/** * Smarty function to wrap Zikula_Form_View generated form controls with suitable form tags. * * @param array $params Parameters passed in the block tag. * @param string $content Content of the block. * @param Zikula_Form_View $view Reference to Zikula_Form_View object. * * @return string The rendered output. */ function smarty_block_form($params, $content, $view) { if ($content) { PageUtil::AddVar('stylesheet', 'system/ThemeModule/Resources/public/css/form/style.css'); $action = htmlspecialchars(System::getCurrentUri()); $classString = ''; $roleString = ''; if (isset($params['cssClass'])) { $classString = "class=\"{$params['cssClass']}\" "; } if (isset($params['role'])) { $roleString = "role=\"{$params['role']}\" "; } $enctype = array_key_exists('enctype', $params) ? $params['enctype'] : null; // if enctype is not set directly, check whenever upload plugins were used; // if so - set proper enctype for file upload if (is_null($enctype)) { $uploadPlugins = array_filter($view->plugins, function ($plugin) { return $plugin instanceof Zikula_Form_Plugin_UploadInput; }); if (!empty($uploadPlugins)) { $enctype = 'multipart/form-data'; } } $encodingHtml = !is_null($enctype) ? " enctype=\"{$enctype}\"" : ''; $onSubmit = isset($params['onsubmit']) ? " onSubmit=\"{$params['onsubmit']}\"" : ''; $view->postRender(); $formId = $view->getFormId(); $out = "\n<form id=\"{$formId}\" {$roleString}{$classString}action=\"{$action}\" method=\"post\"{$encodingHtml}{$onSubmit}>\n {$content}\n <div>\n {$view->getStateHTML()}\n {$view->getStateDataHTML()}\n {$view->getIncludesHTML()}\n {$view->getCsrfTokenHtml()}\n <input type=\"hidden\" name=\"__formid\" id=\"form__id\" value=\"{$formId}\" />\n <input type=\"hidden\" name=\"FormEventTarget\" id=\"FormEventTarget\" value=\"\" />\n <input type=\"hidden\" name=\"FormEventArgument\" id=\"FormEventArgument\" value=\"\" />\n <script type=\"text/javascript\">\n <!--\n function FormDoPostBack(eventTarget, eventArgument)\n {\n var f = document.getElementById('{$formId}');\n if (!f.onsubmit || f.onsubmit()) {\n f.FormEventTarget.value = eventTarget;\n f.FormEventArgument.value = eventArgument;\n f.submit();\n }\n }\n // -->\n </script>\n </div>\n</form>\n"; return $out; } }
/** * Smarty function to wrap MUBoard_Form_View generated form controls with suitable form tags. * * @param array $params Parameters passed in the block tag. * @param string $content Content of the block. * @param Zikula_Form_View $view Reference to Zikula_Form_View object. * * @return string The rendered output. */ function smarty_block_muboardform($params, $content, $view) { if ($content) { PageUtil::addVar('stylesheet', 'system/Theme/style/form/style.css'); $encodingHtml = array_key_exists('enctype', $params) ? " enctype=\"{$params['enctype']}\"" : ''; $action = htmlspecialchars(System::getCurrentUri()); $classString = ''; if (isset($params['cssClass'])) { $classString = "class=\"{$params['cssClass']}\" "; } $request = new Zikula_Request_Http(); $id = $request->getGet()->filter('id', 0, FILTER_SANITIZE_NUMBER_INT); $forumid = $request->getGet()->filter('forum', 0, FILTER_SANITIZE_NUMBER_INT); // we check if the entrypoint is part of the url $stripentrypoint = ModUtil::getVar('ZConfig', 'shorturlsstripentrypoint'); // get url name $tables = DBUtil::getTables(); $modcolumn = $tables['modules_column']; $module = 'MUBoard'; $where = "{$modcolumn['name']} = '" . DataUtil::formatForStore($module) . "'"; $module = DBUtil::selectObject('modules', $where); $urlname = $module['url']; if (ModUtil::getVar('ZConfig', 'shorturls') == 0) { if (strpos($action, "func=display") !== false) { $action = 'index.php?module=' . $urlname . '&type=user&func=edit&ot=posting&answer=1'; } if (strpos($action, "func=edit&ot=posting") !== false && $forumid > 0) { $action = 'index.php?module=' . $urlname . '&type=user&func=edit&ot=posting&forum' . $forumid; } } else { if (strpos($action, $urlname . "/posting/id.") !== false) { if ($stripentrypoint == 1) { $action = $urlname . '/edit/ot/posting/answer/1'; } elseif ($stripentrypoint == 0) { $action = 'index.php/' . $urlname . '/edit/ot/posting/answer/1'; } } if (strpos($action, "edit/ot/posting/forum/") !== false && $forumid > 0) { if ($stripentrypoint == 1) { $action = $urlname . '/edit/ot/posting/forum/' . $forumid; } elseif ($stripentrypoint == 0) { $action = 'index.php/' . $urlname . '/edit/ot/posting/forum/' . $forumid; } } } $view->postRender(); $formId = $view->getFormId(); $out = "\n <form id=\"{$formId}\" {$classString}action=\"{$action}\" method=\"post\"{$encodingHtml}>\n {$content}\n <div>\n {$view->getStateHTML()}\n {$view->getStateDataHTML()}\n {$view->getIncludesHTML()}\n {$view->getCsrfTokenHtml()}\n <input type=\"hidden\" name=\"__formid\" id=\"form__id\" value=\"{$formId}\" />\n <input type=\"hidden\" name=\"FormEventTarget\" id=\"FormEventTarget\" value=\"\" />\n <input type=\"hidden\" name=\"FormEventArgument\" id=\"FormEventArgument\" value=\"\" />\n <script type=\"text/javascript\">\n <!--\n function FormDoPostBack(eventTarget, eventArgument)\n {\n var f = document.getElementById('{$formId}');\n if (!f.onsubmit || f.onsubmit())\n {\n f.FormEventTarget.value = eventTarget;\n f.FormEventArgument.value = eventArgument;\n f.submit();\n }\n }\n // -->\n </script>\n </div>\n </form>\n "; return $out; } }
/** * Zikula_View function to obtain current URI * * This function obtains the current request URI. * Unlike the API function getcurrenturi, the results of this function are already * sanitized to display, so it should not be passed to the safetext modifier. * * Available parameters: * - assign: If set, the results are assigned to the corresponding variable instead of printed out * - and any additional ones to override for the current request * * Example * {getcurrenturi} * {getcurrenturi lang='de'} * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the Zikula_View object. * * @return string The current URI. */ function smarty_function_getcurrenturi($params, Zikula_View $view) { $assign = null; if (isset($params['assign'])) { $assign = $params['assign']; unset($params['assign']); } $result = htmlspecialchars(System::getCurrentUri($params)); if ($assign) { $view->assign($assign, $result); } else { return $result; } }
