public function main($action) { $this->user->add_lang_ext('alg/newpmajax', 'newpmajax'); //not allowed send PM for anonymous if ($this->user->data['is_bot'] || $this->user->data['user_id'] == ANONYMOUS) { $return_error['ERROR'][] = $this->user->lang['LOGIN_REQUIRED']; $json_response = new \phpbb\json_response(); $json_response->send($return_error); } switch ($action) { case 'add_to': case 'add_bcc': $this->add_sender($action); break; default: $this->error[] = array('error' => $this->user->lang('NO_ACTION_MODE', E_USER_ERROR)); } if (sizeof($this->error)) { $return_error = array(); foreach ($this->error as $cur_error) { // replace lang vars if possible $return_error['ERROR'][] = isset($this->user->lang[$cur_error['error']]) ? $this->user->lang[$cur_error['error']] : $cur_error['error']; } $json_response = new \phpbb\json_response(); $json_response->send($return_error); } else { $json_response = new \phpbb\json_response(); $json_response->send($this->return); } }
/** * Mentions controller accessed from the URL /mentions/user_list * * @return null * @access public */ public function get_userlist() { // Send a JSON response if an AJAX request was used if ($this->request->is_ajax()) { // If we have a query_string, we just get those usernames $query_string = $this->request->variable('term', '') ? $this->request->variable('term', '') : false; $user_list = $this->mentions->get_userlist($query_string); $user_list = array_values($user_list); $json_response = new \phpbb\json_response(); $json_response->send($user_list); } }
/** * Check if request is ajax and output quickedit if it is * * @param object $event The event object * @return null * @access public */ public function catch_ajax_requests($event) { // Parse page for quickedit window if ($this->helper->is_catchable_request($event)) { // Add hidden fields $this->helper->add_hidden_fields($event); // Update S_HIDDEN_FIELDS in page_data $this->template->assign_vars(array_merge($event['page_data'], array('S_HIDDEN_FIELDS' => $event['s_hidden_fields']))); $this->template->set_filenames(array('body' => '@marc_quickedit/quickedit_body.html')); $json = new \phpbb\json_response(); $json->send(array('POST_ID' => $event['post_id'], 'MESSAGE' => $this->template->assign_display('body'))); } }
public function like($post_id) { if ($this->user->data['user_type'] != 1 and $this->user->data['user_type'] != 2) { $json_response = new \phpbb\json_response(); $user_id = $this->user->data['user_id']; if ($post_id and $user_id) { $this->db->sql_query("INSERT INTO " . $this->table_prefix . "post_likes (`post_id`, `user_id`)\n\t\t\t\t\tVALUES ('" . $post_id . "', '" . $user_id . "')"); $err = $this->db->get_sql_error_returned(); if ($err['code'] == 1062) { $json_response->send(['status' => 'already liked']); } } $json_response->send(['status' => 'ok', 'postId' => $post_id, 'message' => $this->getLikeMessage($this->request->variable('like_opt', 'opt2'))]); } }
public function move($action) { if ($action == 'drag_drop') { if (!$this->request->is_ajax()) { return; } $tablename = $this->request->variable('tablename', ''); $bbcodes_list = $this->request->variable($tablename, array(0 => '')); foreach ($bbcodes_list as $order => $bbcode_id) { if ($order == 0) { continue; } $sql = 'UPDATE ' . BBCODES_TABLE . ' SET bbcode_order = ' . $order . ' WHERE bbcode_id = ' . (int) $bbcode_id; $this->db->sql_query($sql); } $this->resynchronize_bbcode_order(); $json_response = new \phpbb\json_response(); $json_response->send(array('success' => true)); } else { $bbcode_id = $this->request->variable('id', 0); if (!check_link_hash($this->request->variable('hash', ''), $action . $bbcode_id)) { trigger_error($this->user->lang('FORM_INVALID'), E_USER_WARNING); } $sql = 'SELECT bbcode_order FROM ' . BBCODES_TABLE . "\n\t\t\t\tWHERE bbcode_id = {$bbcode_id}"; $result = $this->db->sql_query($sql); $current_order = (int) $this->db->sql_fetchfield('bbcode_order'); $this->db->sql_freeresult($result); if ($current_order <= 1 && $action == 'move_up') { return; } $order_total = $current_order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . BBCODES_TABLE . ' SET bbcode_order = ' . $order_total . ' - bbcode_order WHERE bbcode_order IN (' . $current_order . ', ' . ($action == 'move_up' ? $current_order - 1 : $current_order + 1) . ')'; $this->db->sql_query($sql); $this->resynchronize_bbcode_order(); if ($this->request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => (bool) $this->db->sql_affectedrows())); } } }
/** * Display the page * * @access public */ public function find_dup() { $this->user->add_lang_ext('forumhulp/loginwithemail', 'info_acp_loginwithemail'); $sql = 'SELECT username, user_email FROM ' . USERS_TABLE . ' list INNER JOIN (SELECT user_email_hash FROM ' . USERS_TABLE . ' WHERE user_type <> 2 GROUP BY user_email_hash HAVING count(user_email_hash) > 1) dup ON list.user_email_hash = dup.user_email_hash'; $result = $this->db->sql_query($sql); $message = ''; while ($row = $this->db->sql_fetchrow($result)) { $message .= $row['username'] . ' » ' . $row['user_email'] . '<br />'; } if ($this->request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $this->user->lang['DUP_RECORDS_FOUND'], 'MESSAGE_TEXT' => $message)); } else { trigger_error($message, E_USER_NOTICE); } }
public function main($action, $poster, $forum, $topic, $post) { $this->user->add_lang_ext('gfksx/ThanksForPosts', 'thanks_mod'); //not allowed like for anonymous if ($this->user->data['is_bot'] || $this->user->data['user_id'] == ANONYMOUS) { $return_error['ERROR'][] = $this->user->lang['LOGIN_REQUIRED']; $json_response = new \phpbb\json_response(); $json_response->send($return_error); } // If the main extension is not installed, generate error if (!is_null($this->gfksx_helper)) { switch ($action) { case 'thanks': case 'rthanks': $this->thanks_for_post($action, $poster, $forum, $topic, $post); break; case 'clear_thanks': $this->clear_list_thanks($poster, $forum, $topic, $post); break; default: $this->error[] = array('error' => $this->user->lang['INCORRECT_THANKS']); } } else { $this->user->add_lang_ext('alg/AddonForThanksForPosts', 'addon_tfp'); $this->error[] = array('error' => 'MAIN_EXT_NOT_INSTALLED'); } if (sizeof($this->error)) { $return_error = array(); foreach ($this->error as $cur_error) { // replace lang vars if possible $return_error['ERROR'][] = isset($this->user->lang[$cur_error['error']]) ? $this->user->lang[$cur_error['error']] : $cur_error['error']; } $json_response = new \phpbb\json_response(); $json_response->send($return_error); } else { $json_response = new \phpbb\json_response(); $json_response->send($this->return); } }
public function base($action, $post) { switch ($action) { case 'togle': if ($this->user->data['user_type'] == 1 || $this->user->data['user_type'] == 2) { die; } else { //get state for the like $sql_array = array('SELECT' => 'pl.timestamp as timestamp, p.topic_id as topic_id, p.poster_id as poster, p.post_subject as post_subject', 'FROM' => array(POSTS_TABLE => 'p', $this->table_prefix . 'posts_likes' => 'pl'), 'WHERE' => 'pl.post_id = p.post_id AND pl.post_id = ' . $post . ' AND pl.user_id = ' . $this->user->data['user_id']); $sql = $this->db->sql_build_query('SELECT', $sql_array); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); if (!$row['timestamp']) { //so we don't have record for this user loving this post ... give some love! $sql = 'INSERT INTO ' . $this->table_prefix . 'posts_likes (post_id, user_id, type, timestamp) VALUES (' . $post . ', ' . $this->user->data['user_id'] . ', \'post\', ' . time() . ')'; $result = $this->db->sql_query($sql); $this->db->sql_freeresult($result); $sql = 'SELECT topic_id, poster_id, post_subject FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post; $result = $this->db->sql_query($sql); $row1 = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); $this->notifyhelper->notify('add', $row1['topic_id'], $post, $row1['post_subject'], $row1['poster_id'], $this->user->data['user_id']); $json_response = new \phpbb\json_response(); $json_response->send(array('togle_action' => 'add', 'togle_post' => $post)); } else { //so we have a record ... and the user don't love it anymore! $sql = 'DELETE FROM ' . $this->table_prefix . 'posts_likes WHERE post_id = ' . $post . ' AND user_id = ' . $this->user->data['user_id']; $result = $this->db->sql_query($sql); $this->db->sql_freeresult($result); $this->notifyhelper->notify('remove', $row['topic_id'], $post, $row['post_subject'], $row['poster'], $this->user->data['user_id']); $json_response = new \phpbb\json_response(); $json_response->send(array('togle_action' => 'remove', 'togle_post' => $post)); } } break; } }
