/** * Get the url for the post * * @param string|bool $action An action (anchor will not be included if an action is sent) * @param bool $use_anchor False to leave the anchor off of the URL */ public function get_url($action = false, $use_anchor = true) { $base = $append = false; titania_url::split_base_params($base, $append, $this->post_url); $append['p'] = $this->post_id; if ($action) { $append['action'] = $action; } else { if ($use_anchor) { $append['#p'] = $this->post_id; } } return titania_url::build_url($base, $append); }
{ $url_params = substr($url_base, (strrpos($url_base, '/') + 1)); $url_base = substr($url_base, 0, (strrpos($url_base, '/') + 1)); } phpbb::$template->assign_block_vars('searchresults', array( 'TOPIC_TITLE' => censor_text($document->title), 'TOPIC_AUTHOR_FULL' => users_overlord::get_user($document->author, '_full'), 'FIRST_POST_TIME' => phpbb::$user->format_date($document->date), 'U_VIEW_TOPIC' => titania_url::build_url($url_base, $url_params), 'S_TOPIC_REPORTED' => ($document->reported) ? true : false, //'S_TOPIC_UNAPPROVED' => (!$document->approved) ? true : false, )); } break; default : */ foreach ($results['documents'] as $document) { $url_base = $url_params = ''; titania_url::split_base_params($url_base, $url_params, $document->url); phpbb::$template->assign_block_vars('searchresults', array('POST_SUBJECT' => censor_text($document->title), 'MESSAGE' => titania_generate_text_for_display($document->text, $document->text_uid, $document->text_bitfield, $document->text_options), 'POST_AUTHOR_FULL' => $document->author ? users_overlord::get_user($document->author, '_full') : false, 'POST_DATE' => $document->date ? phpbb::$user->format_date($document->date) : false, 'U_VIEW_POST' => titania_url::build_url($url_base, $url_params), 'S_POST_REPORTED' => $document->reported ? true : false)); } /* break; }*/ $sort->build_pagination(titania_url::$current_page, titania_url::$params); titania::page_header('SEARCH'); phpbb::$template->assign_vars(array('SEARCH_WORDS' => $keywords, 'SEARCH_MATCHES' => $sort->total == 1 ? sprintf(phpbb::$user->lang['FOUND_SEARCH_MATCH'], $sort->total) : sprintf(phpbb::$user->lang['FOUND_SEARCH_MATCHES'], $sort->total), 'U_SEARCH_WORDS' => titania_url::build_url(titania_url::$current_page, titania_url::$params), 'U_SEARCH' => titania_url::build_url($mode == 'find-contribution' ? 'find-contribution' : 'search'), 'S_IN_SEARCH' => true, 'S_SEARCH_ACTION' => titania_url::$current_page_url)); titania::page_footer(true, 'search_results.html');
/** * Get the URL for the item needing attention * * @return string the built url */ public function get_url() { $base = $append = false; titania_url::split_base_params($base, $append, $this->attention_url); return titania_url::build_url($base, $append); }
/** * Generate login box or verify password */ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) { self::_include('captcha/captcha_factory', 'phpbb_captcha_factory'); self::$user->add_lang('ucp'); $err = ''; // Make sure user->setup() has been called if (empty(self::$user->lang)) { self::$user->setup(); } // Print out error if user tries to authenticate as an administrator without having the privileges... if ($admin && !self::$auth->acl_get('a_')) { // Not authd // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } trigger_error('NO_AUTH_ADMIN'); } if (isset($_POST['login'])) { // Get credential if ($admin) { $credential = request_var('credential', ''); if (strspn($credential, 'abcdef0123456789') !== strlen($credential) || strlen($credential) != 32) { if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } trigger_error('NO_AUTH_ADMIN'); } $password = request_var('password_' . $credential, '', true); } else { $password = request_var('password', '', true); } $username = request_var('username', '', true); $autologin = !empty($_POST['autologin']) ? true : false; $viewonline = !empty($_POST['viewonline']) ? 0 : 1; $admin = $admin ? 1 : 0; $viewonline = $admin ? self::$user->data['session_viewonline'] : $viewonline; // Check if the supplied username is equal to the one stored within the database if re-authenticating if ($admin && utf8_clean_string(self::$username) != utf8_clean_string(self::$user->data['username'])) { // We log the attempt to use a different username... add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); trigger_error('NO_AUTH_ADMIN_USER_DIFFER'); } // If authentication is successful we redirect user to previous page $result = self::$auth->login($username, $password, $autologin, $viewonline, $admin); // If admin authentication and login, we will log if it was a success or not... // We also break the operation on the first non-success login - it could be argued that the user already knows if ($admin) { if ($result['status'] == LOGIN_SUCCESS) { add_log('admin', 'LOG_ADMIN_AUTH_SUCCESS'); } else { // Only log the failed attempt if a real user tried to. // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } } } // The result parameter is always an array, holding the relevant information... if ($result['status'] == LOGIN_SUCCESS) { $redirect = request_var('redirect', ''); if ($redirect) { $redirect = titania_url::unbuild_url($redirect); $base = $append = false; titania_url::split_base_params($base, $append, $redirect); redirect(titania_url::build_url($base, $append)); } else { redirect(titania_url::build_url(titania_url::$current_page, titania_url::$params)); } } // Something failed, determine what... if ($result['status'] == LOGIN_BREAK) { trigger_error($result['error_msg']); } // Special cases... determine switch ($result['status']) { case LOGIN_ERROR_ATTEMPTS: $captcha = phpbb_captcha_factory::get_instance(self::$config['captcha_plugin']); $captcha->init(CONFIRM_LOGIN); // $captcha->reset(); // Parse the captcha template self::reset_template(); self::$template->set_filenames(array('captcha' => $captcha->get_template())); // Correct confirm image link self::$template->assign_var('CONFIRM_IMAGE_LINK', self::append_sid('ucp', 'mode=confirm&confirm_id=' . $captcha->confirm_id . '&type=' . $captcha->type)); self::$template->assign_display('captcha', 'CAPTCHA', false); titania::set_custom_template(); $err = self::$user->lang[$result['error_msg']]; break; case LOGIN_ERROR_PASSWORD_CONVERT: $err = sprintf(self::$user->lang[$result['error_msg']], self::$config['email_enable'] ? '<a href="' . self::append_sid('ucp', 'mode=sendpassword') . '">' : '', self::$config['email_enable'] ? '</a>' : '', self::$config['board_contact'] ? '<a href="mailto:' . htmlspecialchars(self::$config['board_contact']) . '">' : '', self::$config['board_contact'] ? '</a>' : ''); break; // Username, password, etc... // Username, password, etc... default: $err = self::$user->lang[$result['error_msg']]; // Assign admin contact to some error messages if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') { $err = !self::$config['board_contact'] ? sprintf(self::$user->lang[$result['error_msg']], '', '') : sprintf(self::$user->lang[$result['error_msg']], '<a href="mailto:' . htmlspecialchars(self::$config['board_contact']) . '">', '</a>'); } break; } } // Assign credential for username/password pair $credential = $admin ? md5(unique_id()) : false; $s_hidden_fields = array('sid' => self::$user->session_id); if ($redirect) { $s_hidden_fields['redirect'] = $redirect; } if ($admin) { $s_hidden_fields['credential'] = $credential; } $s_hidden_fields = build_hidden_fields($s_hidden_fields); titania::page_header('LOGIN'); self::$template->assign_vars(array('LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, 'U_SEND_PASSWORD' => self::$config['email_enable'] ? self::append_sid('ucp', 'mode=sendpassword') : '', 'U_RESEND_ACTIVATION' => self::$config['require_activation'] == USER_ACTIVATION_SELF && self::$config['email_enable'] ? self::append_sid('ucp', 'mode=resend_act') : '', 'U_TERMS_USE' => self::append_sid('ucp', 'mode=terms'), 'U_PRIVACY' => self::append_sid('ucp', 'mode=privacy'), 'S_DISPLAY_FULL_LOGIN' => $s_display ? true : false, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_ADMIN_AUTH' => $admin, 'USERNAME' => $admin ? self::$user->data['username'] : '', 'USERNAME_CREDENTIAL' => 'username', 'PASSWORD_CREDENTIAL' => $admin ? 'password_' . $credential : 'password')); titania::page_footer(true, 'login_body.html'); }
/** * Delete a topic * * @param int $topic_id * @param bool $hard_delete Hard delete or just soft delete? */ public function delete_topic($topic_id, $hard_delete = false) { titania::add_lang('posting'); phpbb::$user->add_lang('mcp'); // Load the stuff we need $topic_object = $this->load_topic($topic_id); // Auth check $is_authed = false; if (phpbb::$auth->acl_get('u_titania_mod_post_mod')) { $is_authed = true; } else { if (!$hard_delete && phpbb::$auth->acl_get('u_titania_post_mod_own')) { if (is_object(titania::$contrib) && titania::$contrib->contrib_id == $topic_object->parent_id && titania::$contrib->is_author || titania::$contrib->is_active_coauthor) { $is_authed = true; } else { if (!is_object(titania::$contrib) || !titania::$contrib->contrib_id == $topic_object->parent_id) { $contrib = new titania_contribution(); $contrib->load((int) $topic_object->parent_id); if ($contrib->is_author || $contrib->is_active_coauthor) { $is_authed = true; } } } } } // Check permissions if (!$is_authed) { titania::needs_auth(); } if (titania::confirm_box(true)) { if ($hard_delete) { $base = $append = false; titania_url::split_base_params($base, $append, $topic_object->topic_url); $topic_object->delete(); redirect(titania_url::build_url($base, $append)); } else { $topic_object->soft_delete(); redirect($topic_object->get_url()); } } else { if ($hard_delete) { titania::confirm_box(false, 'HARD_DELETE_TOPIC'); } else { titania::confirm_box(false, 'SOFT_DELETE_TOPIC'); } } redirect($topic_object->get_url()); }