/** * File Class * @access private */ function filespec($upload_ary, $upload_namespace) { if (!isset($upload_ary)) { $this->init_error = true; return; } $this->filename = $upload_ary['tmp_name']; $this->filesize = $upload_ary['size']; $name = STRIP ? stripslashes($upload_ary['name']) : $upload_ary['name']; $name = trim(utf8_htmlspecialchars(utf8_basename($name))); $this->realname = $this->uploadname = $name; $this->mimetype = $upload_ary['type']; // Opera adds the name to the mime type $this->mimetype = strpos($this->mimetype, '; name') !== false ? str_replace(strstr($this->mimetype, '; name'), '', $this->mimetype) : $this->mimetype; if (!$this->mimetype) { $this->mimetype = 'application/octetstream'; } $this->extension = strtolower($this->get_extension($this->realname)); // Try to get real filesize from temporary folder (not always working) ;) $this->filesize = @filesize($this->filename) ? @filesize($this->filename) : $this->filesize; $this->width = $this->height = 0; $this->file_moved = false; $this->local = isset($upload_ary['local_mode']) ? true : false; $this->upload = $upload_namespace; }
function main($id, $mode) { global $config, $template, $phpbb_admin_path, $phpEx; $collect_url = "http://www.phpbb.com/stats/receive_stats.php"; $this->tpl_name = 'acp_send_statistics'; $this->page_title = 'ACP_SEND_STATISTICS'; // generate a unique id if necessary if (!isset($config['questionnaire_unique_id'])) { $install_id = unique_id(); set_config('questionnaire_unique_id', $install_id); } else { $install_id = $config['questionnaire_unique_id']; } $collector = new phpbb_questionnaire_data_collector($install_id); // Add data provider $collector->add_data_provider(new phpbb_questionnaire_php_data_provider()); $collector->add_data_provider(new phpbb_questionnaire_system_data_provider()); $collector->add_data_provider(new phpbb_questionnaire_phpbb_data_provider($config)); $template->assign_vars(array('U_COLLECT_STATS' => $collect_url, 'RAW_DATA' => $collector->get_data_for_form(), 'U_ACP_MAIN' => append_sid("{$phpbb_admin_path}index.{$phpEx}"))); $raw = $collector->get_data_raw(); foreach ($raw as $provider => $data) { if ($provider == 'install_id') { $data = array($provider => $data); } $template->assign_block_vars('providers', array('NAME' => htmlspecialchars($provider))); foreach ($data as $key => $value) { if (is_array($value)) { $value = utf8_wordwrap(serialize($value), 75, "\n", true); } $template->assign_block_vars('providers.values', array('KEY' => utf8_htmlspecialchars($key), 'VALUE' => utf8_htmlspecialchars($value))); } } }
function main($id, $mode) { global $template, $request, $phpbb_root_path, $phpbb_admin_path, $user, $cache, $config, $phpEx; $user->add_lang_ext('marttiphpbb/customcode', 'acp'); add_form_key('marttiphpbb/customcode'); $customcode_directory = new customcode_directory($user, $phpbb_root_path); $filenames = $customcode_directory->get_filenames(); if ($config['tpl_allow_php']) { $params = array('i' => 'acp_board', 'mode' => 'security'); $link = append_sid($phpbb_admin_path . 'index.' . $phpEx, $params, true, $user->session_id) . '#tpl_allow_php'; $template->assign_var('ACP_CUSTOMCODE_INCLUDEPHP_WARNING', sprintf($user->lang('ACP_CUSTOMCODE_INCLUDEPHP_WARNING'), '<a href="' . $link . '">', '</a>')); } switch ($mode) { case 'edit': $this->tpl_name = 'edit'; $this->page_title = $user->lang('ACP_CUSTOMCODE_EDIT'); $file = $request->variable('filename', '', true); $editor_rows = max(5, min(999, $request->variable('editor_rows', 8))); $save = $request->is_set_post('save'); $save_purge_cache = $request->is_set_post('save_purge_cache'); if ($save || $save_purge_cache) { $data = utf8_normalize_nfc($request->variable('file_data', '', true)); $data = htmlspecialchars_decode($data); if (confirm_box(true)) { $customcode_directory->save_to_file($file, $data); if ($save_purge_cache) { $config->increment('assets_version', 1); $cache->purge(); trigger_error(sprintf($user->lang('ACP_CUSTOMCODE_FILE_SAVED_CACHE_PURGED'), $file) . adm_back_link($this->u_action . '&filename=' . $file)); } trigger_error(sprintf($user->lang('ACP_CUSTOMCODE_FILE_SAVED'), $file) . adm_back_link($this->u_action . '&filename=' . $file)); } if (!in_array($file, $filenames)) { trigger_error(sprintf($user->lang('ACP_CUSTOMCODE_FILE_DOES_NOT_EXIST'), $file) . adm_back_link($this->u_action), E_USER_WARNING); } $confirm_message = $save_purge_cache ? 'ACP_CUSTOMCODE_SAVE_PURGE_CACHE_CONFIRM' : 'ACP_CUSTOMCODE_SAVE_CONFIRM'; $s_hidden_fields = array('filename' => $file, 'file_data' => utf8_htmlspecialchars($data), 'mode' => 'edit'); $submit_field = $save_purge_cache ? 'save_purge_cache' : 'save'; $s_hidden_fields[$submit_field] = 1; confirm_box(false, sprintf($user->lang($confirm_message), $file), build_hidden_fields($s_hidden_fields)); } else { reset($filenames); $file = $file == '' ? current($filenames) : $file; } $data = $customcode_directory->file_get_contents($file); $options = ''; $event_file_indicator = $user->lang('ACP_CUSTOMCODE_EVENT_FILE_INDICATOR'); foreach ($filenames as $filename) { $options .= '<option value="' . $filename . '"'; $options .= $filename == $file ? ' selected="selected"' : ''; $options .= '>' . $filename; $options .= $customcode_directory->is_event($filename) ? ' ' . $event_file_indicator : ''; $options .= '</option>'; } $template->assign_vars(array('U_ACTION' => $this->u_action, 'EDITOR_ROWS' => $editor_rows, 'FILENAME' => $file, 'S_IS_EVENT' => $customcode_directory->is_event($file), 'FILE_DATA' => utf8_htmlspecialchars($data), 'S_FILENAMES' => $options, 'INCLUDE_EXAMPLE' => sprintf($user->lang('ACP_CUSTOMCODE_INCLUDE_EXAMPLE', $customcode_directory->get_dir())))); break; case 'files': $this->tpl_name = 'files'; $this->page_title = $user->lang('ACP_CUSTOMCODE_FILES'); $new_file = $request->variable('new_file', ''); $file_to_delete = array_keys($request->variable('delete', array('' => ''))); $file_to_delete = sizeof($file_to_delete) ? $file_to_delete[0] : false; if ($request->is_set_post('create')) { if (!check_form_key('marttiphpbb/customcode')) { trigger_error('FORM_INVALID'); } if (!$new_file) { trigger_error($user->lang('ACP_CUSTOMCODE_FILENAME_EMPTY') . adm_back_link($this->u_action), E_USER_WARNING); } if (in_array($new_file, $filenames)) { trigger_error(sprintf($user->lang('ACP_CUSTOMCODE_FILE_ALREADY_EXISTS'), $new_file) . adm_back_link($this->u_action), E_USER_WARNING); } $customcode_directory->create_file($new_file); trigger_error(sprintf($user->lang('ACP_CUSTOMCODE_FILE_CREATED'), $new_file) . adm_back_link($this->u_action)); } if ($request->is_set_post('delete')) { if (!in_array($file_to_delete, $filenames)) { trigger_error(sprintf($user->lang('ACP_CUSTOMCODE_FILE_DOES_NOT_EXIST'), $file_to_delete) . adm_back_link($this->u_action), E_USER_WARNING); } if (confirm_box(true)) { $customcode_directory->delete_file($file_to_delete); trigger_error(sprintf($user->lang('ACP_CUSTOMCODE_FILE_DELETED'), $file_to_delete) . adm_back_link($this->u_action)); } $s_hidden_fields = array('mode' => 'files', 'delete' => array($file_to_delete => 1)); confirm_box(false, sprintf($user->lang('ACP_CUSTOMCODE_DELETE_FILE_CONFIRM'), $file_to_delete), build_hidden_fields($s_hidden_fields)); } $u_edit = str_replace('mode=files', 'mode=edit', $this->u_action); foreach ($filenames as $filename) { $template->assign_block_vars('files', array('S_IS_EVENT' => $customcode_directory->is_event($filename), 'NAME' => $filename, 'U_EDIT' => $u_edit . '&filename=' . $filename, 'SIZE' => $customcode_directory->get_filesize($filename), 'COMMENT' => $customcode_directory->get_comment($filename), 'DELETE_FILE_NAME' => sprintf($user->lang('ACP_CUSTOMCODE_DELETE_FILE_NAME'), $filename))); } $template->assign_vars(array('U_ACTION' => $this->u_action, 'NEW_FILE' => $new_file, 'FILES_EXPLAIN' => sprintf($user->lang('ACP_CUSTOMCODE_FILES_EXPLAIN'), $user->lang('ACP_CUSTOMCODE_EVENT_FILE_INDICATOR'), $customcode_directory->get_dir()))); if ($request->variable('customcode_show_events', 0)) { $template->assign_var('U_CUSTOMCODE_HIDE_EVENTS', append_sid($phpbb_root_path . 'index.' . $phpEx, array('customcode_hide_events' => 1))); } else { $template->assign_var('U_CUSTOMCODE_SHOW_EVENTS', append_sid($phpbb_root_path . 'index.' . $phpEx, array('customcode_show_events' => 1))); } break; } }
/** * Add backtrace message for debugging */ function add_backtrace($message) { if ($this->backtrace) { $this->backtrace_log[] = utf8_htmlspecialchars($message); } }
/** * constuctor */ function gym_rss() { global $phpbb_seo, $phpEx, $config, $user; global $db, $auth; $this->gym_sitemaps('rss'); // init output $this->output_data['showstats'] = (bool) ($this->gym_config['gym_showstats'] || $this->gym_config['rss_showstats']); // Check the main vars $this->init_get_vars(); // url without IDs like forum feed url in case the phpBB SEO mod are used and set so // and basic parameter for url such as blabla/news/digest/long/module-rss.xml => gymrss.php?module=blabla&news&digest&long if (isset($_GET['nametoid']) && !empty($_GET['nametoid']) && isset($_GET['modulename']) && !empty($_GET['modulename']) && empty($this->actions['module_main']) && empty($this->actions['module_sub'])) { $module_name = trim(strtolower($_GET['modulename'])); // is the module available ? if (in_array($module_name, $this->actions['action_modules'])) { $this->actions['module_main'] = $module_name; // Do we get an id (?module=id) if ($id = @array_search(trim($_GET['nametoid']), $phpbb_seo->cache_config[$module_name])) { $this->actions['module_sub'] = intval($id); } else { // Pass the variable to the script ?module_name=$_GET['nametoid'] $this->actions['module_sub'] = trim(utf8_htmlspecialchars(str_replace(array("\n", "\r"), '', $_GET['nametoid']))); } } } if (empty($this->actions['action_modules'])) { $this->gym_error(404, '', __FILE__, __LINE__); } // Set last mod time from DB, will only be used as his for general feeds and channel lists // put it into phpbb config for the dynamic property. $config_name = $this->actions['action_type'] . '_' . (!empty($this->actions['module_main']) ? $this->actions['module_main'] . '_' : '') . 'last_mod_time'; if (@$config[$config_name] < $config['board_startdate']) { set_config($config_name, $user->time_now, 1); } $this->output_data['last_mod_time'] = intval($config[$config_name]); // Init the output class $this->gym_init_output(); // Setup the output $this->cache_config = array_merge($this->cache_config, array('cache_enable' => (bool) $this->set_module_option('cache_on', $this->override['cache']), 'cache_auto_regen' => (bool) $this->set_module_option('cache_auto_regen', $this->override['cache']), 'cache_force_gzip' => (bool) $this->set_module_option('cache_force_gzip', $this->override['cache']), 'cache_born' => $this->output_data['last_mod_time'], 'cache_max_age' => round($this->set_module_option('cache_max_age', $this->override['cache']), 2) * 3600, 'cache_file_ext' => $this->gym_output->gzip_config['gzip'] || $this->gym_config['rss_cache_force_gzip'] ? '.xml.gz' : '.xml')); // Can you believe it, sprintf is faster than straight parsing. $this->style_config = array('rss_header' => '<' . '?xml version="1.0" encoding="utf-8"?' . '>%s' . "\n" . '<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/"' . "\n\t" . 'xmlns:content="http://purl.org/rss/1.0/modules/content/"' . "\n\t" . 'xmlns:atom="http://www.w3.org/2005/Atom">' . "\n" . '<!-- Generated by Google Yahoo MSN Sitemaps and RSS %s - © 2006, ' . date('Y') . ' www.phpBB-SEO.com -->', 'rss_footer' => "\n\t" . '</channel>' . "\n" . '</rss>', 'rss_item_tpl' => "\n\t\t" . '<item>' . "\n\t\t\t" . '<title>%1$s</title>' . "\n\t\t\t" . '<link>%2$s</link>%3$s' . "\n\t\t\t" . '<description>%4$s</description>%8$s' . "\n\t\t\t" . '<source url="%5$s">%6$s</source>' . "\n\t\t\t" . '<guid isPermaLink="true">%7$s</guid>' . "\n\t\t" . '</item>', 'rsschan_tpl' => "\n\t" . '<channel>' . "\n\t\t" . '<title>%1$s</title>' . "\n\t\t" . '<link>%2$s</link>' . "\n\t\t" . '<description>%3$s</description>%4$s' . "\n\t\t" . '%5$s' . "\n\t\t" . '<docs>http://blogs.law.harvard.edu/tech/rss</docs>' . "\n\t\t" . '<generator>Google Yahoo MSN Sitemaps and RSS ' . $this->gym_config['gym_version'] . ' - © 2006, ' . date('Y') . ' www.phpBB-SEO.com</generator>%6$s' . "\n\t\t" . '<atom:link href="%7$s" rel="self" type="application/rss+xml" />%8$s', 'rsschan_input_tpl' => "\n\t\t" . '<textInput>' . "\n\t\t\t" . '<title>%1$s</title>' . "\n\t\t\t" . '<description>%2$s</description>' . "\n\t\t\t" . '<link>%3$s</link>' . "\n\t\t\t" . '<name>%4$s</name>' . "\n\t\t" . '</textInput>' . "\n", 'rsschan_img_tpl' => '<image>' . "\n\t\t\t" . '<title>%1$s</title>' . "\n\t\t\t" . '<url>%2$s</url>' . "\n\t\t\t" . '<link>%3$s</link>' . "\n\t\t" . '</image>', 'chan_lastbuildate_tpl' => "\n\t\t" . '<lastBuildDate>%1$s</lastBuildDate>', 'chan_ttl_tpl' => "\n\t\t" . '<ttl>%1$s</ttl>', 'item_pubdate_tpl' => "\n\t\t\t" . '<pubDate>%1$s</pubDate>', 'item_creator_tpl' => "\n\t\t\t" . '<dc:creator>%1$s</dc:creator>', 'xslt_style' => '', 'stats_genlist' => "\n" . '<!-- URL list generated in %s s %s - %s sql - %s URLs listed -->', 'stats_start' => "\n" . '<!-- Output started from cache after %s s - %s sql -->', 'stats_nocache' => "\n" . '<!-- Output ended after %s s %s -->', 'stats_end' => "\n" . '<!