/** * Constructor * * @access public * @param object ipsRegistry reference * @return @e void */ public function __construct(ipsRegistry $registry) { /* Make object */ $this->registry = $registry; $this->DB = $this->registry->DB(); $this->settings =& $this->registry->fetchSettings(); $this->request =& $this->registry->fetchRequest(); $this->lang = $this->registry->getClass('class_localization'); $this->member = $this->registry->member(); $this->memberData =& $this->registry->member()->fetchMemberData(); $this->generated_acp_hash = $this->generateSecureHash(); $this->_admin_auth_key = $this->getSecurityKey(); $this->registry->output->global_template = $this->registry->output->loadRootTemplate('cp_skin_global'); //------------------------------------------ // Message in a bottle? //------------------------------------------ if (!empty($this->request['messageinabottleacp'])) { $this->request['messageinabottleacp'] = IPSText::getTextClass('bbcode')->xssHtmlClean(IPSText::UNhtmlspecialchars(urldecode($this->request['messageinabottleacp']))); $this->registry->output->global_message = $this->request['messageinabottleacp']; $this->registry->output->persistent_message = intval($this->request['messagepersistent']); } }
/** * Go go twitter go * * @return @e void [Outputs HTML to browser AJAX call] */ protected function _twitterGo() { /* INIT */ $tweet = trim(urldecode($_POST['tweet'])); $url = trim(urldecode($_POST['url'])); $title = trim(urldecode($_POST['title'])); /* Ensure title is correctly de-html-ized */ $title = IPSText::UNhtmlspecialchars($title); /* Ensure we have a twitter account and that */ if ($this->memberData['member_id'] and $this->memberData['twitter_id'] and $this->memberData['twitter_token'] and $this->memberData['twitter_secret']) { /* Connect to the twitter */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/twitter/connect.php', 'twitter_connect'); $connect = new $classToLoad($this->registry, $this->memberData['twitter_token'], $this->memberData['twitter_secret']); $user = $connect->fetchUserData(); if ($user['id']) { $sid = $connect->updateStatusWithUrl($tweet, $url, true, $this->settings['twitter_hashtag']); if ($sid) { /* Log it */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/share/links.php', 'share_links'); $share = new $classToLoad($this->registry, 'twitter'); $share->log($url, $title); $user['status']['id'] = $sid; $this->returnHtml($this->registry->output->getTemplate('global_other')->twitterDone($user)); } } } /* Bog off */ $this->returnString('failwhale'); }
/** * Saves the login method to the database [add,edit] * * @param string Add or Edit flag * @return @e void [Outputs to screen] */ protected function _loginSave($type = 'add') { //-------------------------------------------- // INIT //-------------------------------------------- $login_id = intval(ipsRegistry::$request['login_id']); $login_title = trim(ipsRegistry::$request['login_title']); $login_description = trim(IPSText::stripslashes(IPSText::UNhtmlspecialchars($_POST['login_description']))); $login_folder_name = trim(ipsRegistry::$request['login_folder_name']); $login_maintain_url = trim(ipsRegistry::$request['login_maintain_url']); $login_register_url = trim(ipsRegistry::$request['login_register_url']); $login_alt_login_html = trim(IPSText::stripslashes(IPSText::UNhtmlspecialchars($_POST['login_alt_login_html']))); $login_alt_acp_html = trim(IPSText::stripslashes(IPSText::UNhtmlspecialchars($_POST['login_alt_acp_html']))); $login_enabled = intval(ipsRegistry::$request['login_enabled']); $login_settings = intval(ipsRegistry::$request['login_settings']); $login_replace_form = intval(ipsRegistry::$request['login_replace_form']); $login_safemode = intval(ipsRegistry::$request['login_safemode']); $login_login_url = trim(ipsRegistry::$request['login_login_url']); $login_logout_url = trim(ipsRegistry::$request['login_logout_url']); $login_complete_page = trim(ipsRegistry::$request['login_complete_page']); $login_user_id = in_array(ipsRegistry::$request['login_user_id'], array('username', 'email', 'either')) ? ipsRegistry::$request['login_user_id'] : 'username'; //-------------------------------------------- // Checks... //-------------------------------------------- if ($type == 'edit') { if (!$login_id) { ipsRegistry::getClass('output')->global_message = $this->lang->words['l_404']; $this->_loginList(); return; } } if (!$login_title or !$login_folder_name) { ipsRegistry::getClass('output')->global_message = $this->lang->words['l_form']; $this->_loginForm($type); return; } //-------------------------------------------- // Save... //-------------------------------------------- $array = array('login_title' => $login_title, 'login_description' => $login_description, 'login_folder_name' => $login_folder_name, 'login_maintain_url' => $login_maintain_url, 'login_register_url' => $login_register_url, 'login_alt_login_html' => $login_alt_login_html, 'login_alt_acp_html' => $login_alt_acp_html, 'login_enabled' => $login_enabled, 'login_settings' => $login_settings, 'login_replace_form' => $login_replace_form, 'login_logout_url' => $login_logout_url, 'login_login_url' => $login_login_url, 'login_user_id' => $login_user_id); //-------------------------------------------- // In DEV? //-------------------------------------------- if (IN_DEV) { $array['login_safemode'] = $login_safemode; } //-------------------------------------------- // Nike.. do it //-------------------------------------------- if ($type == 'add') { $this->DB->insert('login_methods', $array); } else { $this->DB->update('login_methods', $array, 'login_id=' . $login_id); } //----------------------------------------- // Recache //----------------------------------------- $this->loginsRecache(); ipsRegistry::getClass('output')->redirect($this->settings['base_url'] . $this->form_code . "", $type == 'add' ? $this->lang->words['l_added'] : $this->lang->words['l_edited']); }
/** * Save the form * * @param string Type of form * @return string HTML */ protected function _remapSave($type = 'add') { //-------------------------------------------- // INIT //-------------------------------------------- $setID = intval($this->request['setID']); $map_id = intval($this->request['map_id']); $map_title = trim(IPSText::stripslashes(IPSText::htmlspecialchars($_POST['map_title']))); $map_url = trim(IPSText::stripslashes(IPSText::UNhtmlspecialchars($_POST['map_url']))); $map_match_type = trim($this->request['map_match_type']); //-------------------------------------------- // Checks... //-------------------------------------------- if ($type == 'edit') { if (!$map_id or !$map_title or !$map_url) { $this->registry->getClass('output')->global_message = $this->lang->words['um_entireform']; $this->_remapForm($type); return; } } else { if (!$map_title or !$map_url) { $this->registry->getClass('output')->global_message = $this->lang->words['um_entireform']; $this->_remapForm($type); return; } } //-------------------------------------------- // Save... //-------------------------------------------- $array = array('map_title' => $map_title, 'map_url' => $map_url, 'map_match_type' => $map_match_type, 'map_skin_set_id' => $setID); if ($type == 'add') { $array['map_date_added'] = time(); $this->DB->insert('skin_url_mapping', $array); $this->registry->getClass('output')->global_message = $this->lang->words['um_added']; } else { $this->DB->update('skin_url_mapping', $array, 'map_id=' . $map_id); $this->registry->getClass('output')->global_message = $this->lang->words['um_edited']; } //----------------------------------------- // Rebuild skin cache... //----------------------------------------- $this->skinFunctions->rebuildURLMapCache(); //----------------------------------------- // Done... //----------------------------------------- return $this->_showURLMappingList(); }
