function myalerts_acp_manage_alert_types()
{
global $mybb, $lang, $page, $db, $cache;
$alertTypeManager = MybbStuff_MyAlerts_AlertTypeManager::getInstance();
$alertTypes = $alertTypeManager->getAlertTypes();
if (strtolower($mybb->request_method) == 'post') {
if (!verify_post_check($mybb->get_input('my_post_key'))) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=config-myalerts_alert_types");
}
$enabledAlertTypes = $mybb->get_input('alert_types_enabled', MyBB::INPUT_ARRAY);
$canBeUserDisabled = $mybb->get_input('alert_types_can_be_user_disabled', MyBB::INPUT_ARRAY);
$enabledAlertTypes = array_map('intval', array_keys($enabledAlertTypes));
$canBeUserDisabled = array_map('intval', array_keys($canBeUserDisabled));
$updateArray = array();
foreach ($alertTypes as $alertType) {
$type = MybbStuff_MyAlerts_Entity_AlertType::unserialize($alertType);
$type->setEnabled(in_array($type->getId(), $enabledAlertTypes));
$type->setCanBeUserDisabled(in_array($type->getId(), $canBeUserDisabled));
$updateArray[] = $type;
}
$alertTypeManager->updateAlertTypes($updateArray);
flash_message($lang->myalerts_alert_types_updated, 'success');
admin_redirect("index.php?module=config-myalerts_alert_types");
} else {
$page->output_header($lang->myalerts_alert_types);
$form = new Form('index.php?module=config-myalerts_alert_types', 'post');
$table = new Table();
$table->construct_header($lang->myalerts_alert_type_code);
$table->construct_header($lang->myalerts_alert_type_enabled, array('width' => '5%', 'class' => 'align_center'));
$table->construct_header($lang->myalerts_alert_type_can_be_user_disabled, array('width' => '10%', 'class' => 'align_center'));
$noResults = false;
if (!empty($alertTypes)) {
foreach ($alertTypes as $type) {
$alertCode = htmlspecialchars_uni($type['code']);
$table->construct_cell($alertCode);
$table->construct_cell($form->generate_check_box('alert_types_enabled[' . $type['id'] . ']', '', '', array('checked' => $type['enabled'])));
$table->construct_cell($form->generate_check_box('alert_types_can_be_user_disabled[' . $type['id'] . ']', '', '', array('checked' => $type['can_be_user_disabled'])));
$table->construct_row();
}
} else {
$table->construct_cell($lang->myalerts_no_alert_types, array('colspan' => 2));
$table->construct_row();
$noResults = true;
}
$table->output($lang->myalerts_alert_types);
if (!$noResults) {
$buttons[] = $form->generate_submit_button($lang->myalerts_update_alert_types);
$form->output_submit_wrapper($buttons);
}
$form->end();
$page->output_footer();
}
}
function main_page()
{
global $cloudflare, $mybb;
$request = $cloudflare->get_access_rules();
$table = new Table();
$table->construct_header("Mode");
$table->construct_header("IP Address");
$table->construct_header("Notes");
$table->construct_header("Modify");
foreach ($request->result as $rule) {
$table->construct_cell($rule->mode);
$table->construct_cell($rule->configuration->value);
$table->construct_cell($rule->notes);
$table->construct_cell("<a href=\"index.php?module=cloudflare-manage_firewall&action=modify_rule_by_ip&ip={$rule->configuration->value}&my_post_key={$mybb->post_code}¤t_mode={$rule->mode}¤t_notes={$rule->notes}\">Modify</a> / <a href=\"index.php?module=cloudflare-manage_firewall&action=delete_rule_by_id&rule_id={$rule->id}&ip_address={$rule->configuration->value}&my_post_key={$mybb->post_code}\">Delete</a>");
$table->construct_row();
}
$table->output("Firewall Rules");
}
function jb_update_core()
{
$auto = jb_download_core();
if ($auto === false) {
global $page;
$page->output_header(JB_Lang::get("update_failed"));
$table = new Table();
$table->construct_header(JB_Lang::get("attention"));
$table->construct_cell(JB_Lang::get("update_get"));
$table->construct_row();
$table->output(JB_Lang::get("update_failed"));
$page->output_footer();
exit;
}
}
$pages = $postcount / $perpage;
$pages = ceil($pages);
if ($mybb->input['page'] == "last") {
$pagecnt = $pages;
}
if ($pagecnt > $pages) {
$pagecnt = 1;
}
if ($pagecnt) {
$start = ($pagecnt - 1) * $perpage;
} else {
$start = 0;
$pagecnt = 1;
}
$table = new Table();
$table->construct_header($lang->username, array('width' => '10%'));
$table->construct_header($lang->date, array("class" => "align_center", 'width' => '15%'));
$table->construct_header($lang->action, array("class" => "align_center", 'width' => '35%'));
$table->construct_header($lang->information, array("class" => "align_center", 'width' => '30%'));
$table->construct_header($lang->ipaddress, array("class" => "align_center", 'width' => '10%'));
$query = $db->query("\n\t\tSELECT l.*, u.username, u.usergroup, u.displaygroup, t.subject AS tsubject, f.name AS fname, p.subject AS psubject\n\t\tFROM " . TABLE_PREFIX . "moderatorlog l\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=l.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=l.tid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=l.fid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (p.pid=l.pid)\n\t\t{$where}\n\t\tORDER BY {$sortby} {$order}\n\t\tLIMIT {$start}, {$perpage}\n\t");
while ($logitem = $db->fetch_array($query)) {
$information = '';
$logitem['dateline'] = date("jS M Y, G:i", $logitem['dateline']);
$trow = alt_trow();
$username = format_name($logitem['username'], $logitem['usergroup'], $logitem['displaygroup']);
$logitem['profilelink'] = build_profile_link($username, $logitem['uid']);
if ($logitem['tsubject']) {
$information = "<strong>{$lang->thread}</strong> <a href=\"../" . get_thread_link($logitem['tid']) . "\" target=\"_blank\">" . htmlspecialchars_uni($logitem['tsubject']) . "</a><br />";
}
if ($logitem['fname']) {
foreach ($mybb->input['disporder'] as $cid => $order) {
$update_query = array("disporder" => (int) $order);
$db->update_query("calendars", $update_query, "cid='" . (int) $cid . "'");
}
$plugins->run_hooks("admin_config_calendars_update_order_commit");
// Log admin action
log_admin_action();
flash_message($lang->success_calendar_orders_updated, 'success');
admin_redirect("index.php?module=config-calendars");
}
if (!$mybb->input['action']) {
$page->output_header($lang->manage_calendars);
$page->output_nav_tabs($sub_tabs, 'manage_calendars');
$form = new Form("index.php?module=config-calendars&action=update_order", "post");
$table = new Table();
$table->construct_header($lang->calendar);
$table->construct_header($lang->order, array('width' => '5%', 'class' => 'align_center'));
$table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 3, "width" => 300));
$query = $db->simple_select("calendars", "*", "", array('order_by' => 'disporder'));
while ($calendar = $db->fetch_array($query)) {
$calendar['name'] = htmlspecialchars_uni($calendar['name']);
$table->construct_cell("<a href=\"index.php?module=config-calendars&action=edit&cid={$calendar['cid']}\"><strong>{$calendar['name']}</strong></a>");
$table->construct_cell($form->generate_numeric_field("disporder[{$calendar['cid']}]", $calendar['disporder'], array('id' => 'disporder', 'style' => 'width: 80%', 'class' => 'align_center', 'min' => 0)));
$table->construct_cell("<a href=\"index.php?module=config-calendars&action=edit&cid={$calendar['cid']}\">{$lang->edit}</a>", array("width" => 100, "class" => "align_center"));
$table->construct_cell("<a href=\"index.php?module=config-calendars&action=permissions&cid={$calendar['cid']}\">{$lang->permissions}</a>", array("width" => 100, "class" => "align_center"));
$table->construct_cell("<a href=\"index.php?module=config-calendars&action=delete&cid={$calendar['cid']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_calendar_deletion}')\">{$lang->delete}</a>", array("width" => 100, "class" => "align_center"));
$table->construct_row();
}
if ($table->num_rows() == 0) {
$table->construct_cell($lang->no_calendars, array('colspan' => 5));
$table->construct_row();
function akismet_admin()
{
global $mybb, $db, $page, $lang;
if ($page->active_action != "akismet") {
return;
}
$page->add_breadcrumb_item($lang->akismet);
if ($mybb->input['delete_all'] && $mybb->request_method == "post") {
// User clicked no
if ($mybb->input['no']) {
admin_redirect("index.php?module=forum-akismet");
}
if ($mybb->request_method == "post") {
// Delete the template
$db->delete_query("posts", "visible = '-4'");
// Log admin action
log_admin_action();
flash_message($lang->success_deleted_spam, 'success');
admin_redirect("index.php?module=forum-akismet");
} else {
$page->output_confirm_action("index.php?module=forum-akismet&delete_all=1", $lang->confirm_spam_deletion);
}
}
if ($mybb->input['unmark'] && $mybb->request_method == "post") {
$unmark = $mybb->input['akismet'];
if (empty($unmark)) {
flash_message($lang->error_unmark, 'error');
admin_redirect("index.php?module=forum-akismet");
}
$posts_in = '';
$comma = '';
foreach ($unmark as $key => $val) {
$posts_in .= $comma . intval($key);
$comma = ',';
}
$query = $db->simple_select("posts", "pid, tid", "pid IN ({$posts_in}) AND replyto = '0'");
while ($post = $db->fetch_array($query)) {
$threadp[] = $post['tid'];
}
if (!is_array($threadp)) {
$threadp = array();
}
$thread_list = implode(',', $threadp);
$query = $db->query("\r\n\t\t\tSELECT p.tid, f.usepostcounts, p.uid, p.fid, p.dateline, p.replyto, t.lastpost, t.lastposter, t.lastposteruid, t.subject\r\n\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=p.fid)\r\n\t\t\tWHERE p.pid IN ({$posts_in}) AND p.visible = '-4'\r\n\t\t");
while ($post = $db->fetch_array($query)) {
// Fetch the last post for this forum
$query2 = $db->query("\r\n\t\t\t\tSELECT tid, lastpost, lastposter, lastposteruid, subject\r\n\t\t\t\tFROM " . TABLE_PREFIX . "threads\r\n\t\t\t\tWHERE fid='{$post['fid']}' AND visible='1' AND closed NOT LIKE 'moved|%'\r\n\t\t\t\tORDER BY lastpost DESC\r\n\t\t\t\tLIMIT 0, 1\r\n\t\t\t");
$lastpost = $db->fetch_array($query2);
if ($post['lastpost'] > $lastpost['lastpost']) {
$lastpost['lastpost'] = $post['lastpost'];
$lastpost['lastposter'] = $post['lastposter'];
$lastpost['lastposteruid'] = $post['lastposteruid'];
$lastpost['subject'] = $post['subject'];
$lastpost['tid'] = $post['tid'];
}
$update_count = array("lastpost" => intval($lastpost['lastpost']), "lastposter" => $db->escape_string($lastpost['lastposter']), "lastposteruid" => intval($lastpost['lastposteruid']), "lastposttid" => intval($lastpost['tid']), "lastpostsubject" => $db->escape_string($lastpost['subject']));
$db->update_query("forums", $update_count, "fid='{$post['fid']}'");
$query2 = $db->query("\r\n\t\t\t\tSELECT u.uid, u.username, p.username AS postusername, p.dateline\r\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\t\tWHERE p.tid='{$post['tid']}' AND p.visible='1' OR p.pid = '{$post['pid']}'\r\n\t\t\t\tORDER BY p.dateline DESC\r\n\t\t\t\tLIMIT 1");
$lastpost = $db->fetch_array($query2);
$query2 = $db->query("\r\n\t\t\t\tSELECT u.uid, u.username, p.username AS postusername, p.dateline\r\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\t\tWHERE p.tid='{$post['tid']}'\r\n\t\t\t\tORDER BY p.dateline ASC\r\n\t\t\t\tLIMIT 0,1\r\n\t\t\t");
$firstpost = $db->fetch_array($query2);
if (!$firstpost['username']) {
$firstpost['username'] = $firstpost['postusername'];
}
if (!$lastpost['username']) {
$lastpost['username'] = $lastpost['postusername'];
}
if (!$lastpost['dateline']) {
$lastpost['username'] = $firstpost['username'];
$lastpost['uid'] = $firstpost['uid'];
$lastpost['dateline'] = $firstpost['dateline'];
}
$lastpost['username'] = $db->escape_string($lastpost['username']);
$firstpost['username'] = $db->escape_string($firstpost['username']);
$query2 = $db->simple_select("users", "akismetstopped", "uid='{$post['uid']}'");
$akismetstopped = $db->fetch_field($query2, "akismetstopped") - 1;
if ($akismetstopped < 0) {
$akismetstopped = 0;
}
$db->update_query("users", array('akismetstopped' => $akismetstopped), "uid='{$post['uid']}'");
$update_array = array('username' => $firstpost['username'], 'uid' => intval($firstpost['uid']), 'lastpost' => intval($lastpost['dateline']), 'lastposter' => $lastpost['username'], 'lastposteruid' => intval($lastpost['uid']));
$db->update_query("threads", $update_array, "tid='{$post['tid']}'");
if ($post['usepostcounts'] != 0) {
$db->write_query("UPDATE " . TABLE_PREFIX . "users SET postnum=postnum+1 WHERE uid = '{$post['uid']}'");
}
$newthreads = $newreplies = 0;
if ($post['replyto'] == 0) {
++$newthreads;
} else {
++$newreplies;
}
update_thread_counters($post['tid'], array('replies' => '+' . $newreplies));
update_forum_counters($post['fid'], array('threads' => '+' . $newthreads, 'posts' => '+1'));
}
$approve = array("visible" => 1);
if ($thread_list) {
$db->update_query("threads", $approve, "tid IN ({$thread_list})");
}
$db->update_query("posts", $approve, "pid IN ({$posts_in})");
// Log admin action
log_admin_action();
flash_message($lang->success_unmarked, 'success');
admin_redirect("index.php?module=forum-akismet");
}
if ($mybb->input['delete'] && $mybb->request_method == "post") {
$deletepost = $mybb->input['akismet'];
if (empty($deletepost)) {
flash_message($lang->error_deletepost, 'error');
admin_redirect("index.php?module=forum-akismet");
}
$posts_in = '';
$comma = '';
foreach ($deletepost as $key => $val) {
$posts_in .= $comma . intval($key);
$comma = ',';
}
$query = $db->simple_select("posts", "pid, tid", "pid IN ({$posts_in}) AND replyto = '0'");
while ($post = $db->fetch_array($query)) {
$threadp[$post['pid']] = $post['tid'];
}
if (!is_array($threadp)) {
$threadp = array();
}
require_once MYBB_ROOT . "inc/functions_upload.php";
foreach ($deletepost as $pid => $val) {
if (array_key_exists($pid, $threadp)) {
$db->delete_query("posts", "pid IN ({$posts_in})");
$db->delete_query("attachments", "pid IN ({$posts_in})");
// Get thread info
$query = $db->simple_select("threads", "poll", "tid='" . $threadp[$pid] . "'");
$poll = $db->fetch_field($query, 'poll');
// Delete threads, redirects, favorites, polls, and poll votes
$db->delete_query("threads", "tid='" . $threadp[$pid] . "'");
$db->delete_query("threads", "closed='moved|" . $threadp[$pid] . "'");
$db->delete_query("threadsubscriptions", "tid='" . $threadp[$pid] . "'");
$db->delete_query("polls", "tid='" . $threadp[$pid] . "'");
$db->delete_query("pollvotes", "pid='{$poll}'");
}
// Remove attachments
remove_attachments($pid);
// Delete the post
$db->delete_query("posts", "pid='{$pid}'");
}
// Log admin action
log_admin_action();
flash_message($lang->success_spam_deleted, 'success');
