static function run()
{
if (isset($_GET['site_url']) && isset($_GET['sitemap_url']) && CODOF\Access\CSRF::valid($_GET['CSRF_token'])) {
$sitemapObject = new Crawler($_GET['site_url']);
$sitemapPath = ABSPATH . 'sitemap.xml';
$sitemapFile = $sitemapObject->createSitemap($sitemapPath);
// session_write_close();
// ob_end_flush();
exit;
}
}
public static function run()
{
$smarty = \CODOF\Smarty\Single::get_instance(ABSPATH . 'admin/layout/');
$url = RURI;
$smarty->assign('home', str_replace('admin/', '', $url));
$smarty->assign('self', $_SERVER['PHP_SELF']);
$smarty->assign('token', CODOF\Access\CSRF::get_token());
if (isset($_GET['page']) && isset(codoForumAdmin::$action[$_GET['page']])) {
codoForumAdmin::show_layout(codoForumAdmin::$action[$_GET['page']]);
} else {
codoForumAdmin::show_layout('index');
}
}
public function edit_smiley()
{
$id = (int) $_REQUEST['id'];
if (isset($_POST['smiley_code']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$arr = array();
if (isset($_FILES['smiley_image'])) {
$image = $_FILES['smiley_image'];
if (!\CODOF\File\Upload::valid($image) or !\CODOF\File\Upload::not_empty($image) or !\CODOF\File\Upload::type($image, array('jpg', 'jpeg', 'png', 'gif', 'pjpeg', 'bmp'))) {
$this->smarty->assign('err', 1);
$this->smarty->assign('msg', "Error While saving the image.");
} else {
$file_info = \CODOF\File\Upload::save($image, NULL, DATA_PATH . 'assets/img/smileys', 0777);
$arr["image_name"] = $file_info["name"];
}
}
$arr['symbol'] = $this->clean_lines($_POST['smiley_code']);
$arr['weight'] = $_POST['weight'];
DB::table(PREFIX . "codo_smileys")->where("id", $id)->update($arr);
$this->smarty->assign('msg', "Smiley saved successfully.");
}
$smiley = DB::table(PREFIX . "codo_smileys")->where("id", $id)->first();
$smiley['image_name'] = A_DURI . 'assets/img/smileys/' . $smiley['image_name'];
$this->smarty->assign('smiley', $smiley);
}
<?php
$smarty = \CODOF\Smarty\Single::get_instance();
$db = \DB::getPDO();
$qry = "SELECT rid,rname FROM codo_roles";
$res = $db->query($qry);
if ($res) {
$roles = $res->fetchAll();
}
if (isset($_POST['subject']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$subject = html_entity_decode($_POST['subject'], ENT_NOQUOTES, "UTF-8");
$body = html_entity_decode($_POST['body'], ENT_NOQUOTES, "UTF-8");
$condition = "";
/* if (strpos($body, '[username]') !== FALSE ||
strpos($body, '[userid]')) {
*/
$users = \DB::table(PREFIX . 'codo_users')->select('id', 'name', 'mail');
if (isset($_POST['roles'])) {
$users = $users->join(PREFIX . 'codo_user_roles', 'uid', '=', 'id')->whereIn('rid', $_POST['roles']);
}
$users = $users->get();
foreach ($users as $user) {
$_body = str_replace('[username]', $user['name'], $body);
$__body = str_replace('[userid]', $user['id'], $_body);
$mails[] = array("to_address" => $user['mail'], "mail_subject" => $subject, "body" => $__body);
}
\DB::table(PREFIX . 'codo_mail_queue')->insert($mails);
/* } else {
if (isset($_POST['roles'])) {
<?php
/*
* @CODOLICENSE
*/
$smarty = \CODOF\Smarty\Single::get_instance();
$db = \DB::getPDO();
$query = "SELECT * FROM " . PREFIX . "codo_config";
if (isset($_POST['sso_secret']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$cfgs = array();
foreach ($_POST as $key => $value) {
$query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key";
$ps = $db->prepare($query);
$ps->execute(array(':key' => $key, ':value' => $value));
//echo $query."<br>\n";
