public function display()
{
if (!$this->user->is_guest) {
header('Location: ' . Url::base());
exit;
}
// Antispam feature
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/antispam.php';
$index_questions = rand(0, count($lang_antispam_questions) - 1);
// Display an error message if new registrations are disabled
// If $_REQUEST['username'] or $_REQUEST['password'] are filled, we are facing a bot
if ($this->config['o_regs_allow'] == '0' || $this->request->post('username') || $this->request->post('password')) {
throw new Error(__('No new regs'), 403);
}
$user['timezone'] = isset($user['timezone']) ? $user['timezone'] : $this->config['o_default_timezone'];
$user['dst'] = isset($user['dst']) ? $user['dst'] : $this->config['o_default_dst'];
$user['email_setting'] = isset($user['email_setting']) ? $user['email_setting'] : $this->config['o_default_email_setting'];
$user['errors'] = '';
if ($this->feather->request()->isPost()) {
$user = $this->model->check_for_errors();
// Did everything go according to plan? Insert the user
if (empty($user['errors'])) {
$this->model->insert_user($user);
}
}
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Register')), 'focus_element' => array('register', 'req_user'), 'required_fields' => array('req_user' => __('Username'), 'req_password1' => __('Password'), 'req_password2' => __('Confirm pass'), 'req_email1' => __('Email'), 'req_email2' => __('Email') . ' 2', 'captcha' => __('Robot title')), 'active_page' => 'register', 'is_indexed' => true, 'errors' => $user['errors'], 'index_questions' => $index_questions, 'languages' => \FeatherBB\Core\Lister::getLangs(), 'question' => array_keys($lang_antispam_questions), 'qencoded' => md5(array_keys($lang_antispam_questions)[$index_questions])))->addTemplate('register/form.php')->display();
}
?>
"<?php
echo $button_status;
?>
/> <input type="submit" name="delete_posts" value="<?php
_e('Delete');
?>
"<?php
echo $button_status;
?>
/></p>
<div class="clearer"></div>
</div>
<ul class="crumbs">
<li><a href="<?php
echo Url::base();
?>
"><?php
_e('Index');
?>
</a></li>
<li><span>» </span><a href="<?php
echo Router::pathFor('Forum', ['id' => $fid, 'name' => $url_forum]);
?>
"><?php
echo Utils::escape($cur_topic['forum_name']);
?>
</a></li>
<li><span>» </span><a href="<?php
echo Router::pathFor('Topic', ['id' => $id, 'name' => $url_topic]);
?>
echo "\t\t\t\t\t\t" . '</tr>' . "\n";
}
?>
<tr>
<td class="tcl" colspan="2"><?php
echo sprintf(__('Total query time'), round($queries_info['total_time'], 7)) . ' s';
?>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<?php
}
?>
</section>
</body>
<!-- JS -->
<?php
foreach ($assets['js'] as $script) {
echo '<script ';
foreach ($script['params'] as $key => $value) {
echo $key . '="' . $value . '" ';
}
echo 'src="' . Url::base() . '/' . $script['file'] . '"/></script>' . "\n";
}
?>
</html>
public function print_posts($topic_id, $start_from, $cur_topic, $is_admmod)
{
$post_data = array();
$post_data = Container::get('hooks')->fire('model.topic.print_posts_start', $post_data, $topic_id, $start_from, $cur_topic, $is_admmod);
$post_count = 0;
// Keep track of post numbers
// Retrieve a list of post IDs, LIMIT is (really) expensive so we only fetch the IDs here then later fetch the remaining data
$result = DB::for_table('posts')->select('id')->where('topic_id', $topic_id)->order_by('id')->limit(User::get()->disp_topics)->offset($start_from);
$result = Container::get('hooks')->fireDB('model.topic.print_posts_ids_query', $result);
$result = $result->find_many();
$post_ids = array();
foreach ($result as $cur_post_id) {
$post_ids[] = $cur_post_id['id'];
}
if (empty($post_ids)) {
throw new Error('The post table and topic table seem to be out of sync!', 500);
}
// Retrieve the posts (and their respective poster/online status)
$result['select'] = array('u.email', 'u.title', 'u.url', 'u.location', 'u.signature', 'u.email_setting', 'u.num_posts', 'u.registered', 'u.admin_note', 'p.id', 'username' => 'p.poster', 'p.poster_id', 'p.poster_ip', 'p.poster_email', 'p.message', 'p.hide_smilies', 'p.posted', 'p.edited', 'p.edited_by', 'g.g_id', 'g.g_user_title', 'g.g_promote_next_group', 'is_online' => 'o.user_id');