/** * Save the forum * * @param string $type [new|edit] * @return @e void */ public function forumSave($type = 'new') { /* If this is not a redirect forum anymore empty the redirect url - #35126 */ if ($this->request['forum_type'] != 'redirect') { $this->request['redirect_url'] = ''; } //----------------------------------------- // Converting the type? //----------------------------------------- if ($this->request['convert']) { $this->forumForm($type, 1); return; } //----------------------------------------- // INIT //----------------------------------------- $this->request['name'] = trim($this->request['name']); $this->request['f'] = intval($this->request['f']); $this->request['parent_id'] = !empty($this->request['parent_id']) ? intval($this->request['parent_id']) : -1; $forum_cat_lang = intval($this->request['parent_id']) == -1 ? $this->lang->words['for_iscat_y'] : $this->lang->words['for_iscat_n']; //----------------------------------------- // Auth check... //----------------------------------------- $this->registry->adminFunctions->checkSecurityKey(); //----------------------------------------- // Check //----------------------------------------- if ($this->request['name'] == "") { $this->registry->output->global_message = sprintf($this->lang->words['for_entertitle'], mb_strtolower($forum_cat_lang)); $this->forumForm($type); return; } //----------------------------------------- // Are we trying to do something stupid // like running with scissors or moving // the parent of a forum into itself // spot? //----------------------------------------- if ($this->request['parent_id'] != $this->registry->getClass('class_forums')->forum_by_id[$this->request['f']]['parent_id']) { $ids = $this->registry->getClass('class_forums')->forumsGetChildren($this->request['f']); $ids[] = $this->request['f']; if (in_array($this->request['parent_id'], $ids)) { $this->registry->output->global_error = $this->lang->words['for_whymovethere']; $this->forumForm($type); return; } } //if( $this->request['parent_id'] < 1 ) //{ // $this->request['sub_can_post'] = 1; //} //----------------------------------------- // Save array //----------------------------------------- $save = array('name' => IPSText::getTextClass('bbcode')->xssHtmlClean(nl2br(IPSText::stripslashes($_POST['name']))), 'name_seo' => IPSText::makeSeoTitle(strip_tags(IPSText::UNhtmlspecialchars($this->request['name']))), 'description' => IPSText::getTextClass('bbcode')->xssHtmlClean(nl2br(IPSText::stripslashes($_POST['description']))), 'use_ibc' => isset($this->request['use_ibc']) ? intval($this->request['use_ibc']) : 1, 'use_html' => intval($this->request['use_html']), 'password' => $this->request['password'], 'password_override' => is_array($this->request['password_override']) ? implode(",", $this->request['password_override']) : '', 'sort_key' => $this->request['sort_key'], 'sort_order' => $this->request['sort_order'], 'prune' => intval($this->request['prune']), 'topicfilter' => $this->request['topicfilter'], 'preview_posts' => intval($this->request['preview_posts']), 'allow_poll' => intval($this->request['allow_poll']), 'allow_pollbump' => intval($this->request['allow_pollbump']), 'forum_allow_rating' => intval($this->request['forum_allow_rating']), 'inc_postcount' => intval($this->request['inc_postcount']), 'parent_id' => intval($this->request['parent_id']), 'sub_can_post' => intval($this->request['sub_can_post']), 'redirect_on' => intval($this->request['redirect_on']), 'redirect_hits' => intval($this->request['redirect_hits']), 'redirect_url' => $this->request['redirect_url'], 'notify_modq_emails' => $this->request['notify_modq_emails'], 'permission_showtopic' => $this->request['parent_id'] == -1 ? 1 : intval($this->request['permission_showtopic']), 'min_posts_post' => intval($this->request['min_posts_post']), 'min_posts_view' => intval($this->request['min_posts_view']), 'can_view_others' => intval($this->request['can_view_others']), 'hide_last_info' => intval($this->request['hide_last_info']), 'disable_sharelinks' => intval($this->request['disable_sharelinks']), 'tag_predefined' => $this->request['tag_predefined'], 'forums_bitoptions' => IPSBWOPtions::freeze($this->request, 'forums', 'forums'), 'permission_custom_error' => nl2br(IPSText::stripslashes($_POST['permission_custom_error'])), 'ipseo_priority' => $this->request['ipseo_priority'], 'viglink' => intval($this->request['viglink'])); /* Save data from application tabs */ IPSLib::loadInterface('admin/forum_form.php'); $_forumPlugins = array(); foreach (IPSLib::getEnabledApplications() as $app_dir => $app_data) { if (is_file(IPSLib::getAppDir($app_dir) . '/extensions/admin/forum_form.php')) { $_class = IPSLib::loadLibrary(IPSLib::getAppDir($app_dir) . '/extensions/admin/forum_form.php', 'admin_forum_form__' . $app_dir, $app_dir); $_forumPlugins[$_class] = new $_class($this->registry); $remote = $_forumPlugins[$_class]->getForSave(); $save = array_merge($save, $remote); } } //----------------------------------------- // ADD //----------------------------------------- if ($type == 'new') { $this->DB->build(array('select' => 'MAX(id) as top_forum', 'from' => 'forums')); $this->DB->execute(); $row = $this->DB->fetch(); if ($row['top_forum'] < 1) { $row['top_forum'] = 0; } $row['top_forum']++; /* Forum Information */ //$save['id'] = $row['top_forum']; $save['position'] = $row['top_forum']; $save['topics'] = 0; $save['posts'] = 0; $save['last_post'] = 0; $save['last_poster_id'] = 0; $save['last_poster_name'] = ""; /* Insert the record */ $this->DB->insert('forums', $save); $forum_id = $this->DB->getInsertId(); /* Permissions */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_public_permissions.php', 'classPublicPermissions'); $permissions = new $classToLoad(ipsRegistry::instance()); $permissions->savePermMatrix($this->request['perms'], $forum_id, 'forum'); if (!