/** * Zikula_View function call hooks * * This function calls a specific module function. It returns whatever the return * value of the resultant function is if it succeeds. * Note that in contrast to the API function modcallhooks you need not to load the * module with ModUtil::load. * * * Available parameters: * - 'hookobject' the object the hook is called for - either 'item' or 'category' * - 'hookaction' the action the hook is called for - one of 'create', 'delete', 'transform', or 'display' * - 'hookid' the id of the object the hook is called for (module-specific) * - 'implode' Implode collapses all display hooks into a single string. * - 'assign' If set, the results are assigned to the corresponding variable instead of printed out * - all remaining parameters are passed to the ModUtil::callHooks API via the extrainfo array * * Example * {modcallhooks hookobject='item' hookaction='modify' hookid=$tid $modname='ThisModule' $objectid=$tid} * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the Zikula_View object. * * @see function.modcallhooks.php::smarty_function_modcallhooks() * * @return string The results of the module function. */ function smarty_function_modcallhooks($params, $view) { LogUtil::log(__f('Warning! Template plugin {%1$s} is deprecated, please use {%2$s} instead.', array('modcallhooks', 'notifydisplayhooks')), E_USER_DEPRECATED); $assign = isset($params['assign']) ? $params['assign'] : null; $hookid = isset($params['hookid']) ? $params['hookid'] : ''; $hookaction = isset($params['hookaction']) ? $params['hookaction'] : null; $hookobject = isset($params['hookobject']) ? $params['hookobject'] : null; $implode = isset($params['implode']) ? (bool)$params['implode'] : true; // avoid sending these to ModUtil::callHooks unset($params['hookobject']); unset($params['hookaction']); unset($params['hookid']); unset($params['assign']); unset($params['implode']); if (!$hookobject) { $view->trigger_error(__f('Error! in %1$s: the %2$s parameter must be specified.', array('modcallhooks', 'hookobject'))); return false; } if (!$hookaction) { $view->trigger_error(__f('Error! in %1$s: the %2$s parameter must be specified.', array('modcallhooks', 'hookaction'))); return false; } if (!$hookid) { $hookid = ''; } // create returnurl if not supplied (= this page) if (!isset($params['returnurl']) || empty($params['returnurl'])) { $params['returnurl'] = str_replace('&', '&', 'http://' . System::getHost() . System::getCurrentUri()); } // if the implode flag is true then we must always assign the result to a template variable // outputing the erray is no use.... if (!$implode) { $assign = 'hooks'; } $result = ModUtil::callHooks($hookobject, $hookaction, $hookid, $params, $implode); if ($assign) { $view->assign($assign, $result); } else { return $result; } }
/** * Display an error * This function displays a generic error form * The template used is based on the error type passed * * @param string $args['type'] error type '404' or 'module' * @param string $args['message'] custom error message * * @return string HTML string */ public function main($args) { $type = FormUtil::getPassedValue('errtype', isset($args['type']) ? $args['type'] : LogUtil::getErrorType(), 'GET'); $exception = isset($args['exception']) ? $args['exception'] : null; $message = isset($args['message']) ? $args['message'] : ''; // perform any error specific tasks $protocol = System::serverGetVar('SERVER_PROTOCOL'); switch ($type) { case 301: header("{$protocol} 301 Moved Permanently"); break; case 403: header("{$protocol} 403 Access Denied"); break; case 404: header("{$protocol} 404 Not Found"); break; case 500: header("{$protocol} 500 Internal Server Error"); default: } // load the stylesheet PageUtil::addVar('stylesheet', 'system/Errors/style/style.css'); $this->view->setCaching(Zikula_View::CACHE_DISABLED); // assign the document info $this->view->assign('reportlevel', System::getVar('reportlevel'))->assign('currenturi', System::getCurrentUri())->assign('localreferer', System::localReferer())->assign('sitename', System::getVar('sitename'))->assign('reportlevel', System::getVar('reportlevel'))->assign('funtext', System::getVar('funtext')); $messages = LogUtil::getErrorMessages(); // show the detailed error message for admins only if (System::isDevelopmentMode() || SecurityUtil::checkPermission('::', '::', ACCESS_ADMIN)) { $message ? $messages[] = $message : null; } $trace = array(); if (System::isDevelopmentMode() && $exception instanceof Exception) { $line = $exception->getLine(); $file = $exception->getFile(); $trace = array(0 => '#0 ' . $this->__f('Exception thrown in %1$s, line %2$s.', array($file, $line))); $trace += explode("\n", $exception->getTraceAsString()); } // assign the list of registered errors // and the trace (if development mode is enabled) $this->view->assign('messages', $messages)->assign('trace', $trace); // return the template output if ($this->view->template_exists($template = "errors_user_{$type}.tpl")) { return $this->view->fetch($template); } else { return $this->view->fetch('errors_user_main.tpl'); } }
/** * Smarty function to wrap Zikula_Form_View generated form controls with suitable form tags. * * @param array $params Parameters passed in the block tag. * @param string $content Content of the block. * @param Zikula_Form_View $view Reference to Zikula_Form_View object. * * @return string The rendered output. */ function smarty_block_form($params, $content, $view) { if ($content) { PageUtil::addVar('stylesheet', 'system/Theme/style/form/style.css'); $encodingHtml = array_key_exists('enctype', $params) ? " enctype=\"{$params['enctype']}\"" : ''; $action = htmlspecialchars(System::getCurrentUri()); $classString = ''; if (isset($params['cssClass'])) { $classString = "class=\"{$params['cssClass']}\" "; } $view->postRender(); $formId = $view->getFormId(); $out = "\n<form id=\"{$formId}\" {$classString}action=\"{$action}\" method=\"post\"{$encodingHtml}>\n {$content}\n <div>\n {$view->getStateHTML()}\n {$view->getStateDataHTML()}\n {$view->getIncludesHTML()}\n {$view->getCsrfTokenHtml()}\n <input type=\"hidden\" name=\"__formid\" id=\"form__id\" value=\"{$formId}\" />\n <input type=\"hidden\" name=\"FormEventTarget\" id=\"FormEventTarget\" value=\"\" />\n <input type=\"hidden\" name=\"FormEventArgument\" id=\"FormEventArgument\" value=\"\" />\n <script type=\"text/javascript\">\n <!--\n function FormDoPostBack(eventTarget, eventArgument)\n {\n var f = document.getElementById('{$formId}');\n if (!f.onsubmit || f.onsubmit())\n {\n f.FormEventTarget.value = eventTarget;\n f.FormEventArgument.value = eventArgument;\n f.submit();\n }\n }\n // -->\n </script>\n </div>\n</form>\n"; return $out; } }
