예제 #1
파일: messages.php 프로젝트: mgs2/kw-forum
    $rows = array();
    // get the thread set started
    $rows = phorum_db_get_unapproved_list($forum, $showwaiting, $moddays);
    // loop through and read all the data in.
    foreach ($rows as $key => $row) {
        $rows[$key]['forumname'] = $foruminfo[$forum]['name'];
        $rows[$key]['checkvar'] = $checkvar;
        if ($checkvar) {
            $checkvar = 0;
        $rows[$key]['forum_id'] = $forum;
        $rows[$key]["URL"]["READ"] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $forum, $row["thread"], $row['message_id']);
        // we need to fake the forum_id here
        $PHORUM["forum_id"] = $forum;
        $rows[$key]["URL"]["APPROVE_MESSAGE"] = phorum_get_url(PHORUM_MODERATION_URL, PHORUM_APPROVE_MESSAGE, $row["message_id"], "prepost=1", "old_forum=" . $oldforum, "onlyunapproved=" . $showwaiting, "moddays=" . $moddays);
        $rows[$key]["URL"]["APPROVE_TREE"] = phorum_get_url(PHORUM_MODERATION_URL, PHORUM_APPROVE_MESSAGE_TREE, $row["message_id"], "prepost=1", "old_forum=" . $oldforum, "onlyunapproved=" . $showwaiting, "moddays=" . $moddays);
        $rows[$key]["URL"]["DELETE"] = phorum_get_url(PHORUM_MODERATION_URL, PHORUM_DELETE_TREE, $row["message_id"], "prepost=1", "old_forum=" . $oldforum, "onlyunapproved=" . $showwaiting, "moddays=" . $moddays);
        $PHORUM["forum_id"] = $oldforum;
        $rows[$key]["raw_short_datestamp"] = $row["datestamp"];
        $rows[$key]["short_datestamp"] = phorum_date($PHORUM["short_date_time"], $row["datestamp"]);
    require_once "./include/format_functions.php";
    $rows = phorum_format_messages($rows);
    $PHORUM['DATA']['PREPOST'] = array_merge($PHORUM['DATA']['PREPOST'], $rows);
if (!$numunapproved) {
    $PHORUM["DATA"]["UNAPPROVEDMESSAGE"] = $PHORUM["DATA"]["LANG"]["NoUnapprovedMessages"];
$PHORUM["DATA"]["HEADING"] = $PHORUM["DATA"]["LANG"]["UnapprovedMessages"];
$template = "cc_prepost";
예제 #2
파일: read.php 프로젝트: sleepy909/cpassman
 // run read mods
 if (isset($PHORUM["hooks"]["read"])) {
     $messages = phorum_hook("read", $messages);
 // increment viewcount if enabled
 if ($PHORUM['count_views'] && (!isset($PHORUM['status']) || $PHORUM["status"] != PHORUM_MASTER_STATUS_READ_ONLY)) {
     // increment viewcount per thread if enabled
     $inc_thread_id = NULL;
     if (!empty($PHORUM['count_views_per_thread'])) {
         $inc_thread_id = $thread;
     phorum_db_increment_viewcount($message_id, $inc_thread_id);
 // format messages
 $messages = phorum_format_messages($messages);
 // set up the data
 // this is the message that is the first in the thread
 $PHORUM["DATA"]["TOPIC"] = $messages[$thread];
 if ($page > 1) {
 // this is the message that we are viewing in the threaded view.
 if ($PHORUM["threaded_read"]) {
     $PHORUM["DATA"]["MESSAGE"] = $messages[$message_id];
 // this is all messages on the page
 $PHORUM["DATA"]["MESSAGES"] = $messages;
 // No htmlspecialchars() needed. The subject is already escaped.
 // Strip HTML tags from the HTML title. There might be HTML in
