public function handle_actions($topic_id, $action)
{
$action = $this->hook->fire('handle_actions_start', $action, $topic_id);
// If action=new, we redirect to the first new post (if any)
if ($action == 'new') {
if (!$this->user->is_guest) {
// We need to check if this topic has been viewed recently by the user
$tracked_topics = Track::get_tracked_topics();
$last_viewed = isset($tracked_topics['topics'][$topic_id]) ? $tracked_topics['topics'][$topic_id] : $this->user->last_visit;
$first_new_post_id = DB::for_table('posts')->where('topic_id', $topic_id)->where_gt('posted', $last_viewed)->min('id');
$first_new_post_id = $this->hook->fire('handle_actions_first_new', $first_new_post_id);
if ($first_new_post_id) {
Url::redirect($this->feather->urlFor('viewPost', ['pid' => $first_new_post_id]) . '#p' . $first_new_post_id);
}
}
// If there is no new post, we go to the last post
$action = 'last';
}
// If action=last, we redirect to the last post
if ($action == 'last') {
$last_post_id = DB::for_table('posts')->where('topic_id', $topic_id)->max('id');
$last_post_id = $this->hook->fire('handle_actions_last_post', $last_post_id);
if ($last_post_id) {
Url::redirect($this->feather->urlFor('viewPost', ['pid' => $last_post_id]) . '#p' . $last_post_id);
}
}
$this->hook->fire('handle_actions', $action, $topic_id);
}
public function display()
{
if ($this->user->g_search == '0') {
throw new Error(__('No search permission'), 403);
}
// Figure out what to do :-)
if ($this->request->get('action') || $this->request->get('search_id')) {
$search = $this->model->get_search_results();
// We have results to display
if (isset($search['is_result'])) {
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Search results')), 'active_page' => 'search'));
$this->model->display_search_results($search, $this->feather);
$this->feather->template->setPageInfo(array('search' => $search));
$this->feather->template->addTemplate('search/header.php', 1);
if ($search['show_as'] == 'posts') {
$this->feather->template->addTemplate('search/posts.php', 5);
} else {
$this->feather->template->addTemplate('search/topics.php', 5);
}
$this->feather->template->addTemplate('search/footer.php', 10)->display();
} else {
Url::redirect($this->feather->urlFor('search'), __('No hits'));
}
} else {
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Search')), 'active_page' => 'search', 'focus_element' => array('search', 'keywords'), 'is_indexed' => true, 'forums' => $this->model->get_list_forums()))->addTemplate('search/form.php')->display();
}
}
public function markforumread($id)
{
$tracked_topics = get_tracked_topics();
$tracked_topics['forums'][$id] = time();
Track::set_tracked_topics($tracked_topics);
Url::redirect($this->feather->urlFor('Forum', array('id' => $id)), __('Mark forum read redirect'));
}
public function deactivate($plugin = null)
{
if (!$plugin) {
throw new Error(__('Bad request'), 400);
}
$manager = new PluginManager();
$manager->deactivate($plugin);
// Plugin has been activated, confirm and redirect
Url::redirect($this->feather->urlFor('adminPlugins'), array('warning', 'Plugin deactivated!'));
}
public function display()
{
// Zap a report
if ($this->feather->request->isPost()) {
$zap_id = intval(key($this->request->post('zap_id')));
$user_id = $this->user->id;
$this->model->zap_report($zap_id, $user_id);
Url::redirect($this->feather->urlFor('adminReports'), __('Report zapped redirect'));
}
AdminUtils::generateAdminMenu('reports');
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Admin'), __('Reports')), 'active_page' => 'admin', 'admin_console' => true, 'report_data' => $this->model->get_reports(), 'report_zapped_data' => $this->model->get_zapped_reports()))->addTemplate('admin/reports.php')->display();
}
public function remove_word()
{
$id = intval(key($this->request->post('remove')));
$id = $this->hook->fire('remove_censoring_word_start', $id);
$result = DB::for_table('censoring')->find_one($id);
$result = $this->hook->fireDB('remove_censoring_word', $result);
$result = $result->delete();
// Regenerate the censoring cache
$this->feather->cache->store('search_for', Cache::get_censoring('search_for'));
$this->feather->cache->store('replace_with', Cache::get_censoring('replace_with'));
Url::redirect($this->feather->urlFor('adminCensoring'), __('Word removed redirect'));
}
public function delete_category()
{
$cat_to_delete = (int) $this->request->post('cat_to_delete');
if ($cat_to_delete < 1) {
throw new Error(__('Bad request'), '400');
}
if (intval($this->request->post('disclaimer')) != 1) {
Url::redirect($this->feather->urlFor('adminCategories'), __('Delete category not validated'));
}
if ($this->model->delete_category($cat_to_delete)) {
Url::redirect($this->feather->urlFor('adminCategories'), __('Category deleted redirect'));
} else {
Url::redirect($this->feather->urlFor('adminCategories'), __('Unable to delete category'));
}
}
public function rules()
{
// If we are logged in, we shouldn't be here
if (!$this->user->is_guest) {
Url::redirect($this->feather->urlFor('home'));
}
// Display an error message if new registrations are disabled
if ($this->config['o_regs_allow'] == '0') {
throw new Error(__('No new regs'), 403);
}
if ($this->config['o_rules'] != '1') {
Url::redirect($this->feather->urlFor('register'));
}
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Register'), __('Forum rules')), 'active_page' => 'register'))->addTemplate('register/rules.php')->display();
}
public function editpost($id)
{
// Fetch some informations about the post, the topic and the forum
$cur_post = $this->model->get_info_edit($id);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = $this->user->g_id == $this->feather->forum_env['FEATHER_ADMIN'] || $this->user->g_moderator == '1' && array_key_exists($this->user->username, $mods_array) ? true : false;
$can_edit_subject = $id == $cur_post['first_post_id'];
if ($this->config['o_censoring'] == '1') {
$cur_post['subject'] = Utils::censor($cur_post['subject']);
$cur_post['message'] = Utils::censor($cur_post['message']);
}
// Do we have permission to edit this post?
if (($this->user->g_edit_posts == '0' || $cur_post['poster_id'] != $this->user->id || $cur_post['closed'] == '1') && !$is_admmod) {
throw new Error(__('No permission'), 403);
}
if ($is_admmod && $this->user->g_id != $this->feather->forum_env['FEATHER_ADMIN'] && in_array($cur_post['poster_id'], Utils::get_admin_ids())) {
throw new Error(__('No permission'), 403);
}
// Start with a clean slate
$errors = array();
if ($this->feather->request()->isPost()) {
// Let's see if everything went right
$errors = $this->model->check_errors_before_edit($can_edit_subject, $errors);
// Setup some variables before post
$post = $this->model->setup_variables($cur_post, $is_admmod, $can_edit_subject, $errors);
// Did everything go according to plan?
if (empty($errors) && !$this->request->post('preview')) {
// Edit the post
$this->model->edit_post($id, $can_edit_subject, $post, $cur_post, $is_admmod);
Url::redirect($this->feather->urlFor('viewPost', ['pid' => $id]) . '#p' . $id, __('Post redirect'));
}
} else {
$post = '';
}
if ($this->request->post('preview')) {
$preview_message = $this->feather->parser->parse_message($post['message'], $post['hide_smilies']);
} else {
$preview_message = '';
}
$lang_bbeditor = array('btnBold' => __('btnBold'), 'btnItalic' => __('btnItalic'), 'btnUnderline' => __('btnUnderline'), 'btnColor' => __('btnColor'), 'btnLeft' => __('btnLeft'), 'btnRight' => __('btnRight'), 'btnJustify' => __('btnJustify'), 'btnCenter' => __('btnCenter'), 'btnLink' => __('btnLink'), 'btnPicture' => __('btnPicture'), 'btnList' => __('btnList'), 'btnQuote' => __('btnQuote'), 'btnCode' => __('btnCode'), 'promptImage' => __('promptImage'), 'promptUrl' => __('promptUrl'), 'promptQuote' => __('promptQuote'));
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Edit post')), 'required_fields' => array('req_subject' => __('Subject'), 'req_message' => __('Message')), 'focus_element' => array('edit', 'req_message'), 'cur_post' => $cur_post, 'errors' => $errors, 'preview_message' => $preview_message, 'id' => $id, 'checkboxes' => $this->model->get_checkboxes($can_edit_subject, $is_admmod, $cur_post, 1), 'can_edit_subject' => $can_edit_subject, 'lang_bbeditor' => $lang_bbeditor, 'post' => $post))->addTemplate('edit.php')->display();
}
public function update_permissions()
{
$form = array_map('intval', $this->request->post('form'));
$form = $this->hook->fire('permissions.update_permissions.form', $form);
foreach ($form as $key => $input) {
// Make sure the input is never a negative value
if ($input < 0) {
$input = 0;
}
// Only update values that have changed
if (array_key_exists('p_' . $key, $this->config) && $this->config['p_' . $key] != $input) {
DB::for_table('config')->where('conf_name', 'p_' . $key)->update_many('conf_value', $input);
}
}
// Regenerate the config cache
$this->feather->cache->store('config', Cache::get_config());
// $this->clear_feed_cache();
Url::redirect($this->feather->urlFor('adminPermissions'), __('Perms updated redirect'));
}
public function display($action = null)
{
// Check for upgrade
if ($action == 'check_upgrade') {
if (!ini_get('allow_url_fopen')) {
throw new Error(__('fopen disabled message'), 500);
}
$latest_version = trim(@file_get_contents('http://featherbb.org/latest_version'));
if (empty($latest_version)) {
throw new Error(__('Upgrade check failed message'), 500);
}
if (version_compare($this->config['o_cur_version'], $latest_version, '>=')) {