if (!$auth->acl_get('f_read', $forum_id)) { $template->assign_vars(array('S_NO_READ_ACCESS' => true)); page_footer(); } // Handle marking posts if ($mark_read == 'topics') { $token = $request->variable('hash', ''); if (check_link_hash($token, 'global')) { markread('topics', array($forum_id), false, $request->variable('mark_time', 0)); } $redirect_url = append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $forum_id); meta_refresh(3, $redirect_url); if ($request->is_ajax()) { // Tell the ajax script what language vars and URL need to be replaced $data = array('NO_UNREAD_POSTS' => $user->lang['NO_UNREAD_POSTS'], 'UNREAD_POSTS' => $user->lang['UNREAD_POSTS'], 'U_MARK_TOPICS' => $user->data['is_registered'] || $config['load_anon_lastread'] ? append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'hash=' . generate_link_hash('global') . "&f={$forum_id}&mark=topics&mark_time=" . time()) : '', 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['TOPICS_MARKED']); $json_response = new \phpbb\json_response(); $json_response->send($data); } trigger_error($user->lang['TOPICS_MARKED'] . '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect_url . '">', '</a>')); } // Is a forum specific topic count required? if ($forum_data['forum_topics_per_page']) { $config['topics_per_page'] = $forum_data['forum_topics_per_page']; } // Do the forum Prune thang - cron type job ... if (!$config['use_system_cron']) { /* @var $cron \phpbb\cron\manager */ $cron = $phpbb_container->get('cron.manager'); $task = $cron->find_task('cron.task.core.prune_forum'); $task->set_forum_data($forum_data); if ($task->is_ready()) {
public function manage_position() { global $config, $db, $template, $user, $request, $phpbb_container; $this->tpl_name = 'acp_groups_position'; $this->page_title = 'ACP_GROUPS_POSITION'; $field = $request->variable('field', ''); $action = $request->variable('action', ''); $group_id = $request->variable('g', 0); $teampage_id = $request->variable('t', 0); $category_id = $request->variable('c', 0); /** @var \phpbb\group\helper $group_helper */ $group_helper = $phpbb_container->get('group_helper'); if ($field && !in_array($field, array('legend', 'teampage'))) { // Invalid mode trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING); } else { if ($field && in_array($field, array('legend', 'teampage'))) { /* @var $group_position \phpbb\groupposition\groupposition_interface */ $group_position = $phpbb_container->get('groupposition.' . $field); } } if ($field == 'teampage') { try { switch ($action) { case 'add': $group_position->add_group_teampage($group_id, $category_id); break; case 'add_category': $group_position->add_category_teampage($request->variable('category_name', '', true)); break; case 'delete': $group_position->delete_teampage($teampage_id); break; case 'move_up': $group_position->move_up_teampage($teampage_id); break; case 'move_down': $group_position->move_down_teampage($teampage_id); break; } } catch (\phpbb\groupposition\exception $exception) { trigger_error($user->lang($exception->getMessage()) . adm_back_link($this->u_action), E_USER_WARNING); } } else { if ($field == 'legend') { try { switch ($action) { case 'add': $group_position->add_group($group_id); break; case 'delete': $group_position->delete_group($group_id); break; case 'move_up': $group_position->move_up($group_id); break; case 'move_down': $group_position->move_down($group_id); break; } } catch (\phpbb\groupposition\exception $exception) { trigger_error($user->lang($exception->getMessage()) . adm_back_link($this->u_action), E_USER_WARNING); } } else { switch ($action) { case 'set_config_teampage': $config->set('teampage_forums', $request->variable('teampage_forums', 0)); $config->set('teampage_memberships', $request->variable('teampage_memberships', 0)); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); break; case 'set_config_legend': $config->set('legend_sort_groupname', $request->variable('legend_sort_groupname', 0)); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); break; } } } if (($action == 'move_up' || $action == 'move_down') && $request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => true)); } $sql = 'SELECT group_id, group_name, group_colour, group_type, group_legend FROM ' . GROUPS_TABLE . ' ORDER BY group_legend ASC, group_type DESC, group_name ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $group_name = $group_helper->get_name($row['group_name']); if ($row['group_legend']) { $template->assign_block_vars('legend', array('GROUP_NAME' => $group_name, 'GROUP_COLOUR' => $row['group_colour'] ? '#' . $row['group_colour'] : '', 'GROUP_TYPE' => $user->lang[\phpbb\groupposition\legend::group_type_language($row['group_type'])], 'U_MOVE_DOWN' => "{$this->u_action}&field=legend&action=move_down&g=" . $row['group_id'], 'U_MOVE_UP' => "{$this->u_action}&field=legend&action=move_up&g=" . $row['group_id'], 'U_DELETE' => "{$this->u_action}&field=legend&action=delete&g=" . $row['group_id'])); } else { $template->assign_block_vars('add_legend', array('GROUP_ID' => (int) $row['group_id'], 'GROUP_NAME' => $group_name, 'GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL)); } } $db->sql_freeresult($result); $category_url_param = $category_id ? '&c=' . $category_id : ''; $sql = 'SELECT t.*, g.group_name, g.group_colour, g.group_type FROM ' . TEAMPAGE_TABLE . ' t LEFT JOIN ' . GROUPS_TABLE . ' g ON (t.group_id = g.group_id) WHERE t.teampage_parent = ' . $category_id . ' OR t.teampage_id = ' . $category_id . ' ORDER BY t.teampage_position ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if ($row['teampage_id'] == $category_id) { $template->assign_vars(array('CURRENT_CATEGORY_NAME' => $row['teampage_name'])); continue; } if ($row['group_id']) { $group_name = $group_helper->get_name($row['group_name']); $group_type = $user->lang[\phpbb\groupposition\teampage::group_type_language($row['group_type'])]; } else { $group_name = $row['teampage_name']; $group_type = ''; } $template->assign_block_vars('teampage', array('GROUP_NAME' => $group_name, 'GROUP_COLOUR' => $row['group_colour'] ? '#' . $row['group_colour'] : '', 'GROUP_TYPE' => $group_type, 'U_CATEGORY' => !$row['group_id'] ? "{$this->u_action}&c=" . $row['teampage_id'] : '', 'U_MOVE_DOWN' => "{$this->u_action}&field=teampage&action=move_down{$category_url_param}&t=" . $row['teampage_id'], 'U_MOVE_UP' => "{$this->u_action}&field=teampage&action=move_up{$category_url_param}&t=" . $row['teampage_id'], 'U_DELETE' => "{$this->u_action}&field=teampage&action=delete{$category_url_param}&t=" . $row['teampage_id'])); } $db->sql_freeresult($result); $sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_type FROM ' . GROUPS_TABLE . ' g LEFT JOIN ' . TEAMPAGE_TABLE . ' t ON (t.group_id = g.group_id) WHERE t.teampage_id IS NULL ORDER BY g.group_type DESC, g.group_name ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $group_name = $group_helper->get_name($row['group_name']); $template->assign_block_vars('add_teampage', array('GROUP_ID' => (int) $row['group_id'], 'GROUP_NAME' => $group_name, 'GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL)); } $db->sql_freeresult($result); $template->assign_vars(array('U_ACTION' => $this->u_action, 'U_ACTION_LEGEND' => $this->u_action . '&field=legend', 'U_ACTION_TEAMPAGE' => $this->u_action . '&field=teampage' . $category_url_param, 'U_ACTION_TEAMPAGE_CAT' => $this->u_action . '&field=teampage_cat', 'S_TEAMPAGE_CATEGORY' => $category_id, 'DISPLAY_FORUMS' => $config['teampage_forums'] ? true : false, 'DISPLAY_MEMBERSHIPS' => $config['teampage_memberships'], 'LEGEND_SORT_GROUPNAME' => $config['legend_sort_groupname'] ? true : false)); }
if ($mark_notification = $request->variable('mark_notification', 0)) { if ($user->data['user_id'] == ANONYMOUS) { if ($request->is_ajax()) { trigger_error('LOGIN_REQUIRED'); } login_box('', $user->lang['LOGIN_REQUIRED']); } if (check_link_hash($request->variable('hash', ''), 'mark_notification_read')) { /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); $notification = $phpbb_notifications->load_notifications(array('notification_id' => $mark_notification)); if (isset($notification['notifications'][$mark_notification])) { $notification = $notification['notifications'][$mark_notification]; $notification->mark_read(); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => true)); } if ($redirect = $request->variable('redirect', '')) { redirect(append_sid($phpbb_root_path . $redirect)); } redirect($notification->get_redirect_url()); } } } display_forums('', $config['load_moderators']); $order_legend = $config['legend_sort_groupname'] ? 'group_name' : 'group_legend'; // Grab group details for legend display if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) { $sql = 'SELECT group_id, group_name, group_colour, group_type, group_legend FROM ' . GROUPS_TABLE . '