 // here, because of modules adding images and formatting.
예제 #3
        $previewmessage["attachments"][$nr]["name"] = htmlspecialchars($data['name'], ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]);
// Fill the author for new postings with the display name
// for authenticated users, if editing the author
// field is not allowed.
if (($mode == "post" || $mode == "reply") && !$PHORUM["DATA"]["OPTION_ALLOWED"]["edit_author"] && $PHORUM["DATA"]["LOGGEDIN"]) {
    $previewmessage["author"] = $message["author"] = $PHORUM["user"]["display_name"];
    $u = phorum_api_user_get($message["user_id"]);
    $previewmessage["authorcolor"] = $u["usercolor"];
    $previewmessage["authorinitial"] = $u["userinitial"];
    $previewmessage["adminstatus"] = $u["admin"];
// Format the message using the default formatting.
include_once "./include/format_functions.php";
$previewmessages = phorum_format_messages(array($previewmessage['message_id'] => $previewmessage));
$previewmessage = $previewmessages[$previewmessage['message_id']];
// Recount the number of attachments. Formatting mods might have changed
// the number of attachments we have to display using default formatting.
// Also, remove the attachments that are not visible from the preview data.
$attach_count = 0;
if (isset($previewmessage["attachments"])) {
    foreach ($previewmessage["attachments"] as $id => $attachment) {
        if ($attachment["keep"]) {
        } else {
if ($attach_count) {
예제 #4
                if (isset($PHORUM["hooks"]["report"])) {
                    $mail_data = phorum_hook("report", $mail_data);
                phorum_email_user($mail_users, $mail_data);
                $PHORUM["DATA"]["URL"]["REDIRECT"] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $message["thread"]);
                $PHORUM["DATA"]["BACKMSG"] = $PHORUM["DATA"]["LANG"]["BackToThread"];
                $PHORUM["DATA"]["OKMSG"] = $PHORUM["DATA"]["LANG"]["ReportPostSuccess"];
                $template = "message";
                $report = true;
        } else {
            $PHORUM["DATA"]["ReportPostMessage"] = $PHORUM["DATA"]["LANG"]['ReportPostNotAllowed'];
    // format message
    list($message) = phorum_format_messages(array($message));
    $PHORUM["DATA"]["PostSubject"] = $message["subject"];
    $PHORUM["DATA"]["PostAuthor"] = $message["author"];
    $PHORUM["DATA"]["PostBody"] = $message["body"];
    $PHORUM["DATA"]["raw_PostDate"] = $message["datestamp"];
    $PHORUM["DATA"]["PostDate"] = phorum_date($PHORUM["short_date_time"], $message["datestamp"]);
    $PHORUM["DATA"]["ReportURL"] = phorum_get_url(PHORUM_REPORT_URL, $message_id);
    // if the report was not successfully sent, keep whatever explanation they gave already
    if (isset($_POST["explanation"]) && !$report) {
        $PHORUM["DATA"]["explanation"] = $_POST["explanation"];
    } else {
        $PHORUM["DATA"]["explanation"] = "";
} else {
    $PHORUM["DATA"]["ERROR"] = $PHORUM['DATA']['LANG']['MessageNotFound'];
    $template = 'message';
예제 #5

