/**
* Smarty function to wrap Zikula_Form_View generated form controls with suitable form tags.
*
* @param array $params Parameters passed in the block tag.
* @param string $content Content of the block.
* @param Zikula_Form_View $view Reference to Zikula_Form_View object.
*
* @return string The rendered output.
*/
function smarty_block_form($params, $content, $view)
{
if ($content) {
PageUtil::AddVar('stylesheet', 'system/ThemeModule/Resources/public/css/form/style.css');
$action = htmlspecialchars(System::getCurrentUri());
$classString = '';
$roleString = '';
if (isset($params['cssClass'])) {
$classString = "class=\"{$params['cssClass']}\" ";
}
if (isset($params['role'])) {
$roleString = "role=\"{$params['role']}\" ";
}
$enctype = array_key_exists('enctype', $params) ? $params['enctype'] : null;
// if enctype is not set directly, check whenever upload plugins were used;
// if so - set proper enctype for file upload
if (is_null($enctype)) {
$uploadPlugins = array_filter($view->plugins, function ($plugin) {
return $plugin instanceof Zikula_Form_Plugin_UploadInput;
});
if (!empty($uploadPlugins)) {
$enctype = 'multipart/form-data';
}
}
$encodingHtml = !is_null($enctype) ? " enctype=\"{$enctype}\"" : '';
$onSubmit = isset($params['onsubmit']) ? " onSubmit=\"{$params['onsubmit']}\"" : '';
$view->postRender();
$formId = $view->getFormId();
$out = "\n<form id=\"{$formId}\" {$roleString}{$classString}action=\"{$action}\" method=\"post\"{$encodingHtml}{$onSubmit}>\n {$content}\n <div>\n {$view->getStateHTML()}\n {$view->getStateDataHTML()}\n {$view->getIncludesHTML()}\n {$view->getCsrfTokenHtml()}\n <input type=\"hidden\" name=\"__formid\" id=\"form__id\" value=\"{$formId}\" />\n <input type=\"hidden\" name=\"FormEventTarget\" id=\"FormEventTarget\" value=\"\" />\n <input type=\"hidden\" name=\"FormEventArgument\" id=\"FormEventArgument\" value=\"\" />\n <script type=\"text/javascript\">\n <!--\n function FormDoPostBack(eventTarget, eventArgument)\n {\n var f = document.getElementById('{$formId}');\n if (!f.onsubmit || f.onsubmit()) {\n f.FormEventTarget.value = eventTarget;\n f.FormEventArgument.value = eventArgument;\n f.submit();\n }\n }\n // -->\n </script>\n </div>\n</form>\n";
return $out;
}
}
/**
* Smarty function to wrap MUBoard_Form_View generated form controls with suitable form tags.
*
* @param array $params Parameters passed in the block tag.
* @param string $content Content of the block.
* @param Zikula_Form_View $view Reference to Zikula_Form_View object.
*
* @return string The rendered output.
*/
function smarty_block_muboardform($params, $content, $view)
{
if ($content) {
PageUtil::addVar('stylesheet', 'system/Theme/style/form/style.css');
$encodingHtml = array_key_exists('enctype', $params) ? " enctype=\"{$params['enctype']}\"" : '';
$action = htmlspecialchars(System::getCurrentUri());
$classString = '';
if (isset($params['cssClass'])) {
$classString = "class=\"{$params['cssClass']}\" ";
}
$request = new Zikula_Request_Http();
$id = $request->getGet()->filter('id', 0, FILTER_SANITIZE_NUMBER_INT);
$forumid = $request->getGet()->filter('forum', 0, FILTER_SANITIZE_NUMBER_INT);
// we check if the entrypoint is part of the url
$stripentrypoint = ModUtil::getVar('ZConfig', 'shorturlsstripentrypoint');
// get url name
$tables = DBUtil::getTables();
$modcolumn = $tables['modules_column'];
$module = 'MUBoard';
$where = "{$modcolumn['name']} = '" . DataUtil::formatForStore($module) . "'";
$module = DBUtil::selectObject('modules', $where);
$urlname = $module['url'];
if (ModUtil::getVar('ZConfig', 'shorturls') == 0) {
if (strpos($action, "func=display") !== false) {
$action = 'index.php?module=' . $urlname . '&type=user&func=edit&ot=posting&answer=1';
}
if (strpos($action, "func=edit&ot=posting") !== false && $forumid > 0) {
$action = 'index.php?module=' . $urlname . '&type=user&func=edit&ot=posting&forum' . $forumid;
}
} else {
if (strpos($action, $urlname . "/posting/id.") !== false) {
if ($stripentrypoint == 1) {
$action = $urlname . '/edit/ot/posting/answer/1';
} elseif ($stripentrypoint == 0) {
$action = 'index.php/' . $urlname . '/edit/ot/posting/answer/1';
}
}
if (strpos($action, "edit/ot/posting/forum/") !== false && $forumid > 0) {
if ($stripentrypoint == 1) {
$action = $urlname . '/edit/ot/posting/forum/' . $forumid;
} elseif ($stripentrypoint == 0) {
$action = 'index.php/' . $urlname . '/edit/ot/posting/forum/' . $forumid;
}
}
}
$view->postRender();
$formId = $view->getFormId();
$out = "\n <form id=\"{$formId}\" {$classString}action=\"{$action}\" method=\"post\"{$encodingHtml}>\n {$content}\n <div>\n {$view->getStateHTML()}\n {$view->getStateDataHTML()}\n {$view->getIncludesHTML()}\n {$view->getCsrfTokenHtml()}\n <input type=\"hidden\" name=\"__formid\" id=\"form__id\" value=\"{$formId}\" />\n <input type=\"hidden\" name=\"FormEventTarget\" id=\"FormEventTarget\" value=\"\" />\n <input type=\"hidden\" name=\"FormEventArgument\" id=\"FormEventArgument\" value=\"\" />\n <script type=\"text/javascript\">\n <!--\n function FormDoPostBack(eventTarget, eventArgument)\n {\n var f = document.getElementById('{$formId}');\n if (!f.onsubmit || f.onsubmit())\n {\n f.FormEventTarget.value = eventTarget;\n f.FormEventArgument.value = eventArgument;\n f.submit();\n }\n }\n // -->\n </script>\n </div>\n </form>\n ";
return $out;
}
}
/**
* Zikula_View function to obtain current URI
*
* This function obtains the current request URI.
* Unlike the API function getcurrenturi, the results of this function are already
* sanitized to display, so it should not be passed to the safetext modifier.
*
* Available parameters:
* - assign: If set, the results are assigned to the corresponding variable instead of printed out
* - and any additional ones to override for the current request
*
* Example
* {getcurrenturi}
* {getcurrenturi lang='de'}
*
* @param array $params All attributes passed to this function from the template.
* @param Zikula_View $view Reference to the Zikula_View object.
*
* @return string The current URI.
*/
function smarty_function_getcurrenturi($params, Zikula_View $view)
{
$assign = null;
if (isset($params['assign'])) {
$assign = $params['assign'];
unset($params['assign']);
}
$result = htmlspecialchars(System::getCurrentUri($params));
if ($assign) {
$view->assign($assign, $result);
} else {
return $result;
}
}
/**
* Zikula_View function call hooks
*
* This function calls a specific module function. It returns whatever the return
* value of the resultant function is if it succeeds.