$save['can_view_others']) { $this->DB->update('permission_index', array('owner_only' => 1), "app='forums' AND perm_type='forum' AND perm_type_id={$forum_id}"); } /* Done */ $this->registry->output->global_message = $forum_cat_lang . $this->lang->words['for__created']; $this->registry->adminFunctions->saveAdminLog($forum_cat_lang . " '" . $this->request['name'] . "'" . mb_strtolower($this->lang->words['for__created'])); } else { $forumData = $this->registry->class_forums->getForumById($this->request['f']); if ($this->request['parent_id'] == -1) { $save['can_view_others'] = 1; /* Permissions */ //$classToLoad = IPSLib::loadLibrary( IPS_ROOT_PATH . 'sources/classes/class_public_permissions.php', 'classPublicPermissions' ); //$permissions = new $classToLoad( ipsRegistry::instance() ); //$permissions->savePermMatrix( $this->request['perms'], $this->request['f'], 'forum' ); if (!$save['can_view_others']) { $this->DB->update('permission_index', array('owner_only' => 1), "app='forums' AND perm_type='forum' AND perm_type_id={$this->request['f']}"); } else { $this->DB->update('permission_index', array('owner_only' => 0), "app='forums' AND perm_type='forum' AND perm_type_id={$this->request['f']}"); } } $this->DB->update('forums', $save, "id=" . $this->request['f']); $forum_id = $this->request['f']; /* Tags */ $this->registry->getClass('class_forums')->forumsInit(); $this->registry->tags->updatePermssionsByParentId($this->request['f']); /* Did we enable/disable tagging? @todo find a better way to do this. Perhaps another field in tags? */ if (isset($this->request['bw_disable_tagging'])) { if ($forumData['bw_disable_tagging'] != $this->request['bw_disable_tagging']) { $toggle = $this->request['bw_disable_tagging'] ? 0 : 1; $this->registry->tags->updateVisibilityByParentId($this->request['f'], $toggle); if ($this->request['bw_disable_tagging'] == 0) { /* We just restored all tags, so lets return hidden topics back to 0 */ $this->DB->build(array('select' => 'tid', 'from' => 'topics', 'where' => 'forum_id=' . $this->request['f'] . ' AND ' . $this->registry->class_forums->fetchTopicHiddenQuery(array('sdeleted', 'hidden', 'pdelete', 'oktoremove')), 'order' => 'last_post DESC', 'limit' => array(0, 500))); $this->DB->execute(); $topics = array(); while ($row = $this->DB->fetch()) { $topics[] = $row['tid']; } if (count($topics)) { $this->registry->tags->updateVisibilityByMetaId($topics, 0); } } } } $this->registry->output->global_message = $forum_cat_lang . $this->lang->words['for__edited']; $this->registry->adminFunctions->saveAdminLog($forum_cat_lang . " '" . $this->request['name'] . "' " . mb_strtolower($this->lang->words['for__edited'])); } $this->request['f'] = ''; if ($save['parent_id'] > 0) { $this->request['f'] = $save['parent_id']; } //----------------------------------------- // Post save callbacks //----------------------------------------- if (count($_forumPlugins)) { foreach ($_forumPlugins as $_className => $_object) { if (method_exists($_object, 'postSave')) { $_object->postSave($forum_id); } } } $this->registry->getClass('class_forums')->forumsInit(); $this->showForums(); }
/** * Post a status update to Facebook based on native content * Which may be longer and such and so on and so forth, etc * * @access public * @param string Content * @param string URL to add * @param bool Always add the URL regardless of content length */ public function updateStatusWithUrl($content, $url, $alwaysAdd = false) { $memberData = $this->memberData; /* Got a member? */ if (!$memberData['member_id']) { throw new Exception('NO_MEMBER'); } /* Linked account? */ if (!$memberData['fb_uid']) { throw new Exception('NOT_LINKED'); } /* Ensure content is correctly de-html-ized */ $content = IPSText::UNhtmlspecialchars($content); /* Ensure it's converted cleanly into utf-8 */ $content = html_entity_decode($content, ENT_QUOTES, 'UTF-8'); /* Is the text longer than 140 chars? */ if ($alwaysAdd === TRUE or IPSText::mbstrlen($content) > 500) { /* Leave 26 chars for URL shortener */ $content = IPSText::mbsubstr($content, 0, 474) . '...'; if (IPSText::mbstrlen($url) > 26) { /* Generate short URL */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/url/shorten.php', 'urlShorten'); $shorten = new $classToLoad(); try { $data = $shorten->shorten($url, IPS_URL_SHORTEN_SERVICE); $url = $data['url']; } catch (Exception $ex) { /* Stop the exception bubbling back to parent classes */ } } $content .= ' ' . $url; } /* POST the data */ try { $this->_api->api(array('method' => 'users.setStatus', 'access_token' => $this->_userToken, 'uid' => $this->_userId, 'status' => $content, 'status_includes_verb' => true)); } catch (Exception $e) { $this->registry->output->logErrorMessage($e->getMessage(), 'FB-EXCEPTION'); } }
/** * XMLRPC_server::getUsersBlogs() * * Retrieves a user's blog entries * * This will return a param "response" with either * - FAILED (Unknown failure) * - SUCCESS (Added OK) * * * @access public * @param string $appkey Application key * @param string $username Username * @param string $password Password * @return string xml document **/ public function getUsersBlogs($appkey, $username, $password) { //----------------------------------------- // INIT //----------------------------------------- $return = 'FAILED'; //----------------------------------------- // Authenticate //----------------------------------------- if ($this->_authenticate($username, $password)) { //----------------------------------------- // return //----------------------------------------- $return = 'SUCCESS'; $blog_url = substr(str_replace("&", "&", $this->registry->blog_std->getBlogUrl($this->blog['blog_id'])), 0, -1); $this->classApiServer->apiSendReply(array(array('url' => $blog_url, 'blogid' => $this->blog['blog_id'], 'blogName' => IPSText::UNhtmlspecialchars($this->blog['blog_name'])))); exit; } else { $this->classApiServer->apiSendError(100, $this->error); exit; } }
/** * Update a user's login or display name * * @param string Field to update * @return @e void [Outputs to screen] */ protected function save_member_name($field = 'members_display_name') { $member_id = intval($this->request['member_id']); $member = IPSMember::load($member_id); //----------------------------------------- // Allowed to edit administrators? //----------------------------------------- if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) { $this->registry->output->showError($this->lang->words['m_editadmin']); } if ($field == 'members_display_name') { $display_name = $this->request['display_name']; $display_name = str_replace("+", "+", $display_name); } else { $display_name = $this->request['name']; $display_name = str_replace("+", "+", $display_name); $display_name = str_replace('|', '|', $display_name); $display_name = trim(preg_replace("/\\s{2,}/", " ", $display_name)); } if ($this->settings['strip_space_chr']) { // use hexdec to convert between '0xAD' and chr $display_name = IPSText::removeControlCharacters($display_name); } if ($field == 