public function renderFormTag($params, $content, \Zikula_View $view) { if ($content) { if (isset($params['attr']['class'])) { $params['attr']['class'] .= ' z-form'; } else { $params['attr']['class'] = 'z-form'; } $html = '<form action="' . htmlspecialchars(\System::getCurrentUri()) . '" method="post" ' . $this->renderEnctype(array('form' => $params['form'])); foreach ($params['attr'] as $k => $v) { $html .= ' ' . $k . '="' . $v . '"'; } $html .= '>' . $content . '</form>'; return $html; } }
/** * Zikula_View function to get current URI/URL to change language, handling in proper way short URLs * * This function obtains the current request URI and returns URI/URL with parameter to change language. * The results of this function are already sanitized to display, so it should not be passed to the safetext modifier. * * Available parameters: * - assign: If set, the results are assigned to the corresponding variable instead of printed out * - lang: Language code to change to * - fqurl: Fully Qualified URL. True to get full URL, otherwise return URI * * Example * {langchange lang='de'} * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the Zikula_View object. * * @return string The changed current URI. */ function smarty_function_langchange($params, Zikula_View $view) { $assign = null; if (isset($params['assign'])) { $assign = $params['assign']; unset($params['assign']); } $lang = null; if (isset($params['lang'])) { $lang = $params['lang']; } $fqurl = false; if (isset($params['fqurl'])) { $fqurl = $params['fqurl']; unset($params['fqurl']); } // Handling short URL's similar to Language selector block $shorturls = System::getVar('shorturls', false); if (isset($lang) && $shorturls) { $module = FormUtil::getPassedValue('module', null, 'GET', FILTER_SANITIZE_STRING); $type = FormUtil::getPassedValue('type', null, 'GET', FILTER_SANITIZE_STRING); $func = FormUtil::getPassedValue('func', null, 'GET', FILTER_SANITIZE_STRING); if (isset($module) && isset($type) && isset($func)) { // build URL based on module URL $result = ModUtil::url($module, $type, $func, $_GET, null, null, $fqurl, false, $lang); } else { // to homepage with language set in terms of short url's if ($fqurl) { $result = System::getVar('entrypoint', 'index.php') . "?lang=" . $lang; } else { $result = $lang; } } } else { if ($fqurl) { $result = htmlspecialchars(System::getCurrentUrl($params)); } else { $result = htmlspecialchars(System::getCurrentUri($params)); } } if ($assign) { $view->assign($assign, $result); } else { return $result; } }
/** * Zikula_View function to display the login box * * Example * {userlogin size=14 maxlength=25 maxlengthpass=20} * * Parameters: * size Size of text boxes (default=14) * maxlength Maximum length of text box for unamees (default=25) * maxlengthpass Maximum length of text box for password (default=20) * class Name of class assigned to the login form * value The default value of the username input box * js Use javascript to automatically clear the default value (defaults to true) * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the Zikula_View object. * * @see function.userlogin.php::smarty_function_userlogin() * * @return string The welcome message. */ function smarty_function_userlogin($params, Zikula_View $view) { $assign = isset($params['assign']) ? $params['assign'] : false; if (!UserUtil::isLoggedIn()) { // set some defaults $size = isset($params['size']) ? $params['size'] : 14; $maxlength = isset($params['maxlength']) ? $params['maxlength'] : 25; $maxlengthpass = isset($params['maxlenthpass']) ? $params['maxlenthpass'] : 20; $class = isset($params['class']) ? ' class="' . $params['class'] . '"' : ''; if (ModUtil::getVar(Users_Constant::MODNAME, Users_Constant::MODVAR_LOGIN_METHOD, Users_Constant::LOGIN_METHOD_UNAME) == Users_Constant::LOGIN_METHOD_EMAIL) { $value = isset($params['value']) ? DataUtil::formatForDisplay($params['value']) : __('E-mail address'); $userNameLabel = __('E-mail address'); $methodName = 'email'; } else { $value = isset($params['value']) ? DataUtil::formatForDisplay($params['value']) : __('User name'); $userNameLabel = __('User name'); $methodName = 'uname'; } if (!isset($params['js']) || $params['js']) { $js = ' onblur="if (this.value==\'\')this.value=\'' . $value . '\';" onfocus="if (this.value==\'' . $value . '\')this.value=\'\';"'; } else { $js = ''; } // determine the current url so we can return the user to the correct place after login $returnurl = System::getCurrentUri(); $csrftoken = SecurityUtil::generateCsrfToken(); $loginbox = '<form' . $class . ' style="display:inline" action="' . DataUtil::formatForDisplay(ModUtil::url('Users', 'user', 'login')) . '" method="post"><div>' . "\n" . '<input type="hidden" name="csrftoken" value="' . $csrftoken . '" />' . "\n" . '<input type="hidden" name="authentication_method[modname]" value="Users" />' . "\n" . '<input type="hidden" name="authentication_method[method]" value="' . $methodName . '" />' . "\n" . '<label for="userlogin_plugin_uname">' . $userNameLabel . '</label> ' . "\n" . '<input type="text" name="authentication_info[login_id]" id="userlogin_plugin_uname" size="' . $size . '" maxlength="' . $maxlength . '" value="' . $value . '"' . $js . ' />' . "\n" . '<label for="userlogin_plugin_pass">' . __('Password') . '</label> ' . "\n" . '<input type="password" name="authentication_info[pass]" id="userlogin_plugin_pass" size="' . $size . '" maxlength="' . $maxlengthpass . '" />' . "\n"; if (System::getVar('seclevel') != 'high') { $loginbox .= '<input type="checkbox" value="1" name="rememberme" id="userlogin_plugin_rememberme" />' . "\n" . '<label for="userlogin_plugin_rememberme">' . __('Remember me') . '</label> ' . "\n"; } $loginbox .= '<input type="hidden" name="returnurl" value="' . DataUtil::formatForDisplay($returnurl) . '" />' . "\n" . '<input type="submit" value="' . __('Log in') . '" />' . "\n" . '</div></form>' . "\n"; } else { $loginbox = ''; } if ($assign) { $view->assign($assign, $loginbox); } else { return $loginbox; } }
