function validate_search_word($word, $idx)
{
static $stopwords;
// If the word is a keyword we don't want to index it, but we do want to be allowed to search it
if (is_keyword($word)) {
return !$idx;
}
if (!isset($stopwords)) {
if (file_exists(FORUM_CACHE_DIR . 'cache_stopwords.php')) {
include FORUM_CACHE_DIR . 'cache_stopwords.php';
}
if (!defined('FORUM_STOPWORDS_LOADED')) {
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
require FORUM_ROOT . 'include/cache.php';
}
generate_stopwords_cache();
require FORUM_CACHE_DIR . 'cache_stopwords.php';
}
}
// If it is a stopword it isn't valid
if (in_array($word, $stopwords)) {
return false;
}
// If the word is CJK we don't want to index it, but we do want to be allowed to search it
if (is_cjk($word)) {
return !$idx;
}
// Exclude % and * when checking whether current word is valid
$word = str_replace(array('%', '*'), '', $word);
// Check the word is within the min/max length
$num_chars = luna_strlen($word);
return $num_chars >= FORUM_SEARCH_MIN_WORD && $num_chars <= FORUM_SEARCH_MAX_WORD;
}
public static function validate_config($username, $password1, $password2, $email, $title, $default_lang, $default_style)
{
$alerts = array();
// Validate username and passwords
if (luna_strlen($username) < 2) {
$alerts[] = __('Usernames must be at least 2 characters long.', 'luna');
} elseif (luna_strlen($username) > 25) {
// This usually doesn't happen since the form element only accepts 25 characters
$alerts[] = __('Usernames must not be more than 25 characters long.', 'luna');
} elseif (!strcasecmp($username, 'Guest')) {
$alerts[] = __('The username guest is reserved.', 'luna');
} elseif (preg_match('%[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}%', $username) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $username)) {
$alerts[] = __('Usernames may not be in the form of an IP address.', 'luna');
} elseif ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false) {
$alerts[] = __('Usernames may not contain all the characters \', " and [ or ] at once.', 'luna');
} elseif (preg_match('%(?:\\[/?(?:b|u|i|h|colou?r|quote|code|img|url|email|list)\\]|\\[(?:code|quote|list)=)%i', $username)) {
$alerts[] = __('Usernames may not contain any of the text formatting tags (BBCode) that the forum uses.', 'luna');
}
if (luna_strlen($password1) < 4) {
$alerts[] = __('Passwords must be at least 6 characters long.', 'luna');
} elseif ($password1 != $password2) {
$alerts[] = __('Passwords do not match.', 'luna');
}
// Validate email
require FORUM_ROOT . 'include/email.php';
if (!is_valid_email($email)) {
$alerts[] = __('The administrator email address you entered is invalid.', 'luna');
}
if ($title == '') {
$alerts[] = __('You must enter a board title.', 'luna');
}
$languages = forum_list_langs();
if (!in_array($default_lang, $languages)) {
$alerts[] = __('The default language chosen doesn\'t seem to exist.', 'luna');
}
$styles = forum_list_styles();
if (!in_array($default_style, $styles)) {
$alerts[] = __('The default style chosen doesn\'t seem to exist.', 'luna');
}
return $alerts;
}
<?php
if (luna_strlen(luna_htmlspecialchars($user_data['username'])) > 14) {
$cur_user_name = utf8_substr(luna_htmlspecialchars($user_data['username']), 0, 12) . '...';
} else {
$cur_user_name = luna_htmlspecialchars($user_data['username']);
}
?>
<div class="col-lg-4 col-md-6 col-sm-6 col-xs-12">
<div class="user-entry">
<div class="media">
<a class="pull-left" href="<?php
echo 'profile.php?id=' . $user_data['id'];
?>
">
<?php
echo $user_avatar;
?>
</a>
<div class="media-body">
<h2 class="media-heading"><?php
echo '<a title="' . luna_htmlspecialchars($user_data['username']) . '" href="profile.php?id=' . $user_data['id'] . '">' . $cur_user_name . '</a>';
?>
</h2>
<h4><?php
echo $user_title_field;
?>
</h4>
<?php
echo forum_number_format($user_data['num_comments']) . ' ' . __('comments since', 'luna') . ' ' . format_time($user_data['registered'], true);
?>