-- Output from cache ended up after %s s - %s sql -->'); $rss_limit_time = (int) $this->set_module_option('limit_time', $this->override['limit']); $rss_lang = trim($this->set_module_option('lang', $this->gym_config['rss_override'])); $this->rss_config = array('rss_c_info' => !empty($this->gym_config['rss_c_info']) ? "\n\t\t" . '<copyright>' . $this->xml_encode($this->gym_config['rss_c_info']) . '</copyright>' : '', 'rss_xslt' => $this->gym_config['rss_xslt'] ? true : false, 'rss_force_xslt' => $this->gym_config['rss_xslt'] && $this->gym_config['rss_force_xslt'] ? true : false, 'rss_lang' => !empty($rss_lang) ? "\n\t\t" . '<language>' . $this->xml_encode($rss_lang) . '</language>' : '', 'rss_url' => $phpbb_seo->sslify($this->gym_config['rss_url'], $phpbb_seo->ssl['use'], false), 'rss_yahoo_appid' => !empty($this->gym_config['rss_yahoo_appid']) ? trim($this->gym_config['rss_yahoo_appid']) : '', 'rss_url_limit' => (int) $this->set_module_option('url_limit', $this->override['limit']), 'rss_sql_limit' => (int) $this->set_module_option('sql_limit', $this->override['limit']), 'rss_limit_time' => $rss_limit_time >= 0 ? $rss_limit_time * 3600 * 24 : 0, 'rss_modrewrite' => (int) $this->set_module_option('modrewrite', $this->override['modrewrite']), 'rss_modrtype' => (int) $this->set_module_option('modrtype', $this->override['modrewrite']), 'rss_sitename' => $this->set_module_option('sitename'), 'rss_site_desc' => $this->set_module_option('site_desc'), 'rss_logo_url' => $this->path_config['gym_img_url'] . trim($this->set_module_option('logo_url'), '/'), 'rss_image_url' => $this->path_config['gym_img_url'] . trim($this->set_module_option('image_url'), '/'), 'rss_sort' => $this->set_module_option('sort', $this->override['sort']), 'rss_allow_auth' => (bool) $this->set_module_option('allow_auth', $this->gym_config['rss_override']), 'rss_cache_auth' => (bool) $this->set_module_option('cache_auth', $this->gym_config['rss_override']), 'rss_allow_content' => (bool) $this->set_module_option('allow_content', $this->gym_config['rss_override']), 'rss_allow_news' => (bool) $this->set_module_option('allow_news', $this->gym_config['rss_override']), 'rss_news_update' => round($this->set_module_option('news_update', $this->gym_config['rss_override']), 2) * 3600, 'rss_allow_profile' => (bool) $this->set_module_option('allow_profile', $this->gym_config['rss_override']), 'rss_allow_profile_links' => (bool) $this->set_module_option('allow_profile_links', $this->gym_config['rss_override']), 'rss_sumarize' => (int) $this->set_module_option('sumarize', $this->gym_config['rss_override']), 'rss_sumarize_method' => trim($this->set_module_option('sumarize_method', $this->gym_config['rss_override'])), 'rss_allow_short' => (bool) $this->set_module_option('allow_short', $this->gym_config['rss_override']), 'rss_allow_long' => (bool) $this->set_module_option('allow_long', $this->gym_config['rss_override']), 'rss_allow_bbcode' => (bool) $this->set_module_option('allow_bbcode', $this->gym_config['rss_override']), 'rss_strip_bbcode' => trim($this->set_module_option('strip_bbcode', $this->gym_config['rss_override'])), 'rss_allow_links' => (bool) $this->set_module_option('allow_links', $this->gym_config['rss_override']), 'rss_allow_emails' => (bool) $this->set_module_option('allow_emails', $this->gym_config['rss_override']), 'rss_allow_smilies' => (bool) $this->set_module_option('allow_smilies', $this->gym_config['rss_override']), 'rss_yahoo_notify' => (bool) $this->set_module_option('yahoo_notify', $this->gym_config['rss_override']), 'rss_nohtml' => (bool) $this->set_module_option('nohtml', $this->gym_config['rss_override']), 'rss_display_author' => true, 'rss_yahoo_notify_url' => '', 'rss_msg_filters' => array(), 'rss_auth_msg' => '', 'rss_do_explain' => false); $this->rss_config['rss_auth_guest'] = $this->rss_config['rss_allow_auth'] && $user->data['is_registered'] ? false : true; $this->cache_config['do_cache'] = $this->rss_config['rss_auth_guest'] ? true : $this->rss_config['rss_cache_auth']; // remind for later $this->rss_config['rss_profile_mode'] = $this->rss_config['rss_allow_profile_links'] ? 'full' : 'no_profile'; // Check the rss specific vars and do basic set_up for msg output $this->init_rss_vars(); if (!$this->rss_config['rss_auth_guest']) { $this->rss_config['rss_auth_msg'] = "\n" . ($this->actions['rss_channel_list'] || empty($this->actions['module_sub']) || $this->actions['module_sub'] == 'channels' ? sprintf($user->lang['RSS_AUTH_SOME_USER'], $user->data['username']) : sprintf($user->lang['RSS_AUTH_THIS_USER'], $user->data['username'])) . "\n"; } // Are we going to explain ? if (!empty($_REQUEST['explain']) && $auth->acl_get('a_') && defined('DEBUG_EXTRA') && method_exists($db, 'sql_report')) { $this->rss_config['rss_do_explain'] = true; $this->cache_config['do_cache'] = false; } $this->rss_output(); if ($this->rss_config['rss_do_explain']) { $db->sql_report('display'); } else { $this->gym_output->do_output(); } return; }
/** * Splits keywords entered by a user into an array of words stored in $this->split_words * Stores the tidied search query in $this->search_query * * @param string &$keywords Contains the keyword as entered by the user * @param string $terms is either 'all' or 'any' * @return bool false if no valid keywords were found and otherwise true */ public function split_keywords(&$keywords, $terms) { if ($terms == 'all') { $match = array('#\\sand\\s#iu', '#\\sor\\s#iu', '#\\snot\\s#iu', '#(^|\\s)\\+#', '#(^|\\s)-#', '#(^|\\s)\\|#'); $replace = array(' +', ' |', ' -', ' +', ' -', ' |'); $keywords = preg_replace($match, $replace, $keywords); } // Filter out as above $split_keywords = preg_replace("#[\"\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords))); // Split words $split_keywords = preg_replace('#([^\\p{L}\\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords))); $matches = array(); preg_match_all('#(?:[^\\p{L}\\p{N}*"()]|^)([+\\-|]?(?:[\\p{L}\\p{N}*"()]+\'?)*[\\p{L}\\p{N}*"()])(?:[^\\p{L}\\p{N}*"()]|$)#u', $split_keywords, $matches); $this->split_words = $matches[1]; foreach ($this->split_words as $i => $word) { $clean_word = preg_replace('#^[+\\-|"]#', '', $word); // check word length $clean_len = utf8_strlen(str_replace('*', '', $clean_word)); if ($clean_len < $this->config['fulltext_postgres_min_word_len'] || $clean_len > $this->config['fulltext_postgres_max_word_len']) { $this->common_words[] = $word; unset($this->split_words[$i]); } } if ($terms == 'any') { $this->search_query = ''; $this->tsearch_query = ''; foreach ($this->split_words as $word) { if (strpos($word, '+') === 0 || strpos($word, '-') === 0 || strpos($word, '|') === 0) { $word = substr($word, 1); } $this->search_query .= $word . ' '; $this->tsearch_query .= '|' . $word . ' '; } } else { $this->search_query = ''; $this->tsearch_query = ''; foreach ($this->split_words as $word) { if (strpos($word, '+') === 0) { $this->search_query .= $word . ' '; $this->tsearch_query .= '&' . substr($word, 1) . ' '; } else { if (strpos($word, '-') === 0) { $this->search_query .= $word . ' '; $this->tsearch_query .= '&!' . substr($word, 1) . ' '; } else { if (strpos($word, '|') === 0) { $this->search_query .= $word . ' '; $this->tsearch_query .= '|' . substr($word, 1) . ' '; } else { $this->search_query .= '+' . $word . ' '; $this->tsearch_query .= '&' . $word . ' '; } } } } } $this->tsearch_query = substr($this->tsearch_query, 1); $this->search_query = utf8_htmlspecialchars($this->search_query); if ($this->search_query) { $this->split_words = array_values($this->split_words); sort($this->split_words); return true; } return false; }
/** * Transfers the relevant configuration information from the source forum * The mapping of fields is specified in $config_schema, see convert_phpbb20.php for more details */ function restore_config($schema) { global $db, $config; $convert_config = get_config(); foreach ($schema['settings'] as $config_name => $src) { if (preg_match('/(.*)\\((.*)\\)/', $src, $m)) { $var = empty($m[2]) || empty($convert_config[$m[2]]) ? "''" : "'" . addslashes($convert_config[$m[2]]) . "'"; $exec = '$config_value = ' . $m[1] . '(' . $var . ');'; eval($exec); } else { $config_value = isset($convert_config[$src]) ? $convert_config[$src] : ''; } if ($config_value !== '') { // Most are... if (is_string($config_value)) { $config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, 255, false); } set_config($config_name, $config_value); } } }
/** * Adjust 2.0.x disallowed names to 3.0.x format */ function phpbb_disallowed_username($username) { // Replace * with % $username = phpbb_set_default_encoding(str_replace('*', '%', $username)); return utf8_htmlspecialchars($username); }
/** * Injects a post's number into the row's POST_NUMBER and MINI_POST_IMG fields */ protected function inject_post_num($post_row, $post_num) { $bold_open = $bold_close = ''; if ($this->cfg('bold')) { $bold_open = '<strong>'; $bold_close = '</strong>'; } $lang_copy_title = utf8_htmlspecialchars($this->user->lang('POSTNUMBERS_COPY_TITLE')); $lang_copied = utf8_htmlspecialchars($this->user->lang('POSTNUMBERS_COPIED')); $lang_copy_manually = utf8_htmlspecialchars($this->user->lang('POSTNUMBERS_COPY_MANUALLY')); $post_row['POST_NUMBER'] = sprintf('<span class="post-number" title="%s" data-tooltip="%s" data-copy-manually="%s">%s#%d%s</span>', $lang_copy_title, $lang_copied, $lang_copy_manually, $bold_open, $post_num, $bold_close); $href = isset($post_row['U_MINI_POST']) ? $post_row['U_MINI_POST'] : '#pr' . $post_row['POST_ID']; $post_row['MINI_POST_IMG'] = sprintf('%s</a><a href="%s"> %s ', $post_row['MINI_POST_IMG'], $href, $post_row['POST_NUMBER']); return $post_row; }
/** * sitemap, builds the sitemap * @access private */ function sitemap() { global $cache, $phpEx, $config; if (!empty($this->txt_files[$this->options['module_sub']])) { // Check robots.txt ? if ($this->module_config['google_check_robots']) { $this->gym_master->obtain_robots_disallows(); } $sitemap_txt_url = sprintf($this->url_settings['google_txt_tpl'], $this->options['module_sub']); $this->gym_master->seo_kill_dupes($sitemap_txt_url); $txt_file = $this->txt_files[$this->options['module_sub']]; // Grab data if (($txt_data = @file($txt_file)) && is_array($txt_data)) { $last_mod = (int) @filemtime($txt_file); $url_count = count($txt_data); $this->outputs['last_mod_time'] = $last_mod > $config['board_startdate'] ? $last_mod : time() - rand(500, 10000); // Randomize ? if ($this->module_config['google_randomize']) { shuffle($txt_data); } // Limit ? if ($this->module_config['google_url_limit'] > 0 && $this->module_config['google_url_limit'] < $url_count) { $txt_data = array_slice($txt_data, 0, $this->module_config['google_url_limit']); } // Force last mod ? $last_mod = $this->module_config['google_force_lastmod'] ? $this->outputs['last_mod_time'] : 0; // Parse URLs $dt = rand(0, 3600); $url_check = array(); foreach ($txt_data as $key => $url) { $url = trim($url); if (empty($url) || $this->module_config['google_check_robots'] && $this->gym_master->is_robots_disallowed($url)) { continue; } // Check unique ? if ($this->module_config['google_unique']) { if (isset($url_check[$url])) { continue; } $url_check[$url] = 1; } if ($this->module_config['google_force_lastmod']) { $_last_mod = $last_mod - $dt; $priority = $this->gym_master->get_priority($_last_mod); $changefreq = $this->gym_master->get_changefreq($_last_mod); } else { $_last_mod = $priority = $changefreq = 0; } $this->gym_master->parse_item(utf8_htmlspecialchars($url), $priority, $changefreq, $_last_mod); $dt += rand(30, 3600 * 12); unset($txt_data[$key]); } } else { // Clear the cache to make sure the guilty url is not shown in the sitemapIndex $cache->destroy('_gym_config_google_txt'); $this->gym_master->gym_error(404, '', __FILE__, __LINE__); } } else { $this->gym_master->gym_error(404, '', __FILE__, __LINE__); } return; }
protected function whereTerm($compareMode, $property, $value) { global $db; $column = $this->propertyToColumn($property); if (empty($column) || empty($value) && $value !== '0') { return ''; } // Because we decoded the search restriction but phpBB always stores speciachar'd content we need to specialchar all values before we use them $value = utf8_htmlspecialchars($value); $where = $column . ' '; // remove alias to get plain column name $plain_column = strpos($column, '.') !== false ? substr($column, strpos($column, '.') + 1) : $column; // Adjust value if we need to search for group name. if ($plain_column == 'group_name') { // Define true as second parameter to reverse the mapping (English name to name stored in database) $value = $this->api->get_group_name($value, true); $where = 'LOWER(' . $column . ') '; $value = strtolower($value); } // Make sure usernames are always "cleaned" up if ($plain_column == 'username_clean') { $value = utf8_clean_string($value); } switch ($compareMode) { case 'CONTAINS': $where .= $db->sql_like_expression($db->any_char . $value . $db->any_char); break; case 'EXACTLY_MATCHES': if ($plain_column == 'user_type') { if ($value == 'true') { $where .= ' <> '; } else { $where .= ' = '; } $where .= USER_INACTIVE; } else { $where .= '= \'' . $db->sql_escape($value) . '\''; } break; case 'GREATER_THAN': $where .= '> \'' . (int) $value . '\''; break; case 'LESS_THAN': $where .= '< \'' . (int) $value . '\''; break; case 'STARTS_WITH': $where .= $db->sql_like_expression($value . $db->any_char); break; } return $where; }
<?php if ($success) { ?> <p><?php echo link_to_admin_home_page(__('Return to Dashboard')); ?> </p> <?php } else { ?> <p class="error_text"><?php echo html_escape($error); ?> </p> <pre id="backtrace"><?php echo utf8_htmlspecialchars($exception); ?> </pre> <p class="instruction"> <?php echo __('Please restore from your database backup and try again.'); ?> <?php echo __('If you have any questions please refer to <a href="http://omeka.org/codex">Omeka documentation</a> or post a message on the <a href="http://omeka.org/forums">Omeka forums</a>.'); ?> </p> <?php } ?> </section> </div>
/** * assign / retrun meta tag code */ public function build_meta($page_title = '', $return = false) { // If meta robots was not manually set if (empty($this->meta['robots'])) { // Full request URI (e.g. phpBB/app.php/foo/bar) $request_uri = $this->symfony_request->getRequestUri(); // Deny indexing for any url ending with htm(l) or / aznd with a qs (?) if (preg_match('`(\\.html?|/)\\?[^\\?]*$`i', $request_uri)) { $this->meta['robots'] = 'noindex,follow'; } else { // lets still add some more specific ones $this->config['get_filter'] = array_merge($this->config['get_filter'], array('st', 'sk', 'sd', 'ch')); } // Do we allow indexing based on physical script file name if (empty($this->meta['robots'])) { if (!empty($this->user->page['page_name']) && strpos($this->config['file_filter'], str_replace(".{$this->php_ext}", '', $this->user->page['page_name'])) !== false) { $this->meta['robots'] = 'noindex,follow'; } } // Do we allow indexing based on get variable if (empty($this->meta['robots'])) { foreach ($this->config['get_filter'] as $get) { if (isset($_GET[$get])) { $this->meta['robots'] = 'noindex,follow'; break; } } } // fallback to default if necessary if (empty($this->meta['robots'])) { $this->meta['robots'] = $this->meta_def['robots']; } } if (!empty($this->config['seo_meta_noarchive'])) { $forum_id = isset($_GET['f']) ? max(0, request_var('f', 0)) : 0; if ($forum_id) { $forum_ids = @explode(',', preg_replace('`[\\s]+`', '', trim($this->config['seo_meta_noarchive'], ', '))); if (in_array($forum_id, $forum_ids)) { $this->meta['robots'] .= (!empty($this->meta['robots']) ? ',' : '') . 'noarchive'; } } } // deal with titles, assign the tag if a default is set if (empty($this->meta['title']) && !empty($this->meta_def['title'])) { $this->meta['title'] = $page_title; } $meta_code = ''; foreach ($this->tpl as $key => $value) { if (isset($this->meta[$key])) { // do like this so we can deactivate one particular tag on a given page, // by just setting the meta to an empty string if (trim($this->meta[$key])) { $this->meta[$key] = isset($this->filters[$key]) ? $this->{$this->filters[$key]}($this->meta[$key]) : $this->meta[$key]; } } else { if (!empty($this->meta_def[$key])) { $this->meta[$key] = isset($this->filters[$key]) ? $this->{$this->filters[$key]}($this->meta_def[$key]) : $this->meta_def[$key]; } } if (trim($this->meta[$key])) { $meta_code .= sprintf($value, utf8_htmlspecialchars($this->meta[$key])) . "\n"; } } if (!$return) { $this->template->assign_var('SEO_META_TAGS', $meta_code); } else { return $meta_code; } }