admin_redirect("index.php?module=forum-akismet");
}
if (!$mybb->input['action']) {
require MYBB_ROOT . "inc/class_parser.php";
$parser = new postParser();
$page->output_header($lang->akismet);
$form = new Form("index.php?module=forum-akismet", "post");
$table = new Table();
$table->construct_header($form->generate_check_box("checkall", 1, '', array('class' => 'checkall')), array('width' => '5%'));
$table->construct_header("Title / Username / Post", array('class' => 'align_center'));
$mybb->input['page'] = intval($mybb->input['page']);
if ($mybb->input['page'] > 0) {
$start = $mybb->input['page'] * 20;
} else {
$start = 0;
}
$query = $db->simple_select("posts", "COUNT(pid) as spam", "visible = '-4'");
$total_rows = $db->fetch_field($query, 'spam');
if ($start > $total_rows) {
$start = $total_rows - 20;
}
if ($start < 0) {
$start = 0;
}
$query = $db->simple_select("posts", "*", "visible = '-4'", array('limit_start' => $start, 'limit' => '20', 'order_by' => 'dateline', 'order_dir' => 'desc'));
while ($post = $db->fetch_array($query)) {
if ($post['uid'] != 0) {
$username = "******"../" . str_replace("{uid}", $post['uid'], PROFILE_URL) . "\" target=\"_blank\">" . format_name($post['username'], $post['usergroup'], $post['displaygroup']) . "</a>";
} else {
$username = $post['username'];
}
$table->construct_cell($form->generate_check_box("akismet[{$post['pid']}]", 1, ''));
$table->construct_cell("<span style=\"float: right;\">{$lang->username} {$username}</span> <span style=\"float: left;\">{$lang->title}: " . htmlspecialchars_uni($post['subject']) . " <strong>(" . my_date($mybb->settings['dateformat'], $post['dateline']) . ", " . my_date($mybb->settings['timeformat'], $post['dateline']) . ")</strong></span>");
$table->construct_row();
$parser_options = array("allow_html" => 0, "allow_mycode" => 0, "allow_smilies" => 0, "allow_imgcode" => 0, "me_username" => $post['username'], "filter_badwords" => 1);
$post['message'] = $parser->parse_message($post['message'], $parser_options);
$table->construct_cell($post['message'], array("colspan" => 2));
$table->construct_row();
}
$num_rows = $table->num_rows();
if ($num_rows == 0) {
$table->construct_cell($lang->no_spam_found, array("class" => "align_center", "colspan" => 2));
$table->construct_row();
}
$table->output($lang->detected_spam_messages);
echo "<br />" . draw_admin_pagination($mybb->input['page'], 20, $total_rows, "index.php?module=forum-akismet&page={page}");
$buttons[] = $form->generate_submit_button($lang->unmark_selected, array('name' => 'unmark'));
$buttons[] = $form->generate_submit_button($lang->deleted_selected, array('name' => 'delete'));
if ($num_rows > 0) {
$buttons[] = $form->generate_submit_button($lang->delete_all, array('name' => 'delete_all', 'onclick' => "return confirm('{$lang->confirm_spam_deletion}');"));
}
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
}
exit;
}
$pages = ceil($pages);
if ($current_page > $pages) {
$start = 0;
$current_page = 1;
}
} else {
$start = 0;
$current_page = 1;
}
$pagination = draw_admin_pagination($current_page, $per_page, $unapproved_attachments, "index.php?module=forum/moderation_queue&type=attachments&page={page}");
$page->add_breadcrumb_item($lang->attachments_awaiting_moderation);
$page->output_header($lang->attachments_awaiting_moderation);
$page->output_nav_tabs($sub_tabs, "attachments");
$form = new Form("index.php?module=forum/moderation_queue", "post");
$table = new Table();
$table->construct_header($lang->filename);
$table->construct_header($lang->uploadedby, array("class" => "align_center", "width" => "20%"));
$table->construct_header($lang->posted, array("class" => "align_center", "width" => "20%"));
$table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 3));
$query = $db->query("\n\t\t\tSELECT a.*, p.subject AS postsubject, p.dateline, p.uid, u.username, t.tid, t.subject AS threadsubject\n\t\t\tFROM " . TABLE_PREFIX . "attachments a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (p.pid=a.pid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\t\tWHERE a.visible='0'\n\t\t\tORDER BY a.dateuploaded DESC\n\t\t\tLIMIT {$start}, {$per_page}\n\t\t");
while ($attachment = $db->fetch_array($query)) {
if (!$attachment['dateuploaded']) {
$attachment['dateuploaded'] = $attachment['dateline'];
}
$attachdate = my_date($mybb->settings['dateformat'], $attachment['dateuploaded']);
$attachtime = my_date($mybb->settings['timeformat'], $attachment['dateuploaded']);
$attachment['postsubject'] = htmlspecialchars_uni($attachment['postsubject']);
$attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
$attachment['threadsubject'] = htmlspecialchars_uni($attachment['threadsubject']);
$attachment['filesize'] = get_friendly_size($attachment['filesize']);
$link = get_post_link($attachment['pid'], $attachment['tid']) . "#pid{$attachment['pid']}";
$plugins->run_hooks("admin_config_smilies_start");
$page->output_header($lang->manage_smilies);
$sub_tabs['manage_smilies'] = array('title' => $lang->manage_smilies, 'link' => "index.php?module=config-smilies", 'description' => $lang->manage_smilies_desc);
$sub_tabs['add_smilie'] = array('title' => $lang->add_smilie, 'link' => "index.php?module=config-smilies&action=add");
$sub_tabs['add_multiple_smilies'] = array('title' => $lang->add_multiple_smilies, 'link' => "index.php?module=config-smilies&action=add_multiple");
$sub_tabs['mass_edit'] = array('title' => $lang->mass_edit, 'link' => "index.php?module=config-smilies&action=mass_edit");
$page->output_nav_tabs($sub_tabs, 'manage_smilies');
$pagenum = intval($mybb->input['page']);
if ($pagenum) {
$start = ($pagenum - 1) * 20;
} else {
$start = 0;
$pagenum = 1;
}
$table = new Table();
$table->construct_header($lang->image, array("class" => "align_center", "width" => 1));
$table->construct_header($lang->name, array("width" => "35%"));
$table->construct_header($lang->text_replace, array("width" => "35%"));
$table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 2));
$query = $db->simple_select("smilies", "*", "", array('limit_start' => $start, 'limit' => 20, 'order_by' => 'disporder'));
while ($smilie = $db->fetch_array($query)) {
$smilie['image'] = str_replace("{theme:imgdir}", $theme['imgdir'], $smilie['image']);
if (my_strpos($smilie['image'], "p://") || substr($smilie['image'], 0, 1) == "/") {
$image = $smilie['image'];
} else {
$image = "../" . $smilie['image'];
}
$table->construct_cell("<img src=\"{$image}\" alt=\"\" />", array("class" => "align_center"));
$table->construct_cell(htmlspecialchars_uni($smilie['name']));
$table->construct_cell(htmlspecialchars_uni($smilie['find']));
$table->construct_cell("<a href=\"index.php?module=config-smilies&action=edit&sid={$smilie['sid']}\">{$lang->edit}</a>", array("class" => "align_center"));
function build_users_view($view)
{
global $mybb, $db, $cache, $lang, $user_view_fields, $page;
$view_title = '';
if ($view['title']) {
$title_string = "view_title_{$view['vid']}";
if ($lang->{$title_string}) {
$view['title'] = $lang->{$title_string};
}
$view_title .= " (" . htmlspecialchars_uni($view['title']) . ")";
}
// Build the URL to this view
if (!isset($view['url'])) {
$view['url'] = "index.php?module=user-users";
}
if (!is_array($view['conditions'])) {
$view['conditions'] = unserialize($view['conditions']);
}
if (!is_array($view['fields'])) {
$view['fields'] = unserialize($view['fields']);
}
if (!is_array($view['custom_profile_fields'])) {
$view['custom_profile_fields'] = unserialize($view['custom_profile_fields']);
}
if (isset($mybb->input['username'])) {
$view['conditions']['username'] = $mybb->input['username'];
}
if ($view['vid']) {
$view['url'] .= "&vid={$view['vid']}";
} else {
// If this is a custom view we need to save everything ready to pass it on from page to page
global $admin_session;
if (!$mybb->input['search_id']) {
$search_id = md5(random_str());
$admin_session['data']['user_views'][$search_id] = $view;
update_admin_session('user_views', $admin_session['data']['user_views']);
$mybb->input['search_id'] = $search_id;
}
$view['url'] .= "&search_id=" . htmlspecialchars_uni($mybb->input['search_id']);
}
if (isset($mybb->input['username'])) {
$view['url'] .= "&username="******"&", "&", $view['url'])) {
update_admin_session('last_users_url', str_replace("&", "&", $view['url']));
}
if (isset($view['conditions']['referrer'])) {
$view['url'] .= "&action=referrers&uid=" . htmlspecialchars_uni($view['conditions']['referrer']);
}
// Do we not have any views?
if (empty($view)) {
return false;
}
$table = new Table();
// Build header for table based view
if ($view['view_type'] != "card") {
foreach ($view['fields'] as $field) {
if (!$user_view_fields[$field]) {
continue;
}
$view_field = $user_view_fields[$field];
$field_options = array();
if ($view_field['width']) {
$field_options['width'] = $view_field['width'];
}
if ($view_field['align']) {
$field_options['class'] = "align_" . $view_field['align'];
}
$table->construct_header($view_field['title'], $field_options);
}
$table->construct_header("<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this);\" />");
// Create a header for the "select" boxes
}
$search_sql = '1=1';
// Build the search SQL for users
// List of valid LIKE search fields
$user_like_fields = array("username", "email", "website", "icq", "aim", "yahoo", "msn", "signature", "usertitle");
foreach ($user_like_fields as $search_field) {
if (!empty($view['conditions'][$search_field]) && !$view['conditions'][$search_field . '_blank']) {
$search_sql .= " AND u.{$search_field} LIKE '%" . $db->escape_string_like($view['conditions'][$search_field]) . "%'";
} else {
if (!empty($view['conditions'][$search_field . '_blank'])) {
$search_sql .= " AND u.{$search_field} != ''";
}
}
}
// EXACT matching fields
$user_exact_fields = array("referrer");
foreach ($user_exact_fields as $search_field) {
if (!empty($view['conditions'][$search_field])) {
$search_sql .= " AND u.{$search_field}='" . $db->escape_string($view['conditions'][$search_field]) . "'";
}
}
// LESS THAN or GREATER THAN
$direction_fields = array("postnum");
foreach ($direction_fields as $search_field) {
$direction_field = $search_field . "_dir";
if (isset($view['conditions'][$search_field]) && ($view['conditions'][$search_field] || $view['conditions'][$search_field] === '0') && $view['conditions'][$direction_field]) {
switch ($view['conditions'][$direction_field]) {
case "greater_than":
$direction = ">";
break;
case "less_than":
$direction = "<";
break;
default:
$direction = "=";
}
$search_sql .= " AND u.{$search_field}{$direction}'" . $db->escape_string($view['conditions'][$search_field]) . "'";
}
}
// Registration searching
$reg_fields = array("regdate");
foreach ($reg_fields as $search_field) {
if (!empty($view['conditions'][$search_field]) && intval($view['conditions'][$search_field])) {
$threshold = TIME_NOW - intval($view['conditions'][$search_field]) * 24 * 60 * 60;
$search_sql .= " AND u.{$search_field} >= '{$threshold}'";
}
}
// IP searching
$ip_fields = array("regip", "lastip");
foreach ($ip_fields as $search_field) {
if (!empty($view['conditions'][$search_field])) {
// IPv6 IP
if (strpos($view['conditions'][$search_field], ":") !== false) {
$view['conditions'][$search_field] = str_replace("*", "%", $view['conditions'][$search_field]);
$ip_sql = "{$search_field} LIKE '" . $db->escape_string($view['conditions'][$search_field]) . "'";
} else {
$ip_range = fetch_longipv4_range($view['conditions'][$search_field]);
if (!is_array($ip_range)) {
$ip_sql = "long{$search_field}='{$ip_range}'";
} else {
$ip_sql = "long{$search_field} > '{$ip_range[0]}' AND long{$search_field} < '{$ip_range[1]}'";
}
}
$search_sql .= " AND {$ip_sql}";
}
}
// Post IP searching
if (!empty($view['conditions']['postip'])) {
// IPv6 IP
if (strpos($view['conditions']['postip'], ":") !== false) {
$view['conditions']['postip'] = str_replace("*", "%", $view['conditions']['postip']);
$ip_sql = "ipaddress LIKE '" . $db->escape_string($view['conditions']['postip']) . "'";
} else {
$ip_range = fetch_longipv4_range($view['conditions']['postip']);
if (!is_array($ip_range)) {
$ip_sql = "longipaddress='{$ip_range}'";
} else {
$ip_sql = "longipaddress > '{$ip_range[0]}' AND longipaddress < '{$ip_range[1]}'";
}
}
$ip_uids = array(0);
$query = $db->simple_select("posts", "uid", $ip_sql);
while ($uid = $db->fetch_field($query, "uid")) {
$ip_uids[] = $uid;
}
$search_sql .= " AND u.uid IN(" . implode(',', $ip_uids) . ")";
unset($ip_uids);
}
// Custom Profile Field searching
if ($view['custom_profile_fields']) {
$userfield_sql = '1=1';
foreach ($view['custom_profile_fields'] as $column => $input) {
if (is_array($input)) {
foreach ($input as $value => $text) {
if ($value == $column) {
$value = $text;
}
if ($value == $lang->na) {
continue;
}
if (strpos($column, '_blank') !== false) {
$column = str_replace('_blank', '', $column);
$userfield_sql .= ' AND ' . $db->escape_string($column) . " != ''";
} else {
$userfield_sql .= ' AND ' . $db->escape_string($column) . "='" . $db->escape_string($value) . "'";
}
}
} else {
if (!empty($input)) {
if ($input == $lang->na) {
continue;
}
if (strpos($column, '_blank') !== false) {
$column = str_replace('_blank', '', $column);
$userfield_sql .= ' AND ' . $db->escape_string($column) . " != ''";
} else {
$userfield_sql .= ' AND ' . $db->escape_string($column) . " LIKE '%" . $db->escape_string($input) . "%'";
}
}
}
}
if ($userfield_sql != '1=1') {
$userfield_uids = array(0);
$query = $db->simple_select("userfields", "ufid", $userfield_sql);
while ($userfield = $db->fetch_array($query)) {
$userfield_uids[] = $userfield['ufid'];
}
$search_sql .= " AND u.uid IN(" . implode(',', $userfield_uids) . ")";
unset($userfield_uids);
}
}
// Usergroup based searching
if (isset($view['conditions']['usergroup'])) {
if (!is_array($view['conditions']['usergroup'])) {
$view['conditions']['usergroup'] = array($view['conditions']['usergroup']);
}
foreach ($view['conditions']['usergroup'] as $usergroup) {
$usergroup = intval($usergroup);
if (!$usergroup) {
continue;
}
switch ($db->type) {
case "pgsql":
case "sqlite":
$additional_sql .= " OR ','||additionalgroups||',' LIKE '%,{$usergroup},%'";
break;
default:
$additional_sql .= "OR CONCAT(',',additionalgroups,',') LIKE '%,{$usergroup},%'";
}
}
$search_sql .= " AND (u.usergroup IN (" . implode(",", array_map('intval', $view['conditions']['usergroup'])) . ") {$additional_sql})";
}
// COPPA users only?