$user = $PHORUM['user'];

// Security messures.

// Format the user signature using standard message body formatting
// or  HTML escape it
$user["signature"] = htmlspecialchars($user["signature"]);

// Fake a message here so we can run the sig through format_message.
$fake_messages = array(array("author"=>"", "email"=>"", "subject"=>"", "body"=>$user["signature"]));
$fake_messages = phorum_format_messages( $fake_messages );
$user["signature_formatted"] = $fake_messages[0]["body"];

// Initialize any custom profile fields that are not present.
if (!empty($PHORUM["PROFILE_FIELDS"])) {
    foreach($PHORUM["PROFILE_FIELDS"] as $field) {
        if (!isset($user[$field['name']])) $user[$field['name']] = "";

// Setup template data.
$PHORUM["DATA"]["PROFILE"] = $user;
$PHORUM["DATA"]["PROFILE"]["forum_id"] = isset($PHORUM["forum_id"]) ? $PHORUM['forum_id'] : 0;
$PHORUM["DATA"]["PROFILE"]["PANEL"] = $panel;

// Set the back-URL and -message.
예제 #6
파일: pm.php 프로젝트: mgs2/kw-forum
function phorum_pm_format($messages)
    include_once "./include/format_functions.php";
    // Reformat message so it looks like a forum message (so we can run it
    // through phorum_format_messages) and do some PM specific formatting.
    foreach ($messages as $id => $message) {
        // The formatting code expects a message id.
        $messages[$id]["message_id"] = $id;
        // Read URLs need a folder id, so we only create that URL if
        // one's available.
        if (isset($message['pm_folder_id'])) {
            $folder_id = $message['pm_folder_id'] ? $message['pm_folder_id'] : $message['special_folder'];
            $messages[$id]["URL"]["READ"] = phorum_get_url(PHORUM_PM_URL, "page=read", "folder_id={$folder_id}", "pm_id={$id}");
        // The datestamp is only available for already posted messages.
        if (isset($message['datestamp'])) {
            $messages[$id]["raw_date"] = $message["datestamp"];
            $messages[$id]["date"] = phorum_date($PHORUM["short_date_time"], $message["datestamp"]);
        if (isset($message['meta']) && !is_array($message['meta'])) {
            $messages[$id]['meta'] = unserialize($message['meta']);
        $messages[$id]["body"] = isset($message["message"]) ? $message["message"] : "";
        $messages[$id]["email"] = "";
        $messages[$id]["URL"]["PROFILE"] = phorum_get_url(PHORUM_PROFILE_URL, $message["user_id"]);
        $messages[$id]["recipient_count"] = 0;
        $messages[$id]["receive_count"] = 0;
        if (isset($message["recipients"]) && is_array($message["recipients"])) {
            $receive_count = 0;
            foreach ($message["recipients"] as $rcpt_id => $rcpt) {
                if (!empty($rcpt["read_flag"])) {
                if (!isset($rcpt["display_name"])) {
                    $messages[$id]["recipients"][$rcpt_id]["display_name"] = $PHORUM["DATA"]["LANG"]["AnonymousUser"];
                } else {
                    $messages[$id]["recipients"][$rcpt_id]["display_name"] = empty($PHORUM["custom_display_name"]) ? htmlspecialchars($rcpt["display_name"], ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]) : $rcpt["display_name"];
                    $messages[$id]["recipients"][$rcpt_id]["URL"]["PROFILE"] = phorum_get_url(PHORUM_PROFILE_URL, $rcpt_id);
            $messages[$id]["recipient_count"] = count($message["recipients"]);
            $messages[$id]["receive_count"] = $receive_count;
    // Run the messages through the standard formatting code.
    $messages = phorum_format_messages($messages);
    // Reformat message back to a private message.
    foreach ($messages as $id => $message) {
        $messages[$id]["message"] = $message["body"];
    return $messages;
예제 #7
    $new = array();
    foreach ($data["meta"]["message_ids"] as $mid) {
        if (!isset($PHORUM['user']['newinfo'][$data["forum_id"]][$mid]) && $mid > $PHORUM['user']['newinfo'][$data["forum_id"]]['min_id']) {
            $new[] = $mid;
    if (count($new)) {
        $data["new"] = $PHORUM["DATA"]["LANG"]["newflag"];
    $subscr_array_final[] = $data;
require_once "./include/format_functions.php";
// Additional formatting for the recent author data.
$recent_author_spec = array("recent_user_id", "recent_author", NULL, "recent_author", "RECENT_AUTHOR_PROFILE");
$subscr_array_final = phorum_format_messages($subscr_array_final, array($recent_author_spec));
$count = 0;
foreach ($subscr_array_final as $id => $message) {
    if (isset($forums[$message['forum_id']])) {