/** * Assign template vars for base theme paths and other useful variables. * * @return void */ private function _base_vars() { // identify the page type $this->pagetype = 'module'; if (stristr(System::serverGetVar('PHP_SELF'), 'admin.php') || strtolower($this->type) == 'admin') { $this->pagetype = 'admin'; } else { $module = FormUtil::getPassedValue('module', null, 'GETPOST', FILTER_SANITIZE_STRING); if (empty($module)) { $this->pagetype = 'home'; } } // set some basic class variables from Zikula $this->isloggedin = UserUtil::isLoggedIn(); $this->uid = UserUtil::getVar('uid'); // assign the query string $this->qstring = System::serverGetVar('QUERY_STRING', ''); // assign the current script $this->requesturi = System::getCurrentUri(); // define the cache_id if not set yet if ($this->caching && !$this->cache_id) { // module / type / function / customargs|homepage/startpageargs / uid_X|guest $this->cache_id = $this->toplevelmodule . '/' . $this->type . '/' . $this->func . (!$this->homepage ? $this->_get_customargs() : '/homepage/' . str_replace(',', '/', System::getVar('startargs'))) . '/' . UserUtil::getUidCacheString(); } // assign some basic paths for the engine $this->template_dir = $this->themepath . '/templates'; // default directory for templates $this->themepath = 'themes/' . $this->directory; $theme = ThemeUtil::getTheme($this->name); if (null === $theme) { $this->imagepath = $this->themepath . '/images'; $this->imagelangpath = $this->themepath . '/images/' . $this->language; $this->stylepath = $this->themepath . '/style'; $this->scriptpath = $this->themepath . '/javascript'; } else { $this->imagepath = $this->themepath . '/Resources/public/images'; $this->imagelangpath = $this->themepath . '/Resources/public/images/' . $this->language; $this->stylepath = $this->themepath . '/Resources/public/css'; $this->scriptpath = $this->themepath . '/Resources/public/js'; } // make the base vars available to all templates $this->assign('module', $this->toplevelmodule)->assign('uid', $this->uid)->assign('loggedin', $this->isloggedin)->assign('pagetype', $this->pagetype)->assign('themepath', $this->themepath)->assign('imagepath', $this->imagepath)->assign('imagelangpath', $this->imagelangpath)->assign('stylepath', $this->stylepath)->assign('scriptpath', $this->scriptpath); // load the theme variables $variables = ModUtil::apiFunc('ZikulaThemeModule', 'user', 'getvariables', array('theme' => $this->name)); $this->assign($variables['variables']); }
/** * Display the output of the login block. * * @param array $blockInfo A blockinfo structure. * * @return string The output. */ public function display($blockInfo) { $renderedOutput = ''; if (SecurityUtil::checkPermission('Loginblock::', $blockInfo['title'].'::', ACCESS_READ)) { if (!UserUtil::isLoggedIn()) { if (empty($blockInfo['title'])) { $blockInfo['title'] = DataUtil::formatForDisplay('Login'); } $authenticationMethodList = new Users_Helper_AuthenticationMethodList($this); if ($authenticationMethodList->countEnabledForAuthentication() > 1) { $selectedAuthenticationMethod = $this->request->request->get('authentication_method', false); } else { // There is only one (or there is none), so auto-select it. $authenticationMethod = $authenticationMethodList->getAuthenticationMethodForDefault(); $selectedAuthenticationMethod = array( 'modname' => $authenticationMethod->modname, 'method' => $authenticationMethod->method, ); } // TODO - The order and availability should be set by block configuration $authenticationMethodDisplayOrder = array(); foreach ($authenticationMethodList as $authenticationMethod) { if ($authenticationMethod->isEnabledForAuthentication()) { $authenticationMethodDisplayOrder[] = array( 'modname' => $authenticationMethod->modname, 'method' => $authenticationMethod->method, ); } } $this->view->assign('authentication_method_display_order', $authenticationMethodDisplayOrder) ->assign('selected_authentication_method', $selectedAuthenticationMethod); // If the current page was reached via a POST or FILES then we don't want to return here. // Only return if the current page was reached via a regular GET if ($this->request->isGet()) { $this->view->assign('returnpage', System::getCurrentUri()); } else { $this->view->assign('returnpage', ''); } $tplName = mb_strtolower("users_block_login_{$blockInfo['position']}.tpl"); if ($this->view->template_exists($tplName)) { $blockInfo['content'] = $this->view->fetch($tplName); } else { $blockInfo['content'] = $this->view->fetch('users_block_login.tpl'); } $renderedOutput = BlockUtil::themeBlock($blockInfo); } } return $renderedOutput; }
/** * Check permissions. * * @return boolean */ public function checkpermissions() { $username = FormUtil::getPassedValue('username', null, 'POST'); $returnto = FormUtil::getPassedValue('returnto', System::getCurrentUri(), 'POST'); $this->redirect($returnto); }
public function dispatch(Request $request) { $module = $request->attributes->get('_module'); $type = $request->attributes->get('_controller'); $func = $request->attributes->get('_action'); $arguments = array(); // process the homepage if (!$module) { // set the start parameters $module = \System::getVar('startpage'); $type = \System::getVar('starttype'); $func = \System::getVar('startfunc'); $args = explode(',', \System::getVar('startargs')); foreach ($args as $arg) { if (!empty($arg)) { $argument = explode('=', $arg); $arguments[$argument[0]] = $argument[1]; } } } // get module information $modinfo = \ModUtil::getInfoFromName($module); // we need to force the mod load if we want to call a modules interactive init // function because the modules is not active right now if ($modinfo) { $module = $modinfo['url']; if ($type == 'init' || $type == 'interactiveinstaller') { \ModUtil::load($modinfo['name'], $type, true); } } $httpCode = 404; $message = ''; $debug = null; $return = false; $e = null; try { if (empty($module)) { // we have a static homepage return new Response(); } elseif ($modinfo) { // call the requested/homepage module $return = \ModUtil::func($modinfo['name'], $type, $func, $arguments); } if (!$return) { // hack for BC since modules currently use ModUtil::func without expecting exceptions // if a controller is not found the API will return false. throw new \Zikula\Framework\Exception\NotFoundException(__('Page not found.')); } return $return; } catch (\Exception $e) { if ($e instanceof \Zikula\Framework\Exception\NotFoundException) { $httpCode = 404; $message = $e->getMessage(); $debug = array_merge($e->getDebug(), $e->getTrace()); } elseif ($e instanceof \Zikula\Framework\Exception\ForbiddenException) { $httpCode = 403; $message = $e->getMessage(); $debug = array_merge($e->getDebug(), $e->getTrace()); } elseif ($e instanceof \Zikula\Framework\Exception\RedirectException) { return new RedirectResponse($e->getUrl(), array(), $e->getType()); } elseif ($e instanceof \Exception) { // general catch all $httpCode = 500; $message = $e->getMessage(); $debug = $e->getTrace(); } } switch (true) { case $httpCode == 403: if (!\UserUtil::isLoggedIn()) { $url = \ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(\System::getCurrentUri()))); return \LogUtil::registerError(\LogUtil::getErrorMsgPermission(), $httpCode, $url); } // there is no break here deliberately. // there is no break here deliberately. case $return === false: $session = \ServiceUtil::get('session'); if (!$session->getFlashBag()->has(\Zikula_Session::MESSAGE_ERROR)) { \LogUtil::registerError(__f('Could not load the \'%1$s\' module at \'%2$s\'.', array($module, $func)), $httpCode, null); } return \ModUtil::func('ErrorsModule', 'user', 'index', array('message' => $message, 'exception' => $e)); break; default: \LogUtil::registerError(__f('The \'%1$s\' module returned an error in \'%2$s\'.', array($module, $func)), $httpCode, null); return \ModUtil::func('ErrorsModule', 'user', 'index', array('message' => $message, 'exception' => $e)); break; } }