function draw_index_threads_list($limit = 30, $thread_object_name = 'thread.php')
{
global $luna_user, $luna_config, $db, $start_from, $id, $sort_by, $start_from, $db_type, $cur_thread, $tracked_threads;
// Retrieve a list of thread IDs, LIMIT is (really) expensive so we only fetch the IDs here then later fetch the remaining data
$result = $db->query('SELECT t.id, t.moved_to FROM ' . $db->prefix . 'threads AS t LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id=' . $luna_user['g_id'] . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.moved_to IS NULL ORDER BY last_comment DESC LIMIT ' . $limit) or error('Unable to fetch thread IDs', __FILE__, __LINE__, $db->error());
// If there are threads in this forum
if ($db->num_rows($result)) {
$thread_ids = array();
for ($i = 0; $cur_thread_id = $db->result($result, $i); $i++) {
$thread_ids[] = $cur_thread_id;
}
// Fetch list of threads to display on this page
$sql_soft = NULL;
if ($luna_user['is_guest'] || $luna_config['o_has_commented'] == '0') {
if (!$luna_user['g_soft_delete_view']) {
$sql_soft = 'soft = 0 AND ';
}
$sql = 'SELECT id, commenter, subject, commented, last_comment, last_comment_id, last_commenter, last_commenter_id, num_views, num_replies, closed, pinned, important, moved_to, soft, solved AS answer, forum_id FROM ' . $db->prefix . 'threads WHERE ' . $sql_soft . 'id IN(' . implode(',', $thread_ids) . ') ORDER BY last_comment DESC';
} else {
if (!$luna_user['g_soft_delete_view']) {
$sql_soft = 't.soft = 0 AND ';
}
$sql = 'SELECT p.commenter_id AS has_commented, t.id, t.subject, t.commenter, t.commented, t.last_comment, t.last_comment_id, t.last_commenter, t.last_commenter_id, t.num_views, t.num_replies, t.closed, t.pinned, t.important, t.moved_to, t.soft, t.solved AS answer, t.forum_id FROM ' . $db->prefix . 'threads AS t LEFT JOIN ' . $db->prefix . 'comments AS p ON t.id=p.thread_id AND p.commenter_id=' . $luna_user['id'] . ' WHERE ' . $sql_soft . 't.id IN(' . implode(',', $thread_ids) . ') GROUP BY t.id' . ($db_type == 'pgsql' ? ', t.subject, t.commenter, t.commented, t.last_comment, t.last_comment_id, t.last_commenter, t.num_views, t.num_replies, t.closed, t.pinned, t.moved_to, p.commenter_id' : '') . ' ORDER BY t.last_comment DESC';
}
$result = $db->query($sql) or error('Unable to fetch thread list', __FILE__, __LINE__, $db->error());
// Load cached forums
if (file_exists(LUNA_CACHE_DIR . 'cache_forums.php')) {
include LUNA_CACHE_DIR . 'cache_forums.php';
}
if (!defined('LUNA_LIST_LOADED')) {
if (!defined('LUNA_CACHE_FUNCTIONS_LOADED')) {
require LUNA_ROOT . 'include/cache.php';
}
generate_forum_cache();
require LUNA_CACHE_DIR . 'cache_forums.php';
}
$thread_count = 0;
while ($cur_thread = $db->fetch_assoc($result)) {
++$thread_count;
$status_text = array();
$item_status = $thread_count % 2 == 0 ? 'roweven' : 'rowodd';
$icon_type = 'icon';
if (luna_strlen($cur_thread['subject']) > 53) {
$subject = utf8_substr($cur_thread['subject'], 0, 50) . '...';
} else {
$subject = luna_htmlspecialchars($cur_thread['subject']);
}
$last_comment_date = '<a href="thread.php?pid=' . $cur_thread['last_comment_id'] . '#p' . $cur_thread['last_comment_id'] . '">' . format_time($cur_thread['last_comment']) . '</a>';
if (is_null($cur_thread['moved_to'])) {
$thread_id = $cur_thread['id'];
if ($luna_user['g_view_users'] == '1' && $cur_thread['last_commenter_id'] > '1') {
$last_commenter = '<span class="byuser">' . __('by', 'luna') . ' <a href="profile.php?id=' . $cur_thread['last_commenter_id'] . '">' . luna_htmlspecialchars($cur_thread['last_commenter']) . '</a></span>';
} else {
$last_commenter = '<span class="byuser">' . __('by', 'luna') . ' ' . luna_htmlspecialchars($cur_thread['last_commenter']) . '</span>';
}
foreach ($luna_forums as $cur_forum) {
if ($cur_thread['forum_id'] == $cur_forum['id']) {
$forum_name = luna_htmlspecialchars($cur_forum['forum_name']);
$forum_color = $cur_forum['color'];
if ($cur_forum['icon'] != NULL) {
$faicon = '<span class="fa fa-fw fa-' . $cur_forum['icon'] . '"></span> ';
