function pCheckAddress($sAddress, $sMailserver)
{
if (!is_valid_email_address($sAddress)) {
return CA_ERROR_ADDRESS_INVALID;
}
$fp = @fsockopen($sMailserver, 25, $errno, $errstr, $this->nConnectTimeout);
if (!$fp) {
return CA_ERROR_CONNECT;
}
$sResp = $this->send_command($fp, "HELO " . $this->sHostname);
$sCode = $this->extract_return_code($sResp);
if ($sCode != '220') {
$this->close($fp);
return CA_ERROR_UNKOWN;
}
$sResp = $this->send_command($fp, "MAIL FROM: <" . $this->sFrom . ">");
$sCode = $this->extract_return_code($sResp);
if ($sCode != '250') {
$this->close($fp);
return CA_ERROR_UNKOWN;
}
$sResp = $this->send_command($fp, "RCPT TO: <" . $sAddress . ">");
$sCode = $this->extract_return_code($sResp);
if (strlen($sCode) == 3 && substr($sCode, 0, 1) == '4') {
$this->close($fp);
return CA_ERROR_TEMPORARY;
} else {
if ($sCode == '553' && $sCode == '550') {
$this->close($fp);
return CA_ERROR_USER_UNKOWN;
} else {
if ($sCode == '250') {
$this->close($fp);
return CA_OK;
}
}
}
$this->close($fp);
return CA_ERROR_UNKOWN;
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
require_lang('newsletter');
require_lang('javascript');
$newsletter_id = array_key_exists('param', $map) ? intval($map['param']) : db_get_first_id();
$_newsletter_title = $GLOBALS['SITE_DB']->query_value_null_ok('newsletters', 'title', array('id' => $newsletter_id));
if (is_null($_newsletter_title)) {
return paragraph(do_lang_tempcode('MISSING_RESOURCE'));
}
$newsletter_title = get_translated_text($_newsletter_title);
$address = post_param('address' . strval($newsletter_id), '');
if ($address != '') {
require_code('newsletter');
require_code('type_validation');
if (!is_valid_email_address($address)) {
$msg = do_template('INLINE_WIP_MESSAGE', array('MESSAGE' => do_lang_tempcode('INVALID_EMAIL_ADDRESS')));
return do_template('BLOCK_MAIN_NEWSLETTER_SIGNUP', array('URL' => get_self_url(), 'MSG' => $msg));
}
if (!array_key_exists('path', $map)) {
$map['path'] = 'uploads/website_specific/signup.txt';
}
require_code('character_sets');
$password = basic_newsletter_join($address, 4, NULL, !file_exists(get_custom_file_base() . '/' . $map['path']), $newsletter_id, post_param('firstname' . strval($newsletter_id), ''), post_param('lastname' . strval($newsletter_id), ''));
if ($password == '') {
return do_template('INLINE_WIP_MESSAGE', array('MESSAGE' => do_lang_tempcode('NEWSLETTER_THIS_ALSO')));
}
if ($password == do_lang('NA')) {
$manage_url = build_url(array('page' => 'newsletter', 'email' => $address), get_module_zone('newsletter'));
return do_template('INLINE_WIP_MESSAGE', array('MESSAGE' => do_lang_tempcode('ALREADY_EMAIL_ADDRESS', escape_html($manage_url->evaluate()))));
}
require_code('mail');
if (file_exists(get_custom_file_base() . '/' . $map['path'])) {
$url = (url_is_local($map['path']) ? get_custom_base_url() . '/' : '') . $map['path'];
mail_wrap(array_key_exists('subject', $map) ? $map['subject'] : do_lang('WELCOME'), convert_to_internal_encoding(http_download_file($url)), array($address), array_key_exists('to', $map) ? $map['to'] : '', '', '', 3, NULL, false, NULL, true);
}
return do_template('BLOCK_MAIN_NEWSLETTER_SIGNUP_DONE', array('_GUID' => '9953c83685df4970de8f23fcd5dd15bb', 'NEWSLETTER_TITLE' => $newsletter_title, 'NID' => strval($newsletter_id), 'PASSWORD' => $password));
} else {
return do_template('BLOCK_MAIN_NEWSLETTER_SIGNUP', array('NEWSLETTER_TITLE' => $newsletter_title, 'NID' => strval($newsletter_id), 'URL' => get_self_url()));
}
}
public function checkEmail($email)
{
if(!$email) {
$this->errors = 'Email is required<br/>';
return false;
}
if(!is_valid_email_address($email)) {
$this->errors = 'Incorrect email<br/>';
return false;
}
if($this->isEmailExists($email)) {
$this->errors = 'This is email is already exists<br/>';
return false;
}
return true;
}
//Preprocessing
if ($error == false) {
//set here the template to process
$tplname = 'activation';
//load language specific variables
require_once $stylepath . '/' . $tplname . '.inc.php';
$email = isset($_REQUEST['email']) ? $_REQUEST['email'] : '';
$code = isset($_REQUEST['code']) ? $_REQUEST['code'] : '';
tpl_set_var('email', htmlspecialchars($email, ENT_COMPAT, 'UTF-8'));
tpl_set_var('code', htmlspecialchars($code, ENT_COMPAT, 'UTF-8'));
tpl_set_var('message_start', '<!--');
tpl_set_var('message_end', '-->');
tpl_set_var('message', '');
tpl_set_var('email_message', '');
if (isset($_REQUEST['submit'])) {
$email_not_ok = is_valid_email_address($email) ? false : true;
if ($email_not_ok == true) {
tpl_set_var('email_message', $message_email_notok);
} else {
$rs = sql("SELECT `user_id` `id`, `activation_code` `code` FROM `user` WHERE `email`='&1'", $email);
if ($r = sql_fetch_array($rs)) {
if ($r['code'] == $code && $code != '') {
// ok, account aktivieren
sql("UPDATE `user` SET `is_active_flag`=1, `activation_code`='' WHERE `user_id`='&1'", $r['id']);
$tplname = 'activation_confirm';
} else {
tpl_set_var('message_start', '');
tpl_set_var('message_end', '');
tpl_set_var('message', $message_no_success);
}
} else {
#
# run the tests
#
$totals = array(
'all' => 0,
'public' => 0,
'strict' => 0,
);
foreach ($tests as $k => $v){
$tests[$k]['expected'] = $v['valid'] ? 1 : 0;
$tests[$k]['result_public'] = is_valid_email_address($v['address']) ? 1 : 0;
$tests[$k]['result_strict'] = is_valid_email_address($v['address'], array('public_internet' => false)) ? 1 : 0;
$totals['all']++;
$totals['public'] += ($tests[$k]['result_public'] == $tests[$k]['expected']) ? 1 : 0;
$totals['strict'] += ($tests[$k]['result_strict'] == $tests[$k]['expected']) ? 1 : 0;
}
function is_valid($x){
return $x ? 'Valid' : 'Invalid';
}
function show_escapes($s){
return str_replace(array("\r","\n"," ","\0"), array("&#13;","&#10;"," ","&#0;"), $s);
}
?>
/**
* Type-check the specified parameter (giving an error if the type checking fails) [just value against type]
*
* @param ID_TEXT The parameter type
* @param string The functions name (used in error message)
* @param string The parameter name (used in error message)
* @param mixed The parameters value (cannot be null)
* @param boolean Whether we just echo errors instead of exiting
*/
function test_fail_php_type_check($type, $function_name, $name, $value, $echo = false)
{
$null_allowed = $type[0] == '?';
$false_allowed = $type[0] == '~';
$_type = $null_allowed || $false_allowed ? substr($type, 1) : $type;
if ($value === false && !$false_allowed && !in_array($_type, array('mixed', 'boolean'))) {
fatal_exit(do_lang_tempcode('UNALLOWED_NULL', escape_html($name), escape_html($function_name), array('false')));
}
if (is_null($value) && !$null_allowed) {
fatal_exit(do_lang_tempcode('UNALLOWED_NULL', escape_html($name), escape_html($function_name), array('NULL')));
}
if ($_type == 'mixed') {
return;
}
switch ($_type) {
case 'integer':
if (!is_integer($value) && (!is_float($value) || strval(intval(round($value))) != strval($value))) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'UINTEGER':
if (!is_integer($value) && (!is_float($value) || strval(intval(round($value))) != strval($value)) || $value < 0) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'resource':
if (!is_resource($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'object':
if (!is_object($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'tempcode':
if (!is_object($value) || !is_a($value, 'ocp_tempcode')) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'REAL':
case 'float':
if (!is_float($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'boolean':
if (!is_bool($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'list':
if (!is_array($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'map':
if (!is_array($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'array':
if (!is_array($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'string':
if (!is_string($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'PATH':
if (!is_string($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'MD5':
if (!is_string($value) || strlen($value) > 33) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'EMAIL':
if (!is_string($value) || is_valid_email_address($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'URLPATH':
if (!is_string($value) || strlen($value) > 127) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'LONG_TEXT':
if (!is_string($value)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'MINIID_TEXT':
if (!is_string($value) || strlen($value) > 40) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'ID_TEXT':
if (!is_string($value) || strlen($value) > 80) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'LANGUAGE_NAME':
global $LANG_TD_MAP;
if (is_null($LANG_TD_MAP)) {
$LANG_TD_MAP = better_parse_ini_file(get_file_base() . '/lang/langs.ini');
}
if (!is_string($value) || !array_key_exists($value, $LANG_TD_MAP)) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'IP':
if (!is_string($value) || strlen($value) > 40 || strlen($value) < 7 && $value != '' || count(explode('.', $value)) != 4 && $value != '' && count(explode(':', $value)) < 3) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'SHORT_TEXT':
if (!is_string($value) || strlen($value) > 255) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'SHORT_INTEGER':
if (!is_integer($value) || $value > 255 || $value < 0) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'AUTO_LINK':
if (!is_integer($value) || $value < -1) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
// -1 means something different to NULL
break;
case 'BINARY':
if (!is_integer($value) || $value != 0 && $value != 1) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'MEMBER':
if (!is_integer($value) || $value < $GLOBALS['FORUM_DRIVER']->get_guest_id()) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
case 'TIME':
if (!is_integer($value) || $value > time() + 500000000 || $value < 1000) {
_fail_php_type_check($type, $function_name, $name, $value, $echo);
}
break;
}
}
static function get_by_email($email)
{
$email = trim(strtolower($email));
if (!is_valid_email_address($email)) {
return false;
}
$db = Get::db('songwork');
$db->query("SELECT * FROM persons WHERE LOWER(email)='" . $db->escape($email) . "' LIMIT 1");
return $db->num_rows() == 0 ? false : new Person($db->next_record());
}
/**
* Test email based on RFC 822/2822/5322 Email Parser
* @copyright Cal Henderson <*****@*****.**>
*
* @param string email address
* @return bool
*/
function is_valid_email($email, $options = array())
{
// IDN conversion
$email = idn_encode($email);
// wrapped by default function as used since long time in phpwcms
return is_valid_email_address($email, $options);
}
/**
* Add a member.
*
* @param SHORT_TEXT The username.
* @param SHORT_TEXT The password.
* @param SHORT_TEXT The e-mail address.
* @param ?array A list of usergroups (NULL: default/current usergroups).
* @param ?integer Day of date of birth (NULL: unknown).
* @param ?integer Month of date of birth (NULL: unknown).
* @param ?integer Year of date of birth (NULL: unknown).
* @param array A map of custom field values (field-id=>value).
* @param ?ID_TEXT The member timezone (NULL: auto-detect).
* @param ?GROUP The member's primary (NULL: default).
* @param BINARY Whether the profile has been validated.
* @param ?TIME When the member joined (NULL: now).
* @param ?TIME When the member last visited (NULL: now).
* @param ID_TEXT The member's default theme.
* @param ?URLPATH The URL to the member's avatar (blank: none) (NULL: choose one automatically).
* @param LONG_TEXT The member's signature (blank: none).
* @param BINARY Whether the member is permanently banned.
* @param BINARY Whether posts are previewed before they are made.
* @param BINARY Whether the member's age may be shown.
* @param SHORT_TEXT The member's title (blank: get from primary).
* @param URLPATH The URL to the member's photo (blank: none).
* @param URLPATH The URL to the member's photo thumbnail (blank: none).
* @param BINARY Whether the member sees signatures in posts.
* @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to (NULL: get default from config).
* @param ?LANGUAGE_NAME The member's language (NULL: auto detect).
* @param BINARY Whether the member allows e-mails via the site.
* @param BINARY Whether the member allows e-mails from staff via the site.
* @param LONG_TEXT Personal notes of the member.
* @param ?IP The member's IP address (NULL: IP address of current user).
* @param SHORT_TEXT The code required before the account becomes active (blank: already entered).
* @param boolean Whether to check details for correctness.
* @param ?ID_TEXT The compatibility scheme that the password operates in (blank: none) (NULL: none [meaning normal ocPortal salted style] or plain, depending on whether passwords are encrypted).
* @param SHORT_TEXT The password salt (blank: password compatibility scheme does not use a salt / auto-generate).
* @param BINARY Whether the member likes to view zones without menus, when a choice is available.
* @param ?TIME The time the member last made a submission (NULL: set to now).
* @param ?AUTO_LINK Force an ID (NULL: don't force an ID)
* @param BINARY Whether the member username will be highlighted.
* @param SHORT_TEXT Usergroups that may PT the member.
* @param LONG_TEXT Rules that other members must agree to before they may start a PT with the member.
* @return AUTO_LINK The ID of the new member.
*/
function ocf_make_member($username, $password, $email_address, $secondary_groups, $dob_day, $dob_month, $dob_year, $custom_fields, $timezone = NULL, $primary_group = NULL, $validated = 1, $join_time = NULL, $last_visit_time = NULL, $theme = '', $avatar_url = NULL, $signature = '', $is_perm_banned = 0, $preview_posts = 0, $reveal_age = 1, $title = '', $photo_url = '', $photo_thumb_url = '', $views_signatures = 1, $auto_monitor_contrib_content = NULL, $language = NULL, $allow_emails = 1, $allow_emails_from_staff = 1, $personal_notes = '', $ip_address = NULL, $validated_email_confirm_code = '', $check_correctness = true, $password_compatibility_scheme = NULL, $salt = '', $zone_wide = 1, $last_submit_time = NULL, $id = NULL, $highlighted_name = 0, $pt_allow = '*', $pt_rules_text = '')
{
if (is_null($auto_monitor_contrib_content)) {
$auto_monitor_contrib_content = get_value('no_auto_notifications') === '1' ? 0 : 1;
}
if (is_null($password_compatibility_scheme)) {
if (get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
} else {
$password_compatibility_scheme = '';
}
}
if (is_null($language)) {
$language = '';
}
if (is_null($signature)) {
$signature = '';
}
if (is_null($title)) {
$title = '';
}
if (is_null($timezone)) {
$timezone = get_site_timezone();
}
if (is_null($allow_emails)) {
$allow_emails = 1;
}
if (is_null($allow_emails_from_staff)) {
$allow_emails_from_staff = 1;
}
if (is_null($personal_notes)) {
$personal_notes = '';
}
if (is_null($avatar_url)) {
if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 1 || !addon_installed('ocf_member_avatars')) {
$avatar_url = '';
} else {
if (get_option('random_avatars') == '1' && !running_script('stress_test_loader')) {
require_code('themes2');
$codes = get_all_image_ids_type('ocf_default_avatars/default_set', false, $GLOBALS['FORUM_DB']);
shuffle($codes);
$results = array();
foreach ($codes as $code) {
if (strpos($code, 'ocp_fanatic') !== false) {
continue;
}
$count = $GLOBALS['FORUM_DB']->query_value_null_ok_full('SELECT SUM(m_cache_num_posts) FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_avatar_url', find_theme_image($code, false, true)));
if (is_null($count)) {
$count = 0;
}
$results[$code] = $count;
}
@asort($results);
// @'d as type checker fails for some odd reason
$found_avatars = array_keys($results);
$avatar_url = find_theme_image(array_shift($found_avatars), true, true);
}
if (is_null($avatar_url)) {
$GLOBALS['SITE_DB']->query_delete('theme_images', array('id' => 'ocf_default_avatars/default', 'path' => ''));
// In case failure cached, gets very confusing
$avatar_url = find_theme_image('ocf_default_avatars/default', true, true);
if (is_null($avatar_url)) {
$avatar_url = '';
}
}
}
}
if ($check_correctness) {
if (!in_array($password_compatibility_scheme, array('ldap', 'httpauth'))) {
ocf_check_name_valid($username, NULL, $password_compatibility_scheme == '' ? $password : NULL);
}
if (!function_exists('has_actual_page_access') || !has_actual_page_access(get_member(), 'admin_ocf_join')) {
require_code('type_validation');
if (!is_valid_email_address($email_address) && $email_address != '') {
warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address)));
}
}
}
require_code('ocf_members');
require_code('ocf_groups');
if (is_null($last_submit_time)) {
$last_submit_time = time();
}
if (is_null($join_time)) {
$join_time = time();
}
if (is_null($last_visit_time)) {
$last_visit_time = time();
}
if (is_null($primary_group)) {
$primary_group = get_first_default_group();
// This is members
}
if (is_null($secondary_groups)) {
$secondary_groups = ocf_get_all_default_groups(false);
}
foreach ($secondary_groups as $_g_id => $g_id) {
if ($g_id == $primary_group) {
unset($secondary_groups[$_g_id]);
}
}
if (is_null($ip_address)) {
$ip_address = get_ip_address();
}
if ($password_compatibility_scheme == '' && get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
$salt = '';
}
if ($salt == '' && $password_compatibility_scheme == '') {
$salt = produce_salt();
$password_salted = md5($salt . md5($password));
} else {
$password_salted = $password;
}
// Supplement custom field values given with defaults, and check constraints
$all_fields = list_to_map('id', ocf_get_all_custom_fields_match($secondary_groups));
require_code('fields');
foreach ($all_fields as $field) {
$field_id = $field['id'];
if (array_key_exists($field_id, $custom_fields)) {
if ($check_correctness && $field[array_key_exists('cf_show_on_join_form', $field) ? 'cf_show_on_join_form' : 'cf_required'] == 0 && $field['cf_owner_set'] == 0 && !has_actual_page_access(get_member(), 'admin_ocf_join')) {
access_denied('I_ERROR');
}
} else {
$custom_fields[$field_id] = '';
}
}
if (!addon_installed('unvalidated')) {
$validated = 1;
}
$map = array('m_username' => $username, 'm_pass_hash_salted' => $password_salted, 'm_pass_salt' => $salt, 'm_theme' => $theme, 'm_avatar_url' => $avatar_url, 'm_validated' => $validated, 'm_validated_email_confirm_code' => $validated_email_confirm_code, 'm_cache_num_posts' => 0, 'm_cache_warnings' => 0, 'm_max_email_attach_size_mb' => 5, 'm_join_time' => $join_time, 'm_timezone_offset' => $timezone, 'm_primary_group' => $primary_group, 'm_last_visit_time' => $last_visit_time, 'm_last_submit_time' => $last_submit_time, 'm_signature' => insert_lang_comcode($signature, 4, $GLOBALS['FORUM_DB']), 'm_is_perm_banned' => $is_perm_banned, 'm_preview_posts' => $preview_posts, 'm_notes' => $personal_notes, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year, 'm_reveal_age' => $reveal_age, 'm_email_address' => $email_address, 'm_title' => $title, 'm_photo_url' => $photo_url, 'm_photo_thumb_url' => $photo_thumb_url, 'm_views_signatures' => $views_signatures, 'm_auto_monitor_contrib_content' => $auto_monitor_contrib_content, 'm_highlighted_name' => $highlighted_name, 'm_pt_allow' => $pt_allow, 'm_pt_rules_text' => insert_lang_comcode($pt_rules_text, 4, $GLOBALS['FORUM_DB']), 'm_language' => $language, 'm_ip_address' => $ip_address, 'm_zone_wide' => $zone_wide, 'm_allow_emails' => $allow_emails, 'm_allow_emails_from_staff' => $allow_emails_from_staff, 'm_password_change_code' => '', 'm_password_compat_scheme' => $password_compatibility_scheme, 'm_on_probation_until' => NULL);
if (!is_null($id)) {
$map['id'] = $id;
}
$member_id = $GLOBALS['FORUM_DB']->query_insert('f_members', $map, true);
if ($check_correctness) {
// If it was an invite/recommendation, award the referrer
if (addon_installed('recommend')) {
$inviter = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address), 'ORDER BY i_time');
if (!is_null($inviter)) {
if (addon_installed('points')) {
require_code('points2');
require_lang('recommend');
system_gift_transfer(do_lang('RECOMMEND_SITE_TO', $username, get_site_name()), intval(get_option('points_RECOMMEND_SITE')), $inviter);
}
if (addon_installed('chat')) {
require_code('chat2');
buddy_add($inviter, $member_id);
buddy_add($member_id, $inviter);
}
}
}
}
$value = mixed();
// Store custom fields
$row = array('mf_member_id' => $member_id);
$all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields);
foreach ($custom_fields as $field_num => $value) {
if (!array_key_exists($field_num, $all_fields_types)) {
continue;
}
// Trying to set a field we're not allowed to (doesn't apply to our group)
$ob = get_fields_hook($all_fields_types[$field_num]);
list(, , $storage_type) = $ob->get_field_value_row_bits($all_fields[$field_num]);
if (strpos($storage_type, '_trans') !== false) {
$value = insert_lang($value, 3, $GLOBALS['FORUM_DB']);
}
$row['field_' . strval($field_num)] = $value;
}
// Set custom field row
$all_fields_regardless = $GLOBALS['FORUM_DB']->query_select('f_custom_fields', array('id', 'cf_type'));
foreach ($all_fields_regardless as $field) {
if (!array_key_exists('field_' . strval($field['id']), $row)) {
$ob = get_fields_hook($field['cf_type']);
list(, , $storage_type) = $ob->get_field_value_row_bits($field);
$value = '';
if (strpos($storage_type, '_trans') !== false) {
$value = insert_lang($value, 3, $GLOBALS['FORUM_DB']);
}
$row['field_' . strval($field['id'])] = $value;
}
}
$GLOBALS['FORUM_DB']->query_insert('f_member_custom_fields', $row);
// Any secondary work
foreach ($secondary_groups as $g) {
if ($g != $primary_group) {
$GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $g), '', 1);
$GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_group_id' => $g, 'gm_member_id' => $member_id, 'gm_validated' => 1));
}
}
if ($check_correctness) {
if (function_exists('decache')) {
decache('side_stats');
}
}
return $member_id;
}
//form load setting
$display_all_countries = $_POST['allcountries'];
$username = $_POST['username'];
$password = $_POST['password1'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
$country = $_POST['country'];
$tos = isset($_POST['TOS']) ? $_POST['TOS'] == 'ON' : false;
if (isset($_POST['submit'])) {
//try to register
//validate the entered data
$email_not_ok = !is_valid_email_address($email);
$username_not_ok = mb_ereg_match(regex_username, $username) ? false : true;
if ($username_not_ok == false) {
// username should not be formatted like an email-address
$username_not_ok = is_valid_email_address($username);
}
$password_not_ok = mb_ereg_match(regex_password, $password) ? false : true;
$password_diffs = $password != $password2;
//check if email is in the database
$rs = sql("SELECT `username` FROM `user` WHERE `email`='&1'", $email);
if (mysql_num_rows($rs) > 0) {
$email_exists = true;
} else {
$email_exists = false;
}
//check if username is in the database
$rs = sql("SELECT `username` FROM `user` WHERE `username`='&1'", $username);
if (mysql_num_rows($rs) > 0) {
$username_exists = true;
} else {
function setNewEMail($value)
{
if ($value !== null) {
if (!is_valid_email_address($value)) {
return false;
}
if (user::existEMail($value)) {
return false;
}
}
return $this->reUser->setValue('new_email', $value);
}
//load language specific variables
require_once $stylepath . '/' . $tplname . '.inc.php';
tpl_set_var('new_email', '');
tpl_set_var('message', '');
tpl_set_var('email_message', '');
tpl_set_var('code_message', '');
tpl_set_var('change_email', $change_email);
tpl_set_var('reset', $reset);
tpl_set_var('getcode', $get_code);
if (isset($_POST['submit_getcode']) || isset($_POST['submit_changeemail'])) {
$new_email = $_POST['newemail'];
tpl_set_var('new_email', htmlspecialchars($new_email, ENT_COMPAT, 'UTF-8'));
//validate the email
$email_exists = false;
$new_email_not_ok = false;
if (!is_valid_email_address($new_email)) {
$new_email_not_ok = true;
tpl_set_var('email_message', $error_email_not_ok);
} else {
//prüfen, ob email schon in der Datenbank vorhanden
$rs = sql("SELECT `username` FROM `user` WHERE `email`='&1'", $new_email);
if (mysql_num_rows($rs) > 0) {
$email_exists = true;
tpl_set_var('email_message', $error_email_exists);
}
}
if (!$email_exists && !$new_email_not_ok) {
if (isset($_POST['submit_getcode'])) {
//send the secure code via email and store the new email in the database
$secure_code = uniqid('');
//code in DB eintragen
function test($email)
{
echo "<tr><td>" . HtmlEntities($email) . "</td>";
echo "<td>" . (is_valid_email_address($email) ? 'Yes' : 'No') . "</td></tr>";
}
/**
* The actualiser for newsletter subscription maintenance (adding, updating, deleting).