Url::redirect($this->feather->urlFor('adminIndex'), __('Running latest version message'));
} else {
Url::redirect($this->feather->urlFor('adminIndex'), sprintf(__('New version available message'), '<a href="http://featherbb.org/">FeatherBB.org</a>'));
}
}
AdminUtils::generateAdminMenu('index');
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Admin'), __('Index')), 'active_page' => 'admin', 'admin_console' => true))->addTemplate('admin/index.php')->display();
}
public function handle_deletion($is_topic_post, $id, $tid, $fid)
{
$this->hook->fire('handle_deletion_start', $is_topic_post, $id, $tid, $fid);
if ($is_topic_post) {
$this->hook->fire('handle_deletion_topic_post', $tid, $fid);
// Delete the topic and all of its posts
self::topic($tid);
Forum::update($fid);
Url::redirect($this->feather->urlFor('Forum', array('id' => $fid)), __('Topic del redirect'));
} else {
$this->hook->fire('handle_deletion', $tid, $fid, $id);
// Delete just this one post
self::post($id, $tid);
Forum::update($fid);
// Redirect towards the previous post
$post = DB::for_table('posts')->select('id')->where('topic_id', $tid)->where_lt('id', $id)->order_by_desc('id');
$post = $this->hook->fireDB('handle_deletion_query', $post);
$post = $post->find_one();
Url::redirect($this->feather->urlFor('viewPost', ['pid' => $post['id']]) . '#p' . $post['id'], __('Post del redirect'));
}
}
public function subscribe_forum($forum_id)
{
$forum_id = $this->hook->fire('subscribe_forum_start', $forum_id);
if ($this->config['o_forum_subscriptions'] != '1') {
throw new Error(__('No permission'), 403);
}
// Make sure the user can view the forum
$authorized['where'] = array(array('fp.read_forum' => 'IS NULL'), array('fp.read_forum' => '1'));
$authorized = DB::for_table('forums')->table_alias('f')->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)->where_any_is($authorized['where'])->where('f.id', $forum_id);
$authorized = $this->hook->fireDB('subscribe_forum_authorized_query', $authorized);
$authorized = $authorized->find_one();
if (!$authorized) {
throw new Error(__('Bad request'), 404);
}
$is_subscribed = DB::for_table('forum_subscriptions')->where('user_id', $this->user->id)->where('forum_id', $forum_id);
$is_subscribed = $this->hook->fireDB('subscribe_forum_subscribed_query', $is_subscribed);
$is_subscribed = $is_subscribed->find_one();
if ($is_subscribed) {
throw new Error(__('Already subscribed forum'), 400);
}
// Insert the subscription
$subscription['insert'] = array('user_id' => $this->user->id, 'forum_id' => $forum_id);
$subscription = DB::for_table('forum_subscriptions')->create()->set($subscription['insert']);
$subscription = $this->hook->fireDB('subscribe_forum_query', $subscription);
$subscription = $subscription->save();
Url::redirect($this->feather->urlFor('Forum', ['id' => $forum_id]), __('Subscribe redirect'));
}
public function remove_ban($ban_id)
{
$ban_id = $this->hook->fire('remove_ban', $ban_id);
$result = DB::for_table('bans')->where('id', $ban_id)->find_one();
$result = $this->hook->fireDB('remove_ban_query', $result);
$result = $result->delete();
// Regenerate the bans cache
$this->feather->cache->store('bans', Cache::get_bans());
Url::redirect($this->feather->urlFor('adminBans'), __('Ban removed redirect'));
}
public function forget()
{
if (!$this->feather->user->is_guest) {
Url::redirect($this->feather->urlFor('home'), 'Already logged in');
}
if ($this->feather->request->isPost()) {
// Validate the email address
$email = strtolower(Utils::trim($this->feather->request->post('req_email')));
if (!$this->feather->email->is_valid_email($email)) {
throw new Error(__('Invalid email'), 400);
}
$user = ModelAuth::get_user_from_email($email);
if ($user) {
// Load the "activate password" template
$mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->feather->user->language . '/mail_templates/activate_password.tpl'));
$mail_tpl = $this->feather->hooks->fire('mail_tpl_password_forgotten', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
// Do the generic replacements first (they apply to all emails sent out here)
$mail_message = str_replace('<base_url>', Url::base() . '/', $mail_message);
$mail_message = str_replace('<board_mailer>', $this->feather->forum_settings['o_board_title'], $mail_message);
$mail_message = $this->feather->hooks->fire('mail_message_password_forgotten', $mail_message);
if ($user->last_email_sent != '' && time() - $user->last_email_sent < 3600 && time() - $user->last_email_sent >= 0) {
throw new Error(sprintf(__('Email flood'), intval((3600 - (time() - $user->last_email_sent)) / 60)), 429);
}
// Generate a new password and a new password activation code
$new_password = Random::pass(12);
$new_password_key = Random::pass(8);
ModelAuth::set_new_password($new_password, $new_password_key, $user->id);
// Do the user specific replacements to the template
$cur_mail_message = str_replace('<username>', $user->username, $mail_message);
$cur_mail_message = str_replace('<activation_url>', $this->feather->urlFor('profileAction', ['action' => 'change_pass']) . '?key=' . $new_password_key, $cur_mail_message);
$cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
$cur_mail_message = $this->feather->hooks->fire('cur_mail_message_password_forgotten', $cur_mail_message);
$this->feather->email->feather_mail($email, $mail_subject, $cur_mail_message);
Url::redirect($this->feather->urlFor('home'), __('Forget mail') . ' <a href="mailto:' . $this->feather->utils->escape($this->feather->forum_settings['o_admin_email']) . '">' . $this->feather->utils->escape($this->feather->forum_settings['o_admin_email']) . '</a>.', 200);
} else {
throw new Error(__('No email match') . ' ' . Utils::escape($email) . '.', 400);
}
}
$this->feather->template->setPageInfo(array('active_page' => 'login', 'title' => array(Utils::escape($this->feather->forum_settings['o_board_title']), __('Request pass')), 'required_fields' => array('req_email' => __('Email')), 'focus_element' => array('request_pass', 'req_email')))->addTemplate('login/password_forgotten.php')->display();
}
public function update_options()
{
$form = array('board_title' => Utils::trim($this->request->post('form_board_title')), 'board_desc' => Utils::trim($this->request->post('form_board_desc')), 'base_url' => Utils::trim($this->request->post('form_base_url')), 'default_timezone' => floatval($this->request->post('form_default_timezone')), 'default_dst' => $this->request->post('form_default_dst') != '1' ? '0' : '1', 'default_lang' => Utils::trim($this->request->post('form_default_lang')), 'default_style' => Utils::trim($this->request->post('form_default_style')), 'time_format' => Utils::trim($this->request->post('form_time_format')), 'date_format' => Utils::trim($this->request->post('form_date_format')), 'timeout_visit' => intval($this->request->post('form_timeout_visit')) > 0 ? intval($this->request->post('form_timeout_visit')) : 1, 'timeout_online' => intval($this->request->post('form_timeout_online')) > 0 ? intval($this->request->post('form_timeout_online')) : 1, 'redirect_delay' => intval($this->request->post('form_redirect_delay')) >= 0 ? intval($this->request->post('form_redirect_delay')) : 0, 'show_version' => $this->request->post('form_show_version') != '1' ? '0' : '1', 'show_user_info' => $this->request->post('form_show_user_info') != '1' ? '0' : '1', 'show_post_count' => $this->request->post('form_show_post_count') != '1' ? '0' : '1', 'smilies' => $this->request->post('form_smilies') != '1' ? '0' : '1', 'smilies_sig' => $this->request->post('form_smilies_sig') != '1' ? '0' : '1', 'make_links' => $this->request->post('form_make_links') != '1' ? '0' : '1', 'topic_review' => intval($this->request->post('form_topic_review')) >= 0 ? intval($this->request->post('form_topic_review')) : 0, 'disp_topics_default' => intval($this->request->post('form_disp_topics_default')), 'disp_posts_default' => intval($this->request->post('form_disp_posts_default')), 'indent_num_spaces' => intval($this->request->post('form_indent_num_spaces')) >= 0 ? intval($this->request->post('form_indent_num_spaces')) : 0, 'quote_depth' => intval($this->request->post('form_quote_depth')) > 0 ? intval($this->request->post('form_quote_depth')) : 1, 'quickpost' => $this->request->post('form_quickpost') != '1' ? '0' : '1', 'users_online' => $this->request->post('form_users_online') != '1' ? '0' : '1', 'censoring' => $this->request->post('form_censoring') != '1' ? '0' : '1', 'signatures' => $this->request->post('form_signatures') != '1' ? '0' : '1', 'show_dot' => $this->request->post('form_show_dot') != '1' ? '0' : '1', 'topic_views' => $this->request->post('form_topic_views') != '1' ? '0' : '1', 'quickjump' => $this->request->post('form_quickjump') != '1' ? '0' : '1', 'gzip' => $this->request->post('form_gzip') != '1' ? '0' : '1', 'search_all_forums' => $this->request->post('form_search_all_forums') != '1' ? '0' : '1', 'additional_navlinks' => Utils::trim($this->request->post('form_additional_navlinks')), 'feed_type' => intval($this->request->post('form_feed_type')), 'feed_ttl' => intval($this->request->post('form_feed_ttl')), 'report_method' => intval($this->request->post('form_report_method')), 'mailing_list' => Utils::trim($this->request->post('form_mailing_list')), 'avatars' => $this->request->post('form_avatars') != '1' ? '0' : '1', 'avatars_dir' => Utils::trim($this->request->post('form_avatars_dir')), 'avatars_width' => intval($this->request->post('form_avatars_width')) > 0 ? intval($this->request->post('form_avatars_width')) : 