'members_display_name' and preg_match("#[\\[\\];,\\|]#", IPSText::UNhtmlspecialchars($display_name))) { $this->registry->output->showError($this->lang->words['m_displaynames']); } try { if (IPSMember::getFunction()->updateName($member_id, $display_name, $field, TRUE) === TRUE) { if ($field == 'members_display_name') { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_dnamelog'], $member['members_display_name'], $display_name)); } else { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_namelog'], $member['name'], $display_name)); //----------------------------------------- // If updating a name, and display names // disabled, update display name too //----------------------------------------- if (!ipsRegistry::$settings['auth_allow_dnames']) { IPSMember::getFunction()->updateName($member_id, $display_name, 'members_display_name', TRUE); } //----------------------------------------- // I say, did we choose to email 'dis member? //----------------------------------------- if ($this->request['send_email'] == 1) { //----------------------------------------- // By golly, we did! //----------------------------------------- $msg = trim(IPSText::stripslashes(nl2br($_POST['email_contents']))); $msg = str_replace("{old_name}", $member['name'], $msg); $msg = str_replace("{new_name}", $display_name, $msg); $msg = str_replace("<#BOARD_NAME#>", $this->settings['board_name'], $msg); $msg = str_replace("<#BOARD_ADDRESS#>", $this->settings['board_url'] . '/index.' . $this->settings['php_ext'], $msg); IPSText::getTextClass('email')->message = stripslashes(IPSText::getTextClass('email')->cleanMessage($msg)); IPSText::getTextClass('email')->subject = $this->lang->words['m_changesubj']; IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); } } $this->cache->rebuildCache('stats', 'global'); } else { # We should absolutely never get here. So this is a fail-safe, really to # prevent a "false" positive outcome for the end-user $this->registry->output->showError($this->lang->words['m_namealready']); } } catch (Exception $error) { // $this->returnJsonError( $error->getMessage() ); switch ($error->getMessage()) { case 'NO_USER': $this->registry->output->showError($this->lang->words['m_noid']); break; case 'NO_PERMISSION': case 'NO_NAME': $this->registry->output->showError(sprintf($this->lang->words['m_morethan3'], $this->settings['max_user_name_length'])); break; case 'ILLEGAL_CHARS': $this->registry->output->showError($this->lang->words['m_illegal']); break; case 'USER_NAME_EXISTS': $this->registry->output->showError($this->lang->words['m_namealready']); break; default: $this->registry->output->showError($error->getMessage()); break; } } $this->registry->output->global_message = $this->lang->words[$field . '_updated_success']; $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'module=members&do=viewmember&member_id=' . $member_id); }
/** * Save the add/edit RSS Export Stream form * * @param string $type Either add or edit * @return @e void */ public function rssExportSave($type = 'add') { /* INIT */ $rss_export_id = intval($this->request['rss_export_id']); $rss_export_title = IPSText::UNhtmlspecialchars(trim($this->request['rss_export_title'])); $rss_export_desc = IPSText::UNhtmlspecialchars(trim($this->request['rss_export_desc'])); $rss_export_image = IPSText::UNhtmlspecialchars(trim($this->request['rss_export_image'])); $rss_export_forums = is_array($this->request['rss_export_forums']) ? implode(",", $this->request['rss_export_forums']) : ''; $rss_export_include_post = intval($this->request['rss_export_include_post']); $rss_export_count = intval($this->request['rss_export_count']); $rss_export_cache_time = intval($this->request['rss_export_cache_time']); $rss_export_enabled = intval($this->request['rss_export_enabled']); $rss_export_sort = trim($this->request['rss_export_sort']); $rss_export_order = trim($this->request['rss_export_order']); /* Check for Errors */ if ($type == 'edit') { if (!$rss_export_id) { $this->registry->output->global_message = $this->lang->words['ex_noid']; $this->rssExportOverview(); return; } } if (!$rss_export_title or !$rss_export_count or !$rss_export_forums) { $this->registry->output->global_message = $this->lang->words['ex_completeform']; $this->rssExportForm($type); return; } /* Build Save Array */ $array = array('rss_export_enabled' => $rss_export_enabled, 'rss_export_title' => $rss_export_title, 'rss_export_desc' => $rss_export_desc, 'rss_export_image' => $rss_export_image, 'rss_export_forums' => $rss_export_forums, 'rss_export_include_post' => $rss_export_include_post, 'rss_export_count' => $rss_export_count, 'rss_export_cache_time' => $rss_export_cache_time, 'rss_export_order' => $rss_export_order, 'rss_export_sort' => $rss_export_sort); /* Insert new record */ if ($type == 'add') { $this->DB->insert('rss_export', $array); $rss_export_id = 'all'; $this->registry->output->global_message = $this->lang->words['ex_created']; } else { $this->DB->update('rss_export', $array, 'rss_export_id=' . $rss_export_id); $this->registry->output->global_message = $this->lang->words['ex_edited']; } /* Rebuild chace and bounce */ $this->rssExportRebuildCache($rss_export_id, 0); $this->rssExportOverview(); }
/** * Class entry point * * @param object Registry reference * @return @e void [Outputs to screen/redirects] */ public function doExecute(ipsRegistry $registry) { //----------------------------------------- // Load modules... //----------------------------------------- ipsRegistry::getClass('class_localization')->loadLanguageFile(array('public_mod')); $classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir('forums') . '/sources/classes/moderate.php', 'moderatorLibrary', 'forums'); $this->modLibrary = new $classToLoad($this->registry); //----------------------------------------- // Clean the incoming //----------------------------------------- $this->request['t'] = intval($this->request['t']); $this->mm_id = intval($this->request['mm_id']); if ($this->request['t'] < 0) { $this->registry->output->showError('multimod_no_topic', 103121, null, null, 404); } //----------------------------------------- // Get the topic id / forum id //----------------------------------------- $this->topic = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'topics', 'where' => "tid=" . intval($this->request['t']))); $this->forum = $this->registry->class_forums->allForums[$this->topic['forum_id']]; //----------------------------------------- // Error out if we can not find the topic //----------------------------------------- if (!$this->topic['tid']) { $this->registry->output->showError('multimod_no_topic', 103122, null, null, 404); } //----------------------------------------- // Error out if we can not find the forum //----------------------------------------- if (!