* Note that in contrast to the API function modcallhooks you need not to load the
* module with ModUtil::load.
*
*
* Available parameters:
* - 'hookobject' the object the hook is called for - either 'item' or 'category'
* - 'hookaction' the action the hook is called for - one of 'create', 'delete', 'transform', or 'display'
* - 'hookid' the id of the object the hook is called for (module-specific)
* - 'implode' Implode collapses all display hooks into a single string.
* - 'assign' If set, the results are assigned to the corresponding variable instead of printed out
* - all remaining parameters are passed to the ModUtil::callHooks API via the extrainfo array
*
* Example
* {modcallhooks hookobject='item' hookaction='modify' hookid=$tid $modname='ThisModule' $objectid=$tid}
*
* @param array $params All attributes passed to this function from the template.
* @param Zikula_View $view Reference to the Zikula_View object.
*
* @see function.modcallhooks.php::smarty_function_modcallhooks()
*
* @return string The results of the module function.
*/
function smarty_function_modcallhooks($params, $view)
{
LogUtil::log(__f('Warning! Template plugin {%1$s} is deprecated, please use {%2$s} instead.', array('modcallhooks', 'notifydisplayhooks')), E_USER_DEPRECATED);
$assign = isset($params['assign']) ? $params['assign'] : null;
$hookid = isset($params['hookid']) ? $params['hookid'] : '';
$hookaction = isset($params['hookaction']) ? $params['hookaction'] : null;
$hookobject = isset($params['hookobject']) ? $params['hookobject'] : null;
$implode = isset($params['implode']) ? (bool)$params['implode'] : true;
// avoid sending these to ModUtil::callHooks
unset($params['hookobject']);
unset($params['hookaction']);
unset($params['hookid']);
unset($params['assign']);
unset($params['implode']);
if (!$hookobject) {
$view->trigger_error(__f('Error! in %1$s: the %2$s parameter must be specified.', array('modcallhooks', 'hookobject')));
return false;
}
if (!$hookaction) {
$view->trigger_error(__f('Error! in %1$s: the %2$s parameter must be specified.', array('modcallhooks', 'hookaction')));
return false;
}
if (!$hookid) {
$hookid = '';
}
// create returnurl if not supplied (= this page)
if (!isset($params['returnurl']) || empty($params['returnurl'])) {
$params['returnurl'] = str_replace('&', '&', 'http://' . System::getHost() . System::getCurrentUri());
}
// if the implode flag is true then we must always assign the result to a template variable
// outputing the erray is no use....
if (!$implode) {
$assign = 'hooks';
}
$result = ModUtil::callHooks($hookobject, $hookaction, $hookid, $params, $implode);
if ($assign) {
$view->assign($assign, $result);
} else {
return $result;
}
}
/**
* Display an error
* This function displays a generic error form
* The template used is based on the error type passed
*
* @param string $args['type'] error type '404' or 'module'
* @param string $args['message'] custom error message
*
* @return string HTML string
*/
public function main($args)
{
$type = FormUtil::getPassedValue('errtype', isset($args['type']) ? $args['type'] : LogUtil::getErrorType(), 'GET');
$exception = isset($args['exception']) ? $args['exception'] : null;
$message = isset($args['message']) ? $args['message'] : '';
// perform any error specific tasks
$protocol = System::serverGetVar('SERVER_PROTOCOL');
switch ($type) {
case 301:
header("{$protocol} 301 Moved Permanently");
break;
case 403:
header("{$protocol} 403 Access Denied");
break;
case 404:
header("{$protocol} 404 Not Found");
break;
case 500:
header("{$protocol} 500 Internal Server Error");
default:
}
// load the stylesheet
PageUtil::addVar('stylesheet', 'system/Errors/style/style.css');
$this->view->setCaching(Zikula_View::CACHE_DISABLED);
// assign the document info
$this->view->assign('reportlevel', System::getVar('reportlevel'))->assign('currenturi', System::getCurrentUri())->assign('localreferer', System::localReferer())->assign('sitename', System::getVar('sitename'))->assign('reportlevel', System::getVar('reportlevel'))->assign('funtext', System::getVar('funtext'));
$messages = LogUtil::getErrorMessages();
// show the detailed error message for admins only
if (System::isDevelopmentMode() || SecurityUtil::checkPermission('::', '::', ACCESS_ADMIN)) {
$message ? $messages[] = $message : null;
}
$trace = array();
if (System::isDevelopmentMode() && $exception instanceof Exception) {
$line = $exception->getLine();
$file = $exception->getFile();
$trace = array(0 => '#0 ' . $this->__f('Exception thrown in %1$s, line %2$s.', array($file, $line)));
$trace += explode("\n", $exception->getTraceAsString());
}
// assign the list of registered errors
// and the trace (if development mode is enabled)
$this->view->assign('messages', $messages)->assign('trace', $trace);
// return the template output
if ($this->view->template_exists($template = "errors_user_{$type}.tpl")) {
return $this->view->fetch($template);
} else {
return $this->view->fetch('errors_user_main.tpl');
}
}
/**
* Smarty function to wrap Zikula_Form_View generated form controls with suitable form tags.
*
* @param array $params Parameters passed in the block tag.
* @param string $content Content of the block.
* @param Zikula_Form_View $view Reference to Zikula_Form_View object.
*
* @return string The rendered output.
*/
function smarty_block_form($params, $content, $view)
{
if ($content) {
PageUtil::addVar('stylesheet', 'system/Theme/style/form/style.css');
$encodingHtml = array_key_exists('enctype', $params) ? " enctype=\"{$params['enctype']}\"" : '';
$action = htmlspecialchars(System::getCurrentUri());
$classString = '';
if (isset($params['cssClass'])) {
$classString = "class=\"{$params['cssClass']}\" ";
}
$view->postRender();
$formId = $view->getFormId();
$out = "\n<form id=\"{$formId}\" {$classString}action=\"{$action}\" method=\"post\"{$encodingHtml}>\n {$content}\n <div>\n {$view->getStateHTML()}\n {$view->getStateDataHTML()}\n {$view->getIncludesHTML()}\n {$view->getCsrfTokenHtml()}\n <input type=\"hidden\" name=\"__formid\" id=\"form__id\" value=\"{$formId}\" />\n <input type=\"hidden\" name=\"FormEventTarget\" id=\"FormEventTarget\" value=\"\" />\n <input type=\"hidden\" name=\"FormEventArgument\" id=\"FormEventArgument\" value=\"\" />\n <script type=\"text/javascript\">\n <!--\n function FormDoPostBack(eventTarget, eventArgument)\n {\n var f = document.getElementById('{$formId}');\n if (!f.onsubmit || f.onsubmit())\n {\n f.FormEventTarget.value = eventTarget;\n f.FormEventArgument.value = eventArgument;\n f.submit();\n }\n }\n // -->\n </script>\n </div>\n</form>\n";
return $out;
}
}
public function renderFormTag($params, $content, \Zikula_View $view)
{
if ($content) {
if (isset($params['attr']['class'])) {
$params['attr']['class'] .= ' z-form';
} else {
$params['attr']['class'] = 'z-form';
}
$html = '<form action="' . htmlspecialchars(\System::getCurrentUri()) . '" method="post" ' . $this->renderEnctype(array('form' => $params['form']));
foreach ($params['attr'] as $k => $v) {
$html .= ' ' . $k . '="' . $v . '"';
}
$html .= '>' . $content . '</form>';
return $html;
}
}
/**
* Zikula_View function to get current URI/URL to change language, handling in proper way short URLs
*
* This function obtains the current request URI and returns URI/URL with parameter to change language.