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; global $request, $phpbb_container, $phpbb_dispatcher; if (!function_exists('generate_smilies')) { include $phpbb_root_path . 'includes/functions_posting.' . $phpEx; } if (!function_exists('user_get_id_name')) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; } $user->add_lang(array('ucp', 'acp/profile')); $this->tpl_name = 'acp_profile'; $this->page_title = 'ACP_CUSTOM_PROFILE_FIELDS'; $field_id = $request->variable('field_id', 0); $action = isset($_POST['create']) ? 'create' : request_var('action', ''); $error = array(); $s_hidden_fields = ''; if (!$field_id && in_array($action, array('delete', 'activate', 'deactivate', 'move_up', 'move_down', 'edit'))) { trigger_error($user->lang['NO_FIELD_ID'] . adm_back_link($this->u_action), E_USER_WARNING); } $cp = $phpbb_container->get('profilefields.manager'); $this->type_collection = $phpbb_container->get('profilefields.type_collection'); // Build Language array // Based on this, we decide which elements need to be edited later and which language items are missing $this->lang_defs = array(); $sql = 'SELECT lang_id, lang_iso FROM ' . LANG_TABLE . ' ORDER BY lang_english_name'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { // Make some arrays with all available languages $this->lang_defs['id'][$row['lang_id']] = $row['lang_iso']; $this->lang_defs['iso'][$row['lang_iso']] = $row['lang_id']; } $db->sql_freeresult($result); $sql = 'SELECT field_id, lang_id FROM ' . PROFILE_LANG_TABLE . ' ORDER BY lang_id'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { // Which languages are available for each item $this->lang_defs['entry'][$row['field_id']][] = $row['lang_id']; } $db->sql_freeresult($result); // Have some fields been defined? if (isset($this->lang_defs['entry'])) { foreach ($this->lang_defs['entry'] as $field_ident => $field_ary) { // Fill an array with the languages that are missing for each field $this->lang_defs['diff'][$field_ident] = array_diff(array_values($this->lang_defs['iso']), $field_ary); } } switch ($action) { case 'delete': if (confirm_box(true)) { $sql = 'SELECT field_ident FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\tWHERE field_id = {$field_id}"; $result = $db->sql_query($sql); $field_ident = (string) $db->sql_fetchfield('field_ident'); $db->sql_freeresult($result); $db->sql_transaction('begin'); $db->sql_query('DELETE FROM ' . PROFILE_FIELDS_TABLE . " WHERE field_id = {$field_id}"); $db->sql_query('DELETE FROM ' . PROFILE_FIELDS_LANG_TABLE . " WHERE field_id = {$field_id}"); $db->sql_query('DELETE FROM ' . PROFILE_LANG_TABLE . " WHERE field_id = {$field_id}"); $db_tools = $phpbb_container->get('dbal.tools'); $db_tools->sql_column_remove(PROFILE_FIELDS_DATA_TABLE, 'pf_' . $field_ident); $order = 0; $sql = 'SELECT * FROM ' . PROFILE_FIELDS_TABLE . ' ORDER BY field_order'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $order++; if ($row['field_order'] != $order) { $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\t\t\tSET field_order = {$order}\n\t\t\t\t\t\t\t\tWHERE field_id = {$row['field_id']}"; $db->sql_query($sql); } } $db->sql_freeresult($result); $db->sql_transaction('commit'); add_log('admin', 'LOG_PROFILE_FIELD_REMOVED', $field_ident); trigger_error($user->lang['REMOVED_PROFILE_FIELD'] . adm_back_link($this->u_action)); } else { confirm_box(false, 'DELETE_PROFILE_FIELD', build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'field_id' => $field_id))); } break; case 'activate': $sql = 'SELECT lang_id FROM ' . LANG_TABLE . "\n\t\t\t\t\tWHERE lang_iso = '" . $db->sql_escape($config['default_lang']) . "'"; $result = $db->sql_query($sql); $default_lang_id = (int) $db->sql_fetchfield('lang_id'); $db->sql_freeresult($result); if (!in_array($default_lang_id, $this->lang_defs['entry'][$field_id])) { trigger_error($user->lang['DEFAULT_LANGUAGE_NOT_FILLED'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_active = 1\n\t\t\t\t\tWHERE field_id = {$field_id}"; $db->sql_query($sql); $sql = 'SELECT field_ident FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}"; $result = $db->sql_query($sql); $field_ident = (string) $db->sql_fetchfield('field_ident'); $db->sql_freeresult($result); add_log('admin', 'LOG_PROFILE_FIELD_ACTIVATE', $field_ident); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('text' => $user->lang('DEACTIVATE'))); } trigger_error($user->lang['PROFILE_FIELD_ACTIVATED'] . adm_back_link($this->u_action)); break; case 'deactivate': $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_active = 0\n\t\t\t\t\tWHERE field_id = {$field_id}"; $db->sql_query($sql); $sql = 'SELECT field_ident FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}"; $result = $db->sql_query($sql); $field_ident = (string) $db->sql_fetchfield('field_ident'); $db->sql_freeresult($result); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('text' => $user->lang('ACTIVATE'))); } add_log('admin', 'LOG_PROFILE_FIELD_DEACTIVATE', $field_ident); trigger_error($user->lang['PROFILE_FIELD_DEACTIVATED'] . adm_back_link($this->u_action)); break; case 'move_up': case 'move_down': $sql = 'SELECT field_order FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}"; $result = $db->sql_query($sql); $field_order = $db->sql_fetchfield('field_order'); $db->sql_freeresult($result); if ($field_order === false || $field_order == 0 && $action == 'move_up') { break; } $field_order = (int) $field_order; $order_total = $field_order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_order = {$order_total} - field_order\n\t\t\t\t\tWHERE field_order IN ({$field_order}, " . ($action == 'move_up' ? $field_order - 1 : $field_order + 1) . ')'; $db->sql_query($sql); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => (bool) $db->sql_affectedrows())); } break; case 'create': case 'edit': $step = request_var('step', 1); $submit = isset($_REQUEST['next']) || isset($_REQUEST['prev']) ? true : false; $save = isset($_REQUEST['save']) ? true : false; // The language id of default language $this->edit_lang_id = $this->lang_defs['iso'][$config['default_lang']]; // We are editing... we need to grab basic things if ($action == 'edit') { $sql = 'SELECT l.*, f.* FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f WHERE l.lang_id = ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND f.field_id = {$field_id}\n\t\t\t\t\t\t\tAND l.field_id = f.field_id"; $result = $db->sql_query($sql); $field_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$field_row) { // Some admin changed the default language? $sql = 'SELECT l.*, f.* FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f WHERE l.lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND f.field_id = {$field_id}\n\t\t\t\t\t\t\tAND l.field_id = f.field_id"; $result = $db->sql_query($sql); $field_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$field_row) { trigger_error($user->lang['FIELD_NOT_FOUND'] . adm_back_link($this->u_action), E_USER_WARNING); } $this->edit_lang_id = $field_row['lang_id']; } $field_type = $field_row['field_type']; $profile_field = $this->type_collection[$field_type]; // Get language entries $sql = 'SELECT * FROM ' . PROFILE_FIELDS_LANG_TABLE . ' WHERE lang_id = ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY option_id ASC"; $result = $db->sql_query($sql); $lang_options = array(); while ($row = $db->sql_fetchrow($result)) { $lang_options[$row['option_id']] = $row['lang_value']; } $db->sql_freeresult($result); $s_hidden_fields = '<input type="hidden" name="field_id" value="' . $field_id . '" />'; } else { // We are adding a new field, define basic params $lang_options = $field_row = array(); $field_type = request_var('field_type', ''); if (!isset($this->type_collection[$field_type])) { trigger_error($user->lang['NO_FIELD_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } $profile_field = $this->type_collection[$field_type]; $field_row = array_merge($profile_field->get_default_option_values(), array('field_ident' => str_replace(' ', '_', utf8_clean_string(request_var('field_ident', '', true))), 'field_required' => 0, 'field_show_novalue' => 0, 'field_hide' => 0, 'field_show_profile' => 0, 'field_no_view' => 0, 'field_show_on_reg' => 0, 'field_show_on_pm' => 0, 'field_show_on_vt' => 0, 'field_show_on_ml' => 0, 'field_is_contact' => 0, 'field_contact_desc' => '', 'field_contact_url' => '', 'lang_name' => utf8_normalize_nfc(request_var('field_ident', '', true)), 'lang_explain' => '', 'lang_default_value' => '')); $s_hidden_fields = '<input type="hidden" name="field_type" value="' . $field_type . '" />'; } // $exclude contains the data we gather in each step $exclude = array(1 => array('field_ident', 'lang_name', 'lang_explain', 'field_option_none', 'field_show_on_reg', 'field_show_on_pm', 'field_show_on_vt', 'field_show_on_ml', 'field_required', 'field_show_novalue', 'field_hide', 'field_show_profile', 'field_no_view', 'field_is_contact', 'field_contact_desc', 'field_contact_url'), 2 => array('field_length', 'field_maxlen', 'field_minlen', 'field_validation', 'field_novalue', 'field_default_value'), 3 => array('l_lang_name', 'l_lang_explain', 'l_lang_default_value', 'l_lang_options')); // Visibility Options... $visibility_ary = array('field_required', 'field_show_novalue', 'field_show_on_reg', 'field_show_on_pm', 'field_show_on_vt', 'field_show_on_ml', 'field_show_profile', 'field_hide', 'field_is_contact'); /** * Event to add initialization for new profile field table fields * * @event core.acp_profile_create_edit_init * @var string action create|edit * @var int step Configuration step (1|2|3) * @var bool submit Form has been submitted * @var bool save Configuration should be saved * @var string field_type Type of the field we are dealing with * @var array field_row Array of data about the field * @var array exclude Array of excluded fields by step * @var array visibility_ary Array of fields that are visibility related * @since 3.1.6-RC1 */ $vars = array('action', 'step', 'submit', 'save', 'field_type', 'field_row', 'exclude', 'visibility_ary'); extract($phpbb_dispatcher->trigger_event('core.acp_profile_create_edit_init', compact($vars))); $options = $profile_field->prepare_options_form($exclude, $visibility_ary); $cp->vars['field_ident'] = $action == 'create' && $step == 1 ? utf8_clean_string(request_var('field_ident', $field_row['field_ident'], true)) : request_var('field_ident', $field_row['field_ident']); $cp->vars['lang_name'] = $request->variable('lang_name', $field_row['lang_name'], true); $cp->vars['lang_explain'] = $request->variable('lang_explain', $field_row['lang_explain'], true); $cp->vars['lang_default_value'] = $request->variable('lang_default_value', $field_row['lang_default_value'], true); $cp->vars['field_contact_desc'] = $request->variable('field_contact_desc', $field_row['field_contact_desc'], true); $cp->vars['field_contact_url'] = $request->variable('field_contact_url', $field_row['field_contact_url'], true); foreach ($visibility_ary as $val) { $cp->vars[$val] = $submit || $save ? $request->variable($val, 0) : $field_row[$val]; } $cp->vars['field_no_view'] = $request->variable('field_no_view', (int) $field_row['field_no_view']); // If the user has submitted a form with options (i.e. dropdown field) if ($options) { $exploded_options = is_array($options) ? $options : explode("\n", $options); if (sizeof($exploded_options) == sizeof($lang_options) || $action == 'create') { // The number of options in the field is equal to the number of options already in the database // Or we are creating a new dropdown list. $cp->vars['lang_options'] = $exploded_options; } else { if ($action == 'edit') { // Changing the number of options? (We remove and re-create the option fields) $cp->vars['lang_options'] = $exploded_options; } } } else { $cp->vars['lang_options'] = $lang_options; } // step 2 foreach ($exclude[2] as $key) { $var = utf8_normalize_nfc(request_var($key, $field_row[$key], true)); $field_data = $cp->vars; $var = $profile_field->get_excluded_options($key, $action, $var, $field_data, 2); $cp->vars = $field_data; $cp->vars[$key] = $var; } // step 3 - all arrays if ($action == 'edit') { // Get language entries $sql = 'SELECT * FROM ' . PROFILE_FIELDS_LANG_TABLE . ' WHERE lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY option_id ASC"; $result = $db->sql_query($sql); $l_lang_options = array(); while ($row = $db->sql_fetchrow($result)) { $l_lang_options[$row['lang_id']][$row['option_id']] = $row['lang_value']; } $db->sql_freeresult($result); $sql = 'SELECT lang_id, lang_name, lang_explain, lang_default_value FROM ' . PROFILE_LANG_TABLE . ' WHERE lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY lang_id ASC"; $result = $db->sql_query($sql); $l_lang_name = $l_lang_explain = $l_lang_default_value = array(); while ($row = $db->sql_fetchrow($result)) { $l_lang_name[$row['lang_id']] = $row['lang_name']; $l_lang_explain[$row['lang_id']] = $row['lang_explain']; $l_lang_default_value[$row['lang_id']] = $row['lang_default_value']; } $db->sql_freeresult($result); } foreach ($exclude[3] as $key) { $cp->vars[$key] = utf8_normalize_nfc(request_var($key, array(0 => ''), true)); if (!$cp->vars[$key] && $action == 'edit') { $cp->vars[$key] = ${$key}; } $field_data = $cp->vars; $var = $profile_field->get_excluded_options($key, $action, $var, $field_data, 3); $cp->vars = $field_data; } // Check for general issues in every step if ($submit) { // Check values for step 1 if ($cp->vars['field_ident'] == '') { $error[] = $user->lang['EMPTY_FIELD_IDENT']; } if (!preg_match('/^[a-z_]+$/', $cp->vars['field_ident'])) { $error[] = $user->lang['INVALID_CHARS_FIELD_IDENT']; } if (strlen($cp->vars['field_ident']) > 17) { $error[] = $user->lang['INVALID_FIELD_IDENT_LEN']; } if ($cp->vars['lang_name'] == '') { $error[] = $user->lang['EMPTY_USER_FIELD_NAME']; } $error = $profile_field->validate_options_on_submit($error, $cp->vars); // Check for already existing field ident if ($action != 'edit') { $sql = 'SELECT field_ident FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\t\tWHERE field_ident = '" . $db->sql_escape($cp->vars['field_ident']) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { $error[] = $user->lang['FIELD_IDENT_ALREADY_EXIST']; } } } if (sizeof($error)) { $submit = false; } else { $step = isset($_REQUEST['next']) ? $step + 1 : (isset($_REQUEST['prev']) ? $step - 1 : $step); } // Build up the specific hidden fields foreach ($exclude as $num => $key_ary) { if ($num == $step) { continue; } $_new_key_ary = array(); $field_data = $cp->vars; foreach ($key_ary as $key) { $var = $profile_field->prepare_hidden_fields($step, $key, $action, $field_data); if ($var !== null) { $_new_key_ary[$key] = $var; } } $cp->vars = $field_data; $s_hidden_fields .= build_hidden_fields($_new_key_ary); } if (!sizeof($error)) { if ($step == 3 && (sizeof($this->lang_defs['iso']) == 1 || $save) || $action == 'edit' && $save) { $this->save_profile_field($cp, $field_type, $action); } } $template->assign_vars(array('S_EDIT' => true, 'S_EDIT_MODE' => $action == 'edit' ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'L_TITLE' => $user->lang['STEP_' . $step . '_TITLE_' . strtoupper($action)], 'L_EXPLAIN' => $user->lang['STEP_' . $step . '_EXPLAIN_' . strtoupper($action)], 'U_ACTION' => $this->u_action . "&action={$action}&step={$step}", 'U_BACK' => $this->u_action)); // Now go through the steps switch ($step) { // Create basic options - only small differences between field types case 1: $template_vars = array('S_STEP_ONE' => true, 'S_FIELD_REQUIRED' => $cp->vars['field_required'] ? true : false, 'S_FIELD_SHOW_NOVALUE' => $cp->vars['field_show_novalue'] ? true : false, 'S_SHOW_ON_REG' => $cp->vars['field_show_on_reg'] ? true : false, 'S_SHOW_ON_PM' => $cp->vars['field_show_on_pm'] ? true : false, 'S_SHOW_ON_VT' => $cp->vars['field_show_on_vt'] ? true : false, 'S_SHOW_ON_MEMBERLIST' => $cp->vars['field_show_on_ml'] ? true : false, 'S_FIELD_HIDE' => $cp->vars['field_hide'] ? true : false, 'S_SHOW_PROFILE' => $cp->vars['field_show_profile'] ? true : false, 'S_FIELD_NO_VIEW' => $cp->vars['field_no_view'] ? true : false, 'S_FIELD_CONTACT' => $cp->vars['field_is_contact'], 'FIELD_CONTACT_DESC' => $cp->vars['field_contact_desc'], 'FIELD_CONTACT_URL' => $cp->vars['field_contact_url'], 'L_LANG_SPECIFIC' => sprintf($user->lang['LANG_SPECIFIC_OPTIONS'], $config['default_lang']), 'FIELD_TYPE' => $profile_field->get_name(), 'FIELD_IDENT' => $cp->vars['field_ident'], 'LANG_NAME' => $cp->vars['lang_name'], 'LANG_EXPLAIN' => $cp->vars['lang_explain']); $field_data = $cp->vars; $profile_field->display_options($template_vars, $field_data); $cp->vars = $field_data; // Build common create options $template->assign_vars($template_vars); break; case 2: $template->assign_vars(array('S_STEP_TWO' => true, 'L_NEXT_STEP' => sizeof($this->lang_defs['iso']) == 1 ? $user->lang['SAVE'] : $user->lang['PROFILE_LANG_OPTIONS'])); // Build options based on profile type $options = $profile_field->get_options($this->lang_defs['iso'][$config['default_lang']], $cp->vars); foreach ($options as $num => $option_ary) { $template->assign_block_vars('option', $option_ary); } break; // Define remaining language variables // Define remaining language variables case 3: $template->assign_var('S_STEP_THREE', true); $options = $this->build_language_options($cp, $field_type, $action); foreach ($options as $lang_id => $lang_ary) { $template->assign_block_vars('options', array('LANGUAGE' => sprintf($user->lang[($lang_id == $this->edit_lang_id ? 'DEFAULT_' : '') . 'ISO_LANGUAGE'], $lang_ary['lang_iso']))); foreach ($lang_ary['fields'] as $field_ident => $field_ary) { $template->assign_block_vars('options.field', array('L_TITLE' => $field_ary['TITLE'], 'L_EXPLAIN' => isset($field_ary['EXPLAIN']) ? $field_ary['EXPLAIN'] : '', 'FIELD' => $field_ary['FIELD'])); } } break; } $field_data = $cp->vars; /** * Event to add template variables for new profile field table fields * * @event core.acp_profile_create_edit_after * @var string action create|edit * @var int step Configuration step (1|2|3) * @var bool submit Form has been submitted * @var bool save Configuration should be saved * @var string field_type Type of the field we are dealing with * @var array field_data Array of data about the field * @var array s_hidden_fields Array of hidden fields in case this needs modification * @var array options Array of options specific to this step * @since 3.1.6-RC1 */ $vars = array('action', 'step', 'submit', 'save', 'field_type', 'field_data', 's_hidden_fields', 'options'); extract($phpbb_dispatcher->trigger_event('core.acp_profile_create_edit_after', compact($vars))); $template->assign_vars(array('S_HIDDEN_FIELDS' => $s_hidden_fields)); return; break; } $sql = 'SELECT * FROM ' . PROFILE_FIELDS_TABLE . ' ORDER BY field_order'; $result = $db->sql_query($sql); $s_one_need_edit = false; while ($row = $db->sql_fetchrow($result)) { $active_lang = !$row['field_active'] ? 'ACTIVATE' : 'DEACTIVATE'; $active_value = !$row['field_active'] ? 'activate' : 'deactivate'; $id = $row['field_id']; $s_need_edit = sizeof($this->lang_defs['diff'][$row['field_id']]) ? true : false; if ($s_need_edit) { $s_one_need_edit = true; } $profile_field = $this->type_collection[$row['field_type']]; $template->assign_block_vars('fields', array('FIELD_IDENT' => $row['field_ident'], 'FIELD_TYPE' => $profile_field->get_name(), 'L_ACTIVATE_DEACTIVATE' => $user->lang[$active_lang], 'U_ACTIVATE_DEACTIVATE' => $this->u_action . "&action={$active_value}&field_id={$id}", 'U_EDIT' => $this->u_action . "&action=edit&field_id={$id}", 'U_TRANSLATE' => $this->u_action . "&action=edit&field_id={$id}&step=3", 'U_DELETE' => $this->u_action . "&action=delete&field_id={$id}", 'U_MOVE_UP' => $this->u_action . "&action=move_up&field_id={$id}", 'U_MOVE_DOWN' => $this->u_action . "&action=move_down&field_id={$id}", 'S_NEED_EDIT' => $s_need_edit)); } $db->sql_freeresult($result); // At least one option field needs editing? if ($s_one_need_edit) { $template->assign_var('S_NEED_EDIT', true); } $s_select_type = ''; foreach ($this->type_collection as $key => $profile_field) { $s_select_type .= '<option value="' . $key . '">' . $profile_field->get_name() . '</option>'; } $template->assign_vars(array('U_ACTION' => $this->u_action, 'S_TYPE_OPTIONS' => $s_select_type)); }