/** * Generate RSS for specified site */ function siteAction($siteId) { if (!Config::get("rssSitesEnabled")) { $this->return404(); } //get category data $site = $this->site->findByPk($siteId); if (empty($site)) { return $this->return404(); } $this->site->attachParents($site); $rawSiteTitle = $site['siteTitle']; $doc = new XmlGenerator(); $rssNode = $doc->createElement('rss'); $doc->appendChild($rssNode); $rssNode->setAttribute('version', '2.0'); $channelNode = new XmlElement('channel'); $rssNode->appendChild($channelNode); //add channel properties $channelNode->addProperty('title', utf8_htmlspecialchars($rawSiteTitle)); $channelNode->addProperty('link', AppRouter::getObjectUrl($site, "siteDetails", true)); $channelNode->addProperty('description', _t('Site') . ' ' . utf8_htmlspecialchars($rawSiteTitle)); $channelNode->addProperty('language', 'fr-fr'); $channelNode->addProperty('lastBuildDate', date('D, j M Y H:i:s O')); $channelNode->addProperty('generator', 'RSS Generator'); $sites = array($site); $this->appendSites($channelNode, $sites); $this->set("doc", $doc); $this->viewClass = "XmlView"; }
/** * {@inheritdoc} */ public function login($username, $password) { // do not allow empty password if (!$password) { return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', 'user_row' => array('user_id' => ANONYMOUS)); } if (!$username) { return array('status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS)); } if (!@extension_loaded('ldap')) { return array('status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => 'LDAP_NO_LDAP_EXTENSION', 'user_row' => array('user_id' => ANONYMOUS)); } $this->config['ldap_port'] = (int) $this->config['ldap_port']; if ($this->config['ldap_port']) { $ldap = @ldap_connect($this->config['ldap_server'], $this->config['ldap_port']); } else { $ldap = @ldap_connect($this->config['ldap_server']); } if (!$ldap) { return array('status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', 'user_row' => array('user_id' => ANONYMOUS)); } @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); if ($this->config['ldap_user'] || $this->config['ldap_password']) { if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password']))) { return array('status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', 'user_row' => array('user_id' => ANONYMOUS)); } } $search = @ldap_search($ldap, htmlspecialchars_decode($this->config['ldap_base_dn']), $this->ldap_user_filter($username), empty($this->config['ldap_email']) ? array(htmlspecialchars_decode($this->config['ldap_uid'])) : array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])), 0, 1); $ldap_result = @ldap_get_entries($ldap, $search); if (is_array($ldap_result) && sizeof($ldap_result) > 1) { if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password))) { @ldap_close($ldap); $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . "\n\t\t\t\t\tWHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($username)) . "'"; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); if ($row) { unset($ldap_result); // User inactive... if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) { return array('status' => LOGIN_ERROR_ACTIVE, 'error_msg' => 'ACTIVE_ERROR', 'user_row' => $row); } // Successful login... set user_login_attempts to zero... return array('status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $row); } else { // retrieve default group id $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_name = '" . $this->db->sql_escape('REGISTERED') . "'\n\t\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } // generate user account data $ldap_user_row = array('username' => $username, 'user_password' => $this->passwords_manager->hash($password), 'user_email' => !empty($this->config['ldap_email']) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '', 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, 'user_ip' => $this->user->ip, 'user_new' => $this->config['new_member_post_limit'] ? 1 : 0); unset($ldap_result); // this is the user's first login so create an empty profile return array('status' => LOGIN_SUCCESS_CREATE_PROFILE, 'error_msg' => false, 'user_row' => $ldap_user_row); } } else { unset($ldap_result); @ldap_close($ldap); // Give status about wrong password... return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'LOGIN_ERROR_PASSWORD', 'user_row' => array('user_id' => ANONYMOUS)); } } @ldap_close($ldap); return array('status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS)); }
/** * Sends an email to the board administrator with their password and some useful links */ function final_stage($mode, $sub) { global $auth, $config, $db, $user, $template, $user, $phpbb_root_path, $phpEx, $phpbb_seo, $cache; $update_info = ''; if (!sizeof($this->errors)) { if ($mode != 'uninstall_gym_sitemaps') { set_gym_config('gym_version', $this->version, 'main', $this->old_config); $this->config_report[] = "SET <b>gym_version</b> to {$this->version}"; set_config('gym_installed', 1); } else { set_config('gym_installed', 0); } add_log('admin', 'SEO_LOG_' . strtoupper($mode), $this->version); } else { set_config('gym_installed', 0); add_log('admin', 'SEO_LOG_' . strtoupper($mode) . '_FAIL', $this->errors); $cache->purge(); $this->p_master->error($user->lang['SEO_ERROR_INSTALL'] . '<br/><pre>' . implode('<br/>', $this->errors) . '</pre>', __LINE__, __FILE__); } $cache->purge(); $this->page_title = $user->lang['STAGE_FINAL']; if ($mode != 'uninstall_gym_sitemaps') { if ($mode == 'update_gym_sitemaps') { $key = 'UPDATE'; $lang_key = strpos($user->lang_name, 'fr') !== false ? 'FR' : ''; if ($update_infos = @file("./docs/update_from_last{$lang_key}.txt")) { foreach ($update_infos as $line) { $line = str_replace(array("\r", "\n"), '', utf8_htmlspecialchars(is_utf8($line) ? $line : utf8_recode($line, 'iso-8859-1'))); $update_info .= (preg_match('`^#`', $line) ? "<b style=\"color:blue;\">{$line}</b>" : $line) . '<br/>'; } } } else { $key = 'INSTALL'; } $submit_action = append_sid($phpbb_root_path . 'adm/index.' . $phpEx . '?sid=' . $user->session_id); $title = $user->lang['SEO_INSTALL_CONGRATS']; $body = sprintf($user->lang["SEO_{$key}_CONGRATS_EXPLAIN"], $this->modrtype_lang['link'], $this->version) . '<br/>' . implode('<br/>', $this->config_report) . "<br/><br/><hr/><pre>{$update_info}</pre>"; } else { $submit_action = append_sid($phpbb_root_path . 'index.' . $phpEx); $title = $user->lang['UN_SEO_INSTALL_CONGRATS']; $body = sprintf($user->lang['UN_SEO_INSTALL_CONGRATS_EXPLAIN'], $this->modrtype_lang['link'], $this->version); } $template->assign_vars(array('TITLE' => $title, 'BODY' => $body, 'L_SUBMIT' => $user->lang['SEO_FINAL_' . strtoupper($mode)], 'U_ACTION' => $submit_action)); }
/** * Splits keywords entered by a user into an array of words stored in $this->split_words * Stores the tidied search query in $this->search_query * * @param string &$keywords Contains the keyword as entered by the user * @param string $terms is either 'all' or 'any' * @return bool false if no valid keywords were found and otherwise true */ function split_keywords(&$keywords, $terms) { global $config; if ($terms == 'all') { $match = array('#\sand\s#iu', '#\sor\s#iu', '#\snot\s#iu', '#\+#', '#-#', '#\|#'); $replace = array(' +', ' |', ' -', ' +', ' -', ' |'); $keywords = preg_replace($match, $replace, $keywords); } // Filter out as above $split_keywords = preg_replace("#[\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords))); // Split words if ($this->pcre_properties) { $split_keywords = preg_replace('#([^\p{L}\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords))); } else if ($this->mbstring_regex) { $split_keywords = mb_ereg_replace('([^\w\'*"()])', '\\1\\1', str_replace('\'\'', '\' \'', trim($split_keywords))); } else { $split_keywords = preg_replace('#([^\w\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords))); } if ($this->pcre_properties) { $matches = array(); preg_match_all('#(?:[^\p{L}\p{N}*"()]|^)([+\-|]?(?:[\p{L}\p{N}*"()]+\'?)*[\p{L}\p{N}*"()])(?:[^\p{L}\p{N}*"()]|$)#u', $split_keywords, $matches); $this->split_words = $matches[1]; } else if ($this->mbstring_regex) { mb_ereg_search_init($split_keywords, '(?:[^\w*"()]|^)([+\-|]?(?:[\w*"()]+\'?)*[\w*"()])(?:[^\w*"()]|$)'); while (($word = mb_ereg_search_regs())) { $this->split_words[] = $word[1]; } } else { $matches = array(); preg_match_all('#(?:[^\w*"()]|^)([+\-|]?(?:[\w*"()]+\'?)*[\w*"()])(?:[^\w*"()]|$)#u', $split_keywords, $matches); $this->split_words = $matches[1]; } // to allow phrase search, we need to concatenate quoted words $tmp_split_words = array(); $phrase = ''; foreach ($this->split_words as $word) { if ($phrase) { $phrase .= ' ' . $word; if (strpos($word, '"') !== false && substr_count($word, '"') % 2 == 1) { $tmp_split_words[] = $phrase; $phrase = ''; } } else if (strpos($word, '"') !== false && substr_count($word, '"') % 2 == 1) { $phrase = $word; } else { $tmp_split_words[] = $word . ' '; } } if ($phrase) { $tmp_split_words[] = $phrase; } $this->split_words = $tmp_split_words; unset($tmp_split_words); unset($phrase); foreach ($this->split_words as $i => $word) { $clean_word = preg_replace('#^[+\-|"]#', '', $word); // check word length $clean_len = utf8_strlen(str_replace('*', '', $clean_word)); if (($clean_len < $config['fulltext_mysql_min_word_len']) || ($clean_len > $config['fulltext_mysql_max_word_len'])) { $this->common_words[] = $word; unset($this->split_words[$i]); } } if ($terms == 'any') { $this->search_query = ''; foreach ($this->split_words as $word) { if ((strpos($word, '+') === 0) || (strpos($word, '-') === 0) || (strpos($word, '|') === 0)) { $word = substr($word, 1); } $this->search_query .= $word . ' '; } } else { $this->search_query = ''; foreach ($this->split_words as $word) { if ((strpos($word, '+') === 0) || (strpos($word, '-') === 0)) { $this->search_query .= $word . ' '; } else if (strpos($word, '|') === 0) { $this->search_query .= substr($word, 1) . ' '; } else { $this->search_query .= '+' . $word . ' '; } } } $this->search_query = utf8_htmlspecialchars($this->search_query); if ($this->search_query) { $this->split_words = array_values($this->split_words); sort($this->split_words); return true; } return false; }
public function raid_check() { global $db, $user, $config; global $phpbb_root_path, $phpbb_admin_path, $phpEx; /* Input Cleanup */ $log = utf8_normalize_nfc(request_var('raidlog', ' ', true)); $log = str_replace("&", "and", html_entity_decode($log)); if (strlen($log) <= 1) { trigger_error($user->lang['RT_STEP1_NODATA'] . $this->Raidtrackerlink, E_USER_WARNING); } /* * validate xml * */ // switch on libxml error handler libxml_use_internal_errors(true); // load and set CDATA as Text nodes // returns a SimpleXMLElement object $this->doc = simplexml_load_string($log, 'SimpleXMLElement', LIBXML_NOCDATA); $xml = explode("\n", $log); if (!$this->doc) { $errors = libxml_get_errors(); if (!empty($errors)) { $message = ''; foreach ($errors as $error) { $message .= utf8_htmlspecialchars($xml[$error->line - 1]) . '<br />' . utf8_htmlspecialchars($xml[$error->line]) . '<br />' . utf8_htmlspecialchars($xml[$error->line + 1]) . "<br />"; switch ($error->level) { case LIBXML_ERR_WARNING: $message .= "Warning {$error->code}: "; break; case LIBXML_ERR_ERROR: $message .= "Error {$error->code}: "; break; case LIBXML_ERR_FATAL: $message .= "Fatal Error {$error->code}: "; break; } $message .= trim($error->message) . '. ' . "Line: {$error->line}, " . "Column: {$error->column}<br />"; if ($error->file) { $message .= " File: {$error->file}<br />"; } $message .= "--------------------------------------------<br />"; } $message = $user->lang['RT_STEP1_INVALIDSTRING_MSG'] . '<br />--------------------------------------------<br />' . $message; // set error handler off - to free memory libxml_clear_errors(); // display errors trigger_error($message . $this->Raidtrackerlink, E_USER_WARNING); } } /********************************************************** * validate tags before processing **********************************************************/ //check realm $this->realm = 'n/a'; if (isset($this->doc->realm)) { $this->realm = (string) $this->doc->realm[0]; } else { //define realm from bbdkp default guild $Guild = new \bbdkp\controller\guilds\Guilds(); $guildlist = $Guild->guildlist(1); foreach ($guildlist as $g) { if ($this->realm == 'n/a') { $this->realm = $g['realm']; } } } // check start tag if (isset($this->doc->start)) { $this->start = (int) is_numeric((string) $this->doc->start[0]) ? (string) $this->doc->start[0] : strtotime((string) $this->doc->start[0]); } else { trigger_error($user->lang['RT_ERR_NOSTARTTAG'] . $this->Raidtrackerlink, E_USER_WARNING); } /*you can't parse a raid twice : check for an already parsed raid 30 minutes before or after this one */ $sql = ' select count(*) as checktime from ' . RT_TEMP_RAIDINFO . ' '; $sql .= ' where (starttime < ' . strval($this->start + 1800) . ' ) and ( starttime > ' . strval($this->start - 1800) . ' ) '; $result = $result = $db->sql_query($sql); $checkexists = (int) $db->sql_fetchfield('checktime'); $db->sql_freeresult($result); if ($checkexists != 0) { trigger_error($user->lang['RT_ERR_DUPLICATE'] . $this->Raidtrackerlink, E_USER_WARNING); } //raid end if (isset($this->doc->end)) { $this->end = (int) is_numeric((string) $this->doc->end[0]) ? (string) $this->doc->end[0] : strtotime((string) $this->doc->end[0]); } else { trigger_error($user->lang['RT_ERR_NOENDTAG'] . $this->Raidtrackerlink, E_USER_WARNING); } //check if there is a bosskill tag $this->Bosskills = array(); if (isset($this->doc->BossKills)) { $this->Bosskills = (array) $this->doc->BossKills[0]; if (sizeof($this->Bosskills) > 0) { foreach ($this->Bosskills as $key => $Bosskill) { $Bosskill = (array) $Bosskill; $bosskilltime[] = (int) is_numeric((string) $Bosskill['time']) ? (string) $Bosskill['time'] : strtotime((string) $Bosskill['time']); } if ($this->end == 0) { // assume end at last bosskill time $this->end = max($bosskilltime) + 10; } } } if (!isset($this->doc->PlayerInfos)) { trigger_error($user->lang['RT_ERR_NOPLAYERINFOSTAG'] . $this->Raidtrackerlink, E_USER_WARNING); } if (!isset($this->doc->PlayerInfos->key1->name)) { // no name tag trigger_error($user->lang['RT_ERR_NOPLAYER_NAME_STAG'] . $this->Raidtrackerlink, E_USER_WARNING); } if (!isset($this->doc->PlayerInfos->key1->race)) { // no race tag trigger_error($user->lang['RT_ERR_NOPLAYER_RACE_TAG'] . $this->Raidtrackerlink, E_USER_WARNING); } if (!isset($this->doc->PlayerInfos->key1->class)) { // no class tag trigger_error($user->lang['RT_ERR_NOPLAYER_CLASS_TAG'] . $this->Raidtrackerlink, E_USER_WARNING); } if (!isset($this->doc->PlayerInfos->key1->level)) { // no level tag trigger_error($user->lang['RT_ERR_NOPLAYER_LEVEL_TAG'] . $this->Raidtrackerlink, E_USER_WARNING); } if (!isset($this->doc->Join)) { trigger_error($user->lang['RT_ERR_NOJOINTAG'] . $this->Raidtrackerlink, E_USER_WARNING); } if (!isset($this->doc->Leave)) { trigger_error($user->lang['RT_ERR_NOLEAVETAG'] . $this->Raidtrackerlink, E_USER_WARNING); } return true; }