        $forum = $forums[$message['forum_id']];
        $subscr_array_final[$id]['ALLOW_EMAIL_NOTIFY'] = !empty($forum['allow_email_notify']);
        if ($subscr_array_final[$id]['ALLOW_EMAIL_NOTIFY']) {
$PHORUM["DATA"]["HEADING"] = $PHORUM["DATA"]["LANG"]["Subscriptions"];
$PHORUM['DATA']['TOPICS'] = $subscr_array_final;
$template = "cc_subscriptions";
예제 #8
function phorum_setup_announcements()
    global $PHORUM;
    // This variable will be used to store the formatted announcements.
    // Check if we are on a page on which the announcements have to be shown.
    if (phorum_page == 'index') {
        // Hide the announcements, unless enabled for "index".
        $hide = empty($PHORUM["mod_announcements"]["pages"]["index"]);
        // Show announcements for the root page if "home" is enabled.
        if ($PHORUM['vroot'] == $PHORUM['forum_id'] && !empty($PHORUM["mod_announcements"]["pages"]["home"])) {
            $hide = FALSE;
        if ($hide) {
    } else {
        if (empty($PHORUM["mod_announcements"]["pages"][phorum_page])) {
    // Check if we need to show announcements.
    $ann_forum_id = NULL;
    // Inside a vroot, where we have a vroot configuration for the forum
    // to use for announcements and the current forum is not that
    // announcement forum.
    if ($PHORUM['vroot'] > 0 && !empty($PHORUM["mod_announcements"]["vroot"][$PHORUM['vroot']]) && $PHORUM["forum_id"] != $PHORUM["mod_announcements"]["vroot"][$PHORUM['vroot']]) {
        $ann_forum_id = $PHORUM["mod_announcements"]["vroot"][$PHORUM['vroot']];
        // Inside the top level folder, where we have a forum that is configured
        // to be used for announcements and the current forum is not that
        // announcement forum.
    } elseif ($PHORUM['vroot'] == 0 && !empty($PHORUM["mod_announcements"]["forum_id"]) && $PHORUM["forum_id"] != $PHORUM["mod_announcements"]["forum_id"]) {
        $ann_forum_id = $PHORUM["mod_announcements"]["forum_id"];
    // If no announcement forum_id is found, no announcements
    // have to be shown.
    if ($ann_forum_id === NULL) {
    // Retrieve the last number of posts from the announcement forum.
    $messages = phorum_db_get_recent_messages($PHORUM["mod_announcements"]["number_to_show"], 0, $ann_forum_id, 0, true);
    // No announcements to show? Then we are done.
    if (count($messages) == 0) {
    // Read the newflags information for authenticated users.
    $newinfo = NULL;
    if ($PHORUM["DATA"]["LOGGEDIN"]) {
        $newflagkey = $ann_forum_id . "-" . $PHORUM['user']['user_id'];
        if ($PHORUM['cache_newflags']) {
            $newinfo = phorum_cache_get('newflags', $newflagkey, $PHORUM['cache_version']);
        if ($newinfo == NULL) {
            $newinfo = phorum_db_newflag_get_flags($ann_forum_id);
            if ($PHORUM['cache_newflags']) {
                phorum_cache_put('newflags', $newflagkey, $newinfo, 86400, $PHORUM['cache_version']);
    require_once "./include/format_functions.php";
    // Process the announcements.
    foreach ($messages as $message) {
        // Skip this message if it's older than the number of days that was
        // configured in the settings screen.
        if (!empty($PHORUM["mod_announcements"]["days_to_show"]) && $message["datestamp"] < time() - $PHORUM["mod_announcements"]["days_to_show"] * 86400) {
        // Check if there are new messages in the thread.
        if (isset($newinfo)) {
            $new = 0;
            foreach ($message["meta"]["message_ids"] as $id) {
                if (!isset($newinfo[$id]) && $id > $newinfo['min_id']) {
                    $new = 1;
            // There are new messages. Setup the template data for showing
            // a new flag.
            if ($new) {
                $message["new"] = $new ? $PHORUM["DATA"]["LANG"]["newflag"] : NULL;
                $message["URL"]["NEWPOST"] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $message["thread"], "gotonewpost");
            } elseif ($PHORUM["mod_announcements"]["only_show_unread"]) {
        // Setup template data for the message.
        $message["lastpost"] = phorum_date($PHORUM["short_date_time"], $message["modifystamp"]);
        $message["raw_datestamp"] = $message["datestamp"];
        $message["datestamp"] = phorum_date($PHORUM["short_date_time"], $message["datestamp"]);
        $message["URL"]["READ"] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $message["message_id"]);
        $PHORUM["DATA"]["ANNOUNCEMENTS"][] = $message;
