Cleaner::TYPE_UINT)); $settings['editormodes'] = serialize(array('fe' => $vbulletin->GPC['fe'], 'qr' => $vbulletin->GPC['qr'], 'qe' => $vbulletin->GPC['qe'])); break; // ************************************************** // ************************************************** case 'attachresizes': $vbulletin->input->clean_array_gpc('p', array('attachresizes' => vB_Cleaner::TYPE_ARRAY_UINT)); $value = @unserialize($oldsetting['value']); $invalidate = array(); if ($value[vB_Api_Filedata::SIZE_ICON] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_ICON]) { $invalidate[] = vB_Api_Filedata::SIZE_ICON; } if ($value[vB_Api_Filedata::SIZE_THUMB] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_THUMB]) { $invalidate[] = vB_Api_Filedata::SIZE_THUMB; } if ($value[vB_Api_Filedata::SIZE_SMALL] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_SMALL]) { $invalidate[] = vB_Api_Filedata::SIZE_SMALL; } if ($value[vB_Api_Filedata::SIZE_MEDIUM] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_MEDIUM]) { $invalidate[] = vB_Api_Filedata::SIZE_MEDIUM; } if ($value[vB_Api_Filedata::SIZE_LARGE] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_LARGE]) { $invalidate[] = vB_Api_Filedata::SIZE_LARGE; } if (!empty($invalidate)) { vB::getDbAssertor()->update('vBForum:filedataresize', array('reload' => 1), array('resize_type' => $invalidate)); } $settings['attachresizes'] = serialize(array(vB_Api_Filedata::SIZE_ICON => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_ICON], vB_Api_Filedata::SIZE_THUMB => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_THUMB], vB_Api_Filedata::SIZE_SMALL => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_SMALL], vB_Api_Filedata::SIZE_MEDIUM => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_MEDIUM], vB_Api_Filedata::SIZE_LARGE => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_LARGE])); break; case 'thumbquality': if ($oldsetting['value'] != $settings['thumbquality']) { vB::getDbAssertor()->update('vBForum:filedataresize', array('reload' => 1), vB_dB_Query::CONDITION_ALL); } break; // ************************************************** // ************************************************** case 'cookiepath': case 'cookiedomain': if ($settings[$oldsetting['varname'] . '_other'] and $settings[$oldsetting['varname'] . '_value']) { $settings[$oldsetting['varname']] = $settings[$oldsetting['varname'] . '_value']; } break; // ************************************************** // ************************************************** default: // Legacy Hook 'admin_options_processing' Removed // if ($oldsetting['optioncode'] == 'multiinput') { $store = array(); foreach ($settings["{$oldsetting['varname']}"] as $value) { if ($value != '') { $store[] = $value; } } $settings["{$oldsetting['varname']}"] = serialize($store); } else { if (preg_match('#^(usergroup|forum)s?:([0-9]+|all|none)$#', $oldsetting['optioncode'])) { // serialize the array of usergroup inputs if (!is_array($settings["{$oldsetting['varname']}"])) { $settings["{$oldsetting['varname']}"] = array(); } $settings["{$oldsetting['varname']}"] = array_map('intval', $settings["{$oldsetting['varname']}"]); $settings["{$oldsetting['varname']}"] = serialize($settings["{$oldsetting['varname']}"]); } } } $newvalue = validate_setting_value($settings["{$oldsetting['varname']}"], $oldsetting['datatype']); if ($canAdminAll and isset($_POST['adminperm_' . $oldsetting[varname]])) { $newAdminPerm = substr($cleaner->clean($_POST['adminperm_' . $oldsetting[varname]], vB_Cleaner::TYPE_STR), 0, 32); } else { $newAdminPerm = $oldsetting['adminperm']; } // this is a strict type check because we want '' to be different from 0 // some special cases below only use != checks to see if the logical value has changed if ($oldsetting['value'] === NULL or strval($oldsetting['value']) !== strval($newvalue) or strval($oldsetting['adminperm']) !