// Does post have an attachment? If so, add it to the list $attach_list = array(); if (isset($row['post_attachment']) && $row['post_attachment'] && $config['rss_allow_attachments']) { $attach_list[] = $row['post_id']; } $template->assign_block_vars('items', array( 'TITLE' => ( $row[$row_title] ) ? $row[$row_title] : $row[$row_title2], 'LINK' => htmlspecialchars($item_link), 'DESCRIPTION' => ( $row_text != '' && $show_text) ? generate_content($row[$row_text], $row[$row_uid], $row[$row_bit], $attach_list, $row['post_id'], $row['forum_id']) : '', 'STATISTICS' => ( !$config['rss_items_statistics'] ) ? '' : $user->lang['STATISTICS'] . ' : ' . $stats, 'PUBDATE' => ( !$config['rss_items_statistics'] ) ? '' : date2822(false, $row[$row_date]), 'CATEGORY' => ( !$config['rss_items_statistics'] ) ? '' : "$board_url/viewforum.$phpEx?f={$row['forum_id']}", 'CATEGORY_NAME' => ( !$config['rss_items_statistics'] ) ? '' : utf8_htmlspecialchars($row['forum_name']), 'AUTHOR' => ( !$config['rss_items_statistics'] ) ? '' : ( ($user_data[$row[$row_creator]]['user_allow_viewemail']) ? $user_data[$row[$row_creator]]['user_email'] : $config['board_email'] ) . ' (' . $user_data[$row[$row_creator]]['username'] . ')', 'GUID' => htmlspecialchars($item_link), )); unset($attach_list); } // Set custom template for styles area $template->set_custom_template($phpbb_root_path . 'styles', 'rss'); // the rss template is never stored in the database $user->theme['template_storedb'] = false; $template->assign_vars(array( 'FEED_ENCODING' => '<?xml version="1.0" encoding="UTF-8"?>',
function send_message($to, $text, $subject = '', $type = 'normal') { if (!isset($this->session['jid'])) { return false; } if (!in_array($type, array('chat', 'normal', 'error', 'groupchat', 'headline'))) { $type = 'normal'; } return $this->send("<message from='" . utf8_htmlspecialchars($this->session['jid']) . "' to='" . utf8_htmlspecialchars($to) . "' type='{$type}' id='" . uniqid('msg') . "'>\n\t\t\t<subject>" . utf8_htmlspecialchars($subject) . "</subject>\n\t\t\t<body>" . utf8_htmlspecialchars($text) . "</body>\n\t\t\t</message>"); }
/** * Splits keywords entered by a user into an array of words stored in $this->split_words * Stores the tidied search query in $this->search_query * * @param string &$keywords Contains the keyword as entered by the user * @param string $terms is either 'all' or 'any' * @return bool false if no valid keywords were found and otherwise true */ public function split_keywords(&$keywords, $terms) { if ($terms == 'all') { $match = array('#\\sand\\s#iu', '#\\sor\\s#iu', '#\\snot\\s#iu', '#(^|\\s)\\+#', '#(^|\\s)-#', '#(^|\\s)\\|#'); $replace = array(' +', ' |', ' -', ' +', ' -', ' |'); $keywords = preg_replace($match, $replace, $keywords); } // Filter out as above $split_keywords = preg_replace("#[\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords))); // Split words $split_keywords = preg_replace('#([^\\p{L}\\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords))); $matches = array(); preg_match_all('#(?:[^\\p{L}\\p{N}*"()]|^)([+\\-|]?(?:[\\p{L}\\p{N}*"()]+\'?)*[\\p{L}\\p{N}*"()])(?:[^\\p{L}\\p{N}*"()]|$)#u', $split_keywords, $matches); $this->split_words = $matches[1]; // We limit the number of allowed keywords to minimize load on the database if ($this->config['max_num_search_keywords'] && sizeof($this->split_words) > $this->config['max_num_search_keywords']) { trigger_error($this->user->lang('MAX_NUM_SEARCH_KEYWORDS_REFINE', (int) $this->config['max_num_search_keywords'], sizeof($this->split_words))); } // to allow phrase search, we need to concatenate quoted words $tmp_split_words = array(); $phrase = ''; foreach ($this->split_words as $word) { if ($phrase) { $phrase .= ' ' . $word; if (strpos($word, '"') !== false && substr_count($word, '"') % 2 == 1) { $tmp_split_words[] = $phrase; $phrase = ''; } } else { if (strpos($word, '"') !== false && substr_count($word, '"') % 2 == 1) { $phrase = $word; } else { $tmp_split_words[] = $word; } } } if ($phrase) { $tmp_split_words[] = $phrase; } $this->split_words = $tmp_split_words; unset($tmp_split_words); unset($phrase); foreach ($this->split_words as $i => $word) { $clean_word = preg_replace('#^[+\\-|"]#', '', $word); // check word length $clean_len = utf8_strlen(str_replace('*', '', $clean_word)); if ($clean_len < $this->config['fulltext_mysql_min_word_len'] || $clean_len > $this->config['fulltext_mysql_max_word_len']) { $this->common_words[] = $word; unset($this->split_words[$i]); } } if ($terms == 'any') { $this->search_query = ''; foreach ($this->split_words as $word) { if (strpos($word, '+') === 0 || strpos($word, '-') === 0 || strpos($word, '|') === 0) { $word = substr($word, 1); } $this->search_query .= $word . ' '; } } else { $this->search_query = ''; foreach ($this->split_words as $word) { if (strpos($word, '+') === 0 || strpos($word, '-') === 0) { $this->search_query .= $word . ' '; } else { if (strpos($word, '|') === 0) { $this->search_query .= substr($word, 1) . ' '; } else { $this->search_query .= '+' . $word . ' '; } } } } $this->search_query = utf8_htmlspecialchars($this->search_query); if ($this->search_query) { $this->split_words = array_values($this->split_words); sort($this->split_words); return true; } return false; }
$global_vars = array('FEED_IMAGE' => $user->img('site_logo', '', false, '', 'src') ? $board_url . '/' . substr($user->img('site_logo', '', false, '', 'src'), strlen($phpbb_root_path)) : '', 'SELF_LINK' => feed_append_sid('/feed.' . $phpEx, $params), 'FEED_LINK' => $board_url . '/index.' . $phpEx, 'FEED_TITLE' => $config['sitename'], 'FEED_SUBTITLE' => $config['site_desc'], 'FEED_UPDATED' => $user->format_date(time(), $feed_date_format, true), 'FEED_LANG' => $user->lang['USER_LANG'], 'FEED_AUTHOR' => $config['sitename']); // Iterate through items while ($row = $feed->get_item()) { // BBCode options to correctly disable urls, smilies, bbcode... if ($feed->get('options') === NULL) { // Allow all combinations $options = 7; if ($feed->get('enable_bbcode') !== NULL && $feed->get('enable_smilies') !== NULL && $feed->get('enable_magic_url') !== NULL) { $options = ($row[$feed->get('enable_bbcode')] ? OPTION_FLAG_BBCODE : 0) + ($row[$feed->get('enable_smilies')] ? OPTION_FLAG_SMILIES : 0) + ($row[$feed->get('enable_magic_url')] ? OPTION_FLAG_LINKS : 0); } } else { $options = $row[$feed->get('options')]; } $title = $row[$feed->get('title')] ? $row[$feed->get('title')] : (isset($row[$feed->get('title2')]) ? $row[$feed->get('title2')] : ''); $title = censor_text($title); $item_row = array('author' => $feed->get('creator') !== NULL ? $row[$feed->get('creator')] : '', 'pubdate' => $user->format_date($row[$feed->get('date')], $feed_date_format, true), 'link' => '', 'title' => censor_text($title), 'category' => $config['feed_item_statistics'] ? $board_url . '/viewforum.' . $phpEx . '?f=' . $row['forum_id'] : '', 'category_name' => $config['feed_item_statistics'] ? utf8_htmlspecialchars($row['forum_name']) : '', 'description' => censor_text(feed_generate_content($row[$feed->get('text')], $row[$feed->get('bbcode_uid')], $row[$feed->get('bitfield')], $options)), 'statistics' => ''); // Adjust items, fill link, etc. $feed->adjust_item($item_row, $row); $item_vars[] = $item_row; } $feed->close(); // Output page // gzip_compression if ($config['gzip_compress']) { if (@extension_loaded('zlib') && !headers_sent()) { ob_start('ob_gzhandler'); } } // IF debug extra is enabled and admin want to "explain" the page we need to set other headers... if (!defined('DEBUG_EXTRA') || !request_var('explain', 0) || !$auth->acl_get('a_')) { header("Content-Type: application/atom+xml; charset=UTF-8");
/** * Provides a css editor and a basic easier to use stylesheet editing tool for less experienced (or lazy) users * * @param int $theme_id specifies which theme is being edited */ function edit_theme($theme_id) { global $phpbb_root_path, $phpEx, $config, $db, $cache, $user, $template, $safe_mode; $this->page_title = 'EDIT_THEME'; $filelist = $filelist_cats = array(); $theme_data = utf8_normalize_nfc(request_var('template_data', '', true)); $theme_data = htmlspecialchars_decode($theme_data); $theme_file = utf8_normalize_nfc(request_var('template_file', '', true)); $text_rows = max(5, min(999, request_var('text_rows', 20))); $save_changes = isset($_POST['save']) ? true : false; // make sure theme_file path doesn't go upwards $theme_file = str_replace('..', '.', $theme_file); // Retrieve some information about the theme $sql = 'SELECT theme_storedb, theme_path, theme_name, theme_data FROM ' . STYLES_THEME_TABLE . "\n\t\t\tWHERE theme_id = {$theme_id}"; $result = $db->sql_query($sql); if (!($theme_info = $db->sql_fetchrow($result))) { trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING); } $db->sql_freeresult($result); // save changes to the theme if the user submitted any if ($save_changes) { // Get the filesystem location of the current file $file = "{$phpbb_root_path}styles/{$theme_info['theme_path']}/theme/{$theme_file}"; $additional = ''; $message = $user->lang['THEME_UPDATED']; // If the theme is stored on the filesystem try to write the file else store it in the database if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && @is_writable($file)) { if (!($fp = @fopen($file, 'wb'))) { trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING); } fwrite($fp, $theme_data); fclose($fp); } else { // Write stylesheet to db $sql_ary = array('theme_mtime' => time(), 'theme_storedb' => 1, 'theme_data' => $this->db_theme_data($theme_info, $theme_data)); $sql = 'UPDATE ' . STYLES_THEME_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE theme_id = ' . $theme_id; $db->sql_query($sql); $cache->destroy('sql', STYLES_THEME_TABLE); // notify the user if the theme was not stored in the db before his modification if (!$theme_info['theme_storedb']) { add_log('admin', 'LOG_THEME_EDIT_DETAILS', $theme_info['theme_name']); $message .= '<br />' . $user->lang['EDIT_THEME_STORED_DB']; } } $cache->destroy('sql', STYLES_THEME_TABLE); add_log('admin', !$theme_info['theme_storedb'] ? 'LOG_THEME_EDIT_FILE' : 'LOG_THEME_EDIT', $theme_info['theme_name'], !$theme_info['theme_storedb'] ? $theme_file : ''); trigger_error($message . adm_back_link($this->u_action . "&action=edit&id={$theme_id}&template_file={$theme_file}&text_rows={$text_rows}")); } // Generate a category array containing theme filenames if (!$theme_info['theme_storedb']) { $theme_path = "{$phpbb_root_path}styles/{$theme_info['theme_path']}/theme"; $filelist = filelist($theme_path, '', 'css'); if ($theme_file) { if (!file_exists($theme_path . "/{$theme_file}") || !($theme_data = file_get_contents($theme_path . "/{$theme_file}"))) { trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING); } } } else { $theme_data =& $theme_info['theme_data']; } // Now create the categories $filelist_cats[''] = array(); foreach ($filelist as $pathfile => $file_ary) { // Use the directory name as category name if (!empty($pathfile)) { $filelist_cats[$pathfile] = array(); foreach ($file_ary as $file) { $filelist_cats[$pathfile][$pathfile . $file] = $file; } } else { $cats = array(); foreach ($file_ary as $file) { $cats[] = substr($file, 0, strpos($file, '_')); $filelist_cats[substr($file, 0, strpos($file, '_'))][$file] = $file; } $cats = array_values(array_unique($cats)); // we don't need any single element categories so put them into the misc '' category for ($i = 0, $n = sizeof($cats); $i < $n; $i++) { if (sizeof($filelist_cats[$cats[$i]]) == 1 && $cats[$i] !== '') { $filelist_cats[''][key($filelist_cats[$cats[$i]])] = current($filelist_cats[$cats[$i]]); unset($filelist_cats[$cats[$i]]); } } unset($cats); } } unset($filelist); // Generate list of categorised theme files $tpl_options = ''; ksort($filelist_cats); foreach ($filelist_cats as $category => $tpl_ary) { ksort($tpl_ary); if (!empty($category)) { $tpl_options .= '<option class="sep" value="">' . $category . '</option>'; } foreach ($tpl_ary as $filename => $file) { $selected = $theme_file == $filename ? ' selected="selected"' : ''; $tpl_options .= '<option value="' . $filename . '"' . $selected . '>' . $file . '</option>'; } } $template->assign_vars(array('S_EDIT_THEME' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields(array('template_file' => $theme_file)), 'S_THEME_IN_DB' => $theme_info['theme_storedb'], 'S_TEMPLATES' => $tpl_options, 'U_ACTION' => $this->u_action . "&action=edit&id={$theme_id}&text_rows={$text_rows}", 'U_BACK' => $this->u_action, 'L_EDIT' => $user->lang['EDIT_THEME'], 'L_EDIT_EXPLAIN' => $user->lang['EDIT_THEME_EXPLAIN'], 'L_EDITOR' => $user->lang['THEME_EDITOR'], 'L_EDITOR_HEIGHT' => $user->lang['THEME_EDITOR_HEIGHT'], 'L_FILE' => $user->lang['THEME_FILE'], 'L_SELECT' => $user->lang['SELECT_THEME'], 'L_SELECTED' => $user->lang['SELECTED_THEME'], 'L_SELECTED_FILE' => $user->lang['SELECTED_THEME_FILE'], 'SELECTED_TEMPLATE' => $theme_info['theme_name'], 'TEMPLATE_FILE' => $theme_file, 'TEMPLATE_DATA' => utf8_htmlspecialchars($theme_data), 'TEXT_ROWS' => $text_rows)); }
function insert_modification_product($src_modification_id) { global $db, $src_db, $same_db, $convert, $user, $config; //Get source modification data $sql = 'SELECT * FROM ' . $convert->src_table_prefix . 'garage_mods WHERE id = ' . $src_modification_id; $result = $src_db->sql_query($sql); $row = $src_db->sql_fetchrow($result); $src_db->sql_freeresult($result); //Get Modification Business $business_id = get_placeholder_manufacturer_id(); //Check for duplicate modification product $sql = "SELECT title, id\n\t\tFROM " . GARAGE_PRODUCTS_TABLE . "\n\t\tWHERE title = '" . str_replace("'", "\\'", $row['title']) . "'"; $result = $db->sql_query($sql); $prow = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (empty($prow['id'])) { $sql = 'INSERT INTO ' . GARAGE_PRODUCTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('title' => utf8_htmlspecialchars(phpbb_set_encoding($row['title'])), 'business_id' => $business_id, 'category_id' => $row['category_id'], 'pending' => 0)); $db->sql_query($sql); return $db->sql_nextid(); } else { return $prow['id']; } }
/** * assign / retrun meta tag code */ function build_meta($page_title = '', $return = false) { global $phpEx, $user, $phpbb_seo, $template, $config; // If meta robots was not manually set if (empty($this->meta['robots'])) { // If url Rewriting is on, we shall be more strict on noindex (since we can :p) if (!empty($phpbb_seo->seo_opt['url_rewrite'])) { // If url Rewriting is on, we can deny indexing for any rewritten url with ? if (preg_match('`(\\.html?|/)\\?[^\\?]*$`i', $phpbb_seo->seo_path['uri'])) { $this->meta['robots'] = 'noindex,follow'; } else { // lets still add some more specific ones $this->mconfig['get_filter'] = array_merge($this->mconfig['get_filter'], array('st', 'sk', 'sd', 'ch')); } } // Do we allow indexing based on physical script file name if (empty($this->meta['robots'])) { if (strpos($this->mconfig['file_filter'], str_replace(".{$phpEx}", '', $user->page['page_name'])) !== false) { $this->meta['robots'] = 'noindex,follow'; } } // Do we allow indexing based on get variable if (empty($this->meta['robots'])) { foreach ($this->mconfig['get_filter'] as $get) { if (isset($_GET[$get])) { $this->meta['robots'] = 'noindex,follow'; break; } } } // fallback to default if necessary if (empty($this->meta['robots'])) { $this->meta['robots'] = $this->meta_def['robots']; } } if (!empty($config['seo_meta_noarchive'])) { $forum_id = isset($_GET['f']) ? max(0, (int) request_var('f', 0)) : 0; if ($forum_id) { $forum_ids = @explode(',', preg_replace('`[\\s]+`', '', trim($config['seo_meta_noarchive'], ', '))); if (in_array($forum_id, $forum_ids)) { $this->meta['robots'] .= (!empty($this->meta['robots']) ? ',' : '') . 'noarchive'; } } } // deal with titles, assign the tag if a default is set if (empty($this->meta['title']) && !empty($this->meta_def['title'])) { $this->meta['title'] = $page_title; } $meta_code = ''; foreach ($this->tpl as $key => $value) { if (isset($this->meta[$key])) { // do like this so we can deactivate one particular tag on a given page, // by just setting the meta to an empty string if (trim($this->meta[$key])) { $this->meta[$key] = isset($this->filters[$key]) ? $this->{$this->filters[$key]}($this->meta[$key]) : $this->meta[$key]; } } else { if (!empty($this->meta_def[$key])) { $this->meta[$key] = isset($this->filters[$key]) ? $this->{$this->filters[$key]}($this->meta_def[$key]) : $this->meta_def[$key]; } } if (trim($this->meta[$key])) { $meta_code .= sprintf($value, utf8_htmlspecialchars($this->meta[$key])) . "\n"; } } if (!$return) { $template->assign_var('META_TAG', $meta_code); } else { return $meta_code; } }