    // If all announcements were skipped, then we are done.
    if (!isset($PHORUM["DATA"]["ANNOUNCEMENTS"])) {
    // format / clean etc. the messages found
    $PHORUM["DATA"]["ANNOUNCEMENTS"] = phorum_format_messages($PHORUM["DATA"]["ANNOUNCEMENTS"]);
    // Build the announcements code.
    include phorum_get_template("announcements::announcements");
    $PHORUM['DATA']['MOD_ANNOUNCEMENTS'] = ob_get_contents();
예제 #9
    phorum_api_user_unsubscribe($PHORUM['user']['user_id'], $thread);
    phorum_api_user_subscribe($PHORUM['user']['user_id'], $thread, $message["forum_id"], PHORUM_SUBSCRIPTION_BOOKMARK);
    $PHORUM["DATA"]["OKMSG"] = $PHORUM["DATA"]["LANG"]["NoMoreEmails"];
    $PHORUM["DATA"]["URL"]["REDIRECT"] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $thread);
    $PHORUM["DATA"]["BACKMSG"] = $PHORUM["DATA"]["LANG"]["BackToThread"];
    $template = "message";
} elseif (!empty($_POST)) {
    // the user has submitted the form
    $type = !empty($PHORUM["allow_email_notify"]) && isset($_POST["send_email"]) ? PHORUM_SUBSCRIPTION_MESSAGE : PHORUM_SUBSCRIPTION_BOOKMARK;
    phorum_api_user_subscribe($PHORUM['user']['user_id'], $thread, $message["forum_id"], $type);
    $PHORUM["DATA"]["URL"]["REDIRECT"] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $thread);
    $PHORUM["DATA"]["BACKMSG"] = $PHORUM["DATA"]["LANG"]["BackToThread"];
    $PHORUM["DATA"]["OKMSG"] = $PHORUM["DATA"]["LANG"]["BookmarkedThread"];
    $template = "message";
} else {
    // we are following a new thread
    require_once "include/format_functions.php";
    $messages = phorum_format_messages(array(1 => $message));
    $message = $messages[1];
    $PHORUM["DATA"]["URL"]["ACTION"] = phorum_get_url(PHORUM_FOLLOW_ACTION_URL);
    $PHORUM["DATA"]["SUBJECT"] = $message["subject"];
    $PHORUM["DATA"]["AUTHOR"] = $message["author"];
    $PHORUM["DATA"]["THREAD"] = $thread;
    $PHORUM["DATA"]["FORUM_ID"] = $PHORUM["forum_id"];
    $PHORUM["DATA"]["ALLOW_EMAIL_NOTIFY"] = !empty($PHORUM["allow_email_notify"]);
    $PHORUM["DATA"]['POST_VARS'] .= "<input type=\"hidden\" name=\"thread\" value=\"{$PHORUM["DATA"]["THREAD"]}\" />\n";
    $template = "follow";
// set all our common URL's
예제 #10
파일: control.php 프로젝트: mgs2/kw-forum
 * A common function which is used to save the userdata from the post-data.
 * @param panel - The panel for which to save data.
 * @return array - An array containing $error and $okmsg.
function phorum_controlcenter_user_save($panel)
    global $PHORUM;
    $error = "";
    $okmsg = "";
    // Setup the default userdata fields that can be changed
    // from the control panel interface.
    $userdata = array('signature' => NULL, 'hide_email' => NULL, 'hide_activity' => NULL, 'tz_offset' => NULL, 'is_dst' => NULL, 'user_language' => NULL, 'threaded_list' => NULL, 'threaded_read' => NULL, 'email_notify' => NULL, 'show_signature' => NULL, 'pm_email_notify' => NULL, 'user_template' => NULL, 'moderation_email' => NULL, 'real_name' => NULL, 'clubid' => NULL);
    // Password related fields can only be updated from the password panel.
    if ($panel == 'password') {
        $userdata['password'] = NULL;
        $userdata['password_temp'] = NULL;
    // E-mail address related fields can only be updated from the email panel.
    if ($panel == 'email') {
        $userdata['email'] = NULL;
        $userdata['email_temp'] = NULL;
    // Add custom profile fields as acceptable fields.
    foreach ($PHORUM["PROFILE_FIELDS"] as $id => $field) {
        if ($id === "num_fields" || !empty($field['deleted'])) {
        $userdata[$field["name"]] = NULL;
    // Update userdata with $_POST information.
    foreach ($_POST as $key => $val) {
        if (array_key_exists($key, $userdata)) {
            $userdata[$key] = $val;
    // Remove unused profile fields.
    foreach ($userdata as $key => $val) {
        if (is_null($val)) {
    // Set static userdata.
    $userdata["user_id"] = $PHORUM["user"]["user_id"];
     * [hook]
     *     cc_save_user
     * [description]
     *     This hook works the same way as the <hook>before_register</hook>
     *     hook, so you can also use it for changing and checking the user data
     *     that will be saved in the database. There's one difference. If you
     *     want to check a custom field, you'll also need to check the panel
     *     which you are on, because this hook is called from multiple panels.
     *     The panel that you are on will be stored in the