$this->forum['id']) { $this->registry->output->showError('multimod_no_topic', 103123, null, null, 404); } //----------------------------------------- // Are we a moderator? //----------------------------------------- if ($this->memberData['member_id'] && !$this->memberData['g_is_supmod']) { /** * @link http://community.invisionpower.com/tracker/issue-37736-multi-moderationsecondary-group-permissions/ */ $this->moderator = empty($this->memberData['forumsModeratorData'][$this->forum['id']]) ? array() : $this->memberData['forumsModeratorData'][$this->forum['id']]; /*$this->moderator = $this->DB->buildAndFetch( array( 'select' => '*', 'from' => 'moderators', 'where' => "forum_id LIKE '%,{$this->forum['id']},%' AND (member_id=" . $this->memberData['member_id'] . " OR (is_group=1 AND group_id='" . $this->memberData['member_group_id'] . "'))" ) );*/ } //----------------------------------------- // Init modfunc module //----------------------------------------- $this->modLibrary->init($this->forum, $this->topic, $this->moderator); //----------------------------------------- // Do we have permission? //----------------------------------------- if ($this->modLibrary->mmAuthorize() != TRUE) { $this->registry->output->showError('multimod_no_perms', 2038, null, null, 403); } //----------------------------------------- // Get MM data //----------------------------------------- $this->mm_data = $this->caches['multimod'][$this->mm_id]; if (!$this->mm_data['mm_id']) { $this->registry->output->showError('multimod_not_found', 103124); } //----------------------------------------- // Does this forum have this mm_id //----------------------------------------- if ($this->modLibrary->mmCheckIdInForum($this->forum['id'], $this->mm_data) != TRUE) { $this->registry->output->showError('multimod_no_perms', 2039, null, null, 403); } $this->modLibrary->stmInit(); //----------------------------------------- // Open close? //----------------------------------------- if ($this->mm_data['topic_state'] != 'leave') { if ($this->mm_data['topic_state'] == 'close') { $this->modLibrary->stmAddClose(); } else { if ($this->mm_data['topic_state'] == 'open') { $this->modLibrary->stmAddOpen(); } } } //----------------------------------------- // pin no-pin? //----------------------------------------- if ($this->mm_data['topic_pin'] != 'leave') { if ($this->mm_data['topic_pin'] == 'pin') { $this->modLibrary->stmAddPin(); } else { if ($this->mm_data['topic_pin'] == 'unpin') { $this->modLibrary->stmAddUnpin(); } } } //----------------------------------------- // Approve / Unapprove //----------------------------------------- if ($this->mm_data['topic_approve']) { if ($this->mm_data['topic_approve'] == 1) { $this->modLibrary->stmAddApprove(); /* Bug #36869: Approving a topic doesn't increment user post count */ $this->modLibrary->clearModQueueTable('topic', $this->topic['tid'], true); } else { if ($this->mm_data['topic_approve'] == 2) { $this->modLibrary->stmAddUnapprove(); } } } //----------------------------------------- // Topic title // Regexes clean title up //----------------------------------------- $title = $this->topic['title']; if ($this->mm_data['topic_title_st']) { $title = preg_replace("/^" . preg_quote($this->mm_data['topic_title_st'], '/') . "/", "", $title); } if ($this->mm_data['topic_title_end']) { $title = preg_replace("/" . preg_quote($this->mm_data['topic_title_end'], '/') . "\$/", "", $title); } $this->modLibrary->stmAddTitle(IPSText::UNhtmlspecialchars($this->mm_data['topic_title_st']) . $title . IPSText::UNhtmlspecialchars($this->mm_data['topic_title_end'])); //----------------------------------------- // Update what we have so far... //----------------------------------------- $this->modLibrary->stmExec($this->topic['tid']); //----------------------------------------- // Add reply? //----------------------------------------- if ($this->mm_data['topic_reply'] and $this->mm_data['topic_reply_content']) { IPSText::getTextClass('bbcode')->parse_smilies = 1; IPSText::getTextClass('bbcode')->parse_bbcode = 1; IPSText::getTextClass('bbcode')->parse_html = 1; IPSText::getTextClass('bbcode')->parse_nl2br = 1; IPSText::getTextClass('bbcode')->parsing_section = 'topics'; $this->modLibrary->topicAddReply(IPSText::getTextClass('bbcode')->preDbParse(str_replace(array("\n", "\r"), '', nl2br($this->mm_data['topic_reply_content']))), array(0 => array($this->topic['tid'], $this->forum['id'])), $this->mm_data['topic_reply_postcount']); } //----------------------------------------- // Move topic? //----------------------------------------- if ($this->mm_data['topic_move']) { //----------------------------------------- // Move to forum still exist? //----------------------------------------- $r = $this->registry->class_forums->allForums[$this->mm_data['topic_move']]; if ($r['id']) { if ($r['sub_can_post'] != 1) { $this->DB->update('topic_mmod', array('topic_move' => 0), 'mm_id=' . $this->mm_id); } else { if ($r['id'] != $this->forum['id']) { $this->modLibrary->topicMove($this->topic['tid'], $this->forum['id'], $r['id'], $this->mm_data['topic_move_link']); $this->modLibrary->forumRecount($r['id']); } } } else { $this->DB->update('topic_mmod', array('topic_move' => 0), 'mm_id=' . $this->mm_id); } } //----------------------------------------- // Recount root forum //----------------------------------------- $this->modLibrary->forumRecount($this->forum['id']); $this->cache->rebuildCache('stats', 'global'); //----------------------------------------- // Add mod log //----------------------------------------- $this->modLibrary->addModerateLog($this->forum['id'], $this->topic['tid'], "", $this->topic['title'], "Applied multi-mod: " . $this->mm_data['mm_title']); //----------------------------------------- // Redirect back with nice fluffy message //----------------------------------------- $this->registry->output->redirectScreen(sprintf($this->lang->words['mm_applied'], $this->mm_data['mm_title']), $this->settings['base_url'] . "showforum=" . $this->forum['id'], $this->forum['name_seo'], 'showforum'); }
/** * Send out the social shares * @param array $data array( 'title' => 'Eat Pie!', 'url' => 'http://eatpie.com/' ) * @param array $services array of services to share with */ public static function sendSocialShares(array $data, $services = null, $memberData = null) { $memberData = $memberData === null ? ipsRegistry::member()->fetchMemberData() : $memberData; $checkedServices = array(); if (!count($services) || $services === null) { /* What are we sharing? */ foreach (ipsRegistry::$request as $k => $v) { if (stristr($k, 'share_x_') and !empty($v)) { $services[] = str_ireplace('share_x_', '', $k); } } } if (is_array($services) and count($services)) { foreach ($services as $service) { if (self::canSocialShare($service, $memberData)) { $checkedServices[] = $service; } } } /* Process them */ foreach ($checkedServices as $service) { switch ($service) { case 'twitter': $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/twitter/connect.php', 'twitter_connect'); $twitter = new $classToLoad(ipsRegistry::instance(), $memberData['twitter_token'], $memberData['twitter_secret']); try { $twitter->updateStatusWithUrl(IPSText::UNhtmlspecialchars($data['title']), $data['url'], TRUE); } catch (Exception $ex) { } break; case 'facebook': $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/facebook/connect.php', 'facebook_connect'); $facebook = new $classToLoad(ipsRegistry::instance()); try { $facebook->postLinkToWall($data['url'], IPSText::UNhtmlspecialchars($data['title'])); } catch (Exception $ex) { } break; } } }