/** * Trying to convert returned system message to utf8 * * PHP assumes such messages are ISO-8859-1 so we'll do that too * and if it breaks messages we'll blame it on them ;-) */ function utf8_convert_message($message) { // First of all check if conversion is neded at all, as there is no point // in converting ASCII messages from ISO-8859-1 to UTF-8 if (!preg_match('/[\x80-\xFF]/', $message)) { return utf8_htmlspecialchars($message); } // else we need to convert some part of the message return utf8_htmlspecialchars(utf8_recode($message, 'ISO-8859-1')); }
/** * Transfers the relevant configuration information from the source forum * The mapping of fields is specified in $config_schema, see convert_phpbb20.php for more details */ function restore_config($schema) { global $db, $config; $convert_config = get_config(); foreach ($schema['settings'] as $config_name => $src) { if (preg_match('/(.*)\\((.*)\\)/', $src, $m)) { $var = empty($m[2]) || empty($convert_config[$m[2]]) ? "''" : "'" . addslashes($convert_config[$m[2]]) . "'"; $exec = '$config_value = ' . $m[1] . '(' . $var . ');'; // @codingStandardsIgnoreStart eval($exec); // @codingStandardsIgnoreEnd } else { if ($schema['table_format'] != 'file' || empty($schema['array_name'])) { $config_value = isset($convert_config[$src]) ? $convert_config[$src] : ''; } else { if (!empty($schema['array_name'])) { $src_ary = $schema['array_name']; $config_value = isset($convert_config[$src_ary][$src]) ? $convert_config[$src_ary][$src] : ''; } } } if ($config_value !== '') { // Most are... if (is_string($config_value)) { $config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, 255, false); } set_config($config_name, $config_value); } } }
/** * Function where all data changes are executed */ function change_database_data(&$no_updates, $version) { global $db, $map_dbms, $errored, $error_ary, $config, $phpbb_root_path, $phpEx; switch ($version) { case '3.0.RC2': $smileys = array(); $sql = 'SELECT smiley_id, code FROM ' . SMILIES_TABLE; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $smileys[$row['smiley_id']] = $row['code']; } $db->sql_freeresult($result); foreach ($smileys as $id => $code) { // 2.0 only entitized lt and gt; We need to do something about double quotes. if (strchr($code, '"') === false) { continue; } $new_code = str_replace('&', '&', $code); $new_code = str_replace('<', '<', $new_code); $new_code = str_replace('>', '>', $new_code); $new_code = utf8_htmlspecialchars($new_code); $sql = 'UPDATE ' . SMILIES_TABLE . ' SET code = \'' . $db->sql_escape($new_code) . '\' WHERE smiley_id = ' . (int) $id; $db->sql_query($sql); } $index_list = sql_list_index($map_dbms, ACL_ROLES_DATA_TABLE); if (in_array('ath_opt_id', $index_list)) { sql_index_drop($map_dbms, 'ath_opt_id', ACL_ROLES_DATA_TABLE); sql_create_index($map_dbms, 'ath_op_id', ACL_ROLES_DATA_TABLE, array('auth_option_id')); } $no_updates = false; break; case '3.0.RC3': if ($map_dbms === 'postgres') { $sql = "SELECT SETVAL('" . FORUMS_TABLE . "_seq',(select case when max(forum_id)>0 then max(forum_id)+1 else 1 end from " . FORUMS_TABLE . '));'; _sql($sql, $errored, $error_ary); } // we check for: // ath_opt_id // ath_op_id // ACL_ROLES_DATA_TABLE_ath_opt_id // we want ACL_ROLES_DATA_TABLE_ath_op_id $table_index_fix = array( ACL_ROLES_DATA_TABLE => array( 'ath_opt_id' => 'ath_op_id', 'ath_op_id' => 'ath_op_id', ACL_ROLES_DATA_TABLE . '_ath_opt_id' => 'ath_op_id' ), STYLES_IMAGESET_DATA_TABLE => array( 'i_id' => 'i_d', 'i_d' => 'i_d', STYLES_IMAGESET_DATA_TABLE . '_i_id' => 'i_d' ) ); // we need to create some indicies... $needed_creation = array(); foreach ($table_index_fix as $table_name => $index_info) { $index_list = sql_list_fake($map_dbms, $table_name); foreach ($index_info as $bad_index => $good_index) { if (in_array($bad_index, $index_list)) { // mysql is actually OK, it won't get a hand in this crud switch ($map_dbms) { // last version, mssql had issues with index removal case 'mssql': $sql = 'DROP INDEX ' . $table_name . '.' . $bad_index; _sql($sql, $errored, $error_ary); break; // last version, firebird, oracle, postgresql and sqlite all got bad index names // we got kinda lucky, tho: they all support the same syntax case 'firebird': case 'oracle': case 'postgres': case 'sqlite': $sql = 'DROP INDEX ' . $bad_index; _sql($sql, $errored, $error_ary); break; } // If the good index already exist we do not need to create it again... if (($map_dbms == 'mysql_40' || $map_dbms == 'mysql_41') && $bad_index == $good_index) { } else { $needed_creation[$table_name][$good_index] = 1; } } } } $new_index_defs = array('ath_op_id' => array('auth_option_id'), 'i_d' => array('imageset_id')); foreach ($needed_creation as $bad_table => $index_repair_list) { foreach ($index_repair_list as $new_index => $garbage) { sql_create_index($map_dbms, $new_index, $bad_table, $new_index_defs[$new_index]); } } // Make sure empty smiley codes do not exist $sql = 'DELETE FROM ' . SMILIES_TABLE . " WHERE code = ''"; _sql($sql, $errored, $error_ary); set_config('allow_birthdays', '1'); set_config('cron_lock', '0', true); $no_updates = false; break; case '3.0.RC4': $update_auto_increment = array( STYLES_TABLE => 'style_id', STYLES_TEMPLATE_TABLE => 'template_id', STYLES_THEME_TABLE => 'theme_id', STYLES_IMAGESET_TABLE => 'imageset_id' ); $sql = 'SELECT * FROM ' . STYLES_TABLE . ' WHERE style_id = 0'; $result = _sql($sql, $errored, $error_ary); $bad_style_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($bad_style_row) { $sql = 'SELECT MAX(style_id) as max_id FROM ' . STYLES_TABLE; $result = _sql($sql, $errored, $error_ary); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $proper_id = $row['max_id'] + 1; _sql('UPDATE ' . STYLES_TABLE . " SET style_id = $proper_id WHERE style_id = 0", $errored, $error_ary); _sql('UPDATE ' . FORUMS_TABLE . " SET forum_style = $proper_id WHERE forum_style = 0", $errored, $error_ary); _sql('UPDATE ' . USERS_TABLE . " SET user_style = $proper_id WHERE user_style = 0", $errored, $error_ary); $sql = 'SELECT config_value FROM ' . CONFIG_TABLE . " WHERE config_name = 'default_style'"; $result = _sql($sql, $errored, $error_ary); $style_config = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($style_config['config_value'] === '0') { set_config('default_style', (string) $proper_id); } } $sql = 'SELECT * FROM ' . STYLES_TEMPLATE_TABLE . ' WHERE template_id = 0'; $result = _sql($sql, $errored, $error_ary); $bad_style_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($bad_style_row) { $sql = 'SELECT MAX(template_id) as max_id FROM ' . STYLES_TEMPLATE_TABLE; $result = _sql($sql, $errored, $error_ary); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $proper_id = $row['max_id'] + 1; _sql('UPDATE ' . STYLES_TABLE . " SET template_id = $proper_id WHERE template_id = 0", $errored, $error_ary); } $sql = 'SELECT * FROM ' . STYLES_THEME_TABLE . ' WHERE theme_id = 0'; $result = _sql($sql, $errored, $error_ary); $bad_style_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($bad_style_row) { $sql = 'SELECT MAX(theme_id) as max_id FROM ' . STYLES_THEME_TABLE; $result = _sql($sql, $errored, $error_ary); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $proper_id = $row['max_id'] + 1; _sql('UPDATE ' . STYLES_TABLE . " SET theme_id = $proper_id WHERE theme_id = 0", $errored, $error_ary); } $sql = 'SELECT * FROM ' . STYLES_IMAGESET_TABLE . ' WHERE imageset_id = 0'; $result = _sql($sql, $errored, $error_ary); $bad_style_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($bad_style_row) { $sql = 'SELECT MAX(imageset_id) as max_id FROM ' . STYLES_IMAGESET_TABLE; $result = _sql($sql, $errored, $error_ary); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $proper_id = $row['max_id'] + 1; _sql('UPDATE ' . STYLES_TABLE . " SET imageset_id = $proper_id WHERE imageset_id = 0", $errored, $error_ary); _sql('UPDATE ' . STYLES_IMAGESET_DATA_TABLE . " SET imageset_id = $proper_id WHERE imageset_id = 0", $errored, $error_ary); } if ($map_dbms == 'mysql_40' || $map_dbms == 'mysql_41') { foreach ($update_auto_increment as $auto_table_name => $auto_column_name) { $sql = "SELECT MAX({$auto_column_name}) as max_id FROM {$auto_table_name}"; $result = _sql($sql, $errored, $error_ary); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $max_id = ((int) $row['max_id']) + 1; _sql("ALTER TABLE {$auto_table_name} AUTO_INCREMENT = {$max_id}", $errored, $error_ary); } } else if ($map_dbms == 'postgres') { foreach ($update_auto_increment as $auto_table_name => $auto_column_name) { $sql = "SELECT SETVAL('" . $auto_table_name . "_seq',(select case when max({$auto_column_name})>0 then max({$auto_column_name})+1 else 1 end from " . $auto_table_name . '));'; _sql($sql, $errored, $error_ary); } $sql = 'DROP SEQUENCE ' . STYLES_TEMPLATE_DATA_TABLE . '_seq'; _sql($sql, $errored, $error_ary); } else if ($map_dbms == 'firebird') { $sql = 'DROP TRIGGER t_' . STYLES_TEMPLATE_DATA_TABLE; _sql($sql, $errored, $error_ary); $sql = 'DROP GENERATOR ' . STYLES_TEMPLATE_DATA_TABLE . '_gen'; _sql($sql, $errored, $error_ary); } else if ($map_dbms == 'oracle') { $sql = 'DROP TRIGGER t_' . STYLES_TEMPLATE_DATA_TABLE; _sql($sql, $errored, $error_ary); $sql = 'DROP SEQUENCE ' . STYLES_TEMPLATE_DATA_TABLE . '_seq'; _sql($sql, $errored, $error_ary); } else if ($map_dbms == 'mssql') { // we use transactions because we need to have a working DB at the end of all of this $db->sql_transaction('begin'); $sql = 'SELECT * FROM ' . STYLES_TEMPLATE_DATA_TABLE; $result = _sql($sql, $errored, $error_ary); $old_style_rows = array(); while ($row = $db->sql_fetchrow($result)) { $old_style_rows[] = $row; } $db->sql_freeresult($result); // death to the table, it is evil! $sql = 'DROP TABLE ' . STYLES_TEMPLATE_DATA_TABLE; _sql($sql, $errored, $error_ary); // the table of awesomeness, praise be to it (or something) $sql = 'CREATE TABLE [' . STYLES_TEMPLATE_DATA_TABLE . "] ( [template_id] [int] DEFAULT (0) NOT NULL , [template_filename] [varchar] (100) DEFAULT ('') NOT NULL , [template_included] [varchar] (8000) DEFAULT ('') NOT NULL , [template_mtime] [int] DEFAULT (0) NOT NULL , [template_data] [text] DEFAULT ('') NOT NULL ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]"; _sql($sql, $errored, $error_ary); // index? index $sql = 'CREATE INDEX [tid] ON [' . STYLES_TEMPLATE_DATA_TABLE . ']([template_id]) ON [PRIMARY]'; _sql($sql, $errored, $error_ary); // yet another index $sql = 'CREATE INDEX [tfn] ON [' . STYLES_TEMPLATE_DATA_TABLE . ']([template_filename]) ON [PRIMARY]'; _sql($sql, $errored, $error_ary); foreach ($old_style_rows as $return_row) { _sql('INSERT INTO ' . STYLES_TEMPLATE_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $return_row), $errored, $error_ary); } $db->sql_transaction('commit'); } // Setting this here again because new installations may not have it... set_config('cron_lock', '0', true); set_config('ldap_port', ''); set_config('ldap_user_filter', ''); $no_updates = false; break; case '3.0.RC5': // In case the user is having the bot mediapartner google "as is", adjust it. $sql = 'UPDATE ' . BOTS_TABLE . " SET bot_agent = '" . $db->sql_escape('Mediapartners-Google') . "' WHERE bot_agent = '" . $db->sql_escape('Mediapartners-Google/') . "'"; _sql($sql, $errored, $error_ary); set_config('form_token_lifetime', '7200'); set_config('form_token_mintime', '0'); set_config('min_time_reg', '5'); set_config('min_time_terms', '2'); set_config('form_token_sid_guests', '1'); $db->sql_transaction('begin'); $sql = 'SELECT forum_id, forum_password FROM ' . FORUMS_TABLE; $result = _sql($sql, $errored, $error_ary); while ($row = $db->sql_fetchrow($result)) { if (!empty($row['forum_password'])) { _sql('UPDATE ' . FORUMS_TABLE . " SET forum_password = '******'forum_password']) . "' WHERE forum_id = {$row['forum_id']}", $errored, $error_ary); } } $db->sql_freeresult($result); $db->sql_transaction('commit'); $no_updates = false; break; case '3.0.0': $sql = 'UPDATE ' . TOPICS_TABLE . " SET topic_last_view_time = topic_last_post_time WHERE topic_last_view_time = 0"; _sql($sql, $errored, $error_ary); // Update smiley sizes $smileys = array('icon_e_surprised.gif', 'icon_eek.gif', 'icon_cool.gif', 'icon_lol.gif', 'icon_mad.gif', 'icon_razz.gif', 'icon_redface.gif', 'icon_cry.gif', 'icon_evil.gif', 'icon_twisted.gif', 'icon_rolleyes.gif', 'icon_exclaim.gif', 'icon_question.gif', 'icon_idea.gif', 'icon_arrow.gif', 'icon_neutral.gif', 'icon_mrgreen.gif', 'icon_e_ugeek.gif'); foreach ($smileys as $smiley) { if (file_exists($phpbb_root_path . 'images/smilies/' . $smiley)) { list($width, $height) = getimagesize($phpbb_root_path . 