/** * Bind domain. * * @param string $domain Gettext domain. * @param string $path Domain path. * * @return boolean */ public static function bindDomain($domain, $path) { $_this = self::getInstance(); $locale = $_this->getLocale(); if (!$locale) { // fallback solution to be replaced by proper routing $defaultLocale = System::getVar('language_i18n', 'en'); if (System::getVar('shorturls')) { // we need to extract the language code from current url, since it is not ensured // that System::queryStringDecode() has been executed already $customentrypoint = System::getVar('entrypoint'); $expectEntrypoint = !System::getVar('shorturlsstripentrypoint'); $root = empty($customentrypoint) ? 'index.php' : $customentrypoint; // get base path to work out our current url $parsedURL = parse_url(System::getCurrentUri()); $tobestripped = array(System::getBaseUri(), "{$root}"); $path = str_replace($tobestripped, '', $parsedURL['path']); $path = trim($path, '/'); // split the path into a set of argument strings $args = explode('/', rtrim($path, '/')); // ensure that each argument is properly decoded foreach ($args as $k => $v) { $args[$k] = urldecode($v); } if (isset($args[0]) && self::isLangParam($args[0]) && in_array($args[0], self::getInstalledLanguages())) { $defaultLocale = $args[0]; } } $_this->setLocale($defaultLocale); $locale = $_this->getLocale(); } // exit if the language system hasnt yet fully initialised if (!$locale) { return false; } // prevent double loading if (array_key_exists($domain, $_this->domainCache[$locale])) { return true; } ZGettext::getInstance()->bindTextDomain($domain, $path); ZGettext::getInstance()->bindTextDomainCodeset($domain, $_this->encoding); $_this->domainCache[$locale][$domain] = true; return $_this->domainCache[$locale][$domain]; }
/** * Return some common user links * * Syntax used in menutree * {ext:Blocks:userlinks:[flat]} * Last param is optional * * This plugin generates a list of some common user links. The list looks as follows: * for loggedin users: * Your Account * Profile * Private Messages (if there is some message module) * Logout * for anonymous users: * Your Account * Login * Register * Lost Password * * If you provide an additional param extrainfo = flat, then the links are not grouped within * Your Accont element * * @param array $args['item'] menu node to be replaced * @param string $args['lang'] current menu language * @param string $args['extrainfo'] additional params - if 'flat' then return links ungrouped * @return mixed array of links if successful, false otherwise */ public function userlinks($args) { $dom = ZLanguage::getModuleDomain('menutree'); $item = isset($args['item']) && !empty($args['item']) ? $args['item'] : null; $lang = isset($args['lang']) && !empty($args['lang']) ? $args['lang'] : null; $extrainfo = isset($args['extrainfo']) && !empty($args['extrainfo']) ? $args['extrainfo'] : null; // $item ang lang params are required if (!$item || !$lang) { return false; } // get id for first element, use api func to aviod id conflicts inside menu $idoffset = Blocks_MenutreeUtil::getIdOffset($item['id']); $lineno = 0; // module config $profileModule = System::getVar('profilemodule') ? System::getVar('profilemodule') : 'Profile'; $profileModule = ModUtil::available($profileModule) ? $profileModule : null; $messageModule = System::getVar('messagemodule') ? System::getVar('messagemodule') : 'InterCom'; $messageModule = ModUtil::available($messageModule) ? $messageModule : null; $links = array(); // if $extrainfo if 'flat' - don't group links in your_account node if ($extrainfo != 'flat') { $links['your_account'] = array($lang => array('id' => $idoffset++, 'name' => $item['name'], 'href' => ModUtil::url($profileModule), 'title' => $item['title'], 'className' => $item['className'], 'state' => $item['state'], 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $item['parent'])); } // need to set parent node id - if links are grouped - use your_accont item id // otherwise parent id of replaced menu node $parentNode = $extrainfo != 'flat' ? $links['your_account'][$lang]['id'] : $item['parent']; if (UserUtil::isLoggedIn()) { $links['profile'] = array($lang => array('id' => $idoffset++, 'name' => __('Profile', $dom), 'href' => ModUtil::url($profileModule), 'title' => __('Profile', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode)); if (!is_null($messageModule)) { $links['messages'] = array($lang => array('id' => $idoffset++, 'name' => __('Private messages', $dom), 'href' => ModUtil::url($messageModule), 'title' => __('Private messages', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode)); } $links['logout'] = array($lang => array('id' => $idoffset++, 'name' => __('Logout', $dom), 'href' => ModUtil::url('Users', 'user', 'logout'), 'title' => __('Logout', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode)); } else { $serviceManager = ServiceUtil::getManager(); $request = $this->serviceManager->getService('request'); $loginArgs = array(); if ($request->isGet()) { $loginArgs['returnpage'] = urlencode(System::getCurrentUri()); } $links['login'] = array($lang => array('id' => $idoffset++, 'name' => __('Login', $dom), 'href' => ModUtil::url('Users', 'user', 'login', $loginArgs), 'title' => __('Login', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode)); $links['register'] = array($lang => array('id' => $idoffset++, 'name' => __('Register', $dom), 'href' => ModUtil::url('Users', 'user', 'register'), 'title' => __('Register', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode)); $links['lostpassword'] = array($lang => array('id' => $idoffset++, 'name' => __('Lost password', $dom), 'href' => ModUtil::url('Users', 'user', 'lostpassword'), 'title' => __('Lost password', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode)); } return $links; }