public function main($id, $mode) { global $config, $template, $user, $request, $phpbb_container; global $phpbb_root_path, $phpEx; add_form_key('ucp_notification'); $start = $request->variable('start', 0); $form_time = $request->variable('form_time', 0); $form_time = $form_time <= 0 || $form_time > time() ? time() : $form_time; /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); /* @var $pagination \phpbb\pagination */ $pagination = $phpbb_container->get('pagination'); switch ($mode) { case 'notification_options': $subscriptions = $phpbb_notifications->get_global_subscriptions(false); // Add/remove subscriptions if ($request->is_set_post('submit')) { if (!check_form_key('ucp_notification')) { trigger_error('FORM_INVALID'); } $notification_methods = $phpbb_notifications->get_subscription_methods(); foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types) { foreach ($subscription_types as $type => $data) { foreach ($notification_methods as $method => $method_data) { if ($request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && (!isset($subscriptions[$type]) || !in_array($method_data['id'], $subscriptions[$type]))) { $phpbb_notifications->add_subscription($type, 0, $method_data['id']); } else { if (!$request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && isset($subscriptions[$type]) && in_array($method_data['id'], $subscriptions[$type])) { $phpbb_notifications->delete_subscription($type, 0, $method_data['id']); } } } if ($request->is_set_post(str_replace('.', '_', $type) . '_notification') && !isset($subscriptions[$type])) { $phpbb_notifications->add_subscription($type); } else { if (!$request->is_set_post(str_replace('.', '_', $type) . '_notification') && isset($subscriptions[$type])) { $phpbb_notifications->delete_subscription($type); } } } } meta_refresh(3, $this->u_action); $message = $user->lang['PREFERENCES_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } $this->output_notification_methods($phpbb_notifications, $template, $user, 'notification_methods'); $this->output_notification_types($subscriptions, $phpbb_notifications, $template, $user, 'notification_types'); $this->tpl_name = 'ucp_notifications'; $this->page_title = 'UCP_NOTIFICATION_OPTIONS'; break; case 'notification_list': default: // Mark all items read if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_notifications_read')) { $phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); meta_refresh(3, $this->u_action); $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'success' => true)); } $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } // Mark specific notifications read if ($request->is_set_post('submit')) { if (!check_form_key('ucp_notification')) { trigger_error('FORM_INVALID'); } $mark_read = $request->variable('mark', array(0)); if (!empty($mark_read)) { $phpbb_notifications->mark_notifications_read_by_id($mark_read, $form_time); } } $notifications = $phpbb_notifications->load_notifications(array('start' => $start, 'limit' => $config['topics_per_page'], 'count_total' => true)); foreach ($notifications['notifications'] as $notification) { $template->assign_block_vars('notification_list', $notification->prepare_for_display()); } $base_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i=ucp_notifications&mode=notification_list"); $start = $pagination->validate_start($start, $config['topics_per_page'], $notifications['total_count']); $pagination->generate_template_pagination($base_url, 'pagination', 'start', $notifications['total_count'], $config['topics_per_page'], $start); $template->assign_vars(array('TOTAL_COUNT' => $notifications['total_count'], 'U_MARK_ALL' => $base_url . '&mark=all&token=' . generate_link_hash('mark_all_notifications_read'))); $this->tpl_name = 'ucp_notifications'; $this->page_title = 'UCP_NOTIFICATION_LIST'; break; } $template->assign_vars(array('TITLE' => $user->lang($this->page_title), 'TITLE_EXPLAIN' => $user->lang($this->page_title . '_EXPLAIN'), 'MODE' => $mode, 'FORM_TIME' => time())); }
private function report_feedback_action($request, $user) { $id = $request->variable('id', 0); $user_id = (int) $user->data['user_id']; // check that this is ajax request and that the user reporting the feedback is the recipient of the feedback if ($request->is_ajax() && $user_id == $this->manager->getFeedbackRecipientID($id)) { $reason = $request->variable('reason', ''); confirm_box(false, $user->lang['REPORT_DESC'], '', 'report_feedback_form.html', "trader/view-feedback/?action=report&id=" . $id); if (confirm_box(true)) { // REPORT the feedback $this->manager->report_feedback($id, $reason); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['REPORT_SUCCESS'], 'REFRESH_DATA' => array('time' => 3))); } } } else { // redirect to previous page if report is cancelled, or front page if no referrer redirect($request->header('referer', './index.php')); } }
function main($id, $mode) { global $db, $user, $auth, $template, $cache; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; global $request, $phpbb_log; $user->add_lang(array('mcp', 'acp/posting')); // Set up general vars $action = $request->variable('action', ''); $submit = isset($_POST['submit']) ? true : false; $reason_id = $request->variable('id', 0); $this->tpl_name = 'acp_reasons'; $this->page_title = 'ACP_REASONS'; $form_name = 'acp_reason'; add_form_key('acp_reason'); $error = array(); switch ($action) { case 'add': case 'edit': $reason_row = array('reason_title' => $request->variable('reason_title', '', true), 'reason_description' => $request->variable('reason_description', '', true)); if ($submit) { if (!check_form_key($form_name)) { $error[] = $user->lang['FORM_INVALID']; } // Reason specified? if (!$reason_row['reason_title'] || !$reason_row['reason_description']) { $error[] = $user->lang['NO_REASON_INFO']; } $check_double = $action == 'add' ? true : false; if ($action == 'edit') { $sql = 'SELECT reason_title FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (strtolower($row['reason_title']) == 'other' || strtolower($reason_row['reason_title']) == 'other') { $reason_row['reason_title'] = 'other'; } if ($row['reason_title'] != $reason_row['reason_title']) { $check_double = true; } } // Check for same reason if adding it... if ($check_double) { $sql = 'SELECT reason_id FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\t\tWHERE reason_title = '" . $db->sql_escape($reason_row['reason_title']) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row || $action == 'add' && strtolower($reason_row['reason_title']) == 'other') { $error[] = $user->lang['REASON_ALREADY_EXIST']; } } if (!sizeof($error)) { // New reason? if ($action == 'add') { // Get new order... $sql = 'SELECT MAX(reason_order) as max_reason_order FROM ' . REPORTS_REASONS_TABLE; $result = $db->sql_query($sql); $max_order = (int) $db->sql_fetchfield('max_reason_order'); $db->sql_freeresult($result); $sql_ary = array('reason_title' => (string) $reason_row['reason_title'], 'reason_description' => (string) $reason_row['reason_description'], 'reason_order' => $max_order + 1); $db->sql_query('INSERT INTO ' . REPORTS_REASONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $log = 'ADDED'; } else { if ($reason_id) { $sql_ary = array('reason_title' => (string) $reason_row['reason_title'], 'reason_description' => (string) $reason_row['reason_description']); $db->sql_query('UPDATE ' . REPORTS_REASONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE reason_id = ' . $reason_id); $log = 'UPDATED'; } } $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_REASON_' . $log, false, array($reason_row['reason_title'])); trigger_error($user->lang['REASON_' . $log] . adm_back_link($this->u_action)); } } else { if ($reason_id) { $sql = 'SELECT * FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id; $result = $db->sql_query($sql); $reason_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$reason_row) { trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING); } } } $l_title = $action == 'edit' ? 