/** * Execute selected method * * @param object Registry object * @return @e void */ public function fixForumRules() { $this->DB->build(array('select' => '*', 'from' => 'forums', 'where' => "rules_text LIKE '%&%'")); $o = $this->DB->execute(); while ($row = $this->DB->fetch($o)) { $this->DB->update('forums', array('rules_text' => IPSText::UNhtmlspecialchars($row['rules_text'])), 'id=' . $row['id']); } $this->registry->output->addMessage("Forum rules updated"); $this->request['workact'] = 'groups'; }
/** * Post a status update to twitter based on native content * Which may be longer and such and so on and so forth, etc * * @access public * @param string Content * @param string URL to add * @param bool Always add the URL regardless of content length * @param bool Add a hashtag */ public function updateStatusWithUrl($content, $url, $alwaysAdd = TRUE, $hashtag = '') { if (is_string($hashtag) && !empty($hashtag)) { if (substr($hashtag, 0, 1) != '#') { $hashtag = '#' . $hashtag; } $hashtag = ' ' . $hashtag; } else { if (!is_string($hashtag)) { $hashtag = ''; } } /* Ensure content is correctly de-html-ized */ $content = IPSText::UNhtmlspecialchars($content); /* Is the text longer than 140 chars? */ if ($alwaysAdd === TRUE or IPSText::mbstrlen($content) > 140) { /* Leave 26 chars for URL shortener */ $less = 26 + strlen($hashtag); if (IPSText::mbstrlen($content) > 140 - $less) { $content = IPSText::mbsubstr($content, 0, 140 - ($less + 3)) . '...' . $hashtag; } if (IPSText::mbstrlen($url) > 26) { /* Generate short URL */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/url/shorten.php', 'urlShorten'); $shorten = new $classToLoad(); try { $data = $shorten->shorten($url, IPS_URL_SHORTEN_SERVICE); $url = $data['url']; } catch (Exception $ex) { /* Stop the exception bubbling back to parent classes */ } } return $this->updateStatus($content . ' ' . $url); } else { /* Just post it */ return $this->updateStatus($content); } }
/** * Parse emoticons in text * * @param string $txt * @return string $txt */ public function parseEmoticons($txt) { /* Sort them in length order first */ $this->_sortSmilies(); $_codeBlocks = array(); $_c = 0; /* Now parse them! */ if (self::$Perms['parseEmoticons'] && !$this->parse_html) { /* Make CODE tags safe... */ while (preg_match('/(<pre(.+?(?=<\\/pre>))<\\/pre>)/s', $txt, $matches)) { $find = $matches[0]; $replace = '<!--Cj' . $_c . 'j-->'; $_codeBlocks[$_c] = $find; $txt = str_replace($find, $replace, $txt); $_c++; } /* Make CODE tags safe... */ while (preg_match('/(\\[code(.+?(?=\\[\\/code\\]))\\[\\/code\\])/s', $txt, $matches)) { $find = $matches[0]; $replace = '<!--Cj' . $_c . 'j-->'; $_codeBlocks[$_c] = $find; $txt = str_replace($find, $replace, $txt); $_c++; } $codes_seen = array(); if (count($this->_sortedSmilies) > 0) { foreach ($this->_sortedSmilies as $row) { if (is_array($this->registry->output->skin) and $this->registry->output->skin['set_emo_dir'] and $row['emo_set'] != $this->registry->output->skin['set_emo_dir']) { continue; } $code = IPSText::UNhtmlspecialchars($row['typed']); if (in_array($code, $codes_seen)) { continue; } $codes_seen[] = $code; // ----------------------------------------- // Now, check for the html safe versions // ----------------------------------------- $_emoCode = str_replace('<', '<', str_replace('>', '>', $code)); $_emoImage = $row['image']; $emoPosition = 0; /* Cheap check */ if (!stristr($txt, $_emoCode)) { continue; } // ----------------------------------------- // These are chars that can't surround the emo // ----------------------------------------- $invalidWrappers = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'\"/"; // ----------------------------------------- // Have any more chars to look at? // ----------------------------------------- while (($position = stripos($txt, $_emoCode, $emoPosition)) !== false) { $lastOpenTagPosition = strrpos(substr($txt, 0, $position), '['); $lastCloseTagPosition = strrpos(substr($txt, 0, $position), ']'); // ----------------------------------------- // Are we at the start of the string, or // is the preceeding char not an invalid wrapper? // ----------------------------------------- if (($position === 0 or stripos($invalidWrappers, substr($txt, $position - 1, 1)) === false) and ($lastOpenTagPosition === FALSE || $lastCloseTagPosition === FALSE or $lastCloseTagPosition !== FALSE and $lastCloseTagPosition > $lastOpenTagPosition) and (strlen($txt) == $position + strlen($_emoCode) or stripos($invalidWrappers, substr($txt, $position + strlen($_emoCode), 1)) === false)) { // ----------------------------------------- // Replace the emoticon and increment position // counter // ----------------------------------------- $replace = $this->_retrieveSmiley($_emoCode, $_emoImage); $txt = substr_replace($txt, $replace, $position, strlen($_emoCode)); $position += strlen($replace); } $emoPosition = $position + 1; if ($emoPosition > strlen($txt)) { break; } } } } /* Put alt tags in */ if (is_array($this->emoticon_alts) && count($this->emoticon_alts)) { foreach ($this->emoticon_alts as $r) { $txt = str_replace($r[0], $r[1], $txt); } } /* Convert code tags back... */ while (preg_match('/<!--Cj(\\d+?)j-->/', $txt, $matches)) { $find = $matches[0]; $replace = $_codeBlocks[$matches[1]]; $txt = str_replace($find, $replace, $txt); } } return $txt; }