*
* @return tempcode The UI
*/
function newsletter_maintenance()
{
require_code('type_validation');
breadcrumb_set_parents(array(array('_SELF:_SELF:misc', get_option('newsletter_title'))));
$title = get_page_title('_NEWSLETTER_JOIN', true, array(escape_html(get_option('newsletter_title'))));
// Add
$email = trim(post_param('email'));
$password = trim(post_param('password'));
$forename = trim(post_param('forename'));
$surname = trim(post_param('surname'));
if ($password != trim(post_param('password_confirm'))) {
warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));
}
$lang = post_param('lang', user_lang());
if (!is_valid_email_address($email) || $password == '') {
return warn_screen($title, do_lang_tempcode('IMPROPERLY_FILLED_IN'));
}
$message = do_lang_tempcode('NEWSLETTER_UPDATE');
$old_confirm = $GLOBALS['SITE_DB']->query_value_null_ok('newsletter', 'code_confirm', array('email' => $email));
if (is_null($old_confirm)) {
$newsletters = $GLOBALS['SITE_DB']->query_select('newsletters', array('id'));
$found_level = false;
foreach ($newsletters as $newsletter) {
if (get_option('interest_levels') == '1') {
$level = post_param_integer('level' . strval($newsletter['id']));
} else {
$level = post_param_integer('level' . strval($newsletter['id']), 0);
if ($level == 1) {
$level = 4;
}
}
if ($level != 0) {
$found_level = true;
}
}
if (!$found_level) {
warn_exit(do_lang_tempcode('NOT_NEWSLETTER_SUBSCRIBER'));
}
$code_confirm = mt_rand(1, 32000);
$salt = produce_salt();
$GLOBALS['SITE_DB']->query_insert('newsletter', array('n_forename' => $forename, 'n_surname' => $surname, 'join_time' => time(), 'language' => $lang, 'email' => $email, 'code_confirm' => $code_confirm, 'pass_salt' => $salt, 'the_password' => md5($password . $salt)));
$this->send_confirmation($email, $code_confirm, NULL, $forename, $surname);
$message = do_lang_tempcode('NEWSLETTER_CONFIRM', escape_html($email));
} elseif ($old_confirm != 0) {
$this->send_confirmation($email, $old_confirm, NULL, $forename, $surname);
return inform_screen($title, do_lang_tempcode('NEWSLETTER_CONFIRM', escape_html($email)));
}
// Change/make settings
$old_password = $GLOBALS['SITE_DB']->query_value('newsletter', 'the_password', array('email' => $email));
$old_salt = $GLOBALS['SITE_DB']->query_value('newsletter', 'pass_salt', array('email' => $email));
if (!has_specific_permission(get_member(), 'change_newsletter_subscriptions') && $old_password != '' && $old_password != md5($password . $old_salt)) {
$_reset_url = build_url(array('page' => '_SELF', 'type' => 'reset', 'email' => $email), '_SELF');
$reset_url = $_reset_url->evaluate();
return warn_screen($title, do_lang_tempcode('NEWSLETTER_PASSWORD_RESET', escape_html($reset_url)));
} else {
$newsletters = $GLOBALS['SITE_DB']->query_select('newsletters', array('id'));
foreach ($newsletters as $newsletter) {
if (get_option('interest_levels') == '1') {
$level = post_param_integer('level' . strval($newsletter['id']));
} else {
$level = post_param_integer('level' . strval($newsletter['id']), 0);
if ($level == 1) {
$level = 4;
}
}
// First we delete
$GLOBALS['SITE_DB']->query_delete('newsletter_subscribe', array('newsletter_id' => $newsletter['id'], 'email' => $email), '', 1);
if ($level != 0) {
$GLOBALS['SITE_DB']->query_insert('newsletter_subscribe', array('newsletter_id' => $newsletter['id'], 'email' => $email, 'the_level' => $level));
}
// Update name
$GLOBALS['SITE_DB']->query_update('newsletter', array('n_forename' => $forename, 'n_surname' => $surname), array('email' => $email), '', 1);
}
}
return inform_screen($title, $message);
}
$longitude = -$longitude;
}
} else {
$longitude = null;
$lon_h_not_ok = false;
$lon_min_not_ok = false;
}
$lon_not_ok = $lon_min_not_ok || $lon_h_not_ok;
$lat_not_ok = $lat_min_not_ok || $lat_h_not_ok;
//check if username is in the database
$username_exists = false;
$username_not_ok = mb_ereg_match(regex_username, $username) ? false : true;
if ($username_not_ok == false) {
// username should not be formatted like an email-address
// exception: $username == $email
$username_not_ok = is_valid_email_address($username) ? true : false;
}
if ($username_not_ok) {
tpl_set_var('username_message', $error_username_not_ok);
} else {
if ($username != $usr['username']) {
$sql = "SELECT `username` FROM `user` WHERE `username`=:1";
$db->multiVariableQuery($sql, $username);
if ($db->rowCount() > 0) {
$username_exists = true;
tpl_set_var('username_message', $error_username_exists);
}
}
}
if ($radius != '') {
$radius = $radius + 0;
*
* Could have used FILTER_VALIDATE_EMAIL but that is only available on PHP 5.2+
*/
function is_valid_email_address($email_address)
{
return preg_match("/^(?!.{255,})(?!.{65,}@)([!#-'*+\\/-9=?^-~-]+)(?>\\.(?1))*@(?!.*[^.]{64,})(?>[a-z\\d](?>[a-z\\d-]*[a-z\\d])?\\.){1,126}[a-z]{2,6}\$/iD", $email_address);
}
if (isset($_POST['recipient'])) {
$recipient = $_POST['recipient'];
$subject = "Test script for the PHP mail() function";
$message = "Congratulations, the mail() function is working!";
// Long addresses will mess up the layout so we'll put some line breaks in them
$recipient_br = wordwrap($recipient, 65, "<br />\n", true);
echo '<div class="results">';
if (mb_strlen($recipient, 'UTF-8') < 255) {
if (is_valid_email_address($recipient)) {
echo '<div class="good">The <span class="regular">' . $recipient_br . '</span> email address is considered valid for this test.</div>';
// $send_mail = mail($recipient, $subject, $message);
// if($send_mail == true)
if (1 == 1) {
echo '<div class="good">The mail() function is active and the email was accepted for delivery.<br />Provided the server\'s outgoing email is also working an email has been sent to <span class="regular">' . $recipient_br . '</span></div>';
} else {
echo '<div class="bad"><b>The function email() is inactive!</div>';
}
} else {
echo '<div class="bad">The <span class="regular">' . $recipient_br . '</span> email address is considered invalid for this test.</div>';
}
} else {
echo '<div class="bad">You numpty, <span class="regular">' . $recipient_br . '</span>, is too long for an email address</div>';
}
echo '</div>';
/**
* Convert Comcode-Text to Comcode-XML.
*
* @param LONG_TEXT The comcode to convert
* @param boolean Whether to not include a wrapper element (<comcode>)
* @return LONG_TEXT The converted comcode
*/
function comcode_text__to__comcode_xml($comcode, $skip_wrapper = false)
{
require_code('comcode_xml');
require_code('comcode_text');
require_code('comcode_renderer');
if (substr($comcode, 0, 8) == '<comcode') {
if ($skip_wrapper) {
return str_replace('<comcode>', '', str_replace('</comcode>', '', $comcode));
}
return $comcode;
}
$xml = '';
global $ALLOWED_ENTITIES, $CODE_TAGS, $DANGEROUS_TAGS, $VALID_COMCODE_TAGS, $BLOCK_TAGS, $POTENTIAL_JS_NAUGHTY_ARRAY, $TEXTUAL_TAGS, $LEET_FILTER, $IMPORTED_CUSTOM_COMCODE, $REPLACE_TARGETS;
$len = strlen($comcode);
require_lang('comcode');
require_code('type_validation');
if (function_exists('set_time_limit') && ini_get('max_execution_time') != '0') {
@set_time_limit(300);
}
$comcode_dangerous = true;
$comcode_dangerous_html = true;
// Tag level
$current_tag = '';
$attribute_map = array();
$continuation = '';
$close = mixed();
// Properties that come from our tag
$white_space_area = true;
$textual_area = true;
$formatting_allowed = true;
$in_html = false;
$in_semihtml = false;
$in_separate_parse_section = false;
// Not escaped because it has to be passed to a secondary filter
$in_code_tag = false;
$lax = false;
// Our state
$status = CCP_NO_MANS_LAND;
$tag_stack = array();
$pos = 0;
$line_starting = true;
$just_ended = false;
$none_wrap_length = 0;
$just_new_line = true;
// So we can detect lists starting right away
$just_title = false;
global $NUM_LINES;
$NUM_LINES = 0;
$wrap_pos = 60;
$preparse_mode = false;
$is_all_semihtml = false;
$smilies = $GLOBALS['FORUM_DRIVER']->find_emoticons();
// We'll be needing the smiley array
$shortcuts = array('(c)' => '©', '(r)' => '®', '--' => '–', '---' => '—');
// Text syntax possibilities, that get maintained as our cursor moves through the text block
$list_indent = 0;
$list_type = 'ul';
while ($pos < $len) {
$next = $comcode[$pos];
++$pos;
// State machine
switch ($status) {
case CCP_NO_MANS_LAND:
if ($next == '[') {
// Look ahead to make sure it's a valid tag. If it's not then it's considered normal user input, not a tag at all
$dif = $pos < $len && $comcode[$pos] == '/' ? 1 : 0;
$ahead = substr($comcode, $pos + $dif, 19);
$equal_pos = strpos($ahead, '=');
$space_pos = strpos($ahead, ' ');
$end_pos = strpos($ahead, ']');
$cl_pos = strpos($ahead, chr(10));
if ($equal_pos === false) {
$equal_pos = 22;
}
if ($space_pos === false) {
$space_pos = 22;
}
if ($end_pos === false) {
$end_pos = 22;
}
if ($cl_pos === false) {
$cl_pos = 22;
}
$use_pos = min($equal_pos, $space_pos, $end_pos, $cl_pos);
$potential_tag = strtolower(substr($ahead, 0, $use_pos));
if ($use_pos != 22 && (!$in_html || $potential_tag == 'html' || $potential_tag == 'semihtml') && (!$in_code_tag || isset($CODE_TAGS[$potential_tag]))) {
if (!isset($VALID_COMCODE_TAGS[$potential_tag])) {
if (!$IMPORTED_CUSTOM_COMCODE) {
_custom_comcode_import($GLOBALS['SITE_DB']);
}
}
if (isset($VALID_COMCODE_TAGS[$potential_tag]) && substr($ahead, 0, 2) != 'i ') {
$close = false;
$current_tag = '';
$xml .= $continuation;
$continuation = '';
if ($potential_tag == 'html' || $potential_tag == 'semihtml') {
list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
$xml .= $close_list;
}
$status = CCP_STARTING_TAG;
continue;
}
}
}
if ($in_html || $in_semihtml && ($next == '<' || $next == '>')) {
$ahead = substr($comcode, $pos - 1, 20);
$ahead_lower = strtolower($ahead);
if ($next == chr(10)) {
++$NUM_LINES;
}
$continuation .= $next;
} else {
// Text-format possibilities
if ($just_new_line && $formatting_allowed) {
$xml .= $continuation;
$continuation = '';
// List
$found_list = false;
$old_list_indent = $list_indent;
if ($pos + 1 < $len && is_numeric($next) && $comcode[$pos] == ')' && $comcode[$pos + 1] == ' ') {
if ($list_indent != 0 && $list_type == 'ul') {
list($temp_tpl, $old_list_indent) = _close_open_lists($list_indent, $list_type);
$xml .= $temp_tpl;
}
$list_indent = 1;
$found_list = true;
$scan_pos = $pos;
$list_type = '1';
} elseif ($pos + 1 < $len && ord($next) >= ord('a') && ord($next) <= ord('z') && $comcode[$pos] == ')' && $comcode[$pos + 1] == ' ') {
if ($list_indent != 0 && $list_type == 'ul') {
list($temp_tpl, $old_list_indent) = _close_open_lists($list_indent, $list_type);
$xml .= $temp_tpl;
}
$list_indent = 1;
$found_list = true;
$scan_pos = $pos;
$list_type = 'a';
} elseif ($next == ' ') {
if ($old_list_indent != 0 && $list_type != 'ul') {
list($temp_tpl, $old_list_indent) = _close_open_lists($list_indent, $list_type);
$xml .= $temp_tpl;
}
$scan_pos = $pos - 1;
$list_indent = 0;
while ($scan_pos < $len) {
$scan_next = $comcode[$scan_pos];
if ($scan_next == '-' && $comcode[$scan_pos + 1] == ' ') {
$found_list = true;
break;
} else {
if ($scan_next == ' ') {
++$list_indent;
} else {
break;
}
}
++$scan_pos;
}
if (!$found_list) {
$list_indent = 0;
}
} else {
list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
$xml .= $close_list;
if ($next == '-' && !$just_title) {
$scan_pos = $pos;
$found_rule = true;
while ($scan_pos < $len) {
$scan_next = $comcode[$scan_pos];
if ($scan_next != '-') {
if ($scan_next == chr(10)) {
++$NUM_LINES;
break;
} else {
$found_rule = false;
}
}
++$scan_pos;
}
if ($found_rule) {
$xml .= '<rule />';
$pos = $scan_pos + 1;
$just_ended = true;
$none_wrap_length = 0;
continue;
}
}
}
// List handling
if ($list_indent == $old_list_indent && $old_list_indent != 0) {
$xml .= '</listElement>';
}
for ($i = $list_indent; $i < $old_list_indent; ++$i) {
$xml .= '</listElement>';
$xml .= '</list>';
}
if ($list_indent < $old_list_indent && $list_indent != 0) {
$xml .= '</listElement>';
}
if ($found_list) {
if ($list_indent - $old_list_indent > 1 && !$lax) {
$error = comcode_parse_error($preparse_mode, array('CCP_LIST_JUMPYNESS'), $pos, $comcode);
return $error->evaluate();
}
for ($i = $old_list_indent; $i < $list_indent; ++$i) {
switch ($list_type) {
case 'ul':
$xml .= '<list>';
break;
case '1':
$xml .= '<list type="1">';
break;
case 'a':
$xml .= '<list type="a">';
break;
}
if ($i < $list_indent - 1) {
$xml .= '<listElement>';
}
}
$xml .= '<listElement>';
$just_ended = true;
$none_wrap_length = 0;
$next = '';
$pos = $scan_pos + 2;
}
}
if ($next == chr(10) && $white_space_area && !$just_ended) {
++$NUM_LINES;
$line_starting = true;
$xml .= $continuation;
$continuation = '';
$just_new_line = true;
$none_wrap_length = 0;
if ($list_indent == 0) {
$xml .= '<br />' . chr(10);
}
} else {
$just_new_line = false;
if ($next == ' ' && $white_space_area) {
if ($line_starting || $pos != 0 && $comcode[$pos - 2] == ' ') {
$next = ' ';
++$none_wrap_length;
} else {
$none_wrap_length = 0;
}
$continuation .= $next;
} elseif ($next == "\t" && $white_space_area) {
$xml .= $continuation;
$continuation = '';
$tab_tpl = do_template('COMCODE_TEXTCODE_TAB');
//
$_tab_tpl = $tab_tpl->evaluate();
$none_wrap_length += strlen($_tab_tpl);
$xml .= $tab_tpl->evaluate();
} else {
if ($next == ' ' || $next == "\t" || $just_ended) {
$none_wrap_length = 0;
} else {
if (!is_null($wrap_pos) && $none_wrap_length >= $wrap_pos && $textual_area && !$in_semihtml) {
$xml .= $continuation;
$continuation = '';
$xml .= '<br />' . chr(10);
$none_wrap_length = 0;
} elseif ($textual_area) {
++$none_wrap_length;
}
}
$line_starting = false;
$just_ended = false;
$differented = false;
// If somehow via lookahead we've changed this to HTML and thus won't use it in raw form
// Symbol lookahead
if (!$in_code_tag) {
if ($next == '{' && ($comcode[$pos] == '$' || $comcode[$pos] == '+' || $comcode[$pos] == '!') && $comcode_dangerous) {
$xml .= $continuation;
$continuation = '';
if ($comcode[$pos] == '+') {
$p_end = $pos + 5;
while ($p_end < $len) {
$p_portion = substr($comcode, $pos - 1, $p_end - ($pos - 1) + 5);
if (substr_count($p_portion, '{+START') == substr_count($p_portion, '{+END')) {
break;
}
$p_end++;
}
$p_len = 1;
while ($pos + $p_len < $len) {
$p_portion = substr($comcode, $pos - 1, $p_len);
if (substr_count($p_portion, '{') == substr_count($p_portion, '}')) {
break;
}
$p_len++;
}
$p_len--;
$p_portion = substr($comcode, $pos + $p_len, $p_end - ($pos + $p_len));
$_ret = template_to_tempcode_static(substr($comcode, $pos - 1, $p_len + 1) . '!' . substr($comcode, $p_end, 6));
$ret = '<directive type="' . escape_html($_ret->bits[0][2]) . '">';
foreach ($_ret->bits[0][3] as $val) {
$ret .= '<directiveParam>' . escape_html($val->evaluate()) . '</directiveParam>';
}
$ret .= comcode_text__to__comcode_xml($p_portion, true);
$ret .= '</directive>';
$pos = $p_end + 6;
} else {
$_ret = new ocp_tempcode();
$_ret->bits = array(read_single_uncompiled_variable($comcode, $pos, $len));
if ($_ret->bits[0][1] == TC_SYMBOL) {
$ret = '<symbol>';
if (isset($_ret->bits[0][3])) {
foreach ($_ret->bits[0][3] as $val) {
$ret .= '<symbolParam>' . escape_html($val) . '</symbolParam>';
}
}
$ret .= $_ret->bits[0][2] . '</symbol>';
} else {
$ret = '<language>';
if (isset($_ret->bits[0][3])) {
foreach ($_ret->bits[0][3] as $val) {
$ret .= '<languageParam>' . escape_html($val) . '</languageParam>';
}
}
$ret .= $_ret->bits[0][2] . '</language>';
}
}
$differented = true;
$xml .= $ret;
}
}
// Escaping of comcode tag starts lookahead
if ($next == '\\' && !$in_code_tag) {
if ($pos != $len && $comcode[$pos] == '"') {
$continuation .= '"';
++$pos;
$differented = true;
} elseif ($pos != $len && $comcode[$pos] == '[') {
$continuation .= '[';
++$pos;
$differented = true;
} elseif ($pos != $len && $comcode[$pos] == '{') {
$continuation .= '{';
++$pos;
$differented = true;
} elseif ($pos == $len || $comcode[$pos] == '\\') {
$continuation .= '\\';
++$pos;
$differented = true;
}
}
// Smiley lookahead
if (!$differented) {
if (($textual_area || $in_semihtml) && trim($next) != '') {
foreach ($smilies as $smiley => $imgcode) {
if ($in_semihtml) {
$smiley = ' ' . $smiley . ' ';
}
if ($next == $smiley[0]) {
if (substr($comcode, $pos - 1, strlen($smiley)) == $smiley) {
$xml .= $continuation;
$continuation = '';
$pos += strlen($smiley) - 1;
$differented = true;
$xml .= '<emoticon>' . escape_html($imgcode) . '</emoticon>';
break;
}
}
}
}
}
if ($textual_area && trim($next) != '' && !$differented && addon_installed('cedi')) {
// CEDI pages
if ($pos < $len && $next == '[') {
$matches = array();
if (preg_match('#^\\[([^\\[\\]]*)\\]\\]#', substr($comcode, $pos, 40), $matches) != 0) {
$cedi_page_name = $matches[1];
$xml .= $continuation;
$continuation = '';
$hash_pos = strpos($cedi_page_name, '#');
if ($hash_pos !== false) {
$jump_to = substr($cedi_page_name, $hash_pos + 1);
$cedi_page_name = substr($cedi_page_name, 0, $hash_pos);
$xml .= '<cedi anchor="' . escape_html($jump_to) . '">' . escape_html($cedi_page_name) . '</cedi>';
} else {
$xml .= '<cedi>' . escape_html($cedi_page_name) . '</cedi>';
}
$pos += strlen($matches[1]) + 3;
$differented = true;
}
}
// Usernames
if ($pos < $len && $next == '{') {
$matches = array();
if (preg_match('#^\\{([^"{}&\'\\$<>]*)\\}\\}#', substr($comcode, $pos, 40), $matches) != 0) {
$xml .= $continuation;
$continuation = '';
$username = $matches[1];
if ($username[0] == '?') {
$username = substr($username, 1);
$xml .= '<member boxed="1">' . escape_html($username) . '</member>';
} else {
$xml .= '<member>' . escape_html($username) . '</member>';
}
$pos += strlen($matches[1]) + 3;
$differented = true;
}
}
if (!$in_code_tag && trim($next) != '' && !$differented) {
// Shortcut lookahead
if (!$differented) {
foreach ($shortcuts as $code => $replacement) {
if ($next == $code[0] && substr($comcode, $pos - 1, strlen($code)) == $code) {
$xml .= $continuation;
$continuation = '';
$pos += strlen($code) - 1;
$differented = true;
$xml .= $replacement;
break;
}
}
}
}
// Table syntax
if (!$differented) {
if ($pos < $len && $comcode[$pos] == '|') {
$end_tbl = strpos($comcode, chr(10) . '|}', $pos);
if ($end_tbl !== false) {
$end_fst_line_pos = strpos($comcode, chr(10), $pos);
$caption = substr($comcode, $pos + 2, max($end_fst_line_pos - $pos - 2, 0));
$pos += strlen($caption) + 1;
$rows = preg_split('#(\\|-|\\|\\})#Um', substr($comcode, $pos, $end_tbl - $pos));
if (count($rows) == 1 && $caption == 'floats') {
$cells = preg_split('/(\\n\\! | \\!\\! |\\n\\| | \\|\\| )/', $rows[0], -1, PREG_SPLIT_DELIM_CAPTURE);
array_shift($cells);
// First one is non-existant empty
$spec = true;
// Find which to float
$to_float = NULL;
foreach ($cells as $i => $cell) {
if (!$spec) {
if (strpos($cell, '!') !== false || is_null($to_float)) {
$to_float = $i;
}
}
$spec = !$spec;
}
$xml .= '<float>';
// Do floated one
$xml .= '<fh>';
$xml .= comcode_text__to__comcode_xml(rtrim($cells[$to_float]), true);
$xml .= '</fh>';
// Do non-floated ones
foreach ($cells as $i => $cell) {
if ($i % 2 == 1 && $i != $to_float) {
$xml .= '<fd>';
$xml .= comcode_text__to__comcode_xml(rtrim($cells[$to_float]), true);
$xml .= '</fd>';
}
}
$xml .= '</float>';
} else {
$xml .= '<table summary="' . escape_html($caption) . '">';
foreach ($rows as $table_row) {
$xml .= '<tr>';
$cells = preg_split('/(\\n\\! | \\!\\! |\\n\\| | \\|\\| )/', $table_row, -1, PREG_SPLIT_DELIM_CAPTURE);
