// end new mode array_unshift($Y_N, 'Select one...'); $renderer->assign('show_options', $Y_N); $renderer->assign('permissions', $CHECKBOXES); $renderer->assign('permission_defaults', $CHECKBOX_DEFAULTS); $renderer->assign('group', $GROUP); if ($group != null) { $renderer->display('admin/permissions/edit.tpl'); } else { $renderer->display('admin/permissions/new.tpl'); } break; // end default // end default case 'save': $GROUP = array('name' => trim(stripinput($_POST['group']['name'])), 'description' => trim(clean_xhtml($_POST['group']['descr'], false)), 'order_by' => trim(stripinput($_POST['group']['order_by'])), 'show' => trim(stripinput($_POST['group']['show']))); // If the group could not be loaded, start making a new one. if ($group == null) { $group = new StaffGroup($db); } if ($GROUP['name'] == null) { $ERRORS[] = 'No name specified.'; } elseif (strlen($GROUP['name']) > 50) { $ERRORS[] = 'There is a maxlength=50 on that field for a reason.'; } if ($GROUP['description'] == null) { $ERRORS[] = 'No description specified.'; } if (in_array($GROUP['show'], array_keys($Y_N)) == false) { $ERRORS[] = 'Invalid option for show on staff list specified.'; }
* * You should have received a copy of the GNU General * Public License along with 'Kitto_Kitto_Kitto'; if not, * write to the Free Software Foundation, Inc., 51 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA * * @author Nicholas 'Owl' Evans <*****@*****.**> * @copyright Nicolas Evans, 2007 * @license http://www.gnu.org/licenses/gpl-3.0.txt GPLv3 * @package Kitto_Kitto_Kitto * @subpackage Messages * @version 1.0.0 **/ $ERRORS = array(); $TO = $_POST['to']; $MESSAGE = array('title' => stripinput($_POST['message']['title']), 'body' => clean_xhtml($_POST['message']['body'])); // Clean TO up. $CLEAN_TO = array(); $USERS = array(); // for doing notifies with foreach ($TO as $key => $recipient) { $recipient = stripinput(trim($recipient)); if ($recipient != null) { $user = new User($db); $user = $user->findOneByUserName($recipient); if ($user != null) { $USERS[$user->getUserId()] = $user; $CLEAN_TO[$user->getUserId()] = $user->getUserName(); } else { $ERRORS[] = "The user <strong>{$recipient}</strong> does not exist."; }
draw_errors($ERRORS); } else { switch ($_REQUEST['state']) { default: $BOARD = array('category' => $board->getCategoryName(), 'id' => $board->getBoardId(), 'name' => $board->getBoardName()); $THREAD = array('id' => $thread->getBoardThreadId(), 'name' => $thread->getThreadName(), 'sticky' => $thread->getStickied()); $renderer->assign('board', $BOARD); $renderer->assign('thread', $THREAD); $renderer->assign('page', $page); $renderer->assign('post_id', $post->getBoardThreadPostId()); $renderer->assign('text', $post->getPostText()); $renderer->display('boards/edit_post.tpl'); break; // end default // end default case 'save': $html = trim(clean_xhtml($_POST['post_text'])); if ($html == null) { draw_errors('You cannot blank the message out.'); } else { $post->setPostText($html); $post->save(); $_SESSION['board_notice'] = 'You have edited the post.'; redirect(null, null, "threads/{$thread->getBoardShortName()}/{$thread->getBoardThreadId()}/{$page}#p{$post->getBoardThreadPostId()}"); } break; // end save } // end state switch } // end no errors
if ($specie != null) { $SPECIE = array('id' => $specie->getPetSpecieId(), 'name' => $specie->getSpecieName(), 'description' => $specie->getSpecieDescr(), 'image_dir' => $specie->getRelativeImageDir(), 'available' => $specie->getAvailable(), 'max_hunger' => $specie->getMaxHunger(), 'max_happiness' => $specie->getMaxHappiness()); } // end edit mode $renderer->assign('specie', $SPECIE); $renderer->assign('available_options', array('' => 'Select one...', 'N' => 'No', 'Y' => 'Yes')); if ($specie != null) { $renderer->display('admin/pets/species/edit.tpl'); } else { $renderer->display('admin/pets/species/new.tpl'); } break; // end default // end default case 