} else {
$faicon = '';
}
}
}
$forum_name = '<span class="byuser">' . __('in', 'luna') . ' <a class="label label-default" href="viewforum.php?id=' . $cur_thread['forum_id'] . '" style="background: ' . $forum_color . ';">' . $faicon . '<span class="hidden-xs hidden-sm">' . $forum_name . '</span></a></span>';
} else {
$last_commenter = '';
$thread_id = $cur_thread['moved_to'];
}
if ($luna_config['o_censoring'] == '1') {
$cur_thread['subject'] = censor_words($cur_thread['subject']);
}
if ($cur_thread['pinned'] == '1') {
$item_status .= ' pinned-item';
$status_text[] = '<span class="label label-warning"><span class="fa fa-fw fa-thumb-tack"></span></span>';
}
if ($cur_thread['important']) {
$item_status .= ' important-item';
$status_text[] = '<span class="label label-primary"><span class="fa fa-fw fa-map-marker"></span></span>';
}
if (isset($cur_thread['answer'])) {
$item_status .= ' solved-item';
$status_text[] = '<span class="label label-success"><span class="fa fa-fw fa-check"></span></span>';
}
$url = 'thread.php?id=' . $thread_id;
$by = '<span class="byuser">' . __('by', 'luna') . ' ' . luna_htmlspecialchars($cur_thread['commenter']) . '</span>';
if ($cur_thread['moved_to'] != 0) {
$status_text[] = '<span class="label label-info"><span class="fa fa-fw fa-arrows-alt"></span></span>';
$item_status .= ' moved-item';
} elseif ($cur_thread['closed'] == '1') {
$status_text[] = '<span class="label label-danger"><span class="fa fa-fw fa-lock"></span></span>';
$item_status .= ' closed-item';
}
if (!$luna_user['is_guest'] && $luna_config['o_has_commented'] == '1') {
if ($cur_thread['has_commented'] == $luna_user['id']) {
$item_status .= ' commented-item';
}
}
if (!$luna_user['is_guest'] && $cur_thread['last_comment'] > $luna_user['last_visit'] && (!isset($tracked_threads['threads'][$cur_thread['id']]) || $tracked_threads['threads'][$cur_thread['id']] < $cur_thread['last_comment']) && (!isset($tracked_threads['forums'][$id]) || $tracked_threads['forums'][$id] < $cur_thread['last_comment']) && is_null($cur_thread['moved_to'])) {
$item_status .= ' new-item';
$icon_type = 'icon icon-new';
$status_text[] = '<a href="thread.php?id=' . $cur_thread['id'] . '&action=new" title="' . __('Go to the first new comment in the thread.', 'luna') . '" class="label label-default label-new"><span class="fa fa-fw fa-bell"></span></a>';
}
$subject_status = implode(' ', $status_text);
$num_pages_thread = ceil(($cur_thread['num_replies'] + 1) / $luna_user['disp_comments']);
if ($num_pages_thread > 1) {
$subject_multipage = '<span class="inline-pagination"> ' . simple_paginate($num_pages_thread, -1, 'thread.php?id=' . $cur_thread['id']) . '</span>';
} else {
$subject_multipage = null;
}
$replies_label = _n('reply', 'replies', $cur_thread['num_replies'], 'luna');
$views_label = _n('view', 'views', $cur_thread['num_views'], 'luna');
require get_view_path($thread_object_name);
}
} else {
echo '<h3 class="nothing">' . __('The board is empty, select a forum and create a thread to begin.', 'luna') . '</h3>';
}
}
} elseif ($destinataires[$i]['g_id'] > LUNA_GUEST && $destinataires[$i]['g_inbox_limit'] != '0' && $destinataires[$i]['num_inbox'] >= $destinataires[$i]['g_inbox_limit']) {
$errors[] = sprintf(__('%s inbox is full, you can not send you message to this user.', 'luna'), luna_htmlspecialchars($destinataire));
}
} else {
$errors[] = sprintf(__('There\'s no user with the username "%s".', 'luna'), luna_htmlspecialchars($destinataire));
}
$i++;
}
// Build IDs' & usernames' list : the end
$ids_list = implode(', ', $list_ids);
$usernames_list = implode(', ', $list_usernames);
// Check subject
$p_subject = luna_trim($_POST['req_subject']);
if ($p_subject == '' && $edit == '0') {
$errors[] = __('Threads must contain a subject.', 'luna');
} elseif (luna_strlen($p_subject) > '70') {
$errors[] = __('Subjects cannot be longer than 70 characters.', 'luna');
} elseif ($luna_config['p_subject_all_caps'] == '0' && strtoupper($p_subject) == $p_subject && $luna_user['is_admmod']) {