'EDIT' : 'ADD'; $translated = false; // If the reason is defined within the language file, we will use the localized version, else just use the database entry... if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])])) { $translated = true; } $template->assign_vars(array('L_TITLE' => $user->lang['REASON_' . $l_title], 'U_ACTION' => $this->u_action . "&id={$reason_id}&action={$action}", 'U_BACK' => $this->u_action, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'REASON_TITLE' => $reason_row['reason_title'], 'REASON_DESCRIPTION' => $reason_row['reason_description'], 'TRANSLATED_TITLE' => $translated ? $user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])] : '', 'TRANSLATED_DESCRIPTION' => $translated ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])] : '', 'S_AVAILABLE_TITLES' => implode($user->lang['COMMA_SEPARATOR'], array_map('htmlspecialchars', array_keys($user->lang['report_reasons']['TITLE']))), 'S_EDIT_REASON' => true, 'S_TRANSLATED' => $translated, 'S_ERROR' => sizeof($error) ? true : false)); return; break; case 'delete': $sql = 'SELECT * FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id; $result = $db->sql_query($sql); $reason_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$reason_row) { trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING); } if (strtolower($reason_row['reason_title']) == 'other') { trigger_error($user->lang['NO_REMOVE_DEFAULT_REASON'] . adm_back_link($this->u_action), E_USER_WARNING); } // Let the deletion be confirmed... if (confirm_box(true)) { $sql = 'SELECT reason_id FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\tWHERE LOWER(reason_title) = 'other'"; $result = $db->sql_query($sql); $other_reason_id = (int) $db->sql_fetchfield('reason_id'); $db->sql_freeresult($result); switch ($db->get_sql_layer()) { // The ugly one! case 'mysqli': case 'mysql4': case 'mysql': // Change the reports using this reason to 'other' $sql = 'UPDATE ' . REPORTS_TABLE . ' SET reason_id = ' . $other_reason_id . ", report_text = CONCAT('" . $db->sql_escape($reason_row['reason_description']) . "\n\n', report_text)\n\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}"; break; // Standard? What's that? // Standard? What's that? case 'mssql': case 'mssql_odbc': case 'mssqlnative': // Change the reports using this reason to 'other' $sql = "DECLARE @ptrval binary(16)\n\n\t\t\t\t\t\t\t\t\tSELECT @ptrval = TEXTPTR(report_text)\n\t\t\t\t\t\t\t\t\t\tFROM " . REPORTS_TABLE . "\n\t\t\t\t\t\t\t\t\tWHERE reason_id = " . $reason_id . "\n\n\t\t\t\t\t\t\t\t\tUPDATETEXT " . REPORTS_TABLE . ".report_text @ptrval 0 0 '" . $db->sql_escape($reason_row['reason_description']) . "\n\n'\n\n\t\t\t\t\t\t\t\t\tUPDATE " . REPORTS_TABLE . ' SET reason_id = ' . $other_reason_id . "\n\t\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}"; break; // Teh standard // Teh standard case 'postgres': case 'oracle': case 'sqlite': case 'sqlite3': // Change the reports using this reason to 'other' $sql = 'UPDATE ' . REPORTS_TABLE . ' SET reason_id = ' . $other_reason_id . ", report_text = '" . $db->sql_escape($reason_row['reason_description']) . "\n\n' || report_text\n\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}"; break; } $db->sql_query($sql); $db->sql_query('DELETE FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id); $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_REASON_REMOVED', false, array($reason_row['reason_title'])); trigger_error($user->lang['REASON_REMOVED'] . adm_back_link($this->u_action)); } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'id' => $reason_id))); } break; case 'move_up': case 'move_down': $sql = 'SELECT reason_order FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\tWHERE reason_id = {$reason_id}"; $result = $db->sql_query($sql); $order = $db->sql_fetchfield('reason_order'); $db->sql_freeresult($result); if ($order === false || $order == 0 && $action == 'move_up') { break; } $order = (int) $order; $order_total = $order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . REPORTS_REASONS_TABLE . ' SET reason_order = ' . $order_total . ' - reason_order WHERE reason_order IN (' . $order . ', ' . ($action == 'move_up' ? $order - 1 : $order + 1) . ')'; $db->sql_query($sql); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => (bool) $db->sql_affectedrows())); } break; } // By default, check that order is valid and fix it if necessary $sql = 'SELECT reason_id, reason_order FROM ' . REPORTS_REASONS_TABLE . ' ORDER BY reason_order'; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $order = 0; do { ++$order; if ($row['reason_order'] != $order) { $sql = 'UPDATE ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\tSET reason_order = {$order}\n\t\t\t\t\t\tWHERE reason_id = {$row['reason_id']}"; $db->sql_query($sql); } } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); $template->assign_vars(array('U_ACTION' => $this->u_action)); // Reason count $sql = 'SELECT reason_id, COUNT(reason_id) AS reason_count FROM ' . REPORTS_TABLE . ' GROUP BY reason_id'; $result = $db->sql_query($sql); $reason_count = array(); while ($row = $db->sql_fetchrow($result)) { $reason_count[$row['reason_id']] = $row['reason_count']; } $db->sql_freeresult($result); $sql = 'SELECT * FROM ' . REPORTS_REASONS_TABLE . ' ORDER BY reason_order ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $translated = false; $other_reason = $row['reason_title'] == 'other' ? true : false; // If the reason is defined within the language file, we will use the localized version, else just use the database entry... if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) { $row['reason_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]; $row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]; $translated = true; } $template->assign_block_vars('reasons', array('REASON_TITLE' => $row['reason_title'], 'REASON_DESCRIPTION' => $row['reason_description'], 'REASON_COUNT' => isset($reason_count[$row['reason_id']]) ? $reason_count[$row['reason_id']] : 0, 'S_TRANSLATED' => $translated, 'S_OTHER_REASON' => $other_reason, 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row['reason_id'], 'U_DELETE' => !$other_reason ? $this->u_action . '&action=delete&id=' . $row['reason_id'] : '', 'U_MOVE_UP' => $this->u_action . '&action=move_up&id=' . $row['reason_id'], 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&id=' . $row['reason_id'])); } $db->sql_freeresult($result); }
/** * Disapprove Post * * @param $post_id_list array IDs of the posts to disapprove/delete * @param $id mixed Category of the current active module * @param $mode string Active module * @return null */ public static function disapprove_posts($post_id_list, $id, $mode) { global $db, $template, $user, $config, $phpbb_container, $phpbb_dispatcher; global $phpEx, $phpbb_root_path, $request, $phpbb_log; if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve'))) { trigger_error('NOT_AUTHORISED'); } $redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode={$mode}"); $redirect = reapply_sid($redirect); $reason = $request->variable('reason', '', true); $reason_id = $request->variable('reason_id', 0); $success_msg = $additional_msg = ''; $s_hidden_fields = build_hidden_fields(array('i' => $id, 'mode' => $mode, 'post_id_list' => $post_id_list, 'action' => 'disapprove', 'redirect' => $redirect)); $notify_poster = $request->is_set('notify_poster'); $disapprove_reason = ''; if ($reason_id) { $sql = 'SELECT reason_title, reason_description FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\tWHERE reason_id = {$reason_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row || !$reason && strtolower($row['reason_title']) == 'other') { $additional_msg = $user->lang['NO_REASON_DISAPPROVAL']; $request->overwrite('confirm', null, \phpbb\request\request_interface::POST); $request->overwrite('confirm_key', null, \phpbb\request\request_interface::POST); $request->overwrite('confirm_key', null, \phpbb\request\request_interface::REQUEST); } else { // If the reason is defined within the language file, we will use the localized version, else just use the database entry... $disapprove_reason = strtolower($row['reason_title']) != 'other' ? isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description'] : ''; $disapprove_reason .= $reason ? "\n\n" . $reason : ''; if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) { $disapprove_reason_lang = strtoupper($row['reason_title']); } } } $post_info = phpbb_get_post_data($post_id_list, 'm_approve'); $is_disapproving = false; foreach ($post_info as $post_id => $post_data) { if ($post_data['post_visibility'] == ITEM_DELETED) { continue; } $is_disapproving = true; } if (confirm_box(true)) { $disapprove_log = $disapprove_log_topics = $disapprove_log_posts = array(); $topic_posts_unapproved = $post_disapprove_list = $topic_information = array(); // Build a list of posts to be disapproved and get the related topics real replies count foreach ($post_info as $post_id => $post_data) { $post_disapprove_list[$post_id] = $post_data['topic_id']; if (!isset($topic_posts_unapproved[$post_data['topic_id']])) { $topic_information[$post_data['topic_id']] = $post_data; $topic_posts_unapproved[$post_data['topic_id']] = 0; } $topic_posts_unapproved[$post_data['topic_id']]++; } // Now we build the log array foreach ($post_disapprove_list as $post_id => $topic_id) { // If the count of disapproved posts for the topic is equal // to the number of unapproved posts in the topic, and there are no different // posts, we disapprove the hole topic if ($topic_information[$topic_id]['topic_posts_approved'] == 0 && $topic_information[$topic_id]['topic_posts_softdeleted'] == 0 && $topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id]) { // Don't write the log more than once for every topic if (!isset($disapprove_log_topics[$topic_id])) { // Build disapproved topics log $disapprove_log_topics[$topic_id] = array('type' => 'topic', 'post_subject' => $post_info[$post_id]['topic_title'], 'forum_id' => $post_info[$post_id]['forum_id'], 'topic_id' => 0, 'post_username' => $post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username']) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username']); } } else { // Build disapproved posts log $disapprove_log_posts[] = array('type' => 'post', 'post_subject' => $post_info[$post_id]['post_subject'], 'forum_id' => $post_info[$post_id]['forum_id'], 'topic_id' => $post_info[$post_id]['topic_id'], 'post_username' => $post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username']) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username']); } } // Get disapproved posts/topics counts separately $num_disapproved_topics = sizeof($disapprove_log_topics); $num_disapproved_posts = sizeof($disapprove_log_posts); // Build the whole log $disapprove_log = array_merge($disapprove_log_topics, $disapprove_log_posts); // Unset unneeded arrays unset($post_data, $disapprove_log_topics, $disapprove_log_posts); // Let's do the job - delete disapproved posts if (sizeof($post_disapprove_list)) { if (!function_exists('delete_posts')) { include $phpbb_root_path . 