}
}
CODOF\Util::get_config($db);
$content = $smarty->fetch('sso.tpl');
<?php
/*
* @CODOLICENSE
*/
$smarty = \CODOF\Smarty\Single::get_instance();
$db = \DB::getPDO();
if (isset($_GET['import']) && CODOF\Access\CSRF::valid($_GET['CSRF_token'])) {
$_DB = array('driver' => 'mysql', 'host' => $_GET['db_host'], 'database' => $_GET['db_name'], 'username' => $_GET['db_user'], 'password' => $_GET['db_pass'], 'charset' => 'utf8', 'collation' => 'utf8_unicode_ci', 'prefix' => $_GET['tbl_prefix']);
$work = new \CODOF\Importer\ImportWorker($_DB, $_GET['import_from']);
$work->max_rows = (int) $_GET['max_rows'];
$work->import_admin_mail = $_GET['admin_mail'];
$work->connect_db();
$is_admin = $work->isset_admin_account();
if ($work->connected && $is_admin) {
$total = 0;
$time = microtime(true);
$work->empty_tables('categories');
$work->import_cats();
echo "Categories imported in : ";
$diff = microtime(true) - $time;
echo $diff;
$total += $diff;
$time = microtime(true);
$work->empty_tables('users');
$work->import_users();
echo "<br/>users imported in : ";
$diff = microtime(true) - $time;
echo $diff;
$total += $diff;
$time = microtime(true);
<?php
/*
* @CODOLICENSE
*/
$smarty = \CODOF\Smarty\Single::get_instance();
$db = \DB::getPDO();
define('HOUR', 3600);
define('DAY', HOUR * 24);
define('MONTH', DAY * 30);
$smarty->assign('msg', '');
$query = "SELECT * FROM " . PREFIX . "codo_config";
if (isset($_GET['t'])) {
$smarty->assign('msg', 'The user has been banned successfully');
}
if (isset($_POST['ban_uid']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$uid = $_POST['ban_uid'];
$type = $_POST['ban_type'];
$user = CODOF\User\User::get();
$by = $user->username;
$on = time();
$reason = $_POST['ban_reason'];
$mul = array("hour" => HOUR, "day" => DAY, "month" => MONTH, "forever" => 0);
$seconds = floor((int) $_POST['ban_expires'] * $mul[$_POST['ban_expires_type']]);
if ($seconds == 0) {
$till = 0;
} else {
$till = time() + (int) $seconds;
}
$values = array("uid" => $uid, "ban_type" => $type, "ban_by" => $by, "ban_on" => $on, "ban_reason" => $reason, "ban_expires" => $till);
$ban = new CODOF\User\Ban($db);
<?php
/*
* @CODOLICENSE
*/
$smarty = \CODOF\Smarty\Single::get_instance();
$db = \DB::getPDO();
if (isset($_POST['await_approval_subject']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$cfgs = array();
foreach ($_POST as $key => $value) {
$query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key";
$ps = $db->prepare($query);
$ps->execute(array(':key' => $key, ':value' => $value));
//echo $query."<br>\n";
}
}
CODOF\Util::get_config($db);
$content = $smarty->fetch('mail/templates.tpl');
$reg->username = $_POST['a_username'];
$reg->name = $_POST['a_username'];
$reg->mail = $_POST['a_email'];
$reg->password = $_POST['a_password'];
$reg->user_status = 1;
$errors = $reg->register_user();
$msg = implode('<br>', $errors);
}
//$msg = $errors[0];
$err = 1;
$smarty->assign("msg", $msg);
}
}
}
//DELETE
if (isset($_POST['delete_type']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$msg = "";
$user = CODOF\User\User::get((int) $_POST['delete_id']);
if ($user == false) {
$_POST['delete_type'] = 'error';
$msg .= "User does not exist.<br>";
} else {
if ($user->hasRoleId(ROLE_ADMIN) || $user->mail == 'anonymous@localhost') {
$_POST['delete_type'] = 'error';
$msg .= "User with admin role/anonynous user cannot be deleted.";
}
}
$smarty->assign('msg', $msg);