$result = DB::for_table('posts')->table_alias('p')->select_many($result['select'])->inner_join('users', array('u.id', '=', 'p.poster_id'), 'u')->inner_join('groups', array('g.g_id', '=', 'u.group_id'), 'g')->raw_join('LEFT OUTER JOIN ' . ForumSettings::get('db_prefix') . 'online', "o.user_id!=1 AND o.idle=0 AND o.user_id=u.id", 'o')->where_in('p.id', $post_ids)->order_by('p.id');
$result = Container::get('hooks')->fireDB('model.topic.print_posts_query', $result);
$result = $result->find_array();
foreach ($result as $cur_post) {
$post_count++;
$cur_post['user_avatar'] = '';
$cur_post['user_info'] = array();
$cur_post['user_contacts'] = array();
$cur_post['post_actions'] = array();
$cur_post['is_online_formatted'] = '';
$cur_post['signature_formatted'] = '';
// If the poster is a registered user
if ($cur_post['poster_id'] > 1) {
if (User::get()->g_view_users == '1') {
$cur_post['username_formatted'] = '<a href="' . Url::base() . '/user/' . $cur_post['poster_id'] . '/">' . Utils::escape($cur_post['username']) . '</a>';
} else {
$cur_post['username_formatted'] = Utils::escape($cur_post['username']);
}
$cur_post['user_title_formatted'] = Utils::get_title($cur_post);
if (ForumSettings::get('o_censoring') == '1') {
$cur_post['user_title_formatted'] = Utils::censor($cur_post['user_title_formatted']);
}
// Format the online indicator
$cur_post['is_online_formatted'] = $cur_post['is_online'] == $cur_post['poster_id'] ? '<strong>' . __('Online') . '</strong>' : '<span>' . __('Offline') . '</span>';
if (ForumSettings::get('o_avatars') == '1' && User::get()->show_avatars != '0') {
if (isset($avatar_cache[$cur_post['poster_id']])) {
$cur_post['user_avatar'] = $avatar_cache[$cur_post['poster_id']];
} else {
$cur_post['user_avatar'] = $avatar_cache[$cur_post['poster_id']] = Utils::generate_avatar_markup($cur_post['poster_id']);
}
}
// We only show location, register date, post count and the contact links if "Show user info" is enabled
if (ForumSettings::get('o_show_user_info') == '1') {
if ($cur_post['location'] != '') {
if (ForumSettings::get('o_censoring') == '1') {
$cur_post['location'] = Utils::censor($cur_post['location']);
}
$cur_post['user_info'][] = '<dd><span>' . __('From') . ' ' . Utils::escape($cur_post['location']) . '</span></dd>';
}
$cur_post['user_info'][] = '<dd><span>' . __('Registered topic') . ' ' . Utils::format_time($cur_post['registered'], true) . '</span></dd>';
if (ForumSettings::get('o_show_post_count') == '1' || User::get()->is_admmod) {
$cur_post['user_info'][] = '<dd><span>' . __('Posts topic') . ' ' . Utils::forum_number_format($cur_post['num_posts']) . '</span></dd>';
}
// Now let's deal with the contact links (Email and URL)
if (($cur_post['email_setting'] == '0' && !User::get()->is_guest || User::get()->is_admmod) && User::get()->g_send_email == '1') {
$cur_post['user_contacts'][] = '<span class="email"><a href="mailto:' . Utils::escape($cur_post['email']) . '">' . __('Email') . '</a></span>';
} elseif ($cur_post['email_setting'] == '1' && !User::get()->is_guest && User::get()->g_send_email == '1') {
$cur_post['user_contacts'][] = '<span class="email"><a href="' . Router::pathFor('email', ['id' => $cur_post['poster_id']]) . '">' . __('Email') . '</a></span>';
}
if ($cur_post['url'] != '') {
if (ForumSettings::get('o_censoring') == '1') {
$cur_post['url'] = Utils::censor($cur_post['url']);
}
$cur_post['user_contacts'][] = '<span class="website"><a href="' . Utils::escape($cur_post['url']) . '" rel="nofollow">' . __('Website') . '</a></span>';
}
}
if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && User::get()->g_mod_promote_users == '1') {
if ($cur_post['g_promote_next_group']) {
$cur_post['user_info'][] = '<dd><span><a href="' . Url::base() . '/user/' . $cur_post['poster_id'] . '/action/promote/pid/' . $cur_post['id'] . '">' . __('Promote user') . '</a></span></dd>';
}
}
if (User::get()->is_admmod) {
$cur_post['user_info'][] = '<dd><span><a href="' . Router::pathFor('getPostHost', ['pid' => $cur_post['id']]) . '" title="' . Utils::escape($cur_post['poster_ip']) . '">' . __('IP address logged') . '</a></span></dd>';