1, 'avatars_height' => intval($this->request->post('form_avatars_height')) > 0 ? intval($this->request->post('form_avatars_height')) : 1, 'avatars_size' => intval($this->request->post('form_avatars_size')) > 0 ? intval($this->request->post('form_avatars_size')) : 1, 'admin_email' => strtolower(Utils::trim($this->request->post('form_admin_email'))), 'webmaster_email' => strtolower(Utils::trim($this->request->post('form_webmaster_email'))), 'forum_subscriptions' => $this->request->post('form_forum_subscriptions') != '1' ? '0' : '1', 'topic_subscriptions' => $this->request->post('form_topic_subscriptions') != '1' ? '0' : '1', 'smtp_host' => Utils::trim($this->request->post('form_smtp_host')), 'smtp_user' => Utils::trim($this->request->post('form_smtp_user')), 'smtp_ssl' => $this->request->post('form_smtp_ssl') != '1' ? '0' : '1', 'regs_allow' => $this->request->post('form_regs_allow') != '1' ? '0' : '1', 'regs_verify' => $this->request->post('form_regs_verify') != '1' ? '0' : '1', 'regs_report' => $this->request->post('form_regs_report') != '1' ? '0' : '1', 'rules' => $this->request->post('form_rules') != '1' ? '0' : '1', 'rules_message' => Utils::trim($this->request->post('form_rules_message')), 'default_email_setting' => intval($this->request->post('form_default_email_setting')), 'announcement' => $this->request->post('form_announcement') != '1' ? '0' : '1', 'announcement_message' => Utils::trim($this->request->post('form_announcement_message')), 'maintenance' => $this->request->post('form_maintenance') != '1' ? '0' : '1', 'maintenance_message' => Utils::trim($this->request->post('form_maintenance_message')));
$form = $this->hook->fire('options.update_options.form', $form);
if ($form['board_title'] == '') {
throw new Error(__('Must enter title message'), 400);
}
// Make sure base_url doesn't end with a slash
if (substr($form['base_url'], -1) == '/') {
$form['base_url'] = substr($form['base_url'], 0, -1);
}
// Convert IDN to Punycode if needed
if (preg_match('/[^\\x00-\\x7F]/', $form['base_url'])) {
if (!function_exists('idn_to_ascii')) {
throw new Error(__('Base URL problem'), 400);
} else {
$form['base_url'] = idn_to_ascii($form['base_url']);
}
}
$languages = \FeatherBB\Core\Lister::getLangs();
if (!in_array($form['default_lang'], $languages)) {
throw new Error(__('Bad request'), 404);
}
$styles = \FeatherBB\Core\Lister::getStyles();
if (!in_array($form['default_style'], $styles)) {
throw new Error(__('Bad request'), 404);
}
if ($form['time_format'] == '') {
$form['time_format'] = 'H:i:s';
}
if ($form['date_format'] == '') {
$form['date_format'] = 'Y-m-d';
}
if (!$this->email->is_valid_email($form['admin_email'])) {
throw new Error(__('Invalid e-mail message'), 400);
}
if (!$this->email->is_valid_email($form['webmaster_email'])) {
throw new Error(__('Invalid webmaster e-mail message'), 400);
}
if ($form['mailing_list'] != '') {
$form['mailing_list'] = strtolower(preg_replace('%\\s%S', '', $form['mailing_list']));
}
// Make sure avatars_dir doesn't end with a slash
if (substr($form['avatars_dir'], -1) == '/') {
$form['avatars_dir'] = substr($form['avatars_dir'], 0, -1);
}
if ($form['additional_navlinks'] != '') {
$form['additional_navlinks'] = Utils::trim(Utils::linebreaks($form['additional_navlinks']));
}
// Change or enter a SMTP password
if ($this->request->post('form_smtp_change_pass')) {
$smtp_pass1 = $this->request->post('form_smtp_pass1') ? Utils::trim($this->request->post('form_smtp_pass1')) : '';
$smtp_pass2 = $this->request->post('form_smtp_pass2') ? Utils::trim($this->request->post('form_smtp_pass2')) : '';
if ($smtp_pass1 == $smtp_pass2) {
$form['smtp_pass'] = $smtp_pass1;
} else {
throw new Error(__('SMTP passwords did not match'), 400);
}
}
if ($form['announcement_message'] != '') {
$form['announcement_message'] = Utils::linebreaks($form['announcement_message']);
} else {
$form['announcement_message'] = __('Enter announcement here');
$form['announcement'] = '0';
}
if ($form['rules_message'] != '') {
$form['rules_message'] = Utils::linebreaks($form['rules_message']);
} else {
$form['rules_message'] = __('Enter rules here');
$form['rules'] = '0';
}
if ($form['maintenance_message'] != '') {
$form['maintenance_message'] = Utils::linebreaks($form['maintenance_message']);
} else {
$form['maintenance_message'] = __('Default maintenance message');
$form['maintenance'] = '0';
}
// Make sure the number of displayed topics and posts is between 3 and 75
if ($form['disp_topics_default'] < 3) {
$form['disp_topics_default'] = 3;
} elseif ($form['disp_topics_default'] > 75) {
$form['disp_topics_default'] = 75;
}
if ($form['disp_posts_default'] < 3) {
$form['disp_posts_default'] = 3;
} elseif ($form['disp_posts_default'] > 75) {
$form['disp_posts_default'] = 75;
}
if ($form['feed_type'] < 0 || $form['feed_type'] > 2) {
throw new Error(__('Bad request'), 400);
}
if ($form['feed_ttl'] < 0) {
throw new Error(__('Bad request'), 400);
}
if ($form['report_method'] < 0 || $form['report_method'] > 2) {
throw new Error(__('Bad request'), 400);
}
if ($form['default_email_setting'] < 0 || $form['default_email_setting'] > 2) {
throw new Error(__('Bad request'), 400);
}
if ($form['timeout_online'] >= $form['timeout_visit']) {
throw new Error(__('Timeout error message'), 400);
}
foreach ($form as $key => $input) {
// Only update values that have changed
if (array_key_exists('o_' . $key, $this->config) && $this->config['o_' . $key] != $input) {
if ($input != '' || is_int($input)) {
DB::for_table('config')->where('conf_name', 'o_' . $key)->update_many('conf_value', $input);
} else {
DB::for_table('config')->where('conf_name', 'o_' . $key)->update_many_expr('conf_value', 'NULL');
}
}
}
// Regenerate the config cache
$this->feather->cache->store('config', Cache::get_config());
$this->clear_feed_cache();
Url::redirect($this->feather->urlFor('adminOptions'), __('Options updated redirect'));
}
public function delete_group($group_id)
{
$group_id = $this->hook->fire('delete_group.group_id', $group_id);
if ($this->request->post('del_group')) {
$move_to_group = intval($this->request->post('move_to_group'));
$move_to_group = $this->hook->fire('delete_group.move_to_group', $move_to_group);
DB::for_table('users')->where('group_id', $group_id)->update_many('group_id', $move_to_group);
}
// Delete the group and any forum specific permissions
DB::for_table('groups')->where('g_id', $group_id)->delete_many();
DB::for_table('forum_perms')->where('group_id', $group_id)->delete_many();
// Don't let users be promoted to this group
DB::for_table('groups')->where('g_promote_next_group', $group_id)->update_many('g_promote_next_group', 0);
Url::redirect($this->feather->urlFor('adminGroups'), __('Group removed redirect'));
}
public function newpost($fid = null, $tid = null, $qid = null)
{
// Antispam feature
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->feather->user->language . '/antispam.php';
$index_questions = rand(0, count($lang_antispam_questions) - 1);
// If $_POST['username'] is filled, we are facing a bot
if ($this->feather->request->post('username')) {
throw new Error(__('Bad request'), 400);
}
// Fetch some info about the topic and/or the forum
$cur_posting = $this->model->get_info_post($tid, $fid);
$is_subscribed = $tid && $cur_posting['is_subscribed'];
// Is someone trying to post into a redirect forum?
if ($cur_posting['redirect_url'] != '') {
throw new Error(__('Bad request'), 400);
}
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_posting['moderators'] != '' ? unserialize($cur_posting['moderators']) : array();
$is_admmod = $this->feather->user->g_id == $this->feather->forum_env['FEATHER_ADMIN'] || $this->feather->user->g_moderator == '1' && array_key_exists($this->feather->user->username, $mods_array) ? true : false;
// Do we have permission to post?
if (($tid && ($cur_posting['post_replies'] == '' && $this->feather->user->g_post_replies == '0' || $cur_posting['post_replies'] == '0') || $fid && ($cur_posting['post_topics'] == '' && $this->feather->user->g_post_topics == '0' || $cur_posting['post_topics'] == '0') || isset($cur_posting['closed']) && $cur_posting['closed'] == '1') && !$is_admmod) {
throw new Error(__('No permission'), 403);
}
// Start with a clean slate
$errors = array();
$post = '';
// Did someone just hit "Submit" or "Preview"?
if ($this->feather->request()->isPost()) {
// Include $pid and $page if needed for confirm_referrer function called in check_errors_before_post()
if ($this->feather->request->post('pid')) {
$pid = $this->feather->request->post('pid');
} else {
$pid = '';
}
if ($this->feather->request->post('page')) {
$page = $this->feather->request->post('page');
} else {
$page = '';
}
// Let's see if everything went right
$errors = $this->model->check_errors_before_post($fid, $tid, $qid, $pid, $page, $errors);
// Setup some variables before post
$post = $this->model->setup_variables($errors, $is_admmod);
// Did everything go according to plan?
if (empty($errors) && !$this->feather->request->post('preview')) {
// If it's a reply
if ($tid) {
// Insert the reply, get the new_pid
$new = $this->model->insert_reply($post, $tid, $cur_posting, $is_subscribed);
// Should we send out notifications?
if ($this->feather->forum_settings['o_topic_subscriptions'] == '1') {
$this->model->send_notifications_reply($tid, $cur_posting, $new['pid'], $post);
}
} elseif ($fid) {
// Insert the topic, get the new_pid
$new = $this->model->insert_topic($post, $fid);
// Should we send out notifications?