public function phpBBcall($args) { $this->throwForbiddenUnless(SecurityUtil::checkPermission('ZphpBB2::', '::', ACCESS_ADMIN), LogUtil::getErrorMsgPermission()); $url = System::getCurrentUri(); return $this->view->fetch('admin/call.tpl'); }
/** * Process results from IDS scan. * * @param IDS_Init $init PHPIDS init object reference. * @param IDS_Report $result The result object from PHPIDS. * * @return void */ private function _processIdsResult(IDS_Init $init, IDS_Report $result) { // $result contains any suspicious fields enriched with additional info // Note: it is moreover possible to dump this information by simply doing //"echo $result", calling the IDS_Report::$this->__toString() method implicitely. $requestImpact = $result->getImpact(); if ($requestImpact < 1) { // nothing to do return; } // update total session impact to track an attackers activity for some time $sessionImpact = SessionUtil::getVar('idsImpact', 0) + $requestImpact; SessionUtil::setVar('idsImpact', $sessionImpact); // let's see which impact mode we are using $idsImpactMode = System::getVar('idsimpactmode', 1); $idsImpactFactor = 1; if ($idsImpactMode == 1) { $idsImpactFactor = 1; } elseif ($idsImpactMode == 2) { $idsImpactFactor = 10; } elseif ($idsImpactMode == 3) { $idsImpactFactor = 5; } // determine our impact threshold values $impactThresholdOne = System::getVar('idsimpactthresholdone', 1) * $idsImpactFactor; $impactThresholdTwo = System::getVar('idsimpactthresholdtwo', 10) * $idsImpactFactor; $impactThresholdThree = System::getVar('idsimpactthresholdthree', 25) * $idsImpactFactor; $impactThresholdFour = System::getVar('idsimpactthresholdfour', 75) * $idsImpactFactor; $usedImpact = ($idsImpactMode == 1) ? $requestImpact : $sessionImpact; // react according to given impact if ($usedImpact > $impactThresholdOne) { // db logging // determine IP address of current user $_REMOTE_ADDR = System::serverGetVar('REMOTE_ADDR'); $_HTTP_X_FORWARDED_FOR = System::serverGetVar('HTTP_X_FORWARDED_FOR'); $ipAddress = ($_HTTP_X_FORWARDED_FOR) ? $_HTTP_X_FORWARDED_FOR : $_REMOTE_ADDR; $currentPage = System::getCurrentUri(); $currentUid = UserUtil::getVar('uid'); $intrusionItems = array(); foreach ($result as $event) { $eventName = $event->getName(); $malVar = explode(".", $eventName, 2); $filters = array(); foreach ($event as $filter) { array_push($filters, array( 'id' => $filter->getId(), 'description' => $filter->getDescription(), 'impact' => $filter->getImpact(), 'tags' => $filter->getTags(), 'rule' => $filter->getRule())); } $tagVal = $malVar[1]; $newIntrusionItem = array( 'name' => array($eventName), 'tag' => $tagVal, 'value' => $event->getValue(), 'page' => $currentPage, 'uid' => $currentUid, 'ip' => $ipAddress, 'impact' => $result->getImpact(), 'filters' => serialize($filters), 'date' => DateUtil::getDatetime() ); if (array_key_exists($tagVal, $intrusionItems)) { $intrusionItems[$tagVal]['name'][] = $newIntrusionItem['name'][0]; } else { $intrusionItems[$tagVal] = $newIntrusionItem; } } // log details to database foreach ($intrusionItems as $tag => $intrusionItem) { $intrusionItem['name'] = implode(", ", $intrusionItem['name']); // create new ZIntrusion instance $obj = new SecurityCenter_DBObject_Intrusion(); // set data $obj->setData($intrusionItem); // save object to db $obj->save(); } } if (System::getVar('idsmail') && ($usedImpact > $impactThresholdTwo)) { // mail admin // prepare mail text $mailBody = __('The following attack has been detected by PHPIDS') . "\n\n"; $mailBody .= __f('IP: %s', $ipAddress) . "\n"; $mailBody .= __f('UserID: %s', $currentUid) . "\n"; $mailBody .= __f('Date: %s', DateUtil::strftime(__('%b %d, %Y'), (time()))) . "\n"; if ($idsImpactMode == 1) { $mailBody .= __f('Request Impact: %d', $requestImpact) . "\n"; } else { $mailBody .= __f('Session Impact: %d', $sessionImpact) . "\n"; } $mailBody .= __f('Affected tags: %s', join(' ', $result->getTags())) . "\n"; $attackedParameters = ''; foreach ($result as $event) { $attackedParameters .= $event->getName() . '=' . urlencode($event->getValue()) . ", "; } $mailBody .= __f('Affected parameters: %s', trim($attackedParameters)) . "\n"; $mailBody .= __f('Request URI: %s', urlencode($currentPage)); // prepare other mail arguments $siteName = System::getVar('sitename'); $adminmail = System::getVar('adminmail'); $mailTitle = __('Intrusion attempt detected by PHPIDS'); if (ModUtil::available('Mailer')) { $args = array(); $args['fromname'] = $siteName; $args['fromaddress'] = $adminmail; $args['toname'] = 'Site Administrator'; $args['toaddress'] = $adminmail; $args['subject'] = $mailTitle; $args['body'] = $mailBody; $rc = ModUtil::apiFunc('Mailer', 'user', 'sendmessage', $args); } else { $headers = "From: $siteName <$adminmail>\n" ."X-Priority: 1 (Highest)"; System::mail($adminmail, $mailTitle, $mailBody, $headers); } } if ($usedImpact > $impactThresholdThree) { // block request if (System::getVar('idssoftblock')) { // warn only for debugging the ruleset LogUtil::registerError(__('Malicious request code / a hacking attempt was detected. This request has NOT been blocked!')); } else { throw new Zikula_Exception_Forbidden(__('Malicious request code / a hacking attempt was detected. Thus this request has been blocked.'), null, $result); } } return; }