'save': $SPECIE = array('name' => trim(stripinput($_POST['specie']['name'])), 'description' => trim(clean_xhtml($_POST['specie']['descr'])), 'image_dir' => trim(stripinput($_POST['specie']['image_dir'])), 'hunger' => trim(stripinput($_POST['specie']['hunger'])), 'happiness' => trim(stripinput($_POST['specie']['happiness'])), 'available' => trim(stripinput($_POST['specie']['available']))); // If the group could not be loaded, start making a new one. if ($specie == null) { $specie = new PetSpecie($db); } if ($SPECIE['name'] == null) { $ERRORS[] = 'No name specified.'; } elseif (strlen($SPECIE['name']) > 50) { $ERRORS[] = 'There is a maxlength=50 on that field for a reason.'; } if ($SPECIE['image_dir'] == null) { $ERRORS[] = 'No image directory specified.'; } elseif (strlen($SPECIE['image_dir']) > 200) { $ERRORS[] = 'There is a maxlength=200 on that field for a reason.'; } if ($SPECIE['hunger'] <= 0) {
} $User->setEmail($PASSWORD['email']); $User->save(); // Refresh the cookie with the new password. $User->logout(); $User->login(); $_SESSION['pref_notice'] = 'Your settings have been updated.'; redirect('preferences'); } // end no errors break; // end save account // end save account case 'save_preferences': $ERRORS = array(); $USER = array('profile' => clean_xhtml($_POST['user']['profile']), 'signature' => clean_xhtml($_POST['user']['signature']), 'avatar_image' => stripinput($_POST['user']['avatar']), 'datetime_format' => stripinput($_POST['user']['datetime_format']), 'timezone' => stripinput($_POST['user']['timezone']), 'show_online_status' => stripinput($_POST['user']['show_online_status']), 'default_post_as' => stripinput($_POST['user']['default_post_as'])); if ($USER['avatar_image'] == null) { $avatar_id = 0; } else { $avatar = new Avatar($db); $avatar = $avatar->findOneByAvatarImage($USER['avatar_image']); if ($avatar == null) { $ERRORS[] = 'Invalid avatar specified.'; } else { $avatar_id = $avatar->getAvatarId(); } } // end avatar specified $datetime_format = new DatetimeFormat($db); $datetime_format = $datetime_format->findOneByDatetimeFormatId($USER['datetime_format']); if ($datetime_format == null) {
default: $BOARD_DATA = array('category' => $board->getCategoryName(), 'id' => $board->getBoardId(), 'name' => $board->getBoardName()); // POSTback from a failed attempt to post. if (is_array($_REQUEST['error']) == true) { $POST = array('title' => stripinput($_REQUEST['error']['title']), 'body' => clean_xhtml($_REQUEST['error']['body'])); $renderer->assign('post', $POST); } // end handle postback errors $renderer->assign('board', $BOARD_DATA); $renderer->display('boards/new_thread.tpl'); break; // end default // end default case 'post': $title = stripinput(trim($_POST['post']['title'])); $text = clean_xhtml(trim($_POST['post']['text'])); if ($title == null) { $ERRORS[] = 'You must specify a title.'; } elseif (strlen($title) > 60) { $ERRORS[] = 'There is a maxlength=60 on that field for a reason.'; } if ($text == null) { $ERRORS[] = 'No message specified. It is possible that your HTML was so badly mal-formed that it was dropped by the HTML filter.'; } if (strtotime($User->getDatetimeLastPost()) + $APP_CONFIG['post_interval'] > time()) { $text = secondsToMinutes($APP_CONFIG['post_interval']); $ERRORS[] = "You may only post once every {$text}."; } // end user posted too quickly if (sizeof($ERRORS) > 0) { draw_errors($ERRORS);