if (isset($view['conditions']['coppa'])) {
$search_sql .= " AND u.coppauser=1 AND u.usergroup=5";
}
// Extra SQL?
if (isset($view['extra_sql'])) {
$search_sql .= $view['extra_sql'];
}
// Lets fetch out how many results we have
$query = $db->query("\n\t\tSELECT COUNT(u.uid) AS num_results\n\t\tFROM " . TABLE_PREFIX . "users u\n\t\tWHERE {$search_sql}\n\t");
$num_results = $db->fetch_field($query, "num_results");
// No matching results then return false
if (!$num_results) {
return false;
} else {
if (!$view['perpage']) {
$view['perpage'] = 20;
}
$view['perpage'] = intval($view['perpage']);
// Establish which page we're viewing and the starting index for querying
// Establish which page we're viewing and the starting index for querying
if (!isset($mybb->input['page'])) {
$mybb->input['page'] = 1;
} else {
$mybb->input['page'] = intval($mybb->input['page']);
}
if ($mybb->input['page']) {
$start = ($mybb->input['page'] - 1) * $view['perpage'];
} else {
$start = 0;
$mybb->input['page'] = 1;
}
$from_bit = "";
if (isset($mybb->input['from']) && $mybb->input['from'] == "home") {
$from_bit = "&from=home";
}
switch ($view['sortby']) {
case "regdate":
case "lastactive":
case "postnum":
case "reputation":
$view['sortby'] = $db->escape_string($view['sortby']);
break;
case "numposts":
$view['sortby'] = "postnum";
break;
case "warninglevel":
$view['sortby'] = "warningpoints";
break;
default:
$view['sortby'] = "username";
}
if ($view['sortorder'] != "desc") {
$view['sortorder'] = "asc";
}
$usergroups = $cache->read("usergroups");
// Fetch matching users
$query = $db->query("\n\t\t\tSELECT u.*\n\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\tWHERE {$search_sql}\n\t\t\tORDER BY {$view['sortby']} {$view['sortorder']}\n\t\t\tLIMIT {$start}, {$view['perpage']}\n\t\t");
$users = '';
while ($user = $db->fetch_array($query)) {
$comma = $groups_list = '';
$user['view']['username'] = "******"index.php?module=user-users&action=edit&uid={$user['uid']}\">" . format_name($user['username'], $user['usergroup'], $user['displaygroup']) . "</a>";
$user['view']['usergroup'] = htmlspecialchars_uni($usergroups[$user['usergroup']]['title']);
if ($user['additionalgroups']) {
$additional_groups = explode(",", $user['additionalgroups']);
foreach ($additional_groups as $group) {
$groups_list .= $comma . htmlspecialchars_uni($usergroups[$group]['title']);
$comma = $lang->comma;
}
}
if (!$groups_list) {
$groups_list = $lang->none;
}
$user['view']['additionalgroups'] = "<small>{$groups_list}</small>";
$user['view']['email'] = "<a href=\"mailto:" . htmlspecialchars_uni($user['email']) . "\">" . htmlspecialchars_uni($user['email']) . "</a>";
$user['view']['regdate'] = my_date($mybb->settings['dateformat'], $user['regdate']) . ", " . my_date($mybb->settings['timeformat'], $user['regdate']);
$user['view']['lastactive'] = my_date($mybb->settings['dateformat'], $user['lastactive']) . ", " . my_date($mybb->settings['timeformat'], $user['lastactive']);
// Build popup menu
$popup = new PopupMenu("user_{$user['uid']}", $lang->options);
$popup->add_item($lang->edit_profile_and_settings, "index.php?module=user-users&action=edit&uid={$user['uid']}");
$popup->add_item($lang->ban_user, "index.php?module=user-banning&uid={$user['uid']}#username");
if ($user['usergroup'] == 5) {
if ($user['coppauser']) {
$popup->add_item($lang->approve_coppa_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}");
} else {
$popup->add_item($lang->approve_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}");
}
}
$popup->add_item($lang->delete_user, "index.php?module=user-users&action=delete&uid={$user['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->user_deletion_confirmation}')");
$popup->add_item($lang->show_referred_users, "index.php?module=user-users&action=referrers&uid={$user['uid']}");
$popup->add_item($lang->show_ip_addresses, "index.php?module=user-users&action=ipaddresses&uid={$user['uid']}");
$popup->add_item($lang->show_attachments, "index.php?module=forum-attachments&results=1&username="******"-";
}
if ($mybb->settings['enablewarningsystem'] != 0 && $usergroups[$user['usergroup']]['canreceivewarnings'] != 0) {
$warning_level = round($user['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100);
if ($warning_level > 100) {
$warning_level = 100;
}
$user['view']['warninglevel'] = get_colored_warning_level($warning_level);
}
if ($user['avatar'] && !stristr($user['avatar'], 'http://')) {
$user['avatar'] = "../{$user['avatar']}";
}
if ($view['view_type'] == "card") {
$scaled_avatar = fetch_scaled_avatar($user, 80, 80);
} else {
$scaled_avatar = fetch_scaled_avatar($user, 34, 34);
}
if (!$user['avatar']) {
$user['avatar'] = "styles/{$page->style}/images/default_avatar.gif";
}
$user['view']['avatar'] = "<img src=\"" . htmlspecialchars_uni($user['avatar']) . "\" alt=\"\" width=\"{$scaled_avatar['width']}\" height=\"{$scaled_avatar['height']}\" />";
if ($view['view_type'] == "card") {
$users .= build_user_view_card($user, $view, $i);
} else {
build_user_view_table($user, $view, $table);
}
}
// If card view, we need to output the results
if ($view['view_type'] == "card") {
$table->construct_cell($users);
$table->construct_row();
}
}
if (!isset($view['table_id'])) {
$view['table_id'] = "users_list";
}
$switch_view = "<div class=\"float_right\">";
$switch_url = $view['url'];
if ($mybb->input['page'] > 0) {
$switch_url .= "&page=" . intval($mybb->input['page']);
}
if ($view['view_type'] != "card") {
$switch_view .= "<strong>{$lang->table_view}</strong> | <a href=\"{$switch_url}&type=card\" style=\"font-weight: normal;\">{$lang->card_view}</a>";
} else {
$switch_view .= "<a href=\"{$switch_url}&type=table\" style=\"font-weight: normal;\">{$lang->table_view}</a> | <strong>{$lang->card_view}</strong>";
}
$switch_view .= "</div>";
// Do we need to construct the pagination?
if ($num_results > $view['perpage']) {
$pagination = draw_admin_pagination($mybb->input['page'], $view['perpage'], $num_results, $view['url'] . "&type={$view['view_type']}");
$search_class = "float_right";
$search_style = "";
} else {
$search_class = '';
$search_style = "text-align: right;";
}
$search_action = $view['url'];
// stop &username= in the query string
if ($view_upos = strpos($search_action, '&username='******'post', 'search_form', 0, '', true);
$built_view = $search->construct_return;
$built_view .= "<div class=\"{$search_class}\" style=\"padding-bottom: 3px; margin-top: -9px; {$search_style}\">";
$built_view .= $search->generate_hidden_field('action', 'search') . "\n";
if (isset($view['conditions']['username'])) {
$default_class = '';
$value = $view['conditions']['username'];
} else {
$default_class = "search_default";
$value = $lang->search_for_user;
}
$built_view .= $search->generate_text_box('username', $value, array('id' => 'search_keywords', 'class' => "{$default_class} field150 field_small")) . "\n";
$built_view .= "<input type=\"submit\" class=\"search_button\" value=\"{$lang->search}\" />\n";
if ($view['popup']) {
$built_view .= " <div style=\"display: inline\">{$view['popup']}</div>\n";
}
$built_view .= "<script type='text/javascript'>\n\t\tvar form = document.getElementById('search_form');\n\t\tform.onsubmit = function() {\n\t\t\tvar search = document.getElementById('search_keywords');\n\t\t\tif(search.value == '' || search.value == '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t\t{\n\t\t\t\tsearch.focus();\n\t\t\t\treturn false;\n\t\t\t}\n\t\t}\n\n\t\tvar search = document.getElementById('search_keywords');\n\t\tsearch.onfocus = function()\n\t\t{\n\t\t\tif(this.value == '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t\t{\n\t\t\t\t\$(this).removeClassName('search_default');\n\t\t\t\tthis.value = '';\n\t\t\t}\n\t\t}\n\t\tsearch.onblur = function()\n\t\t{\n\t\t\tif(this.value == '')\n\t\t\t{\n\t\t\t\t\$(this).addClassName('search_default');\n\t\t\t\tthis.value = '" . addcslashes($lang->search_for_user, "'") . "';\n\t\t\t}\n\t\t}\n\t\t// fix the styling used if we have a different default value\n\t\tif(search.value != '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t{\n\t\t\t\$(search).removeClassName('search_default');\n\t\t}\n\t\t</script>\n";
$built_view .= "</div>\n";
// Autocompletion for usernames
$built_view .= '
<script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script>
<script type="text/javascript">
<!--
new autoComplete("search_keywords", "../xmlhttp.php?action=get_users", {valueSpan: "username"});
// -->
</script>';
$built_view .= $search->end();
if (isset($pagination)) {
$built_view .= $pagination;
}
if ($view['view_type'] != "card") {
$checkbox = '';
} else {
$checkbox = "<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this)\" /> ";
}
$built_view .= $table->construct_html("{$switch_view}<div>{$checkbox}{$lang->users}{$view_title}</div>", 1, "", $view['table_id']);
if (isset($pagination)) {
$built_view .= $pagination;
}
$built_view .= '
<script type="text/javascript" src="' . $mybb->settings['bburl'] . '/jscripts/inline_moderation.js?ver=1400"></script>
<form action="index.php?module=user-users" method="post">
<input type="hidden" name="my_post_key" value="' . $mybb->post_code . '" />
<input type="hidden" name="action" value="inline_edit" />
<div class="float_right"><span class="smalltext"><strong>' . $lang->inline_edit . '</strong></span>
<select name="inline_action" class="inline_select">
<option value="multiactivate">' . $lang->inline_activate . '</option>
<option value="multiban">' . $lang->inline_ban . '</option>
<option value="multiusergroup">' . $lang->inline_usergroup . '</option>
<option value="multidelete">' . $lang->inline_delete . '</option>
<option value="multiprune">' . $lang->inline_prune . '</option>
</select>
<input type="submit" class="button" name="go" value="' . $lang->go . ' (0)" id="inline_go" />
<input type="button" onclick="javascript:inlineModeration.clearChecked();" value="' . $lang->clear . '" class="button" />
</div>
</form>
<br style="clear: both;" />
<script type="text/javascript">
<!--
var go_text = "' . $lang->go . '";
var all_text = "1";
var inlineType = "user";
var inlineId = "acp";
// -->
</script>';
return $built_view;
}
* $Id$
*/
// Disallow direct access to this file for security reasons
if (!defined("IN_MYBB")) {
die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
}
$page->add_breadcrumb_item($lang->mybb_credits, "index.php?module=home-credits");
$plugins->run_hooks("admin_home_credits_begin");
if (!$mybb->input['action']) {
$plugins->run_hooks("admin_home_credits_start");
$page->output_header($lang->mybb_credits);
$sub_tabs['credits'] = array('title' => $lang->mybb_credits, 'link' => "index.php?module=home-credits", 'description' => $lang->mybb_credits_description);
$sub_tabs['credits_about'] = array('title' => $lang->about_the_team, 'link' => "http://mybb.com/about/team", 'link_target' => "_blank");
$page->output_nav_tabs($sub_tabs, 'credits');
$table = new Table();
$table->construct_header($lang->product_managers, array('width' => '15%'));
$table->construct_header($lang->developers, array('width' => '15%'));
$table->construct_header($lang->software_quality_assurance, array('width' => '20%'));
$table->construct_header($lang->support_representative, array('width' => '20%'));
$table->construct_header($lang->pr_liaison, array('width' => '15%'));
$table->construct_cell("<a href=\"http://community.mybb.com/user-1.html\" target=\"_blank\">Chris Boulton</a>");
$table->construct_cell("<a href=\"http://community.mybb.com/user-8242.html\" target=\"_blank\">dvb</a>");
$table->construct_cell("<a href=\"http://community.mybb.com/user-6928.html\" target=\"_blank\">Imad Jomaa</a>");
$table->construct_cell("<a href=\"http://community.mybb.com/user-24328.html\" target=\"_blank\">Alan Shepperson</a>");
$table->construct_cell("<a href=\"http://community.mybb.com/user-3971.html\" target=\"_blank\">Ryan Loos</a>");
$table->construct_row();
$table->construct_cell("<a href=\"http://community.mybb.com/user-81.html\" target=\"_blank\">Dennis Tsang</a>");
$table->construct_cell("<a href=\"http://community.mybb.com/user-23291.html\" target=\"_blank\">Huji Lee</a>");