* The results of this function are already sanitized to display, so it should not be passed to the safetext modifier.
*
* Available parameters:
* - assign: If set, the results are assigned to the corresponding variable instead of printed out
* - lang: Language code to change to
* - fqurl: Fully Qualified URL. True to get full URL, otherwise return URI
*
* Example
* {langchange lang='de'}
*
* @param array $params All attributes passed to this function from the template.
* @param Zikula_View $view Reference to the Zikula_View object.
*
* @return string The changed current URI.
*/
function smarty_function_langchange($params, Zikula_View $view)
{
$assign = null;
if (isset($params['assign'])) {
$assign = $params['assign'];
unset($params['assign']);
}
$lang = null;
if (isset($params['lang'])) {
$lang = $params['lang'];
}
$fqurl = false;
if (isset($params['fqurl'])) {
$fqurl = $params['fqurl'];
unset($params['fqurl']);
}
// Handling short URL's similar to Language selector block
$shorturls = System::getVar('shorturls', false);
if (isset($lang) && $shorturls) {
$module = FormUtil::getPassedValue('module', null, 'GET', FILTER_SANITIZE_STRING);
$type = FormUtil::getPassedValue('type', null, 'GET', FILTER_SANITIZE_STRING);
$func = FormUtil::getPassedValue('func', null, 'GET', FILTER_SANITIZE_STRING);
if (isset($module) && isset($type) && isset($func)) {
// build URL based on module URL
$result = ModUtil::url($module, $type, $func, $_GET, null, null, $fqurl, false, $lang);
} else {
// to homepage with language set in terms of short url's
if ($fqurl) {
$result = System::getVar('entrypoint', 'index.php') . "?lang=" . $lang;
} else {
$result = $lang;
}
}
} else {
if ($fqurl) {
$result = htmlspecialchars(System::getCurrentUrl($params));
} else {
$result = htmlspecialchars(System::getCurrentUri($params));
}
}
if ($assign) {
$view->assign($assign, $result);
} else {
return $result;
}
}
/**
* Zikula_View function to display the login box
*
* Example
* {userlogin size=14 maxlength=25 maxlengthpass=20}
*
* Parameters:
* size Size of text boxes (default=14)
* maxlength Maximum length of text box for unamees (default=25)
* maxlengthpass Maximum length of text box for password (default=20)
* class Name of class assigned to the login form
* value The default value of the username input box
* js Use javascript to automatically clear the default value (defaults to true)
*
* @param array $params All attributes passed to this function from the template.
* @param Zikula_View $view Reference to the Zikula_View object.
*
* @see function.userlogin.php::smarty_function_userlogin()
*
* @return string The welcome message.
*/
function smarty_function_userlogin($params, Zikula_View $view)
{
$assign = isset($params['assign']) ? $params['assign'] : false;
if (!UserUtil::isLoggedIn()) {
// set some defaults
$size = isset($params['size']) ? $params['size'] : 14;
$maxlength = isset($params['maxlength']) ? $params['maxlength'] : 25;
$maxlengthpass = isset($params['maxlenthpass']) ? $params['maxlenthpass'] : 20;
$class = isset($params['class']) ? ' class="' . $params['class'] . '"' : '';
if (ModUtil::getVar(Users_Constant::MODNAME, Users_Constant::MODVAR_LOGIN_METHOD, Users_Constant::LOGIN_METHOD_UNAME) == Users_Constant::LOGIN_METHOD_EMAIL) {
$value = isset($params['value']) ? DataUtil::formatForDisplay($params['value']) : __('E-mail address');
$userNameLabel = __('E-mail address');
$methodName = 'email';
} else {
$value = isset($params['value']) ? DataUtil::formatForDisplay($params['value']) : __('User name');
$userNameLabel = __('User name');
$methodName = 'uname';
}
if (!isset($params['js']) || $params['js']) {
$js = ' onblur="if (this.value==\'\')this.value=\'' . $value . '\';" onfocus="if (this.value==\'' . $value . '\')this.value=\'\';"';
} else {
$js = '';
}
// determine the current url so we can return the user to the correct place after login
$returnurl = System::getCurrentUri();
$csrftoken = SecurityUtil::generateCsrfToken();
$loginbox = '<form' . $class . ' style="display:inline" action="' . DataUtil::formatForDisplay(ModUtil::url('Users', 'user', 'login')) . '" method="post"><div>' . "\n" . '<input type="hidden" name="csrftoken" value="' . $csrftoken . '" />' . "\n" . '<input type="hidden" name="authentication_method[modname]" value="Users" />' . "\n" . '<input type="hidden" name="authentication_method[method]" value="' . $methodName . '" />' . "\n" . '<label for="userlogin_plugin_uname">' . $userNameLabel . '</label> ' . "\n" . '<input type="text" name="authentication_info[login_id]" id="userlogin_plugin_uname" size="' . $size . '" maxlength="' . $maxlength . '" value="' . $value . '"' . $js . ' />' . "\n" . '<label for="userlogin_plugin_pass">' . __('Password') . '</label> ' . "\n" . '<input type="password" name="authentication_info[pass]" id="userlogin_plugin_pass" size="' . $size . '" maxlength="' . $maxlengthpass . '" />' . "\n";
if (System::getVar('seclevel') != 'high') {
$loginbox .= '<input type="checkbox" value="1" name="rememberme" id="userlogin_plugin_rememberme" />' . "\n" . '<label for="userlogin_plugin_rememberme">' . __('Remember me') . '</label> ' . "\n";
}
$loginbox .= '<input type="hidden" name="returnurl" value="' . DataUtil::formatForDisplay($returnurl) . '" />' . "\n" . '<input type="submit" value="' . __('Log in') . '" />' . "\n" . '</div></form>' . "\n";
} else {
$loginbox = '';
}
if ($assign) {
$view->assign($assign, $loginbox);
} else {
return $loginbox;
}
}
/**
* Assign template vars for base theme paths and other useful variables.