'images/smilies/' . $smiley); $sql = 'UPDATE ' . SMILIES_TABLE . ' SET smiley_width = ' . $width . ', smiley_height = ' . $height . " WHERE smiley_url = '" . $db->sql_escape($smiley) . "'"; _sql($sql, $errored, $error_ary); } } $no_updates = false; break; // No changes from 3.0.1-RC1 to 3.0.1 case '3.0.1-RC1': break; // changes from 3.0.1 to 3.0.2-RC1 case '3.0.1': set_config('referer_validation', '1'); set_config('check_attachment_content', '1'); set_config('mime_triggers', 'body|head|html|img|plaintext|a href|pre|script|table|title'); $no_updates = false; break; // No changes from 3.0.2-RC1 to 3.0.2-RC2 case '3.0.2-RC1': break; // No changes from 3.0.2-RC2 to 3.0.2 case '3.0.2-RC2': break; // Changes from 3.0.2 to 3.0.3-RC1 case '3.0.2': set_config('enable_queue_trigger', '0'); set_config('queue_trigger_posts', '3'); set_config('pm_max_recipients', '0'); // Set maximum number of recipients for the registered users, bots, guests group $sql = 'UPDATE ' . GROUPS_TABLE . ' SET group_max_recipients = 5 WHERE ' . $db->sql_in_set('group_name', array('GUESTS', 'REGISTERED', 'REGISTERED_COPPA', 'BOTS')); _sql($sql, $errored, $error_ary); // Not prefilling yet set_config('dbms_version', ''); // Add new permission u_masspm_group and duplicate settings from u_masspm include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); $auth_admin = new auth_admin(); // Only add the new permission if it does not already exist if (empty($auth_admin->acl_options['id']['u_masspm_group'])) { $auth_admin->acl_add_option(array('global' => array('u_masspm_group'))); // Now the tricky part, filling the permission $old_id = $auth_admin->acl_options['id']['u_masspm']; $new_id = $auth_admin->acl_options['id']['u_masspm_group']; $tables = array(ACL_GROUPS_TABLE, ACL_ROLES_DATA_TABLE, ACL_USERS_TABLE); foreach ($tables as $table) { $sql = 'SELECT * FROM ' . $table . ' WHERE auth_option_id = ' . $old_id; $result = _sql($sql, $errored, $error_ary); $sql_ary = array(); while ($row = $db->sql_fetchrow($result)) { $row['auth_option_id'] = $new_id; $sql_ary[] = $row; } $db->sql_freeresult($result); if (sizeof($sql_ary)) { $db->sql_multi_insert($table, $sql_ary); } } // Remove any old permission entries $auth_admin->acl_clear_prefetch(); } /** * Do not resync post counts here. An admin may do this later from the ACP $start = 0; $step = ($config['num_posts']) ? (max((int) ($config['num_posts'] / 5), 20000)) : 20000; $sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = 0'; _sql($sql, $errored, $error_ary); do { $sql = 'SELECT COUNT(post_id) AS num_posts, poster_id FROM ' . POSTS_TABLE . ' WHERE post_id BETWEEN ' . ($start + 1) . ' AND ' . ($start + $step) . ' AND post_postcount = 1 AND post_approved = 1 GROUP BY poster_id'; $result = _sql($sql, $errored, $error_ary); if ($row = $db->sql_fetchrow($result)) { do { $sql = 'UPDATE ' . USERS_TABLE . " SET user_posts = user_posts + {$row['num_posts']} WHERE user_id = {$row['poster_id']}"; _sql($sql, $errored, $error_ary); } while ($row = $db->sql_fetchrow($result)); $start += $step; } else { $start = 0; } $db->sql_freeresult($result); } while ($start); */ $sql = 'UPDATE ' . MODULES_TABLE . ' SET module_auth = \'acl_a_email && cfg_email_enable\' WHERE module_class = \'acp\' AND module_basename = \'email\''; _sql($sql, $errored, $error_ary); $no_updates = false; break; // Changes from 3.0.3-RC1 to 3.0.3 case '3.0.3-RC1': $sql = 'UPDATE ' . LOG_TABLE . " SET log_operation = 'LOG_DELETE_TOPIC' WHERE log_operation = 'LOG_TOPIC_DELETED'"; _sql($sql, $errored, $error_ary); $no_updates = false; break; // Changes from 3.0.3 to 3.0.4-RC1 case '3.0.3': // Update the Custom Profile Fields based on previous settings to the new format $sql = 'SELECT field_id, field_required, field_show_on_reg, field_hide FROM ' . PROFILE_FIELDS_TABLE; $result = _sql($sql, $errored, $error_ary); while ($row = $db->sql_fetchrow($result)) { $sql_ary = array( 'field_required' => 0, 'field_show_on_reg' => 0, 'field_hide' => 0, 'field_show_profile'=> 0, ); if ($row['field_required']) { $sql_ary['field_required'] = $sql_ary['field_show_on_reg'] = $sql_ary['field_show_profile'] = 1; } else if ($row['field_show_on_reg']) { $sql_ary['field_show_on_reg'] = $sql_ary['field_show_profile'] = 1; } else if ($row['field_hide']) { // Only administrators and moderators can see this CPF, if the view is enabled, they can see it, otherwise just admins in the acp_users module $sql_ary['field_hide'] = 1; } else { // equivelant to "none", which is the "Display in user control panel" option $sql_ary['field_show_profile'] = 1; } _sql('UPDATE ' . PROFILE_FIELDS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE field_id = ' . $row['field_id'], $errored, $error_ary); } $no_updates = false; break; // Changes from 3.0.4-RC1 to 3.0.4 case '3.0.4-RC1': break; } }
/** * Method to render the page data * * @var bool Bool if the rendering is only for index * @return array Data for page rendering */ public function render_data_for_page($only_for_index = false) { $include_on_index = $only_for_index === true; // Add lang file $this->user->add_lang('posting'); //chat enabled if (!$this->config['mchat_enable']) { trigger_error($this->user->lang['MCHAT_ENABLE'], E_USER_NOTICE); } // avatars if (!function_exists('get_user_avatar')) { include $this->phpbb_root_path . 'includes/functions_display.' . $this->phpEx; } if (($this->config_mchat = $this->cache->get('_mchat_config')) === false) { $this->functions_mchat->mchat_cache(); } $this->config_mchat = $this->cache->get('_mchat_config'); // Access rights $mchat_allow_bbcode = $this->config['allow_bbcode'] && $this->auth->acl_get('u_mchat_bbcode') ? true : false; $mchat_smilies = $this->config['allow_smilies'] && $this->auth->acl_get('u_mchat_smilies') ? true : false; $mchat_urls = $this->config['allow_post_links'] && $this->auth->acl_get('u_mchat_urls') ? true : false; $mchat_ip = $this->auth->acl_get('u_mchat_ip') ? true : false; $mchat_pm = $this->auth->acl_get('u_mchat_pm') ? true : false; $mchat_like = $this->auth->acl_get('u_mchat_like') ? true : false; $mchat_quote = $this->auth->acl_get('u_mchat_quote') ? true : false; $mchat_add_mess = $this->auth->acl_get('u_mchat_use') ? true : false; $mchat_view = $this->auth->acl_get('u_mchat_view') ? true : false; $mchat_no_flood = $this->auth->acl_get('u_mchat_flood_ignore') ? true : false; $mchat_read_archive = $this->auth->acl_get('u_mchat_archive') ? true : false; $mchat_founder = $this->user->data['user_type'] == USER_FOUNDER ? true : false; $mchat_session_time = !empty($this->config_mchat['timeout']) ? $this->config_mchat['timeout'] : (!empty($this->config['load_online_time']) ? $this->config['load_online_time'] * 60 : $this->config['session_length']); $mchat_rules = !empty($this->config_mchat['rules']) || isset($this->user->lang[strtoupper('mchat_rules')]) ? true : false; $mchat_avatars = !empty($this->config_mchat['avatars']) && $this->user->optionget('viewavatars') && $this->user->data['user_mchat_avatars'] ? true : false; // needed variables // Request options. $mchat_mode = $this->request->variable('mode', ''); $mchat_read_mode = $mchat_archive_mode = $mchat_custom_page = $mchat_no_message = false; // set redirect if on index or custom page $on_page = $include_on_index ? 'index' : 'mchat'; // grab fools..uhmmm, foes the user has $foes_array = array(); $sql = 'SELECT * FROM ' . ZEBRA_TABLE . ' WHERE user_id = ' . $this->user->data['user_id'] . ' AND foe = 1'; $result = $this->db->sql_query($sql); while ($row = $this->db->sql_fetchrow($result)) { $foes_array[] = $row['zebra_id']; } $this->db->sql_freeresult($result); // Request mode... switch ($mchat_mode) { // rules popup.. case 'rules': // If the rules are defined in the language file use them, else just use the entry in the database if ($mchat_rules || isset($this->user->lang[strtoupper('mchat_rules')])) { if (isset($this->user->lang[strtoupper('mchat_rules')])) { $this->template->assign_var('MCHAT_RULES', $this->user->lang[strtoupper('mchat_rules')]); } else { $mchat_rules = $this->config_mchat['rules']; $mchat_rules = explode("\n", $mchat_rules); foreach ($mchat_rules as $mchat_rule) { $mchat_rule = utf8_htmlspecialchars($mchat_rule); $this->template->assign_block_vars('rule', array('MCHAT_RULE' => $mchat_rule)); } } // Output the page // Return for: \$this->helper->render(filename, lang_title); return array('filename' => 'mchat_rules.html', 'lang_title' => $this->user->lang['MCHAT_HELP']); } else { // Show no rules trigger_error('MCHAT_NO_RULES', E_USER_NOTICE); } break; // whois function.. // whois function.. case 'whois': // Must have auths if ($mchat_mode == 'whois' && $mchat_ip) { // function already exists.. if (!function_exists('user_ipwhois')) { include $this->phpbb_root_path . 'includes/functions_user.' . $this->phpEx; } $this->user_ip = $this->request->variable('ip', ''); $this->template->assign_var('WHOIS', user_ipwhois($this->user_ip)); // Output the page // Return for: \$this->helper->render(filename, lang_title); return array('filename' => 'viewonline_whois.html', 'lang_title' => $this->user->lang['WHO_IS_ONLINE']); } else { // Show not authorized trigger_error('NO_AUTH_OPERATION', E_USER_NOTICE); } break; // Clean function... // Clean function... case 'clean': // User logged in? if (!$this->user->data['is_registered'] || !$mchat_founder) { if (!$this->user->data['is_registered']) { // Login box... login_box('', $this->user->lang['LOGIN']); } else { if (!$mchat_founder) { // Show not authorized trigger_error('NO_AUTH_OPERATION', E_USER_NOTICE); } } } $mchat_redirect = $this->request->variable('redirect', ''); $mchat_redirect = $mchat_redirect == 'index' ? append_sid("{$this->phpbb_root_path}index.{$this->phpEx}") : $this->helper->route('dmzx_mchat_controller', array('#mChat')); if (confirm_box(true)) { // Run cleaner $sql = 'TRUNCATE TABLE ' . $this->mchat_table; $this->db->sql_query($sql); meta_refresh(3, $mchat_redirect); trigger_error($this->user->lang['MCHAT_CLEANED'] . '<br /><br />' . sprintf($this->user->lang['RETURN_PAGE'], '<a href="' . $mchat_redirect . '">', '</a>')); } else { // Display confirm box confirm_box(false, $this->user->lang['MCHAT_DELALLMESS']); } $this->phpbb_log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_MCHAT_TABLE_PRUNED'); redirect($mchat_redirect); break; // Archive function... // Archive function... case 'archive': if (!$mchat_read_archive || !$mchat_view) { // redirect to correct page $mchat_redirect = append_sid("{$this->phpbb_root_path}index.{$this->phpEx}"); // Redirect to previous page meta_refresh(3, $mchat_redirect); trigger_error($this->user->lang['MCHAT_NOACCESS_ARCHIVE'] . '<br /><br />' . sprintf($this->user->lang['RETURN_PAGE'], '<a href="' . $mchat_redirect . '">', '</a>')); } if ($this->config['mchat_enable'] && $mchat_read_archive && $mchat_view) { // how many chats do we have? $sql = 'SELECT COUNT(message_id) AS messages FROM ' . $this->mchat_table; $result = $this->db->sql_query($sql); $mchat_total_messages = $this->db->sql_fetchfield('messages'); $this->db->sql_freeresult($result); // prune the chats if necessary and amount in ACP not empty if ($this->config_mchat['prune_enable'] && ($mchat_total_messages > $this->config_mchat['prune_num'] && $this->config_mchat['prune_num'] > 0)) { $this->functions_mchat->mchat_prune((int) $this->config_mchat['prune_num']); } // Reguest... $mchat_archive_start = $this->request->variable('start', 0); $sql_where = $this->user->data['user_mchat_topics'] ? '' : 'WHERE m.forum_id = 0'; // Message row $sql = 'SELECT m.*, u.username, u.user_colour, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_allow_pm FROM ' . $this->mchat_table . ' m LEFT JOIN ' . USERS_TABLE . ' u ON m.user_id = u.user_id ' . $sql_where . ' ORDER BY m.message_id DESC'; $result = $this->db->sql_query_limit($sql, (int) $this->config_mchat['archive_limit'], $mchat_archive_start); $rows = $this->db->sql_fetchrowset($result); $this->db->sql_freeresult($result); foreach ($rows as $row) { // auth check if ($row['forum_id'] != 0 && !$this->auth->acl_get('f_read', $row['forum_id'])) { continue; } // edit, delete and permission auths $mchat_ban = $this->auth->acl_get('a_authusers') && $this->user->data['user_id'] != $row['user_id'] ? true : false; $mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false; $mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false; $mchat_avatar = $row['user_avatar'] ? get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'] > $row['user_avatar_height'] ? 40 : 40 / $row['user_avatar_height'] * $row['user_avatar_width'], $row['user_avatar_height'] > $row['user_avatar_width'] ? 40 : 40 / $row['user_avatar_width'] * $row['user_avatar_height']) : ''; $message_edit = $row['message']; decode_message($message_edit, $row['bbcode_uid']); $message_edit = str_replace('"', '"', $message_edit); // Edit Fix ;) if (sizeof($foes_array)) { if (in_array($row['user_id'], $foes_array)) { $row['message'] = sprintf($this->user->lang['MCHAT_FOE'], get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST'])); } } $row['username'] = mb_ereg_replace("'", "’", $row['username']); $this->template->assign_block_vars('mchatrow', array('MCHAT_ALLOW_BAN' => $mchat_ban, 'MCHAT_ALLOW_EDIT' => $mchat_edit, 'MCHAT_ALLOW_DEL' => $mchat_del, 'MCHAT_USER_AVATAR' => $mchat_avatar, 'U_VIEWPROFILE' => $row['user_id'] != ANONYMOUS ? append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'U_USER_IDS' => $row['user_id'] != ANONYMOUS && $this->user->data['user_id'] != $row['user_id'] ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'BOT_USER_ID' => $row['user_id'] != '1', 'U_USER_ID' => $row['user_id'] != ANONYMOUS && $this->config['allow_privmsg'] && $this->auth->acl_get('u_sendpm') && $this->user->data['user_id'] != $row['user_id'] && $row['user_id'] != '1' && ($row['user_allow_pm'] || $this->auth->acl_gets('a_', 'm_') || $this->auth->acl_getf_global('m_')) ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'MCHAT_MESSAGE_EDIT' => $message_edit, 'MCHAT_MESSAGE_ID' => $row['message_id'], 'MCHAT_USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USER_IP' => $row['user_ip'], 'MCHAT_U_WHOIS' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'whois', 'ip' => $row['user_ip'])), 'MCHAT_U_BAN' => append_sid("{$this->phpbb_root_path}adm/index.{$this->phpEx}", 'i=permissions&mode=setting_user_global&user_id[0]=' . $row['user_id'], true, $this->user->session_id), 'MCHAT_MESSAGE' => generate_text_for_display($row['message'], $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options']), 'MCHAT_TIME' => $this->user->format_date($row['message_time'], $this->config_mchat['date']), 'MCHAT_CLASS' => $row['message_id'] % 2 ? 1 : 2)); } // Write no message if (empty($rows)) { $mchat_no_message = true; } } // Run query again to get the total message rows... $sql = 'SELECT COUNT(message_id) AS mess_id FROM ' . $this->mchat_table; $result = $this->db->sql_query($sql); $mchat_total_message = $this->db->sql_fetchfield('mess_id'); $this->db->sql_freeresult($result); // Page list function... $pagination_url = $this->helper->route('dmzx_mchat_controller', array('mode' => 'archive')); $start = $this->request->variable('start', 0); $this->pagination->generate_template_pagination($pagination_url, 'pagination', 'start', $mchat_total_message, (int) $this->config_mchat['archive_limit'], $mchat_archive_start); $this->template->assign_vars(array('MCHAT_TOTAL_MESSAGES' => sprintf($this->user->lang['MCHAT_TOTALMESSAGES'], $mchat_total_message))); //add to navlinks $this->template->assign_block_vars('navlinks', array('FORUM_NAME' => $this->user->lang['MCHAT_ARCHIVE_PAGE'], 'U_VIEW_FORUM' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'archive')))); // If archive mode request set true $mchat_archive_mode = true; $old_mode = 'archive'; break; // Read function... // Read function... case 'read': // If mChat disabled or user can't view the chat if (!$this->config['mchat_enable'] || !$mchat_view) { // Forbidden (for jQ AJAX request) throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN'); } // if we're reading on the custom page, then we are chatting if ($mchat_custom_page) { // insert user into the mChat sessions table $this->functions_mchat->mchat_sessions($mchat_session_time, true); } // Request $mchat_message_last_id = $this->request->variable('message_last_id', 0); $sql_and = $this->user->data['user_mchat_topics'] ? '' : 'AND m.forum_id = 0'; $sql = 'SELECT m.