$table->construct_cell("<a href=\"http://community.mybb.com/user-12694.html\" target=\"_blank\">Jitendra M</a>");
$table->construct_cell("<a href=\"http://community.mybb.com/user-22890.html\" target=\"_blank\">Dylan M</a>");
$table->construct_cell(" ");
$table->construct_cell($lang->no_task_logs, array("colspan" => "3"));
$table->construct_row();
}
$table->output($lang->task_logs);
echo $pagination;
$page->output_footer();
}
if (!$mybb->input['action']) {
$plugins->run_hooks("admin_tools_tasks_start");
$page->output_header($lang->task_manager);
$sub_tabs['scheduled_tasks'] = array('title' => $lang->scheduled_tasks, 'link' => "index.php?module=tools/tasks", 'description' => $lang->scheduled_tasks_desc);
$sub_tabs['add_task'] = array('title' => $lang->add_new_task, 'link' => "index.php?module=tools/tasks&action=add");
$sub_tabs['task_logs'] = array('title' => $lang->view_task_logs, 'link' => "index.php?module=tools/tasks&action=logs");
$page->output_nav_tabs($sub_tabs, 'scheduled_tasks');
$table = new Table();
$table->construct_header($lang->task);
$table->construct_header($lang->next_run, array("class" => "align_center", "width" => 200));
$table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
$query = $db->simple_select("tasks", "*", "", array("order_by" => "title", "order_dir" => "asc"));
while ($task = $db->fetch_array($query)) {
$task['title'] = htmlspecialchars_uni($task['title']);
$task['description'] = htmlspecialchars_uni($task['description']);
$next_run = date($mybb->settings['dateformat'], $task['nextrun']) . ", " . date($mybb->settings['timeformat'], $task['nextrun']);
if ($task['enabled'] == 1) {
$icon = "<img src=\"styles/{$page->style}/images/icons/bullet_on.gif\" alt=\"({$lang->alt_enabled})\" title=\"{$lang->alt_enabled}\" style=\"vertical-align: middle;\" /> ";
} else {
$icon = "<img src=\"styles/{$page->style}/images/icons/bullet_off.gif\" alt=\"({$lang->alt_disabled})\" title=\"{$lang->alt_disabled}\" style=\"vertical-align: middle;\" /> ";
}
$table->construct_cell("<div class=\"float_right\"><a href=\"index.php?module=tools/tasks&action=run&tid={$task['tid']}&my_post_key={$mybb->post_code}\"><img src=\"styles/{$page->style}/images/icons/run_task.gif\" title=\"{$lang->run_task_now}\" alt=\"{$lang->run_task}\" /></a></div><div>{$icon}<strong><a href=\"index.php?module=tools/tasks&action=edit&tid={$task['tid']}\">{$task['title']}</a></strong><br /><small>{$task['description']}</small></div>");
$table->construct_cell($next_run, array("class" => "align_center"));
$popup = new PopupMenu("task_{$task['tid']}", $lang->options);
} else {
$hid = intval($mybb->input['hid']);
$page->output_confirm_action("index.php?module=config-help_documents&action=delete&hid={$hid}", $lang->confirm_document_deletion);
}
}
}
// List document and sections
if (!$mybb->input['action']) {
$plugins->run_hooks("admin_config_help_documents_start");
$page->output_header($lang->help_documents);
$sub_tabs['manage_help_documents'] = array('title' => $lang->manage_help_documents, 'link' => "index.php?module=config-help_documents", 'description' => $lang->manage_help_documents_desc);
$sub_tabs['add_help_document'] = array('title' => $lang->add_new_document, 'link' => "index.php?module=config-help_documents&action=add&type=document");
$sub_tabs['add_help_section'] = array('title' => $lang->add_new_section, 'link' => "index.php?module=config-help_documents&action=add&type=section");
$page->output_nav_tabs($sub_tabs, 'manage_help_documents');
$table = new Table();
$table->construct_header($lang->section_document);
$table->construct_header($lang->controls, array('class' => "align_center", 'colspan' => 2, "width" => "150"));
$query = $db->simple_select("helpsections", "*", "", array('order_by' => "disporder"));
while ($section = $db->fetch_array($query)) {
// Icon to differentiate section type
if ($section['sid'] > 2) {
$icon = "<img src=\"styles/default/images/icons/custom.gif\" title=\"{$lang->custom_doc_sec}\" alt=\"{$lang->custom_doc_sec}\" style=\"vertical-align: middle;\" />";
} else {
$icon = "<img src=\"styles/default/images/icons/default.gif\" title=\"{$lang->default_doc_sec}\" alt=\"{$lang->default_doc_sec}\" style=\"vertical-align: middle;\" />";
}
$table->construct_cell("<div class=\"float_right\">{$icon}</div><div><strong><a href=\"index.php?module=config-help_documents&action=edit&sid={$section['sid']}\">{$section['name']}</a></strong><br /><small>{$section['description']}</small></div>");
$table->construct_cell("<a href=\"index.php?module=config-help_documents&action=edit&sid={$section['sid']}\">{$lang->edit}</a>", array("class" => "align_center", "width" => '60'));
// Show delete only if not a default section
if ($section['sid'] > 2) {
$table->construct_cell("<a href=\"index.php?module=config-help_documents&action=delete&sid={$section['sid']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_section_deletion}')\">{$lang->delete}</a>", array("class" => "align_center", "width" => '90'));
} else {
function newpoints_shop_admin_stats()
{
global $form, $db, $lang, $mybb;
newpoints_lang_load("newpoints_shop");
echo "<br />";
// table
$table = new Table();
$table->construct_header($lang->newpoints_shop_item, array('width' => '30%'));
$table->construct_header($lang->newpoints_shop_username, array('width' => '30%'));
$table->construct_header($lang->newpoints_shop_price, array('width' => '20%', 'class' => 'align_center'));
$table->construct_header($lang->newpoints_shop_date, array('width' => '20%', 'class' => 'align_center'));
$query = $db->simple_select('newpoints_log', '*', 'action=\'shop_purchase\'', array('order_by' => 'date', 'order_dir' => 'DESC', 'limit' => intval($mybb->settings['newpoints_shop_lastpurchases'])));
while ($stats = $db->fetch_array($query)) {
$data = explode('-', $stats['data']);
$item = newpoints_shop_get_item($data[0]);
$table->construct_cell(htmlspecialchars_uni($item['name']));
$link = build_profile_link(htmlspecialchars_uni($stats['username']), intval($stats['uid']));
$table->construct_cell($link);
$table->construct_cell(newpoints_format_points($data[1]), array('class' => 'align_center'));
$table->construct_cell(my_date($mybb->settings['dateformat'], intval($stats['date']), '', false) . ", " . my_date($mybb->settings['timeformat'], intval($stats['date'])), array('class' => 'align_center'));
$table->construct_row();
}
if ($table->num_rows() == 0) {
$table->construct_cell($lang->newpoints_error_gathering, array('colspan' => 4));
$table->construct_row();
}
$table->output($lang->newpoints_stats_lastpurchases);
}
$latest_version = "<strong>" . $tree['mybb']['latest_version']['value'] . "</strong> (" . $latest_code . ")";
if ($latest_code > $mybb->version_code) {
$latest_version = "<span style=\"color: #C00;\">" . $latest_version . "</span>";
$version_warn = 1;
$updated_cache['latest_version'] = $latest_version;
$updated_cache['latest_version_code'] = $latest_code;
} else {
$version_warn = 0;
$latest_version = "<span style=\"color: green;\">" . $latest_version . "</span>";
}
$cache->update("update_check", $updated_cache);
require_once MYBB_ROOT . "inc/class_feedparser.php";
$feed_parser = new FeedParser();
$feed_parser->parse_feed("http://feeds.feedburner.com/MyBBDevelopmentBlog");
$table = new Table();
$table->construct_header($lang->your_version);
$table->construct_header($lang->latest_version);
$table->construct_cell("<strong>" . $mybb->version . "</strong> (" . $mybb->version_code . ")");
$table->construct_cell($latest_version);
$table->construct_row();
$table->output($lang->version_check);
if ($version_warn) {
$page->output_error("<p><em>{$lang->error_out_of_date}</em> {$lang->update_forum}</p>");
} else {
$page->output_success("<p><em>{$lang->success_up_to_date}</em></p>");
}
if ($feed_parser->error == '') {
foreach ($feed_parser->items as $item) {
if ($item['date_timestamp']) {
$stamp = my_date($mybb->settings['dateformat'], $item['date_timestamp']) . ", " . my_date($mybb->settings['timeformat'], $item['date_timestamp']);
} else {
$title = $lang->disallowed_usernames;
break;
default:
$type = "1";
$title = $lang->banned_ip_addresses;
$mybb->input['type'] = "ips";
}
$page->output_header($title);
$sub_tabs['ips'] = array('title' => $lang->banned_ips, 'link' => "index.php?module=config/banning", 'description' => $lang->banned_ips_desc);
$sub_tabs['users'] = array('title' => $lang->banned_accounts, 'link' => "index.php?module=user/banning");
$sub_tabs['usernames'] = array('title' => $lang->disallowed_usernames, 'link' => "index.php?module=config/banning&type=usernames", 'description' => $lang->disallowed_usernames_desc);
$sub_tabs['emails'] = array('title' => $lang->disallowed_email_addresses, 'link' => "index.php?module=config/banning&type=emails", 'description' => $lang->disallowed_email_addresses_desc);
$page->output_nav_tabs($sub_tabs, $mybb->input['type']);
$table = new Table();
if ($mybb->input['type'] == "usernames") {
$table->construct_header($lang->username);
$table->construct_header($lang->date_disallowed, array("class" => "align_center", "width" => 200));
$table->construct_header($lang->last_attempted_use, array("class" => "align_center", "width" => 200));
} else {
if ($mybb->input['type'] == "emails") {
$table->construct_header($lang->email_address);
$table->construct_header($lang->date_disallowed, array("class" => "align_center", "width" => 200));
$table->construct_header($lang->last_attempted_use, array("class" => "align_center", "width" => 200));
} else {
$table->construct_header($lang->ip_address);
$table->construct_header($lang->ban_date, array("class" => "align_center", "width" => 200));
$table->construct_header($lang->last_access, array("class" => "align_center", "width" => 200));
}
}
$table->construct_header($lang->controls, array("width" => 1));
$query = $db->simple_select("banfilters", "*", "type='{$type}'", array("order_by" => "filter", "order_dir" => "asc"));
// not needed; just for having it as an option
// take a look at it for other plugins
function navTabsDlmngr()
{
global $page, $lang, $db;
$sub_tabs['manage'] = array('title' => $lang->downloads_dlmngr_manage, 'link' => "index.php?module=dlmngr/manage");
// get the link for the plugin settings
$gid = $db->fetch_field($db->simple_select("settings", "gid", "name='downloads_isactive'"), "gid");
$sub_tabs['settings'] = array('title' => $lang->downloads_dlmngr_settings, 'link' => "index.php?module=config/settings&action=change&gid={$gid}");
$page->output_nav_tabs($sub_tabs, 'manage');
}
#navTabsDlmngr();
// well, now go on with the real code
// create the page table, and add the column headers
$table = new Table();
$table->construct_header($lang->downloads_dlmngr_project);
$table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
// get the downloads
$query = $db->simple_select("downloads", "dlid, title, desc_short, preview", "1=1 ORDER BY 'dlid' DESC");
while ($dlitem = $db->fetch_array($query)) {
// display each download
// get some info about the download
$projectname = $dlitem['title'];
$dlid = $dlitem['dlid'];
$desc_short = $dlitem['desc_short'];
// create the "Edit/Delete" popup menu
$popup = new PopupMenu("project_{$dlid}", $lang->options);
// Add the items
$popup->add_item($lang->downloads_dlmngr_edit, "index.php?module=dlmngr/manage&action=edit&dlid={$dlid}");
$popup->add_item($lang->downloads_dlmngr_delete, "index.php?module=dlmngr/manage&action=delete&dlid={$dlid}");
if ($dlitem['public'] == 1) {
if (!$mybb->input['action']) {
$plugins->run_hooks("admin_config_post_icons_start");
$page->output_header($lang->post_icons);
$sub_tabs['manage_icons'] = array('title' => $lang->manage_post_icons, 'link' => "index.php?module=config/post_icons", 'description' => $lang->manage_post_icons_desc);
$sub_tabs['add_icon'] = array('title' => $lang->add_post_icon, 'link' => "index.php?module=config/post_icons&action=add");
$sub_tabs['add_multiple'] = array('title' => $lang->add_multiple_post_icons, 'link' => "index.php?module=config/post_icons&action=add_multiple");