array_shift($cells);
// First one is non-existant empty
$spec = true;
$c_type = '';
foreach ($cells as $cell) {
if ($spec) {
$c_type = strpos($cell, '!') !== false ? 'th' : 'td';
} else {
$xml .= '<' . $c_type . '>';
$xml .= comcode_text__to__comcode_xml(rtrim($cell), true);
$xml .= '</' . $c_type . '>';
}
$spec = !$spec;
}
$xml .= '</tr>';
}
$xml .= '</table>';
}
$pos = $end_tbl + 3;
$differented = true;
}
}
}
// Link lookahead
if (!$differented) {
if (!$in_semihtml && $next == 'h' && (substr($comcode, $pos - 1, strlen('http://')) == 'http://' || substr($comcode, $pos - 1, strlen('https://')) == 'https://' || substr($comcode, $pos - 1, strlen('ftp://')) == 'ftp://')) {
list($link_end_pos, $auto_link) = detect_link($comcode, $pos);
$xml .= $continuation;
$continuation = '';
$downloaded_at_link = http_download_file($auto_link, 3000, false);
$link_captions_title = '';
if (is_string($downloaded_at_link)) {
$matches = array();
if (preg_match('#<title>\\s*(.*)\\s*</title>#', $downloaded_at_link, $matches) != 0) {
require_code('character_sets');
$link_captions_title = @html_entity_decode(convert_to_internal_encoding($matches[1]), ENT_QUOTES, get_charset());
}
}
$xml .= '<url param="' . escape_html($auto_link) . '">' . escape_html($link_captions_title) . '</url>';
$pos += $link_end_pos - $pos;
$differented = true;
break;
}
}
}
if (!$differented) {
if (!$in_separate_parse_section && (!$in_semihtml || !$comcode_dangerous && !$is_all_semihtml)) {
if ($next == '&') {
$ahead = substr($comcode, $pos, 20);
$ahead_lower = strtolower($ahead);
$matches = array();
$entity = preg_match('#(\\#)?([\\w]*);#', $ahead_lower, $matches) != 0;
// If it is a SAFE entity, use it
if ($entity) {
if ($matches[1] == '' && isset($ALLOWED_ENTITIES[$matches[2]])) {
$pos += strlen($matches[2]) + 1;
$continuation .= '&' . $matches[2] . ';';
} elseif (is_numeric($matches[2]) && $matches[1] == '#') {
$matched_entity = intval(base_convert($matches[1], 16, 10));
if ($matched_entity < 127 && array_key_exists(chr($matched_entity), $POTENTIAL_JS_NAUGHTY_ARRAY)) {
$continuation .= escape_html($next);
} else {
$pos += strlen($matches[2]) + 2;
$continuation .= '&#' . $matches[2] . ';';
}
} else {
$continuation .= '&';
}
} else {
$continuation .= '&';
}
} else {
$continuation .= escape_html($next);
}
} else {
$continuation .= $next;
}
}
}
}
}
break;
case CCP_IN_TAG_NAME:
if ($next == '=') {
$status = CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_RIGHT;
$current_attribute_name = 'param';
} elseif (trim($next) == '') {
$status = CCP_IN_TAG_BETWEEN_ATTRIBUTES;
} elseif ($next == '[') {
warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
} elseif ($next == ']') {
if ($close) {
if ($formatting_allowed) {
list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
$xml .= $close_list;
}
if (count($tag_stack) == 0) {
warn_exit(do_lang_tempcode('CCP_NO_CLOSE', escape_html($current_tag)));
}
$_last = array_pop($tag_stack);
if ($_last[0] != $current_tag) {
warn_exit(do_lang_tempcode('CCP_NO_CLOSE_MATCH', escape_html($current_tag), escape_html($_last)));
}
// Do the comcode for this tag
if ($in_semihtml) {
foreach ($_last[1] as $index => $conv) {
$_last[1][$index] = @html_entity_decode(str_replace('<br />', chr(10), $conv), ENT_QUOTES, get_charset());
}
}
$attributes = $_last[1];
if ($current_tag == 'html') {
$in_html = false;
$_last[0] = 'htmlWrap';
} elseif ($current_tag == 'semihtml') {
$in_semihtml = false;
$_last[0] = 'htmlWrap';
} elseif ($current_tag == 'external_table' || $current_tag == 'internal_table') {
$_last[0] = 'box';
} elseif ($current_tag == 'php') {
$_last[0] = 'code';
$attributes['param'] = 'php';
} elseif ($current_tag == 'codebox') {
$_last[0] = 'code';
$attributes['scroll'] = '1';
} elseif ($current_tag == 'sql') {
$_last[0] = 'code';
$attributes['param'] = 'sql';
} elseif ($current_tag == 'snapback') {
$_last[0] = 'post';
} elseif ($current_tag == 'thread') {
$_last[0] = 'topic';
} elseif ($current_tag == 'list') {
$sub_elements = explode('[*]', str_replace('[/*]', '', $xml));
$xml = '';
foreach ($sub_elements as $sub_element) {
$xml .= '<listElement>' . $sub_element . '</listElement>';
}
}
if ($_last[0] == 'box' && isset($attributes['breadth']) && !isset($attributes['dimensions'])) {
$attributes['dimensions'] = $attributes['breadth'];
unset($attributes['breadth']);
}
if ($_last[0] == 'page' && array_keys($attributes) != array('param')) {
$zone = isset($attributes['param']) ? $attributes['param'] : '_SEARCH';
$page = $xml;
$xml = $attributes['caption'];
unset($attributes['param']);
unset($attributes['caption']);
$pagelink = $zone . ':' . $page;
foreach ($attributes as $key => $val) {
$pagelink .= ':' . $key . '=' . $val;
}
$attributes = array('pageLink' => $pagelink);
}
if ($_last[0] == 'block') {
foreach ($attributes as $key => $val) {
$xml .= '<blockParam key="' . escape_html($key) . '" value="' . escape_html($val) . '" />';
}
$attributes = array();
}
if ($_last[0] == 'random') {
foreach ($attributes as $key => $val) {
$xml .= '<randomTarget pickIfAbove="' . escape_html($key) . '">' . comcode_text__to__comcode_xml($val, true) . '</randomTarget>';
}
$attributes = array();
}
if ($_last[0] == 'jumping') {
foreach ($attributes as $key => $val) {
$xml .= '<jumpingTarget>' . comcode_text__to__comcode_xml($val, true) . '</jumpingTarget>';
}
$attributes = array();
}
if ($_last[0] == 'concepts') {
foreach ($attributes as $_key => $_value) {
if (substr($_key, -4) == '_key') {
$key = $_value;
$cid = substr($_key, 0, strlen($_key) - 4);
$value = $attributes[$cid . '_value'];
$xml .= '<showConcept key="' . escape_html($key) . '" value="' . escape_html($value) . '" />';
}
}
$attributes = array();
}
if (($_last[0] == 'attachment' || $_last[0] == 'attachment_safe') && isset($attributes['description'])) {
$xml .= '<attachmentDescription>' . comcode_text__to__comcode_xml($attributes['description'], true) . '</attachmentDescription>';
unset($attributes['description']);
}
if ($_last[0] == 'hide' && isset($attributes['param'])) {
$xml .= '<hideTitle>' . comcode_text__to__comcode_xml($attributes['param'], true) . '</hideTitle>';
unset($attributes['param']);
}
if ($_last[0] == 'tooltip' && isset($attributes['param'])) {
$xml .= '<tooltipMessage>' . comcode_text__to__comcode_xml($attributes['param'], true) . '</tooltipMessage>';
unset($attributes['param']);
}
global $COMCODE_XML_PARAM_RENAMING, $COMCODE_XML_SWITCH_AROUND;
if (isset($attributes['param']) && isset($COMCODE_XML_PARAM_RENAMING[$_last[0]])) {
$attributes[$COMCODE_XML_PARAM_RENAMING[$_last[0]]] = $attributes['param'];
unset($attributes['param']);
}
$comcode_xml_switch_around = $COMCODE_XML_SWITCH_AROUND;
if ($_last[0] == 'email' && (!isset($attributes['param']) || !is_valid_email_address($attributes['param'])) && is_valid_email_address($xml)) {
$comcode_xml_switch_around[] = 'email';
}
if ($_last[0] == 'url' && (!isset($attributes['param']) || !looks_like_url($attributes['param'])) && looks_like_url($xml)) {
$comcode_xml_switch_around[] = 'url';
}
if (in_array($_last[0], $comcode_xml_switch_around)) {
$x = 'param';
if ($_last[0] == 'reference') {
$x = 'title';
}
if (isset($attributes[$x])) {
$temp = $attributes[$x];
$attributes[$x] = $xml;
$xml = comcode_text__to__comcode_xml($temp, true);
} else {
$attributes[$x] = $xml;
}
}
$in_code_tag = false;
$white_space_area = $_last[3];
$in_separate_parse_section = $_last[4];
$formatting_allowed = $_last[5];
$textual_area = $_last[6];
if ($_last[0] == 'htmlWrap') {
$embed_output = '<htmlWrap xmlns="http://www.w3.org/1999/xhtml">';
} else {
$embed_output = '<' . to_camelCase($_last[0]);
foreach ($attributes as $key => $val) {
$embed_output .= ' ' . to_camelCase($key) . '="' . escape_html($val) . '"';
}
$embed_output .= '>';
}
$embed_output .= $xml . '</' . to_camelCase($_last[0]) . '>';
$just_ended = isset($BLOCK_TAGS[$current_tag]);
$xml = $_last[2] . $embed_output;
if ($current_tag == 'title') {
if (strlen($comcode) > $pos + 1 && $comcode[$pos] == chr(10) && $comcode[$pos + 1] == chr(10)) {
$NUM_LINES += 2;
$pos += 2;
$just_new_line = true;
list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
$xml .= $close_list;
}
}
$status = CCP_NO_MANS_LAND;
} else {
array_push($tag_stack, array($current_tag, $attribute_map, $xml, $white_space_area, $in_separate_parse_section, $formatting_allowed, $textual_area));
list(, , , $white_space_area, $formatting_allowed, $in_separate_parse_section, $textual_area, $attribute_map, $status, $in_html, $in_semihtml, $pos, $in_code_tag) = _opened_tag(false, false, get_member(), $attribute_map, $current_tag, $pos, $comcode_dangerous, $comcode_dangerous_html, $in_separate_parse_section, $in_html, $in_semihtml, $close, $len, $comcode);
$xml = '';
}
} else {
$current_tag .= strtolower($next);
}
break;
case CCP_STARTING_TAG:
if ($next == '[') {
warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
} elseif ($next == ']') {
warn_exit(do_lang_tempcode('CCP_TAG_CLOSE_ANOMALY'));
} elseif ($next == '/') {
$close = true;
} else {
$current_tag .= strtolower($next);
$status = CCP_IN_TAG_NAME;
}
break;
case CCP_IN_TAG_BETWEEN_ATTRIBUTES:
if ($next == ']') {
array_push($tag_stack, array($current_tag, $attribute_map, $xml, $white_space_area, $in_separate_parse_section, $formatting_allowed, $textual_area));
list(, , , $white_space_area, $formatting_allowed, $in_separate_parse_section, $textual_area, $attribute_map, $status, $in_html, $in_semihtml, $pos, $in_code_tag) = _opened_tag(false, false, get_member(), $attribute_map, $current_tag, $pos, $comcode_dangerous, $comcode_dangerous_html, $in_separate_parse_section, $in_html, $in_semihtml, $close, $len, $comcode);
$xml = '';
} elseif ($next == '[') {
warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
} elseif (trim($next) != '') {
$status = CCP_IN_TAG_ATTRIBUTE_NAME;
$current_attribute_name = $next;
}
break;
case CCP_IN_TAG_ATTRIBUTE_NAME:
if ($next == '[') {
warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
} elseif ($next == ']') {
$at_map_keys = array_keys($attribute_map);
$old_attribute_name = $at_map_keys[count($at_map_keys) - 1];
$attribute_map[$old_attribute_name] .= ' ' . $current_attribute_name;
array_push($tag_stack, array($current_tag, $attribute_map, $xml, $white_space_area, $in_separate_parse_section, $formatting_allowed, $textual_area));
list(, , , $white_space_area, $formatting_allowed, $in_separate_parse_section, $textual_area, $attribute_map, $status, $in_html, $in_semihtml, $pos, $in_code_tag) = _opened_tag(false, false, get_member(), $attribute_map, $current_tag, $pos, $comcode_dangerous, $comcode_dangerous_html, $in_separate_parse_section, $in_html, $in_semihtml, $close, $len, $comcode);
$xml = '';
} elseif ($next == '=') {
$status = CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_RIGHT;
} elseif ($next != ' ') {
$current_attribute_name .= strtolower($next);
} else {
$status = CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_LEFT;
}
break;
case CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_LEFT:
if ($next == '=') {
$status = CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_RIGHT;
} elseif (trim($next) != '') {
warn_exit(do_lang_tempcode('CCP_ATTRIBUTE_ERROR', escape_html($current_attribute_name), escape_html($current_tag)));
}
break;
case CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_RIGHT:
if ($next == '[') {
warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
} elseif ($next == ']') {
warn_exit(do_lang_tempcode('CCP_TAG_CLOSE_ANOMALY'));
} elseif ($next == '"' || $in_semihtml && substr($comcode, $pos - 1, 6) == '"') {
if ($next != '"') {
$pos += 5;
}
$status = CCP_IN_TAG_ATTRIBUTE_VALUE;
$current_attribute_value = '';
} elseif ($next != '') {
$status = CCP_IN_TAG_ATTRIBUTE_VALUE_NO_QUOTE;
$current_attribute_value = $next;
}
break;
case CCP_IN_TAG_ATTRIBUTE_VALUE_NO_QUOTE:
if ($next == ' ') {
$status = CCP_IN_TAG_BETWEEN_ATTRIBUTES;
if (isset($attribute_map[$current_attribute_name])) {
warn_exit(do_lang_tempcode('CCP_DUPLICATE_ATTRIBUTES', escape_html($current_attribute_name), escape_html($current_tag)));
}
$attribute_map[$current_attribute_name] = $current_attribute_value;
} elseif ($next == ']') {
if (isset($attribute_map[$current_attribute_name])) {
warn_exit(do_lang_tempcode('CCP_DUPLICATE_ATTRIBUTES', escape_html($current_attribute_name), escape_html($current_tag)));
}
$attribute_map[$current_attribute_name] = $current_attribute_value;
array_push($tag_stack, array($current_tag, $attribute_map, $xml, $white_space_area, $in_separate_parse_section, $formatting_allowed, $textual_area));
list(, , , $white_space_area, $formatting_allowed, $in_separate_parse_section, $textual_area, $attribute_map, $status, $in_html, $in_semihtml, $pos, $in_code_tag) = _opened_tag(false, false, get_member(), $attribute_map, $current_tag, $pos, $comcode_dangerous, $comcode_dangerous_html, $in_separate_parse_section, $in_html, $in_semihtml, $close, $len, $comcode);
$xml = '';
} else {
$current_attribute_value .= $next;
}
break;
case CCP_IN_TAG_ATTRIBUTE_VALUE:
if ($next == '"' || $in_semihtml && substr($comcode, $pos - 1, 6) == '"') {
if ($next != '"') {
$pos += 5;
}
$status = CCP_IN_TAG_BETWEEN_ATTRIBUTES;
if (isset($attribute_map[$current_attribute_name])) {
warn_exit(do_lang_tempcode('CCP_DUPLICATE_ATTRIBUTES', escape_html($current_attribute_name), escape_html($current_tag)));
}
$attribute_map[$current_attribute_name] = $current_attribute_value;
} else {
if ($next == '\\') {
if ($comcode[$pos] == '"') {
$current_attribute_value .= '"';
++$pos;
} elseif ($comcode[$pos] == '\\') {
$current_attribute_value .= '\\';
++$pos;
} else {
$current_attribute_value .= $next;
}
} else {
$current_attribute_value .= $next;
}
}
break;
}
}
$xml .= $continuation;
$continuation = '';
list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
$xml .= $close_list;
if ($status != CCP_NO_MANS_LAND || count($tag_stack) != 0) {
$stack_top = array_pop($tag_stack);
warn_exit(do_lang_tempcode('CCP_BROKEN_END', escape_html($stack_top[0])));
}
if (!$skip_wrapper) {
$xml = '<comcode>' . $xml . '</comcode>';
}
return $xml;
}
function validate($form_name)
{
global $site_settings;
// contains form name and a list of fields that need to be validated. All fields mentioned in this array will be returned sanitized in the $result['x'] array
$forms = array('update_user_info' => array('first_name' => array('type' => 'alpha', 'maxlen' => 64, 'format' => 'ucfirst', 'starred' => TRUE), 'last_name' => array('type' => 'alpha', 'maxlen' => 64, 'format' => 'ucfirst', 'starred' => TRUE), 'middle_name' => array('type' => 'alpha', 'maxlen' => 64, 'format' => 'ucfirst'), 'city' => array('type' => 'enum', 'values' => $site_settings['locations']), 'group' => array('type' => 'enum', 'values' => $site_settings['user_groups']), 'email_addr' => array('type' => 'email', 'format' => 'email1', 'starred' => TRUE), 'password' => array('type' => 'alnum', 'minlen' => 6, 'maxlen' => 16), 'phone_a' => array('type' => 'phone', 'format' => 'phone1')), 'user_add' => array('first_name' => array('type' => 'alpha', 'maxlen' => 64, 'format' => 'ucfirst', 'starred' => TRUE), 'last_name' => array('type' => 'alpha', 'maxlen' => 64, 'format' => 'ucfirst', 'starred' => TRUE), 'middle_name' => array('type' => 'alpha', 'maxlen' => 64, 'format' => 'ucfirst'), 'city' => array('type' => 'enum', 'values' => $site_settings['locations']), 'group' => array('type' => 'enum', 'values' => $site_settings['user_groups']), 'email_addr' => array('type' => 'email', 'format' => 'email1', 'starred' => TRUE), 'password' => array('type' => 'alnum', 'minlen' => 6, 'maxlen' => 16, 'starred' => TRUE), 'phone_a' => array('type' => 'phone', 'format' => 'phone1')));
$errors = array();
// output array with errors. Returns NULL if no errors.
$x = array();
// holds sanitized form fields.
// array of standard error messages
$err_msg = array(0 => 'Use letter characters only', 1 => 'Enter only up to %s characters', 2 => 'Enter minimum %s characters', 3 => 'Use letters and numbers only', 4 => 'Required field', 5 => 'Supplied value outside of specified list', 6 => 'Use phone number format XXX-AAA-BBBB, 1-XXX-AAA-BBBB, or 1-XXX-AAA-BBBB ext CCC', 7 => 'Invalid format for email address');
if (!array_key_exists($form_name, $forms)) {
return FALSE;
}
foreach ($forms[$form_name] as $field => $data) {
// check if field exists and is compulsory (starred)
if (!isset($_POST[$field]) || empty($_POST[$field])) {
if (isset($data['starred']) && $data['starred']) {
$errors[$field] = $err_msg[4];
}
//$x[$field] = htmlentities( $_POST[$field] );
$x[$field] = NULL;
} else {
// data types
switch ($data['type']) {
case 'alpha':
if (!ctype_alpha($_POST[$field])) {
$errors[$field] = $err_msg[0];
}
$x[$field] = htmlentities($_POST[$field]);
break;
case 'alnum':
if (!ctype_alnum($_POST[$field])) {
$errors[$field] = $err_msg[3];
}
$x[$field] = htmlentities($_POST[$field]);
break;
case 'enum':
if (!in_array($_POST[$field], $data['values'])) {
$errors[$field] = $err_msg[5];
}
$x[$field] = $_POST[$field];
break;
case 'email':
//if ( !preg_match( '/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}/', $_POST[$field] ) ) $errors[$field] = $err_msg[7];
if (!is_valid_email_address($_POST[$field])) {
$errors[$field] = $err_msg[7];
}
$x[$field] = htmlentities($_POST[$field]);
break;
case 'phone':
// grep -n -E "^\+?1?[-|\s]?\(?[0-9]{3}\)?[[:punct:]][0-9]{3}[-|\.][0-9]{4}" preg_match.txt
if (!preg_match('/^(?:1(?:[. -])?)?(?:\\((?=\\d{3}\\)))?([2-9]\\d{2})(?:(?<=\\(\\d{3})\\))? ?(?:(?<=\\d{3})[.-])?([2-9]\\d{2})[. -]?(\\d{4})(?: (?i:ext)\\.? ?(\\d{1,5}))?$/', $_POST[$field])) {
$errors[$field] = $err_msg[6];
}
$x[$field] = htmlentities($_POST[$field]);
break;
}
// length of field
if (isset($data['maxlen'])) {
if (strlen($_POST[$field]) > $data['maxlen']) {
$errors[$field] = sprintf($err_msg[1], $data['maxlen']);
}
$x[$field] = substr($_POST[$field], 0, $data['maxlen']);
}
if (isset($data['minlen'])) {
if (strlen($_POST[$field]) < $data['minlen']) {
$errors[$field] = sprintf($err_msg[2], $data['minlen']);
}
$x[$field] = $_POST[$field];
}
// format field
if (isset($data['format'])) {
switch ($data['format']) {
case 'ucfirst':
$x[$field] = ucfirst($x[$field]);
break;
case 'lowercase':
$x[$field] = strtolower($x[$field]);
break;
case 'allcaps':
$x[$field] = strtoupper($x[$field]);
break;
case 'phone1':
if (preg_match('/^(?:1(?:[. -])?)?(?:\\((?=\\d{3}\\)))?([2-9]\\d{2})(?:(?<=\\(\\d{3})\\))? ?(?:(?<=\\d{3})[.-])?([2-9]\\d{2})[. -]?(\\d{4})(?: (?i:ext)\\.? ?(\\d{1,5}))?$/', $_POST[$field], $match)) {
if (isset($match[4])) {
$x[$field] = sprintf('%s-%s-%s x%s', $match[1], $match[2], $match[3], $match[4]);
} else {
$x[$field] = sprintf('%s-%s-%s', $match[1], $match[2], $match[3]);
}
}
break;
case 'email1':
if (!isset($errors[$field])) {
$x[$field] = strtolower($_POST[$field]);
}
break;
}
}
}
}
if (empty($errors)) {
$errors = NULL;
}
$result = array('errors' => $errors, 'x' => $x);
return $result;
}
/**
* Get tempcode for a Comcode tag. This function should always return (errors should be placed in the Comcode output stream), for stability reasons (i.e. if you're submitting something, you can't have the whole submit process die half way through in an unstructured fashion).