*
* @return void
*/
private function _base_vars()
{
// identify the page type
$this->pagetype = 'module';
if (stristr(System::serverGetVar('PHP_SELF'), 'admin.php') || strtolower($this->type) == 'admin') {
$this->pagetype = 'admin';
} else {
$module = FormUtil::getPassedValue('module', null, 'GETPOST', FILTER_SANITIZE_STRING);
if (empty($module)) {
$this->pagetype = 'home';
}
}
// set some basic class variables from Zikula
$this->isloggedin = UserUtil::isLoggedIn();
$this->uid = UserUtil::getVar('uid');
// assign the query string
$this->qstring = System::serverGetVar('QUERY_STRING', '');
// assign the current script
$this->requesturi = System::getCurrentUri();
// define the cache_id if not set yet
if ($this->caching && !$this->cache_id) {
// module / type / function / customargs|homepage/startpageargs / uid_X|guest
$this->cache_id = $this->toplevelmodule . '/' . $this->type . '/' . $this->func . (!$this->homepage ? $this->_get_customargs() : '/homepage/' . str_replace(',', '/', System::getVar('startargs'))) . '/' . UserUtil::getUidCacheString();
}
// assign some basic paths for the engine
$this->template_dir = $this->themepath . '/templates';
// default directory for templates
$this->themepath = 'themes/' . $this->directory;
$theme = ThemeUtil::getTheme($this->name);
if (null === $theme) {
$this->imagepath = $this->themepath . '/images';
$this->imagelangpath = $this->themepath . '/images/' . $this->language;
$this->stylepath = $this->themepath . '/style';
$this->scriptpath = $this->themepath . '/javascript';
} else {
$this->imagepath = $this->themepath . '/Resources/public/images';
$this->imagelangpath = $this->themepath . '/Resources/public/images/' . $this->language;
$this->stylepath = $this->themepath . '/Resources/public/css';
$this->scriptpath = $this->themepath . '/Resources/public/js';
}
// make the base vars available to all templates
$this->assign('module', $this->toplevelmodule)->assign('uid', $this->uid)->assign('loggedin', $this->isloggedin)->assign('pagetype', $this->pagetype)->assign('themepath', $this->themepath)->assign('imagepath', $this->imagepath)->assign('imagelangpath', $this->imagelangpath)->assign('stylepath', $this->stylepath)->assign('scriptpath', $this->scriptpath);
// load the theme variables
$variables = ModUtil::apiFunc('ZikulaThemeModule', 'user', 'getvariables', array('theme' => $this->name));
$this->assign($variables['variables']);
}
/**
* Display the output of the login block.
*
* @param array $blockInfo A blockinfo structure.
*
* @return string The output.
*/
public function display($blockInfo)
{
$renderedOutput = '';
if (SecurityUtil::checkPermission('Loginblock::', $blockInfo['title'].'::', ACCESS_READ)) {
if (!UserUtil::isLoggedIn()) {
if (empty($blockInfo['title'])) {
$blockInfo['title'] = DataUtil::formatForDisplay('Login');
}
$authenticationMethodList = new Users_Helper_AuthenticationMethodList($this);
if ($authenticationMethodList->countEnabledForAuthentication() > 1) {
$selectedAuthenticationMethod = $this->request->request->get('authentication_method', false);
} else {
// There is only one (or there is none), so auto-select it.
$authenticationMethod = $authenticationMethodList->getAuthenticationMethodForDefault();
$selectedAuthenticationMethod = array(
'modname' => $authenticationMethod->modname,
'method' => $authenticationMethod->method,
);
}
// TODO - The order and availability should be set by block configuration
$authenticationMethodDisplayOrder = array();
foreach ($authenticationMethodList as $authenticationMethod) {
if ($authenticationMethod->isEnabledForAuthentication()) {
$authenticationMethodDisplayOrder[] = array(
'modname' => $authenticationMethod->modname,
'method' => $authenticationMethod->method,
);
}
}
$this->view->assign('authentication_method_display_order', $authenticationMethodDisplayOrder)
->assign('selected_authentication_method', $selectedAuthenticationMethod);
// If the current page was reached via a POST or FILES then we don't want to return here.
// Only return if the current page was reached via a regular GET
if ($this->request->isGet()) {
$this->view->assign('returnpage', System::getCurrentUri());
} else {
$this->view->assign('returnpage', '');
}
$tplName = mb_strtolower("users_block_login_{$blockInfo['position']}.tpl");
if ($this->view->template_exists($tplName)) {
$blockInfo['content'] = $this->view->fetch($tplName);
} else {
$blockInfo['content'] = $this->view->fetch('users_block_login.tpl');
}
$renderedOutput = BlockUtil::themeBlock($blockInfo);
}
}
return $renderedOutput;
}
/**
* Check permissions.
*
* @return boolean
*/
public function checkpermissions()
{
$username = FormUtil::getPassedValue('username', null, 'POST');
$returnto = FormUtil::getPassedValue('returnto', System::getCurrentUri(), 'POST');
$this->redirect($returnto);
}
public function dispatch(Request $request)
{
$module = $request->attributes->get('_module');
$type = $request->attributes->get('_controller');
$func = $request->attributes->get('_action');
$arguments = array();
// process the homepage
if (!$module) {
// set the start parameters
$module = \System::getVar('startpage');
$type = \System::getVar('starttype');
$func = \System::getVar('startfunc');
$args = explode(',', \System::getVar('startargs'));
foreach ($args as $arg) {
if (!empty($arg)) {
$argument = explode('=', $arg);
$arguments[$argument[0]] = $argument[1];
}
}
}
// get module information
$modinfo = \ModUtil::getInfoFromName($module);
// we need to force the mod load if we want to call a modules interactive init
// function because the modules is not active right now
if ($modinfo) {
$module = $modinfo['url'];
if ($type == 'init' || $type == 'interactiveinstaller') {
\ModUtil::load($modinfo['name'], $type, true);
}
}
$httpCode = 404;
$message = '';
$debug = null;
$return = false;
$e = null;
try {
if (empty($module)) {
// we have a static homepage
return new Response();
} elseif ($modinfo) {
// call the requested/homepage module
$return = \ModUtil::func($modinfo['name'], $type, $func, $arguments);
}
if (!$return) {
// hack for BC since modules currently use ModUtil::func without expecting exceptions
// if a controller is not found the API will return false.
throw new \Zikula\Framework\Exception\NotFoundException(__('Page not found.'));
}
return $return;
} catch (\Exception $e) {
if ($e instanceof \Zikula\Framework\Exception\NotFoundException) {
$httpCode = 404;
$message = $e->getMessage();
$debug = array_merge($e->getDebug(), $e->getTrace());
} elseif ($e instanceof \Zikula\Framework\Exception\ForbiddenException) {
$httpCode = 403;
$message = $e->getMessage();
$debug = array_merge($e->getDebug(), $e->getTrace());
} elseif ($e instanceof \Zikula\Framework\Exception\RedirectException) {
return new RedirectResponse($e->getUrl(), array(), $e->getType());
} elseif ($e instanceof \Exception) {
// general catch all
$httpCode = 500;
$message = $e->getMessage();
$debug = $e->getTrace();
}
}
switch (true) {
case $httpCode == 403:
if (!\UserUtil::isLoggedIn()) {
$url = \ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(\System::getCurrentUri())));
return \LogUtil::registerError(\LogUtil::getErrorMsgPermission(), $httpCode, $url);
}
// there is no break here deliberately.
// there is no break here deliberately.
case $return === false:
$session = \ServiceUtil::get('session');
if (!$session->getFlashBag()->has(\Zikula_Session::MESSAGE_ERROR)) {
\LogUtil::registerError(__f('Could not load the \'%1$s\' module at \'%2$s\'.', array($module, $func)), $httpCode, null);
}
return \ModUtil::func('ErrorsModule', 'user', 'index', array('message' => $message, 'exception' => $e));
break;
default:
\LogUtil::registerError(__f('The \'%1$s\' module returned an error in \'%2$s\'.', array($module, $func)), $httpCode, null);
return \ModUtil::func('ErrorsModule', 'user', 'index', array('message' => $message, 'exception' => $e));
break;
}
}
/**
* Bind domain.