if ($cur_post['admin_note'] != '') {
$cur_post['user_info'][] = '<dd><span>' . __('Note') . ' <strong>' . Utils::escape($cur_post['admin_note']) . '</strong></span></dd>';
}
}
} else {
$cur_post['username_formatted'] = Utils::escape($cur_post['username']);
$cur_post['user_title_formatted'] = Utils::get_title($cur_post);
if (User::get()->is_admmod) {
$cur_post['user_info'][] = '<dd><span><a href="' . Router::pathFor('getPostHost', ['pid' => $cur_post['id']]) . '" title="' . Utils::escape($cur_post['poster_ip']) . '">' . __('IP address logged') . '</a></span></dd>';
}
if (ForumSettings::get('o_show_user_info') == '1' && $cur_post['poster_email'] != '' && !User::get()->is_guest && User::get()->g_send_email == '1') {
$cur_post['user_contacts'][] = '<span class="email"><a href="mailto:' . Utils::escape($cur_post['poster_email']) . '">' . __('Email') . '</a></span>';
}
}
// Generation post action array (quote, edit, delete etc.)
if (!$is_admmod) {
if (!User::get()->is_guest) {
$cur_post['post_actions'][] = '<li class="postreport"><span><a href="' . Router::pathFor('report', ['id' => $cur_post['id']]) . '">' . __('Report') . '</a></span></li>';
}
if ($cur_topic['closed'] == '0') {
if ($cur_post['poster_id'] == User::get()->id) {
if ($start_from + $post_count == 1 && User::get()->g_delete_topics == '1' || $start_from + $post_count > 1 && User::get()->g_delete_posts == '1') {
$cur_post['post_actions'][] = '<li class="postdelete"><span><a href="' . Router::pathFor('deletePost', ['id' => $cur_post['id']]) . '">' . __('Delete') . '</a></span></li>';
}
if (User::get()->g_edit_posts == '1') {
$cur_post['post_actions'][] = '<li class="postedit"><span><a href="' . Router::pathFor('editPost', ['id' => $cur_post['id']]) . '">' . __('Edit') . '</a></span></li>';
}
}
if ($cur_topic['post_replies'] == '' && User::get()->g_post_replies == '1' || $cur_topic['post_replies'] == '1') {
$cur_post['post_actions'][] = '<li class="postquote"><span><a href="' . Router::pathFor('newQuoteReply', ['tid' => $topic_id, 'qid' => $cur_post['id']]) . '">' . __('Quote') . '</a></span></li>';
}
}
} else {
$cur_post['post_actions'][] = '<li class="postreport"><span><a href="' . Router::pathFor('report', ['id' => $cur_post['id']]) . '">' . __('Report') . '</a></span></li>';
if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || !in_array($cur_post['poster_id'], $admin_ids)) {
$cur_post['post_actions'][] = '<li class="postdelete"><span><a href="' . Router::pathFor('deletePost', ['id' => $cur_post['id']]) . '">' . __('Delete') . '</a></span></li>';
$cur_post['post_actions'][] = '<li class="postedit"><span><a href="' . Router::pathFor('editPost', ['id' => $cur_post['id']]) . '">' . __('Edit') . '</a></span></li>';
}
$cur_post['post_actions'][] = '<li class="postquote"><span><a href="' . Router::pathFor('newQuoteReply', ['tid' => $topic_id, 'qid' => $cur_post['id']]) . '">' . __('Quote') . '</a></span></li>';
}
// Perform the main parsing of the message (BBCode, smilies, censor words etc)
$cur_post['message'] = Container::get('parser')->parse_message($cur_post['message'], $cur_post['hide_smilies']);
// Do signature parsing/caching
if (ForumSettings::get('o_signatures') == '1' && $cur_post['signature'] != '' && User::get()->show_sig != '0') {
// if (isset($avatar_cache[$cur_post['poster_id']])) {
// $cur_post['signature_formatted'] = $avatar_cache[$cur_post['poster_id']];
// } else {
$cur_post['signature_formatted'] = Container::get('parser')->parse_signature($cur_post['signature']);
// $avatar_cache[$cur_post['poster_id']] = $cur_post['signature_formatted'];
// }
}
$cur_post = Container::get('hooks')->fire('model.print_posts.one', $cur_post);
$post_data[] = $cur_post;
}
$post_data = Container::get('hooks')->fire('model.topic.print_posts', $post_data);
return $post_data;
}
<p><a name="img"></a><?php
_e('Images info');
?>
</p>
dede
<p><code>[img=<?php
_e('FeatherBB bbcode test');
?>
]<?php
echo Utils::escape(Url::base(true));
?>
/style/img/logo.png[/img]</code> <?php
_e('produces');
?>
<samp><img style="height: 21px" src="<?php