if ($this->feather->forum_settings['o_forum_subscriptions'] == '1') {
$this->model->send_notifications_new_topic($post, $cur_posting, $new['tid']);
}
}
// If we previously found out that the email was banned
if ($this->feather->user->is_guest && isset($errors['banned_email']) && $this->feather->forum_settings['o_mailing_list'] != '') {
$this->model->warn_banned_user($post, $new['pid']);
}
// If the posting user is logged in, increment his/her post count
if (!$this->feather->user->is_guest) {
$this->model->increment_post_count($post, $new['tid']);
}
Url::redirect($this->feather->urlFor('viewPost', ['pid' => $new['pid']]) . '#p' . $new['pid'], __('Post redirect'));
}
}
$quote = '';
// If a topic ID was specified in the url (it's a reply)
if ($tid) {
$action = __('Post a reply');
$form = '<form id="post" method="post" action="' . $this->feather->urlFor('newReply', ['tid' => $tid]) . '" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">';
// If a quote ID was specified in the url
if (isset($qid)) {
$quote = $this->model->get_quote_message($qid, $tid);
$form = '<form id="post" method="post" action="' . $this->feather->urlFor('newQuoteReply', ['pid' => $tid, 'qid' => $qid]) . '" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">';
}
} elseif ($fid) {
$action = __('Post new topic');
$form = '<form id="post" method="post" action="' . $this->feather->urlFor('newTopic', ['fid' => $fid]) . '" onsubmit="return process_form(this)">';
} else {
throw new Error(__('Bad request'), 404);
}
$url_forum = Url::url_friendly($cur_posting['forum_name']);
$is_subscribed = $tid && $cur_posting['is_subscribed'];
if (isset($cur_posting['subject'])) {
$url_topic = Url::url_friendly($cur_posting['subject']);
} else {
$url_topic = '';
}
$required_fields = array('req_email' => __('Email'), 'req_subject' => __('Subject'), 'req_message' => __('Message'));
if ($this->feather->user->is_guest) {
$required_fields['captcha'] = __('Robot title');
}
// Set focus element (new post or new reply to an existing post ?)
$focus_element[] = 'post';
if (!$this->feather->user->is_guest) {
$focus_element[] = $fid ? 'req_subject' : 'req_message';
} else {
$required_fields['req_username'] = __('Guest name');
$focus_element[] = 'req_username';
}
// Get the current state of checkboxes
$checkboxes = $this->model->get_checkboxes($fid, $is_admmod, $is_subscribed);
// Check to see if the topic review is to be displayed
if ($tid && $this->feather->forum_settings['o_topic_review'] != '0') {
$post_data = $this->model->topic_review($tid);
} else {
$post_data = '';
}
$lang_bbeditor = array('btnBold' => __('btnBold'), 'btnItalic' => __('btnItalic'), 'btnUnderline' => __('btnUnderline'), 'btnColor' => __('btnColor'), 'btnLeft' => __('btnLeft'), 'btnRight' => __('btnRight'), 'btnJustify' => __('btnJustify'), 'btnCenter' => __('btnCenter'), 'btnLink' => __('btnLink'), 'btnPicture' => __('btnPicture'), 'btnList' => __('btnList'), 'btnQuote' => __('btnQuote'), 'btnCode' => __('btnCode'), 'promptImage' => __('promptImage'), 'promptUrl' => __('promptUrl'), 'promptQuote' => __('promptQuote'));
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->feather->forum_settings['o_board_title']), $action), 'required_fields' => $required_fields, 'focus_element' => $focus_element, 'active_page' => 'post', 'post' => $post, 'tid' => $tid, 'fid' => $fid, 'cur_posting' => $cur_posting, 'lang_antispam' => $lang_antispam, 'lang_antispam_questions' => $lang_antispam_questions, 'lang_bbeditor' => $lang_bbeditor, 'index_questions' => $index_questions, 'checkboxes' => $checkboxes, 'action' => $action, 'form' => $form, 'post_data' => $post_data, 'url_forum' => $url_forum, 'url_topic' => $url_topic, 'quote' => $quote, 'errors' => $errors))->addTemplate('post.php')->display();
}
public function action($id, $action)
{
// Include UTF-8 function
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/substr_replace.php';
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/ucwords.php';
// utf8_ucwords needs utf8_substr_replace
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/strcasecmp.php';
if ($action != 'change_pass' || !$this->request->get('key')) {
if ($this->user->g_read_board == '0') {
throw new Error(__('No view'), 403);
} elseif ($this->user->g_view_users == '0' && ($this->user->is_guest || $this->user->id != $id)) {
throw new Error(__('No permission'), 403);
}
}
if ($action == 'change_pass') {
$this->model->change_pass($id, $this->feather);
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Change pass')), 'active_page' => 'profile', 'id' => $id, 'required_fields' => array('req_old_password' => __('Old pass'), 'req_new_password1' => __('New pass'), 'req_new_password2' => __('Confirm new pass')), 'focus_element' => array('change_pass', !$this->user->is_admmod ? 'req_old_password' : 'req_new_password1')));
$this->feather->template->addTemplate('profile/change_pass.php')->display();
} elseif ($action == 'change_email') {
$this->model->change_email($id, $this->feather);
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Change email')), 'active_page' => 'profile', 'required_fields' => array('req_new_email' => __('New email'), 'req_password' => __('Password')), 'focus_element' => array('change_email', 'req_new_email'), 'id' => $id));
$this->feather->template->addTemplate('profile/change_mail.php')->display();
} elseif ($action == 'upload_avatar' || $action == 'upload_avatar2') {
if ($this->config['o_avatars'] == '0') {
throw new Error(__('Avatars disabled'), 400);
}
if ($this->user->id != $id && !$this->user->is_admmod) {
throw new Error(__('No permission'), 403);
}
if ($this->feather->request()->isPost()) {
$this->model->upload_avatar($id, $_FILES);
}
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Upload avatar')), 'active_page' => 'profile', 'required_fields' => array('req_file' => __('File')), 'focus_element' => array('upload_avatar', 'req_file'), 'id' => $id));
$this->feather->template->addTemplate('profile/upload_avatar.php')->display();
} elseif ($action == 'delete_avatar') {
if ($this->user->id != $id && !$this->user->is_admmod) {
throw new Error(__('No permission'), 403);
}
Delete::avatar($id);
Url::redirect($this->feather->urlFor('profileSection', array('id' => $id, 'section' => 'personality')), __('Avatar deleted redirect'));
} elseif ($action == 'promote') {
if ($this->user->g_id != $this->feather->forum_env['FEATHER_ADMIN'] && ($this->user->g_moderator != '1' || $this->user->g_mod_promote_users == '0')) {
throw new Error(__('No permission'), 403);
}
$this->model->promote_user($id, $this->feather);
} else {
throw new Error(__('Bad request'), 404);
}
}
public function display()
{
global $lang_admin_parser;
// Legacy
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/admin/parser.php';
// This is where the parser data lives and breathes.
$cache_file = $this->feather->forum_env['FEATHER_ROOT'] . 'cache/cache_parser_data.php';
// If RESET button pushed, or no cache file, re-compile master bbcode source file.
if ($this->request->post('reset') || !file_exists($cache_file)) {
require_once $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Core/parser/bbcd_source.php';
require_once $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Core/parser/bbcd_compile.php';
Url::redirect($this->feather->urlFor('adminParser'), $lang_admin_parser['reset_success']);
}
// Load the current BBCode $pd array from featherbb/Core/parser/parser_data.inc.php.
require_once $cache_file;
// Fetch $pd compiled global regex data.
$bbcd = $pd['bbcd'];
// Local scratch copy of $bbcd.
$smilies = $pd['smilies'];
// Local scratch copy of $smilies.
$config = $pd['config'];
// Local scratch copy of $config.
$count = count($bbcd);
if ($this->request->post('form_sent')) {
// Upload new smiley image to style/img/smilies
if ($this->request->post('upload') && isset($_FILES['new_smiley']) && isset($_FILES['new_smiley']['error'])) {
$f = $_FILES['new_smiley'];
switch ($f['error']) {
case 0:
// 0: Successful upload.
$name = str_replace(' ', '_', $f['name']);
// Convert spaces to underscoree.
$name = preg_replace('/[^\\w\\-.]/S', '', $name);
// Weed out all unsavory filename chars.
if (preg_match('/^[\\w\\-.]++$/', $name)) {
// If we have a valid filename?
if (preg_match('%^image/%', $f['type'])) {
// If we have an image file type?
if ($f['size'] > 0 && $f['size'] <= $this->config['o_avatars_size']) {
if (move_uploaded_file($f['tmp_name'], $this->feather->forum_env['FEATHER_ROOT'] . 'style/img/smilies/' . $name)) {
Url::redirect($this->feather->urlFor('adminParser'), $lang_admin_parser['upload success']);
} else {
// Error #1: 'Smiley upload failed. Unable to move to smiley folder.'.
throw new Error($lang_admin_parser['upload_err_1'], 500);
}
} else {
// Error #2: 'Smiley upload failed. File is too big.'
throw new Error($lang_admin_parser['upload_err_2'], 400);
}
} else {
// Error #3: 'Smiley upload failed. File type is not an image.'.
throw new Error($lang_admin_parser['upload_err_3'], 400);
}
} else {
// Error #4: 'Smiley upload failed. Bad filename.'
throw new Error($lang_admin_parser['upload_err_4'], 400);
}
break;
case 1:
// case 1 similar to case 2 so fall through...
// case 1 similar to case 2 so fall through...
case 2:
throw new Error($lang_admin_parser['upload_err_2'], 400);
// File exceeds MAX_FILE_SIZE.
// File exceeds MAX_FILE_SIZE.
case 3:
throw new Error($lang_admin_parser['upload_err_5'], 400);
// File only partially uploaded.
// case 4: break; // No error. Normal response when this form element left empty
// File only partially uploaded.
// case 4: break; // No error. Normal response when this form element left empty
case 4:
throw new Error($lang_admin_parser['upload_err_6'], 400);
// No filename.