'includes/functions_admin.' . $phpEx; } // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts // Note: function delete_posts triggers related forums/topics sync, // so we don't need to call update_post_information later and to adjust real topic replies or forum topics count manually delete_posts('post_id', array_keys($post_disapprove_list)); foreach ($disapprove_log as $log_data) { if ($is_disapproving) { $l_log_message = $log_data['type'] == 'topic' ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED'; $phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array('forum_id' => $log_data['forum_id'], 'topic_id' => $log_data['topic_id'], $log_data['post_subject'], $disapprove_reason, $log_data['post_username'])); } else { $l_log_message = $log_data['type'] == 'topic' ? 'LOG_DELETE_TOPIC' : 'LOG_DELETE_POST'; $phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array('forum_id' => $log_data['forum_id'], 'topic_id' => $log_data['topic_id'], $log_data['post_subject'], $log_data['post_username'])); } } } /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); $lang_reasons = array(); foreach ($post_info as $post_id => $post_data) { $disapprove_all_posts_in_topic = $topic_information[$topic_id]['topic_posts_approved'] == 0 && $topic_information[$topic_id]['topic_posts_softdeleted'] == 0 && $topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id]; $phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id); // Do we disapprove the whole topic? Remove potential notifications if ($disapprove_all_posts_in_topic) { $phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']); } // Notify Poster? if ($notify_poster) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } $post_data['disapprove_reason'] = $disapprove_reason; if (isset($disapprove_reason_lang)) { // Okay we need to get the reason from the posters language if (!isset($lang_reasons[$post_data['user_lang']])) { // Assign the current users translation as the default, this is not ideal but getting the board default adds another layer of complexity. $lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]; // Only load up the language pack if the language is different to the current one if ($post_data['user_lang'] != $user->lang_name && file_exists($phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx)) { // Load up the language pack $lang = array(); @(include $phpbb_root_path . '/language/' . basename($post_data['user_lang']) . '/mcp.' . $phpEx); // If we find the reason in this language pack use it if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang])) { $lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]; } unset($lang); // Free memory } } $post_data['disapprove_reason'] = $lang_reasons[$post_data['user_lang']]; $post_data['disapprove_reason'] .= $reason ? "\n\n" . $reason : ''; } if ($disapprove_all_posts_in_topic && $topic_information[$topic_id]['topic_posts_unapproved'] == 1) { // If there is only 1 post when disapproving the topic, // we send the user a "disapprove topic" notification... $phpbb_notifications->add_notifications('notification.type.disapprove_topic', $post_data); } else { // ... otherwise there are multiple unapproved posts and // all of them are disapproved as posts. $phpbb_notifications->add_notifications('notification.type.disapprove_post', $post_data); } } } if ($num_disapproved_topics) { $success_msg = $num_disapproved_topics == 1 ? 'TOPIC' : 'TOPICS'; } else { $success_msg = $num_disapproved_posts == 1 ? 'POST' : 'POSTS'; } if ($is_disapproving) { $success_msg .= '_DISAPPROVED_SUCCESS'; } else { $success_msg .= '_DELETED_SUCCESS'; } // If we came from viewtopic, we try to go back to it. if (strpos($redirect, $phpbb_root_path . 'viewtopic.' . $phpEx) === 0) { if ($num_disapproved_topics == 0) { // So we need to remove the post id part from the Url $redirect = str_replace("&p={$post_id_list[0]}#p{$post_id_list[0]}", '', $redirect); } else { // However this is only possible if the topic still exists, // Otherwise we go back to the viewforum page $redirect = append_sid($phpbb_root_path . 'viewforum.' . $phpEx, 'f=' . $request->variable('f', 0)); } } /** * Perform additional actions during post(s) disapproval * * @event core.disapprove_posts_after * @var array post_info Array containing info for all posts being disapproved * @var array topic_information Array containing information for the topics * @var array topic_posts_unapproved Array containing list of topic ids and the count of disapproved posts in them * @var array post_disapprove_list Array containing list of posts and their topic id * @var int num_disapproved_topics Variable containing the number of disapproved topics * @var int num_disapproved_posts Variable containing the number of disapproved posts * @var array lang_reasons Array containing the language keys for reasons * @var string disapprove_reason Variable containing the language key for the success message * @var string disapprove_reason_lang Variable containing the language key for the success message * @var bool is_disapproving Variable telling if anything is going to be disapproved * @var bool notify_poster Variable telling if the post should be notified or not * @var string success_msg Variable containing the language key for the success message * @var string redirect Variable containing the redirect url * @since 3.1.4-RC1 */ $vars = array('post_info', 'topic_information', 'topic_posts_unapproved', 'post_disapprove_list', 'num_disapproved_topics', 'num_disapproved_posts', 'lang_reasons', 'disapprove_reason', 'disapprove_reason_lang', 'is_disapproving', 'notify_poster', 'success_msg', 'redirect'); extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars))); unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang); meta_refresh(3, $redirect); $message = $user->lang[$success_msg]; if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'REFRESH_DATA' => null, 'visible' => false)); } $message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>'); trigger_error($message); } else { $show_notify = false; foreach ($post_info as $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } else { $show_notify = true; break; } } $l_confirm_msg = 'DISAPPROVE_POST'; $confirm_template = 'mcp_approve.html'; if ($is_disapproving) { $phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id); } else { $user->add_lang('posting'); $l_confirm_msg = 'DELETE_POST_PERMANENTLY'; $confirm_template = 'confirm_delete_body.html'; } $l_confirm_msg .= sizeof($post_id_list) == 1 ? '' : 'S'; $template->assign_vars(array('S_NOTIFY_POSTER' => $show_notify, 'S_APPROVE' => false, 'REASON' => $is_disapproving ? $reason : '', 'ADDITIONAL_MSG' => $additional_msg)); confirm_box(false, $l_confirm_msg, $s_hidden_fields, $confirm_template); } redirect($redirect); }
/** * Parse Attachments */ function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false) { global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $request; global $phpbb_container; $error = array(); $num_attachments = sizeof($this->attachment_data); $this->filename_data['filecomment'] = $request->variable('filecomment', '', true); $upload = $request->file($form_name); $upload_file = !empty($upload) && $upload['name'] !== 'none' && trim($upload['name']); $add_file = isset($_POST['add_file']) ? true : false; $delete_file = isset($_POST['delete_file']) ? true : false; // First of all adjust comments if changed $actual_comment_list = $request->variable('comment_list', array(''), true); foreach ($actual_comment_list as $comment_key => $comment) { if (!isset($this->attachment_data[$comment_key])) { continue; } if ($this->attachment_data[$comment_key]['attach_comment'] != $actual_comment_list[$comment_key]) { $this->attachment_data[$comment_key]['attach_comment'] = $actual_comment_list[$comment_key]; } } $cfg = array(); $cfg['max_attachments'] = $is_message ? $config['max_attachments_pm'] : $config['max_attachments']; $forum_id = $is_message ? 0 : $forum_id; if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file) { if ($num_attachments < $cfg['max_attachments'] || $auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) { /** @var \phpbb\attachment\manager $attachment_manager */ $attachment_manager = $phpbb_container->get('attachment.manager'); $filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message); $error = $filedata['error']; if ($filedata['post_attach'] && !sizeof($error)) { $sql_ary = array('physical_filename' => $filedata['physical_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'real_filename' => $filedata['real_filename'], 'extension' => $filedata['extension'], 'mimetype' => $filedata['mimetype'], 'filesize' => $filedata['filesize'], 'filetime' => $filedata['filetime'], 'thumbnail' => $filedata['thumbnail'], 'is_orphan' => 1, 'in_message' => $is_message ? 