$page->output_nav_tabs($sub_tabs, 'manage_icons');
$pagenum = intval($mybb->input['page']);
if ($pagenum) {
$start = ($pagenum - 1) * 20;
} else {
$start = 0;
$pagenum = 1;
}
$table = new Table();
$table->construct_header($lang->image, array('class' => "align_center", 'width' => 1));
$table->construct_header($lang->name, array('width' => "70%"));
$table->construct_header($lang->controls, array('class' => "align_center", 'colspan' => 2));
$query = $db->simple_select("icons", "*", "", array('limit_start' => $start, 'limit' => 20, 'order_by' => 'name'));
while ($icon = $db->fetch_array($query)) {
if (my_strpos($icon['path'], "p://") || substr($icon['path'], 0, 1) == "/") {
$image = $icon['path'];
} else {
$image = "../" . $icon['path'];
}
$table->construct_cell("<img src=\"{$image}\" alt=\"\" />", array("class" => "align_center"));
$table->construct_cell("{$icon['name']}");
$table->construct_cell("<a href=\"index.php?module=config/post_icons&action=edit&iid={$icon['iid']}\">{$lang->edit}</a>", array("class" => "align_center"));
$table->construct_cell("<a href=\"index.php?module=config/post_icons&action=delete&iid={$icon['iid']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_post_icon_deletion}')\">{$lang->delete}</a>", array("class" => "align_center"));
$table->construct_row();
}
if ($mybb->input['page'] > 0) {
$current_page = intval($mybb->input['page']);
$start = ($current_page - 1) * $per_page;
$pages = $ban_count / $per_page;
$pages = ceil($pages);
if ($current_page > $pages) {
$start = 0;
$current_page = 1;
}
} else {
$start = 0;
$current_page = 1;
}
$pagination = draw_admin_pagination($current_page, $per_page, $ban_count, "index.php?module=user-banning&page={page}");
$table = new Table();
$table->construct_header($lang->user);
$table->construct_header($lang->ban_lifts_on, array("class" => "align_center", "width" => 150));
$table->construct_header($lang->time_left, array("class" => "align_center", "width" => 150));
$table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 2, "width" => 200));
$table->construct_header($lang->moderation, array("class" => "align_center", "colspan" => 1, "width" => 200));
// Fetch bans
$query = $db->query("\n\t\tSELECT b.*, a.username AS adminuser, u.username\n\t\tFROM " . TABLE_PREFIX . "banned b\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (b.uid=u.uid) \n\t\tLEFT JOIN " . TABLE_PREFIX . "users a ON (b.admin=a.uid) \n\t\tORDER BY lifted ASC\n\t\tLIMIT {$start}, {$per_page}\n\t");
// Get the banned users
while ($ban = $db->fetch_array($query)) {
$profile_link = build_profile_link($ban['username'], $ban['uid'], "_blank");
$ban_date = my_date($mybb->settings['dateformat'], $ban['dateline']);
if ($ban['lifted'] == 'perm' || $ban['lifted'] == '' || $ban['bantime'] == 'perm' || $ban['bantime'] == '---') {
$ban_period = $lang->permenantly;
$time_remaining = $lifts_on = $lang->na;
} else {
$ban_period = $lang->for . " " . $ban_times[$ban['bantime']];
// Get the global announcements
foreach ($global_announcements as $aid => $announcement) {
if ($announcement['enddate'] < TIME_NOW && $announcement['enddate'] != 0) {
$icon = "<img src=\"styles/{$page->style}/images/icons/bullet_off.png\" alt=\"(Expired)\" title=\"Expired Announcement\" style=\"vertical-align: middle;\" /> ";
} else {
$icon = "<img src=\"styles/{$page->style}/images/icons/bullet_on.png\" alt=\"(Active)\" title=\"Active Announcement\" style=\"vertical-align: middle;\" /> ";
}
$table->construct_cell($icon . "<a href=\"index.php?module=forum-announcements&action=edit&aid={$aid}\">" . htmlspecialchars_uni($announcement['subject']) . "</a>");
$table->construct_cell("<a href=\"index.php?module=forum-announcements&action=edit&aid={$aid}\">{$lang->edit}</a>", array("class" => "align_center", "width" => 75));
$table->construct_cell("<a href=\"index.php?module=forum-announcements&action=delete&aid={$aid}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_announcement_deletion}')\">{$lang->delete}</a>", array("class" => "align_center", "width" => 75));
$table->construct_row();
}
$table->output($lang->global_announcements);
}
$table = new Table();
$table->construct_header($lang->announcement);
$table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 2, "width" => 200));
fetch_forum_announcements($table);
if ($table->num_rows() == 0) {
$table->construct_cell($lang->no_forums, array("colspan" => "3"));
$table->construct_row();
}
$table->output($lang->forum_announcements);
$page->output_footer();
}
/**
* @param DefaultTable $table
* @param int $pid
* @param int $depth
*/
function fetch_forum_announcements(&$table, $pid = 0, $depth = 1)
function restfulapi_admin_load()
{
global $mybb, $db, $page, $lang, $cache;
if ($page->active_action == RESTFULAPI_URL) {
$page->add_breadcrumb_item($lang->restfulapi_title);
$page->output_header($lang->restfulapi_title);
$result = $db->simple_select("apisettings");
$action = "config";
if (isset($mybb->input["action"]) && in_array($mybb->input["action"], array("manage-keys", "add-key"))) {
$action = $mybb->input["action"];
}
$navs = array("config" => array("link" => "index.php?module=config-" . RESTFULAPI_URL, "title" => $lang->restfulapi_config, "description" => $lang->restfulapi_config_description), "manage-keys" => array("link" => "index.php?module=config-" . RESTFULAPI_URL . "&action=manage-keys", "title" => $lang->restfulapi_manage_api_keys, "description" => $lang->restfulapi_manage_api_keys_description), "add-key" => array("link" => "index.php?module=config-" . RESTFULAPI_URL . "&action=add-key", "title" => $lang->restfulapi_add_api_key, "description" => $lang->restfulapi_add_api_key_description));
$page->output_nav_tabs($navs, $action);
switch ($action) {
case "manage-keys":
if (isset($mybb->input["do"]) && in_array($mybb->input["do"], array("regenerate", "edit", "delete"))) {
$do = $mybb->input["do"];
if ($do == "edit" && isset($mybb->input["key_id"]) && is_string($mybb->input["key_id"])) {
$key_id = (int) $db->escape_string($mybb->input["key_id"]);
$result = $db->simple_select("apikeys", "*", "id='{$key_id}'");
if ($result->num_rows != 1) {
flash_message($lang->restfulapi_key_not_found, "error");
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
exit;
}
if ($mybb->request_method == "post" && isset($mybb->input["apicustomer"]) && is_string($mybb->input["apicustomer"]) && isset($mybb->input["apicomment"]) && is_string($mybb->input["apicomment"]) && isset($mybb->input["maxreq"]) && is_numeric($mybb->input["maxreq"]) && isset($mybb->input["maxreqrate"]) && in_array($mybb->input["maxreqrate"], array("m", "w", "d", "h"))) {
$update = array("apicustomer" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicustomer"])), "apicomment" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicomment"])), "maxreq" => (int) $mybb->input["maxreq"], "maxreqrate" => $db->escape_string(htmlspecialchars_uni($mybb->input["maxreqrate"])));
$db->update_query("apikeys", $update, "id='{$key_id}'");
$db->delete_query("apipermissions", "apikey='{$key_id}'");
if (isset($mybb->input["apinames"]) && is_array($mybb->input["apinames"])) {
$insert_allowed = array();
foreach ($mybb->input["apinames"] as $apiname) {
$insert_allowed[] = array("apikey" => $key_id, "apiname" => $db->escape_string($apiname));
}
$db->insert_query_multiple("apipermissions", $insert_allowed);
}
restfulapi_cache_rebuild();
flash_message($lang->restfulapi_key_edited_successfully, "success");
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
} else {
$keyset = $result->fetch_array();
$form = new Form("index.php?module=config-" . RESTFULAPI_URL . "&action=manage-keys&do=edit&key_id={$key_id}", "post", "edit");
$form_container = new FormContainer($lang->restfulapi_edit_api_key);
$form_container->output_row($lang->restfulapi_customer_name . " <em>*</em>", $lang->restfulapi_customer_name_description, $form->generate_text_box('apicustomer', htmlspecialchars_uni($keyset["apicustomer"]), array('id' => 'apicustomer')), 'apicustomer');
$rate_types = array("h" => $lang->restfulapi_per_hour, "d" => $lang->restfulapi_per_day, "w" => $lang->restfulapi_per_week, "m" => $lang->restfulapi_per_month);
$form_container->output_row($lang->restfulapi_max_requests . " <em>*</em>", $lang->restfulapi_max_requests_description, $form->generate_text_box('maxreq', htmlspecialchars_uni($keyset["maxreq"]), array('id' => 'maxreq')) . " " . $form->generate_select_box('maxreqrate', $rate_types, htmlspecialchars_uni($keyset["maxreqrate"]), array('id' => 'maxreqrate')), 'maxreq');
$form_container->output_row($lang->restfulapi_comment, $lang->restfulapi_comment_description, $form->generate_text_area('apicomment', htmlspecialchars_uni($keyset["apicomment"]), array('id' => 'apicomment')), 'apicomment');
$apis = glob(RESTFULAPI_PATH . "api/*api.class.php");
$presentable_apis = array();
foreach ($apis as $key => $value) {
$value = htmlspecialchars_uni(str_replace(array(RESTFULAPI_PATH . "api/", "api.class.php"), "", $value));
$presentable_apis[$value] = $value;
}
$selected = array();
// reminder, $key_id has already been escaped!
$result = $db->simple_select("apipermissions", "*", "apikey='{$key_id}'");
while ($apipermission = $db->fetch_array($result)) {
$selected[] = $apipermission["apiname"];
}
$form_container->output_row($lang->restfulapi_select_allowed_apis, $lang->restfulapi_select_allowed_apis_description, $form->generate_select_box('apinames[]', $presentable_apis, $selected, array('id' => 'apinames', 'multiple' => true, 'size' => 10)), 'apinames');
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->restfulapi_edit_api_key);
$form->output_submit_wrapper($buttons);
$form->end();
}
} elseif ($do == "delete" && isset($mybb->input["key_id"]) && isset($mybb->input["my_post_key"]) && verify_post_check($mybb->input["my_post_key"])) {
$key_id = $db->escape_string($mybb->input["key_id"]);
if ($db->simple_select("apikeys", "*", "id='{$key_id}'")->num_rows == 1) {
$db->delete_query("apipermissions", "apikey='{$key_id}'");
$db->delete_query("apikeys", "id='{$key_id}'");
restfulapi_cache_rebuild();
flash_message($lang->restfulapi_key_deleted_successfully, "success");
} else {
flash_message($lang->restfulapi_key_not_found, "error");
}
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
} elseif ($do == "regenerate" && isset($mybb->input["key_id"]) && isset($mybb->input["my_post_key"]) && verify_post_check($mybb->input["my_post_key"])) {
$key_id = $db->escape_string($mybb->input["key_id"]);
if ($db->simple_select("apikeys", "*", "id='{$key_id}'")->num_rows == 1) {
$apikey = restfulapi_generate_key();
/* can't figure out a better way to generate a random yet never-generated-before API key than this one */
while ($db->simple_select("apikeys", "*", "apikey='{$apikey}'")->num_rows != 0) {
$apikey = restfulapi_generate_key();
}
$update = array("apikey" => $db->escape_string(htmlspecialchars_uni($apikey)));
$db->update_query("apikeys", $update, "id='{$key_id}'");
restfulapi_cache_rebuild();
flash_message($lang->restfulapi_key_regenerated_successfully, "success");
} else {
flash_message($lang->restfulapi_key_not_found, "error");
}
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
}
} else {
$restfulapi_cache = $cache->read("restfulapi");
$apikeysets = $restfulapi_cache["keys"];
$table = new Table();
$table->construct_header($lang->restfulapi_customer, array("width" => "15%"));
$table->construct_header($lang->restfulapi_api_key, array("class" => "align_center", "width" => "29%"));
$table->construct_header($lang->restfulapi_comment, array("class" => "align_center", "width" => "30%"));
$table->construct_header($lang->restfulapi_usage, array("class" => "align_center", "width" => "5%"));
$table->construct_header($lang->restfulapi_controls, array("class" => "align_center", "width" => "21%", "colspan" => 3));
if (count($apikeysets) == 0) {
$table->construct_cell($lang->sprintf($lang->restfulapi_no_api_key, '<a href="index.php?module=config-restfulapi&action=add-key">', '</a>'), array("class" => "first", "colspan" => 5));
$table->construct_row();
} else {
// TODO : pagination maybe ?