echo Utils::escape(Url::base(true));
?>
/style/img/logo.png" alt="<?php
_e('FeatherBB bbcode test');
?>
" /></samp></p>
</div>
</div>
<h2><span><?php
_e('Quotes');
?>
</span></h2>
<div class="box">
<div class="inbox">
<p><?php
_e('Quotes info');
public function change_email($id)
{
$id = Container::get('hooks')->fire('model.profile.change_email_start', $id);
// Make sure we are allowed to change this user's email
if (User::get()->id != $id) {
$id = Container::get('hooks')->fire('model.profile.change_email_not_id', $id);
if (!User::get()->is_admmod) {
// A regular user trying to change another user's email?
throw new Error(__('No permission'), 403);
} elseif (User::get()->g_moderator == '1') {
// A moderator trying to change a user's email?
$user['select'] = array('u.group_id', 'g.g_moderator');
$user = DB::for_table('users')->table_alias('u')->select_many($user['select'])->inner_join('groups', array('g.g_id', '=', 'u.group_id'), 'g')->where('u.id', $id);
$user = Container::get('hooks')->fireDB('model.profile.change_email_not_id_query', $user);
$user = $user->find_one();
if (!$user) {
throw new Error(__('Bad request'), 404);
}
if (User::get()->g_mod_edit_users == '0' || User::get()->g_mod_change_passwords == '0' || $user['group_id'] == ForumEnv::get('FEATHER_ADMIN') || $user['g_moderator'] == '1') {
throw new Error(__('No permission'), 403);
}
}
}
if (Input::query('key')) {
$key = Input::query('key');
$key = Container::get('hooks')->fire('model.profile.change_email_key', $key);
$new_email_key = DB::for_table('users')->where('id', $id);
$new_email_key = Container::get('hooks')->fireDB('model.profile.change_email_key_query', $new_email_key);
$new_email_key = $new_email_key->find_one_col('activate_key');
if ($key == '' || $key != $new_email_key) {
throw new Error(__('Email key bad') . ' <a href="mailto:' . Utils::escape(ForumSettings::get('o_admin_email')) . '">' . Utils::escape(ForumSettings::get('o_admin_email')) . '</a>.', 400);
} else {
$update_mail = DB::for_table('users')->where('id', $id)->find_one()->set_expr('email', 'activate_string')->set_expr('activate_string', 'NULL')->set_expr('activate_key', 'NULL');
$update_mail = Container::get('hooks')->fireDB('model.profile.change_email_query', $update_mail);
$update_mail = $update_mail->save();
return Router::redirect(Router::pathFor('home'), __('Email updated'));
}
} elseif (Request::isPost()) {
Container::get('hooks')->fire('model.profile.change_email_post');
if (Random::hash(Input::post('req_password')) !== User::get()->password) {
throw new Error(__('Wrong pass'));
}
// Validate the email address
$new_email = strtolower(Utils::trim(Input::post('req_new_email')));
$new_email = Container::get('hooks')->fire('model.profile.change_email_new_email', $new_email);
if (!Container::get('email')->is_valid_email($new_email)) {
throw new Error(__('Invalid email'), 400);
}
// Check if it's a banned email address
if (Container::get('email')->is_banned_email($new_email)) {
if (ForumSettings::get('p_allow_banned_email') == '0') {
throw new Error(__('Banned email'), 403);
} elseif (ForumSettings::get('o_mailing_list') != '') {
// Load the "banned email change" template
$mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/banned_email_change.tpl'));
$mail_tpl = Container::get('hooks')->fire('model.profile.change_email_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = Container::get('hooks')->fire('model.profile.change_email_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', User::get()->username, $mail_message);
$mail_message = str_replace('<email>', $new_email, $mail_message);
$mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $id]), $mail_message);
$mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = Container::get('hooks')->fire('model.profile.change_email_mail_message', $mail_message);
Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message);
}
}
// Check if someone else already has registered with that email address
$result['select'] = array('id', 'username');
$result = DB::for_table('users')->select_many($result['select'])->where('email', $new_email);