     *     <literal>panel</literal> field of the user data.<sbr/>
     *     <sbr/>
     *     The example hook belows demonstrates code which could be used if you
     *     have added a custom field to the template for the option
     *     <literal>Edit My Profile</literal> in the control panel.
     * [category]
     *     Control center
     * [when]
     *     In <filename>control.php</filename>, right before data for a user is
     *     saved in the control panel.
     * [input]
     *     An array containing the user data to save.
     *     <ul>
     *     <li>error:
     *         modules can fill this field with an error message to show.</li>
     *     </ul>
     * [output]
     *     The same array as the one that was used for the hook call
     *     argument, possibly with the "error" field updated in it.
     * [example]
     *     <hookcode>
     *     function phorum_mod_foo_cc_save_user ($data)
     *     {
     *         // Only check data for the panel "user".
     *         if ($data['panel'] != "user") return $data;
     *         $myfield = trim($data['your_custom_field']);
     *         if (empty($myfield)) {
     *             $data['error'] = 'You need to fill in my custom field';
     *         }
     *         return $data;
     *     }
     *     </hookcode>
    if (isset($PHORUM["hooks"]["cc_save_user"])) {
        $userdata['panel'] = $panel;
        $userdata = phorum_hook("cc_save_user", $userdata);
    // Set $error, in case the cc_save_user hook did set an error.
    if (isset($userdata['error'])) {
        $error = $userdata['error'];
        // Try to update the userdata in the database.
    } elseif (!phorum_api_user_save($userdata)) {
        // Updating the user failed.
        $error = $PHORUM["DATA"]["LANG"]["ErrUserAddUpdate"];
    } else {
        // Updating the user was successful.
        $okmsg = $PHORUM["DATA"]["LANG"]["ProfileUpdatedOk"];
        // Let the userdata be reloaded.
        phorum_api_user_set_active_user(PHORUM_FORUM_SESSION, $userdata["user_id"]);
        // If a new password was set, then reset all session id(s), so
        // other computers or browser will lose any active session that
        // they are running.
        if (isset($userdata["password"]) && $userdata["password"] != '') {
            phorum_api_user_session_create(PHORUM_FORUM_SESSION, PHORUM_SESSID_RESET_ALL);
        // Copy data from the updated user back into the user template data.
        $formatted = phorum_api_user_format(array($PHORUM['user']));
        foreach ($formatted[0] as $key => $val) {
            $PHORUM['DATA']['USER'][$key] = $val;
        // Copy data from the updated user back into the template data.
        // Leave PANEL and forum_id alone (these are injected into the
        // userdata in the template from this script).
        foreach ($PHORUM["DATA"]["PROFILE"] as $key => $val) {
            if ($key == "PANEL" || $key == "forum_id") {
            if (isset($PHORUM["user"][$key])) {
                if (is_array($val)) {
                    // array-data would be (most often) broken when html encoded
                    $PHORUM["DATA"]["PROFILE"][$key] = $PHORUM["user"][$key];
                } elseif (substr($key, 0, 9) == 'signature') {
                    // the signature needs special care - e.g. for the formatted sig
                    // Fake a message here so we can run the sig through format_message.
                    $fake_messages = array(array("author" => "", "email" => "", "subject" => "", "body" => $PHORUM["user"]["signature"]));
                    $fake_messages = phorum_format_messages($fake_messages);
                    $PHORUM["DATA"]["PROFILE"]["signature_formatted"] = $fake_messages[0]["body"];
                    // Format the user signature using standard message body formatting
                    // or  HTML escape it
                    $PHORUM["DATA"]["PROFILE"]["signature"] = htmlspecialchars($PHORUM["user"]["signature"], ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]);
                } else {
                    // same handling as when loading the page for the first time
                    $PHORUM["DATA"]["PROFILE"][$key] = htmlspecialchars($PHORUM["user"][$key], ENT_COMPAT, $PHORUM['DATA']['HCHARSET']);
            } else {
                $PHORUM["DATA"]["PROFILE"][$key] = "";
    return array($error, $okmsg);
예제 #11
파일: pm.php 프로젝트: nistormihai/Newscoop
function phorum_pm_format($messages)