*
* @param string The tag being converted
* @param array A map of the attributes (name=>val) for the tag. Val is usually a string, although in select places, the XML parser may pass tempcode.
* @param mixed Tempcode of the inside of the tag ([between]THIS[/between]); the XML parser may pass in special stuff here, which is interpreted only for select tags
* @param boolean Whether we are allowed to proceed even if this tag is marked as 'dangerous'
* @param string A special identifier to mark where the resultant tempcode is going to end up (e.g. the ID of a post)
* @param integer The position this tag occurred at in the Comcode
* @param MEMBER The member who is responsible for this Comcode
* @param boolean Whether to check as arbitrary admin
* @param object The database connection to use
* @param string The whole chunk of comcode
* @param boolean Whether this is for WML output
* @param boolean Whether this is only a structure sweep
* @param boolean Whether we are in semi-parse-mode (some tags might convert differently)
* @param ?array A list of words to highlight (NULL: none)
* @param ?MEMBER The member we are running on behalf of, with respect to how attachments are handled; we may use this members attachments that are already within this post, and our new attachments will be handed to this member (NULL: member evaluating)
* @param boolean Whether what we have came from inside a semihtml tag
* @param boolean Whether what we have came from semihtml mode
* @return tempcode The tempcode for the Comcode
*/
function _do_tags_comcode($tag, $attributes, $embed, $comcode_dangerous, $pass_id, $marker, $source_member, $as_admin, $connection, &$comcode, $wml, $structure_sweep, $semiparse_mode, $highlight_bits = NULL, $on_behalf_of_member = NULL, $in_semihtml = false, $is_all_semihtml = false)
{
if ($structure_sweep && $tag != 'title') {
return new ocp_tempcode();
}
$param_given = isset($attributes['param']);
if (!isset($attributes['param']) && $tag != 'block') {
$attributes['param'] = '';
}
global $DANGEROUS_TAGS, $STRUCTURE_LIST, $COMCODE_PARSE_TITLE;
if (isset($DANGEROUS_TAGS[$tag]) && !$comcode_dangerous) {
$username = $GLOBALS['FORUM_DRIVER']->get_username($source_member);
if (is_null($username)) {
$username = do_lang('UNKNOWN');
}
if ($semiparse_mode) {
$params = '';
foreach ($attributes as $key => $val) {
$params .= ' ' . $key . '="' . comcode_escape($val) . '"';
}
return make_string_tempcode('<input class="ocp_keep_ui_controlled" size="45" title="[' . $tag . '' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? escape_html($embed->evaluate()) : escape_html($embed->evaluate())) . '[/' . $tag . ']" type="text" value="' . ($tag == 'block' ? do_lang('COMCODE_EDITABLE_BLOCK', escape_html($embed->evaluate())) : do_lang('COMCODE_EDITABLE_TAG', escape_html($tag))) . '" />');
}
return do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:NO_ACCESS_FOR_TAG', escape_html($tag), escape_html($username))));
//return new ocp_tempcode();
}
// These are just bbcode compatibility tags.. we will remap to our proper comcode
if ($tag == 'php') {
$attributes['param'] = 'php';
$tag = 'code';
} elseif ($tag == 'sql') {
$attributes['param'] = 'sql';
$tag = 'code';
} elseif ($tag == 'codebox') {
$attributes['scroll'] = '1';
$tag = 'code';
} elseif ($tag == 'left') {
$attributes['param'] = 'left';
$tag = 'align';
} elseif ($tag == 'center') {
$attributes['param'] = 'center';
$tag = 'align';
} elseif ($tag == 'right') {
$attributes['param'] = 'right';
$tag = 'align';
} elseif ($tag == 'thread') {
$tag = 'topic';
} elseif ($tag == 'internal_table' || $tag == 'external_table') {
$tag = 'box';
if (array_key_exists('class', $attributes)) {
$attributes['type'] = $attributes['class'];
}
}
if ($semiparse_mode) {
$non_text_tags = array('attachment', 'section_controller', 'big_tab_controller', 'currency', 'block', 'contents', 'concepts', 'flash', 'menu', 'email', 'reference', 'upload', 'page', 'exp_thumb', 'exp_ref', 'thumb', 'snapback', 'post', 'thread', 'topic', 'include', 'random', 'jumping', 'shocker');
// Also in JAVASCRIPT_EDITING.tpl
if ($tag == 'attachment_safe') {
if (preg_match('#^new\\_\\d+$#', $embed->evaluate()) != 0) {
$non_text_tags[] = 'attachment_safe';
}
}
if (in_array($tag, $non_text_tags)) {
$params = '';
foreach ($attributes as $key => $val) {
$params .= ' ' . $key . '="' . str_replace('"', '\\"', $val) . '"';
}
if ($tag != 'block' || !is_file(get_file_base() . '/sources_custom/miniblocks/' . $embed->evaluate() . '.php')) {
return make_string_tempcode('<input class="ocp_keep_ui_controlled" size="45" title="[' . $tag . '' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? escape_html($embed->evaluate()) : escape_html($embed->evaluate())) . '[/' . $tag . ']" type="text" value="' . ($tag == 'block' ? do_lang('comcode:COMCODE_EDITABLE_BLOCK', escape_html($embed->evaluate())) : do_lang('comcode:COMCODE_EDITABLE_TAG', escape_html($tag))) . '" />');
} else {
return make_string_tempcode('[block' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? $embed->evaluate() : escape_html($embed->evaluate())) . '[/block]');
}
}
}
$temp_tpl = new ocp_tempcode();
switch ($tag) {
case 'no_parse':
$temp_tpl->attach($embed);
break;
case 'currency':
if (addon_installed('ecommerce')) {
$bracket = array_key_exists('bracket', $attributes) && $attributes['bracket'] == '1';
if ($attributes['param'] == '') {
$attributes['param'] = get_option('currency');
}
$temp_tpl = do_template('COMCODE_CURRENCY', array('_GUID' => 'ee1fcdae082af6397ff3bad89006e012', 'AMOUNT' => $embed, 'FROM_CURRENCY' => $attributes['param'], 'BRACKET' => $bracket));
}
break;
case 'overlay':
$x = strval(array_key_exists('x', $attributes) ? intval($attributes['x']) : 100);
$y = strval(array_key_exists('y', $attributes) ? intval($attributes['y']) : 100);
$width = strval(array_key_exists('width', $attributes) ? intval($attributes['width']) : 300);
$height = strval(array_key_exists('height', $attributes) ? intval($attributes['height']) : 300);
$timein = strval(array_key_exists('timein', $attributes) ? intval($attributes['timein']) : 0);
$timeout = strval(array_key_exists('timeout', $attributes) ? intval($attributes['timeout']) : -1);
$temp_tpl = do_template('COMCODE_OVERLAY', array('_GUID' => 'dfd0f7a72cc2bf6b613b28f8165a0034', 'UNIQ_ID' => 'a' . uniqid('', true), 'EMBED' => $embed, 'ID' => $attributes['param'] != '' ? $attributes['param'] : 'rand' . uniqid('', true), 'X' => $x, 'Y' => $y, 'WIDTH' => $width, 'HEIGHT' => $height, 'TIMEIN' => $timein, 'TIMEOUT' => $timeout));
break;
case 'code':
if ($wml) {
$temp_tpl->attach('<b>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</b>');
break;
}
list($_embed, $title) = do_code_box($attributes['param'], $embed, array_key_exists('numbers', $attributes) && $attributes['numbers'] == '1', $in_semihtml, $is_all_semihtml);
if (!is_null($_embed)) {
$tpl = array_key_exists('scroll', $attributes) && $attributes['scroll'] == '1' ? 'COMCODE_CODE_SCROLL' : 'COMCODE_CODE';
if ($tpl == 'COMCODE_CODE_SCROLL' && substr_count($_embed, chr(10)) < 10) {
$style = 'height: auto';
} else {
$style = '';
}
$temp_tpl = do_template($tpl, array('_GUID' => 'c5d46d0927272fcacbbabcfab0ef6b0c', 'STYLE' => $style, 'TYPE' => $attributes['param'], 'CONTENT' => $_embed, 'TITLE' => $title));
} else {
$_embed = '';
}
if ($temp_tpl->is_empty()) {
if ($in_semihtml || $is_all_semihtml) {
require_code('comcode_from_html');
$back_to_comcode = semihtml_to_comcode($embed->evaluate());
// Undo what's happened already
//$back_to_comcode=html_entity_decode($back_to_comcode,ENT_QUOTES,get_charset()); // Remove the escaping entities that were inside the code tag
$embed = comcode_to_tempcode($back_to_comcode, $source_member, $as_admin, 80, $pass_id, $connection);
// Re-parse (with full security)
}
$_embed = $embed->evaluate();
if (!array_key_exists('scroll', $attributes) && strlen($_embed) > 1000) {
$attributes['scroll'] = '1';
}
$tpl = array_key_exists('scroll', $attributes) && $attributes['scroll'] == '1' ? 'COMCODE_CODE_SCROLL' : 'COMCODE_CODE';
$title = do_lang_tempcode('CODE');
if ($tpl == 'COMCODE_CODE_SCROLL' && substr_count($_embed, chr(10)) < 10) {
$style = 'height: auto';
} else {
$style = '';
}
$temp_tpl = do_template($tpl, array('CONTENT' => $_embed, 'TITLE' => $title, 'STYLE' => $style, 'TYPE' => $attributes['param']));
}
break;
case 'list':
if (is_array($embed)) {
$parts = $embed;
} else {
$_embed = trim($embed->evaluate());
$_embed = str_replace('[/*]', '', $_embed);
$parts = explode('[*]', $_embed);
}
if (isset($temp_tpl->preprocessable_bits)) {
$temp_tpl->preprocessable_bits = array_merge($temp_tpl->preprocessable_bits, $embed->preprocessable_bits);
}
if ($wml) {
foreach ($parts as $i => $part) {
if ($i == 0 && str_replace(array(' ', '<br />', ' '), array('', '', ''), trim($part)) == '') {
continue;
}
$temp_tpl->attach('<br />* ');
$temp_tpl->attach($part);
}
$temp_tpl->attach('<br />* ');
break;
}
$type = $attributes['param'];
if ($type != '') {
if ($type == '1') {
$type = 'decimal';
} elseif ($type == 'a') {
$type = 'lower-alpha';
} elseif ($type == 'i') {
$type = 'lower-roman';
} elseif ($type == 'x') {
$type = 'none';
} elseif (!in_array($type, array('circle', 'disc', 'square', 'armenian', 'decimal', 'decimal-leading-zero', 'georgian', 'lower-alpha', 'lower-greek', 'lower-latin', 'lower-roman', 'upper-alpha', 'upper-latin', 'upper-roman'))) {
$type = 'disc';
}
$tag = in_array($type, array('circle', 'disc', 'square')) ? 'ul' : 'ol';
$temp_tpl->attach('<' . $tag . ' style="list-style-type: ' . $type . '">');
foreach ($parts as $i => $part) {
if ($i == 0 && str_replace(array(' ', '<br />', ' '), array('', '', ''), trim($part)) == '') {
continue;
}
$temp_tpl->attach('<li>' . preg_replace('#\\<br /\\>(\\ |\\s)*$#D', '', preg_replace('#^\\<br /\\>(\\ |\\s)*#D', '', $part)) . '</li>');
}
$temp_tpl->attach('</' . $tag . '>');
} else {
$temp_tpl->attach('<ul>');
foreach ($parts as $i => $part) {
if ($i == 0 && str_replace(array(' ', '<br />', ' '), array('', '', ''), trim($part)) == '') {
continue;
}
$temp_tpl->attach('<li>' . preg_replace('#\\<br /\\>(\\ |\\s)*$#D', '', preg_replace('#^\\<br /\\>(\\ |\\s)*#D', '', $part)) . '</li>');
}
$temp_tpl->attach('</ul>');
}
break;
case 'snapback':
require_lang('ocf');
$post_id = intval($embed->evaluate());
$s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_POST_NUMBERED', integer_format($post_id)) : make_string_tempcode($attributes['param']);
$forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : '';
$temp_tpl = do_template('COMCODE_SNAPBACK', array('URL' => $GLOBALS['FORUM_DRIVER']->post_url($post_id, $forum), 'TITLE' => $s_title));
break;
case 'post':
require_lang('ocf');
$post_id = intval($embed->evaluate());
$s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_POST_NUMBERED', integer_format($post_id)) : make_string_tempcode($attributes['param']);
$forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : '';
$temp_tpl->attach(hyperlink($GLOBALS['FORUM_DRIVER']->post_url($post_id, $forum), $s_title));
break;
case 'topic':
require_lang('ocf');
$topic_id = intval($embed->evaluate());
$s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_TOPIC_NUMBERED', integer_format($topic_id)) : make_string_tempcode($attributes['param']);
$forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : '';
$temp_tpl->attach(hyperlink($GLOBALS['FORUM_DRIVER']->topic_url($topic_id, $forum), $s_title));
break;
case 'staff_note':
$temp_tpl = new ocp_tempcode();
return $temp_tpl;
case 'section':
if ($wml) {
$temp_tpl = $embed;
break;
}
$name = array_key_exists('param', $attributes) ? $attributes['param'] : 'section' . strval(mt_rand(0, 100));
$default = array_key_exists('default', $attributes) ? $attributes['default'] : '0';
$temp_tpl = do_template('COMCODE_SECTION', array('_GUID' => 'a902962ccdc80046c999d6fed907d105', 'PASS_ID' => 'x' . $pass_id, 'DEFAULT' => $default == '1', 'NAME' => $name, 'CONTENT' => $embed));
break;
case 'section_controller':
if ($wml) {
break;
}
$sections = explode(',', $embed->evaluate());
$temp_tpl = do_template('COMCODE_SECTION_CONTROLLER', array('_GUID' => '133bf24892e9e3ec2a01146d6ec418fe', 'SECTIONS' => $sections, 'PASS_ID' => 'x' . $pass_id));
break;
case 'big_tab':
if ($wml) {
$temp_tpl = $embed;
break;
}
$name = array_key_exists('param', $attributes) ? $attributes['param'] : 'big_tab' . strval(mt_rand(0, 100));
$default = array_key_exists('default', $attributes) ? $attributes['default'] : '0';
$temp_tpl = do_template('COMCODE_BIG_TABS_TAB', array('PASS_ID' => 'x' . $pass_id, 'DEFAULT' => $default == '1', 'NAME' => $name, 'CONTENT' => $embed));
break;
case 'big_tab_controller':
if ($wml) {
break;
}
$tabs = explode(',', $embed->evaluate());
if (!array_key_exists('switch_time', $attributes)) {
$attributes['switch_time'] = '6000';
}
$temp_tpl = do_template('COMCODE_BIG_TABS_CONTROLLER', array('SWITCH_TIME' => $attributes['switch_time'], 'TABS' => $tabs, 'PASS_ID' => 'x' . $pass_id));
break;
case 'tab':
if ($wml) {
$temp_tpl = $embed;
break;
}
$default = array_key_exists('default', $attributes) ? $attributes['default'] : '0';
$temp_tpl = do_template('COMCODE_TAB_BODY', array('DEFAULT' => $default == '1', 'TITLE' => trim($attributes['param']), 'CONTENT' => $embed));
break;
case 'tabs':
if ($wml) {
break;
}
$heads = new ocp_tempcode();
$tabs = explode(',', $attributes['param']);
foreach ($tabs as $i => $tab) {
$heads->attach(do_template('COMCODE_TAB_HEAD', array('TITLE' => trim($tab), 'FIRST' => $i == 0, 'LAST' => !array_key_exists($i + 1, $tabs))));
}
$temp_tpl = do_template('COMCODE_TAB_CONTROLLER', array('HEADS' => $heads, 'CONTENT' => $embed));
break;
case 'carousel':
if ($attributes['param'] == '') {
$attributes['param'] = '40';
}
$temp_tpl = do_template('COMCODE_CAROUSEL', array('CONTENT' => $embed, 'SCROLL_AMOUNT' => $attributes['param']));
break;
case 'menu':
if ($wml) {
break;
}
$name = array_key_exists('param', $attributes) ? $attributes['param'] : 'mnu' . strval(mt_rand(0, 100));
$type = array_key_exists('type', $attributes) ? $attributes['type'] : 'tree';
require_code('menus');
require_code('menus_comcode');
$temp_tpl = build_comcode_menu($embed->evaluate(), $name, $source_member, $type);
break;
case 'if_in_group':
$groups = '';
$_groups = explode(',', $attributes['param']);
$all_groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list();
foreach ($_groups as $group) {
$find = array_search($group, $all_groups);
if ($find === false) {
if ($groups != '') {
$groups .= ',';
}
$groups .= $group;
} else {
if ($groups != '') {
$groups .= ',';
}
$groups .= strval($find);
}
}
$temp_tpl = do_template('COMCODE_IF_IN_GROUP', array('_GUID' => '761a7cc07f7b4b68508d68ce19b87d2c', 'TYPE' => array_key_exists('type', $attributes) ? $attributes['type'] : '', 'CONTENT' => $embed, 'GROUPS' => $groups));
break;
case 'acronym':
case 'abbr':
$temp_tpl = do_template('COMCODE_ABBR', array('_GUID' => 'acbc4f991dsf03f81b61919b74ac24c91', 'CONTENT' => $embed, 'TITLE' => $attributes['param']));
break;
case 'address':
$temp_tpl = do_template('COMCODE_ADDRESS', array('_GUID' => 'acbcsdf9910703f81b61919b74ac24c91', 'CONTENT' => $embed));
break;
case 'dfn':
$temp_tpl = do_template('COMCODE_DFN', array('_GUID' => 'acbc4f9910703f81b61sf19b74ac24c91', 'CONTENT' => $embed));
break;
case 'pulse':
$min_color = array_key_exists('min', $attributes) ? $attributes['min'] : '0000FF';
$max_color = array_key_exists('max', $attributes) ? $attributes['max'] : 'FF0044';
if (substr($min_color, 0, 1) == '#') {
$min_color = substr($min_color, 1);
}
if (substr($max_color, 0, 1) == '#') {
$max_color = substr($max_color, 1);
}
$speed = $attributes['param'] == '' ? 100 : intval($attributes['param']);
$temp_tpl = do_template('COMCODE_PULSE', array('_GUID' => 'adsd4f9910sfd03f81b61919b74ac24c91', 'RAND_ID' => uniqid('', true), 'CONTENT' => $embed, 'MIN_COLOR' => $min_color, 'MAX_COLOR' => $max_color, 'SPEED' => strval($speed)));
break;
case 'del':
$cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL;
if (!is_null($cite)) {
$temp_tpl = test_url($cite, 'del', $cite, $source_member);
}
$datetime = array_key_exists('datetime', $attributes) ? $attributes['datetime'] : NULL;
$temp_tpl->attach(do_template('COMCODE_DEL', array('_GUID' => 'acsd4f9910sfd03f81b61919b74ac24c91', 'CONTENT' => $embed, 'CITE' => $cite, 'DATETIME' => $datetime)));
break;
case 'ins':
$cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL;
if (!is_null($cite)) {
$temp_tpl = test_url($cite, 'ins', $cite, $source_member);
if (!$temp_tpl->is_empty()) {
break;
}
}
$datetime = array_key_exists('datetime', $attributes) ? $attributes['datetime'] : NULL;
$temp_tpl->attach(do_template('COMCODE_INS', array('_GUID' => 'asss4f9910703f81b61919bsfc24c91', 'CONTENT' => $embed, 'CITE' => $cite, 'DATETIME' => $datetime)));
break;
case 'cite':
$temp_tpl = do_template('COMCODE_CITE', array('_GUID' => 'acbcsf910703f81b61919b74ac24c91', 'CONTENT' => $embed));
break;
case 'b':
if ($semiparse_mode) {
$temp_tpl = make_string_tempcode('<b>' . $embed->evaluate() . '</b>');
break;
}
$temp_tpl = do_template('COMCODE_BOLD', array('_GUID' => 'acbc4fds910703f81b619sf74ac24c91', 'CONTENT' => $embed));
break;
case 'align':
if ($wml) {
$temp_tpl = $embed;
break;
}
$align = array_key_exists('param', $attributes) ? $attributes['param'] : 'left';
$temp_tpl = do_template('COMCODE_ALIGN', array('_GUID' => '950b4d9db12cac6bf536860bedd96a36', 'ALIGN' => $align, 'CONTENT' => $embed));
break;
case 'indent':
if ($wml) {
$temp_tpl = $embed;
break;
}
$indent = array_key_exists('param', $attributes) ? $attributes['param'] : '10';
if (!is_numeric($indent)) {
$indent = '10';
}
$temp_tpl = do_template('COMCODE_INDENT', array('_GUID' => 'd8e69fa17eebd5312e3ad5788e3a1343', 'INDENT' => $indent, 'CONTENT' => $embed));
break;
case 'surround':
if ($wml) {
$temp_tpl = $embed;
break;
}
if ($semiparse_mode && $embed->evaluate() == '') {
$temp_tpl = make_string_tempcode('<kbd class="ocp_keep" title="no_parse">[surround="' . comcode_escape(array_key_exists('param', $attributes) ? $attributes['param'] : 'float_surrounder') . '"]' . $embed->evaluate() . '[/surround]</kbd>');
break;
}
$class = array_key_exists('param', $attributes) && $attributes['param'] != '' ? $attributes['param'] : 'float_surrounder';
$temp_tpl = do_template('COMCODE_SURROUND', array('_GUID' => 'e8e69fa17eebd5312e3ad5788e3a1343', 'CLASS' => $class, 'CONTENT' => $embed));
break;
case 'i':
if ($semiparse_mode) {
$temp_tpl = make_string_tempcode('<i>' . $embed->evaluate() . '</i>');
break;
}
$temp_tpl = do_template('COMCODE_ITALICS', array('_GUID' => '4321a1fe3825418e57a29410183c0c60', 'CONTENT' => $embed));
break;
case 'u':
if ($semiparse_mode) {
$temp_tpl = make_string_tempcode('<u>' . $embed->evaluate() . '</u>');
break;
}
$temp_tpl = do_template('COMCODE_UNDERLINE', array('_GUID' => '69cc8e73b17f9e6a35eb1af2bd1dc6ab', 'CONTENT' => $embed));
break;
case 's':
if ($wml) {
$temp_tpl = $embed;
break;
}
if ($semiparse_mode) {
$temp_tpl = make_string_tempcode('<strike>' . $embed->evaluate() . '</strike>');
break;
}
$temp_tpl = do_template('COMCODE_STRIKE', array('_GUID' => 'ed242591cefd365497cc0c63abbb11a9', 'CONTENT' => $embed));
break;
case 'tooltip':
$param = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
if ($wml) {
$temp_tpl->attach($embed);
$temp_tpl->attach('[ ');
$temp_tpl->attach($param);
$temp_tpl->attach(' ]');
break;
}
$temp_tpl = do_template('COMCODE_TOOLTIP', array('_GUID' => 'c9f4793dc0c1a92cd7d08ae1b87c2308', 'URL' => array_key_exists('url', $attributes) ? $attributes['url'] : '', 'TOOLTIP' => $param, 'CONTENT' => $embed));
break;
case 'sup':
if ($wml) {
$temp_tpl->attach('^');
$temp_tpl->attach($embed);
break;
}
$temp_tpl = do_template('COMCODE_SUP', array('_GUID' => '74d2ecfe193dacb6d922bc288828196a', 'CONTENT' => $embed));
break;
case 'sub':
if ($wml) {
$temp_tpl->attach('{');
$temp_tpl->attach($embed);
$temp_tpl->attach('}');
break;
}
$temp_tpl = do_template('COMCODE_SUB', array('_GUID' => '515e310e00a6d7c30f7dca0a5956ebcf', 'CONTENT' => $embed));
break;
case 'title':
if ($semiparse_mode && strpos($comcode, '[contents') !== false) {
$temp_tpl = make_string_tempcode('[title' . reinsert_parameters($attributes) . ']' . $embed->evaluate() . '[/title]');
break;
}
$level = $attributes['param'] != '' ? intval($attributes['param']) : 1;
if ($level == 0) {
$level = 1;
}
// Stop crazy Comcode causing stack errors with the toc
$uniq_id = strval(count($STRUCTURE_LIST));
$STRUCTURE_LIST[] = array($level, $embed, $uniq_id);
if ($level == 1) {
$template = 'SCREEN_TITLE';
} elseif ($level == 2) {
$template = 'COMCODE_SECTION_TITLE';
} elseif ($level == 3) {
$template = 'COMCODE_MINOR_TITLE';
} elseif ($level == 4) {
$template = 'COMCODE_VERY_MINOR_TITLE';
} else {
$template = 'COMCODE_VERY_MINOR_TITLE';
}
if ($level == 1) {
if (is_null($COMCODE_PARSE_TITLE)) {
$COMCODE_PARSE_TITLE = $embed->evaluate();
if (is_object($COMCODE_PARSE_TITLE)) {
$COMCODE_PARSE_TITLE = $COMCODE_PARSE_TITLE->evaluate();
}
}
}
$base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 2;
if (array_key_exists('number', $attributes) && $level >= $base) {
$list_types = $attributes['number'] == '' ? array() : explode(',', $attributes['number']);
$list_types = array_merge($list_types, array('decimal', 'lower-alpha', 'lower-roman', 'upper-alpha', 'upper-roman', 'disc'));
$numerals = array('i', 'ii', 'iii', 'iv', 'v', 'vi', 'viii', 'ix', 'x', 'xi', 'xii', 'xiii', 'xiv', 'xv', 'xvi', 'xvii', 'xviii', 'xix', 'xx');
$symbol_lookup = array('decimal' => range(1, 100), 'lower-alpha' => range('a', 'z'), 'lower-roman' => $numerals, 'upper-alpha' => range('A', 'Z'), 'upper-roman' => str_replace('i', 'I', str_replace('v', 'V', str_replace('x', 'X', $numerals))));
$level_text = '';
$list_pos = count($STRUCTURE_LIST) - 2;
for ($j = $level; $j >= $base; $j--) {
$num_before = 0;
for ($i = $list_pos; $i >= 0; $i--) {
$list_pos--;
if ($STRUCTURE_LIST[$i][0] == $j - 1) {
break;
}
if ($STRUCTURE_LIST[$i][0] == $j) {
$num_before++;
}
}
$level_number = @strval($symbol_lookup[$list_types[$j - $base]][$num_before]);
$level_text = $level_number . ($level_text != '' ? '.' : '') . $level_text;
}
$old_embed = $embed;
$embed = make_string_tempcode($level_text . ' – ');
$embed->attach($old_embed);
}
if ($wml) {
if ($level == 1) {
$temp_tpl->attach('<br /><p><big><u><b>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</b></u></big></p><br />');