// No filename.
case 6:
throw new Error($lang_admin_parser['upload_err_7'], 500);
// No temp folder.
// No temp folder.
case 7:
throw new Error($lang_admin_parser['upload_err_8'], 500);
// Cannot write to disk.
// Cannot write to disk.
default:
throw new Error($lang_admin_parser['upload_err_9'], 500);
// Generic/unknown error
}
}
// Set new $config values:
if ($this->request->post('config')) {
$pcfg = $this->request->post('config');
if (isset($pcfg['textile'])) {
if ($pcfg['textile'] == '1') {
$config['textile'] = true;
} else {
$config['textile'] = false;
}
}
if (isset($pcfg['quote_links'])) {
if ($pcfg['quote_links'] == '1') {
$config['quote_links'] = true;
} else {
$config['quote_links'] = false;
}
}
if (isset($pcfg['quote_imgs'])) {
if ($pcfg['quote_imgs'] == '1') {
$config['quote_imgs'] = true;
} else {
$config['quote_imgs'] = false;
}
}
if (isset($pcfg['valid_imgs'])) {
if ($pcfg['valid_imgs'] == '1') {
$config['valid_imgs'] = true;
} else {
$config['valid_imgs'] = false;
}
}
if (isset($pcfg['click_imgs'])) {
if ($pcfg['click_imgs'] == '1') {
$config['click_imgs'] = true;
} else {
$config['click_imgs'] = false;
}
}
if (isset($pcfg['max_size']) && preg_match('/^\\d++$/', $pcfg['max_size'])) {
$config['max_size'] = (int) $pcfg['max_size'];
}
if (isset($pcfg['max_width']) && preg_match('/^\\d++$/', $pcfg['max_width'])) {
$config['max_width'] = (int) $pcfg['max_width'];
// Limit default to maximum.
if ($config['def_width'] > $config['max_width']) {
$config['def_width'] = $config['max_width'];
}
}
if (isset($pcfg['max_height']) && preg_match('/^\\d++$/', $pcfg['max_height'])) {
$config['max_height'] = (int) $pcfg['max_height'];
// Limit default to maximum.
if ($config['def_height'] > $config['max_height']) {
$config['def_height'] = $config['max_height'];
}
}
if (isset($pcfg['def_width']) && preg_match('/^\\d++$/', $pcfg['def_width'])) {
$config['def_width'] = (int) $pcfg['def_width'];
// Limit default to maximum.
if ($config['def_width'] > $config['max_width']) {
$config['def_width'] = $config['max_width'];
}
}
if (isset($pcfg['def_height']) && preg_match('/^\\d++$/', $pcfg['def_height'])) {
$config['def_height'] = (int) $pcfg['def_height'];
// Limit default to maximum.
if ($config['def_height'] > $config['max_height']) {
$config['def_height'] = $config['max_height'];
}
}
if (isset($pcfg['smiley_size']) && preg_match('/^\\s*+(\\d++)\\s*+%?+\\s*+$/', $pcfg['smiley_size'], $m)) {
$config['smiley_size'] = (int) $m[1];
// Limit default to maximum.
}
}
// Set new $bbcd values:
foreach ($bbcd as $tagname => $tagdata) {
if ($tagname == '_ROOT_') {
continue;
// Skip last pseudo-tag
}
$tag =& $bbcd[$tagname];
if ($this->request->post($tagname . '_in_post') && $this->request->post($tagname . '_in_post') == '1') {
$tag['in_post'] = true;
} else {
$tag['in_post'] = false;
}
if ($this->request->post($tagname . '_in_sig') && $this->request->post($tagname . '_in_sig') == '1') {
$tag['in_sig'] = true;
} else {
$tag['in_sig'] = false;
}
if ($this->request->post($tagname . '_depth_max') && preg_match('/^\\d++$/', $this->request->post($tagname . '_depth_max'))) {
$tag['depth_max'] = (int) $this->request->post($tagname . '_depth_max');
}
}
// Set new $smilies values:
if ($this->request->post('smiley_text') && is_array($this->request->post('smiley_text')) && $this->request->post('smiley_file') && is_array($this->request->post('smiley_file')) && count($this->request->post('smiley_text')) === count($this->request->post('smiley_file'))) {
$stext = $this->request->post('smiley_text');
$sfile = $this->request->post('smiley_file');
$len = count($stext);
$good = '';
$smilies = array();
for ($i = 0; $i < $len; ++$i) {
// Loop through all posted smileys.
if ($stext[$i] && $sfile !== 'select new file') {
$smilies[$stext[$i]] = array('file' => $sfile[$i]);
}
}
}
require_once 'featherbb/Core/parser/bbcd_compile.php';
// Compile $bbcd and save into $pd['bbcd']
Url::redirect($this->feather->urlFor('adminParser'), $lang_admin_parser['save_success']);
}
AdminUtils::generateAdminMenu('parser');
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Admin'), __('Parser')), 'active_page' => 'admin', 'admin_console' => true, 'lang_admin_parser' => $lang_admin_parser, 'smiley_files' => $this->model->get_smiley_files(), 'bbcd' => $bbcd, 'config' => $config, 'smilies' => $smilies, 'i' => -1))->addTemplate('admin/parser.php')->display();
}
public function insert_user($user)
{
$user = $this->hook->fire('insert_user_start', $user);
// Insert the new user into the database. We do this now to get the last inserted ID for later use
$now = time();
$intial_group_id = $this->config['o_regs_verify'] == '0' ? $this->config['o_default_user_group'] : $this->feather->forum_env['FEATHER_UNVERIFIED'];
$password_hash = Random::hash($user['password1']);
// Add the user
$user['insert'] = array('username' => $user['username'], 'group_id' => $intial_group_id, 'password' => $password_hash, 'email' => $user['email1'], 'email_setting' => $this->config['o_default_email_setting'], 'timezone' => $this->config['o_default_timezone'], 'dst' => 0, 'language' => $user['language'], 'style' => $this->config['o_default_style'], 'registered' => $now, 'registration_ip' => $this->request->getIp(), 'last_visit' => $now);
$user = DB::for_table('users')->create()->set($user['insert']);
$user = $this->hook->fireDB('insert_user_query', $user);
$user = $user->save();
$new_uid = DB::get_db()->lastInsertId($this->feather->forum_settings['db_prefix'] . 'users');
if ($this->config['o_regs_verify'] == '0') {
// Regenerate the users info cache
if (!$this->feather->cache->isCached('users_info')) {
$this->feather->cache->store('users_info', Cache::get_users_info());
}
$stats = $this->feather->cache->retrieve('users_info');
}
// If the mailing list isn't empty, we may need to send out some alerts
if ($this->config['o_mailing_list'] != '') {
// If we previously found out that the email was banned
if (isset($user['banned_email'])) {
// Load the "banned email register" template
$mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/mail_templates/banned_email_register.tpl'));
$mail_tpl = $this->hook->fire('insert_user_banned_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = $this->hook->fire('insert_user_banned_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', $user['username'], $mail_message);
$mail_message = str_replace('<email>', $user['email1'], $mail_message);
$mail_message = str_replace('<profile_url>', $this->feather->urlFor('userProfile', ['id' => $new_uid]), $mail_message);
$mail_message = str_replace('<board_mailer>', $this->config['o_board_title'], $mail_message);
$mail_message = $this->hook->fire('insert_user_banned_mail_message', $mail_message);
$this->email->feather_mail($this->config['o_mailing_list'], $mail_subject, $mail_message);
}
// If we previously found out that the email was a dupe
if (!empty($dupe_list)) {
// Load the "dupe email register" template
$mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/mail_templates/dupe_email_register.tpl'));
$mail_tpl = $this->hook->fire('insert_user_dupe_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = $this->hook->fire('insert_user_dupe_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', $user['username'], $mail_message);
$mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message);
$mail_message = str_replace('<profile_url>', $this->feather->urlFor('userProfile', ['id' => $new_uid]), $mail_message);
$mail_message = str_replace('<board_mailer>', $this->config['o_board_title'], $mail_message);
$mail_message = $this->hook->fire('insert_user_dupe_mail_message', $mail_message);
$this->email->feather_mail($this->config['o_mailing_list'], $mail_subject, $mail_message);
}
// Should we alert people on the admin mailing list that a new user has registered?
if ($this->config['o_regs_report'] == '1') {
// Load the "new user" template
$mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/mail_templates/new_user.tpl'));
$mail_tpl = $this->hook->fire('insert_user_new_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = $this->hook->fire('insert_user_new_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', $user['username'], $mail_message);
$mail_message = str_replace('<base_url>', $this->feather->urlFor('home'), $mail_message);
$mail_message = str_replace('<profile_url>', $this->feather->urlFor('userProfile', ['id' => $new_uid]), $mail_message);
$mail_message = str_replace('<admin_url>', $this->feather->urlFor('profileSection', ['id' => $new_uid, 'section' => 'admin']), $mail_message);
$mail_message = str_replace('<board_mailer>', $this->config['o_board_title'], $mail_message);
$mail_message = $this->hook->fire('insert_user_new_mail_message', $mail_message);
$this->email->feather_mail($this->config['o_mailing_list'], $mail_subject, $mail_message);
}
}
// Must the user verify the registration or do we log him/her in right now?