    // Reformat message so it looks like a forum message.
    foreach ($messages as $id => $message)
        $messages[$id]["author"] = $message["from_username"];
        $messages[$id]["body"] = isset($message["message"]) ? $message["message"] : "";
        $messages[$id]["email"] = "";

    // Run the messages through the formatting code.
    $messages = phorum_format_messages($messages);

    // Reformat message back to a private message.
    foreach ($messages as $id => $message)
        $messages[$id]["message"] = $message["body"];
        $messages[$id]["from_username"] = $message["author"];

    return $messages;
예제 #12
파일: control.php 프로젝트: samuell/Core
 * A common function which is used to save the userdata from the post-data.
 * @param panel - The panel for which to save data.
 * @return array - An array containing $error and $okmsg.
function phorum_controlcenter_user_save($panel)
    global $PHORUM;
    $error = "";
    $okmsg = "";
    // Setup the default userdata fields that can be changed
    // from the control panel interface.
    $userdata = array('signature' => NULL, 'hide_email' => NULL, 'hide_activity' => NULL, 'tz_offset' => NULL, 'is_dst' => NULL, 'user_language' => NULL, 'threaded_list' => NULL, 'threaded_read' => NULL, 'email_notify' => NULL, 'show_signature' => NULL, 'pm_email_notify' => NULL, 'user_template' => NULL, 'moderation_email' => NULL, 'real_name' => NULL);
    // Password related fields can only be updated from the password panel.
    if ($panel == 'password') {
        $userdata['password'] = NULL;
        $userdata['password_temp'] = NULL;
    // E-mail address related fields can only be updated from the email panel.
    if ($panel == 'email') {
        $userdata['email'] = NULL;
        $userdata['email_temp'] = NULL;
    // E-mail address related fields can only be updated from the email panel.
    if ($panel == 'email') {
        $userdata['email'] = NULL;
        $userdata['email_temp'] = NULL;
    // Add custom profile fields as acceptable fields.
    foreach ($PHORUM["CUSTOM_FIELDS"][PHORUM_CUSTOM_FIELD_USER] as $id => $field) {
        if ($id === "num_fields" || !empty($field['deleted'])) {
        $userdata[$field["name"]] = NULL;
    // Update userdata with $_POST information.
    foreach ($_POST as $key => $val) {
        if (array_key_exists($key, $userdata)) {
            $userdata[$key] = $val;
    // Remove unused profile fields.
    foreach ($userdata as $key => $val) {
        if (is_null($val)) {
    // Set static userdata.
    $userdata["user_id"] = $PHORUM["user"]["user_id"];
    // Run a hook, so module writers can update and check the userdata.
    if (isset($PHORUM["hooks"]["cc_save_user"])) {
        $userdata = phorum_api_hook("cc_save_user", $userdata);
    // Set $error, in case the cc_save_user hook did set an error.
    if (isset($userdata['error'])) {
        $error = $userdata['error'];
        // Try to update the userdata in the database.
    } elseif (!phorum_api_user_save($userdata)) {
        // Updating the user failed.
        $error = $PHORUM["DATA"]["LANG"]["ErrUserAddUpdate"];
    } else {
        // Updating the user was successful.
        $okmsg = $PHORUM["DATA"]["LANG"]["ProfileUpdatedOk"];
        // Let the userdata be reloaded.
        phorum_api_user_set_active_user(PHORUM_FORUM_SESSION, $userdata["user_id"]);
        // If a new password was set, then reset all session id(s), so
        // other computers or browser will lose any active session that
        // they are running.
        if (isset($userdata["password"]) && $userdata["password"] != '') {
            phorum_api_user_session_create(PHORUM_FORUM_SESSION, PHORUM_SESSID_RESET_ALL);
        // Copy data from the updated user back into the user template data.
        $formatted = phorum_api_format_users(array($PHORUM['user']));
        foreach ($formatted[0] as $key => $val) {
            $PHORUM['DATA']['USER'][$key] = $val;
        // Copy data from the updated user back into the template data.
        // Leave PANEL and forum_id alone (these are injected into the
        // userdata in the template from this script).
        foreach ($PHORUM["DATA"]["PROFILE"] as $key => $val) {
            if ($key == "PANEL" || $key == "forum_id") {
            if (isset($PHORUM["user"][$key])) {
                if (is_array($val)) {
                    // array-data would be (most often) broken when html encoded
                    $PHORUM["DATA"]["PROFILE"][$key] = $PHORUM["user"][$key];
                } elseif (substr($key, 0, 9) == 'signature') {
                    // the signature needs special care - e.g. for the formatted sig
                    // Fake a message here so we can run the sig through format_message.
                    $fake_messages = array(array("author" => "", "email" => "", "subject" => "", "body" => $PHORUM["user"]["signature"]));
                    $fake_messages = phorum_format_messages($fake_messages);
                    $PHORUM["DATA"]["PROFILE"]["signature_formatted"] = $fake_messages[0]["body"];
                    // Format the user signature using standard message body formatting