/** * Show the attachment (or force download) * * @param int Attachment ID (The main attach id) * @return @e void */ public function showAttachment($attach_id) { /* INIT */ $sql_data = array(); /* Get attach data... */ $attachment = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'attachments', 'where' => 'attach_id=' . intval($attach_id))); if (!$attachment['attach_id']) { $this->registry->getClass('output')->showError('attach_no_attachment', 10170, false, null, 404); } /* Load correct plug in... */ $this->type = $attachment['attach_rel_module']; $this->loadAttachmentPlugin(); /* Get SQL data from plugin */ $attach = $this->plugin->getAttachmentData($attach_id); /* Got a reply? */ if ($attach === FALSE or !is_array($attach)) { $this->registry->getClass('output')->showError('no_permission_to_download', 10171, null, null, 403); } /* Got a rel id? */ if (!$attach['attach_rel_id'] and $attach['attach_member_id'] != $this->memberData['member_id']) { $this->registry->getClass('output')->showError('err_attach_not_attached', 10172, null, null, 403); } //----------------------------------------- // Reset timeout for large attachments //----------------------------------------- if (@function_exists("set_time_limit") == 1 and SAFE_MODE_ON == 0) { @set_time_limit(0); } if (is_array($attach) and count($attach)) { /* Got attachment types? */ if (!is_array($this->registry->cache()->getCache('attachtypes'))) { $attachtypes = array(); $this->DB->build(array('select' => 'atype_extension,atype_mimetype', 'from' => 'attachments_type')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $attachtypes[$r['atype_extension']] = $r; } $this->registry->cache()->updateCacheWithoutSaving('attachtypes', $attachtypes); } /* Show attachment */ $attach_cache = $this->registry->cache()->getCache('attachtypes'); $this->_upload_path = isset($this->plugin->mysettings['upload_dir']) ? $this->plugin->mysettings['upload_dir'] : $this->attach_settings['upload_dir']; $file = $this->_upload_path . "/" . $attach['attach_location']; if (is_file($file) and $attach_cache[$attach['attach_ext']]['atype_mimetype'] != "") { /* Update the "hits".. */ $this->DB->buildAndFetch(array('update' => 'attachments', 'set' => "attach_hits=attach_hits+1", 'where' => "attach_id={$attach_id}")); /* Open and display the file.. */ header("Content-Type: {$attach_cache[$attach['attach_ext']]['atype_mimetype']}"); $disposition = $attach['attach_is_image'] ? "inline" : "attachment"; if (in_array($this->memberData['userAgentKey'], array('firefox', 'opera'))) { @header('Content-Disposition: ' . $disposition . "; filename*={$this->settings['gb_char_set']}''" . rawurlencode(IPSText::UNhtmlspecialchars($attach['attach_file']))); } else { if (in_array($this->memberData['userAgentKey'], array('explorer'))) { @header('Content-Disposition: ' . $disposition . '; filename="' . rawurlencode(IPSText::UNhtmlspecialchars($attach['attach_file'])) . '"'); } else { @header('Content-Disposition: ' . $disposition . '; filename="' . IPSText::UNhtmlspecialchars($attach['attach_file']) . '"'); } } if ((!ini_get('zlib.output_compression') or ini_get('zlib.output_compression') == 'off') and ini_get('output_handler') != 'ob_gzhandler') { header('Content-Length: ' . (string) filesize($file)); } /** * @link http://community.invisionpower.com/tracker/issue-22011-wrong-way-to-handle-attachments-transfer/ */ if (function_exists('ob_end_clean') and ini_get('output_handler') != 'ob_gzhandler') { @ob_end_clean(); } if (function_exists('readfile')) { readfile($file); } else { if ($fh = fopen($file, 'rb')) { while (!feof($fh)) { echo fread($fh, 4096); if (function_exists('ob_get_length') and function_exists('ob_flush') and @ob_get_length()) { @ob_flush(); } else { @flush(); } } @fclose($fh); } } exit; } else { /* File does not exist.. */ $this->registry->getClass('output')->showError('attach_file_missing', 10173); } } else { /* No permission? */ $this->registry->getClass('output')->showError('no_permission_to_download', 10174, null, null, 403); } }
/** * Returns a list of notification options * * @return string XML */ protected function _handleNotificationTypes() { /* Check to see if notifications are enabled */ if (!IPSMember::canReceiveMobileNotifications()) { $this->_returnError("You are not authorized to receive mobile notifications"); } /* Lang */ $this->lang->loadLanguageFile(array('public_usercp'), 'core'); /* Notifications Library */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/classes/member/notifications.php', 'notifications'); $notifyLibrary = new $classToLoad($this->registry); $notifyLibrary->setMember($this->memberData); /* Options */ $_basicOptions = array(array('email', $this->lang->words['notopt__email']), array('pm', $this->lang->words['notopt__pm']), array('inline', $this->lang->words['notopt__inline']), array('mobile', $this->lang->words['notopt__mobile'])); $_configOptions = $notifyLibrary->getNotificationData(TRUE); $_notifyConfig = $notifyLibrary->getMemberNotificationConfig($this->memberData); $_defaultConfig = $notifyLibrary->getDefaultNotificationConfig(); $_formOptions = array(); foreach ($_configOptions as $option) { $_thisConfig = $_notifyConfig[$option['key']]; //----------------------------------------- // Determine available options //----------------------------------------- $_available = array(); foreach ($_basicOptions as $_bo) { if (!is_array($_defaultConfig[$option['key']]['disabled']) or !in_array($_bo[0], $_defaultConfig[$option['key']]['disabled'])) { $_available[] = $_bo; } } //----------------------------------------- // If none available, at least give inline //----------------------------------------- if (!count($_available)) { $_available[] = array('inline', $this->lang->words['notify__inline']); } //----------------------------------------- // Start setting data to pass to form //----------------------------------------- $_formOptions[$option['key']] = array(); $_formOptions[$option['key']]['key'] = $option['key']; //----------------------------------------- // Rikki asked for this... //----------------------------------------- foreach ($_available as $_availOption) { $_formOptions[$option['key']]['options'][$_availOption[0]] = $_availOption; } //$_formOptions[ $option['key'] ]['options'] = $_available; $_formOptions[$option['key']]['defaults'] = is_array($_thisConfig['selected']) ? $_thisConfig['selected'] : array(); $_formOptions[$option['key']]['disabled'] = 0; //----------------------------------------- // Don't allow member to configure // Still show, but disable on form //----------------------------------------- if ($_defaultConfig[$option['key']]['disable_override']) { $_formOptions[$option['key']]['disabled'] = 1; $_formOptions[$option['key']]['defaults'] = is_array($_defaultConfig[$option['key']]['selected']) ? $_defaultConfig[$option['key']]['selected'] : array(); } } /* Groups */ $this->notifyGroups = array('topics_posts' => array('new_topic', 'new_reply', 'post_quoted'), 'status_updates' => array('reply_your_status', 'reply_any_status', 'friend_status_update'), 'profiles_friends' => array('profile_comment', 'profile_comment_pending', 'friend_request', 'friend_request_pending', 'friend_request_approve'), 'private_msgs' => array('new_private_message', 'reply_private_message', 'invite_private_message')); /* XML Parser */ require_once IPS_KERNEL_PATH . 