== strval($newAdminPerm)) { switch ($oldsetting['varname']) { case 'cache_templates_as_files': if (!is_demo_mode()) { $templatecachepathchanged = true; } break; case 'template_cache_path': if (!is_demo_mode()) { $oldtemplatepath = strval($oldsetting['value']); $newtemplatepath = $newvalue; } break; case 'languageid': if ($oldsetting['value'] != $newvalue) { vB::getDatastore()->setOption('languageid', $newvalue, false); require_once DIR . '/includes/adminfunctions_language.php'; build_language($newvalue); } break; case 'cpstylefolder': $admindm =& datamanager_init('Admin', $vbulletin, vB_DataManager_Constants::ERRTYPE_CP); $admindm->set_existing(vB::getCurrentSession()->fetch_userinfo()); $admindm->set('cssprefs', $newvalue); $admindm->save(); unset($admindm); break; case 'attachthumbssize': if ($oldsetting['value'] != $newvalue) { $rebuildstyle = true; } case 'storecssasfile': if (!is_demo_mode() and $oldsetting['value'] != $newvalue) { vB::getDatastore()->setOption('storecssasfile', $newvalue, false); $rebuildstyle = true; } break; case 'loadlimit': update_loadavg(); break; case 'tagcloud_usergroup': build_datastore('tagcloud', serialize(''), 1); break; case 'censorwords': case 'codemaxlines': case 'url_nofollow': case 'url_nofollow_whitelist': if ($oldsetting['value'] != $newvalue) { if (vB::getDatastore()->getOption('templateversion') >= '3.6') { vB::getDbAssertor()->assertQuery('truncateTable', array('table' => 'sigparsed')); } } // Legacy Hook 'admin_options_processing_censorcode' Removed // break; case 'album_recentalbumdays': if ($oldsetting['value'] > $newvalue) { require_once DIR . '/includes/functions_album.php'; exec_rebuild_album_updates(); } default: // Legacy Hook 'admin_options_processing_build' Removed // } if (is_demo_mode() and in_array($oldsetting['varname'], array('cache_templates_as_files', 'template_cache_path', 'storecssasfile', 'attachfile', 'usefileavatar', 'errorlogdatabase', 'errorlogsecurity', 'safeupload', 'tmppath'))) { continue; } $updateSetting = vB::getDbAssertor()->assertQuery('setting', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, 'value' => $newvalue, 'adminperm' => $newAdminPerm, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'varname', 'value' => $oldsetting['varname'], 'operator' => vB_dB_Query::OPERATOR_EQ)))); } } if (!isset($oldsetting)) { return false; } vB::getDatastore()->build_options(); if (defined('DEV_AUTOEXPORT') and DEV_AUTOEXPORT) { require_once DIR . '/includes/functions_filesystemxml.php'; $xml = get_settings_export_xml('vbulletin'); autoexport_write_file_with_backup(DIR . '/install/vbulletin-settings.xml', $xml); } //handle changes for cache_templates_as_files and template_cache_path //we do it here because there are interactions between them and we don't //want to redo the chache changes twice if both are changed. $api = vB_Api::instanceInternal('template'); if ($templatecachepathchanged or !is_null($oldtemplatepath) and !is_null($newtemplatepath)) { if (vB::getDatastore()->getOption('cache_templates_as_files')) { if (!is_null($oldtemplatepath)) { //temporarily set the datastore path to the old value to clear it. vB::getDatastore()->setOption('template_cache_path', $oldtemplatepath, false); $api->deleteAllTemplateFiles(); vB::getDatastore()->setOption('template_cache_path', $newtemplatepath, false); } $api->saveAllTemplatesToFile(); } else { //we we changed directories and the cache is off, delete from the old directory if (!is_null($oldtemplatepath)) { vB::getDatastore()->setOption('template_cache_path', $oldtemplatepath, false); $api->deleteAllTemplateFiles(); vB::getDatastore()->setOption('template_cache_path', $newtemplatepath, false); } else { $api->deleteAllTemplateFiles(); } } } if ($rebuildstyle) { require_once DIR . '/includes/adminfunctions_template.php'; print_rebuild_style(-1, '', 1, 0, 0, 0); } return true; }
/** * This function changes the search type for settings * @param string $varname * @param array $setting * @return array, response */ public function validateSettings($varname, $setting) { $this->checkHasAdminPermission('canadminsettings'); require_once DIR . '/includes/class_xml.php'; require_once DIR . '/includes/functions_file.php'; require_once DIR . '/includes/adminfunctions_options.php'; $response = array(); $varname = convert_urlencoded_unicode($varname); $value = convert_urlencoded_unicode($setting["{$varname}"]); require_once DIR . '/includes/class_xml.php'; $xml = new vB_XML_Builder_Ajax('text/xml'); $xml->add_group('setting'); $xml->add_tag('varname', $varname); $setting = vB::getDbAssertor()->getRow('setting', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'varname' => $varname)); if ($setting) { $raw_value = $value; $value = validate_setting_value($value, $setting['datatype']); $valid = exec_setting_validation_code($setting['varname'], $value, $setting['validationcode'], $raw_value); } else { $valid = 1; } $xml->add_tag('valid', $valid); $xml->close_group(); $response['xml'] = $xml; $response['validate'] = true; return $response; }