foreach ($apikeysets as $key => $keyset) {
$table->construct_cell("<b>" . htmlspecialchars_uni($keyset['apicustomer']) . "</b>");
$table->construct_cell(htmlspecialchars_uni($keyset['apikey']));
$table->construct_cell(htmlspecialchars_uni($keyset['apicomment']));
$table->construct_cell(htmlspecialchars_uni($keyset['access']), array("class" => "align_center"));
$table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=regenerate&key_id={$keyset['id']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->restfulapi_regenerate_api_key_confirmation}')\">{$lang->restfulapi_regenerate_api_key}</a>", array("class" => "align_center", "width" => "9%"));
$table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=edit&key_id={$keyset['id']}\">{$lang->restfulapi_edit}</a>", array("class" => "align_center", "width" => "6%"));
$table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=delete&key_id={$keyset['id']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->restfulapi_delete_confirm}')\">{$lang->restfulapi_delete}</a>", array("class" => "align_center", "width" => "6%"));
$table->construct_row();
}
}
$table->output($lang->restfulapi_manage_api_keys);
}
break;
case "add-key":
if ($mybb->request_method == "post" && isset($mybb->input["apicustomer"]) && is_string($mybb->input["apicustomer"]) && isset($mybb->input["apicomment"]) && is_string($mybb->input["apicomment"]) && isset($mybb->input["maxreq"]) && is_numeric($mybb->input["maxreq"]) && isset($mybb->input["maxreqrate"]) && in_array($mybb->input["maxreqrate"], array("m", "w", "d", "h"))) {
$apikey = restfulapi_generate_key();
/* can't figure out a better way to generate a random yet never-generated-before API key than this one */
while ($db->simple_select("apikeys", "*", "apikey='{$db->escape_string($apikey)}'")->num_rows != 0) {
$apikey = restfulapi_generate_key();
}
$insert = array("apicustomer" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicustomer"])), "apicomment" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicomment"])), "access" => 0, "maxreq" => (int) $mybb->input["maxreq"], "maxreqrate" => $db->escape_string(htmlspecialchars_uni($mybb->input["maxreqrate"])), "apikey" => $db->escape_string(htmlspecialchars_uni($apikey)));
$apikeyid = $db->insert_query("apikeys", $insert);
if (isset($mybb->input["apinames"]) && is_array($mybb->input["apinames"])) {
$insert_allowed = array();
foreach ($mybb->input["apinames"] as $apiname) {
$insert_allowed[] = array("apikey" => $db->escape_string($apikeyid), "apiname" => $db->escape_string($apiname));
}
$db->insert_query_multiple("apipermissions", $insert_allowed);
}
restfulapi_cache_rebuild();
flash_message($lang->sprintf($lang->restfulapi_generated_successfully, $apikey, $mybb->input["apicustomer"]), 'success');
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
} else {
$form = new Form("index.php?module=config-" . RESTFULAPI_URL . "&action=add-key", "post", "add");
$form_container = new FormContainer($lang->restfulapi_add_api_key);
$form_container->output_row($lang->restfulapi_customer_name . " <em>*</em>", $lang->restfulapi_customer_name_description, $form->generate_text_box('apicustomer', '', array('id' => 'apicustomer')), 'apicustomer');
$rate_types = array("h" => $lang->restfulapi_per_hour, "d" => $lang->restfulapi_per_day, "w" => $lang->restfulapi_per_week, "m" => $lang->restfulapi_per_month);
$form_container->output_row($lang->restfulapi_max_requests . " <em>*</em>", $lang->restfulapi_max_requests_description, $form->generate_text_box('maxreq', '0', array('id' => 'maxreq')) . " " . $form->generate_select_box('maxreqrate', $rate_types, "m", array('id' => 'maxreqrate')), 'maxreq');
$form_container->output_row($lang->restfulapi_comment, $lang->restfulapi_comment_description, $form->generate_text_area('apicomment', '', array('id' => 'apicomment')), 'apicomment');
$apis = glob(RESTFULAPI_PATH . "api/*api.class.php");
$presentable_apis = array();
foreach ($apis as $key => $value) {
$value = htmlspecialchars_uni(str_replace(array(RESTFULAPI_PATH . "api/", "api.class.php"), "", $value));
$presentable_apis[$value] = $value;
}
$form_container->output_row($lang->restfulapi_select_allowed_apis . " <em>*</em>", $lang->restfulapi_select_allowed_apis_description, $form->generate_select_box('apinames[]', $presentable_apis, array_keys($presentable_apis), array('id' => 'apinames', 'multiple' => true, 'size' => 10)), 'apinames');
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->restfulapi_generate_api_key);
$form->output_submit_wrapper($buttons);
$form->end();
}
break;
default:
$apilist = $cache->read("restfulapilist");
// routine to install newly detected APIs, and activate them if needed
restfulapi_apilist_activate();
if ($mybb->request_method == "post") {
// we delete all the previously-deactivated options
$db->delete_query("apisettings", "apiaction='deactivate'");
$inserts = array();
foreach ($mybb->input as $key => $input) {
if (substr($key, 0, 7) == "option_" && $input == "1") {
// replace first occurrence of 'option_' with '' in case the option name is 'option_', so that 'option_option_' won't be all replaced into an empty string
// yeah I know, probably would never happen but we never know
$option = preg_replace('/option\\_/', '', $key, 1);
restfulapi_api_activate($option);
} elseif (substr($key, 0, 7) == "option_" && $input == "0") {
$option = preg_replace('/option\\_/', '', $key, 1);
restfulapi_api_deactivate($option);
}
}
flash_message($lang->restfulapi_saved_config, "success");
admin_redirect("index.php?module=config-restfulapi");
} else {
$result = $db->simple_select("apisettings", "*", "apiaction='deactivate'");
$deactivatedapis = array();
while ($apiarray = $db->fetch_array($result)) {
$deactivatedapis[] = $apiarray["apivalue"];
}
if (count($apilist) == 0) {
echo '<div class="notice">' . $lang->sprintf($lang->restfulapi_no_api, '<a href="index.php?module=config-restfulapi&action=add-key">', '</a>') . '</div>';
} else {
$form = new Form("index.php?module=config-" . RESTFULAPI_URL, "post", "config");
$form_container = new FormContainer($lang->restfulapi_config);
$table = new Table();
foreach ($apilist as $api => $info_array) {
require_once RESTFULAPI_PATH . "api/" . $api . "api.class.php";
$api = htmlspecialchars_uni($api);
$apiclass = $api . "api";
$api_instance = new $apiclass();
$info_array = $api_instance->info();
$name = isset($info_array["name"]) && is_string($info_array["name"]) ? htmlspecialchars_uni($info_array["name"]) . " : " . $api : $api;
$description = isset($info_array["description"]) && is_string($info_array["description"]) ? htmlspecialchars_uni($info_array["description"]) : $lang->restfulapi_config_on_off_description;
$setting_code = $form->generate_on_off_radio("option_" . $api, in_array($api, $deactivatedapis) ? 0 : 1, true, array('id' => $api . '_yes'), array('id' => $api . '_no'));
$form_container->output_row($name, $description, $setting_code, '', array(), array('id' => 'row_' . $api));
}
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->restfulapi_save_config);
$form->output_submit_wrapper($buttons);
$form->end();
}
}
break;
}
$page->output_footer();
}
}
// Log admin action
log_admin_action($mybb->input['title']);
flash_message($lang->success_cache_reloaded, 'success');
admin_redirect("index.php?module=tools-cache");
} else {
flash_message($lang->error_cannot_rebuild, 'error');
admin_redirect("index.php?module=tools-cache");
}
}
if (!$mybb->input['action']) {
$plugins->run_hooks("admin_tools_cache_start");
$page->output_header($lang->cache_manager);
$sub_tabs['cache_manager'] = array('title' => $lang->cache_manager, 'link' => "index.php?module=tools-cache", 'description' => $lang->cache_manager_description);
$page->output_nav_tabs($sub_tabs, 'cache_manager');
$table = new Table();
$table->construct_header($lang->name);
$table->construct_header($lang->size, array("class" => "align_center", "width" => 100));
$table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
$query = $db->simple_select("datacache");
while ($cacheitem = $db->fetch_array($query)) {
$table->construct_cell("<strong><a href=\"index.php?module=tools-cache&action=view&title=" . urlencode($cacheitem['title']) . "\">{$cacheitem['title']}</a></strong>");
$table->construct_cell(get_friendly_size(strlen($cacheitem['cache'])), array("class" => "align_center"));
if (method_exists($cache, "update_" . $cacheitem['title'])) {
$table->construct_cell("<a href=\"index.php?module=tools-cache&action=rebuild&title=" . urlencode($cacheitem['title']) . "&my_post_key={$mybb->post_code}\">" . $lang->rebuild_cache . "</a>", array("class" => "align_center"));
} elseif (method_exists($cache, "reload_" . $cacheitem['title'])) {
$table->construct_cell("<a href=\"index.php?module=tools-cache&action=reload&title=" . urlencode($cacheitem['title']) . "&my_post_key={$mybb->post_code}\">" . $lang->reload_cache . "</a>", array("class" => "align_center"));
} else {
$table->construct_cell("");
}
$table->construct_row();
}
// Show a listing of group leaders
if ($mybb->input['action'] == "leaders") {
$query = $db->simple_select("usergroups", "*", "gid='" . $mybb->get_input('gid', MyBB::INPUT_INT) . "'");
$group = $db->fetch_array($query);
if (!$group['gid']) {
flash_message($lang->error_invalid_user_group, 'error');
admin_redirect("index.php?module=user-groups");
}
$plugins->run_hooks("admin_user_groups_leaders");
$page->add_breadcrumb_item($lang->group_leaders_for . ' ' . htmlspecialchars_uni($group['title']));
$page->output_header($lang->group_leaders_for . ' ' . htmlspecialchars_uni($group['title']));
$sub_tabs = array();
$sub_tabs['group_leaders'] = array('title' => $lang->manage_group_leaders, 'link' => "index.php?module=user-groups&action=leaders&gid={$group['gid']}", 'description' => $lang->manage_group_leaders_desc);
$page->output_nav_tabs($sub_tabs, 'group_leaders');
$table = new Table();
$table->construct_header($lang->user);
$table->construct_header($lang->can_manage_members, array("class" => 'align_center', "width" => 200));
$table->construct_header($lang->can_manage_join_requests, array("class" => 'align_center', "width" => 200));
$table->construct_header($lang->can_invite_members, array("class" => 'align_center', "width" => 200));
$table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 2, "width" => 200));
$query = $db->query("\n\t\tSELECT g.*, u.username\n\t\tFROM " . TABLE_PREFIX . "groupleaders g\n\t\tINNER JOIN " . TABLE_PREFIX . "users u ON (u.uid=g.uid)\n\t\tWHERE g.gid='{$group['gid']}'\n\t\tORDER BY u.username ASC\n\t");
while ($leader = $db->fetch_array($query)) {
$leader['username'] = htmlspecialchars_uni($leader['username']);
if ($leader['canmanagemembers']) {
$canmanagemembers = $lang->yes;
} else {
$canmanagemembers = $lang->no;
}
if ($leader['canmanagerequests']) {
$canmanagerequests = $lang->yes;
} else {
$table->construct_cell($lang->no_credits);
$table->construct_row();
} else {
$largest_count = $i = 0;
$team_max = array();
foreach ($mybb_credits['credits'] as $team) {
$count = count($team['members']);
$team_max[$i++] = $count;
if ($largest_count < $count) {
$largest_count = $count;
}
}
$largest_count -= 1;
$table = new Table();
foreach ($mybb_credits['credits'] as $team) {
$table->construct_header($team['title'], array('width' => '16%'));
}
for ($i = 0; $i <= $largest_count; $i++) {
foreach ($team_max as $team => $max) {
if ($max < $i) {
$table->construct_cell(" ");
} else {
$table->construct_cell("<a href=\"{$mybb_credits['credits'][$team]['members'][$i]['profile']}\" title=\"{$mybb_credits['credits'][$team]['members'][$i]['username']}\" target=\"_blank\">{$mybb_credits['credits'][$team]['members'][$i]['name']}</a>");
}
}
$table->construct_row();
}
}
$table->output($lang->mybb_credits);
$page->output_footer();
}
/**
* Builds the "view management" interface allowing administrators to edit their custom designed "views"
*
* @param string The base URL to this instance of the view manager
* @param string The internal type identifier for this view
* @param array Array of fields this view supports
* @param array Array of possible sort options this view supports if any
* @param string Optional callback function which generates list of "conditions" for this view
*/
function view_manager($base_url, $type, $fields, $sort_options = array(), $conditions_callback = "")
{
global $mybb, $db, $page, $lang;
$sub_tabs['views'] = array('title' => $lang->views, 'link' => "{$base_url}&action=views", 'description' => $lang->views_desc);
$sub_tabs['create_view'] = array('title' => $lang->create_new_view, 'link' => "{$base_url}&action=views&do=add", 'description' => $lang->create_new_view_desc);
$page->add_breadcrumb_item($lang->view_manager, 'index.php?module=user-users&action=views');
// Lang strings should be in global lang file
if ($mybb->input['do'] == "set_default") {
$query = $db->simple_select("adminviews", "vid, uid, visibility", "vid='" . $mybb->get_input('vid', MyBB::INPUT_INT) . "'");
$admin_view = $db->fetch_array($query);
if (!$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
flash_message($lang->error_invalid_admin_view, 'error');
admin_redirect($base_url . "&action=views");
}
set_default_view($type, $admin_view['vid']);
flash_message($lang->succuss_view_set_as_default, 'success');
admin_redirect($base_url . "&action=views");
}
if ($mybb->input['do'] == "add") {
if ($mybb->request_method == "post") {
if (!trim($mybb->input['title'])) {
$errors[] = $lang->error_missing_view_title;
}
if ($mybb->input['fields_js']) {
$mybb->input['fields'] = explode(",", $mybb->input['fields_js']);
}
if (count($mybb->input['fields']) <= 0) {
$errors[] = $lang->error_no_view_fields;
}
if ($mybb->get_input('perpage', MyBB::INPUT_INT) <= 0) {
$errors[] = $lang->error_invalid_view_perpage;
}
if (!in_array($mybb->input['sortby'], array_keys($sort_options))) {
$errors[] = $lang->error_invalid_view_sortby;
}
if ($mybb->input['sortorder'] != "asc" && $mybb->input['sortorder'] != "desc") {