$result = Container::get('hooks')->fireDB('model.profile.change_email_check_mail', $result);
$result = $result->find_many();
if ($result) {
if (ForumSettings::get('p_allow_dupe_email') == '0') {
throw new Error(__('Dupe email'), 400);
} elseif (ForumSettings::get('o_mailing_list') != '') {
foreach ($result as $cur_dupe) {
$dupe_list[] = $cur_dupe['username'];
}
// Load the "dupe email change" template
$mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/dupe_email_change.tpl'));
$mail_tpl = Container::get('hooks')->fire('model.profile.change_email_mail_dupe_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = Container::get('hooks')->fire('model.profile.change_email_mail_dupe_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', User::get()->username, $mail_message);
$mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message);
$mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $id]), $mail_message);
$mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = Container::get('hooks')->fire('model.profile.change_email_mail_dupe_message', $mail_message);
Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message);
}
}
$new_email_key = Random::pass(8);
$new_email_key = Container::get('hooks')->fire('model.profile.change_email_new_email_key', $new_email_key);
// Update the user
unset($user);
$user['update'] = array('activate_string' => $new_email, 'activate_key' => $new_email_key);
$user = DB::for_table('users')->where('id', tid)->find_one()->set($user['update']);
$user = Container::get('hooks')->fireDB('model.profile.change_email_user_query', $user);
$user = $user->save();
// Load the "activate email" template
$mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/activate_email.tpl'));
$mail_tpl = Container::get('hooks')->fire('model.profile.change_email_mail_activate_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = Container::get('hooks')->fire('model.profile.change_email_mail_activate_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', User::get()->username, $mail_message);
$mail_message = str_replace('<base_url>', Url::base(), $mail_message);
$mail_message = str_replace('<activation_url>', Router::pathFor('profileAction', ['id' => $id, 'action' => 'change_email']) . '?key=' . $new_email_key, $mail_message);
$mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = Container::get('hooks')->fire('model.profile.change_email_mail_activate_message', $mail_message);
Container::get('email')->feather_mail($new_email, $mail_subject, $mail_message);
Container::get('hooks')->fire('model.profile.change_email_sent');
throw new Error(__('Activate email sent') . ' <a href="mailto:' . Utils::escape(ForumSettings::get('o_admin_email')) . '">' . Utils::escape(ForumSettings::get('o_admin_email')) . '</a>.', true);
}
Container::get('hooks')->fire('model.profile.change_email');
}
public function run()
{
Container::get('hooks')->fire('controller.install.run_install');
if (Input::getParsedBodyParam('choose_lang')) {
if (in_array(Utils::trim(Input::getParsedBodyParam('install_lang')), $this->available_langs)) {
$this->install_lang = Input::getParsedBodyParam('install_lang');
}
}
$csrf = new \FeatherBB\Middleware\Csrf();
$csrf->generateNewToken(Container::get('request'));
translate('install', 'featherbb', $this->install_lang);
if (Request::isPost() && empty(Input::getParsedBodyParam('choose_lang'))) {
$missing_fields = array();
$data = array_map(function ($item) {
return Utils::escape(Utils::trim($item));
}, Input::getParsedBodyParam('install'));
foreach ($data as $field => $value) {
// Handle empty fields
if (empty($value)) {
// If the field is required, or if user and pass are missing even though mysql or pgsql are selected as DB
if (!in_array($field, $this->optional_fields) || in_array($field, array('db_user')) && in_array($data['db_type'], array('mysql', 'pgsql'))) {
$missing_fields[] = $field;
}
}
}
if (!empty($missing_fields)) {
$this->errors = 'The following fields are required but are missing : ' . implode(', ', $missing_fields);
} else {
// Missing fields, so we don't need to validate the others
// VALIDATION