if ($this->config['o_regs_verify'] == '1') {
// Load the "welcome" template
$mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/mail_templates/welcome.tpl'));
$mail_tpl = $this->hook->fire('insert_user_welcome_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = $this->hook->fire('insert_user_welcome_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_subject = str_replace('<board_title>', $this->config['o_board_title'], $mail_subject);
$mail_message = str_replace('<base_url>', $this->feather->urlFor('home'), $mail_message);
$mail_message = str_replace('<username>', $user['username'], $mail_message);
$mail_message = str_replace('<password>', $user['password1'], $mail_message);
$mail_message = str_replace('<login_url>', $this->feather->urlFor('login'), $mail_message);
$mail_message = str_replace('<board_mailer>', $this->config['o_board_title'], $mail_message);
$mail_message = $this->hook->fire('insert_user_welcome_mail_message', $mail_message);
$this->email->feather_mail($user['email1'], $mail_subject, $mail_message);
Url::redirect($this->feather->urlFor('home'), __('Reg email') . ' <a href="mailto:' . Utils::escape($this->config['o_admin_email']) . '">' . Utils::escape($this->config['o_admin_email']) . '</a>.');
}
$this->auth->feather_setcookie($new_uid, $password_hash, time() + $this->config['o_timeout_visit']);
$this->hook->fire('insert_user');
Url::redirect($this->feather->urlFor('home'), __('Reg complete'));
}
public function logout($id, $token)
{
$token = $this->hook->fire('logout_start', $token, $id);
if ($this->user->is_guest || !isset($id) || $id != $this->user->id || !isset($token) || $token != Random::hash($this->user->id . Random::hash($this->request->getIp()))) {
header('Location: ' . Url::base());
exit;
}
// Remove user from "users online" list
$delete_online = DB::for_table('online')->where('user_id', $this->user->id);
$delete_online = $this->hook->fireDB('delete_online_logout', $delete_online);
$delete_online = $delete_online->delete_many();
// Update last_visit (make sure there's something to update it with)
if (isset($this->user->logged)) {
$update_last_visit = DB::for_table('users')->where('id', $this->user->id)->find_one()->set('last_visit', $this->user->logged);
$update_last_visit = $this->hook->fireDB('update_online_logout', $update_last_visit);
$update_last_visit = $update_last_visit->save();
}
$this->hook->fire('logout_end');
$this->auth->feather_setcookie(1, Random::hash(uniqid(rand(), true)), time() + 31536000);
Url::redirect($this->feather->urlFor('home'), __('Logout redirect'));
}
public function update_profile($id, $info, $section)
{
$info = $this->hook->fire('update_profile_start', $info, $id, $section);
$username_updated = false;
$section = $this->hook->fire('update_profile_section', $section, $id, $info);
// Validate input depending on section
switch ($section) {
case 'essentials':
$form = array('timezone' => floatval($this->request->post('form_timezone')), 'dst' => $this->request->post('form_dst') ? '1' : '0', 'time_format' => intval($this->request->post('form_time_format')), 'date_format' => intval($this->request->post('form_date_format')));
// Make sure we got a valid language string
if ($this->request->post('form_language')) {
$languages = \FeatherBB\Core\Lister::getLangs();
$form['language'] = Utils::trim($this->request->post('form_language'));
if (!in_array($form['language'], $languages)) {
throw new Error(__('Bad request'), 404);
}
}
if ($this->user->is_admmod) {
$form['admin_note'] = Utils::trim($this->request->post('admin_note'));
// Are we allowed to change usernames?
if ($this->user->g_id == $this->feather->forum_env['FEATHER_ADMIN'] || $this->user->g_moderator == '1' && $this->user->g_mod_rename_users == '1') {
$form['username'] = Utils::trim($this->request->post('req_username'));
if ($form['username'] != $info['old_username']) {
$errors = '';
$errors = $this->check_username($form['username'], $errors, $id);
if (!empty($errors)) {
throw new Error($errors[0]);
}
$username_updated = true;
}
}
// We only allow administrators to update the post count
if ($this->user->g_id == $this->feather->forum_env['FEATHER_ADMIN']) {
$form['num_posts'] = intval($this->request->post('num_posts'));
}
}
if ($this->config['o_regs_verify'] == '0' || $this->user->is_admmod) {
// Validate the email address
$form['email'] = strtolower(Utils::trim($this->request->post('req_email')));
if (!$this->email->is_valid_email($form['email'])) {
throw new Error(__('Invalid email'));
}
}
break;
case 'personal':
$form = array('realname' => $this->request->post('form_realname') ? Utils::trim($this->request->post('form_realname')) : '', 'url' => $this->request->post('form_url') ? Utils::trim($this->request->post('form_url')) : '', 'location' => $this->request->post('form_location') ? Utils::trim($this->request->post('form_location')) : '');
// Add http:// if the URL doesn't contain it already (while allowing https://, too)
if ($this->user->g_post_links == '1') {
if ($form['url'] != '') {
$url = Url::is_valid($form['url']);
if ($url === false) {
throw new Error(__('Invalid website URL'));
}
$form['url'] = $url['url'];
}
} else {
if (!empty($form['url'])) {
throw new Error(__('Website not allowed'));
}
$form['url'] = '';
}
if ($this->user->g_id == $this->feather->forum_env['FEATHER_ADMIN']) {
$form['title'] = Utils::trim($this->request->post('title'));
} elseif ($this->user->g_set_title == '1') {
$form['title'] = Utils::trim($this->request->post('title'));
if ($form['title'] != '') {
// A list of words that the title may not contain
// If the language is English, there will be some duplicates, but it's not the end of the world
$forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower(__('Member')), utf8_strtolower(__('Moderator')), utf8_strtolower(__('Administrator')), utf8_strtolower(__('Banned')), utf8_strtolower(__('Guest')));
if (in_array(utf8_strtolower($form['title']), $forbidden)) {
throw new Error(__('Forbidden title'));
}
}
}
break;
case 'messaging':
$form = array('jabber' => Utils::trim($this->request->post('form_jabber')), 'icq' => Utils::trim($this->request->post('form_icq')), 'msn' => Utils::trim($this->request->post('form_msn')), 'aim' => Utils::trim($this->request->post('form_aim')), 'yahoo' => Utils::trim($this->request->post('form_yahoo')));
// If the ICQ UIN contains anything other than digits it's invalid
if (preg_match('%[^0-9]%', $form['icq'])) {
throw new Error(__('Bad ICQ'));
}
break;
case 'personality':
$form = array();
// Clean up signature from POST
if ($this->config['o_signatures'] == '1') {
$form['signature'] = Utils::linebreaks(Utils::trim($this->request->post('signature')));
// Validate signature
if (Utils::strlen($form['signature']) > $this->config['p_sig_length']) {
throw new Error(sprintf(__('Sig too long'), $this->config['p_sig_length'], Utils::strlen($form['signature']) - $this->config['p_sig_length']));
} elseif (substr_count($form['signature'], "\n") > $this->config['p_sig_lines'] - 1) {
throw new Error(sprintf(__('Sig too many lines'), $this->config['p_sig_lines']));
} elseif ($form['signature'] && $this->config['p_sig_all_caps'] == '0' && Utils::is_all_uppercase($form['signature']) && !$this->user->is_admmod) {
$form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
}
// Validate BBCode syntax
if ($this->config['p_sig_bbcode'] == '1') {
$errors = array();
$form['signature'] = $this->feather->parser->preparse_bbcode($form['signature'], $errors, true);
if (count($errors) > 0) {
throw new Error('<ul><li>' . implode('</li><li>', $errors) . '</li></ul>');
}
}
}
break;
case 'display':
$form = array('disp_topics' => Utils::trim($this->request->post('form_disp_topics')), 'disp_posts' => Utils::trim($this->request->post('form_disp_posts')), 'show_smilies' => $this->request->post('form_show_smilies') ? '1' : '0', 'show_img' => $this->request->post('form_show_img') ? '1' : '0', 'show_img_sig' => $this->request->post('form_show_img_sig') ? '1' : '0', 'show_avatars' => $this->request->post('form_show_avatars') ? '1' : '0', 'show_sig' => $this->request->post('form_show_sig') ? '1' : '0');
if ($form['disp_topics'] != '') {
$form['disp_topics'] = intval($form['disp_topics']);
if ($form['disp_topics'] < 3) {
$form['disp_topics'] = 3;
} elseif ($form['disp_topics'] > 75) {
$form['disp_topics'] = 75;
}
}
if ($form['disp_posts'] != '') {
$form['disp_posts'] = intval($form['disp_posts']);
if ($form['disp_posts'] < 3) {
$form['disp_posts'] = 3;
} elseif ($form['disp_posts'] > 75) {
$form['disp_posts'] = 75;
}
}
// Make sure we got a valid style string
if ($this->request->post('form_style')) {
$styles = \FeatherBB\Core\Lister::getStyles();
$form['style'] = Utils::trim($this->request->post('form_style'));
if (!in_array($form['style'], $styles)) {
throw new Error(__('Bad request'), 404);
}
}
break;
case 'privacy':
$form = array('email_setting' => intval($this->request->post('form_email_setting')), 'notify_with_post' => $this->request->post('form_notify_with_post') ? '1' : '0', 'auto_notify' => $this->request->post('form_auto_notify') ? '1' : '0');
if ($form['email_setting'] < 0 || $form['email_setting'] > 2) {
$form['email_setting'] = $this->config['o_default_email_setting'];
}
break;
default:
throw new Error(__('Bad request'), 404);
}
$form = $this->hook->fire('update_profile_form', $form, $section, $id, $info);
// Single quotes around non-empty values and nothing for empty values
$temp = array();
foreach ($form as $key => $input) {
$temp[$key] = $input;
}
if (empty($temp)) {
throw new Error(__('Bad request'), 404);
}
$update_user = DB::for_table('users')->where('id', $id)->find_one()->set($temp);
$update_user = $this->hook->fireDB('update_profile_query', $update_user);
$update_user = $update_user->save();
// If we changed the username we have to update some stuff
if ($username_updated) {
$bans_updated = DB::for_table('bans')->where('username', $info['old_username']);
$bans_updated = $this->hook->fireDB('update_profile_bans_updated', $bans_updated);
$bans_updated = $bans_updated->update_many('username', $form['username']);
$update_poster_id = DB::for_table('posts')->where('poster_id', $id);
$update_poster_id = $this->hook->fireDB('update_profile_poster_id', $update_poster_id);
$update_poster_id = $update_poster_id->update_many('poster', $form['username']);
$update_posts = DB::for_table('posts')->where('edited_by', $info['old_username']);
$update_posts = $this->hook->fireDB('update_profile_posts', $update_posts);
$update_posts = $update_posts->update_many('edited_by', $form['username']);
$update_topics_poster = DB::for_table('topics')->where('poster', $info['old_username']);
$update_topics_poster = $this->hook->fireDB('update_profile_topics_poster', $update_topics_poster);
$update_topics_poster = $update_topics_poster->update_many('poster', $form['username']);
$update_topics_last_poster = DB::for_table('topics')->where('last_poster', $info['old_username']);
$update_topics_last_poster = $this->hook->fireDB('update_profile_topics_last_poster', $update_topics_last_poster);
$update_topics_last_poster = $update_topics_last_poster->update_many('last_poster', $form['username']);
$update_forums = DB::for_table('forums')->where('last_poster', $info['old_username']);