} elseif ($level == 2) {
$temp_tpl->attach('<br /><p><big><u>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</u></big></p><br />');
} elseif ($level == 3) {
$temp_tpl->attach('<br /><p><big>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</big></p><br />');
} elseif ($level == 4) {
$temp_tpl->attach('<br /><p>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</p><br />');
}
break;
}
if ($semiparse_mode) {
$temp_tpl = make_string_tempcode('<h' . strval($level) . ($level == 1 ? ' class="main_page_title"' : '') . '><span class="inner">' . $embed->evaluate() . '</span></h' . strval($level) . '>');
break;
}
$tpl_map = array('ID' => substr($pass_id, 0, 5) == 'panel' ? NULL : $uniq_id, 'TITLE' => $embed, 'HELP_URL' => '', 'HELP_TERM' => '');
if (array_key_exists('sub', $attributes)) {
$tpl_map['SUB'] = protect_from_escaping(comcode_to_tempcode($attributes['sub'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member));
}
$temp_tpl = do_template($template, $tpl_map);
break;
case 'attachment':
case 'attachment2':
// legacy
// legacy
case 'attachment_safe':
if ($wml) {
break;
}
require_code('attachments');
if (is_null($on_behalf_of_member)) {
$on_behalf_of_member = $source_member;
}
$id = $embed->evaluate();
global $COMCODE_ATTACHMENTS;
if (!is_numeric($id) && !$as_admin && !has_specific_permission($source_member, 'exceed_filesize_limit')) {
// We work all this out before we do any downloads, to make sure orphaned files aren't dumped on the file system (possible hack method)
if (get_forum_type() == 'ocf') {
require_lang('ocf');
require_code('ocf_groups');
$daily_quota = ocf_get_member_best_group_property($source_member, 'max_daily_upload_mb');
} else {
$daily_quota = 5;
// 5 is a hard coded default for non-OCF forums
}
if (!is_null($daily_quota)) {
$_size_uploaded_today = $connection->query('SELECT SUM(a_file_size) AS the_answer FROM ' . $connection->get_table_prefix() . 'attachments WHERE a_member_id=' . strval((int) $source_member) . ' AND a_add_time>' . strval(time() - 60 * 60 * 24));
if (is_null($_size_uploaded_today[0]['the_answer'])) {
$_size_uploaded_today[0]['the_answer'] = 0;
}
$size_uploaded_today = ceil((double) $_size_uploaded_today[0]['the_answer'] / 1024.0 / 1024.0);
$attach_size = 0;
require_code('uploads');
is_swf_upload(true);
foreach ($_FILES as $_file) {
$attach_size += floatval($_file['size']) / 1024.0 / 1024.0;
}
if ($size_uploaded_today + $attach_size > floatval($daily_quota)) {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('OVER_DAILY_QUOTA', integer_format($daily_quota), float_format($size_uploaded_today))));
break;
}
}
}
$thumb_url = array_key_exists('thumb_url', $attributes) ? $attributes['thumb_url'] : '';
// Embedded attachments
if (!is_numeric($id) && substr($id, 0, 4) != 'new_' && substr($id, 0, 4) != 'url_') {
$file = base64_decode(str_replace(chr(10), '', $id));
if ($file === false) {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:CORRUPT_ATTACHMENT')));
break;
}
$md5 = md5(substr($file, 0, 30));
$original_filename = array_key_exists('filename', $attributes) ? $attributes['filename'] : $md5 . '.dat';
if (get_file_extension($original_filename) != 'dat') {
require_code('files2');
check_extension($original_filename, true);
$new_filename = $md5 . '.' . get_file_extension($original_filename) . '.dat';
} else {
$new_filename = $md5 . '.' . get_file_extension($original_filename);
}
$path = get_custom_file_base() . '/uploads/attachments/' . $new_filename;
$myfile = @fopen($path, 'wb');
if ($myfile === false) {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => intelligent_write_error_inline($path)));
break;
}
if (fwrite($myfile, $file) < strlen($file)) {
warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE'));
}
fclose($myfile);
fix_permissions($path);
sync_file($path);
$_size = strlen($file);
$url = 'uploads/attachments/' . $new_filename;
if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
$url = get_custom_base_url() . '/' . $url;
}
// Thumbnail
if ($thumb_url == '') {
require_code('images');
if (is_image($original_filename)) {
$gd = get_option('is_on_gd') == '1' && function_exists('imagetypes');
if ($gd) {
require_code('images');
if (!is_saveable_image($url)) {
$ext = '.png';
} else {
$ext = '.' . get_file_extension($original_filename);
}
$thumb_url = 'uploads/attachments_thumbs/' . $md5 . $ext;
convert_image(get_custom_base_url() . '/' . $url, get_custom_file_base() . '/' . $thumb_url, -1, -1, intval(get_option('thumb_width')), true, NULL, false, true);
if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
$thumb_url = get_custom_base_url() . '/' . $thumb_url;
}
} else {
$thumb_url = $url;
}
}
}
if (addon_installed('galleries')) {
require_code('images');
if (is_video($url) && $connection->connection_read == $GLOBALS['SITE_DB']->connection_read) {
require_code('transcoding');
$url = transcode_video($url, 'attachments', 'a_url', 'a_original_filename', NULL, NULL);
}
}
$attachment = array('a_member_id' => $on_behalf_of_member, 'a_file_size' => $_size, 'a_url' => $url, 'a_thumb_url' => $thumb_url, 'a_original_filename' => $original_filename, 'a_num_downloads' => 0, 'a_last_downloaded_time' => NULL, 'a_add_time' => time());
$attachment['a_description'] = array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : '';
$attach_id = $connection->query_insert('attachments', $attachment, true);
$attachment['id'] = $attach_id;
// Create and document attachment
if (!array_key_exists('type', $attributes)) {
$attributes['type'] = 'auto';
}
$COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'type' => 'new', 'attachmenttype' => $attributes['type'], 'description' => $attachment['a_description'], 'id' => intval($attach_id), 'marker' => $marker, 'comcode' => $comcode);
// Marker will allow us to search back and replace this with the added id
} elseif (!is_numeric($id)) {
require_code('uploads');
if (substr($id, 0, 4) == 'new_') {
$_id = substr($id, 4);
if (!is_numeric($_id)) {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:INVALID_ATTACHMENT')));
break;
}
$attributes['type'] = post_param('attachmenttype' . $_id, array_key_exists('type', $attributes) ? $attributes['type'] : 'auto');
if (substr($attributes['type'], -8) == '_extract') {
$attributes['type'] = substr($attributes['type'], 0, strlen($attributes['type']) - 8);
}
$urls = get_url('', 'file' . $_id, 'uploads/attachments', 2, OCP_UPLOAD_ANYTHING, (!array_key_exists('thumb', $attributes) || $attributes['thumb'] != '0') && $thumb_url == '', '', '', true, true, true);
if ($urls[0] == '') {
return new ocp_tempcode();
}
//warn_exit(do_lang_tempcode('ERROR_UPLOADING')); Can't do this, because this might not be post-calculated if something went wrong once
is_swf_upload(true);
$_size = $_FILES['file' . $_id]['size'];
$original_filename = $_FILES['file' . $_id]['name'];
if (get_magic_quotes_gpc()) {
$original_filename = stripslashes($original_filename);
}
} elseif (substr($id, 0, 4) == 'url_') {
if (!has_specific_permission($source_member, 'draw_to_server') && !$as_admin) {
break;
}
$_id = '!';
$attributes['type'] = post_param('attachmenttype' . $_id, array_key_exists('type', $attributes) ? $attributes['type'] : 'auto');
$url = remove_url_mistakes(substr($id, 4));
$_POST['_specify_url'] = $url;
// Little hack, as we need to read it from a POST
if (get_magic_quotes_gpc()) {
$_POST['_specify_url'] = addslashes($_POST['_specify_url']);
}
$urls = get_url('_specify_url', '', 'uploads/filedump', 1, OCP_UPLOAD_ANYTHING, (!array_key_exists('thumb', $attributes) || $attributes['thumb'] != '0') && $thumb_url == '', '', '', true, true);
if ($urls[0] == '') {
return new ocp_tempcode();
}
$original_filename = rawurldecode(substr($url, strrpos($url, '/') + 1));
if (url_is_local($urls[0])) {
$_size = @filesize(get_custom_file_base() . '/' . rawurldecode($urls[0]));
if ($_size === false) {
$_size = filesize(get_file_base() . '/' . rawurldecode($urls[0]));
}
} else {
$_size = 0;
}
} else {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:INVALID_ATTACHMENT')));
break;
}
if ($urls[0] == '') {
require_code('images');
require_code('files2');
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('ATTACHMENT_WOULD_NOT_UPLOAD', float_format(get_max_file_size() / 1024 / 1024), float_format(get_max_image_size() / 1024 / 1024))));
break;
}
$url = $urls[0];
if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
$url = get_custom_base_url() . '/' . $url;
}
if ($thumb_url == '') {
$thumb_url = array_key_exists(1, $urls) ? $urls[1] : '';
}
if ($thumb_url != '' && $connection != $GLOBALS['SITE_DB']) {
$thumb_url = get_custom_base_url() . '/' . $thumb_url;
}
$num_downloads = 0;
$last_downloaded_time = NULL;
$add_time = time();
$member_id = $on_behalf_of_member;
if (addon_installed('galleries')) {
require_code('images');
if (is_video($url) && $connection->connection_read == $GLOBALS['SITE_DB']->connection_read) {
require_code('transcoding');
$url = transcode_video($url, 'attachments', 'a_url', 'a_original_filename', NULL, NULL);
}
}
$attachment = array('a_member_id' => $member_id, 'a_file_size' => $_size, 'a_url' => $url, 'a_thumb_url' => $thumb_url, 'a_original_filename' => $original_filename, 'a_num_downloads' => $num_downloads, 'a_last_downloaded_time' => $last_downloaded_time, 'a_add_time' => $add_time);
$attachment['a_description'] = post_param('caption' . $_id, array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : '');
$attach_id = $connection->query_insert('attachments', $attachment, true);
$attachment['id'] = $attach_id;
if ($tag == 'attachment2' || $tag == 'attachment_safe' || substr($id, 0, 4) == 'url_') {
$connection->query_delete('attachment_refs', array('r_referer_type' => 'null', 'r_referer_id' => '', 'a_id' => $attachment['id']), '', 1);
$connection->query_insert('attachment_refs', array('r_referer_type' => 'null', 'r_referer_id' => '', 'a_id' => $attachment['id']));
}
// Create and document attachment
$COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'time' => time(), 'type' => substr($id, 0, 4) == 'new_' ? 'new' : 'url', 'attachmenttype' => $attributes['type'], 'description' => $attachment['a_description'], 'id' => intval($attach_id), 'marker' => $marker, 'comcode' => $comcode);
// Marker will allow us to search back and replace this with the added id
// Existing attachments
} else {
$__id = intval($id);
// Check we have permission to re-use this
$owner = $connection->query_value_null_ok('attachments', 'a_member_id', array('id' => $__id));
if (is_null($owner)) {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'attachment', escape_html(strval($__id)))));
if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
require_code('failure');
relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'attachment', strval($__id)), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
}
break;
}
$_attachment = $connection->query_select('attachments', array('*'), array('id' => $__id), '', 1);
$attachment = $_attachment[0];
$already_referenced = array_key_exists($__id, $GLOBALS['ATTACHMENTS_ALREADY_REFERENCED']);
if ($already_referenced || $as_admin || $source_member === $owner || (has_specific_permission($source_member, 'reuse_others_attachments') || $owner == $source_member) && has_attachment_access($source_member, $__id)) {
if (!array_key_exists('type', $attributes)) {
$attributes['type'] = 'auto';
}
$COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'time' => $attachment['a_add_time'], 'type' => 'existing', 'id' => $__id, 'attachmenttype' => $attributes['type'], 'marker' => $marker, 'comcode' => $comcode);
} else {
require_lang('permissions');
$username = $GLOBALS['FORUM_DRIVER']->get_username($source_member);
if (is_null($username)) {
$username = do_lang('DELETED');
}
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('permissions:ACCESS_DENIED__REUSE_ATTACHMENT', $username)));
break;
//access_denied('REUSE_ATTACHMENT');
}
if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
if (url_is_local($attachment['a_url'])) {
$attachment['a_url'] = get_custom_base_url() . '/' . $attachment['a_url'];
}
if (url_is_local($attachment['a_url'])) {
$attachment['a_thumb_url'] = get_custom_base_url() . '/' . $attachment['a_thumb_url'];
}
}
$attachment['a_description'] = array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : $attachment['a_description'];
}
// Now, render it
// ==============
$temp_tpl = render_attachment($tag, $attributes, $attachment, $pass_id, $source_member, $as_admin, $connection, $highlight_bits, $on_behalf_of_member, $semiparse_mode);
if (array_key_exists('float', $attributes)) {
$temp_tpl = do_template('FLOATER', array('_GUID' => '802fe29019be80993296de7cc8b5cc5e', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl));
}
break;
case 'include':
$codename = $embed->evaluate();
$zone = $attributes['param'];
if ($zone == '_SEARCH') {
$zone = get_comcode_zone($codename);
}
if ($zone == '_SELF') {
$zone = get_zone_name();
}
$temp_comcode_parse_title = $COMCODE_PARSE_TITLE;
$temp = request_page($codename, false, $zone, NULL, true);
$COMCODE_PARSE_TITLE = $temp_comcode_parse_title;
if ($temp->is_empty()) {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'include', hyperlink(build_url(array('page' => 'cms_comcode_pages', 'type' => '_ed', 'page_link' => $zone . ':' . $codename), get_module_zone('cms_comcode_pages')), $zone . ':' . $codename, false, true))));
if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
require_code('failure');
relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'include', $zone . ':' . $codename), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
}
} else {
$temp_tpl = symbol_tempcode('LOAD_PAGE', array($codename, $zone));
}
break;
case 'random':
unset($attributes['param']);
if ($wml) {
$top_attribute = array_pop($attributes);
$temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
break;
}
$max = $embed->evaluate() == '' ? intval($embed->evaluate()) : 0;
foreach ($attributes as $num => $val) {
$_temp = is_object($val) ? $val : comcode_to_tempcode($val, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
$attributes[$num] = $_temp->evaluate();
if (intval($num) > $max) {
$max = intval($num);
}
}
$_parts = new ocp_tempcode();
krsort($attributes);
foreach ($attributes as $num => $val) {
$_parts->attach(do_template('COMCODE_RANDOM_PART', array('_GUID' => '5fa49a916304f9caa0ddedeb01531142', 'NUM' => strval($num), 'VAL' => $val)));
}
$temp_tpl = do_template('COMCODE_RANDOM', array('_GUID' => '9b77aaf593b12c763fb0c367fab415b6', 'UNIQID' => uniqid('', true), 'FULL' => $embed, 'MAX' => strval($max), 'PARTS' => $_parts));
break;
case 'jumping':
unset($attributes['param']);
if ($wml) {
$top_attribute = array_pop($attributes);
$temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
break;
}
$_parts = new ocp_tempcode();
foreach ($attributes as $val) {
$_temp = is_object($val) ? $val : comcode_to_tempcode($val, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
$_parts->attach(do_template('COMCODE_JUMPING_PART', array('_GUID' => 'd163bd11920f39f0cb8ff2f6ba48bc80', 'PART' => $_temp->evaluate())));
}
$embed = $embed->evaluate();
$temp_tpl = do_template('COMCODE_JUMPING', array('_GUID' => '85e9f83ed134868436a7db7692f56047', 'UNIQID' => uniqid('', true), 'FULL' => implode(', ', $attributes), 'TIME' => strval((int) $embed), 'PARTS' => $_parts));
break;
case 'shocker':
if ($wml) {
$top_attribute = array_pop($attributes);
$temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
break;
}
$_parts = new ocp_tempcode();
foreach ($attributes as $key => $val) {
if (substr($key, 0, 5) == 'left_') {
$left = $val;
$right = array_key_exists('right_' . substr($key, 5), $attributes) ? $attributes['right_' . substr($key, 5)] : '';
$left = is_object($left) ? $left : comcode_to_tempcode($left, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
$right = is_object($right) ? $right : comcode_to_tempcode($right, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
$_parts->attach(do_template('COMCODE_SHOCKER_PART', array('LEFT' => $left, 'RIGHT' => $right)));
}
}
$min_color = array_key_exists('min', $attributes) ? $attributes['min'] : '0000FF';
$max_color = array_key_exists('max', $attributes) ? $attributes['max'] : 'FF0044';
if (substr($min_color, 0, 1) == '#') {
$min_color = substr($min_color, 1);
}
if (substr($max_color, 0, 1) == '#') {
$max_color = substr($max_color, 1);
}
$embed = $embed->evaluate();
$temp_tpl = do_template('COMCODE_SHOCKER', array('UNIQID' => uniqid('', true), 'MIN_COLOR' => $min_color, 'MAX_COLOR' => $max_color, 'FULL' => implode(', ', $attributes), 'TIME' => strval(intval($embed)), 'PARTS' => $_parts));
break;
case 'ticker':
if ($wml) {
$temp_tpl = $embed;
break;
}
$width = $attributes['param'];
if (!is_numeric($width)) {
$width = '300';
}
$fspeed = array_key_exists('speed', $attributes) ? float_to_raw_string(floatval($attributes['speed'])) : '1';
$temp_tpl = do_template('COMCODE_TICKER', array('_GUID' => 'e48893cda61995261577f0556443c537', 'UNIQID' => uniqid('', true), 'SPEED' => $fspeed, 'WIDTH' => $width, 'TEXT' => $embed));
break;
case 'highlight':
if ($wml) {
$temp_tpl->attach('<i>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</i>');
break;
}
$temp_tpl = do_template('COMCODE_HIGHLIGHT', array('_GUID' => '695d041b6605f06ec2aeee1e82f87185', 'CONTENT' => $embed));
break;
case 'size':
$size = array_key_exists('param', $attributes) ? $attributes['param'] : '1';
if ($wml) {
if (floatval($size) >= 1.5) {
$temp_tpl->attach('<big>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</big>');
} elseif (floatval($size) < 0.8) {
$temp_tpl->attach('<small>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</small>');
} else {
$temp_tpl->attach($embed);
}
break;
}
if (is_numeric($size)) {
$size = 'font-size: ' . $size . 'em;';
} elseif (substr($size, 0, 1) == '+') {
$size = 'font-size: ' . substr($size, 1) . 'em';
} elseif (substr($size, -1) == '%') {
$size = 'font-size: ' . float_to_raw_string(floatval(substr($size, 0, strlen($size) - 1)) / 100.0) . 'em';
} elseif (substr($size, -2) == 'of') {
$new_size = '1em';
switch ($size) {
case '1of':
$new_size = '8pt';
break;
case '2of':
$new_size = '10pt';
break;
case '3of':
$new_size = '12pt';
break;
case '4of':
$new_size = '14pt';
break;
case '5of':
$new_size = '18pt';
break;
case '6of':
$new_size = '24pt';
break;
case '7of':
$new_size = '36pt';
break;
}
$size = 'font-size: ' . $new_size;
} else {
$size = 'font-size: ' . $size;
}
$size_len = strlen($size);
filter_html($as_admin, $source_member, 0, $size_len, $size, false, false);
$temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'fb23fdcb45aabdfeca9f37ed8098948e', 'CONTENT' => $embed, 'SIZE' => $size, 'COLOR' => '', 'FACE' => ''));
break;
case 'color':
if ($wml) {
$temp_tpl = $embed;
break;
}
$color = array_key_exists('param', $attributes) ? 'color: ' . $attributes['param'] . ';' : '';
$temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'bd146414c9239ba2076f4b683df437d7', 'CONTENT' => $embed, 'SIZE' => '', 'COLOR' => $color, 'FACE' => ''));
$color_len = strlen($color);
filter_html($as_admin, $source_member, 0, $color_len, $color, false, false);
break;
case 'tt':
if ($wml) {
$temp_tpl->attach('<i>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</i>');
break;
}
$temp_tpl = do_template('COMCODE_TELETYPE', array('CONTENT' => $embed));
break;
case 'samp':
if ($wml) {
$temp_tpl->attach('<i>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</i>');
break;
}
$temp_tpl = do_template('COMCODE_SAMP', array('CONTENT' => $embed));
break;
case 'q':
if ($wml) {
$temp_tpl->attach('<i>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</i>');
break;
}
$temp_tpl = do_template('COMCODE_Q', array('CONTENT' => $embed));
break;
case 'var':
if ($wml) {
$temp_tpl->attach('<i>');
$temp_tpl->attach($embed);
$temp_tpl->attach('</i>');
break;
}
$temp_tpl = do_template('COMCODE_VAR', array('CONTENT' => $embed));
break;
case 'font':
$face = $attributes['param'];
if ($face == '' && array_key_exists('face', $attributes)) {
$face = $attributes['face'];
}
$color = array_key_exists('color', $attributes) ? $attributes['color'] : '';
$size = array_key_exists('size', $attributes) ? $attributes['size'] : '';
if ($face == '/') {
$face = '';
}
if ($color == '/') {
$color = '';
}
if ($size == '/') {
$size = '';
}
if ($wml) {
$before = '';
$after = '';
if ($size != '') {
if (floatval($size) >= 1.5) {
$before = '<big>';
$after = '</big>';
} elseif (floatval($size) < 0.8) {
$before = '<small>';
$after = '</small>';
}
}
$temp_tpl->attach($before);
$temp_tpl->attach($embed);
$temp_tpl->attach($after);
break;
}
if ($color != '') {
$color = 'color: ' . $color . ';';
}
if ($size != '') {
if (is_numeric($size)) {
$size = 'font-size: ' . $size . 'em;';
} elseif (substr($size, 0, 1) == '+') {
$size = 'font-size: ' . substr($size, 1) . 'em';
} elseif (substr($size, -1) == '%') {
$size = 'font-size: ' . float_to_raw_string(floatval(substr($size, 0, strlen($size) - 1)) / 100.0) . 'em';
} elseif (substr($size, -2) == 'of') {
$new_size = '1em';
switch ($size) {
case '1of':
$new_size = '8pt';
break;
case '2of':
$new_size = '10pt';
break;
case '3of':
$new_size = '12pt';
break;
case '4of':
$new_size = '14pt';
break;
case '5of':
$new_size = '18pt';
break;
case '6of':
$new_size = '24pt';
break;
case '7of':
$new_size = '36pt';
break;
}
$size = 'font-size: ' . $new_size;
} else {
$size = 'font-size: ' . $size;
}
}
if ($face != '') {
$face = 'font-family: ' . str_replace('\'', '', $face) . ';';
}
$size_len = strlen($size);
filter_html($as_admin, $source_member, 0, $size_len, $size, false, false);
$color_len = strlen($color);
filter_html($as_admin, $source_member, 0, $color_len, $color, false, false);
$face_len = strlen($face);
filter_html($as_admin, $source_member, 0, $face_len, $face, false, false);
$temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'f5fcafe737b8fdf466a6a51773e09c9b', 'CONTENT' => $embed, 'SIZE' => $size, 'COLOR' => $color, 'FACE' => $face));
break;
case 'box':
if ($wml) {
$temp_tpl->attach('<br /><p>');
if ($attributes['param'] != '') {
$temp_tpl->attach('<big>');
$temp_tpl->attach($attributes['param']);
$temp_tpl->attach('</big><br /><br />');
}
$temp_tpl->attach($embed);
$temp_tpl->attach('</p></br />');
break;
}
// Legacy parameter. There used to be 'place' and 'nowrap' and 'class', but these are now gone.