$p_subject = ucwords(strtolower($p_subject));
}
// Clean up message from POST
$p_message = luna_linebreaks(luna_trim($_POST['req_message']));
// Check message
if ($p_message == '') {
$errors[] = __('You must enter a message.', 'luna');
} elseif (strlen($p_message) > LUNA_MAX_COMMENT_SIZE) {
$errors[] = sprintf(__('Comments cannot be longer than %s bytes.', 'luna'), forum_number_format(LUNA_MAX_COMMENT_SIZE));
} elseif ($luna_config['p_message_all_caps'] == '0' && strtoupper($p_message) == $p_message && $luna_user['is_admmod']) {
$p_message = ucwords(strtolower($p_message));
}
// Validate BBCode syntax
}
// Make sure they got here from the site
if ($fid && (!isset($_POST['_luna_nonce_post_topic']) || !LunaNonces::verify($_POST['_luna_nonce_post_topic'], 'post-reply')) || !$fid && (!isset($_POST['_luna_nonce_post_reply']) || !LunaNonces::verify($_POST['_luna_nonce_post_reply'], 'post-reply'))) {
message(__('Are you sure you want to do this?', 'luna'));
}
// If it's a new thread
if ($fid) {
$subject = luna_trim($_POST['req_subject']);
if ($luna_config['o_censoring'] == '1') {
$censored_subject = luna_trim(censor_words($subject));
}
if ($subject == '') {
$errors[] = __('Threads must contain a subject.', 'luna');
} elseif ($luna_config['o_censoring'] == '1' && $censored_subject == '') {
$errors[] = __('Threads must contain a subject. After applying censoring filters, your subject was empty.', 'luna');
} elseif (luna_strlen($subject) > 70) {
$errors[] = __('Subjects cannot be longer than 70 characters.', 'luna');
} elseif ($luna_config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$luna_user['is_admmod']) {
$errors[] = __('Subjects cannot contain only capital letters.', 'luna');
}
}
// If the user is logged in we get the username and email from $luna_user
if (!$luna_user['is_guest']) {
$username = $luna_user['username'];
$email = $luna_user['email'];
$id = $luna_user['id'];
} else {
$username = luna_trim($_POST['req_username']);
$email = strtolower(luna_trim($luna_config['p_force_guest_email'] == '1' ? $_POST['req_email'] : $_POST['email']));
$banned_email = false;
// It's a guest, so we have to validate the username
} elseif ($action == 'show_24h') {
$action = 'show_recent';
}
// If a search_id was supplied
if (isset($_GET['search_id'])) {
$search_id = intval($_GET['search_id']);
if ($search_id < 1) {
message(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
}
} elseif ($action == 'search') {
$keywords = isset($_GET['keywords']) ? utf8_strtolower(luna_trim($_GET['keywords'])) : null;
$author = isset($_GET['author']) ? utf8_strtolower(luna_trim($_GET['author'])) : null;
if (preg_match('%^[\\*\\%]+$%', $keywords) || luna_strlen(str_replace(array('*', '%'), '', $keywords)) < FORUM_SEARCH_MIN_WORD && !is_cjk($keywords)) {
$keywords = '';
}
if (preg_match('%^[\\*\\%]+$%', $author) || luna_strlen(str_replace(array('*', '%'), '', $author)) < 2) {
$author = '';
}
if (!$keywords && !$author) {
message(__('You have to enter at least one keyword and/or an author to search for.', 'luna'));
}
if ($author) {
$author = str_replace('*', '%', $author);
}
$show_as = isset($_GET['show_as']) && $_GET['show_as'] == 'topics' ? 'topics' : 'posts';
$sort_by = isset($_GET['sort_by']) ? intval($_GET['sort_by']) : 0;
$search_in = !isset($_GET['search_in']) || $_GET['search_in'] == '0' ? 0 : ($_GET['search_in'] == '1' ? 1 : -1);
} elseif ($action == 'show_user_posts' || $action == 'show_user_topics' || $action == 'show_subscriptions') {
$user_id = isset($_GET['user_id']) ? intval($_GET['user_id']) : $luna_user['id'];
if ($user_id < 2) {
message(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
$email2 = strtolower(trim($_POST['email']));
$trimpassword = trim($_POST['password']);
if (isset($_POST['random_pass'])) {
$password = random_pass(8);
} elseif (!empty($trimpassword)) {
$password = trim($_POST['password']);
} else {
redirect('backstage/users.php?user_failed=true');
}
$errors = array();