*
* @param string $domain Gettext domain.
* @param string $path Domain path.
*
* @return boolean
*/
public static function bindDomain($domain, $path)
{
$_this = self::getInstance();
$locale = $_this->getLocale();
if (!$locale) {
// fallback solution to be replaced by proper routing
$defaultLocale = System::getVar('language_i18n', 'en');
if (System::getVar('shorturls')) {
// we need to extract the language code from current url, since it is not ensured
// that System::queryStringDecode() has been executed already
$customentrypoint = System::getVar('entrypoint');
$expectEntrypoint = !System::getVar('shorturlsstripentrypoint');
$root = empty($customentrypoint) ? 'index.php' : $customentrypoint;
// get base path to work out our current url
$parsedURL = parse_url(System::getCurrentUri());
$tobestripped = array(System::getBaseUri(), "{$root}");
$path = str_replace($tobestripped, '', $parsedURL['path']);
$path = trim($path, '/');
// split the path into a set of argument strings
$args = explode('/', rtrim($path, '/'));
// ensure that each argument is properly decoded
foreach ($args as $k => $v) {
$args[$k] = urldecode($v);
}
if (isset($args[0]) && self::isLangParam($args[0]) && in_array($args[0], self::getInstalledLanguages())) {
$defaultLocale = $args[0];
}
}
$_this->setLocale($defaultLocale);
$locale = $_this->getLocale();
}
// exit if the language system hasnt yet fully initialised
if (!$locale) {
return false;
}
// prevent double loading
if (array_key_exists($domain, $_this->domainCache[$locale])) {
return true;
}
ZGettext::getInstance()->bindTextDomain($domain, $path);
ZGettext::getInstance()->bindTextDomainCodeset($domain, $_this->encoding);
$_this->domainCache[$locale][$domain] = true;
return $_this->domainCache[$locale][$domain];
}
/**
* Return some common user links
*
* Syntax used in menutree
* {ext:Blocks:userlinks:[flat]}
* Last param is optional
*
* This plugin generates a list of some common user links. The list looks as follows:
* for loggedin users:
* Your Account
* Profile
* Private Messages (if there is some message module)
* Logout
* for anonymous users:
* Your Account
* Login
* Register
* Lost Password
*
* If you provide an additional param extrainfo = flat, then the links are not grouped within
* Your Accont element
*
* @param array $args['item'] menu node to be replaced
* @param string $args['lang'] current menu language
* @param string $args['extrainfo'] additional params - if 'flat' then return links ungrouped
* @return mixed array of links if successful, false otherwise
*/
public function userlinks($args)
{
$dom = ZLanguage::getModuleDomain('menutree');
$item = isset($args['item']) && !empty($args['item']) ? $args['item'] : null;
$lang = isset($args['lang']) && !empty($args['lang']) ? $args['lang'] : null;
$extrainfo = isset($args['extrainfo']) && !empty($args['extrainfo']) ? $args['extrainfo'] : null;
// $item ang lang params are required
if (!$item || !$lang) {
return false;
}
// get id for first element, use api func to aviod id conflicts inside menu
$idoffset = Blocks_MenutreeUtil::getIdOffset($item['id']);
$lineno = 0;
// module config
$profileModule = System::getVar('profilemodule') ? System::getVar('profilemodule') : 'Profile';
$profileModule = ModUtil::available($profileModule) ? $profileModule : null;
$messageModule = System::getVar('messagemodule') ? System::getVar('messagemodule') : 'InterCom';
$messageModule = ModUtil::available($messageModule) ? $messageModule : null;
$links = array();
// if $extrainfo if 'flat' - don't group links in your_account node
if ($extrainfo != 'flat') {
$links['your_account'] = array($lang => array('id' => $idoffset++, 'name' => $item['name'], 'href' => ModUtil::url($profileModule), 'title' => $item['title'], 'className' => $item['className'], 'state' => $item['state'], 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $item['parent']));
}
// need to set parent node id - if links are grouped - use your_accont item id
// otherwise parent id of replaced menu node
$parentNode = $extrainfo != 'flat' ? $links['your_account'][$lang]['id'] : $item['parent'];
if (UserUtil::isLoggedIn()) {
$links['profile'] = array($lang => array('id' => $idoffset++, 'name' => __('Profile', $dom), 'href' => ModUtil::url($profileModule), 'title' => __('Profile', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode));
if (!is_null($messageModule)) {
$links['messages'] = array($lang => array('id' => $idoffset++, 'name' => __('Private messages', $dom), 'href' => ModUtil::url($messageModule), 'title' => __('Private messages', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode));
}
$links['logout'] = array($lang => array('id' => $idoffset++, 'name' => __('Logout', $dom), 'href' => ModUtil::url('Users', 'user', 'logout'), 'title' => __('Logout', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode));
} else {
$serviceManager = ServiceUtil::getManager();
$request = $this->serviceManager->getService('request');
$loginArgs = array();
if ($request->isGet()) {
$loginArgs['returnpage'] = urlencode(System::getCurrentUri());
}
$links['login'] = array($lang => array('id' => $idoffset++, 'name' => __('Login', $dom), 'href' => ModUtil::url('Users', 'user', 'login', $loginArgs), 'title' => __('Login', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode));
$links['register'] = array($lang => array('id' => $idoffset++, 'name' => __('Register', $dom), 'href' => ModUtil::url('Users', 'user', 'register'), 'title' => __('Register', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode));
$links['lostpassword'] = array($lang => array('id' => $idoffset++, 'name' => __('Lost password', $dom), 'href' => ModUtil::url('Users', 'user', 'lostpassword'), 'title' => __('Lost password', $dom), 'className' => '', 'state' => 1, 'lang' => $lang, 'lineno' => $lineno++, 'parent' => $parentNode));
}
return $links;
}
public function phpBBcall($args)
{
$this->throwForbiddenUnless(SecurityUtil::checkPermission('ZphpBB2::', '::', ACCESS_ADMIN), LogUtil::getErrorMsgPermission());
$url = System::getCurrentUri();
return $this->view->fetch('admin/call.tpl');
}
/**
* Process results from IDS scan.
*
* @param IDS_Init $init PHPIDS init object reference.
* @param IDS_Report $result The result object from PHPIDS.
*
* @return void
*/
private function _processIdsResult(IDS_Init $init, IDS_Report $result)
{
// $result contains any suspicious fields enriched with additional info
// Note: it is moreover possible to dump this information by simply doing
//"echo $result", calling the IDS_Report::$this->__toString() method implicitely.