$breadth = array_key_exists('breadth', $attributes) ? $attributes['breadth'] : '100%';
if ($breadth == 'WIDE') {
$breadth = '100%';
}
if ($breadth == 'WIDE_HIGH') {
$breadth = '100%';
}
if ($breadth == 'THIN') {
$breadth = 'auto';
}
// The new versions
$dimensions = array_key_exists('dimensions', $attributes) ? comcode_to_tempcode($attributes['dimensions'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member) : make_string_tempcode($breadth);
$type = array_key_exists('type', $attributes) ? $attributes['type'] : '';
$options = array_key_exists('options', $attributes) ? $attributes['options'] : '';
$meta = $comcode_dangerous && array_key_exists('meta', $attributes) ? $attributes['meta'] : '';
//Insecure, unneeded here
$links = $comcode_dangerous && array_key_exists('links', $attributes) ? $attributes['links'] : '';
//Insecure, unneeded here
$converted = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
$temp_tpl = directive_tempcode('BOX', $embed, array($converted, $dimensions, make_string_tempcode($type), make_string_tempcode($options), make_string_tempcode($meta), make_string_tempcode($links)));
if (array_key_exists('float', $attributes)) {
$temp_tpl = do_template('FLOATER', array('_GUID' => '54e8fc9ec1e16cfc5c8824e22f1e8745', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl));
}
break;
case 'concept':
if ($wml) {
$temp_tpl = $embed;
break;
}
if (!array_key_exists('param', $attributes) || $attributes['param'] == '') {
$key = $embed->evaluate();
$temp_tpl = symbol_tempcode('DISPLAY_CONCEPT', array($key));
} else {
$temp_tpl = do_template('COMCODE_CONCEPT_INLINE', array('_GUID' => '381a59de4d6f8967446c12bf4641a9ce', 'TEXT' => $embed, 'FULL' => $attributes['param']));
}
break;
case 'concepts':
if ($wml) {
break;
}
$title = $embed->evaluate();
$concepts = new ocp_tempcode();
foreach ($attributes as $_key => $_value) {
if (substr($_key, -4) == '_key') {
$key = $_value;
$cid = substr($_key, 0, strlen($_key) - 4);
$to_parse = array_key_exists($cid . '_value', $attributes) ? $attributes[$cid . '_value'] : new ocp_tempcode();
$value = is_object($to_parse) ? $to_parse : comcode_to_tempcode($to_parse, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
$concepts->attach(do_template('COMCODE_CONCEPTS_CONCEPT', array('_GUID' => '4baf6dabc32146c594c7fd922791b6b2', 'A' => 'concept___' . preg_replace('#[^\\w]#', '_', $key), 'KEY' => $key, 'VALUE' => $value)));
}
}
$temp_tpl = do_template('COMCODE_CONCEPTS', array('_GUID' => '4c7a1d70753dc1d209b9951aa10f361a', 'TITLE' => $title, 'CONCEPTS' => $concepts));
break;
case 'exp_ref':
if ($wml) {
break;
}
$_embed = $embed->evaluate();
if (strpos($_embed, '.') !== false) {
break;
}
$stub = get_file_base() . '/data_custom/images/' . get_zone_name() . '/';
$stub2 = get_base_url() . '/data_custom/images/' . get_zone_name() . '/';
if (!file_exists($stub)) {
$stub = get_file_base() . '/data/images/' . get_zone_name() . '/';
$stub2 = get_base_url() . '/data/images/' . get_zone_name() . '/';
}
if (!file_exists($stub)) {
$stub = get_file_base() . '/data_custom/images/';
$stub2 = get_base_url() . '/data_custom/images/';
}
if (!file_exists($stub)) {
$stub = get_file_base() . '/data/images/';
$stub2 = get_base_url() . '/data/images/';
}
if (substr($_embed, 0, 1) == '/') {
$_embed = substr($_embed, 1);
}
if (file_exists($stub . $_embed . '.png')) {
$url = $stub2 . $_embed . '.png';
} elseif (file_exists($stub . $_embed . '.gif')) {
$url = $stub2 . $_embed . '.gif';
} elseif (file_exists($stub . $_embed . '.jpg')) {
$url = $stub2 . $_embed . '.jpg';
} elseif (file_exists($stub . $_embed . '.jpeg')) {
$url = $stub2 . $_embed . '.jpeg';
} else {
$stub = get_file_base() . '/data/images/docs/';
$stub2 = get_base_url() . '/data/images/docs/';
if (substr($_embed, 0, 1) == '/') {
$_embed = substr($_embed, 1);
}
if (file_exists($stub . $_embed . '.png')) {
$url = $stub2 . $_embed . '.png';
} elseif (file_exists($stub . $_embed . '.gif')) {
$url = $stub2 . $_embed . '.gif';
} elseif (file_exists($stub . $_embed . '.jpg')) {
$url = $stub2 . $_embed . '.jpg';
} elseif (file_exists($stub . $_embed . '.jpeg')) {
$url = $stub2 . $_embed . '.jpeg';
} else {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'exp_ref', escape_html($_embed))));
if (array_key_exists('COMCODE_BROKEN_URLS', $GLOBALS)) {
$GLOBALS['COMCODE_BROKEN_URLS'][] = array($_embed, NULL);
} elseif (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
require_code('failure');
relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'exp_ref', $_embed), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
}
break;
}
}
$text = make_string_tempcode($attributes['param']);
if ($text->is_empty()) {
$text = do_lang_tempcode('EXAMPLE');
}
$temp_tpl = do_template('COMCODE_EXP_REF', array('_GUID' => '89e7f528e72096e3458d6acb70734d0b', 'TEXT' => $text, 'URL' => $url));
break;
case 'exp_thumb':
if ($wml) {
break;
}
$_embed = $embed->evaluate();
if (strpos($_embed, '.') !== false) {
break;
}
$stub = get_file_base() . '/data/images/' . get_zone_name() . '/';
$stub2 = get_base_url() . '/data/images/' . get_zone_name() . '/';
if (substr($_embed, 0, 1) == '/') {
$_embed = substr($_embed, 1);
}
if (file_exists($stub . $_embed . '.png')) {
$url_full = $stub2 . $_embed . '.png';
} elseif (file_exists($stub . $_embed . '.gif')) {
$url_full = $stub2 . $_embed . '.gif';
} elseif (file_exists($stub . $_embed . '.jpg')) {
$url_full = $stub2 . $_embed . '.jpg';
} elseif (file_exists($stub . $_embed . '.jpeg')) {
$url_full = $stub2 . $_embed . '.jpeg';
} else {
$stub = get_file_base() . '/data/images/docs/';
$stub2 = get_base_url() . '/data/images/docs/';
if (substr($_embed, 0, 1) == '/') {
$_embed = substr($_embed, 1);
}
if (file_exists($stub . $_embed . '.png')) {
$url_full = $stub2 . $_embed . '.png';
} elseif (file_exists($stub . $_embed . '.gif')) {
$url_full = $stub2 . $_embed . '.gif';
} elseif (file_exists($stub . $_embed . '.jpg')) {
$url_full = $stub2 . $_embed . '.jpg';
} elseif (file_exists($stub . $_embed . '.jpeg')) {
$url_full = $stub2 . $_embed . '.jpeg';
} else {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'exp_thumb', escape_html($_embed))));
if (array_key_exists('COMCODE_BROKEN_URLS', $GLOBALS)) {
$GLOBALS['COMCODE_BROKEN_URLS'][] = $_embed;
} elseif (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
require_code('failure');
relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'exp_thumb', $_embed), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
}
break;
}
}
$float = array_key_exists('float', $attributes) ? $attributes['float'] : 'right';
$text = $attributes['param'];
if (get_option('is_on_gd') == '0' || !function_exists('imagetypes')) {
$url_thumb = $url_full;
} else {
$new_name = $_embed . '_thumb.png';
$file_thumb = $stub . $new_name;
if (file_exists($file_thumb)) {
$url_thumb = $stub2 . rawurlencode($new_name);
} else {
$new_name = $_embed . '.png';
$file_thumb = get_custom_file_base() . '/uploads/auto_thumbs/' . $new_name;
if (!file_exists($file_thumb)) {
require_code('images');
convert_image($url_full, $file_thumb, -1, -1, 150, false);
}
$url_thumb = get_custom_base_url() . '/uploads/auto_thumbs/' . rawurlencode($new_name);
}
}
if (get_param_integer('wide_print', 0) == 1) {
$temp_tpl = do_template('COMCODE_EXP_THUMB_PRINT', array('_GUID' => 'de7f8a7fa29c2335f381a0beb3da9406', 'FLOAT' => $float, 'TEXT' => $text, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full));
} else {
$temp_tpl = do_template('COMCODE_EXP_THUMB', array('_GUID' => 'ce7f8a7fa29c2335f381a0beb3da9406', 'FLOAT' => $float, 'TEXT' => $text, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full));
}
break;
case 'thumb':
if ($wml) {
break;
}
$_embed = $embed->evaluate();
$_embed = remove_url_mistakes($_embed);
$_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin);
if (substr($_embed, 0, 1) == '/') {
$_embed = substr($_embed, 1);
}
if (url_is_local($_embed)) {
if (file_exists(get_file_base() . '/' . $_embed) && !file_exists(get_custom_file_base() . '/' . $_embed)) {
$url_full = get_base_url() . '/' . $_embed;
} else {
$url_full = get_custom_base_url() . '/' . $_embed;
}
} else {
$url_full = $_embed;
}
$align = array_key_exists('align', $attributes) ? $attributes['align'] : 'bottom';
if (get_option('is_on_gd') == '0' || !function_exists('imagetypes') || !has_specific_permission($source_member, 'draw_to_server') && !$as_admin) {
$url_thumb = $url_full;
} else {
if ($attributes['param'] != '') {
$url_thumb = url_is_local($attributes['param']) ? get_custom_base_url() . '/' . $attributes['param'] : $attributes['param'];
}
if ($attributes['param'] == '' || url_is_local($attributes['param']) && !file_exists(get_custom_file_base() . '/' . rawurldecode($attributes['param']))) {
$new_name = url_to_filename($url_full);
require_code('images');
if (!is_saveable_image($new_name)) {
$new_name .= '.png';
}
if (is_null($new_name)) {
$temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('URL_THUMB_TOO_LONG')));
break;
}
$file_thumb = get_custom_file_base() . '/uploads/auto_thumbs/' . $new_name;
if (!file_exists($file_thumb) && strpos($file_thumb, '{$') === false) {
convert_image($url_full, $file_thumb, -1, -1, intval(get_option('thumb_width')), false);
}
$url_thumb = get_custom_base_url() . '/uploads/auto_thumbs/' . rawurlencode($new_name);
}
}
$caption = array_key_exists('caption', $attributes) ? $attributes['caption'] : '';
$temp_tpl = do_template('COMCODE_THUMB', array('_GUID' => '1b0d25f72ef5f816091269e29c586d60', 'CAPTION' => $caption, 'RAND' => strval(mt_rand(0, 32000)), 'ALIGN' => $align, 'PASS_ID' => intval($pass_id) < 0 ? strval(mt_rand(0, 10000)) : $pass_id, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full));
if (array_key_exists('float', $attributes)) {
$temp_tpl = do_template('FLOATER', array('_GUID' => 'cbc56770714a44f56676f43da282cc7a', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl));
}
break;
case 'img':
if ($wml) {
break;
}
if ($semiparse_mode && array_key_exists('rollover', $attributes)) {
$temp_tpl = make_string_tempcode('[img' . reinsert_parameters($attributes) . ']' . $embed->evaluate() . '[/img]');
break;
}
$_embed = $embed->evaluate();
$given_url = $_embed;
$_embed = remove_url_mistakes($_embed);
if (substr($_embed, 0, 1) == '/') {
$_embed = substr($_embed, 1);
}
$_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin);
if (url_is_local($_embed)) {
if (file_exists(get_file_base() . '/' . $_embed) && !file_exists(get_custom_file_base() . '/' . $_embed)) {
$url_full = get_base_url() . '/' . $_embed;
} else {
$url_full = get_custom_base_url() . '/' . $_embed;
}
} else {
$url_full = $_embed;
}
$temp_tpl = test_url($url_full, 'img', @html_entity_decode($given_url, ENT_QUOTES, get_charset()), $source_member);
$align = array_key_exists('align', $attributes) ? $attributes['align'] : '';
$caption = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
if (array_key_exists('title', $attributes)) {
$tooltip = is_object($attributes['title']) ? $attributes['title'] : comcode_to_tempcode($attributes['title'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
} else {
$tooltip = $caption;
}
$rollover = array_key_exists('rollover', $attributes) ? $attributes['rollover'] : NULL;
if (!is_null($rollover) && url_is_local($rollover)) {
if (file_exists(get_file_base() . '/' . $rollover) && !file_exists(get_custom_file_base() . '/' . $rollover)) {
$rollover = get_base_url() . '/' . $rollover;
} else {
$rollover = get_custom_base_url() . '/' . $rollover;
}
}
$refresh_time = array_key_exists('refresh_time', $attributes) ? strval(intval($attributes['refresh_time'])) : '0';
$temp_tpl->attach(do_template('COMCODE_IMG', array('_GUID' => '70166d8dbb0aff064b99c0dd30ed77a8', 'RAND' => uniqid('', true), 'REFRESH_TIME' => $refresh_time, 'ROLLOVER' => $rollover, 'ALIGN' => $align, 'URL' => $url_full, 'TOOLTIP' => $tooltip, 'CAPTION' => $caption)));
if (array_key_exists('float', $attributes)) {
$temp_tpl = do_template('FLOATER', array('_GUID' => '918162250c80e10212efd9a051545b9b', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl));
}
break;
case 'flash':
if ($wml) {
break;
}
$_embed = $embed->evaluate();
$given_url = $_embed;
$_embed = remove_url_mistakes($_embed);
if (substr($_embed, 0, 1) == '/') {
$_embed = substr($_embed, 1);
}
$_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin);
$url_full = url_is_local($_embed) ? get_custom_base_url() . '/' . $_embed : $_embed;
$temp_tpl = test_url($url_full, 'flash', @html_entity_decode($given_url, ENT_QUOTES, get_charset()), $source_member);
if ($attributes['param'] == '' || strpos($attributes['param'], 'x') === false) {
if (!array_key_exists('width', $attributes)) {
$attributes['width'] = '300';
}
if (!array_key_exists('height', $attributes)) {
$attributes['height'] = '300';
}
$attributes['param'] = $attributes['width'] . 'x' . $attributes['height'];
}
list($width, $height) = explode('x', $attributes['param'], 2);
if (addon_installed('jwplayer') && (substr($url_full, -4) == '.flv' || substr($url_full, -4) == '.mp4' || substr($url_full, -4) == '.mp3' || substr($url_full, -4) == '.webm')) {
$temp_tpl->attach(do_template('COMCODE_FLV', array('_GUID' => '4746684d9e098709cc6671e1b00ce47e', 'URL' => $url_full, 'WIDTH' => $width, 'HEIGHT' => $height)));
} else {
$temp_tpl->attach(do_template('COMCODE_SWF', array('_GUID' => '8bc61ad75977a5a85eff96454af31fe8', 'URL' => $url_full, 'WIDTH' => $width, 'HEIGHT' => $height)));
}
break;
case 'url':
// Make them both HTML strings
$url = $embed->evaluate();
if (is_object($attributes['param'])) {
$switch_over = true;
// We know if must be Comcode XML
$attributes['param'] = $attributes['param']->evaluate();
} else {
$switch_over = !looks_like_url($url) && looks_like_url($attributes['param'], true);
if (strpos($attributes['param'], '[') !== false || strpos($attributes['param'], '{') !== false) {
$param_temp = comcode_to_tempcode(escape_html($attributes['param']), $source_member, $as_admin, 60, NULL, $connection, false, false, true, false, false, $highlight_bits, $on_behalf_of_member);
global $ADVERTISING_BANNERS;
$temp_ab = $ADVERTISING_BANNERS;
$ADVERTISING_BANNERS = array();
$caption = $param_temp;
$ADVERTISING_BANNERS = $temp_ab;
} else {
$caption = make_string_tempcode(escape_html($attributes['param']));
// Consistency of escaping
}
}
// Do we need to switch around?