// Convert multiple whitespace characters into one (to prevent people from registering with indistinguishable usernames)
$username = preg_replace('#\\s+#s', ' ', $username);
// Validate username and passwords
if (strlen($username) < 2) {
message_backstage(__('Usernames must be at least 2 characters long. Please choose another (longer) username.', 'luna'));
} elseif (luna_strlen($username) > 25) {
// This usually doesn't happen since the form element only accepts 25 characters
message_backstage(__('Passwords must be at least 6 characters long. Please choose another (longer) password.', 'luna'));
} elseif (!strcasecmp($username, 'Guest') || !strcasecmp($username, __('Guest', 'luna'))) {
message_backstage(__('The username guest is reserved. Please choose another username.', 'luna'));
} elseif (preg_match('/[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/', $username)) {
message_backstage(__('Usernames may not be in the form of an IP address. Please choose another username.', 'luna'));
} elseif ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false) {
message_backstage(__('Usernames may not contain all the characters \', " and [ or ] at once. Please choose another username.', 'luna'));
} elseif (preg_match('#\\[b\\]|\\[/b\\]|\\[u\\]|\\[/u\\]|\\[i\\]|\\[/i\\]|\\[color|\\[/color\\]|\\[quote\\]|\\[quote=|\\[/quote\\]|\\[code\\]|\\[/code\\]|\\[img\\]|\\[/img\\]|\\[url|\\[/url\\]|\\[email|\\[/email\\]#i', $username)) {
message_backstage(__('Usernames may not contain any of the text formatting tags (BBCode) that the forum uses. Please choose another username.', 'luna'));
}
// Check that the username (or a too similar username) is not already registered
$result = $db->query('SELECT username FROM ' . $db->prefix . 'users WHERE username=\'' . $db->escape($username) . '\' OR username=\'' . $db->escape(preg_replace('/[^\\w]/', '', $username)) . '\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result)) {
$busy = $db->result($result);
function check_username($username, $exclude_id = null)
{
global $db, $luna_config, $errors, $luna_bans;
// Include UTF-8 function
require_once FORUM_ROOT . 'include/utf8/strcasecmp.php';
// Convert multiple whitespace characters into one (to prevent people from registering with indistinguishable usernames)
$username = preg_replace('%\\s+%s', ' ', $username);
// Validate username
if (luna_strlen($username) < 2) {
$errors[] = __('Usernames must be at least 2 characters long. Please choose another (longer) username.', 'luna');
} elseif (luna_strlen($username) > 25) {
// This usually doesn't happen since the form element only accepts 25 characters
$errors[] = __('Usernames must not be more than 25 characters long. Please choose another (shorter) username.', 'luna');
} elseif (!strcasecmp($username, 'Guest') || !utf8_strcasecmp($username, __('Guest', 'luna'))) {
$errors[] = __('The username guest is reserved. Please choose another username.', 'luna');
} elseif (preg_match('%[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}%', $username) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $username)) {
$errors[] = __('Usernames may not be in the form of an IP address. Please choose another username.', 'luna');
} elseif ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false) {
$errors[] = __('Usernames may not contain all the characters \', " and [ or ] at once. Please choose another username.', 'luna');
} elseif (preg_match('%(?:\\[/?(?:b|u|s|ins|del|em|i|h|colou?r|quote|code|img|url|email|list|\\*|topic|post|forum|user)\\]|\\[(?:img|url|quote|list)=)%i', $username)) {
$errors[] = __('Usernames may not contain any of the text formatting tags (BBCode) that the forum uses. Please choose another username.', 'luna');
}
// Check username for any censored words
if ($luna_config['o_censoring'] == '1' && censor_words($username) != $username) {
$errors[] = __('The username you entered contains one or more censored words. Please choose a different username.', 'luna');
}