* * You should have received a copy of the GNU General * Public License along with 'Kitto_Kitto_Kitto'; if not, * write to the Free Software Foundation, Inc., 51 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA * * @author Nicholas 'Owl' Evans <*****@*****.**> * @copyright Nicolas Evans, 2007 * @license http://www.gnu.org/licenses/gpl-3.0.txt GPLv3 * @package Kitto_Kitto_Kitto * @subpackage Board * @version 1.0.0 **/ $ERRORS = array(); $thread_id = $_REQUEST['thread_id']; $post_text = trim(clean_xhtml($_REQUEST['post']['text'])); if (strtotime($User->getDatetimeLastPost()) + $APP_CONFIG['post_interval'] > time()) { $text = secondsToMinutes($APP_CONFIG['post_interval']); $ERRORS[] = "You may only post once every {$text}."; } // end user posted too quickly if ($post_text == null) { $ERRORS[] = 'No message specified. It is possible that your HTML was so badly mal-formed that it was dropped by the HTML filter.'; } $thread = new BoardThread($db); $thread = $thread->findOneByBoardThreadId($thread_id); if ($thread == null) { $ERRORS[] = 'Thread does not exist.'; } else { if ($thread->getLocked() != 'N') { $ERRORS[] = 'That thread is locked.';
continue; } // end item specific $ITEM[$field['name']] = $item->get($field['name']); } // end extra field loop $YN = array_merge(array('' => 'Select one...'), $YN); $renderer->assign('yes_no', $YN); $renderer->assign('extra_fields', $fields); $renderer->assign('item', $ITEM); $renderer->display('admin/items/edit.tpl'); break; // end default // end default case 'save': $ITEM = array('name' => trim(stripinput($_POST['item']['name'])), 'image' => trim(stripinput($_POST['item']['image'])), 'description' => trim(clean_xhtml($_POST['item']['description'], false)), 'transferable' => $_POST['item_transferable'], 'unique' => $_POST['item_unique']); // Load the data for extra, item-specific fields. $EXTRA = array(); $fields = $item->listAttributes(); foreach ($fields as $field) { $EXTRA[$field['name']] = trim(stripinput($_POST['extra'][$field['name']])); // If it's a select, make sure the ID is valid. These are // usually used for picking an option from another table, so // the item could break if this is crap... if ($field['type'] == 'select') { if (in_array($EXTRA[$field['name']], array_keys($field['values'])) == false) { $ERRORS[] = "Invalid option specified for {$field['label']}."; } } // end validate select }
$ERRORS[] = 'That is not your pet.'; } } // end pet found if (sizeof($ERRORS) > 0) { draw_errors($ERRORS); } else { switch ($_POST['state']) { default: $PET = array('id' => $pet->getUserPetId(), 'name' => $pet->getPetName(), 'profile' => $pet->getProfile()); if ($_SESSION['pet_notice'] != null) { $renderer->assign('notice', $_SESSION['pet_notice']); unset($_SESSION['pet_notice']); } $renderer->assign('pet', $PET); $renderer->display('pets/edit_profile.tpl'); break; // end default // end default case 'save': $profile = clean_xhtml($_POST['pet']['profile']); $pet->setProfile($profile); $pet->save(); $_SESSION['pet_notice'] = "You have updated the profile of <strong>{$pet->getPetName()}</strong>."; redirect(null, null, "edit-pet/{$pet->getUserPetId()}"); break; // end save } // end state switch } // end no errors
} // end group reformatter array_unshift($STATUSES, 'Select one...'); if ($_SESSION['user_notice'] != null) { $renderer->assign('notice', $_SESSION['user_notice']); unset($_SESSION['user_notice']); } $renderer->assign('user_info', $USER); $renderer->assign('groups', $ALL_GROUPS); $renderer->assign('statuses', $STATUSES); $renderer->display('admin/user/edit.tpl'); break; // end default // end default case 'save': $USER = array('id' => $user->getUserId(), 'status' => stripinput(trim($_POST['user']['status'])), 'title' => stripinput(trim($_POST['user']['title'])), 'profile' => clean_xhtml(trim($_POST['user']['profile'])), 'signature' => clean_xhtml(trim($_POST['user']['signature'])), 'groups' => $_POST['user']['groups']); if (in_array($USER['status'], $STATUSES) == false) { $ERRORS[] = 'Invalid user status.'; } if ($USER['title'] == null) { $ERRORS[] = 'Title must be specified.'; } elseif (strlen($USER['title']) > 20) { $ERRORS[] = 'There is a maxlength=20 on that field for a reason.'; } $user->setAccessLevel($USER['status']); $user->setUserTitle($USER['title']); $user->setProfile($USER['profile']); $user->setSignature($USER['signature']); $user->save(); $user->updateGroups($USER['groups']); $_SESSION['user_notice'] = 'Your changes have been saved.';