// Make sure base_url doesn't end with a slash
if (substr($data['base_url'], -1) == '/') {
$data['base_url'] = substr($data['base_url'], 0, -1);
}
// Validate username and passwords
if (Utils::strlen($data['username']) < 2) {
$this->errors[] = __('Username 1');
} elseif (Utils::strlen($data['username']) > 25) {
// This usually doesn't happen since the form element only accepts 25 characters
$this->errors[] = __('Username 2');
} elseif (!strcasecmp($data['username'], 'Guest')) {
$this->errors[] = __('Username 3');
} elseif (preg_match('%[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}%', $data['username']) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $data['username'])) {
$this->errors[] = __('Username 4');
} elseif ((strpos($data['username'], '[') !== false || strpos($data['username'], ']') !== false) && strpos($data['username'], '\'') !== false && strpos($data['username'], '"') !== false) {
$this->errors[] = __('Username 5');
} elseif (preg_match('%(?:\\[/?(?:b|u|i|h|colou?r|quote|code|img|url|email|list)\\]|\\[(?:code|quote|list)=)%i', $data['username'])) {
$this->errors[] = __('Username 6');
}
if (Utils::strlen($data['password']) < 6) {
$this->errors[] = __('Short password');
} elseif ($data['password'] != $data['password_conf']) {
$this->errors[] = __('Passwords not match');
}
// Validate email
if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
$this->errors[] = __('Wrong email');
}
// Validate language
if (!in_array($data['default_lang'], Lister::getLangs())) {
$this->errors[] = __('Error default language');
}
// Check if the cache directory is writable
if (!is_writable(ForumEnv::get('FORUM_CACHE_DIR'))) {
$this->errors[] = sprintf(__('Alert cache'), ForumEnv::get('FORUM_CACHE_DIR'));
}
// Check if default avatar directory is writable
if (!is_writable(ForumEnv::get('FEATHER_ROOT') . 'style/img/avatars/')) {
$this->errors[] = sprintf(__('Alert avatar'), ForumEnv::get('FEATHER_ROOT') . 'style/img/avatars/');
}
// Validate db_prefix if existing
if (!empty($data['db_prefix']) && (strlen($data['db_prefix']) > 0 && (!preg_match('%^[a-zA-Z_][a-zA-Z0-9_]*$%', $data['db_prefix']) || strlen($data['db_prefix']) > 40))) {
$this->errors[] = sprintf(__('Table prefix error'), $data['db_prefix']);
}
}
// End validation and check errors
if (!empty($this->errors)) {
return View::setPageInfo(array('languages' => $this->available_langs, 'supported_dbs' => $this->supported_dbs, 'data' => $data, 'errors' => $this->errors))->addTemplate('install.php')->display(false);
} else {
$data['default_style'] = $this->default_style;
$data['avatars'] = in_array(strtolower(@ini_get('file_uploads')), array('on', 'true', '1')) ? 1 : 0;
return $this->create_config($data);
}
} else {
$base_url = str_replace('index.php', '', Url::base());
$data = array('title' => __('My FeatherBB Forum'), 'description' => __('Description'), 'base_url' => $base_url, 'default_lang' => $this->install_lang);
return View::setPageInfo(array('languages' => $this->available_langs, 'supported_dbs' => $this->supported_dbs, 'data' => $data, 'alerts' => array()))->addTemplate('install.php')->display(false);
}
}
public function get_redirect_url()
{
$this->hook->fire('get_redirect_url_start');
if (!empty($this->request->getReferrer())) {
$redirect_url = $this->request->getReferrer();
}
if (!isset($redirect_url)) {
$redirect_url = Url::base();
} elseif (preg_match('%Topic\\.php\\?pid=(\\d+)$%', $redirect_url, $matches)) {
// TODO
$redirect_url .= '#p' . $matches[1];
}
$redirect_url = $this->hook->fire('get_redirect_url', $redirect_url);
return $redirect_url;
}
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<?php
}
?>
</section>
</body>
<!-- JS -->
<script>
var baseUrl = '<?php
echo Utils::escape(Url::base());
?>
',
phpVars = <?php
echo isset($jsVars) ? json_encode($jsVars) : json_encode(array());
?>
;
</script>
<?php
foreach ($assets['js'] as $script) {
echo '<script ';
foreach ($script['params'] as $key => $value) {
echo $key . '="' . $value . '" ';
}
echo 'src="' . Url::base_static() . '/' . $script['file'] . '"/></script>' . "\n";
}
) # End $1: non-whitespace before first [*] (or [/list]).