$update_forums = $this->hook->fireDB('update_profile_forums', $update_forums);
$update_forums = $update_forums->update_many('last_poster', $form['username']);
$update_online = DB::for_table('online')->where('ident', $info['old_username']);
$update_online = $this->hook->fireDB('update_profile_online', $update_online);
$update_online = $update_online->update_many('ident', $form['username']);
// If the user is a moderator or an administrator we have to update the moderator lists
$group_id = DB::for_table('users')->where('id', $id);
// TODO: restore hook
// $group_id = $this->hook->fireDB('update_profile_group_id', $update_online);
$group_id = $group_id->find_one_col('group_id');
$group_mod = DB::for_table('groups')->where('g_id', $group_id);
$group_mod = $this->hook->fireDB('update_profile_group_mod', $group_mod);
$group_mod = $group_mod->find_one_col('g_moderator');
if ($group_id == $this->feather->forum_env['FEATHER_ADMIN'] || $group_mod == '1') {
// Loop through all forums
$result = $this->loop_mod_forums();
foreach ($result as $cur_forum) {
$cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array();
if (in_array($id, $cur_moderators)) {
unset($cur_moderators[$info['old_username']]);
$cur_moderators[$form['username']] = $id;
uksort($cur_moderators, 'utf8_strcasecmp');
$update_mods = DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators));
$update_mods = $this->hook->fireDB('update_profile_mods', $update_mods);
$update_mods = $update_mods->save();
}
}
}
// Regenerate the users info cache
if (!$this->feather->cache->isCached('users_info')) {
$this->feather->cache->store('users_info', Cache::get_users_info());
}
$stats = $this->feather->cache->retrieve('users_info');
// Check if the bans table was updated and regenerate the bans cache when needed
if ($bans_updated) {
$this->feather->cache->store('bans', Cache::get_bans());
}
}
$section = $this->hook->fireDB('update_profile', $section, $id);
Url::redirect($this->feather->urlFor('profileSection', array('id' => $id, 'section' => $section)), __('Profile redirect'));
}
public function prune_comply($prune_from, $prune_sticky)
{
$prune_days = intval($this->request->post('prune_days'));
$prune_days = $this->hook->fire('maintenance.prune_comply.prune_days', $prune_days);
$prune_date = $prune_days ? time() - $prune_days * 86400 : -1;
@set_time_limit(0);
if ($prune_from == 'all') {
$result = DB::for_table('forums')->select('id');
$result = $this->hook->fireDB('maintenance.prune_comply.query', $result);
$result = $result->find_array();
if (!empty($result)) {
foreach ($result as $row) {
$this->prune($row['id'], $prune_sticky, $prune_date);
\FeatherBB\Model\Forum::update($row['id']);
}
}
} else {
$prune_from = intval($prune_from);
$this->prune($prune_from, $prune_sticky, $prune_date);
\FeatherBB\Model\Forum::update($prune_from);
}
// Locate any "orphaned redirect topics" and delete them
$result = DB::for_table('topics')->table_alias('t1')->select('t1.id')->left_outer_join('topics', array('t1.moved_to', '=', 't2.id'), 't2')->where_null('t2.id')->where_not_null('t1.moved_to');
$result = $this->hook->fireDB('maintenance.prune_comply.orphans_query', $result);
$result = $result->find_array();
$orphans = array();
if (!empty($result)) {
foreach ($result as $row) {
$orphans[] = $row['id'];
}
$orphans = $this->hook->fire('maintenance.prune_comply.orphans', $orphans);
DB::for_table('topics')->where_in('id', $orphans)->delete_many();
}
Url::redirect($this->feather->urlFor('adminMaintenance'), __('Posts pruned redirect'));
}
public function dealposts($fid)
{
// Make sure that only admmods allowed access this page
$moderators = $this->model->get_moderators($fid);
$mods_array = $moderators != '' ? unserialize($moderators) : array();
if ($this->user->g_id != $this->feather->forum_env['FEATHER_ADMIN'] && ($this->user->g_moderator == '0' || !array_key_exists($this->user->username, $mods_array))) {
throw new Error(__('No permission'), 403);
}
// Move one or more topics
if ($this->request->post('move_topics') || $this->request->post('move_topics_to')) {
if ($this->request->post('move_topics_to')) {
$this->model->move_topics_to($fid);
}
$topics = $this->request->post('topics') ? $this->request->post('topics') : array();
if (empty($topics)) {
throw new Error(__('No topics selected'), 400);
}
// Check if there are enough forums to move the topic
$this->model->check_move_possible();
$this->feather->template->setPageInfo(array('action' => 'multi', 'title' => array(Utils::escape($this->config['o_board_title']), __('Moderate')), 'active_page' => 'moderate', 'id' => $fid, 'topics' => implode(',', array_map('intval', array_keys($topics))), 'list_forums' => $this->model->get_forum_list_move($fid)))->addTemplate('moderate/move_topics.php')->display();
} elseif ($this->request->post('merge_topics') || $this->request->post('merge_topics_comply')) {
if ($this->request->post('merge_topics_comply')) {
$this->model->merge_topics($fid);
}
$topics = $this->request->post('topics') ? $this->request->post('topics') : array();
if (count($topics) < 2) {
throw new Error(__('Not enough topics selected'), 400);
}
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Moderate')), 'active_page' => 'moderate', 'id' => $fid, 'topics' => $topics))->addTemplate('moderate/merge_topics.php')->display();
} elseif ($this->request->post('delete_topics') || $this->request->post('delete_topics_comply')) {
$topics = $this->request->post('topics') ? $this->request->post('topics') : array();
if (empty($topics)) {
throw new Error(__('No topics selected'), 400);
}
if ($this->request->post('delete_topics_comply')) {
$this->model->delete_topics($topics, $fid);
}
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Moderate')), 'active_page' => 'moderate', 'id' => $fid, 'topics' => $topics))->addTemplate('moderate/delete_topics.php')->display();
} elseif ($this->request->post('open') || $this->request->post('close')) {
$action = $this->request->post('open') ? 0 : 1;
// There could be an array of topic IDs in $_POST
if ($this->request->post('open') || $this->request->post('close')) {
$topics = $this->request->post('topics') ? @array_map('intval', @array_keys($this->request->post('topics'))) : array();
if (empty($topics)) {
throw new Error(__('No topics selected'), 400);
}
$this->model->close_multiple_topics($action, $topics, $fid);
$redirect_msg = $action ? __('Close topics redirect') : __('Open topics redirect');
Url::redirect($this->feather->urlFor('moderateForum', array('id' => $fid)), $redirect_msg);
}
}
}
public function create_db(array $data)
{
Core::init_db($data);
// Load appropriate language
load_textdomain('featherbb', $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $data['default_lang'] . '/install.mo');
// Handle db prefix
$data['db_prefix'] = !empty($data['db_prefix']) ? $data['db_prefix'] : '';
// Create tables
foreach ($this->model->get_database_scheme() as $table => $sql) {
if (!$this->model->create_table($data['db_prefix'] . $table, $sql)) {
// Error handling
$this->errors[] = 'A problem was encountered while creating table ' . $table;
}
}
// Populate group table with default values
foreach ($this->model->load_default_groups() as $group_name => $group_data) {
$this->model->add_data('groups', $group_data);
}
// Populate user table with default values
$this->model->add_data('users', $this->model->load_default_user());
$this->model->add_data('users', $this->model->load_admin_user($data));
// Populate categories, forums, topics, posts
$this->model->add_mock_forum($this->model->load_mock_forum_data($data));
// Store config in DB
$this->model->save_config($this->load_default_config($data));
// Handle .htaccess
if (function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules())) {
$this->write_htaccess();
}
// Install success flash message
$flash = new \Slim\Middleware\Flash();
$flash->set('success', __('Message'));
$flash->save();
// Redirect to homepage
Url::redirect($this->feather->urlFor('home'));
}
public function delete_topics($topics, $fid)
{
$this->hook->fire('delete_topics');
if (@preg_match('%[^0-9,]%', $topics)) {
throw new Error(__('Bad request'), 400);
}
$topics_sql = explode(',', $topics);
// Verify that the topic IDs are valid
$result = DB::for_table('topics')->where_in('id', $topics_sql)->where('forum_id', $fid);
$result = $this->hook->fireDB('delete_topics_verify_id', $result);
$result = $result->find_many();
if (count($result) != substr_count($topics, ',') + 1) {
throw new Error(__('Bad request'), 400);
}
// Verify that the posts are not by admins
if ($this->user->g_id != $this->feather->forum_env['FEATHER_ADMIN']) {
$authorized = DB::for_table('posts')->where_in('topic_id', $topics_sql)->where('poster_id', Utils::get_admin_ids());
$authorized = $this->hook->fireDB('delete_topics_authorized', $authorized);
$authorized = $authorized->find_many();
if ($authorized) {
throw new Error(__('No permission'), 403);
}
}
// Delete the topics
$delete_topics = DB::for_table('topics')->where_in('id', $topics_sql);
$delete_topics = $this->hook->fireDB('delete_topics_query', $delete_topics);
$delete_topics = $delete_topics->delete_many();
// Delete any redirect topics
$delete_redirect_topics = DB::for_table('topics')->where_in('moved_to', $topics_sql);
$delete_redirect_topics = $this->hook->fireDB('delete_topics_redirect', $delete_redirect_topics);
$delete_redirect_topics = $delete_redirect_topics->delete_many();
// Delete any subscriptions
$delete_subscriptions = DB::for_table('topic_subscriptions')->where_in('topic_id', $topics_sql);
$delete_subscriptions = $this->hook->fireDB('delete_topics_subscriptions', $delete_subscriptions);
$delete_subscriptions = $delete_subscriptions->delete_many();
// Create a list of the post IDs in this topic and then strip the search index
$find_ids = DB::for_table('posts')->select('id')->where_in('topic_id', $topics_sql);
$find_ids = $this->hook->fireDB('delete_topics_find_ids', $find_ids);
$find_ids = $find_ids->find_many();
$ids_post = array();
foreach ($find_ids as $id) {
$ids_post[] = $id['id'];
}
$post_ids = implode(', ', $ids_post);
// We have to check that we actually have a list of post IDs since we could be deleting just a redirect topic
if ($post_ids != '') {
$this->search->strip_search_index($post_ids);
}
// Delete posts
$delete_posts = DB::for_table('posts')->where_in('topic_id', $topics_sql);
$delete_posts = $this->hook->fireDB('delete_topics_delete_posts', $delete_posts);
$delete_posts = $delete_posts->delete_many();
Forum::update($fid);
$this->hook->fire('delete_topics');
Url::redirect($this->feather->urlFor('Forum', array('id' => $fid)), __('Delete topics redirect'));
}
public function ban_users()
{
if ($this->request->post('users')) {
$user_ids = is_array($this->request->post('users')) ? array_keys($this->request->post('users')) : explode(',', $this->request->post('users'));
$user_ids = array_map('intval', $user_ids);
// Delete invalid IDs
$user_ids = array_diff($user_ids, array(0, 1));
} else {
$user_ids = array();
}
$user_ids = $this->hook->fire('model.users.ban_users.user_ids', $user_ids);
if (empty($user_ids)) {
throw new Error(__('No users selected'), 404);
}
// Are we trying to ban any admins?