$requestImpact = $result->getImpact();
if ($requestImpact < 1) {
// nothing to do
return;
}
// update total session impact to track an attackers activity for some time
$sessionImpact = SessionUtil::getVar('idsImpact', 0) + $requestImpact;
SessionUtil::setVar('idsImpact', $sessionImpact);
// let's see which impact mode we are using
$idsImpactMode = System::getVar('idsimpactmode', 1);
$idsImpactFactor = 1;
if ($idsImpactMode == 1) {
$idsImpactFactor = 1;
} elseif ($idsImpactMode == 2) {
$idsImpactFactor = 10;
} elseif ($idsImpactMode == 3) {
$idsImpactFactor = 5;
}
// determine our impact threshold values
$impactThresholdOne = System::getVar('idsimpactthresholdone', 1) * $idsImpactFactor;
$impactThresholdTwo = System::getVar('idsimpactthresholdtwo', 10) * $idsImpactFactor;
$impactThresholdThree = System::getVar('idsimpactthresholdthree', 25) * $idsImpactFactor;
$impactThresholdFour = System::getVar('idsimpactthresholdfour', 75) * $idsImpactFactor;
$usedImpact = ($idsImpactMode == 1) ? $requestImpact : $sessionImpact;
// react according to given impact
if ($usedImpact > $impactThresholdOne) {
// db logging
// determine IP address of current user
$_REMOTE_ADDR = System::serverGetVar('REMOTE_ADDR');
$_HTTP_X_FORWARDED_FOR = System::serverGetVar('HTTP_X_FORWARDED_FOR');
$ipAddress = ($_HTTP_X_FORWARDED_FOR) ? $_HTTP_X_FORWARDED_FOR : $_REMOTE_ADDR;
$currentPage = System::getCurrentUri();
$currentUid = UserUtil::getVar('uid');
$intrusionItems = array();
foreach ($result as $event) {
$eventName = $event->getName();
$malVar = explode(".", $eventName, 2);
$filters = array();
foreach ($event as $filter) {
array_push($filters, array(
'id' => $filter->getId(),
'description' => $filter->getDescription(),
'impact' => $filter->getImpact(),
'tags' => $filter->getTags(),
'rule' => $filter->getRule()));
}
$tagVal = $malVar[1];
$newIntrusionItem = array(
'name' => array($eventName),
'tag' => $tagVal,
'value' => $event->getValue(),
'page' => $currentPage,
'uid' => $currentUid,
'ip' => $ipAddress,
'impact' => $result->getImpact(),
'filters' => serialize($filters),
'date' => DateUtil::getDatetime()
);
if (array_key_exists($tagVal, $intrusionItems)) {
$intrusionItems[$tagVal]['name'][] = $newIntrusionItem['name'][0];
} else {
$intrusionItems[$tagVal] = $newIntrusionItem;
}
}
// log details to database
foreach ($intrusionItems as $tag => $intrusionItem) {
$intrusionItem['name'] = implode(", ", $intrusionItem['name']);
// create new ZIntrusion instance
$obj = new SecurityCenter_DBObject_Intrusion();
// set data
$obj->setData($intrusionItem);
// save object to db
$obj->save();
}
}
if (System::getVar('idsmail') && ($usedImpact > $impactThresholdTwo)) {
// mail admin
// prepare mail text
$mailBody = __('The following attack has been detected by PHPIDS') . "\n\n";
$mailBody .= __f('IP: %s', $ipAddress) . "\n";
$mailBody .= __f('UserID: %s', $currentUid) . "\n";
$mailBody .= __f('Date: %s', DateUtil::strftime(__('%b %d, %Y'), (time()))) . "\n";
if ($idsImpactMode == 1) {
$mailBody .= __f('Request Impact: %d', $requestImpact) . "\n";
} else {
$mailBody .= __f('Session Impact: %d', $sessionImpact) . "\n";
}
$mailBody .= __f('Affected tags: %s', join(' ', $result->getTags())) . "\n";
$attackedParameters = '';
foreach ($result as $event) {
$attackedParameters .= $event->getName() . '=' . urlencode($event->getValue()) . ", ";
}
$mailBody .= __f('Affected parameters: %s', trim($attackedParameters)) . "\n";
$mailBody .= __f('Request URI: %s', urlencode($currentPage));
// prepare other mail arguments
$siteName = System::getVar('sitename');
$adminmail = System::getVar('adminmail');
$mailTitle = __('Intrusion attempt detected by PHPIDS');
if (ModUtil::available('Mailer')) {
$args = array();
$args['fromname'] = $siteName;
$args['fromaddress'] = $adminmail;
$args['toname'] = 'Site Administrator';
$args['toaddress'] = $adminmail;
$args['subject'] = $mailTitle;
$args['body'] = $mailBody;
$rc = ModUtil::apiFunc('Mailer', 'user', 'sendmessage', $args);
} else {
$headers = "From: $siteName <$adminmail>\n"
."X-Priority: 1 (Highest)";
System::mail($adminmail, $mailTitle, $mailBody, $headers);
}
}
if ($usedImpact > $impactThresholdThree) {
// block request
if (System::getVar('idssoftblock')) {
// warn only for debugging the ruleset
LogUtil::registerError(__('Malicious request code / a hacking attempt was detected. This request has NOT been blocked!'));
} else {
throw new Zikula_Exception_Forbidden(__('Malicious request code / a hacking attempt was detected. Thus this request has been blocked.'), null, $result);
}
}
return;
}
include $phpbb_root_path . 'extension.inc';
include $phpbb_root_path . 'common.' . $phpEx;
include $phpbb_root_path . 'includes/functions_post.' . $phpEx;
$topic = isset($_POST['topic']) ? $_POST['topic'] : $_GET['topic'];
$friendname = $_POST['friendname'];
$message = $_POST['message'];
// Begin PNphpBB2 Module
$link = System::getBaseUrl() . append_sid("viewtopic") . "&" . $_GET['link'];
// End PNphpBB2 Module
$PHP_SELF = $_SERVER['PHP_SELF'];
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if (!$userdata['session_logged_in']) {
// ZphpBB2 - use Zikula login and redirect
//redirect(append_sid("login.$phpEx?redirect=tellafriend.$phpEx&topic=$topic_title&link=" . POST_TOPIC_URL . "=$topic_id", true));
System::redirect(ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri()))));
// <= ZphpBB2
}
$mail_body = str_replace("{TOPIC}", trim(stripslashes($topic)), $lang['Tell_Friend_Body']);
$mail_body = str_replace("{LINK}", $link, $mail_body);
$mail_body = str_replace("{SITENAME}", $board_config['sitename'], $mail_body);
$template->assign_vars(array('L_TELL_FRIEND_TITLE' => $lang['Tell_Friend_Title'], 'L_TELL_FRIEND_EMAIL_MESSAGE' => $lang['Tell_Friend_Email_Message'], 'L_TELL_FRIEND_SENDER_USER' => $lang['Tell_Friend'], 'L_TELL_FRIEND_SENDER_USER' => $lang['Tell_Friend_Sender_User'], 'L_TELL_FRIEND_SENDER_EMAIL' => $lang['Tell_Friend_Sender_Email'], 'L_TELL_FRIEND_RECIEVER_USER' => $lang['Tell_Friend_Reciever_User'], 'L_TELL_FRIEND_RECIEVER_EMAIL' => $lang['Tell_Friend_Reciever_Email'], 'L_TELL_FRIEND_MSG' => $lang['Tell_Friend_Msg'], 'L_TELL_FRIEND_BODY' => $mail_body, 'SUBMIT_ACTION' => append_sid("tellafriend"), 'L_SUBMIT' => $lang['Send_email'], 'SITENAME' => $board_config['sitename'], 'TOPIC' => trim(stripslashes($topic)), 'LINK' => $link, 'SENDER_NAME' => DataUtil::formatForDisplay($userdata['username']), 'SENDER_MAIL' => $userdata['user_email']));
if (isset($_POST['submit'])) {
$error = FALSE;
if (!empty($_POST['friendemail']) && strpos($_POST['friendemail'], "@") > 0) {
$friendemail = trim(stripslashes($_POST['friendemail']));
if (!$_POST['friendname']) {
$friendname = substr($friendemail, 0, strpos($_POST['friendemail'], "@"));
}
} else {
$error = TRUE;
/**
* Get name of current top-level module.