$errors[] = $lang->error_invalid_view_sortorder;
}
if ($mybb->input['visibility'] == 0) {
$mybb->input['visibility'] = 2;
}
if (!$errors) {
$new_view = array("uid" => $mybb->user['uid'], "title" => $db->escape_string($mybb->input['title']), "type" => $type, "visibility" => $mybb->get_input('visibility', MyBB::INPUT_INT), "fields" => $db->escape_string(my_serialize($mybb->input['fields'])), "conditions" => $db->escape_string(my_serialize($mybb->input['conditions'])), "custom_profile_fields" => $db->escape_string(my_serialize($mybb->input['profile_fields'])), "sortby" => $db->escape_string($mybb->input['sortby']), "sortorder" => $db->escape_string($mybb->input['sortorder']), "perpage" => $mybb->get_input('perpage', MyBB::INPUT_INT), "view_type" => $db->escape_string($mybb->input['view_type']));
$vid = $db->insert_query("adminviews", $new_view);
if ($mybb->input['isdefault']) {
set_default_view($type, $vid);
}
flash_message($lang->success_view_created, "success");
admin_redirect($base_url . "&vid={$vid}");
}
} else {
$mybb->input = array_merge($mybb->input, array('perpage' => 20));
}
// Write in our JS based field selector
$page->extra_header .= "<script src=\"jscripts/view_manager.js\" type=\"text/javascript\"></script>\n";
$page->add_breadcrumb_item($lang->create_new_view);
$page->output_header($lang->create_new_view);
$form = new Form($base_url . "&action=views&do=add", "post");
$page->output_nav_tabs($sub_tabs, 'create_view');
// If we have any error messages, show them
if ($errors) {
$page->output_inline_error($errors);
}
$form_container = new FormContainer($lang->create_new_view);
$form_container->output_row($lang->title . " <em>*</em>", "", $form->generate_text_box('title', $mybb->input['title'], array('id' => 'title')), 'title');
if ($mybb->input['visibility'] == 2) {
$visibility_public_checked = true;
} else {
$visibility_private_checked = true;
}
$visibility_options = array($form->generate_radio_button("visibility", "1", "<strong>{$lang->private}</strong> - {$lang->private_desc}", array("checked" => $visibility_private_checked)), $form->generate_radio_button("visibility", "2", "<strong>{$lang->public}</strong> - {$lang->public_desc}", array("checked" => $visibility_public_checked)));
$form_container->output_row($lang->visibility, "", implode("<br />", $visibility_options));
$form_container->output_row($lang->set_as_default_view, "", $form->generate_yes_no_radio("isdefault", $mybb->input['isdefault'], array('yes' => 1, 'no' => 0)));
if (count($sort_options) > 0) {
$sort_directions = array("asc" => $lang->ascending, "desc" => $lang->descending);
$form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby')) . " {$lang->in} " . $form->generate_select_box('sortorder', $sort_directions, $mybb->input['sortorder'], array('id' => 'sortorder')), 'sortby');
}
$form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->input['perpage'], array('id' => 'perpage', 'min' => 1)), 'perpage');
if ($type == "user") {
$form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('view_type', 'table', $lang->table, array('checked' => $mybb->input['view_type'] != "card" ? true : false)) . "<br />" . $form->generate_radio_button('view_type', 'card', $lang->business_card, array('checked' => $mybb->input['view_type'] == "card" ? true : false)));
}
$form_container->end();
$field_select .= "<div class=\"view_fields\">\n";
$field_select .= "<div class=\"enabled\"><div class=\"fields_title\">{$lang->enabled}</div><ul id=\"fields_enabled\">\n";
if (is_array($mybb->input['fields'])) {
foreach ($mybb->input['fields'] as $field) {
if ($fields[$field]) {
$field_select .= "<li id=\"field-{$field}\">• {$fields[$field]['title']}</li>";
$active[$field] = 1;
}
}
}
$field_select .= "</ul></div>\n";
$field_select .= "<div class=\"disabled\"><div class=\"fields_title\">{$lang->disabled}</div><ul id=\"fields_disabled\">\n";
foreach ($fields as $key => $field) {
if ($active[$key]) {
continue;
}
$field_select .= "<li id=\"field-{$key}\">• {$field['title']}</li>";
}
$field_select .= "</div></ul>\n";
$field_select .= $form->generate_hidden_field("fields_js", @implode(",", @array_keys($active)), array('id' => 'fields_js'));
$field_select = str_replace("'", "\\'", $field_select);
$field_select = str_replace("\n", "", $field_select);
$field_select = "<script type=\"text/javascript\">\n//<![CDATA[\ndocument.write('" . str_replace("/", "\\/", $field_select) . "');\n//]]>\n</script>\n";
foreach ($fields as $key => $field) {
$field_options[$key] = $field['title'];
}
$field_select .= "<noscript>" . $form->generate_select_box('fields[]', $field_options, $mybb->input['fields'], array('id' => 'fields', 'multiple' => true)) . "</noscript>\n";
$form_container = new FormContainer($lang->fields_to_show);
$form_container->output_row($lang->fields_to_show_desc, $description, $field_select);
$form_container->end();
// Build the search conditions
if (function_exists($conditions_callback)) {
$conditions_callback($mybb->input, $form);
}
$buttons[] = $form->generate_submit_button($lang->save_view);
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
} else {
if ($mybb->input['do'] == "edit") {
$query = $db->simple_select("adminviews", "*", "vid='" . $mybb->get_input('vid', MyBB::INPUT_INT) . "'");
$admin_view = $db->fetch_array($query);
// Does the view not exist?
if (!$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
flash_message($lang->error_invalid_admin_view, 'error');
admin_redirect($base_url . "&action=views");
}
if ($mybb->request_method == "post") {
if (!trim($mybb->input['title'])) {
$errors[] = $lang->error_missing_view_title;
}
if ($mybb->input['fields_js']) {
$mybb->input['fields'] = explode(",", $mybb->input['fields_js']);
}
if (count($mybb->input['fields']) <= 0) {
$errors[] = $lang->error_no_view_fields;
}
if ($mybb->get_input('perpage', MyBB::INPUT_INT) <= 0) {
$errors[] = $lang->error_invalid_view_perpage;
}
if (!in_array($mybb->input['sortby'], array_keys($sort_options))) {
$errors[] = $lang->error_invalid_view_sortby;
}
if ($mybb->input['sortorder'] != "asc" && $mybb->input['sortorder'] != "desc") {
$errors[] = $lang->error_invalid_view_sortorder;
}
if ($mybb->input['visibility'] == 0) {
$mybb->input['visibility'] = 2;
}
if (!$errors) {
$updated_view = array("title" => $db->escape_string($mybb->input['title']), "type" => $type, "visibility" => $mybb->get_input('visibility', MyBB::INPUT_INT), "fields" => $db->escape_string(my_serialize($mybb->input['fields'])), "conditions" => $db->escape_string(my_serialize($mybb->input['conditions'])), "custom_profile_fields" => $db->escape_string(my_serialize($mybb->input['profile_fields'])), "sortby" => $db->escape_string($mybb->input['sortby']), "sortorder" => $db->escape_string($mybb->input['sortorder']), "perpage" => $mybb->get_input('perpage', MyBB::INPUT_INT), "view_type" => $db->escape_string($mybb->input['view_type']));
$db->update_query("adminviews", $updated_view, "vid='{$admin_view['vid']}'");
if ($mybb->input['isdefault']) {
set_default_view($type, $admin_view['vid']);
}
flash_message($lang->success_view_updated, "success");
admin_redirect($base_url . "&vid={$admin_view['vid']}");
}
}
// Write in our JS based field selector
$page->extra_header .= "<script src=\"jscripts/view_manager.js\" type=\"text/javascript\"></script>\n";
$page->add_breadcrumb_item($lang->edit_view);
$page->output_header($lang->edit_view);
$form = new Form($base_url . "&action=views&do=edit&vid={$admin_view['vid']}", "post");
$sub_tabs = array();
$sub_tabs['edit_view'] = array('title' => $lang->edit_view, 'link' => $base_url . "&action=views&do=edit&vid={$admin_view['vid']}", 'description' => $lang->edit_view_desc);
$page->output_nav_tabs($sub_tabs, 'edit_view');
// If we have any error messages, show them
if ($errors) {
$page->output_inline_error($errors);
} else {
$admin_view['conditions'] = my_unserialize($admin_view['conditions']);
$admin_view['fields'] = my_unserialize($admin_view['fields']);
$admin_view['profile_fields'] = my_unserialize($admin_view['custom_profile_fields']);
$mybb->input = array_merge($mybb->input, $admin_view);
$mybb->input['isdefault'] = 0;
$default_view = fetch_default_view($type);
if ($default_view == $admin_view['vid']) {
$mybb->input['isdefault'] = 1;
}
}
$form_container = new FormContainer($lang->edit_view);
$form_container->output_row($lang->view . " <em>*</em>", "", $form->generate_text_box('title', $mybb->input['title'], array('id' => 'title')), 'title');
if ($mybb->input['visibility'] == 2) {
$visibility_public_checked = true;
} else {
$visibility_private_checked = true;
}
$visibility_options = array($form->generate_radio_button("visibility", "1", "<strong>{$lang->private}</strong> - {$lang->private_desc}", array("checked" => $visibility_private_checked)), $form->generate_radio_button("visibility", "2", "<strong>{$lang->public}</strong> - {$lang->public_desc}", array("checked" => $visibility_public_checked)));
$form_container->output_row($lang->visibility, "", implode("<br />", $visibility_options));
$form_container->output_row($lang->set_as_default_view, "", $form->generate_yes_no_radio("isdefault", $mybb->input['isdefault'], array('yes' => 1, 'no' => 0)));
if (count($sort_options) > 0) {
$sort_directions = array("asc" => $lang->ascending, "desc" => $lang->descending);
$form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby')) . " {$lang->in} " . $form->generate_select_box('sortorder', $sort_directions, $mybb->input['sortorder'], array('id' => 'sortorder')), 'sortby');
}
$form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->input['perpage'], array('id' => 'perpage', 'min' => 1)), 'perpage');
if ($type == "user") {
$form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('view_type', 'table', $lang->table, array('checked' => $mybb->input['view_type'] != "card" ? true : false)) . "<br />" . $form->generate_radio_button('view_type', 'card', $lang->business_card, array('checked' => $mybb->input['view_type'] == "card" ? true : false)));
}
$form_container->end();
$field_select .= "<div class=\"view_fields\">\n";
$field_select .= "<div class=\"enabled\"><div class=\"fields_title\">{$lang->enabled}</div><ul id=\"fields_enabled\">\n";
if (is_array($mybb->input['fields'])) {
foreach ($mybb->input['fields'] as $field) {
if ($fields[$field]) {
$field_select .= "<li id=\"field-{$field}\">• {$fields[$field]['title']}</li>";
$active[$field] = 1;
}
}
}
$field_select .= "</ul></div>\n";
$field_select .= "<div class=\"disabled\"><div class=\"fields_title\">{$lang->disabled}</div><ul id=\"fields_disabled\">\n";
if (is_array($fields)) {
foreach ($fields as $key => $field) {
if ($active[$key]) {
continue;
}
$field_select .= "<li id=\"field-{$key}\">• {$field['title']}</li>";
}
}
$field_select .= "</div></ul>\n";
$field_select .= $form->generate_hidden_field("fields_js", @implode(",", @array_keys($active)), array('id' => 'fields_js'));
$field_select = str_replace("'", "\\'", $field_select);
$field_select = str_replace("\n", "", $field_select);
$field_select = "<script type=\"text/javascript\">\n//<![CDATA[\ndocument.write('" . str_replace("/", "\\/", $field_select) . "');\n//]]></script>\n";
foreach ($fields as $key => $field) {
$field_options[$key] = $field['title'];
}
$field_select .= "<noscript>" . $form->generate_select_box('fields[]', $field_options, $mybb->input['fields'], array('id' => 'fields', 'multiple' => true)) . "</noscript>\n";
$form_container = new FormContainer($lang->fields_to_show);
$form_container->output_row($lang->fields_to_show_desc, $description, $field_select);
$form_container->end();
// Build the search conditions
if (function_exists($conditions_callback)) {
$conditions_callback($mybb->input, $form);
}
$buttons[] = $form->generate_submit_button($lang->save_view);
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
} else {
if ($mybb->input['do'] == "delete") {
if ($mybb->input['no']) {
admin_redirect($base_url . "&action=views");
}
$query = $db->simple_select("adminviews", "COUNT(vid) as views");
$views = $db->fetch_field($query, "views");
if ($views == 0) {
flash_message($lang->error_cannot_delete_view, 'error');
admin_redirect($base_url . "&action=views");
}
$vid = $mybb->get_input('vid', MyBB::INPUT_INT);
$query = $db->simple_select("adminviews", "vid, uid, visibility", "vid = '{$vid}'");
$admin_view = $db->fetch_array($query);
if ($vid == 1 || !$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
flash_message($lang->error_invalid_view_delete, 'error');
admin_redirect($base_url . "&action=views");
}
if ($mybb->request_method == "post") {
$db->delete_query("adminviews", "vid='{$admin_view['vid']}'");
flash_message($lang->success_view_deleted, 'success');
admin_redirect($base_url . "&action=views");
} else {
$page->output_confirm_action($base_url . "&action=views&do=delete&vid={$admin_view['vid']}", $lang->confirm_view_deletion);
}
} else {
if ($mybb->input['do'] == "export") {
$xml = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?" . ">\n";
$xml = "<adminviews version=\"" . $mybb->version_code . "\" exported=\"" . TIME_NOW . "\">\n";
if ($mybb->input['type']) {
$type_where = "type='" . $db->escape_string($mybb->input['type']) . "'";
}
$query = $db->simple_select("adminviews", "*", $type_where);
while ($admin_view = $db->fetch_array($query)) {
$fields = my_unserialize($admin_view['fields']);
$conditions = my_unserialize($admin_view['conditions']);
$admin_view['title'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['title']);
$admin_view['sortby'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['sortby']);
$admin_view['sortorder'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['sortorder']);
$admin_view['view_type'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['view_type']);
$xml .= "\t<view vid=\"{$admin_view['vid']}\" uid=\"{$admin_view['uid']}\" type=\"{$admin_view['type']}\" visibility=\"{$admin_view['visibility']}\">\n";
$xml .= "\t\t<title><![CDATA[{$admin_view['title']}]]></title>\n";
$xml .= "\t\t<fields>\n";
foreach ($fields as $field) {