*, u.username, u.user_colour, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_allow_pm FROM ' . $this->mchat_table . ' m, ' . USERS_TABLE . ' u WHERE m.user_id = u.user_id AND m.message_id > ' . (int) $mchat_message_last_id . ' ' . $sql_and . ' ORDER BY m.message_id DESC'; $result = $this->db->sql_query_limit($sql, (int) $this->config_mchat['message_limit']); $rows = $this->db->sql_fetchrowset($result); $this->db->sql_freeresult($result); // Reverse the array wanting messages appear in reverse if ($this->config['mchat_message_top']) { $rows = array_reverse($rows); } foreach ($rows as $row) { // auth check if ($row['forum_id'] != 0 && !$this->auth->acl_get('f_read', $row['forum_id'])) { continue; } // edit auths if ($this->user->data['user_id'] == ANONYMOUS && $this->user->data['user_id'] == $row['user_id']) { $chat_auths = $this->user->data['session_ip'] == $row['user_ip'] ? true : false; } else { $chat_auths = $this->user->data['user_id'] == $row['user_id'] ? true : false; } // edit, delete and permission auths $mchat_ban = $this->auth->acl_get('a_authusers') && $this->user->data['user_id'] != $row['user_id'] ? true : false; $mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $chat_auths) ? true : false; $mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $chat_auths) ? true : false; $mchat_avatar = $row['user_avatar'] ? get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'] > $row['user_avatar_height'] ? 40 : 40 / $row['user_avatar_height'] * $row['user_avatar_width'], $row['user_avatar_height'] > $row['user_avatar_width'] ? 40 : 40 / $row['user_avatar_width'] * $row['user_avatar_height']) : ''; $message_edit = $row['message']; decode_message($message_edit, $row['bbcode_uid']); $message_edit = str_replace('"', '"', $message_edit); $message_edit = mb_ereg_replace("'", "’", $message_edit); // Edit Fix ;) if (sizeof($foes_array)) { if (in_array($row['user_id'], $foes_array)) { $row['message'] = sprintf($this->user->lang['MCHAT_FOE'], get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST'])); } } $row['username'] = mb_ereg_replace("'", "’", $row['username']); $this->template->assign_block_vars('mchatrow', array('MCHAT_ALLOW_BAN' => $mchat_ban, 'MCHAT_ALLOW_EDIT' => $mchat_edit, 'MCHAT_ALLOW_DEL' => $mchat_del, 'MCHAT_USER_AVATAR' => $mchat_avatar, 'U_VIEWPROFILE' => $row['user_id'] != ANONYMOUS ? append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'U_USER_IDS' => $row['user_id'] != ANONYMOUS && $this->user->data['user_id'] != $row['user_id'] ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'BOT_USER_ID' => $row['user_id'] != '1', 'U_USER_ID' => $row['user_id'] != ANONYMOUS && $this->config['allow_privmsg'] && $this->auth->acl_get('u_sendpm') && $this->user->data['user_id'] != $row['user_id'] && $row['user_id'] != '1' && ($row['user_allow_pm'] || $this->auth->acl_gets('a_', 'm_') || $this->auth->acl_getf_global('m_')) ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'MCHAT_MESSAGE_EDIT' => $message_edit, 'MCHAT_MESSAGE_ID' => $row['message_id'], 'MCHAT_USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USER_IP' => $row['user_ip'], 'MCHAT_U_WHOIS' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'whois', 'ip' => $row['user_ip'])), 'MCHAT_U_BAN' => append_sid("{$this->phpbb_root_path}adm/index.{$this->phpEx}", 'i=permissions&mode=setting_user_global&user_id[0]=' . $row['user_id'], true, $this->user->session_id), 'MCHAT_MESSAGE' => generate_text_for_display($row['message'], $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options']), 'MCHAT_TIME' => $this->user->format_date($row['message_time'], $this->config_mchat['date']), 'MCHAT_CLASS' => $row['message_id'] % 2 ? 1 : 2)); } // Write no message if (empty($rows)) { $mchat_no_message = true; } // If read mode request set true $mchat_read_mode = true; break; // Stats function... // Stats function... case 'stats': // If mChat disabled or user can't view the chat if (!$this->config['mchat_enable'] || !$mchat_view || !$this->config_mchat['whois']) { // Forbidden (for jQ AJAX request) throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN'); } $mchat_stats = $this->functions_mchat->mchat_users($mchat_session_time); if (!empty($mchat_stats['online_userlist'])) { $message = '<div class="mChatStats" id="mChatStats"><a href="#" onclick="mChat.toggle(\'UserList\'); return false;">' . $mchat_stats['mchat_users_count'] . '</a> ' . $mchat_stats['refresh_message'] . '<br /><span id="mChatUserList" style="display: none; float: left;">' . $mchat_stats['online_userlist'] . '</span></div>'; } else { $message = '<div class="mChatStats" id="Div1">' . $this->user->lang['MCHAT_NO_CHATTERS'] . ' (' . $mchat_stats['refresh_message'] . ')</div>'; } if ($this->request->is_ajax()) { // Return for: \Symfony\Component\HttpFoundation\JsonResponse return array('json' => true, 'message' => $message); } else { throw new \phpbb\exception\http_exception(501, 'MCHAT_ERROR_NOT_IMPLEMENTED'); } break; // Add function... // Add function... case 'add': // If mChat disabled if (!$this->config['mchat_enable'] || !$mchat_add_mess || !check_form_key('mchat_posting', -1)) { // Forbidden (for jQ AJAX request) if ($this->request->is_ajax()) { // FOR DEBUG throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN'); } } // Reguest... $message = utf8_ucfirst(utf8_normalize_nfc($this->request->variable('message', '', true))); // must have something other than bbcode in the message if (empty($mchatregex)) { //let's strip all the bbcode $mchatregex = '#\\[/?[^\\[\\]]+\\]#mi'; } $message_chars = preg_replace($mchatregex, '', $message); $message_chars = utf8_strlen(trim($message_chars)) > 0 ? true : false; if (!$message || !$message_chars) { // Not Implemented (for jQ AJAX request) throw new \phpbb\exception\http_exception(501, 'MCHAT_ERROR_NOT_IMPLEMENTED'); } // Flood control if (!$mchat_no_flood && $this->config_mchat['flood_time']) { $mchat_flood_current_time = time(); $sql = 'SELECT message_time FROM ' . $this->mchat_table . ' WHERE user_id = ' . (int) $this->user->data['user_id'] . ' ORDER BY message_time DESC'; $result = $this->db->sql_query_limit($sql, 1); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); if ($row['message_time'] > 0 && $mchat_flood_current_time - $row['message_time'] < (int) $this->config_mchat['flood_time']) { // Locked (for jQ AJAX request) throw new \phpbb\exception\http_exception(400, 'MCHAT_BAD_REQUEST'); } } // insert user into the mChat sessions table $this->functions_mchat->mchat_sessions($mchat_session_time, true); // we override the $this->config['min_post_chars'] entry? if ($this->config_mchat['override_min_post_chars']) { $old_cfg['min_post_chars'] = $this->config['min_post_chars']; $this->config['min_post_chars'] = 0; } //we do the same for the max number of smilies? if ($this->config_mchat['override_smilie_limit']) { $old_cfg['max_post_smilies'] = $this->config['max_post_smilies']; $this->config['max_post_smilies'] = 0; } // Add function part code from http://wiki.phpbb.com/Parsing_text $uid = $bitfield = $options = ''; // will be modified by generate_text_for_storage generate_text_for_storage($message, $uid, $bitfield, $options, $mchat_allow_bbcode, $mchat_urls, $mchat_smilies); // Not allowed bbcodes if (!$mchat_allow_bbcode || $this->config_mchat['bbcode_disallowed']) { if (!$mchat_allow_bbcode) { $bbcode_remove = '#\\[/?[^\\[\\]]+\\]#Usi'; $message = preg_replace($bbcode_remove, '', $message); } else { if ($this->config_mchat['bbcode_disallowed']) { if (empty($bbcode_replace)) { $bbcode_replace = array('#\\[(' . $this->config_mchat['bbcode_disallowed'] . ')[^\\[\\]]+\\]#Usi', '#\\[/(' . $this->config_mchat['bbcode_disallowed'] . ')[^\\[\\]]+\\]#Usi'); } $message = preg_replace($bbcode_replace, '', $message); } } } $sql_ary = array('forum_id' => 0, 'post_id' => 0, 'user_id' => $this->user->data['user_id'], 'user_ip' => $this->user->data['session_ip'], 'message' => str_replace('\'', '’', $message), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'bbcode_options' => $options, 'message_time' => time()); $sql = 'INSERT INTO ' . $this->mchat_table . ' ' . $this->db->sql_build_array('INSERT', $sql_ary); $this->db->sql_query($sql); // reset the config settings if (isset($old_cfg['min_post_chars'])) { $this->config['min_post_chars'] = $old_cfg['min_post_chars']; unset($old_cfg['min_post_chars']); } if (isset($old_cfg['max_post_smilies'])) { $this->config['max_post_smilies'] = $old_cfg['max_post_smilies']; unset($old_cfg['max_post_smilies']); } // Stop run code! if ($this->request->is_ajax()) { // Return for: \Symfony\Component\HttpFoundation\JsonResponse return array('json' => true, 'success' => true); } else { exit_handler(); } break; // Edit function... // Edit function... case 'edit': $message_id = $this->request->variable('message_id', 0); // If mChat disabled and not edit if (!$this->config['mchat_enable'] || !$message_id) { // Forbidden (for jQ AJAX request) throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN'); } // check for the correct user $sql = 'SELECT * FROM ' . $this->mchat_table . ' WHERE message_id = ' . (int) $message_id; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); // edit and delete auths $mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false; $mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false; // If mChat disabled and not edit if (!$mchat_edit) { // Forbidden (for jQ AJAX request) throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN'); } // Reguest... $message = $this->request->variable('message', '', true); // must have something other than bbcode in the message if (empty($mchatregex)) { //let's strip all the bbcode $mchatregex = '#\\[/?[^\\[\\]]+\\]#mi'; } $message_chars = preg_replace($mchatregex, '', $message); $message_chars = utf8_strlen(trim($message_chars)) > 0 ? true : false; if (!$message || !$message_chars) { // Not Implemented (for jQ AJAX request) throw new \phpbb\exception\http_exception(501, 'MCHAT_ERROR_NOT_IMPLEMENTED'); } // Message limit $message = $this->config_mchat['max_message_lngth'] != 0 && utf8_strlen($message) >= $this->config_mchat['max_message_lngth'] + 3 ? utf8_substr($message, 0, $this->config_mchat['max_message_lngth']) . '...' : $message; // we override the $this->config['min_post_chars'] entry? if ($this->config_mchat['override_min_post_chars']) { $old_cfg['min_post_chars'] = $this->config['min_post_chars']; $this->config['min_post_chars'] = 0; } //we do the same for the max number of smilies? if ($this->config_mchat['override_smilie_limit']) { $old_cfg['max_post_smilies'] = $this->config['max_post_smilies']; $this->config['max_post_smilies'] = 0; } // Edit function part code from http://wiki.phpbb.com/Parsing_text $uid = $bitfield = $options = ''; // will be modified by generate_text_for_storage generate_text_for_storage($message, $uid, $bitfield, $options, $mchat_allow_bbcode, $mchat_urls, $mchat_smilies); // Not allowed bbcodes if (!$mchat_allow_bbcode || $this->config_mchat['bbcode_disallowed']) { if (!$mchat_allow_bbcode) { $bbcode_remove = '#\\[/?[^\\[\\]]+\\]#Usi'; $message = preg_replace($bbcode_remove, '', $message); } else { if ($this->config_mchat['bbcode_disallowed']) { if (empty($bbcode_replace)) { $bbcode_replace = array('#\\[(' . $this->config_mchat['bbcode_disallowed'] . ')[^\\[\\]]+\\]#Usi', '#\\[/(' . $this->config_mchat['bbcode_disallowed'] . ')[^\\[\\]]+\\]#Usi'); } $message = preg_replace($bbcode_replace, '', $message); } } } $sql_ary = array('message' => str_replace('\'', '’', $message), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'bbcode_options' => $options); $sql = 'UPDATE ' . $this->mchat_table . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE message_id = ' . (int) $message_id; $this->db->sql_query($sql); // Message edited...now read it $sql = 'SELECT m.*, u.username, u.user_colour, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_allow_pm FROM ' . $this->mchat_table . ' m, ' . USERS_TABLE . ' u WHERE m.user_id = u.user_id AND m.message_id = ' . (int) $message_id . ' ORDER BY m.message_id DESC'; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); $message_edit = $row['message']; decode_message($message_edit, $row['bbcode_uid']); $message_edit = str_replace('"', '"', $message_edit); // Edit Fix ;) $message_edit = mb_ereg_replace("'", "’", $message_edit); // Edit Fix ;) $mchat_ban = $this->auth->acl_get('a_authusers') && $this->user->data['user_id'] != $row['user_id'] ? true : false; $mchat_avatar = $row['user_avatar'] ? get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'] > $row['user_avatar_height'] ? 40 : 40 / $row['user_avatar_height'] * $row['user_avatar_width'], $row['user_avatar_height'] > $row['user_avatar_width'] ? 40 : 40 / $row['user_avatar_width'] * $row['user_avatar_height']) : ''; $this->template->assign_block_vars('mchatrow', array('MCHAT_ALLOW_BAN' => $mchat_ban, 'MCHAT_ALLOW_EDIT' => $mchat_edit, 'MCHAT_ALLOW_DEL' => $mchat_del, 'MCHAT_MESSAGE_EDIT' => $message_edit, 'MCHAT_USER_AVATAR' => $mchat_avatar, 'U_VIEWPROFILE' => $row['user_id'] != ANONYMOUS ? append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'U_USER_IDS' => $row['user_id'] != ANONYMOUS && $this->user->data['user_id'] != $row['user_id'] ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'BOT_USER_ID' => $row['user_id'] != '1', 'U_USER_ID' => $row['user_id'] != ANONYMOUS && $this->config['allow_privmsg'] && $this->auth->acl_get('u_sendpm') && $this->user->data['user_id'] != $row['user_id'] && $row['user_id'] != '1' && ($row['user_allow_pm'] || $this->auth->acl_gets('a_', 'm_') || $this->auth->acl_getf_global('m_')) ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'MCHAT_MESSAGE_ID' => $row['message_id'], 'MCHAT_USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USER_IP' => $row['user_ip'], 'MCHAT_U_WHOIS' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'whois', 'ip' => $row['user_ip'])), 'MCHAT_U_BAN' => append_sid("{$this->phpbb_root_path}adm/index.{$this->phpEx}", 'i=permissions&mode=setting_user_global&user_id[0]=' . $row['user_id'], true, $this->user->session_id), 'MCHAT_MESSAGE' => censor_text(generate_text_for_display($row['message'], $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options'])), 'MCHAT_TIME' => $this->user->format_date($row['message_time'], $this->config_mchat['date']), 'MCHAT_CLASS' => $row['message_id'] % 2 ? 1 : 2)); // reset the config settings if (isset($old_cfg['min_post_chars'])) { $this->config['min_post_chars'] = $old_cfg['min_post_chars']; unset($old_cfg['min_post_chars']); } if (isset($old_cfg['max_post_smilies'])) { $this->config['max_post_smilies'] = $old_cfg['max_post_smilies']; unset($old_cfg['max_post_smilies']); } //adds a log // $message_author = get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']); // add_log('admin', 'LOG_EDITED_MCHAT', $message_author); $this->phpbb_log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_EDITED_MCHAT', false, array($row['username'])); // insert user into the mChat sessions table $this->functions_mchat->mchat_sessions($mchat_session_time, true); // If read mode request set true $mchat_read_mode = true; break; // Delete function... // Delete function... case 'delete': $message_id = $this->request->variable('message_id', 0); // If mChat disabled if (!