if ($_POST['delete_type'] == 'ban_and_keep') {
$user->banAccount();
} else {
{
DB::table(PREFIX . 'codo_roles')->where('rid', '=', $id)->delete();
DB::table(PREFIX . 'codo_user_roles')->where('rid', '=', $id)->delete();
DB::table(PREFIX . 'codo_permissions')->where('rid', '=', $id)->delete();
DB::table(PREFIX . 'codo_block_roles')->where('rid', '=', $id)->delete();
}
}
//NEW
if (isset($_POST['role_name']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$manager = new CODOF\Permission\Manager();
$rid = $manager->addRole($_POST['role_name']);
$fromRid = $_POST['copy_from_role_id'];
$manager->copyRole($fromRid, $rid);
$smarty->assign('msg', "Role added successfully.");
}
$smarty->assign('msgType', 'info');
//Delete
if (isset($_POST['del_role_id']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$rid = (int) $_POST['del_role_id'];
$systemRoles = array(ROLE_ADMIN, ROLE_BANNED, ROLE_GUEST, ROLE_MODERATOR, ROLE_UNVERIFIED, ROLE_USER);
if (!in_array($rid, $systemRoles)) {
role::delete_role($_POST['del_role_id']);
$smarty->assign('msg', "Role deleted successfully.");
} else {
$smarty->assign('msg', "System defined roles cannot be deleted.");
$smarty->assign('msgType', 'danger');
}
}
$roles = DB::table(PREFIX . 'codo_roles')->get();
$smarty->assign('roles', $roles);
$content = $smarty->fetch('permission/roles.tpl');
static function run()
{
if (isset($_GET['upgrade']) && CODOF\Access\CSRF::valid($_GET['CSRF_token'])) {
require ABSPATH . 'admin/modules/system/Curl.php';
if (isset($_GET['checklatest'])) {
upgrader::check_latest();
} else {
if (isset($_GET['download'])) {
upgrader::download();
} else {
if (isset($_GET['file_upgrade'])) {
upgrader::file_upgrade();
} else {
if (isset($_GET['direct_upgrade'])) {
echo 'started DU';
upgrader::direct_upgrade();
} else {
if (isset($_GET['ftp_step'])) {
upgrader::ftp_step();
}
}
}
}
}
session_write_close();
ob_end_flush();
exit;
}
}
<?php
$smarty = \CODOF\Smarty\Single::get_instance();
$db = \DB::getPDO();
$query = "SELECT * FROM " . PREFIX . "codo_config";
if (isset($_POST['max_rep_per_day']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
if (!isset($_POST['enable_reputation'])) {
$_POST['enable_reputation'] = 'off';
}
foreach ($_POST as $key => $value) {
if ($key == 'enable_reputation') {
$value = "on" == $value ? "yes" : "no";
}
$query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key";
$ps = $db->prepare($query);
$ps->execute(array(':key' => $key, ':value' => htmlentities($value, ENT_QUOTES, 'UTF-8')));
}
}
CODOF\Util::get_config($db);
$content = $smarty->fetch('reputation/settings.tpl');
<?php
/*
* @CODOLICENSE
*/
$smarty = \CODOF\Smarty\Single::get_instance();
$db = \DB::getPDO();
$query = "SELECT * FROM " . PREFIX . "codo_config";
if (isset($_POST['site_title']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$cfgs = array();
foreach ($_POST as $key => $value) {
if ($key == 'reg_req_admin') {
$value = "on" == $value ? "yes" : "no";
}
$query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key";
$ps = $db->prepare($query);
$ps->execute(array(':key' => $key, ':value' => htmlentities($value, ENT_QUOTES, 'UTF-8')));
//echo $query."<br>\n";
}
}
CODOF\Util::get_config($db);
$content = $smarty->fetch('config.tpl');
$info['admin'] = false;
if (is_file($dir->getPathname() . "/admin/" . $dir->getFilename() . ".admin.php")) {
$info['admin'] = true;
}
require $info_file_path;
$plugins[] = $info;
//var_dump($info);
}
}