include $phpbb_root_path . 'extension.inc'; include $phpbb_root_path . 'common.' . $phpEx; include $phpbb_root_path . 'includes/functions_post.' . $phpEx; $topic = isset($_POST['topic']) ? $_POST['topic'] : $_GET['topic']; $friendname = $_POST['friendname']; $message = $_POST['message']; // Begin PNphpBB2 Module $link = System::getBaseUrl() . append_sid("viewtopic") . "&" . $_GET['link']; // End PNphpBB2 Module $PHP_SELF = $_SERVER['PHP_SELF']; $userdata = session_pagestart($user_ip, PAGE_INDEX); init_userprefs($userdata); if (!$userdata['session_logged_in']) { // ZphpBB2 - use Zikula login and redirect //redirect(append_sid("login.$phpEx?redirect=tellafriend.$phpEx&topic=$topic_title&link=" . POST_TOPIC_URL . "=$topic_id", true)); System::redirect(ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri())))); // <= ZphpBB2 } $mail_body = str_replace("{TOPIC}", trim(stripslashes($topic)), $lang['Tell_Friend_Body']); $mail_body = str_replace("{LINK}", $link, $mail_body); $mail_body = str_replace("{SITENAME}", $board_config['sitename'], $mail_body); $template->assign_vars(array('L_TELL_FRIEND_TITLE' => $lang['Tell_Friend_Title'], 'L_TELL_FRIEND_EMAIL_MESSAGE' => $lang['Tell_Friend_Email_Message'], 'L_TELL_FRIEND_SENDER_USER' => $lang['Tell_Friend'], 'L_TELL_FRIEND_SENDER_USER' => $lang['Tell_Friend_Sender_User'], 'L_TELL_FRIEND_SENDER_EMAIL' => $lang['Tell_Friend_Sender_Email'], 'L_TELL_FRIEND_RECIEVER_USER' => $lang['Tell_Friend_Reciever_User'], 'L_TELL_FRIEND_RECIEVER_EMAIL' => $lang['Tell_Friend_Reciever_Email'], 'L_TELL_FRIEND_MSG' => $lang['Tell_Friend_Msg'], 'L_TELL_FRIEND_BODY' => $mail_body, 'SUBMIT_ACTION' => append_sid("tellafriend"), 'L_SUBMIT' => $lang['Send_email'], 'SITENAME' => $board_config['sitename'], 'TOPIC' => trim(stripslashes($topic)), 'LINK' => $link, 'SENDER_NAME' => DataUtil::formatForDisplay($userdata['username']), 'SENDER_MAIL' => $userdata['user_email'])); if (isset($_POST['submit'])) { $error = FALSE; if (!empty($_POST['friendemail']) && strpos($_POST['friendemail'], "@") > 0) { $friendemail = trim(stripslashes($_POST['friendemail'])); if (!$_POST['friendname']) { $friendname = substr($friendemail, 0, strpos($_POST['friendemail'], "@")); } } else { $error = TRUE;
/** * Get name of current top-level module. * * @return string The name of the current top-level module, false if not in a module. */ public static function getName() { if (!isset(self::$cache['modgetname'])) { self::$cache['modgetname'] = FormUtil::getPassedValue('module', null, 'GETPOST', FILTER_SANITIZE_STRING); if (empty(self::$cache['modgetname'])) { if (!System::getVar('startpage')) { self::$cache['modgetname'] = System::getVar('startpage'); } else { $baseUriLenght = strlen(System::getBaseUri()); $shortUrlPath = substr(System::getCurrentUri(), $baseUriLenght + 1); if (!empty($shortUrlPath) == 0) { self::$cache['modgetname'] = System::getVar('startpage'); } else { $args = explode('/', $shortUrlPath); self::$cache['modgetname'] = $args[0]; } } } // the parameters may provide the module alias so lets get // the real name from the db $modinfo = self::getInfo(self::getIdFromName(self::$cache['modgetname'])); if (isset($modinfo['name'])) { $type = FormUtil::getPassedValue('type', null, 'GETPOST', FILTER_SANITIZE_STRING); self::$cache['modgetname'] = $modinfo['name']; if ((!$type == 'init' || !$type == 'initeractiveinstaller') && !self::available(self::$cache['modgetname'])) { self::$cache['modgetname'] = System::getVar('startpage'); } } } return self::$cache['modgetname']; }
} } // End PNphpBB2 Module global $gen_simple_header; $template->set_filenames(array('overall_header' => empty($gen_simple_header) ? 'overall_header.tpl' : 'simple_header.tpl')); // // Generate logged in/logged out status // if ($userdata['session_logged_in']) { // ZphpBB2 => $u_login_logout = ModUtil::url('Users', 'user', 'logout', array('returnpage' => urlencode(System::getCurrentUri()))); $l_login_logout = $lang['Logout'] . ' [' . DataUtil::formatForDisplay($userdata['username']) . ']'; // <= ZphpBB2 } else { // ZphpBB2 => $u_login_logout = ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri()))); // <= ZphpBB2 $l_login_logout = $lang['Login']; } $s_last_visit = $userdata['session_logged_in'] ? create_date($board_config['default_dateformat'], $userdata['user_lastvisit'], $board_config['board_timezone']) : ''; // // Get basic (usernames + totals) online // situation // $logged_visible_online = 0; $logged_hidden_online = 0; $guests_online = 0; $online_userlist = ''; $l_online_users = ''; if (defined('SHOW_ONLINE')) { $user_forum_sql = !empty($forum_id) ? "AND s.session_page = " . intval($forum_id) : '';
/** * Check permissions. * * @return boolean */ public function checkpermissionsAction() { $returnto = $this->request->request->get('returnto', \System::getCurrentUri()); return $this->redirect($returnto); }
/** * Display a message indicating that the user's session has expired. * * @return string The rendered template. */ public function expiredSession() { $view = Zikula_View::getInstance($this->name, false); $view->assign('returnpage', urlencode(System::getCurrentUri())); return $view->fetch('users_userapi_expiredsession.tpl'); }
/** * Get current URI (and optionally add/replace some parameters) * * @deprecated Deprecated since version 1.3.0. * @see System::getCurrentUri() * * @access public * @param args array additional parameters to be added to/replaced in the URI (e.g. theme, ...) * @return string current URI */ function pnGetCurrentURI($args = array()) { LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array(__FUNCTION__, 'System::getCurrentUri')), E_USER_DEPRECATED); return System::getCurrentUri($args); }
/** * Register a failed permission check. * * This method calls registerError and then logs the failed permission check so that it can be analyzed later. * * @param string $url The URL to redirect to (optional) (default=null). * @param boolean $redirect Whether to redirect not logged in users to the login form (default=true). * * @return false */ public static function registerPermissionError($url = null, $redirect = true) { $code = 403; if (!UserUtil::isLoggedIn() && $redirect) { if (is_null($url)) { $request = ServiceUtil::get('request'); $loginArgs = array(); if ($request->isMethod('GET')) { $loginArgs['returnpage'] = urlencode(System::getCurrentUri()); } $url = ModUtil::url('ZikulaUsersModule', 'user', 'login', $loginArgs); } $code = null; } return self::registerError(self::getErrorMsgPermission(), $code, $url); }
} $forward_page .= $forward_match[$i]; } } // Begin PNphpBB2 Module // $forward_page = $forward_match[0] . '?' . $forward_page; $forward_page = $forward_match[0] . '&' . $forward_page; // End PNphpBB2 Module } else { $forward_page = $forward_match[0]; } } } $username = $userdata['user_id'] != ANONYMOUS ? $userdata['username'] : ''; // Begin PNphpBB2 Module // $s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />'; $s_hidden_fields = '<input type="hidden" name="url" value="' . append_sid($forward_page) . '">'; //$s_hidden_fields .= '<input type="hidden" name="module" value="NS-User">'; //$s_hidden_fields .= '<input type="hidden" name="module" value="Users">'; //$s_hidden_fields .= '<input type="hidden" name="func" value="login">'; // End PNphpBB2 Module $s_hidden_fields .= isset($_GET['admin']) ? '<input type="hidden" name="admin" value="1" />' : ''; $modinfo = ModUtil::getInfoFromName("ZphpBB2"); make_jumpbox('viewforum.' . $phpEx); $template->assign_vars(array('USERNAME' => DataUtil::formatForDisplay($username), 'L_ENTER_PASSWORD' => isset($_GET['admin']) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'], 'L_SEND_PASSWORD' => $lang['Forgotten_password'], 'U_SEND_PASSWORD' => ModUtil::url('Users', 'user', 'lostpassword'), 'S_LOGIN_ACTION' => ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri()))), 'AUTHID' => SecurityUtil::generateAuthKey("Users"), 'URL' => append_sid($forward_page), 'S_HIDDEN_FIELDS' => $s_hidden_fields)); $template->pparse('body'); include $phpbb_root_path . 'includes/page_tail.' . $phpEx; } else { redirect(append_sid("index.{$phpEx}", true)); } }