// Check that the username (or a too similar username) is not already registered
$query = !is_null($exclude_id) ? ' AND id!=' . $exclude_id : '';
$result = $db->query('SELECT username FROM ' . $db->prefix . 'users WHERE (UPPER(username)=UPPER(\'' . $db->escape($username) . '\') OR UPPER(username)=UPPER(\'' . $db->escape(ucp_preg_replace('%[^\\p{L}\\p{N}]%u', '', $username)) . '\')) AND id>1' . $query) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result)) {
$busy = $db->result($result);
$errors[] = __('Someone is already registered with the username', 'luna') . ' ' . luna_htmlspecialchars($busy) . '. ' . __('The username you entered is too similar. The username must differ from that by at least one alphanumerical character (a-z or 0-9). Please choose a different username.', 'luna');
}
// Check username for any banned usernames
foreach ($luna_bans as $cur_ban) {
if ($cur_ban['username'] != '' && utf8_strtolower($username) == utf8_strtolower($cur_ban['username'])) {
$errors[] = __('The username you entered is banned in this forum. Please choose another username.', 'luna');
break;
}
}
}
?>
<span class="help-block"><?php
_e('Password and confirmation for SMTP server, only when required', 'luna');
?>
</span></label>
<div class="col-sm-9">
<div class="checkbox">
<label>
<input type="checkbox" name="form[smtp_change_pass]" id="form_smtp_change_pass" value="1" />
<?php
_e('Check this if you want to change or delete the currently stored password.', 'luna');
?>
</label>
</div>
<?php
$smtp_pass = !empty($luna_config['o_smtp_pass']) ? random_key(luna_strlen($luna_config['o_smtp_pass']), true) : '';
?>
<div class="row">
<div class="col-sm-6">
<input class="form-control" type="password" name="form[smtp_pass1]" maxlength="50" value="<?php
echo $smtp_pass;
?>
" />
</div>
<div class="col-sm-6">
<input class="form-control" type="password" name="form[smtp_pass2]" maxlength="50" value="<?php
echo $smtp_pass;
?>
" />
</div>
</div>
if ($db->num_rows($result)) {
message(__('A new user was registered with the same IP address as you within the last hour. To prevent registration flooding, at least an hour has to pass between registrations from the same IP. Sorry for the inconvenience.', 'luna'));
}
$username = luna_trim($_POST['req_user']);
$email1 = strtolower(luna_trim($_POST['req_email1']));
if ($luna_config['o_regs_verify'] == '1') {
$email2 = strtolower(luna_trim($_POST['req_email2']));
$password1 = random_pass(12);
$password2 = $password1;
} else {
$password1 = luna_trim($_POST['req_password1']);
$password2 = luna_trim($_POST['req_password2']);
}
// Validate username and passwords
check_username($username);
if (luna_strlen($password1) < 6) {
$errors[] = __('Passwords must be at least 6 characters long. Please choose another (longer) password.', 'luna');
} elseif ($password1 != $password2) {
$errors[] = __('Passwords do not match.', 'luna');
}
// Validate email
require LUNA_ROOT . 'include/email.php';
if (!is_valid_email($email1)) {
$errors[] = __('The email address you entered is invalid.', 'luna');
} elseif ($luna_config['o_regs_verify'] == '1' && $email1 != $email2) {
$errors[] = __('Email addresses do not match.', 'luna');
}
// Check if it's a banned email address
if (is_banned_email($email1)) {
if ($luna_config['p_allow_banned_email'] == '0') {
$errors[] = __('The email address you entered is banned in this forum. Please choose another email address.', 'luna');
$num_posts_splitted = substr_count($posts, ',') + 1;
// Verify that the comment IDs are valid
$result = $db->query('SELECT 1 FROM ' . $db->prefix . 'posts WHERE id IN(' . $posts . ') AND topic_id=' . $tid) or error('Unable to check posts', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != $num_posts_splitted) {
message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
}
// Verify that the move to forum ID is valid