*
* @return string The name of the current top-level module, false if not in a module.
*/
public static function getName()
{
if (!isset(self::$cache['modgetname'])) {
self::$cache['modgetname'] = FormUtil::getPassedValue('module', null, 'GETPOST', FILTER_SANITIZE_STRING);
if (empty(self::$cache['modgetname'])) {
if (!System::getVar('startpage')) {
self::$cache['modgetname'] = System::getVar('startpage');
} else {
$baseUriLenght = strlen(System::getBaseUri());
$shortUrlPath = substr(System::getCurrentUri(), $baseUriLenght + 1);
if (!empty($shortUrlPath) == 0) {
self::$cache['modgetname'] = System::getVar('startpage');
} else {
$args = explode('/', $shortUrlPath);
self::$cache['modgetname'] = $args[0];
}
}
}
// the parameters may provide the module alias so lets get
// the real name from the db
$modinfo = self::getInfo(self::getIdFromName(self::$cache['modgetname']));
if (isset($modinfo['name'])) {
$type = FormUtil::getPassedValue('type', null, 'GETPOST', FILTER_SANITIZE_STRING);
self::$cache['modgetname'] = $modinfo['name'];
if ((!$type == 'init' || !$type == 'initeractiveinstaller') && !self::available(self::$cache['modgetname'])) {
self::$cache['modgetname'] = System::getVar('startpage');
}
}
}
return self::$cache['modgetname'];
}
}
}
// End PNphpBB2 Module
global $gen_simple_header;
$template->set_filenames(array('overall_header' => empty($gen_simple_header) ? 'overall_header.tpl' : 'simple_header.tpl'));
//
// Generate logged in/logged out status
//
if ($userdata['session_logged_in']) {
// ZphpBB2 =>
$u_login_logout = ModUtil::url('Users', 'user', 'logout', array('returnpage' => urlencode(System::getCurrentUri())));
$l_login_logout = $lang['Logout'] . ' [' . DataUtil::formatForDisplay($userdata['username']) . ']';
// <= ZphpBB2
} else {
// ZphpBB2 =>
$u_login_logout = ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri())));
// <= ZphpBB2
$l_login_logout = $lang['Login'];
}
$s_last_visit = $userdata['session_logged_in'] ? create_date($board_config['default_dateformat'], $userdata['user_lastvisit'], $board_config['board_timezone']) : '';
//
// Get basic (usernames + totals) online
// situation
//
$logged_visible_online = 0;
$logged_hidden_online = 0;
$guests_online = 0;
$online_userlist = '';
$l_online_users = '';
if (defined('SHOW_ONLINE')) {
$user_forum_sql = !empty($forum_id) ? "AND s.session_page = " . intval($forum_id) : '';
/**
* Check permissions.
*
* @return boolean
*/
public function checkpermissionsAction()
{
$returnto = $this->request->request->get('returnto', \System::getCurrentUri());
return $this->redirect($returnto);
}
/**
* Display a message indicating that the user's session has expired.
*
* @return string The rendered template.
*/
public function expiredSession()
{
$view = Zikula_View::getInstance($this->name, false);
$view->assign('returnpage', urlencode(System::getCurrentUri()));
return $view->fetch('users_userapi_expiredsession.tpl');
}
/**
* Get current URI (and optionally add/replace some parameters)
*
* @deprecated Deprecated since version 1.3.0.
* @see System::getCurrentUri()
*
* @access public
* @param args array additional parameters to be added to/replaced in the URI (e.g. theme, ...)
* @return string current URI
*/
function pnGetCurrentURI($args = array())
{
LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array(__FUNCTION__, 'System::getCurrentUri')), E_USER_DEPRECATED);
return System::getCurrentUri($args);
}
/**
* Register a failed permission check.
*
* This method calls registerError and then logs the failed permission check so that it can be analyzed later.
*
* @param string $url The URL to redirect to (optional) (default=null).
* @param boolean $redirect Whether to redirect not logged in users to the login form (default=true).
*
* @return false
*/
public static function registerPermissionError($url = null, $redirect = true)
{
$code = 403;
if (!UserUtil::isLoggedIn() && $redirect) {
if (is_null($url)) {
$request = ServiceUtil::get('request');
$loginArgs = array();
if ($request->isMethod('GET')) {
$loginArgs['returnpage'] = urlencode(System::getCurrentUri());
}
$url = ModUtil::url('ZikulaUsersModule', 'user', 'login', $loginArgs);
}
$code = null;
}
return self::registerError(self::getErrorMsgPermission(), $code, $url);
}
}
$forward_page .= $forward_match[$i];
}
}
// Begin PNphpBB2 Module
// $forward_page = $forward_match[0] . '?' . $forward_page;
$forward_page = $forward_match[0] . '&' . $forward_page;
// End PNphpBB2 Module
} else {
$forward_page = $forward_match[0];
}
}
}
$username = $userdata['user_id'] != ANONYMOUS ? $userdata['username'] : '';
// Begin PNphpBB2 Module
// $s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
$s_hidden_fields = '<input type="hidden" name="url" value="' . append_sid($forward_page) . '">';
//$s_hidden_fields .= '<input type="hidden" name="module" value="NS-User">';
//$s_hidden_fields .= '<input type="hidden" name="module" value="Users">';
//$s_hidden_fields .= '<input type="hidden" name="func" value="login">';
// End PNphpBB2 Module
$s_hidden_fields .= isset($_GET['admin']) ? '<input type="hidden" name="admin" value="1" />' : '';
$modinfo = ModUtil::getInfoFromName("ZphpBB2");
make_jumpbox('viewforum.' . $phpEx);
$template->assign_vars(array('USERNAME' => DataUtil::formatForDisplay($username), 'L_ENTER_PASSWORD' => isset($_GET['admin']) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'], 'L_SEND_PASSWORD' => $lang['Forgotten_password'], 'U_SEND_PASSWORD' => ModUtil::url('Users', 'user', 'lostpassword'), 'S_LOGIN_ACTION' => ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri()))), 'AUTHID' => SecurityUtil::generateAuthKey("Users"), 'URL' => append_sid($forward_page), 'S_HIDDEN_FIELDS' => $s_hidden_fields));
$template->pparse('body');
include $phpbb_root_path . 'includes/page_tail.' . $phpEx;
} else {