if ($switch_over) {
$url = $attributes['param'];
$caption = $embed;
}
// If we weren't given a caption, use the URL, but crop if necessary
if ($caption->evaluate() == '') {
$_caption = $url;
// Shorten the URL if it is too long
$max_link_length = 50;
if (strlen($_caption) > $max_link_length) {
$_caption = escape_html(substr(@html_entity_decode($_caption, ENT_QUOTES, get_charset()), 0, intval($max_link_length / 2 - 3))) . '…' . escape_html(substr(@html_entity_decode($_caption, ENT_QUOTES, get_charset()), intval(-$max_link_length / 2)));
}
$caption = make_string_tempcode($_caption);
}
// Tidy up the URL now
$url = @html_entity_decode($url, ENT_QUOTES, get_charset());
$url = fixup_protocolless_urls($url);
// Integrity and security
$url = check_naughty_javascript_url($source_member, $url, $as_admin);
// More URL tidying
$local = url_is_local($url) || strpos($url, get_domain()) !== false;
$given_url = $url;
if ($url != '' && $url[0] != '#') {
if (substr($url, 0, 1) == '/') {
$url = substr($url, 1);
}
$url_full = url_is_local($url) ? get_base_url() . '/' . $url : $url;
if ($GLOBALS['XSS_DETECT']) {
ocp_mark_as_escaped($url_full);
}
} else {
$url_full = $url;
}
$striped_base_url = str_replace('www.', '', str_replace('http://', '', get_base_url()));
if ($striped_base_url != '' && substr($url, 0, 1) != '%' && strpos($url_full, $striped_base_url) === false) {
$temp_tpl = test_url($url_full, 'url', $given_url, $source_member);
}
// Render
if (!array_key_exists('target', $attributes)) {
$attributes['target'] = $local ? '_top' : '_blank';
}
if ($attributes['target'] == 'blank') {
$attributes['target'] = '_blank';
}
$rel = $as_admin || has_specific_permission($source_member, 'search_engine_links') ? '' : 'nofollow';
if ($attributes['target'] == '_blank') {
$title = (is_object($caption) ? static_evaluate_tempcode($caption) : $caption) . ' ' . do_lang('LINK_NEW_WINDOW');
} else {
$title = '';
}
$temp_tpl->attach(do_template('COMCODE_URL', array('_GUID' => 'd1657530e6d3d57e6a4791fb3bfa0dd7', 'TITLE' => $title, 'REL' => $rel, 'TARGET' => $attributes['target'], 'URL' => $url_full, 'CAPTION' => $caption)));
break;
case 'email':
$_embed = $embed->evaluate();
require_code('type_validation');
require_code('obfuscate');
// If we need to switch
if (is_object($attributes['param']) || !is_valid_email_address($_embed) && is_valid_email_address($attributes['param'])) {
$temp = $embed;
// Is tempcode
$_embed = $attributes['param'];
$attributes['param'] = $temp;
} else {
$attributes['param'] = comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
// Becomes tempcode
}
if ($attributes['param']->is_empty()) {
$attributes['param'] = obfuscate_email_address($_embed);
}
$subject = array_key_exists('subject', $attributes) ? $attributes['subject'] : '';
$body = array_key_exists('body', $attributes) ? $attributes['body'] : '';
$title = '';
if (array_key_exists('title', $attributes)) {
$title = $attributes['title'];
}
$temp_tpl = do_template('COMCODE_EMAIL', array('_GUID' => '5f6ade8fe07701b6858575153d78f4e9', 'TITLE' => $title, 'ADDRESS' => obfuscate_email_address($_embed), 'SUBJECT' => $subject, 'BODY' => $body, 'CAPTION' => $attributes['param']));
break;
case 'reference':
if ($wml) {
break;
}
if (array_key_exists('type', $attributes) && $attributes['type'] == 'url') {
$_embed = $embed->evaluate();
$_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin);
if (!array_key_exists('title', $attributes)) {
$attributes['title'] = $attributes['param'];
}
if (is_object($attributes['title']) || $attributes['title'] != '') {
$_title = is_object($attributes['title']) ? make_string_tempcode(escape_html($attributes['title'])) : comcode_to_tempcode($attributes['title'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
$title = $_title->evaluate();
} else {
$title = $_embed;
}
$embed = hyperlink($_embed, $title, true);
}
$temp_tpl = do_template('COMCODE_REFERENCE', array_merge($attributes, array('SOURCE' => $embed)));
break;
case 'upload':
// This points to a file path, not a URL
$_embed = $embed->evaluate();
$type = array_key_exists('type', $attributes) ? $attributes['type'] : 'downloads';
if (is_object($attributes['param']) || $attributes['param'] != '') {
$_caption = is_object($attributes['param']) ? make_string_tempcode(escape_html($attributes['param'])) : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
$__caption = $_caption->evaluate();
} else {
$__caption = $_embed;
}
$url = get_custom_base_url() . '/' . $type . '/' . rawurlencode($_embed);
$url = check_naughty_javascript_url($source_member, $url, $as_admin);
$temp_tpl = test_url($url, 'upload', $_embed, $source_member);
$temp_tpl->attach(hyperlink($url, $__caption));
break;
case 'page':
$ignore_if_hidden = array_key_exists('ignore_if_hidden', $attributes) && $attributes['ignore_if_hidden'] == '1';
unset($attributes['ignore_if_hidden']);
// Two sets of parameters: simple style and complex style; both are completely incompatible
$hash = '';
if ($attributes == array('param' => '')) {
$zone = '_SEARCH';
$caption = $embed;
$attributes = array('page' => $caption->evaluate());
} elseif (array_keys($attributes) == array('param')) {
$caption = $embed;
if ($wml) {
$temp_tpl = $embed;
break;
} else {
if (strpos($attributes['param'], ':') !== false) {
global $OVERRIDE_SELF_ZONE;
$page_link = $attributes['param'];
list($zone, $attributes, $hash) = page_link_decode($page_link);
if (!array_key_exists('page', $attributes)) {
$attributes['page'] = '';
}
if ($zone == '_SELF' && !is_null($OVERRIDE_SELF_ZONE)) {
$zone = $OVERRIDE_SELF_ZONE;
}
} else {
$zone = '_SEARCH';
// Changed in v3 from '_SELF', to allow context-sensitivity
$attributes = array_merge(array('page' => $attributes['param']), $attributes);
}
}
} else {
$caption = array_key_exists('caption', $attributes) ? comcode_to_tempcode($attributes['caption'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member) : $embed;
if ($wml) {
$temp_tpl = $caption;
break;
} else {
$zone = $param_given ? $attributes['param'] : '_SEARCH';
// Changed in v3 from '_SELF', to allow context-sensitivity
unset($attributes['caption']);
if (!array_key_exists('page', $attributes)) {
$attributes = array_merge(array('page' => $embed->evaluate()), $attributes);
}
}
}
unset($attributes['param']);
foreach ($attributes as $key => $val) {
if (is_object($val)) {
$attributes[$key] = $val->evaluate();
}
}
if ($zone == '_SEARCH') {
$zone = get_page_zone($attributes['page'], false);
if (is_null($zone)) {
$zone = '';
}
}
$pl_url = build_url($attributes, $zone, NULL, false, false, false, $hash);
$temp_tpl = hyperlink($pl_url, $caption);
$page = $attributes['page'];
if ($page != '') {
if ($zone == '_SELF') {
$zone = get_zone_name();
}
if ($zone == '_SEARCH') {
$zone = get_page_zone($page, false);
if (is_null($zone)) {
$zone = '';
}
// Oh dear, well it will be correctly identified as not found anyway
}
$ptest = _request_page($page, $zone);
if ($ptest !== false) {
if ($page == 'topicview' && array_key_exists('id', $attributes)) {
if (!is_numeric($attributes['id'])) {
$attributes['id'] = $GLOBALS['SITE_DB']->query_value_null_ok('url_id_monikers', 'm_resource_id', array('m_resource_page' => $page, 'm_moniker' => $attributes['id']));
}
if (!is_null($attributes['id'])) {
$test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_topics', 'id', array('id' => $attributes['id']));
if (is_null($test)) {
$ptest = false;
}
} else {
$ptest = false;
}
}
}
if ($ptest === false) {
//$temp_tpl->attach(' ['.do_lang('MISSING_RESOURCE').']'); // Don't want this as we might be making the page immediately
if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !in_array($page, $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
if ($ignore_if_hidden) {
$temp_tpl = do_template('COMCODE_DEL', array('CONTENT' => $caption));
} else {
require_code('failure');
relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'page_link', $page_link), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
}
}
}
}
break;
case 'hide':
if ($wml) {
$temp_tpl = $embed;
break;
}
if (array_key_exists('param', $attributes)) {
$text = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
} else {
$text = do_lang_tempcode('EXPAND');
}
$temp_tpl = do_template('COMCODE_HIDE', array('_GUID' => 'a591a0d1e6bb3dde0f22cebb9c7ab93e', 'TEXT' => $text, 'CONTENT' => $embed));
break;
case 'quote':
if ($wml) {
$temp_tpl->attach('<br /><br />' . $attributes['param'] . ':');
$temp_tpl->attach($embed);
break;
}
$cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL;
if (!is_null($cite)) {
$temp_tpl = test_url($cite, 'quote', $cite, $source_member);
}
if ($attributes['param'] == '' && isset($attributes['author'])) {
$attributes['param'] = $attributes['author'];
}
// Compatibility with SMF
if ($attributes['param'] != '') {
if (is_numeric($attributes['param'])) {
$attributes['param'] = $GLOBALS['FORUM_DRIVER']->get_username($attributes['param']);
if (is_null($attributes['param'])) {
$attributes['param'] = do_lang('UNKNOWN');
}
} else {
$attributes['param'] = protect_from_escaping(comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member));
}
$temp_tpl->attach(do_template('COMCODE_QUOTE_BY', array('_GUID' => '18f55a548892ad08b0b50b3b586b5b95', 'CITE' => $cite, 'CONTENT' => $embed, 'BY' => $attributes['param'], 'SAIDLESS' => array_key_exists('saidless', $attributes) ? $attributes['saidless'] : '0')));
} else {
$temp_tpl->attach(do_template('COMCODE_QUOTE', array('_GUID' => 'fa275de59433c17da19b22814c17fdc5', 'CITE' => $cite, 'CONTENT' => $embed)));
}
break;
case 'html':
if ($wml) {
break;
}
$temp_tpl = $embed;
// Plain HTML. But it's been filtered already
break;
case 'semihtml':
$temp_tpl = $embed;
// Hybrid HTML. But it's been filtered already
break;
case 'block':
if ($wml) {
break;
}
$attributes['block'] = trim($embed->evaluate());
if (preg_match('#^[\\w\\-]*$#', $attributes['block']) == 0) {
$temp_tpl = paragraph(do_lang_tempcode('MISSING_BLOCK_FILE', escape_html($attributes['block'])), '90dfdlksds8d7dyddssddxs', 'error_marker');
break;
// Avoids a suspected hack attempt by just filtering early
}
$_attributes = array();
foreach ($attributes as $key => $val) {
$_attributes[] = $key . '=' . $val;
}
$temp_tpl = symbol_tempcode('BLOCK', $_attributes);
break;
case 'contents':
if ($wml) {
break;
}
// Do structure sweep
$urls_for = array();
$old_structure_list = $STRUCTURE_LIST;
$STRUCTURE_LIST = array();
// reset for e.g. comcode_text_to_tempcode calls (which don't itself reset it, although _comcode_to_tempcode does for top level parses)
if (array_key_exists('files', $attributes) && $comcode_dangerous) {
$s_zone = array_key_exists('zone', $attributes) ? $attributes['zone'] : get_zone_name();
$pages = find_all_pages($s_zone, 'comcode_custom/' . get_site_default_lang(), 'txt') + find_all_pages($s_zone, 'comcode/' . get_site_default_lang(), 'txt');
$prefix = $attributes['files'];
foreach ($pages as $pg_name => $pg_type) {
if (substr($pg_name, 0, strlen($prefix)) == $prefix) {
$i = count($STRUCTURE_LIST);
comcode_to_tempcode(file_get_contents(zone_black_magic_filterer(get_file_base() . '/' . $s_zone . '/pages/' . $pg_type . '/' . $pg_name . '.txt'), FILE_TEXT), $source_member, $as_admin, 60, NULL, $connection, false, false, false, true, false, NULL, $on_behalf_of_member);
$page_url = build_url(array('page' => $pg_name), $s_zone);
while (array_key_exists($i, $STRUCTURE_LIST)) {
$urls_for[] = $page_url;
$i++;
}
}
}
$base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 1;
} else {
if (substr($comcode, 0, 8) == '<comcode') {
require_code('comcode_xml');
if (!$as_admin) {
check_specific_permission('comcode_dangerous', NULL, $source_member);
}
$_ = new comcode_xml_to_tempcode($comcode, $source_member, 60, NULL, $connection, false, false, false, true, false, $on_behalf_of_member);
} else {
require_code('comcode_text');
comcode_text_to_tempcode($comcode, $source_member, $as_admin, 60, NULL, $connection, false, false, false, true, false, NULL, $on_behalf_of_member);
}
$base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 1;
}
$list_types = $embed->evaluate() == '' ? array() : explode(',', $embed->evaluate());
$list_types += array('decimal', 'lower-alpha', 'lower-roman', 'upper-alpha', 'upper-roman', 'disc');
$levels_allowed = array_key_exists('levels', $attributes) ? intval($attributes['levels']) : NULL;
// Convert the list structure into a tree structure
$past_level_stack = array(1);
$subtree_stack = array(array());
$levels = 1;
foreach ($STRUCTURE_LIST as $i => $struct) {
$level = $struct[0];
$title = $struct[1];
$uniq_id = $struct[2];
$url = array_key_exists($i, $urls_for) ? $urls_for[$i] : '';
if ($level > $levels_allowed && !is_null($levels_allowed)) {
continue;
}
// Going down the tree
if ($level > $past_level_stack[$levels - 1]) {
array_push($past_level_stack, $level);
array_push($subtree_stack, array(array($uniq_id, $title->evaluate(), $url)));
$levels++;
} else {
// Going back up the tree, destroying levels that must have now closed off
while ($level < $past_level_stack[$levels - 1] && $levels > 2) {
array_pop($past_level_stack);
$subtree = array_pop($subtree_stack);
$levels--;
// Alter the last of the next level on stack so it is actually taking the closed off level as children, and changing from a property list to a pair: property list & children
$subtree_stack[$levels - 1][count($subtree_stack[$levels - 1]) - 1] = array($subtree_stack[$levels - 1][count($subtree_stack[$levels - 1]) - 1], $subtree);
}
// Store the title where we are
$subtree_stack[$levels - 1][] = array($uniq_id, $title->evaluate(), $url);
}
}
// Clean up... going up until we're with 1
while ($levels > 1) {
array_pop($past_level_stack);
$subtree = array_pop($subtree_stack);
$levels--;
$parent_level_start_index = count($subtree_stack[$levels - 1]) - 1;
if ($parent_level_start_index < 0) {
$subtree_stack[$levels - 1] = $subtree;
} else {
$subtree_stack[$levels - 1][$parent_level_start_index] = array($subtree_stack[$levels - 1][$parent_level_start_index], $subtree);
}
}
// Now we have the structure to display
$levels_t = _do_contents_level($subtree_stack[0], $list_types, $base);
$temp_tpl = do_template('COMCODE_CONTENTS', array('_GUID' => 'ca2f5320fa930e2257a2e74e4f98e5a0', 'LEVELS' => $levels_t));
$STRUCTURE_LIST = $old_structure_list;
// Restore, so subsequent 'title' tags have correct numbering
break;
}
// Last ditch effort: custom tags
if ($temp_tpl->is_definitely_empty() && !$wml) {
global $REPLACE_TARGETS;
if (array_key_exists($tag, $REPLACE_TARGETS)) {
$replace = $REPLACE_TARGETS[$tag]['replace'];
$parameters = explode(',', $REPLACE_TARGETS[$tag]['parameters']);
$binding = array('CONTENT' => $embed, 'RAND' => uniqid('', true));
foreach ($parameters as $parameter) {
$parameter = trim($parameter);
$parts = explode('=', $parameter);
if (count($parts) == 1) {
$parts[] = '';
}
if (count($parts) != 2) {
continue;
}
list($parameter, $default) = $parts;
if (!array_key_exists($parameter, $attributes) || $attributes[$parameter] == '') {
$attributes[$parameter] = $default;
}
$binding[strtoupper($parameter)] = $attributes[$parameter];
$replace = str_replace('{' . $parameter . '}', '{' . strtoupper($parameter) . '*}', $replace);
}
$replace = str_replace('{content}', array_key_exists($tag, $GLOBALS['TEXTUAL_TAGS']) ? '{CONTENT}' : '{CONTENT*}', $replace);
require_code('tempcode_compiler');
$temp_tpl = template_to_tempcode($replace);
$temp_tpl = $temp_tpl->bind($binding, '(custom comcode: ' . $tag . ')');
}
}
return $temp_tpl;
}
$user_exists = $db->query_first("\n SELECT userid, username, email, languageid\n FROM " . TABLE_PREFIX . "user\n WHERE username = '******'username']) . "'\n ");
if (!empty($user_exists['username'])) {
$valid_entries = FALSE;
$error_type = "username";
$messages['fields'][] = $error_type;
$messages['errors'][] = "Sorry, this username is already taken.";
// fetch_error('usernametaken', $user_exists['username'], '');
}
if (empty($vbulletin->GPC['terms_and_conditions'])) {
$valid_entries = FALSE;
$userdata->error('fieldmissing');
$messages['errors'][] = $message = "Please agree to the " . fetch_phrase('forum_rules', 'register');
$messages['fields'][] = $error_type = "terms_and_conditions";
}
// validate email
if (is_valid_email_address($vbulletin->GPC['email'])) {
list($email_name, $email_domain) = preg_split("/@/", $vbulletin->GPC['email']);
if (!checkdnsrr($email_domain, "MX")) {
$valid_entries = FALSE;
$messages['errors'][] = $message = fetch_error('bademail') . " No MX records found for domain.";
$messages['fields'][] = $error_type = "email";
} else {
if ($vbulletin->options['requireuniqueemail']) {
// check if email already exists on DB
$user_exists = $db->query_read_slave("\n SELECT userid, username, email, languageid\n FROM " . TABLE_PREFIX . "user\n WHERE UPPER(email) = '" . strtoupper($db->escape_string($vbulletin->GPC['email'])) . "'\n ");
if ($db->num_rows($user_exists)) {
$valid_entries = FALSE;
$messages['errors'][] = $message = fetch_error('emailtaken', '');
$messages['fields'][] = $error_type = "email";
}
}
/**
* The actualiser to contact a member.
*
* @return tempcode The UI
*/
function actual()
{
if (addon_installed('captcha')) {
require_code('captcha');
enforce_captcha();
}
$member_id = get_param_integer('id');
$email_address = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_email_address');
if (is_null($email_address)) {
fatal_exit(do_lang_tempcode('INTERNAL_ERROR'));
}
$to_name = $GLOBALS['FORUM_DRIVER']->get_username($member_id);
breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('EMAIL_MEMBER', escape_html($to_name)))));
if (is_null($to_name)) {
warn_exit(do_lang_tempcode('USER_NO_EXIST'));
}
$from_email = trim(post_param('email_address'));
require_code('type_validation');
if (!is_valid_email_address($from_email)) {
warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS'));
}
$from_name = post_param('name');
$title = get_page_title('EMAIL_MEMBER', true, array(escape_html($GLOBALS['FORUM_DRIVER']->get_username($member_id))));
require_code('mail');
$attachments = array();
$size_so_far = 0;
require_code('uploads');
is_swf_upload(true);
foreach ($_FILES as $file) {
if (is_swf_upload() || is_uploaded_file($file['tmp_name'])) {
$attachments[$file['tmp_name']] = $file['name'];
$size_so_far += $file['size'];
} else {
if (defined('UPLOAD_ERR_NO_FILE') && array_key_exists('error', $file) && $file['error'] != UPLOAD_ERR_NO_FILE) {
warn_exit(do_lang_tempcode('ERROR_UPLOADING_ATTACHMENTS'));
}
}
}
$size = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_max_email_attach_size_mb');
if ($size_so_far > $size * 1024 * 1024) {
warn_exit(do_lang_tempcode('EXCEEDED_ATTACHMENT_SIZE', integer_format($size)));
}
mail_wrap(do_lang('EMAIL_MEMBER_SUBJECT', get_site_name(), post_param('subject'), NULL, get_lang($member_id)), post_param('message'), array($email_address), $to_name, $from_email, $from_name, 3, $attachments, false, get_member());
log_it('EMAIL', strval($member_id), $to_name);
breadcrumb_set_self(do_lang_tempcode('DONE'));
$url = get_param('redirect');
return redirect_screen($title, $url, do_lang_tempcode('SUCCESS'));
}
/**
* Find the posted value from the get_field_inputter field
*
* @param boolean Whether we were editing (because on edit, it could be a fractional edit)
* @param array The field details
* @param string Where the files will be uploaded to
* @param ?string Former value of field (NULL: none)
* @return string The value
*/
function inputted_to_field_value($editing, $field, $upload_dir = 'uploads/catalogues', $old_value = NULL)
{
$id = $field['id'];
$tmp_name = 'field_' . strval($id);
require_code('type_validation');
$value = post_param($tmp_name, $editing ? STRING_MAGIC_NULL : '');
if ($value != '' && $value != STRING_MAGIC_NULL && !is_valid_email_address($value)) {
warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS'));
}
return $value;
}
/**
* The actualiser for recommending the site.
*
* @return tempcode The UI.
*/
function actual()
{
breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('RECOMMEND_SITE'))));
$name = post_param('name');
$message = post_param('message');
$recommender_email_address = post_param('recommender_email_address');
$invite = false;
if (addon_installed('captcha')) {
require_code('captcha');
enforce_captcha();
}
require_code('type_validation');
$email_adrs_to_send = array();
$names_to_send = array();
foreach ($_POST as $key => $email_address) {
if (substr($key, 0, 14) != 'email_address_') {
continue;
}
if ($email_address == '') {
continue;
}
if (get_magic_quotes_gpc()) {
$email_address = stripslashes($email_address);
}
if (!is_valid_email_address($email_address)) {
attach_message(do_lang_tempcode('INVALID_EMAIL_ADDRESS'), 'warn');
return $this->gui();
} else {
$email_adrs_to_send[] = $email_address;
$names_to_send[] = $email_address;
}
if (is_guest()) {
break;
}
}
$adrbook_emails = array();
$adrbook_names = array();
$adrbook_use_these = array();
foreach ($_POST as $key => $email_address) {
if (preg_match('#details_email_|details_name_|^use_details_#', $key) == 0) {
continue;
}
if (preg_match('#details_email_#', $key) != 0) {
if (get_magic_quotes_gpc()) {
$email_address = stripslashes($email_address);
}
if (is_valid_email_address($email_address)) {
$curr_num = intval(preg_replace('#details_email_#', '', $key));
$adrbook_emails[$curr_num] = $email_address;
}
}
if (preg_match('#details_name_#', $key)) {
$curr_num = intval(preg_replace('#details_name_#', '', $key));
$adrbook_names[$curr_num] = $email_address;
}
if (preg_match('#^use_details_#', $key)) {
$curr_num = intval(preg_replace('#use_details_#', '', $key));
$adrbook_use_these[$curr_num] = $curr_num;
}
}
//add emails from address book file
foreach ($adrbook_use_these as $key => $value) {
$cur_email = array_key_exists($key, $adrbook_emails) && strlen($adrbook_emails[$key]) > 0 ? $adrbook_emails[$key] : '';
$cur_name = array_key_exists($key, $adrbook_names) && strlen($adrbook_names[$key]) > 0 ? $adrbook_names[$key] : '';
if (strlen($cur_email) > 0) {
$email_adrs_to_send[] = $cur_email;
$names_to_send[] = strlen($cur_name) > 0 ? $cur_name : $cur_email;
}
}
if (count($email_adrs_to_send) == 0) {
warn_exit(do_lang_tempcode('ERROR_NO_CONTACTS_SELECTED'));
}
foreach ($email_adrs_to_send as $key => $email_address) {
if (get_magic_quotes_gpc()) {
$email_address = stripslashes($email_address);
}
if (post_param_integer('wrap_message', 0) == 1) {
$title = get_page_title('_RECOMMEND_SITE', true, array(escape_html(get_site_name())));
$referring_username = is_guest() ? NULL : get_member();
$_url = post_param_integer('invite', 0) == 1 ? build_url(array('page' => 'join', 'email_address' => $email_address, 'keep_referrer' => $referring_username), get_module_zone('join')) : build_url(array('page' => '', 'keep_referrer' => $referring_username), '');
$url = $_url->evaluate();
$join_url = $GLOBALS['FORUM_DRIVER']->join_url();
$_message = do_lang(post_param_integer('invite', 0) == 1 ? 'INVITE_MEMBER_MESSAGE' : 'RECOMMEND_MEMBER_MESSAGE', $name, $url, array(get_site_name(), $join_url)) . $message;
} else {
$title = get_page_title('RECOMMEND_LINK');
$_message = $message;
}
if (may_use_invites() && get_forum_type() == 'ocf' && !is_guest() && post_param_integer('invite', 0) == 1) {
$invites = get_num_invites(get_member());
if ($invites > 0) {
send_recommendation_email($name, $email_address, $_message, true, $recommender_email_address, post_param('subject', NULL), $names_to_send[$key]);
$GLOBALS['FORUM_DB']->query_insert('f_invites', array('i_inviter' => get_member(), 'i_email_address' => $email_address, 'i_time' => time(), 'i_taken' => 0));
$invite = true;
}
} elseif (get_option('is_on_invites') == '0' && get_forum_type() == 'ocf') {
$GLOBALS['FORUM_DB']->query_insert('f_invites', array('i_inviter' => get_member(), 'i_email_address' => $email_address, 'i_time' => time(), 'i_taken' => 0));
}
if (!$invite) {
send_recommendation_email($name, $email_address, $_message, false, $recommender_email_address, post_param('subject', NULL), $names_to_send[$key]);
}
}
breadcrumb_set_self(do_lang_tempcode('DONE'));
return inform_screen($title, do_lang_tempcode('RECOMMENDATION_MADE'));
}
/**
* Standard stage of pointstore item purchase.