return $plugins;
}
}
$plg = new Backend_plugins();
//$plg->get_plugins_fs();
//$plg->get_plugins_db();
if (isset($_POST['action']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
if ($_POST['action'] == 'install') {
$plg->install_plugin($_POST['plugin']);
//$plg->enable_plugin($_POST['plugin']);
} else {
if ($_POST['action'] == 'upgrade') {
$plg->upgrade_plugin($_POST['plugin']);
} else {
if ($_POST['action'] == 'enable') {
$plg->enable_plugin($_POST['plugin']);
} else {
if ($_POST['action'] == 'disable') {
$plg->disable_plugin($_POST['plugin']);
} else {
}
}
$i = 0;
if (isset($_POST['roles'])) {
foreach ($_POST['roles'] as $role) {
$roles[$i]['pid'] = $id;
$roles[$i]['rid'] = $role;
$i++;
}
}
//var_dump($roles);
if (count($roles) > 0) {
DB::table(PREFIX . "codo_page_roles")->insert($roles);
}
header("Location: index.php?page=pages/pages&action=editpage&id={$id}");
exit;
}
} elseif ($_GET['action'] == 'delete' && CODOF\Access\CSRF::valid($_GET['CSRF_token'])) {
$id = $_GET['id'];
DB::table(PREFIX . "codo_page_roles")->where('pid', '=', $id)->delete();
DB::table(PREFIX . "codo_pages")->where('id', '=', $id)->delete();
header("Location: index.php?page=pages/pages");
} else {
if ($_GET['action'] == 'editpage') {
$id = (int) $_GET['id'];
$current_page = DB::table(PREFIX . "codo_pages")->where('id', $id)->first();
//var_dump($current_block);
$smarty->assign('current_page', $current_page);
$smarty->assign('mode', 'edit');
$smarty->assign('pid', $id);
$roles = $B->get_roles($id);
$nroles = array();
foreach ($roles as $role) {
<?php
$smarty = \CODOF\Smarty\Single::get_instance();
$db = \DB::getPDO();
if (isset($_POST['captcha_public_key']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
if (!isset($_POST['captcha'])) {
$_POST['captcha'] = 'no';
}
foreach ($_POST as $key => $value) {
if ($key == 'captcha') {
$value = "on" == $value ? "enabled" : "disabled";
}
$query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key";
$ps = $db->prepare($query);
$ps->execute(array(':key' => $key, ':value' => htmlentities($value, ENT_QUOTES, 'UTF-8')));
}
}
CODOF\Util::get_config($db);
$content = $smarty->fetch('spam/recaptcha.tpl');
}
function linearize($arr, &$buff, &$i, $p_id)
{
foreach ($arr as $ray) {
$buff[$i] = array('cat_id' => $ray->id, 'cat_pid' => $p_id, 'cat_order' => $i);
$i++;
if (isset($ray->children)) {
linearize($ray->children, $buff, $i, $ray->id);
}
}
}
$smarty = \CODOF\Smarty\Single::get_instance();
$smarty->assign('msg', '');
$smarty->assign('err', 0);
if (isset($_POST['mode'])) {
if ($_POST['mode'] == 'new' && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$qry = 'INSERT INTO ' . PREFIX . 'codo_categories' . '(cat_pid,cat_name,cat_alias,cat_description,cat_img,no_topics,no_posts,cat_order)' . 'VALUES(:cat_pid,:cat_name,:cat_alias,:cat_description,:cat_img,:no_topics,:no_posts,:cat_order)';
$stmt = $db->prepare($qry);
$arr[":cat_pid"] = 0;
$arr[":cat_name"] = $_POST['cat_name'];
$arr[":cat_alias"] = CODOF\Filter::URL_safe($_POST['cat_name']);
//
$arr[":cat_img"] = 1;
//$_POST['cat_img']; //
$arr[":cat_description"] = $_POST['cat_description'];
$arr[":no_topics"] = 0;
$arr[":no_posts"] = 0;
$arr[":cat_order"] = 0;
//$stmt->execute($arr);
$image = $_FILES['cat_img'];
if (!\CODOF\File\Upload::valid($image) or !\CODOF\File\Upload::not_empty($image) or !\CODOF\File\Upload::type($image, array('jpg', 'jpeg', 'png', 'gif', 'pjpeg', 'bmp', 'svg'))) {