redirect(append_sid("index.{$phpEx}", true));
}
}
/**
* do a simple check .. to see if the current URL is the menu item
*
* @param none
* @return boolean
*/
function is_recent_page($url)
{
if (!empty($url)) {
$uri = System::getCurrentUri();
if (is_integer(strpos($uri, $url))) {
return true;
}
}
return false;
}
/**
* For Private Messaging
*/
function privmsgs_attachment_mod($mode)
{
global $attach_config, $template, $lang, $userdata, $_POST, $phpbb_root_path, $phpEx, $db;
global $confirm, $delete, $delete_all, $post_id, $privmsgs_id, $privmsg_id, $submit, $refresh, $mark_list, $folder;
if ($folder != 'outbox') {
$this->display_attach_box_limits();
}
if (!intval($attach_config['allow_pm_attach'])) {
return;
}
if (!$refresh) {
$add_attachment_box = !empty($_POST['add_attachment_box']) ? TRUE : FALSE;
$posted_attachments_box = !empty($_POST['posted_attachments_box']) ? TRUE : FALSE;
$refresh = $add_attachment_box || $posted_attachments_box;
}
$post_id = $privmsgs_id;
$result = $this->handle_attachments($mode, PAGE_PRIVMSGS);
if ($result === false) {
return;
}
$mark_list = get_var('mark', array(0));
if (($this->pm_delete_attachments || $delete) && sizeof($mark_list)) {
if (!$userdata['session_logged_in']) {
// ZphpBB2 - use Zikula login and redirect
//redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
System::redirect(ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri()))));
// <= ZphpBB2
exit;
}
if (sizeof($mark_list)) {
$delete_sql_id = '';
for ($i = 0; $i < sizeof($mark_list); $i++) {
$delete_sql_id .= ($delete_sql_id != '' ? ', ' : '') . intval($mark_list[$i]);
}
if (($this->pm_delete_attachments || $confirm) && !$delete_all) {
delete_attachment($delete_sql_id, 0, PAGE_PRIVMSGS);
}
}
}
if ($submit || $refresh || $mode != '') {
$this->display_attachment_bodies();
}
}
// Start output of page
//
define('SHOW_ONLINE', true);
$page_title = $lang['Index'];
include $phpbb_root_path . 'includes/page_header.' . $phpEx;
$template->set_filenames(array('body' => 'index_body.tpl'));
// Begin PNphpBB2 Categories Hierarchie Mod
if ($nav_cat_desc != "") {
$nav_cat_desc = $nav_separator . $nav_cat_desc;
}
$mark = $viewcat == -1 ? '' : '&' . POST_CAT_URL . '=' . $viewcat;
// End PNphpBB2 Categories Hierarchie Mod
$template->assign_vars(array('TOTAL_POSTS' => sprintf($l_total_post_s, $total_posts), 'TOTAL_USERS' => sprintf($l_total_user_s, $total_users), 'NEWEST_USER' => sprintf($lang['Newest_user'], '<a href="' . append_sid("profile.{$phpEx}?mode=viewprofile&" . POST_USERS_URL . "={$newest_uid}") . '">', DataUtil::formatForDisplay($newest_user), '</a>'), 'FORUM_IMG' => $images['forum'], 'FORUM_NEW_IMG' => $images['forum_new'], 'FORUM_LOCKED_IMG' => $images['forum_locked'], 'WHOSONLINE' => $images['whosonline'], 'L_POSTED' => $lang['Posted'], 'L_LEGEND' => $lang['Legend'], 'L_FORUM' => $lang['Forum'], 'L_TOPICS' => $lang['Topics'], 'L_REPLIES' => $lang['Replies'], 'L_VIEWS' => $lang['Views'], 'L_POSTS' => $lang['Posts'], 'L_LASTPOST' => $lang['Last_Post'], 'L_NO_NEW_POSTS' => $lang['No_new_posts'], 'L_NEW_POSTS' => $lang['New_posts'], 'L_NO_NEW_POSTS_LOCKED' => $lang['No_new_posts_locked'], 'L_NEW_POSTS_LOCKED' => $lang['New_posts_locked'], 'L_ONLINE_EXPLAIN' => $lang['Online_explain'], 'L_MODERATOR' => $lang['Moderators'], 'L_FORUM_LOCKED' => $lang['Forum_is_locked'], 'L_MARK_FORUMS_READ' => $lang['Mark_all_forums'], 'U_MARK_READ' => append_sid("index.{$phpEx}?mark=forums{$mark}")));
// ZphpBB2 =>
if (!$userdata['session_logged_in']) {
$template->assign_vars(array('ZLOGIN_CSRFTOKEN' => SecurityUtil::generateCsrfToken(), 'ZLOGIN_RETURNPAGE' => DataUtil::formatForDisplay(System::getCurrentUri())));
}
// <= ZphpBB2
// Begin PNphpBB2 Module
if (!$board_config['pnphpbb2_members_online'] && (!$board_config['pnphpbb2_members_online_annon'] || $userdata['session_logged_in'])) {
$template->assign_block_vars('switch_members_online', array());
}
// End PNphpBB2 Module
// Begin PNphpBB2 Module (Announcements)
if ($board_config['pnphpbb2_enable_announce'] == 1) {
//
$announcement_duration = 7;
if (isset($board_config['pnphpbb2_announcement_duration'])) {
$announcement_duration = $board_config['pnphpbb2_announcement_duration'];
}
$time_floor = $announcement_duration == 0 ? 0 : time() - ($announcement_duration - 1) * 24 * 3600;
/**
* Prepare a menu item array
*
* @param title menu item title
* @param url menu item url
* @param comment menu item comment
*/
public function addMenuItem($title, $url, $comment)
{
static $uri;
if (!isset($uri)) {
$uri = System::getCurrentUri();
}
if (!isset($title) || $title == '') {
$title = ' ';
}
$itemselected = false;
// do a simple check .. to see if the current URL is the menu item
if (!empty($url)) {
if (is_integer(strpos($uri, $url))) {
$itemselected = true;
}
}
// allow a simple portable way to link to the home page of the site
if ($url == '{homepage}') {
$url = System::getBaseUrl();
} elseif (!empty($url)) {
if ($url[0] == '{') {
$url = explode(':', substr($url, 1, - 1));
// url[0] should be the module name
if (isset($url[0]) && !empty($url[0])) {
$modname = $url[0];
// default values
$type = 'user';
$func = 'main';
$params = array();
// url[1] can be a function or function¶m=value
if (isset($url[1]) && !empty($url[1])) {
$urlparts = explode('&', $url[1]);
$func = $urlparts[0];
unset($urlparts[0]);
if (count($urlparts) > 0) {
foreach ($urlparts as $urlpart) {
$part = explode('=', $urlpart);
$params[trim($part[0])] = trim($part[1]);
}
}
// addon: url[2] can be the type parameter, default 'user'
$type = (isset($url[2]) && !empty($url[2])) ? $url[2] : 'user';
}
// build the url
$url = ModUtil::url($modname, $type, $func, $params);
}
}
}
$item = array('MENUITEMTITLE' => $title,
'MENUITEMURL' => $url,
'MENUITEMCOMMENT' => DataUtil::formatForDisplay($comment),
'MENUITEMSELECTED' => $itemselected);
return $item;
}
