public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
if (isset($request['forum']) && isset($request['days'])) {
/* Turn the board off for safety reasons */
$this->dba->Execute("UPDATE " . SETTING . " SET value = '0' WHERE varname = 'bbactive'");
$days = intval($request['days']);
$forum = intval($request['forum']);
$created = $days == 0 ? time() : time() - $days * 24 * 3600;
$prune = new Prune();
if ($forum == -1) {
foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) {
$prune->KillNode($post);
}
} else {
foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE parent_id = " . $forum . " AND row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) {
$prune->KillNode($post);
}
}
/* Turn the board back on */
$this->dba->Execute("UPDATE " . SETTING . " SET value = '1' WHERE varname = 'bbactive'");
return new Error($template['L_PRUNESUCCESS'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=prune">', $template);
} else {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
}
return TRUE;
}
public function pruneGame($gameId, $surrogate, $editorId, $editorToken)
{
if (!Module::authenticateGameEditor($gameId, $editorId, $editorToken, "read_write")) {
return new returnData(6, NULL, "Failed Authentication");
}
$TBD = new stdClass();
$TBD->locations = Prune::pruneLocationsForGame($gameId, $surrogate, $editorId, $editorToken);
$TBD->media = Prune::pruneMediaForGame($gameId, $surrogate, $editorId, $editorToken);
$TBD->note_content = Prune::pruneNoteContentFromGame($gameId, $surrogate, $editorId, $editorToken);
return $TBD;
}
public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
/* Ancestors Bar */
$template = CreateAncestors($template, $template['L_DELETENODE']);
/* Check permissions */
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
/* Set the templates */
$template->content = array('file' => 'admin/admin.html');
if (isset($request['type']) && intval($request['type']) != 0 && (intval($request['type']) == 1 || intval($request['type']) == 2) && isset($request['id']) && intval($request['id']) != 0) {
/* Deletion message and table to use */
$message = array(1 => $template['L_DELETEDPOSTTHREAD'], 2 => $template['L_DELETEDFORUMCAT']);
$table = intval($request['type']) == 1 ? POSTS : FORUMS;
$row = $this->dba->GetRow("SELECT * FROM " . $table . " WHERE id = " . intval($request['id']));
if (!empty($row) && isset($row['id'])) {
$prune = new Prune();
/* Turn the board off for safety reasons */
$this->dba->Execute("UPDATE " . SETTING . " SET value = '0' WHERE varname = 'bbactive'");
/* Remove the node */
$prune->KillSingle($row, intval($request['type']));
/* Turn the board back on */
$this->dba->Execute("UPDATE " . SETTING . " SET value = '1' WHERE varname = 'bbactive'");
return new Error($message[intval($request['type'])] . '<meta http-equiv="refresh" content="2; url=index.php">', $template);
} else {
return new Error($template['L_ERRORUSINGFEATURE'], $template);
}
} else {
return new Error($template['L_ERRORUSINGFEATURE'], $template);
}
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
/* Set the post vars session */
$session['post_vars'] = $request;
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_POSTTHREAD']);
/* Open a connection to the database */
$this->dba = DBA::Open();
/* Set the a variable to this user's permissions and id */
$user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL;
$user_id = $session['user']['id'];
/* Get our parent forum */
try {
$parent_id = intval($request['forum_id']);
@($parent = $this->dba->GetRow("SELECT * FROM " . FORUMS . " WHERE id = {$parent_id}"));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
/* Quote all of the REQUEST variables */
foreach ($request as $key => $val) {
$request[$key] = $this->dba->Quote($val);
}
/* Parse the Message */
$parser = new BBParser(substr($request['message'], 0, $template['postmaxchars']));
//$parser->addOmit('omit', 'omit');
$request['message'] = $parser->Execute();
/* Set the post icon */
if (isset($request['posticon']) && intval($request['posticon']) != 0 && $request['posticon'] != '-1') {
try {
$posticon = $this->dba->GetValue("SELECT image FROM " . POSTICONS . " WHERE id = " . intval($request['posticon']));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
} else {
$posticon = 'clear.gif';
}
/* Is it a poll, if so, deal with it. */
$polloptions = array();
$poll = 0;
$poll_question = '';
if (isset($request['polloptions'])) {
if ($user_perms >= $parent['can_pollcreate']) {
$poll = 1;
if ($request['poll_question'] == '') {
return new Error($template['L_MUSTHAVEPOLLQUESTION'], $template);
}
$poll_question = BB::Open($request['poll_question'])->Execute();
$opts = explode("\n", $request['polloptions']);
if (count($opts) <= $parent['maxpolloptions']) {
foreach ($opts as $key => $option) {
preg_match('~\\[color=(.*?)\\](.*?)\\[\\/color\\]~is', $option, $matches);
$polloptions[] = array_key_exists(1, $matches) ? array('color' => $matches[1], 'option' => $matches[2]) : array('color' => 'blue', 'option' => $option);
}
} else {
return new Error(sprintf($template['L_TOOMANYPOLLOPTIONS'], count($opts), $parent['maxpolloptions']) . '<meta http-equiv="refresh" content="1; url=' . $_SERVER['HTTP_REFERER'] . '">', $template);
}
}
}
/* Bring in the forums clas */
$forum = new Forum();
$stack = $forum->getForums();
/* Check if the forum that we are adding this thread to is NOT the root forum */