'classXML.php'; /*noLibHook*/ $xml = new classXML('utf-8'); $xml->newXMLDocument(); /* Build Document */ $xml->addElement('notifications'); foreach ($this->notifyGroups as $groupKey => $group) { $xml->addElement('group', 'notifications'); $xml->addElementasRecord('group', array('info'), array('groupTitle' => IPSText::UNhtmlspecialchars($this->lang->words['notifytitle_' . $groupKey]))); $xml->addElement('options', 'group'); foreach ($group as $key) { if (!is_array($_formOptions[$key])) { continue; } /* Set the done flag */ $_formOptions[$key]['done'] = 1; /* Set the title */ $_title = $this->lang->words['notify__short__' . $key] ? $this->lang->words['notify__short__' . $key] : $this->lang->words['notify__' . $key]; /* Add to XML */ $xml->addElementAsRecord('options', array('option'), array('optionKey' => $key, 'optionTitle' => IPSText::UNhtmlspecialchars($_title), 'optionEnabled' => in_array('mobile', $_formOptions[$key]['defaults']) ? '1' : '0')); } } /* Other Options */ $xml->addElement('group', 'notifications'); $xml->addElementasRecord('group', array('info'), array('groupTitle' => IPSText::UNhtmlspecialchars($this->lang->words['notifytitle_other']))); $xml->addElement('options', 'group'); foreach ($_formOptions as $key => $data) { if ($data['done']) { continue; } /* Set the title */ $_title = $this->lang->words['notify__short__' . $key] ? $this->lang->words['notify__short__' . $key] : $this->lang->words['notify__' . $key]; /* Add to XML */ $xml->addElementAsRecord('options', array('option'), array('optionKey' => $key, 'optionTitle' => IPSText::UNhtmlspecialchars($_title), 'optionEnabled' => in_array('mobile', $data['defaults']) ? '1' : '0')); } /* Output */ echo $xml->fetchDocument(); exit; }
/** * Does the actual bbcode replacement * * @access protected * @param string Current bbcode to parse * @param string [Optional] Option text * @param string [Optional for single tag bbcodes] Content text * @return string Converted text */ protected function _bbcodeToHtml($_bbcode, $option = '', $content = '') { //----------------------------------------- // Strip the optional quote delimiters //----------------------------------------- $option = str_replace('"', '"', $option); $option = str_replace(''', "'", $option); $option = trim($option, '"' . "'"); //----------------------------------------- // Stop CSS injection //----------------------------------------- if ($option) { //----------------------------------------- // Cut off for entities in option // @see http://community.invisionpower.com/tracker/issue-19958-acronym/ //----------------------------------------- $option = IPSText::UNhtmlspecialchars($option); $option = str_replace('!', '!', $option); $option = IPSText::decodeNamedHtmlEntities($option); if (strpos($option, ';') !== false) { $option = substr($option, 0, strpos($option, ';')); } $charSet = IPS_DOC_CHAR_SET == 'ISO-8859-1' ? 'ISO-8859-15' : IPS_DOC_CHAR_SET; $option = @htmlentities($option, ENT_NOQUOTES, $charSet); $option = str_replace('!', '!', $option); } $option = str_replace('"', '"', $option); $option = str_replace("'", ''', $option); //----------------------------------------- // Swapping option/content? //----------------------------------------- if ($_bbcode['bbcode_switch_option']) { $_tmp = $content; $content = $option; $option = $_tmp; } //----------------------------------------- // Replace //----------------------------------------- $replaceCode = $_bbcode['bbcode_replace']; $replaceCode = str_replace('{base_url}', $this->settings['board_url'] . '/index.php?', $replaceCode); $replaceCode = str_replace('{image_url}', $this->settings['img_url'], $replaceCode); preg_match('/\\{text\\.(.+?)\\}/i', $replaceCode, $matches); if (is_array($matches) and count($matches)) { $replaceCode = str_replace($matches[0], $this->lang->words[$matches[1]], $replaceCode); } $replaceCode = str_replace('{option}', $option, $replaceCode); $replaceCode = str_replace('{content}', $content, $replaceCode); //----------------------------------------- // Fix linebreaks in textareas //----------------------------------------- if (stripos($replaceCode, "<textarea") !== false) { $replaceCode = str_replace('<br />', "", $replaceCode); $replaceCode = str_replace("\r", "", $replaceCode); $replaceCode = str_replace("\n", "<br />", $replaceCode); } return $replaceCode; }
/** * Share the link. * * @access public * @param string Document title * @param string Document URL */ public function share($title, $url) { /* Disabled? */ if (!$this->settings['sl_enable']) { return false; } /* Permission Check */ $cache = isset($this->caches['sharelinks']) ? $this->caches['sharelinks'] : ipsRegistry::cache()->getCache('sharelinks'); if ($cache[$this->_pluginKey]['share_groups'] != '*' and !IPSMember::isInGroup($this->memberData, explode(',', $cache[$this->_pluginKey]['share_groups']))) { return false; } /* Ensure title is correctly de-html-ized */ $title = IPSText::UNhtmlspecialchars($title); if (is_object($this->_plugin)) { /* Grab URL details */ $data = $this->deconstructUrl($url); /* Requires a permission check? */ if ($data['data_app'] and method_exists($this->_plugin, 'requiresPermissionCheck')) { if ($this->_plugin->requiresPermissionCheck($data) !== false) { $_file = IPSLib::getAppDir($data['data_app']) . '/extensions/coreExtensions.php'; $_result = false; /* Check for the file */ if (is_file($_file)) { /* Get the file */ $_class = IPSLib::loadLibrary($_file, $data['data_app'] . 'ShareLinks', $data['data_app']); /* Check for the class */ if (class_exists($_class)) { /* Create an object */ $_obj = new $_class(); /* Check for the module */ if (method_exists($_obj, 'permissionCheck')) { if ($_obj->permissionCheck($data) !== false) { $_result = true; } } } } if ($_result === false) { $this->registry->getClass('output')->showError('no_permission'); } } } /* Log it */ $this->log($url, $title, $data); /* In almost all cases, there is no data to return as the plugin redirects or posts an action */ $this->_plugin->share($title, $url); } return false; }
/** * CKEditor will send posts with HTML entites (<). If we have HTML enabled * we need to make sure that these HTML entites are converted back into HTML * and that <br> tags are converted into newlines * @param string $conten. */ protected function _htmlize($content) { return $content; $content = IPSText::br2nl($content); $content = IPSText::UNhtmlspecialchars($content); }
/** * Post a status update to vk wall based on native content * Which may be longer and such and so on and so forth, etc * * @access public * @param string Content * @param string URL to add * @param bool Always add the URL regardless of content length */ public function updateStatusWithUrl($content, $url, $alwaysAdd = TRUE) { /* Ensure content is correctly de-html-ized */ $content = IPSText::UNhtmlspecialchars($content); /* Is the text longer than 140 chars? */ if ($alwaysAdd === TRUE or IPSText::mbstrlen($content) > 140) { /* Leave 26 chars for URL shortener */ if (IPSText::mbstrlen($content) > 117) { $content = IPSText::mbsubstr($content, 0, 114) . '...'; } /* Generate short URL */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/url/shorten.php', 'urlShorten'); $shorten = new $classToLoad(); $data = $shorten->shorten($url, IPS_URL_SHORTEN_SERVICE); return $this->updateStatus($content . ' ' . $data['url']); } else { /* Just post it */ return $this->updateStatus($content); } }