$result = $db->query('SELECT 1 FROM ' . $db->prefix . 'forums AS f LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.group_id=' . $luna_user['g_id'] . ' AND fp.forum_id=' . $move_to_forum . ') WHERE (fp.post_topics IS NULL OR fp.post_topics=1)') or error('Unable to fetch forum permissions', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result)) {
message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
}
// Check subject
$new_subject = isset($_POST['new_subject']) ? luna_trim($_POST['new_subject']) : '';
if ($new_subject == '') {
message_backstage(__('Threads must contain a subject.', 'luna'));
} elseif (luna_strlen($new_subject) > 70) {
message_backstage(__('Subjects cannot be longer than 70 characters.', 'luna'));
}
// Get data from the new first post
$result = $db->query('SELECT p.id, p.poster, p.posted FROM ' . $db->prefix . 'posts AS p WHERE id IN(' . $posts . ') ORDER BY p.id ASC LIMIT 1') or error('Unable to get first post', __FILE__, __LINE__, $db->error());
$first_post_data = $db->fetch_assoc($result);
// Create the new thread
$db->query('INSERT INTO ' . $db->prefix . 'topics (poster, subject, posted, first_post_id, forum_id) VALUES (\'' . $db->escape($first_post_data['poster']) . '\', \'' . $db->escape($new_subject) . '\', ' . $first_post_data['posted'] . ', ' . $first_post_data['id'] . ', ' . $move_to_forum . ')') or error('Unable to create new thread', __FILE__, __LINE__, $db->error());
$new_tid = $db->insert_id();
// Move the comments to the new thread
$db->query('UPDATE ' . $db->prefix . 'posts SET topic_id=' . $new_tid . ' WHERE id IN(' . $posts . ')') or error('Unable to move posts into new thread', __FILE__, __LINE__, $db->error());
// Apply every subscription to both topics
$db->query('INSERT INTO ' . $db->prefix . 'topic_subscriptions (user_id, topic_id) SELECT user_id, ' . $new_tid . ' FROM ' . $db->prefix . 'topic_subscriptions WHERE topic_id=' . $tid) or error('Unable to copy existing subscriptions', __FILE__, __LINE__, $db->error());
// Get last_post, last_post_id, and last_poster from the thread and update it
$result = $db->query('SELECT id, poster, posted FROM ' . $db->prefix . 'posts WHERE topic_id=' . $tid . ' ORDER BY id DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
$last_post_data = $db->fetch_assoc($result);
$form['title'] = luna_trim($_POST['title']);
if ($form['title'] != '') {
// A list of words that the title may not contain
// If the language is English, there will be some duplicates, but it's not the end of the world
$forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower(__('Member', 'luna')), utf8_strtolower(__('Moderator', 'luna')), utf8_strtolower(__('Administrator', 'luna')), utf8_strtolower(__('Banned', 'luna')), utf8_strtolower(__('Guest', 'luna')));
if (in_array(utf8_strtolower($form['title']), $forbidden)) {
message(__('The title you entered contains a forbidden word. You must choose a different title.', 'luna'));
}
}
}
// Clean up signature from POST
if ($luna_config['o_signatures'] == '1') {
$form['signature'] = luna_linebreaks(luna_trim($_POST['signature']));
// Validate signature
if (luna_strlen($form['signature']) > $luna_config['p_sig_length']) {
message(sprintf(__('Signatures cannot be longer than %1$s characters. Please reduce your signature by %2$s characters.', 'luna'), $luna_config['p_sig_length'], luna_strlen($form['signature']) - $luna_config['p_sig_length']));
} elseif (substr_count($form['signature'], "\n") > $luna_config['p_sig_lines'] - 1) {
message(sprintf(__('Signatures cannot have more than %s lines.', 'luna'), $luna_config['p_sig_lines']));
} elseif ($form['signature'] && $luna_config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$luna_user['is_admmod']) {
$form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
}
$errors = array();
$form['signature'] = preparse_bbcode($form['signature'], $errors, true);
if (count($errors) > 0) {
message('<ul><li>' . implode('</li><li>', $errors) . '</li></ul>');
}
}
if ($form['disp_topics'] != '') {
$form['disp_topics'] = intval($form['disp_topics']);
if ($form['disp_topics'] < 3) {
$form['disp_topics'] = 3;