if ($parent['row_left'] != 1) {
/* Set a shorter version of the $parent variable */
$f = $parent;
/* Is this forum password-protected? */
if ($f['private'] == 1 && @$_SESSION['forum_logged'] != $f['id']) {
$template['forum_id'] = $f['id'];
$template->content = array('file' => 'forum_login.html');
} else {
/* Check if the forum is suspended or locked */
if (($f['suspend'] == 1 && $session['user']['perms'] & ADMIN || $f['suspend'] != 1) && $f['is_link'] != 1 && ($f['row_lock'] != 1 || $f['row_lock'] == 1 && $session['user']['perms'] >= MOD)) {
/* Fix some cariables if they are not set */
$request['attach_files'] = !isset($request['attach_files']) ? 0 : $request['attach_files'];
/* The status of the Thread is sticky/announcement/normal */
$status = isset($request['status']) ? intval($request['status']) : 1;
/* Check if the user has permission to make sticky or announcement threads */
if ($status == 2) {
$status = $user_perms >= $f['can_sticky'] ? 2 : 1;
} else {
if ($status == 3) {
$status = $user_perms >= $f['can_announce'] ? 3 : 1;
}
}
/* Get the number of threads on the same level as this one */
if ($this->getNumOnLevel($parent_id) > 0) {
$left = $parent['row_right'];
} else {
$left = $parent['row_left'] + 1;
}
/* Set a depth variable, and the the right value */
$depth = $parent['row_level'] + 1;
$right = $left + 1;
/* Timestamp */
$time = time();
/* If this user can post */
if ($user_perms >= $f['can_post']) {
try {
/* Make room for the thread in the Forums table by updating the right values */
@$this->dba->Query("UPDATE " . FORUMS . " SET row_right = row_right+2 WHERE row_left < {$left} AND row_right >= {$left}");
// Good
/* Keep updating the Forums table by changing all of the necessary left AND right values */
@$this->dba->Query("UPDATE " . FORUMS . " SET row_left = row_left+2, row_right=row_right+2 WHERE row_left >= {$left}");
// Good
/* Make room in the Posts table for this thread */
@$this->dba->Query("UPDATE " . POSTS . " SET row_right = row_right+2 WHERE row_left < {$left} AND row_right >= {$left}");
/* Keep updating the Posts table */
@$this->dba->Query("UPDATE " . POSTS . " SET row_left = row_left+2, row_right=row_right+2 WHERE row_left > {$left}");
/* Finally insert our thread into the Posts table */
@$this->dba->Query("INSERT INTO " . POSTS . " (row_left, row_right, name, forum_id, parent_id, row_level, description, body_text, created, poster_name, poster_id, row_type, attach, icon, poll, poll_question, row_status) VALUES ({$left}, {$right}, '" . stripslashes($request['title']) . "', " . $f['id'] . ", {$parent_id}, {$depth}, '" . $parser->Revert(stripslashes(substr($request['message'], 0, 50))) . "..." . "', '" . stripslashes($request['message']) . "', " . $time . ", '" . $session['user']['name'] . "', " . $session['user']['id'] . ", 2, " . intval($request['attach_files']) . ", '{$posticon}', {$poll}, '{$poll_question}', {$status})");
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
/* Change the REQUEST title variable to make it shorter for the forums last post info */
$request['title'] = strlen($request['title']) > 29 ? substr($request['title'], 0, 29) . '...' : $request['title'];
/* Get the id of the thread that we just inserted into the database */
$last_post = $this->lastPostByUser($user_id);
$last_post_id = $last_post['id'];
try {
/* Update the Forums post & thread count, and last post info for this thread*/
@$this->dba->Query("UPDATE " . FORUMS . " SET posts = posts+1, threads = threads+1, thread_created = {$time}, thread_name = '" . $request['title'] . "', thread_id = " . $last_post_id . ", thread_uname = '" . $session['user']['name'] . "', thread_uid = " . $session['user']['id'] . " WHERE id = {$parent_id}");
/* Update the users's post count */
if ($user_id != 0) {
@$this->dba->Query("UPDATE " . USERS . " SET posts = posts+1 WHERE id = " . $session['user']['id']);
}
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
/* If there are files to attach, try to attach them */
if (intval($request['attach_files']) == 1) {
if ($user_perms >= $f['can_attach']) {
if (@$this->Upload($last_post_id, array('attach1', 'attach2', 'attach3', 'attach4')) instanceof SetError) {
$p = new Prune();
/* Remove everything that we just added to the db */
$p->KillSingle($last_post, 1);
return new Error($upload->message, $template);
}
}
}
/* If there are poll options, add them to the database */
if (isset($request['polloptions'])) {
/* Does the user have permission to create the poll? */
if ($user_perms >= $f['can_pollcreate']) {
foreach ($polloptions as $option) {
try {
@$this->dba->Query("INSERT INTO " . POLLOPTIONS . " (poll_id, name, color) VALUES ({$last_post_id}, '" . $option['option'] . "', '" . $option['color'] . "')");
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
}
}
}
} else {
return new Error($template['L_PERMCANTPOST'], $template);
}
/* Assuming that we've made it this far, unset the post vars session */
unset($session['post_vars']);
/* If we've gotten to this point, reload the page to our recently added thread :) */
return new Error($template['L_ADDEDTHREAD'] . '<meta http-equiv="refresh" content="1; url=viewthread.php?id=' . $last_post_id . '">', $template);
} else {
return new Error($template['L_PERMCANTPOST'], $template);
}
}
// end check forum login required
} else {
return new Error($template['L_ERRORPOSTING'], $template);
}
}