*
* @return tempcode The UI
*/
function _newpop3()
{
if (get_option('is_on_pop3_buy') == '0') {
return new ocp_tempcode();
}
$title = get_page_title('TITLE_NEWPOP3');
// Getting User Information
$member_id = get_member();
$pointsleft = available_points($member_id);
// So we don't need to call these big ugly names, again...
$_suffix = post_param('esuffix');
$prefix = post_param('email-prefix');
$pass1 = post_param('pass1');
$pass2 = post_param('pass2');
// Which suffix have we chosen?
$suffix = 'pop3_' . $_suffix;
$_suffix_price = get_price($suffix);
$points_after = $pointsleft - $_suffix_price;
pointstore_handle_error_already_has('pop3');
if ($points_after < 0 && !has_specific_permission(get_member(), 'give_points_self')) {
return warn_screen($title, do_lang_tempcode('NOT_ENOUGH_POINTS', escape_html($_suffix)));
}
// Password checking (to see if both 'passwords' are the same)
if ($pass1 != $pass2) {
return warn_screen($title, do_lang_tempcode('PASSWORD_MISMATCH'));
}
// Does the prefix contain valid characters?
require_code('type_validation');
if (!is_valid_email_address($prefix . '@' . $_suffix)) {
return warn_screen($title, do_lang_tempcode('INVALID_EMAIL_PREFIX'));
}
pointstore_handle_error_taken($prefix, $_suffix);
// Return
$proceed_url = build_url(array('page' => '_SELF', 'type' => '__newpop3', 'id' => 'pop3'), '_SELF');
$keep = new ocp_tempcode();
$keep->attach(form_input_hidden('prefix', $prefix));
$keep->attach(form_input_hidden('suffix', $_suffix));
$keep->attach(form_input_hidden('password', $pass1));
return do_template('POINTSTORE_CONFIRM_SCREEN', array('_GUID' => '099ab9d87fb6e68d74de27e7d41d50c0', 'MESSAGE' => paragraph($prefix . '@' . $_suffix), 'TITLE' => $title, 'ACTION' => do_lang_tempcode('TITLE_NEWPOP3'), 'KEEP' => $keep, 'COST' => integer_format($_suffix_price), 'POINTS_AFTER' => integer_format($points_after), 'PROCEED_URL' => $proceed_url, 'CANCEL_URL' => build_url(array('page' => '_SELF'), '_SELF')));
}
$tpl->name = 'newstopic';
$tpl->menuitem = MNU_START_NEWS_POST;
require $opt['rootpath'] . 'lib2/logic/captcha.inc.php';
require $opt['rootpath'] . 'lib2/mail.class.php';
$topicid = isset($_REQUEST['topic']) ? $_REQUEST['topic'] : 1;
$newstext = isset($_REQUEST['newstext']) ? $_REQUEST['newstext'] : '';
$newshtml = isset($_REQUEST['newshtml']) ? $_REQUEST['newshtml'] + 0 : 0;
$email = isset($_REQUEST['email']) ? $_REQUEST['email'] : '';
$captcha_id = isset($_REQUEST['captcha_id']) ? $_REQUEST['captcha_id'] : '';
$captcha = isset($_REQUEST['captcha']) ? $_REQUEST['captcha'] : '';
$emailok = false;
$tpl->assign('email_error', 0);
$tpl->assign('captcha_error', 0);
$tpl->assign('confirm', 0);
if (isset($_REQUEST['submit'])) {
$emailok = is_valid_email_address($email) ? true : false;
$captchaok = checkCaptcha($captcha_id, $captcha);
if ($emailok == true && $captchaok == true) {
// filtern und ausgabe vorbereiten
$tpl->assign('confirm', 1);
if ($newshtml == 0) {
$newstext = htmlspecialchars($newstext, ENT_COMPAT, 'UTF-8');
} else {
$purifier = new OcHTMLPurifier($opt);
$newstext = $purifier->purify($newstext);
}
$sTopic = sql_value("SELECT `name` FROM `news_topics` WHERE `id`='&1'", '', $topicid);
$tpl->assign('newstopic', $sTopic);
$tpl->assign('newstext', $newstext);
// in DB schreiben
sql("INSERT INTO `news` (`content`, `topic`, `display`) VALUES ('&1', '&2', '&3')", $newstext, $topicid, 0);
$tpl->menuitem = MNU_MYPROFILE_DATA_EMAIL;
$login->verify();
if ($login->userid == 0) {
$tpl->redirect('login.php?target=newemail.php');
}
$user = new user($login->userid);
$tpl->assign('newemail', $user->getNewEMail());
if (isset($_REQUEST['request'])) {
$email = isset($_REQUEST['email']) ? $_REQUEST['email'] : '';
$tpl->assign('email', $email);
$bError = false;
if (mb_strtolower($user->getEMail()) == mb_strtolower($email)) {
$tpl->assign('emailErrorSame', true);
$bError = true;
}
if ($bError == false && !is_valid_email_address($email)) {
$tpl->assign('emailErrorInvalid', true);
$bError = true;
}
if ($bError == false && $user->existEMail($email)) {
$tpl->assign('emailErrorExists', true);
$bError = true;
}
if ($bError == false && $user->requestNewEMail($email)) {
$tpl->assign('emailRequested', true);
$tpl->assign('newemail', $email);
} else {
if ($bError == false) {
$tpl->assign('emailErrorUnkown', true);
$bError = true;
}
/**
* Use the data passed in by the user to create a new account.
*/
protected function createAccount()
{
if (!isset($_POST['signup_action'])) {
$this->_forward('index', 'signup', null, array('signup_error' => 'Improper post data.'));
return false;
}
if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['email'])) {
return $this->failToCreateAccount('Missing fields.');
}
$username = $_POST['username'];
$exists = $this->_getUsersModel()->nicknameExists($username);
if ($exists) {
return $this->failToCreateAccount('The username you chose already exists.');
}
$password = $_POST['password'];
if (strlen($password) < 5 || $password == $username) {
return $this->failToCreateAccount('Please provide a better password.');
}
$email = trim($_POST['email']);
if (!is_valid_email_address($email)) {
return $this->failToCreateAccount('Invalid email provided.');
}
// Create the user now!
$profile = array('nickname' => $username, 'email' => $email);
$user_id = $this->_getUsersModel()->createNewUserFromProfile($profile);
$this->_getUserIDModel()->attachUserID($username, $password, $user_id);
$authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get('dbAdapter'), 'userid', 'username', 'password', "MD5(CONCAT('" . Zend_Registry::get('staticSalt') . "', ?, salt))");
$authAdapter->setIdentity($username)->setCredential($password);
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
$this->_storeUserProfile($auth, $user_id, $profile);
$this->_helper->getHelper('Redirector')->setGotoSimple('edit', 'profile');
} else {
return $this->failToCreateAccount('Failed to authenticate you.');
}
return true;
}
$presentation = unserialize($result[2]['data']);
}
/*
/* 6.0 Hooks that affect blocks in the $presentation object (view). These hooks cannot affect blocks outside of the given view
*/
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['action'])) {
switch ($_POST['action']) {
// Login block hook. Authenticate user and assign group that is first in the list for the user's group (see users_groups_system) table this hook also affects the login block for display of login errors
case 'login':
if ('login' == $_SESSION['user']['view']) {
$_POST['email'] = trim(strtolower($_POST['email']));
/* Check syntax. Elseif structure helps provide more specific error messages */
if (!(isset($_POST['email']) && strlen($_POST['email']))) {
$presentation->block_cache['login']['block']->errors['email_addr'] = 'Enter e-mail address';
} elseif (!is_valid_email_address($_POST['email'])) {
$presentation->block_cache['login']['block']->errors['email_addr'] = 'Enter valid e-mail address';
}
/* 2) check if passwd is from $_POST and is not empty. Length 6 characters min. */
if (!(isset($_POST['password']) && strlen($_POST['password']))) {
$presentation->block_cache['login']['block']->errors['passwd'] = 'Enter your password';
} elseif (isset($_POST['password']) && strlen($_POST['password']) < 6) {
$presentation->block_cache['login']['block']->errors['passwd'] = 'Invalid password';
}
/* 3) database record check */
if ($presentation->block_cache['login']['block']->errors['passwd'] == ' ' && $presentation->block_cache['login']['block']->errors['email_addr'] == ' ') {
/* Select user record and check for correct email_addr and passwd */
$params = array(0 => array(':email_addr', $_POST['email'], PDO::PARAM_STR));
bind_params($params, $query[7]);
$query[7]->execute();
if (!($result[7] = $query[7]->fetch(PDO::FETCH_ASSOC))) {
<?php
$passcode = isset($_GET['passcode']) ? $_GET['passcode'] : '';
function is_valid_email_address()
{
return isset($_GET['email']) && filter_var($_GET['email'], FILTER_VALIDATE_EMAIL);
}
// first, check that a valid email address has been given
if (is_valid_email_address()) {
$email = $_GET['email'];
// now, get a copy of whatever version of the vCard the requester is allowed
$url = "http://neilcrosby.com/vcard/?vcf=1&passcode={$passcode}";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$contents = curl_exec($ch);
// close cURL resource, and free up system resources
curl_close($ch);
#$contents = file_get_contents('../vcard.vcf');
// and save it to a temporary location (so that it gets a nice filename)
$dir = '/tmp/' . md5(time());
mkdir($dir);
$tempFile = $dir . '/NeilCrosby.vcf';
file_put_contents($tempFile, $contents);
// send the email
require 'geekMail-1.0.php';
$geekMail = new geekMail();
$geekMail->setMailType('text');
$geekMail->from('*****@*****.**', 'Neil Crosby');
$geekMail->to($email);
/**
* Edit a member.
*
* @param AUTO_LINK The ID of the member.
* @param ?SHORT_TEXT The e-mail address. (NULL: don't change)
* @param ?BINARY Whether posts are previewed before they are made. (NULL: don't change)
* @param ?integer Day of date of birth. (NULL: don't change) (-1: deset)
* @param ?integer Month of date of birth. (NULL: don't change) (-1: deset)
* @param ?integer Year of date of birth. (NULL: don't change) (-1: deset)
* @param ?ID_TEXT The member timezone. (NULL: don't change)
* @param ?GROUP The members primary (NULL: don't change).
* @param array A map of custom fields values (field-id=>value).
* @param ?ID_TEXT The members default theme. (NULL: don't change)
* @param ?BINARY Whether the members age may be shown. (NULL: don't change)
* @param ?BINARY Whether the member sees signatures in posts. (NULL: don't change)
* @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to. (NULL: don't change)
* @param ?LANGUAGE_NAME The members language. (NULL: don't change)
* @param ?BINARY Whether the member allows e-mails via the site. (NULL: don't change)
* @param ?BINARY Whether the member allows e-mails from staff via the site. (NULL: don't change)
* @param ?BINARY Whether the profile has been validated (NULL: do not change this). (NULL: don't change)
* @param ?string The username. (NULL: don't change)
* @param ?string The password. (NULL: don't change)
* @param ?BINARY Whether the member likes to view zones without menus, when a choice is available. (NULL: don't change)
* @param ?BINARY Whether the member username will be highlighted. (NULL: don't change)
* @param ?SHORT_TEXT Usergroups that may PT the member. (NULL: don't change)
* @param ?LONG_TEXT Rules that other members must agree to before they may start a PT with the member. (NULL: don't change)
* @param ?TIME When the member is on probation until (NULL: don't change)
* @param ?TIME When the member joined (NULL: don't change)
* @param ?URLPATH Avatar (NULL: don't change)
* @param ?LONG_TEXT Signature (NULL: don't change)
* @param ?BINARY Banned status (NULL: don't change)
* @param ?URLPATH Photo URL (NULL: don't change)
* @param ?URLPATH URL of thumbnail of photo (NULL: don't change)
* @param ?SHORT_TEXT Password salt (NULL: don't change)
* @param ?ID_TEXT Password compatibility scheme (NULL: don't change)
* @param boolean Whether to skip security checks and most of the change-triggered emails
*/
function ocf_edit_member($member_id, $email_address, $preview_posts, $dob_day, $dob_month, $dob_year, $timezone, $primary_group, $custom_fields, $theme, $reveal_age, $views_signatures, $auto_monitor_contrib_content, $language, $allow_emails, $allow_emails_from_staff, $validated = NULL, $username = NULL, $password = NULL, $zone_wide = 1, $highlighted_name = NULL, $pt_allow = '*', $pt_rules_text = '', $on_probation_until = NULL, $join_time = NULL, $avatar_url = NULL, $signature = NULL, $is_perm_banned = NULL, $photo_url = NULL, $photo_thumb_url = NULL, $salt = NULL, $password_compatibility_scheme = NULL, $skip_checks = false)
{
require_code('type_validation');
if (!$skip_checks) {
$old_email_address = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_email_address');
if (!is_null($email_address) && ($email_address != '' || $old_email_address != '' && !has_specific_permission(get_member(), 'member_maintenance')) && !is_valid_email_address($email_address)) {
warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address)));
}
}
if (!is_null($username) && $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_password_compat_scheme') != 'remote') {
if (!$skip_checks) {
ocf_check_name_valid($username, $member_id, $password);
require_code('urls2');
suggest_new_idmoniker_for('members', 'view', strval($member_id), $username);
}
}
// Supplement custom field values given with defaults, and check constraints
$all_fields = ocf_get_all_custom_fields_match($GLOBALS['OCF_DRIVER']->get_members_groups($member_id));
foreach ($all_fields as $field) {
$field_id = $field['id'];
if (array_key_exists($field_id, $custom_fields)) {
if (!$skip_checks) {
if ($field['cf_public_view'] == 0 && $member_id != get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) {
access_denied('I_ERROR');
}
if ($field['cf_owner_view'] == 0 && $member_id == get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) {
access_denied('I_ERROR');
}
if ($field['cf_owner_set'] == 0 && $member_id == get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) {
access_denied('I_ERROR');
}
}
}
}
// Set custom profile field values
$all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields);
$changes = array();
foreach ($custom_fields as $field => $value) {
if (!array_key_exists($field, $all_fields_types)) {
continue;
}
// Trying to set a field we're not allowed to (doesn't apply to our group)
$change = ocf_set_custom_field($member_id, $field, $value, $all_fields_types[$field], true);
if (!is_null($change)) {
$changes = array_merge($changes, $change);
}
}
if (count($changes) != 0) {
$GLOBALS['FORUM_DB']->query_update('f_member_custom_fields', $changes, array('mf_member_id' => $member_id), '', 1);
}
$old_primary_group = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_primary_group');
$_pt_rules_text = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_pt_rules_text');
$_signature = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_signature');
$update = array();
if (!is_null($theme)) {
$update['m_theme'] = $theme;
}
if (!is_null($preview_posts)) {
$update['m_preview_posts'] = $preview_posts;
}
if (!is_null($dob_day)) {
$update['m_dob_day'] = $dob_day == -1 ? NULL : $dob_day;
}
if (!is_null($dob_month)) {
$update['m_dob_month'] = $dob_month == -1 ? NULL : $dob_month;
}
if (!is_null($dob_year)) {
$update['m_dob_year'] = $dob_year == -1 ? NULL : $dob_year;
}
if (!is_null($timezone)) {
$update['m_timezone_offset'] = $timezone;
}
if (!is_null($reveal_age)) {
$update['m_reveal_age'] = $reveal_age;
}
if (!is_null($email_address)) {
$update['m_email_address'] = $email_address;
}
if (!is_null($views_signatures)) {
$update['m_views_signatures'] = $views_signatures;
}
if (!is_null($auto_monitor_contrib_content)) {
$update['m_auto_monitor_contrib_content'] = $auto_monitor_contrib_content;
}
if (!is_null($language)) {
$update['m_language'] = $language;
}
if (!is_null($allow_emails)) {
$update['m_allow_emails'] = $allow_emails;
}
if (!is_null($allow_emails_from_staff)) {
$update['m_allow_emails_from_staff'] = $allow_emails_from_staff;
}
if (!is_null($zone_wide)) {
$update['m_zone_wide'] = $zone_wide;
}
if (!is_null($pt_allow)) {
$update['m_pt_allow'] = $pt_allow;
}
if (!is_null($pt_rules_text)) {
$update['m_pt_rules_text'] = lang_remap_comcode($_pt_rules_text, $pt_rules_text, $GLOBALS['FORUM_DB']);
}
if ($skip_checks || has_specific_permission(get_member(), 'probate_members')) {
$update['m_on_probation_until'] = $on_probation_until;
}
if (!is_null($join_time)) {
$update['m_join_time'] = $join_time;
}
if (!is_null($avatar_url)) {
$update['m_avatar_url'] = $avatar_url;
}
if (!is_null($signature)) {
$update['m_signature'] = lang_remap_comcode($_signature, $signature, $GLOBALS['FORUM_DB']);
}
if (!is_null($is_perm_banned)) {
$update['m_is_perm_banned'] = $is_perm_banned;
}
if (!is_null($photo_url)) {
$update['m_photo_url'] = $photo_url;
}
if (!is_null($photo_thumb_url)) {
$update['m_photo_thumb_url'] = $photo_thumb_url;
}
$old_username = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_username');
if (!is_null($username) && $username != $old_username && ($skip_checks || has_actual_page_access(get_member(), 'admin_ocf_join') || has_specific_permission($member_id, 'rename_self'))) {
$update['m_username'] = $username;
// Reassign personal galleries
if (addon_installed('galleries')) {
require_lang('galleries');
$personal_galleries = $GLOBALS['SITE_DB']->query('SELECT fullname,parent_id FROM ' . get_table_prefix() . 'galleries WHERE name LIKE \'member_' . strval($member_id) . '_%\'');
foreach ($personal_galleries as $gallery) {
$parent_title = get_translated_text($GLOBALS['SITE_DB']->query_value('galleries', 'fullname', array('name' => $gallery['parent_id'])));
if (get_translated_text($gallery['fullname']) == do_lang('PERSONAL_GALLERY_OF', $old_username, $parent_title)) {
lang_remap($gallery['fullname'], do_lang('PERSONAL_GALLERY_OF', $username, $parent_title), $GLOBALS['FORUM_DB']);
}
}
}
require_code('notifications');
$subject = do_lang('USERNAME_CHANGED_MAIL_SUBJECT', $username, $old_username, NULL, get_lang($member_id));
$mail = do_lang('USERNAME_CHANGED_MAIL', comcode_escape(get_site_name()), comcode_escape($username), comcode_escape($old_username), get_lang($member_id));
dispatch_notification('ocf_username_changed', NULL, $subject, $mail, array($member_id));
$subject = do_lang('STAFF_USERNAME_CHANGED_MAIL_SUBJECT', $username, $old_username, NULL, get_site_default_lang());
$mail = do_lang('STAFF_USERNAME_CHANGED_MAIL', comcode_escape(get_site_name()), comcode_escape($username), comcode_escape($old_username), get_site_default_lang());
dispatch_notification('ocf_username_changed_staff', NULL, $subject, $mail);
// Fix cacheing for usernames
$to_fix = array('f_forums/f_cache_last_username', 'f_posts/p_poster_name_if_guest', 'f_topics/t_cache_first_username', 'f_topics/t_cache_last_username');
foreach ($to_fix as $fix) {
list($table, $field) = explode('/', $fix);
$GLOBALS['FORUM_DB']->query_update($table, array($field => $username), array($field => $old_username));
}
}
if (!is_null($password)) {
if (is_null($password_compatibility_scheme) && get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
$update['m_password_change_code'] = '';
$salt = '';
}
if (!is_null($salt) || !is_null($password_compatibility_scheme)) {
if (!is_null($salt)) {
$update['m_pass_salt'] = $salt;
}
if (!is_null($password_compatibility_scheme)) {
$update['m_password_compat_scheme'] = $password_compatibility_scheme;
}
$update['m_pass_hash_salted'] = $password;
} else {
$update['m_password_change_code'] = '';
$salt = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_pass_salt');
$update['m_pass_hash_salted'] = md5($salt . md5($password));
$update['m_password_compat_scheme'] = '';
}
if (!$skip_checks) {
$part_b = '';
if (!has_actual_page_access(get_member(), 'admin_ocf_join')) {
$part_b = do_lang('PASSWORD_CHANGED_MAIL_BODY_2', get_ip_address());
}
$mail = do_lang('PASSWORD_CHANGED_MAIL_BODY', get_site_name(), $part_b, NULL, get_lang($member_id));
$old_email_address = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_email_address');
if ($old_email_address != $email_address) {
$GLOBALS['FORUM_DB']->query_update('f_invites', array('i_email_address' => $old_email_address), array('i_email_address' => $email_address));
}
if ($member_id == get_member() || get_value('disable_password_change_mails_for_staff') !== '1') {
if (get_page_name() != 'admin_ocf_join') {
require_code('notifications');
dispatch_notification('ocf_password_changed', NULL, do_lang('PASSWORD_CHANGED_MAIL_SUBJECT', NULL, NULL, NULL, get_lang($member_id)), $mail, array($member_id), NULL, 2);
}
}
}
}
if (!is_null($validated)) {
$update['m_validated_email_confirm_code'] = '';
if (addon_installed('unvalidated')) {
$update['m_validated'] = $validated;
}
}
if (!is_null($highlighted_name)) {
$update['m_highlighted_name'] = $highlighted_name;
}
if (!is_null($primary_group)) {
$update['m_primary_group'] = $primary_group;
}
$old_validated = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_validated');
$GLOBALS['FORUM_DB']->query_update('f_members', $update, array('id' => $member_id), '', 1);
if (get_member() != $member_id) {
log_it('EDIT_MEMBER_PROFILE', strval($member_id), $username);
}
if ($old_validated == 0 && $validated == 1) {
require_code('mail');
$_login_url = build_url(array('page' => 'login'), get_module_zone('login'), NULL, false, false, true);
$login_url = $_login_url->evaluate();
mail_wrap(do_lang('VALIDATED_MEMBER_SUBJECT', get_site_name(), NULL, get_lang($member_id)), do_lang('MEMBER_VALIDATED', get_site_name(), $username, $login_url, get_lang($member_id)), array($email_address), $username);
}
// Decache from run-time cache
unset($GLOBALS['FORUM_DRIVER']->MEMBER_ROWS_CACHED[$member_id]);
unset($GLOBALS['MEMBER_CACHE_FIELD_MAPPINGS'][$member_id]);
unset($GLOBALS['TIMEZONE_MEMBER_CACHE'][$member_id]);
unset($GLOBALS['USER_NAME_CACHE'][$member_id]);
}