$is_admin = DB::for_table('users')->where_in('id', $user_ids)->where('group_id', $this->feather->forum_env['FEATHER_ADMIN'])->find_one();
if ($is_admin) {
throw new Error(__('No ban admins message'), 403);
}
// Also, we cannot ban moderators
$is_mod = DB::for_table('users')->table_alias('u')->inner_join('groups', array('u.group_id', '=', 'g.g_id'), 'g')->where('g.g_moderator', 1)->where_in('u.id', $user_ids)->find_one();
if ($is_mod) {
throw new Error(__('No ban mods message'), 403);
}
if ($this->request->post('ban_users_comply')) {
$ban_message = Utils::trim($this->request->post('ban_message'));
$ban_expire = Utils::trim($this->request->post('ban_expire'));
$ban_the_ip = $this->request->post('ban_the_ip') ? intval($this->request->post('ban_the_ip')) : 0;
$this->hook->fire('model.users.ban_users.comply', $ban_message, $ban_expire, $ban_the_ip);
if ($ban_expire != '' && $ban_expire != 'Never') {
$ban_expire = strtotime($ban_expire . ' GMT');
if ($ban_expire == -1 || !$ban_expire) {
throw new Error(__('Invalid date message') . ' ' . __('Invalid date reasons'), 400);
}
$diff = ($this->user->timezone + $this->user->dst) * 3600;
$ban_expire -= $diff;
if ($ban_expire <= time()) {
throw new Error(__('Invalid date message') . ' ' . __('Invalid date reasons'), 400);
}
} else {
$ban_expire = 'NULL';
}
$ban_message = $ban_message != '' ? $ban_message : 'NULL';
// Fetch user information
$user_info = array();
$select_fetch_user_information = array('id', 'username', 'email', 'registration_ip');
$result = DB::for_table('users')->select_many($select_fetch_user_information)->where_in('id', $user_ids);
$result = $this->hook->fireDB('model.users.ban_users.user_info_query', $result);
$result = $result->find_many();
foreach ($result as $cur_user) {
$user_info[$cur_user['id']] = array('username' => $cur_user['username'], 'email' => $cur_user['email'], 'ip' => $cur_user['registration_ip']);
}
// Overwrite the registration IP with one from the last post (if it exists)
if ($ban_the_ip != 0) {
$result = DB::for_table('posts')->raw_query('SELECT p.poster_id, p.poster_ip FROM ' . $this->feather->forum_settings['db_prefix'] . 'posts AS p INNER JOIN (SELECT MAX(id) AS id FROM ' . $this->feather->forum_settings['db_prefix'] . 'posts WHERE poster_id IN (' . implode(',', $user_ids) . ') GROUP BY poster_id) AS i ON p.id=i.id')->find_many();
foreach ($result as $cur_address) {
$user_info[$cur_address['poster_id']]['ip'] = $cur_address['poster_ip'];
}
}
$user_info = $this->hook->fire('model.users.ban_users.user_info', $user_info);
// And insert the bans!
foreach ($user_ids as $user_id) {
$ban_username = $user_info[$user_id]['username'];
$ban_email = $user_info[$user_id]['email'];
$ban_ip = $ban_the_ip != 0 ? $user_info[$user_id]['ip'] : 'NULL';
$insert_update_ban = array('username' => $ban_username, 'ip' => $ban_ip, 'email' => $ban_email, 'message' => $ban_message, 'expire' => $ban_expire, 'ban_creator' => $this->user->id);
$insert_update_ban = $this->hook->fire('model.users.ban_users.ban_data', $insert_update_ban);
if ($this->request->post('mode') == 'add') {
$insert_update_ban['ban_creator'] = $this->user->id;
DB::for_table('bans')->create()->set($insert_update_ban)->save();
}
// Regenerate the bans cache
$this->feather->cache->store('bans', Cache::get_bans());
Url::redirect($this->feather->urlFor('adminUsers'), __('Users banned redirect'));
}
}
return $user_ids;
}
public function folders()
{
$errors = array();
if ($this->request->post('add_folder')) {
$folder = $this->request->post('req_folder') ? Utils::trim(Utils::escape($this->request->post('req_folder'))) : '';
if ($folder == '') {
$errors[] = __('No folder name', 'private_messages');
} else {
if (Utils::strlen($folder) < 4) {
$errors[] = __('Folder too short', 'private_messages');
} else {
if (Utils::strlen($folder) > 30) {
$errors[] = __('Folder too long', 'private_messages');
} else {
if ($this->feather->forum_settings['o_censoring'] == '1' && Utils::censor($folder) == '') {
$errors[] = __('No folder after censoring', 'private_messages');
}
}
}
}
// TODO: Check perms when ready
// $data = array(
// ':uid' => $panther_user['id'],
// );
//
// if ($panther_user['g_pm_folder_limit'] != 0)
// {
// $ps = $db->select('folders', 'COUNT(id)', $data, 'user_id=:uid');
// $num_folders = $ps->fetchColumn();
//
// if ($num_folders >= $panther_user['g_pm_folder_limit'])
// $errors[] = sprintf($lang_pm['Folder limit'], $panther_user['g_pm_folder_limit']);
// }
if (empty($errors)) {
$insert = array('user_id' => $this->feather->user->id, 'name' => $folder);
$this->model->addFolder($insert);
Url::redirect($this->feather->urlFor('Conversations.folders'), __('Folder added', 'private_messages'));
}
} else {
if ($this->request->post('update_folder')) {
$id = intval(key($this->request->post('update_folder')));
var_dump($id);
$errors = array();
$folder = Utils::trim($this->request->post('folder')[$id]);
if ($folder == '') {
$errors[] = __('No folder name', 'private_messages');
} else {
if (Utils::strlen($folder) < 4) {
$errors[] = __('Folder too short', 'private_messages');
} else {
if (Utils::strlen($folder) > 30) {
$errors[] = __('Folder too long', 'private_messages');
} else {
if ($this->feather->forum_settings['o_censoring'] == '1' && Utils::censor($folder) == '') {
$errors[] = __('No folder after censoring', 'private_messages');
}
}
}
}
if (empty($errors)) {
$update = array('name' => $folder);
if ($this->model->updateFolder($this->feather->user->id, $id, $update)) {
Url::redirect($this->feather->urlFor('Conversations.folders'), __('Folder updated', 'private_messages'));
} else {
throw new Error(__('Error'), 403);
}
}
} else {
if ($this->request->post('remove_folder')) {
$id = intval(key($this->request->post('remove_folder')));
// Before we do anything, check we blocked this user
if (!$this->model->checkFolderOwner($id, intval($this->feather->user->id))) {
throw new Error(__('No permission'), 403);
}
if ($this->model->removeFolder($this->feather->user->id, $id)) {
Url::redirect($this->feather->urlFor('Conversations.folders'), __('Folder removed', 'private_messages'));
} else {
throw new Error(__('Error'), 403);
}
}
}
}
Utils::generateBreadcrumbs(array($this->feather->urlFor('Conversations.home') => __('PMS', 'private_messages'), __('Options'), __('My Folders', 'private_messages')));
$this->generateMenu('folders');
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->feather->config['o_board_title']), __('PMS', 'private_messages'), __('Blocked Users', 'private_messages')), 'admin_console' => true, 'errors' => $errors))->addTemplate('folders.php')->display();
}
public function edit_positions()
{
foreach ($this->request->post('position') as $forum_id => $position) {
$position = (int) Utils::trim($position);
$this->model->update_positions($forum_id, $position);
}
// Regenerate the quick jump cache
$this->feather->cache->store('quickjump', Cache::get_quickjump());
Url::redirect($this->feather->urlFor('adminForums'), __('Forums updated redirect'));
}