/** * do a simple check .. to see if the current URL is the menu item * * @param none * @return boolean */ function is_recent_page($url) { if (!empty($url)) { $uri = System::getCurrentUri(); if (is_integer(strpos($uri, $url))) { return true; } } return false; }
/** * For Private Messaging */ function privmsgs_attachment_mod($mode) { global $attach_config, $template, $lang, $userdata, $_POST, $phpbb_root_path, $phpEx, $db; global $confirm, $delete, $delete_all, $post_id, $privmsgs_id, $privmsg_id, $submit, $refresh, $mark_list, $folder; if ($folder != 'outbox') { $this->display_attach_box_limits(); } if (!intval($attach_config['allow_pm_attach'])) { return; } if (!$refresh) { $add_attachment_box = !empty($_POST['add_attachment_box']) ? TRUE : FALSE; $posted_attachments_box = !empty($_POST['posted_attachments_box']) ? TRUE : FALSE; $refresh = $add_attachment_box || $posted_attachments_box; } $post_id = $privmsgs_id; $result = $this->handle_attachments($mode, PAGE_PRIVMSGS); if ($result === false) { return; } $mark_list = get_var('mark', array(0)); if (($this->pm_delete_attachments || $delete) && sizeof($mark_list)) { if (!$userdata['session_logged_in']) { // ZphpBB2 - use Zikula login and redirect //redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); System::redirect(ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri())))); // <= ZphpBB2 exit; } if (sizeof($mark_list)) { $delete_sql_id = ''; for ($i = 0; $i < sizeof($mark_list); $i++) { $delete_sql_id .= ($delete_sql_id != '' ? ', ' : '') . intval($mark_list[$i]); } if (($this->pm_delete_attachments || $confirm) && !$delete_all) { delete_attachment($delete_sql_id, 0, PAGE_PRIVMSGS); } } } if ($submit || $refresh || $mode != '') { $this->display_attachment_bodies(); } }
// Start output of page // define('SHOW_ONLINE', true); $page_title = $lang['Index']; include $phpbb_root_path . 'includes/page_header.' . $phpEx; $template->set_filenames(array('body' => 'index_body.tpl')); // Begin PNphpBB2 Categories Hierarchie Mod if ($nav_cat_desc != "") { $nav_cat_desc = $nav_separator . $nav_cat_desc; } $mark = $viewcat == -1 ? '' : '&' . POST_CAT_URL . '=' . $viewcat; // End PNphpBB2 Categories Hierarchie Mod $template->assign_vars(array('TOTAL_POSTS' => sprintf($l_total_post_s, $total_posts), 'TOTAL_USERS' => sprintf($l_total_user_s, $total_users), 'NEWEST_USER' => sprintf($lang['Newest_user'], '<a href="' . append_sid("profile.{$phpEx}?mode=viewprofile&" . POST_USERS_URL . "={$newest_uid}") . '">', DataUtil::formatForDisplay($newest_user), '</a>'), 'FORUM_IMG' => $images['forum'], 'FORUM_NEW_IMG' => $images['forum_new'], 'FORUM_LOCKED_IMG' => $images['forum_locked'], 'WHOSONLINE' => $images['whosonline'], 'L_POSTED' => $lang['Posted'], 'L_LEGEND' => $lang['Legend'], 'L_FORUM' => $lang['Forum'], 'L_TOPICS' => $lang['Topics'], 'L_REPLIES' => $lang['Replies'], 'L_VIEWS' => $lang['Views'], 'L_POSTS' => $lang['Posts'], 'L_LASTPOST' => $lang['Last_Post'], 'L_NO_NEW_POSTS' => $lang['No_new_posts'], 'L_NEW_POSTS' => $lang['New_posts'], 'L_NO_NEW_POSTS_LOCKED' => $lang['No_new_posts_locked'], 'L_NEW_POSTS_LOCKED' => $lang['New_posts_locked'], 'L_ONLINE_EXPLAIN' => $lang['Online_explain'], 'L_MODERATOR' => $lang['Moderators'], 'L_FORUM_LOCKED' => $lang['Forum_is_locked'], 'L_MARK_FORUMS_READ' => $lang['Mark_all_forums'], 'U_MARK_READ' => append_sid("index.{$phpEx}?mark=forums{$mark}"))); // ZphpBB2 => if (!$userdata['session_logged_in']) { $template->assign_vars(array('ZLOGIN_CSRFTOKEN' => SecurityUtil::generateCsrfToken(), 'ZLOGIN_RETURNPAGE' => DataUtil::formatForDisplay(System::getCurrentUri()))); } // <= ZphpBB2 // Begin PNphpBB2 Module if (!$board_config['pnphpbb2_members_online'] && (!$board_config['pnphpbb2_members_online_annon'] || $userdata['session_logged_in'])) { $template->assign_block_vars('switch_members_online', array()); } // End PNphpBB2 Module // Begin PNphpBB2 Module (Announcements) if ($board_config['pnphpbb2_enable_announce'] == 1) { // $announcement_duration = 7; if (isset($board_config['pnphpbb2_announcement_duration'])) { $announcement_duration = $board_config['pnphpbb2_announcement_duration']; } $time_floor = $announcement_duration == 0 ? 0 : time() - ($announcement_duration - 1) * 24 * 3600;
/** * Prepare a menu item array * * @param title menu item title * @param url menu item url * @param comment menu item comment */ public function addMenuItem($title, $url, $comment) { static $uri; if (!isset($uri)) { $uri = System::getCurrentUri(); } if (!isset($title) || $title == '') { $title = ' '; } $itemselected = false; // do a simple check .. to see if the current URL is the menu item if (!empty($url)) { if (is_integer(strpos($uri, $url))) { $itemselected = true; } } // allow a simple portable way to link to the home page of the site if ($url == '{homepage}') { $url = System::getBaseUrl(); } elseif (!empty($url)) { if ($url[0] == '{') { $url = explode(':', substr($url, 1, - 1)); // url[0] should be the module name if (isset($url[0]) && !empty($url[0])) { $modname = $url[0]; // default values $type = 'user'; $func = 'main'; $params = array(); // url[1] can be a function or function¶m=value if (isset($url[1]) && !empty($url[1])) { $urlparts = explode('&', $url[1]); $func = $urlparts[0]; unset($urlparts[0]); if (count($urlparts) > 0) { foreach ($urlparts as $urlpart) { $part = explode('=', $urlpart); $params[trim($part[0])] = trim($part[1]); } } // addon: url[2] can be the type parameter, default 'user' $type = (isset($url[2]) && !empty($url[2])) ? $url[2] : 'user'; } // build the url $url = ModUtil::url($modname, $type, $func, $params); } } } $item = array('MENUITEMTITLE' => $title, 'MENUITEMURL' => $url, 'MENUITEMCOMMENT' => DataUtil::formatForDisplay($comment), 'MENUITEMSELECTED' => $itemselected); return $item; }