$xml .= "\t\t\t<field name=\"{$field}\" />\n";
}
$xml .= "\t\t</fields>\n";
$xml .= "\t\t<conditions>\n";
foreach ($conditions as $name => $condition) {
if (!$conditions) {
continue;
}
if (is_array($condition)) {
$condition = my_serialize($condition);
$is_serialized = " is_serialized=\"1\"";
}
$condition = str_replace(']]>', ']]]]><![CDATA[>', $condition);
$xml .= "\t\t\t<condition name=\"{$name}\"{$is_serialized}><![CDATA[{$condition}]]></condition>\n";
}
$xml .= "\t\t</conditions>\n";
$xml .= "\t\t<sortby><![CDATA[{$admin_view['sortby']}]]></sortby>\n";
$xml .= "\t\t<sortorder><![CDATA[{$admin_view['sortorder']}]]></sortorder>\n";
$xml .= "\t\t<perpage><![CDATA[{$admin_view['perpage']}]]></perpage>\n";
$xml .= "\t\t<view_type><![CDATA[{$admin_view['view_type']}]]></view_type>\n";
$xml .= "\t</view>\n";
}
$xml .= "</adminviews>\n";
$mybb->settings['bbname'] = urlencode($mybb->settings['bbname']);
header("Content-disposition: filename=" . $mybb->settings['bbname'] . "-views.xml");
header("Content-Length: " . my_strlen($xml));
header("Content-type: unknown/unknown");
header("Pragma: no-cache");
header("Expires: 0");
echo $xml;
exit;
} else {
$page->output_header($lang->view_manager);
$page->output_nav_tabs($sub_tabs, 'views');
$table = new Table();
$table->construct_header($lang->view);
$table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
$default_view = fetch_default_view($type);
$query = $db->simple_select("adminviews", "COUNT(vid) as views");
$views = $db->fetch_field($query, "views");
$query = $db->query("\n\t\t\tSELECT v.*, u.username\n\t\t\tFROM " . TABLE_PREFIX . "adminviews v\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=v.uid)\n\t\t\tWHERE v.visibility='2' OR (v.visibility='1' AND v.uid='{$mybb->user['uid']}')\n\t\t\tORDER BY title\n\t\t");
while ($view = $db->fetch_array($query)) {
$created = "";
if ($view['uid'] == 0) {
$view_type = "default";
$default_class = "grey";
} else {
if ($view['visibility'] == 2) {
$view_type = "group";
if ($view['username']) {
$created = "<br /><small>{$lang->created_by} {$view['username']}</small>";
}
} else {
$view_type = "user";
}
}
$default_add = '';
if ($default_view == $view['vid']) {
$default_add = " ({$lang->default})";
}
$title_string = "view_title_{$view['vid']}";
if ($lang->{$title_string}) {
$view['title'] = $lang->{$title_string};
}
$table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$view_type}.png\" title=\"" . $lang->sprintf($lang->this_is_a_view, $view_type) . "\" alt=\"{$view_type}\" /></div><div class=\"{$default_class}\"><strong><a href=\"{$base_url}&action=views&do=edit&vid={$view['vid']}\" >{$view['title']}</a></strong>{$default_add}{$created}</div>");
$popup = new PopupMenu("view_{$view['vid']}", $lang->options);
$popup->add_item($lang->edit_view, "{$base_url}&action=views&do=edit&vid={$view['vid']}");
if ($view['vid'] != $default_view) {
$popup->add_item($lang->set_as_default, "{$base_url}&action=views&do=set_default&vid={$view['vid']}");
}
if ($views > 1 && $view['vid'] != 1) {
$popup->add_item($lang->delete_view, "{$base_url}&action=views&do=delete&vid={$view['vid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->confirm_view_deletion}')");
}
$controls = $popup->fetch();
$table->construct_cell($controls, array("class" => "align_center"));
$table->construct_row();
}
$table->output($lang->view);
echo <<<LEGEND
<br />
<fieldset>
<legend>{$lang->legend}</legend>
<img src="styles/{$page->style}/images/icons/default.png" alt="{$lang->default}" style="vertical-align: middle;" /> {$lang->default_view_desc}<br />
<img src="styles/{$page->style}/images/icons/group.png" alt="{$lang->public}" style="vertical-align: middle;" /> {$lang->public_view_desc}<br />
<img src="styles/{$page->style}/images/icons/user.png" alt="{$lang->private}" style="vertical-align: middle;" /> {$lang->private_view_desc}</fieldset>
LEGEND;
$page->output_footer();
}
}
}
}
}
// Log admin action
log_admin_action($mycode['cid'], $mycode['title']);
flash_message($lang->success_deleted_mycode, 'success');
admin_redirect("index.php?module=config/mycode");
} else {
$page->output_confirm_action("index.php?module=config/mycode&action=delete&cid={$mycode['cid']}", $lang->confirm_mycode_deletion);
}
}
if (!$mybb->input['action']) {
$plugins->run_hooks("admin_config_mycode_start");
$page->output_header($lang->custom_mycode);
$sub_tabs['mycode'] = array('title' => $lang->mycode, 'link' => "index.php?module=config/mycode", 'description' => $lang->mycode_desc);
$sub_tabs['add_new_mycode'] = array('title' => $lang->add_new_mycode, 'link' => "index.php?module=config/mycode&action=add");
$page->output_nav_tabs($sub_tabs, 'mycode');
$table = new Table();
$table->construct_header($lang->title);
$table->construct_header($lang->controls, array('class' => 'align_center', 'width' => 150));
$query = $db->simple_select("mycode", "*", "", array('order_by' => 'parseorder'));
while ($mycode = $db->fetch_array($query)) {
if ($mycode['active'] == 1) {
$phrase = $lang->deactivate_mycode;
$indicator = '';
} else {
$phrase = $lang->activate_mycode;
$indicator = "<div class=\"float_right\"><small>{$lang->deactivated}</small></div>";
}
if ($mycode['description']) {
$mycode['description'] = "<small>{$mycode['description']}</small>";
}
$table->construct_cell("{$indicator}<strong><a href=\"index.php?module=config/mycode&action=edit&cid={$mycode['cid']}\">{$mycode['title']}</a></strong><br />{$mycode['description']}");
$popup = new PopupMenu("mycode_{$mycode['cid']}", $lang->options);
$page->output_nav_tabs($sub_tabs, 'templates');
$themes = array();
$query = $db->simple_select("themes", "name,tid,properties", "tid != '1'");
while ($theme = $db->fetch_array($query)) {
$tbits = unserialize($theme['properties']);
$themes[$tbits['templateset']][$theme['tid']] = $theme['name'];
}
$template_sets = array();
$template_sets[-1]['title'] = $lang->global_templates;
$template_sets[-1]['sid'] = -1;
$query = $db->simple_select("templatesets", "*", "", array('order_by' => 'title', 'order_dir' => 'ASC'));
while ($template_set = $db->fetch_array($query)) {
$template_sets[$template_set['sid']] = $template_set;
}
$table = new Table();
$table->construct_header($lang->template_set);
$table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
foreach ($template_sets as $set) {
if ($set['sid'] == -1) {
$table->construct_cell("<strong><a href=\"index.php?module=style/templates&sid=-1\">{$lang->global_templates}</a></strong><br /><small>{$lang->used_by_all_themes}</small>");
$table->construct_cell("<a href=\"index.php?module=style/templates&sid=-1\">{$lang->expand_templates}</a>", array("class" => "align_center"));
$table->construct_row();
continue;
}
if ($themes[$set['sid']]) {
$used_by_note = $lang->used_by;
$comma = "";
foreach ($themes[$set['sid']] as $theme_name) {
$used_by_note .= $comma . $theme_name;
$comma = ", ";
}
$pages = $postcount / $perpage;
$pages = ceil($pages);
if ($mybb->input['page'] == "last") {
$pagecnt = $pages;
}
if ($pagecnt > $pages) {
$pagecnt = 1;
}
if ($pagecnt) {
$start = ($pagecnt - 1) * $perpage;
} else {
$start = 0;
$pagecnt = 1;
}
$table = new Table();
$table->construct_header($lang->username, array('width' => '10%'));
$table->construct_header($lang->date, array('class' => 'align_center', 'width' => '15%'));
$table->construct_header($lang->information, array('class' => 'align_center', 'width' => '65%'));
$table->construct_header($lang->ipaddress, array('class' => 'align_center', 'width' => '10%'));
$query = $db->query("\n\t\tSELECT l.*, u.username, u.usergroup, u.displaygroup\n\t\tFROM " . TABLE_PREFIX . "adminlog l\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=l.uid)\n\t\tWHERE 1=1 {$where}\n\t\tORDER BY {$sortby} {$order}\n\t\tLIMIT {$start}, {$perpage}\n\t");
while ($logitem = $db->fetch_array($query)) {
$information = '';
$logitem['dateline'] = date("jS M Y, G:i", $logitem['dateline']);
$trow = alt_trow();
$username = format_name($logitem['username'], $logitem['usergroup'], $logitem['displaygroup']);
$logitem['profilelink'] = build_profile_link($username, $logitem['uid'], "_blank");
$logitem['data'] = unserialize($logitem['data']);
// Get detailed information from meta
$information = get_admin_log_action($logitem);
$table->construct_cell($logitem['profilelink']);
$table->construct_cell($logitem['dateline'], array('class' => 'align_center'));
<?php
// Disallow direct access to this file for security reasons
if (!defined("IN_MYBB")) {
die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
}
$page->add_breadcrumb_item("CloudFlare Manager", "index.php?module=cloudflare");
$page->add_breadcrumb_item("Top Threats", "index.php?module=cloudflare-topthreats");
if (!$mybb->input['action']) {
$page->output_header("CloudFlare Manager - Top Threats");
$table = new Table();
$table->construct_header("#", array("colspan" => 1));
$table->construct_header("IP Address", array("colspan" => 1));
$table->construct_header("Hits", array("colspan" => 1));
$table->construct_header("Threat Score", array("colspan" => 1));
if (function_exists('geoip_record_by_name')) {
$table->construct_header("Location", array("colspan" => 1));
}
$table->construct_header("DNS", array("colspan" => 1));
$table->construct_header("Options", array("colspan" => 1));
$array = objectToArray(cloudflare_recent_visitors("t", "24")->response);
$count = 0;
foreach ($array['ips'] as $n => $data) {
++$count;
}
foreach ($array['ips'] as $n => $data) {
$i = ++$number;
if ($i < 11) {
$table->construct_cell("<strong>" . $i . "</strong>", array('width' => '1%'));
$table->construct_cell("<a href=\"index.php?module=cloudflare-whois&action=lookup&server=" . $data['ip'] . "\" target=\"_blank\">" . $data['ip'] . "</a> ", array('width' => '25%'));
$table->construct_cell(number_format($data['hits']), array('width' => '25%'));
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->save_post_tool);
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
}
if (!$mybb->input['action']) {
$plugins->run_hooks("admin_config_mod_tools_start");
$page->output_header($lang->mod_tools . " - " . $lang->thread_tools);
$sub_tabs['thread_tools'] = array('title' => $lang->thread_tools, 'link' => "index.php?module=config-mod_tools", 'description' => $lang->thread_tools_desc);
$sub_tabs['add_thread_tool'] = array('title' => $lang->add_new_thread_tool, 'link' => "index.php?module=config-mod_tools&action=add_thread_tool");
$sub_tabs['post_tools'] = array('title' => $lang->post_tools, 'link' => "index.php?module=config-mod_tools&action=post_tools");
$sub_tabs['add_post_tool'] = array('title' => $lang->add_new_post_tool, 'link' => "index.php?module=config-mod_tools&action=add_post_tool");
$page->output_nav_tabs($sub_tabs, 'thread_tools');
$table = new Table();
$table->construct_header($lang->title);
$table->construct_header($lang->controls, array('class' => "align_center", 'colspan' => 2));
$query = $db->simple_select('modtools', 'tid, name, description, type', "type='t'", array('order_by' => 'name'));
while ($tool = $db->fetch_array($query)) {
$table->construct_cell("<a href=\"index.php?module=config-mod_tools&action=edit_thread_tool&tid={$tool['tid']}\"><strong>" . htmlspecialchars_uni($tool['name']) . "</strong></a><br /><small>" . htmlspecialchars_uni($tool['description']) . "</small>");
$table->construct_cell("<a href=\"index.php?module=config-mod_tools&action=edit_thread_tool&tid={$tool['tid']}\">{$lang->edit}</a>", array('width' => 100, 'class' => "align_center"));
$table->construct_cell("<a href=\"index.php?module=config-mod_tools&action=delete_thread_tool&tid={$tool['tid']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_thread_tool_deletion}')\">{$lang->delete}</a>", array('width' => 100, 'class' => "align_center"));
$table->construct_row();
}
if ($table->num_rows() == 0) {
$table->construct_cell($lang->no_thread_tools, array('colspan' => 3));
$table->construct_row();
}
$table->output($lang->thread_tools);
$page->output_footer();
}
$per_page = intval($mybb->input['filter']['per_page']);
}
$start = ($view_page - 1) * $per_page;
// Build the base URL for pagination links
$url = 'index.php?module=tools-warninglog';
if (is_array($mybb->input['filter']) && count($mybb->input['filter'])) {
foreach ($mybb->input['filter'] as $field => $value) {
$value = urlencode($value);
$url .= "&filter[{$field}]={$value}";
}
}
// The actual query
$sql = "\n\t\tSELECT\n\t\t\tw.wid, w.title as custom_title, w.points, w.dateline, w.issuedby, w.expires, w.expired, w.daterevoked, w.revokedby,\n\t\t\tt.title,\n\t\t\tu.uid, u.username, u.usergroup, u.displaygroup,\n\t\t\ti.uid as mod_uid, i.username as mod_username, i.usergroup as mod_usergroup, i.displaygroup as mod_displaygroup\n\t\tFROM " . TABLE_PREFIX . "warnings w\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u on (w.uid=u.uid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "warningtypes t ON (w.tid=t.tid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users i ON (i.uid=w.issuedby)\n\t\tWHERE 1=1\n\t\t\t{$where_sql}\n\t\tORDER BY {$sortby} {$order}\n\t\tLIMIT {$start}, {$per_page}\n\t";
$query = $db->query($sql);
$table = new Table();
$table->construct_header($lang->warned_user, array('width' => '15%'));
$table->construct_header($lang->warning, array("class" => "align_center", 'width' => '25%'));
$table->construct_header($lang->date_issued, array("class" => "align_center", 'width' => '20%'));
$table->construct_header($lang->expires, array("class" => "align_center", 'width' => '20%'));
$table->construct_header($lang->issued_by, array("class" => "align_center", 'width' => '15%'));
$table->construct_header($lang->options, array("class" => "align_center", 'width' => '5%'));
while ($row = $db->fetch_array($query)) {
if (!$row['username']) {
$row['username'] = $lang->guest;
}
$trow = alt_trow();
$username = format_name($row['username'], $row['usergroup'], $row['displaygroup']);
if (!$row['uid']) {
$username_link = $username;
} else {
$username_link = build_profile_link($username, $row['uid'], "_blank");