(?<!\\s) # Backtrack to exclude any trailing whitespace.
(?=\\s*\\[(?:\\*|/list)\\]) # Done once we reach a [*] or [/list].
%ix', 'smilies' => array(), 'bbcd' => array());
unset($config);
// If this server's PHP installation won't allow access to remote files,
// then unconditionally turn off validate images option.
if (!ini_get('allow_url_fopen')) {
$pd['config']['valid_imgs'] = false;
}
// Validate and compute replacement texts for smilies array.
$re_keys = array();
// Array of regex-safe smiley texts.
$file_path = ForumEnv::get('FEATHER_ROOT') . 'style/img/smilies/';
// File system path to smilies.
$url_path = Url::base();
// Convert abs URL to relative URL.
$url_path = preg_replace('%^https?://[^/]++(.*)$%i', '$1', $url_path) . '/style/img/smilies/';
foreach ($smilies as $smiley_text => $smiley_img) {
// Loop through all smilieys in array.
$file = $file_path . $smiley_img['file'];
// Local file system address of smiley.
if (!file_exists($file)) {
continue;
}
// Skip if the file does not exist.
$info = getimagesize($file);
// Fetch width & height the image.
// Scale the smiley image to fit inside tiny smiley box; default = 15 by 15 pixels (@ 100%).
if (isset($info) && is_array($info) && ($iw = (int) $info[0]) && ($ih = (int) $info[1])) {
$ar = (double) $iw / (double) $ih;
public function forget()
{
if (!$this->feather->user->is_guest) {
Url::redirect($this->feather->urlFor('home'), 'Already logged in');
}
if ($this->feather->request->isPost()) {
// Validate the email address
$email = strtolower(Utils::trim($this->feather->request->post('req_email')));
if (!$this->feather->email->is_valid_email($email)) {
throw new Error(__('Invalid email'), 400);
}
$user = ModelAuth::get_user_from_email($email);
if ($user) {
// Load the "activate password" template
$mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->feather->user->language . '/mail_templates/activate_password.tpl'));
$mail_tpl = $this->feather->hooks->fire('mail_tpl_password_forgotten', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
// Do the generic replacements first (they apply to all emails sent out here)
$mail_message = str_replace('<base_url>', Url::base() . '/', $mail_message);
$mail_message = str_replace('<board_mailer>', $this->feather->forum_settings['o_board_title'], $mail_message);
$mail_message = $this->feather->hooks->fire('mail_message_password_forgotten', $mail_message);
if ($user->last_email_sent != '' && time() - $user->last_email_sent < 3600 && time() - $user->last_email_sent >= 0) {
throw new Error(sprintf(__('Email flood'), intval((3600 - (time() - $user->last_email_sent)) / 60)), 429);
}
// Generate a new password and a new password activation code
$new_password = Random::pass(12);
$new_password_key = Random::pass(8);
ModelAuth::set_new_password($new_password, $new_password_key, $user->id);
// Do the user specific replacements to the template
$cur_mail_message = str_replace('<username>', $user->username, $mail_message);
$cur_mail_message = str_replace('<activation_url>', $this->feather->urlFor('profileAction', ['action' => 'change_pass']) . '?key=' . $new_password_key, $cur_mail_message);
$cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
$cur_mail_message = $this->feather->hooks->fire('cur_mail_message_password_forgotten', $cur_mail_message);
$this->feather->email->feather_mail($email, $mail_subject, $cur_mail_message);
Url::redirect($this->feather->urlFor('home'), __('Forget mail') . ' <a href="mailto:' . $this->feather->utils->escape($this->feather->forum_settings['o_admin_email']) . '">' . $this->feather->utils->escape($this->feather->forum_settings['o_admin_email']) . '</a>.', 200);
} else {
throw new Error(__('No email match') . ' ' . Utils::escape($email) . '.', 400);
}
}
$this->feather->template->setPageInfo(array('active_page' => 'login', 'title' => array(Utils::escape($this->feather->forum_settings['o_board_title']), __('Request pass')), 'required_fields' => array('req_email' => __('Email')), 'focus_element' => array('request_pass', 'req_email')))->addTemplate('login/password_forgotten.php')->display();
}