$this->config['mchat_enable'] || !$message_id) { // Forbidden (for jQ AJAX request) throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN'); } // check for the correct user $sql = 'SELECT m.*, u.username, u.user_colour FROM ' . $this->mchat_table . ' m LEFT JOIN ' . USERS_TABLE . ' u ON m.user_id = u.user_id WHERE m.message_id = ' . (int) $message_id; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); // edit and delete auths $mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false; $mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $this->user->data['user_id'] == $row['user_id']) ? true : false; // If mChat disabled if (!$mchat_del) { // Forbidden (for jQ AJAX request) throw new \phpbb\exception\http_exception(403, 'MCHAT_ERROR_FORBIDDEN'); } // Run delete! $sql = 'DELETE FROM ' . $this->mchat_table . ' WHERE message_id = ' . (int) $message_id; $this->db->sql_query($sql); //adds a log $this->phpbb_log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_DELETED_MCHAT', false, array($row['username'])); // insert user into the mChat sessions table $this->functions_mchat->mchat_sessions($mchat_session_time, true); // Stop running code if ($this->request->is_ajax()) { // Return for: \Symfony\Component\HttpFoundation\JsonResponse return array('json' => true, 'success' => true); } else { exit_handler(); } break; // Default function... // Default function... default: // If not include in index.php set mchat.php page true if (!$include_on_index) { // Yes its custom page... $mchat_custom_page = true; // If custom page false mchat.php page redirect to index... if (!$this->config_mchat['custom_page'] && $mchat_custom_page) { $mchat_redirect = append_sid("{$this->phpbb_root_path}index.{$this->phpEx}"); // Redirect to previous page meta_refresh(3, $mchat_redirect); trigger_error($this->user->lang['MCHAT_NO_CUSTOM_PAGE'] . '<br /><br />' . sprintf($this->user->lang['RETURN_PAGE'], '<a href="' . $mchat_redirect . '">', '</a>')); } // user has permissions to view the custom chat? if (!$mchat_view && $mchat_custom_page) { trigger_error('NOT_AUTHORISED', E_USER_NOTICE); } // if whois true if ($this->config_mchat['whois']) { // Grab group details for legend display for who is online on the custom page. $order_legend = $this->config['legend_sort_groupname'] ? 'group_name' : 'group_legend'; if ($this->auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) { $sql = 'SELECT group_id, group_name, group_colour, group_type FROM ' . GROUPS_TABLE . ' WHERE group_legend <> 0 ORDER BY ' . $order_legend . ' ASC'; } else { $sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_type FROM ' . GROUPS_TABLE . ' g LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (g.group_id = ug.group_id AND ug.user_id = ' . $this->user->data['user_id'] . ' AND ug.user_pending = 0) WHERE g.group_legend <> 0 AND (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . (int) $this->user->data['user_id'] . ') ORDER BY g.' . $order_legend . ' ASC'; } $result = $this->db->sql_query($sql); $legend = array(); while ($row = $this->db->sql_fetchrow($result)) { $colour_text = $row['group_colour'] ? ' style="color:#' . $row['group_colour'] . '"' : ''; $group_name = $row['group_type'] == GROUP_SPECIAL ? $this->user->lang['G_' . $row['group_name']] : $row['group_name']; if ($row['group_name'] == 'BOTS' || $this->user->data['user_id'] != ANONYMOUS && !$this->auth->acl_get('u_viewprofile')) { $legend[] = '<span' . $colour_text . '>' . $group_name . '</span>'; } else { $legend[] = '<a' . $colour_text . ' href="' . append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=group&g=' . $row['group_id']) . '">' . $group_name . '</a>'; } } $this->db->sql_freeresult($result); $legend = implode(', ', $legend); // Assign index specific vars $this->template->assign_vars(array('LEGEND' => $legend)); } $this->template->assign_block_vars('navlinks', array('FORUM_NAME' => $this->user->lang['MCHAT_TITLE'], 'U_VIEW_FORUM' => $this->helper->route('dmzx_mchat_controller'))); } // Run code... if ($mchat_view) { $message_number = $mchat_custom_page ? $this->config_mchat['message_limit'] : $this->config_mchat['message_num']; $sql_where = $this->user->data['user_mchat_topics'] ? '' : 'WHERE m.forum_id = 0'; // Message row $sql = 'SELECT m.*, u.username, u.user_colour, u.user_avatar, u.user_avatar_type, u.user_avatar_width, u.user_avatar_height, u.user_allow_pm FROM ' . $this->mchat_table . ' m LEFT JOIN ' . USERS_TABLE . ' u ON m.user_id = u.user_id ' . $sql_where . ' ORDER BY message_id DESC'; $result = $this->db->sql_query_limit($sql, $message_number); $rows = $this->db->sql_fetchrowset($result); $this->db->sql_freeresult($result); if ($this->config['mchat_message_top']) { $rows = array_reverse($rows, true); } foreach ($rows as $row) { // auth check if ($row['forum_id'] != 0 && !$this->auth->acl_get('f_read', $row['forum_id'])) { continue; } // edit, delete and permission auths $mchat_ban = $this->auth->acl_get('a_authusers') && $this->user->data['user_id'] != $row['user_id'] ? true : false; // edit auths if ($this->user->data['user_id'] == ANONYMOUS && $this->user->data['user_id'] == $row['user_id']) { $chat_auths = $this->user->data['session_ip'] == $row['user_ip'] ? true : false; } else { $chat_auths = $this->user->data['user_id'] == $row['user_id'] ? true : false; } $mchat_edit = $this->auth->acl_get('u_mchat_edit') && ($this->auth->acl_get('m_') || $chat_auths) ? true : false; $mchat_del = $this->auth->acl_get('u_mchat_delete') && ($this->auth->acl_get('m_') || $chat_auths) ? true : false; $mchat_avatar = $row['user_avatar'] ? get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'] > $row['user_avatar_height'] ? 40 : 40 / $row['user_avatar_height'] * $row['user_avatar_width'], $row['user_avatar_height'] > $row['user_avatar_width'] ? 40 : 40 / $row['user_avatar_width'] * $row['user_avatar_height']) : ''; $message_edit = $row['message']; decode_message($message_edit, $row['bbcode_uid']); $message_edit = str_replace('"', '"', $message_edit); // Edit Fix ;) $message_edit = mb_ereg_replace("'", "’", $message_edit); if (sizeof($foes_array)) { if (in_array($row['user_id'], $foes_array)) { $row['message'] = sprintf($this->user->lang['MCHAT_FOE'], get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST'])); } } $row['username'] = mb_ereg_replace("'", "’", $row['username']); $message = str_replace('\'', '’', $row['message']); $this->template->assign_block_vars('mchatrow', array('MCHAT_ALLOW_BAN' => $mchat_ban, 'MCHAT_ALLOW_EDIT' => $mchat_edit, 'MCHAT_ALLOW_DEL' => $mchat_del, 'MCHAT_USER_AVATAR' => $mchat_avatar, 'U_VIEWPROFILE' => $row['user_id'] != ANONYMOUS ? append_sid("{$this->phpbb_root_path}memberlist.{$this->phpEx}", 'mode=viewprofile&u=' . $row['user_id']) : '', 'U_USER_IDS' => $row['user_id'] != ANONYMOUS && $this->user->data['user_id'] != $row['user_id'] ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'BOT_USER_ID' => $row['user_id'] != '1', 'U_USER_ID' => $row['user_id'] != ANONYMOUS && $this->config['allow_privmsg'] && $this->auth->acl_get('u_sendpm') && $this->user->data['user_id'] != $row['user_id'] && $row['user_id'] != '1' && ($row['user_allow_pm'] || $this->auth->acl_gets('a_', 'm_') || $this->auth->acl_getf_global('m_')) ? append_sid("{$this->phpbb_root_path}ucp.{$this->phpEx}", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 'MCHAT_MESSAGE_EDIT' => $message_edit, 'MCHAT_MESSAGE_ID' => $row['message_id'], 'MCHAT_USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USERNAME_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour'], $this->user->lang['GUEST']), 'MCHAT_USER_IP' => $row['user_ip'], 'MCHAT_U_WHOIS' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'whois', 'ip' => $row['user_ip'])), 'MCHAT_U_BAN' => append_sid("{$this->phpbb_root_path}adm/index.{$this->phpEx}", 'i=permissions&mode=setting_user_global&user_id[0]=' . $row['user_id'], true, $this->user->session_id), 'MCHAT_MESSAGE' => generate_text_for_display($message, $row['bbcode_uid'], $row['bbcode_bitfield'], $row['bbcode_options']), 'MCHAT_TIME' => $this->user->format_date($row['message_time'], $this->config_mchat['date']), 'MCHAT_CLASS' => $row['message_id'] % 2 ? 1 : 2)); } // Write no message if (empty($rows)) { $mchat_no_message = true; } // display custom bbcodes if ($mchat_allow_bbcode && $this->config['allow_bbcode']) { $this->functions_mchat->display_mchat_bbcodes(); } // Smile row if ($mchat_smilies) { if (!function_exists('generate_smilies')) { include $this->phpbb_root_path . 'includes/functions_posting.' . $this->phpEx; } generate_smilies('inline', 0); } // If the static message is defined in the language file use it, else just use the entry in the database if (isset($this->user->lang[strtoupper('static_message')]) || !empty($this->config_mchat['static_message'])) { $this->config_mchat['static_message'] = $this->config_mchat['static_message']; if (isset($this->user->lang[strtoupper('static_message')])) { $this->config_mchat['static_message'] = $this->user->lang[strtoupper('static_message')]; } } // If the static message is defined in the language file use it, else just use the entry in the database if (isset($this->user->lang[strtoupper('mchat_rules')]) || !empty($this->config_mchat['rules'])) { if (isset($this->user->lang[strtoupper('mchat_rules')])) { $this->config_mchat['rules'] = $this->user->lang[strtoupper('mchat_rules')]; } } // a list of users using the chat if ($mchat_custom_page) { $mchat_users = $this->functions_mchat->mchat_users($mchat_session_time, true); } else { $mchat_users = $this->functions_mchat->mchat_users($mchat_session_time); } $this->template->assign_vars(array('MCHAT_USERS_COUNT' => $mchat_users['mchat_users_count'], 'MCHAT_USERS_LIST' => $mchat_users['online_userlist'])); } break; } // show index stats if (!empty($this->config['mchat_stats_index']) && !empty($this->user->data['user_mchat_stats_index'])) { // stats display $mchat_session_time = !empty($this->config_mchat['timeout']) ? $this->config_mchat['timeout'] : $this->config['session_length']; $mchat_stats = $this->functions_mchat->mchat_users($mchat_session_time); $this->template->assign_vars(array('MCHAT_INDEX_STATS' => true, 'MCHAT_INDEX_USERS_COUNT' => $mchat_stats['mchat_users_count'], 'MCHAT_INDEX_USERS_LIST' => !empty($mchat_stats['online_userlist']) ? $mchat_stats['online_userlist'] : '', 'L_MCHAT_ONLINE_EXPLAIN' => $mchat_stats['refresh_message'])); } $copyright = base64_decode('PGEgaHJlZj0iaHR0cDovL3JtY2dpcnI4My5vcmciPlJNY0dpcnI4MzwvYT4gJmNvcHk7IDxhIGhyZWY9Imh0dHA6Ly93d3cuZG16eC13ZWIubmV0IiB0aXRsZT0id3d3LmRtengtd2ViLm5ldCI+ZG16eDwvYT4='); add_form_key('mchat_posting'); // Template function... $this->template->assign_vars(array('MCHAT_FILE_NAME' => $this->helper->route('dmzx_mchat_controller'), 'MCHAT_REFRESH_JS' => 1000 * $this->config_mchat['refresh'], 'MCHAT_ADD_MESSAGE' => $mchat_add_mess, 'MCHAT_READ_MODE' => $mchat_read_mode, 'MCHAT_ARCHIVE_MODE' => $mchat_archive_mode, 'MCHAT_INPUT_TYPE' => $this->user->data['user_mchat_input_area'], 'MCHAT_RULES' => $mchat_rules, 'MCHAT_ALLOW_SMILES' => $mchat_smilies, 'MCHAT_ALLOW_IP' => $mchat_ip, 'MCHAT_ALLOW_PM' => $mchat_pm, 'MCHAT_ALLOW_LIKE' => $mchat_like, 'MCHAT_ALLOW_QUOTE' => $mchat_quote, 'MCHAT_NOMESSAGE_MODE' => $mchat_no_message, 'MCHAT_ALLOW_BBCODES' => $mchat_allow_bbcode && $this->config['allow_bbcode'] ? true : false, 'MCHAT_MESSAGE_TOP' => $this->config['mchat_message_top'] ? true : false, 'MCHAT_ENABLE' => $this->config['mchat_enable'], 'MCHAT_ARCHIVE_URL' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'archive')), 'MCHAT_CUSTOM_PAGE' => $mchat_custom_page, 'MCHAT_INDEX_HEIGHT' => $this->config_mchat['index_height'], 'MCHAT_CUSTOM_HEIGHT' => $this->config_mchat['custom_height'], 'MCHAT_READ_ARCHIVE_BUTTON' => $mchat_read_archive, 'MCHAT_FOUNDER' => $mchat_founder, 'MCHAT_CLEAN_URL' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'clean', 'redirect' => $on_page)), 'MCHAT_STATIC_MESS' => !empty($this->config_mchat['static_message']) ? htmlspecialchars_decode($this->config_mchat['static_message']) : '', 'L_MCHAT_COPYRIGHT' => $copyright, 'MCHAT_WHOIS' => $this->config_mchat['whois'], 'MCHAT_MESSAGE_LNGTH' => $this->config_mchat['max_message_lngth'], 'L_MCHAT_MESSAGE_LNGTH_EXPLAIN' => intval($this->config_mchat['max_message_lngth']) ? sprintf($this->user->lang['MCHAT_MESSAGE_LNGTH_EXPLAIN'], intval($this->config_mchat['max_message_lngth'])) : '', 'MCHAT_MESS_LONG' => sprintf($this->user->lang['MCHAT_MESS_LONG'], $this->config_mchat['max_message_lngth']), 'MCHAT_USER_TIMEOUT' => $this->config_mchat['timeout'] ? 1000 * $this->config_mchat['timeout'] : false, 'MCHAT_WHOIS_REFRESH' => 1000 * $this->config_mchat['whois_refresh'], 'MCHAT_PAUSE_ON_INPUT' => $this->config_mchat['pause_on_input'] ? true : false, 'L_MCHAT_ONLINE_EXPLAIN' => $this->functions_mchat->mchat_session_time($mchat_session_time), 'MCHAT_REFRESH_YES' => sprintf($this->user->lang['MCHAT_REFRESH_YES'], $this->config_mchat['refresh']), 'L_MCHAT_WHOIS_REFRESH_EXPLAIN' => sprintf($this->user->lang['WHO_IS_REFRESH_EXPLAIN'], $this->config_mchat['whois_refresh']), 'S_MCHAT_AVATARS' => $mchat_avatars, 'S_MCHAT_LOCATION' => $this->config_mchat['location'], 'S_MCHAT_SOUND_YES' => $this->user->data['user_mchat_sound'], 'S_MCHAT_INDEX_STATS' => $this->user->data['user_mchat_stats_index'], 'U_MORE_SMILIES' => append_sid("{$this->phpbb_root_path}posting.{$this->phpEx}", 'mode=smilies'), 'U_MCHAT_RULES' => $this->helper->route('dmzx_mchat_controller', array('mode' => 'rules')), 'S_MCHAT_ON_INDEX' => $this->config['mchat_on_index'] && !empty($this->user->data['user_mchat_index']) ? true : false)); // Return for: \$this->helper->render(filename, lang_title); return array('filename' => 'mchat_body.html', 'lang_title' => $this->user->lang['MCHAT_TITLE']); }
/** * Collects stats that can be displayed on the index maintenance page */ function get_stats() { global $db, $config; if ($this->index_created()) { $sql = 'SELECT COUNT(post_id) as total_posts FROM ' . POSTS_TABLE; $result = $db->sql_query($sql); $this->stats['total_posts'] = (int) $db->sql_fetchfield('total_posts'); $db->sql_freeresult($result); $sql = 'SELECT COUNT(p.post_id) as main_posts FROM ' . POSTS_TABLE . ' p, ' . SPHINX_TABLE . ' m WHERE p.post_id <= m.max_doc_id AND m.counter_id = 1'; $result = $db->sql_query($sql); $this->stats['main_posts'] = (int) $db->sql_fetchfield('main_posts'); $db->sql_freeresult($result); } $this->stats['last_searches'] = ''; if ($config['fulltext_sphinx_autorun']) { if (file_exists($config['fulltext_sphinx_data_path'] . 'log/sphinx-query.log')) { $last_searches = explode("\n", utf8_htmlspecialchars(sphinx_read_last_lines($config['fulltext_sphinx_data_path'] . 'log/sphinx-query.log', 3))); foreach ($last_searches as $i => $search) { if (strpos($search, '[' . $this->indexes . ']') !== false) { $last_searches[$i] = str_replace('[' . $this->indexes . ']', '', $search); } else { $last_searches[$i] = ''; } } $this->stats['last_searches'] = implode("\n", $last_searches); } } }