                    // or  HTML escape it
                    $PHORUM["DATA"]["PROFILE"]["signature"] = htmlspecialchars($PHORUM["user"]["signature"], ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]);
                } else {
                    // same handling as when loading the page for the first time
                    $PHORUM["DATA"]["PROFILE"][$key] = htmlspecialchars($PHORUM["user"][$key], ENT_COMPAT, $PHORUM['DATA']['HCHARSET']);
            } else {
                $PHORUM["DATA"]["PROFILE"][$key] = "";
    return array($error, $okmsg);
예제 #13
파일: list.php 프로젝트: mgs2/kw-forum
            $PHORUM["DATA"]["ATTACHMENTS"] = true;
            $row["attachments"] = $row["meta"]["attachments"];
            // unset($row["meta"]["attachments"]);
            foreach ($row["attachments"] as $key => $file) {
                $row["attachments"][$key]["size"] = phorum_filesize($file["size"]);
                $row["attachments"][$key]["name"] = htmlspecialchars($file['name'], ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]);
                $row["attachments"][$key]["url"] = str_replace(array('%file_id%', '%file_name%'), array($file['file_id'], urlencode($file['name'])), $attachment_url_template);
        $rows[$id] = $row;
// The list page needs additional formatting for the recent author data
$recent_author_spec = array("recent_user_id", "recent_author", NULL, "recent_author", "RECENT_AUTHOR_PROFILE");
// format messages
$rows = phorum_format_messages($rows, array($recent_author_spec));
//timing_mark('after formatting');
// set up the data
$PHORUM["DATA"]["MESSAGES"] = $rows;
    $PHORUM["DATA"]["URL"]["MARK_READ"] = phorum_get_url(PHORUM_LIST_URL, $PHORUM["forum_id"], "markread");
    $PHORUM["DATA"]["URL"]["UNAPPROVED"] = phorum_get_url(PHORUM_CONTROLCENTER_URL, "panel=messages");
// add feed url
if (isset($PHORUM['use_rss']) && $PHORUM['use_rss']) {
    $PHORUM['DATA']['FEEDS'] = array(array('URL' => phorum_get_url(PHORUM_FEED_URL, $PHORUM['forum_id'], 'type=' . $PHORUM['default_feed']), 'TITLE' => $PHORUM['DATA']['FEED'] . ' (' . strtolower($PHORUM['DATA']['LANG']['Threads']) . ')'), array("URL" => phorum_get_url(PHORUM_FEED_URL, $PHORUM['forum_id'], 'replies=1', 'type=' . $PHORUM['default_feed']), "TITLE" => $PHORUM['DATA']['FEED'] . ' (' . strtolower($PHORUM['DATA']['LANG']['Threads'] . ' + ' . $PHORUM['DATA']['LANG']['replies']) . ')'));
    $PHORUM["DATA"]["URL"]["FEED"] = phorum_get_url(PHORUM_FEED_URL, $PHORUM['forum_id'], 'replies=1', 'type=' . $PHORUM['default_feed']);
// updating new-info for first visit (last message on first page is first new)
예제 #14
파일: search.php 프로젝트: sheldon/dejavu
     $search_request_data = phorum_hook('search_action', $search_request_data);
 // only continue if our hook was either not run or didn't return a stop request
 if ($search_request_data['continue']) {
     $arr = phorum_db_search($phorum_search, $phorum_author, $PHORUM["args"]["match_threads"], $offset, $PHORUM["list_length"], $PHORUM["args"]["match_type"], $PHORUM["args"]["match_dates"], $PHORUM["args"]["match_forum"]);
     $raw_body = 0;
 } else {
     $arr['rows'] = $search_request_data['results'];
     $arr['count'] = $search_request_data['totals'];
     $raw_body = $search_request_data['raw_body'];
 if (count($arr["rows"])) {
     $match_number = $start + 1;
     $forums = phorum_db_get_forums(0, NULL, $PHORUM["vroot"]);
     if (!$raw_body) {
         $arr["rows"] = phorum_format_messages($arr["rows"]);
     foreach ($arr["rows"] as $key => $row) {
         $arr["rows"][$key]["number"] = $match_number;
         $arr["rows"][$key]["URL"]["READ"] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $row["forum_id"], $row["thread"], $row["message_id"]);
         // strip HTML & BB Code
         if (!$raw_body) {
             $body = phorum_strip_body($arr["rows"][$key]["body"]);
             $arr["rows"][$key]["short_body"] = substr($body, 0, 400);
         $arr["rows"][$key]["raw_datestamp"] = $row["datestamp"];
         $arr["rows"][$key]["datestamp"] = phorum_relative_date($row["datestamp"]);
         $forum_ids[$row["forum_id"]] = $row["forum_id"];
     foreach ($arr["rows"] as $key => $row) {
예제 #15
           "javascript:alert('" . $PHORUM["DATA"]["LANG"]["PreviewNoClickAttach"] . "')");

    // Create the URL and formatted size for attachment files.
    foreach ($previewmessage["attachments"] as $nr => $data) {
        $previewmessage["attachments"][$nr]["url"] =
            phorum_get_url(PHORUM_FILE_URL, "file={$data['file_id']}");
        $previewmessage["attachments"][$nr]["size"] =

// Format the message using the default formatting.
$previewmessages = phorum_format_messages(array($previewmessage));
$previewmessage = array_shift($previewmessages);

// Recount the number of attachments. Formatting mods might have changed
// the number of attachments we have to display using default formatting.
$attach_count = 0;
if (isset($previewmessage["attachments"])) {
    foreach ($previewmessage["attachments"] as $attachment) {
        if ($attachment["keep"]) {
            $attach_count ++;

if ($attach_count)