1 : 0, 'poster_id' => $user->data['user_id']); $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $new_entry = array('attach_id' => $db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'filesize' => $filedata['filesize']); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); $this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) { return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]'; }, $this->message); $this->filename_data['filecomment'] = ''; // This Variable is set to false here, because Attachments are entered into the // Database in two modes, one if the id_list is 0 and the second one if post_attach is true // Since post_attach is automatically switched to true if an Attachment got added to the filesystem, // but we are assigning an id of 0 here, we have to reset the post_attach variable to false. // // This is very relevant, because it could happen that the post got not submitted, but we do not // know this circumstance here. We could be at the posting page or we could be redirected to the entered // post. :) $filedata['post_attach'] = false; } } else { $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']); } } if ($preview || $refresh || sizeof($error)) { if (isset($this->plupload) && $this->plupload->is_active()) { $json_response = new \phpbb\json_response(); } // Perform actions on temporary attachments if ($delete_file) { include_once $phpbb_root_path . 'includes/functions_admin.' . $phpEx; $index = array_keys($request->variable('delete_file', array(0 => 0))); $index = !empty($index) ? $index[0] : false; if ($index !== false && !empty($this->attachment_data[$index])) { /** @var \phpbb\attachment\manager $attachment_manager */ $attachment_manager = $phpbb_container->get('attachment.manager'); // delete selected attachment if ($this->attachment_data[$index]['is_orphan']) { $sql = 'SELECT attach_id, physical_filename, thumbnail FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { $attachment_manager->unlink($row['physical_filename'], 'file'); if ($row['thumbnail']) { $attachment_manager->unlink($row['physical_filename'], 'thumbnail'); } $db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']); } } else { $attachment_manager->delete('attach', $this->attachment_data[$index]['attach_id']); } unset($this->attachment_data[$index]); $this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) use($index) { return $match[1] == $index ? '' : ($match[1] > $index ? '[attachment=' . ($match[1] - 1) . ']' . $match[2] . '[/attachment]' : $match[0]); }, $this->message); // Reindex Array $this->attachment_data = array_values($this->attachment_data); if (isset($this->plupload) && $this->plupload->is_active()) { $json_response->send($this->attachment_data); } } } else { if (($add_file || $preview) && $upload_file) { if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_', $forum_id)) { /** @var \phpbb\attachment\manager $attachment_manager */ $attachment_manager = $phpbb_container->get('attachment.manager'); $filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message); $error = array_merge($error, $filedata['error']); if (!sizeof($error)) { $sql_ary = array('physical_filename' => $filedata['physical_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'real_filename' => $filedata['real_filename'], 'extension' => $filedata['extension'], 'mimetype' => $filedata['mimetype'], 'filesize' => $filedata['filesize'], 'filetime' => $filedata['filetime'], 'thumbnail' => $filedata['thumbnail'], 'is_orphan' => 1, 'in_message' => $is_message ? 1 : 0, 'poster_id' => $user->data['user_id']); $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $new_entry = array('attach_id' => $db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'filesize' => $filedata['filesize']); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); $this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) { return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]'; }, $this->message); $this->filename_data['filecomment'] = ''; if (isset($this->plupload) && $this->plupload->is_active()) { $download_url = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'mode=view&id=' . $new_entry['attach_id']); // Send the client the attachment data to maintain state $json_response->send(array('data' => $this->attachment_data, 'download_url' => $download_url)); } } } else { $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']); } if (!empty($error) && isset($this->plupload) && $this->plupload->is_active()) { // If this is a plupload (and thus ajax) request, give the // client the first error we have $json_response->send(array('jsonrpc' => '2.0', 'id' => 'id', 'error' => array('code' => 105, 'message' => current($error)))); } } } } foreach ($error as $error_msg) { $this->warn_msg[] = $error_msg; } }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $request, $phpbb_dispatcher; global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx, $phpbb_log; $user->add_lang('acp/forums'); $this->tpl_name = 'acp_forums'; $this->page_title = 'ACP_MANAGE_FORUMS'; $form_key = 'acp_forums'; add_form_key($form_key); $action = $request->variable('action', ''); $update = isset($_POST['update']) ? true : false; $forum_id = $request->variable('f', 0); $this->parent_id = $request->variable('parent_id', 0); $forum_data = $errors = array(); if ($update && !check_form_key($form_key)) { $update = false; $errors[] = $user->lang['FORM_INVALID']; } // Check additional permissions switch ($action) { case 'progress_bar': $start = $request->variable('start', 0); $total = $request->variable('total', 0); $this->display_progress_bar($start, $total); break; case 'delete': if (!$auth->acl_get('a_forumdel')) { trigger_error($user->lang['NO_PERMISSION_FORUM_DELETE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } break; case 'add': if (!$auth->acl_get('a_forumadd')) { trigger_error($user->lang['NO_PERMISSION_FORUM_ADD'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } break; } // Major routines if ($update) { switch ($action) { case 'delete': $action_subforums = $request->variable('action_subforums', ''); $subforums_to_id = $request->variable('subforums_to_id', 0); $action_posts = $request->variable('action_posts', ''); $posts_to_id = $request->variable('posts_to_id', 0); $errors = $this->delete_forum($forum_id, $action_posts, $action_subforums, $posts_to_id, $subforums_to_id); if (sizeof($errors)) { break; } $auth->acl_clear_prefetch(); $cache->destroy('sql', FORUMS_TABLE); trigger_error($user->lang['FORUM_DELETED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); break; case 'edit': $forum_data = array('forum_id' => $forum_id); // No break here // No break here case 'add': $forum_data += array('parent_id' => $request->variable('forum_parent_id', $this->parent_id), 'forum_type' => $request->variable('forum_type', FORUM_POST), 'type_action' => $request->variable('type_action', ''), 'forum_status' => $request->variable('forum_status', ITEM_UNLOCKED), 'forum_parents' => '', 'forum_name' => $request->variable('forum_name', '', true), 'forum_link' => $request->variable('forum_link', ''), 'forum_link_track' => $request->variable('forum_link_track', false), 'forum_desc' => $request->variable('forum_desc', '', true), 'forum_desc_uid' => '', 'forum_desc_options' => 7, 'forum_desc_bitfield' => '', 'forum_rules' => $request->variable('forum_rules', '', true), 'forum_rules_uid' => '', 'forum_rules_options' => 7, 'forum_rules_bitfield' => '', 'forum_rules_link' => $request->variable('forum_rules_link', ''), 'forum_image' => $request->variable('forum_image', ''), 'forum_style' => $request->variable('forum_style', 0), 'display_subforum_list' => $request->variable('display_subforum_list', false), 'display_on_index' => $request->variable('display_on_index', false), 'forum_topics_per_page' => $request->variable('topics_per_page', 0), 'enable_indexing' => $request->variable('enable_indexing', true), 'enable_icons' => $request->variable('enable_icons', false), 'enable_prune' => $request->variable('enable_prune', false), 'enable_post_review' => $request->variable('enable_post_review', true), 'enable_quick_reply' => $request->variable('enable_quick_reply', false), 'enable_shadow_prune' => $request->variable('enable_shadow_prune', false), 'prune_days' => $request->variable('prune_days', 7), 'prune_viewed' => $request->variable('prune_viewed', 7), 'prune_freq' => $request->variable('prune_freq', 1), 'prune_old_polls' => $request->variable('prune_old_polls', false), 'prune_announce' => $request->variable('prune_announce', false), 'prune_sticky' => $request->variable('prune_sticky', false), 'prune_shadow_days' => $request->variable('prune_shadow_days', 7), 'prune_shadow_freq' => $request->variable('prune_shadow_freq', 1), 'forum_password' => $request->variable('forum_password', '', true), 'forum_password_confirm' => $request->variable('forum_password_confirm', '', true), 'forum_password_unset' => $request->variable('forum_password_unset', false)); /** * Request forum data and operate on it (parse texts, etc.) * * @event core.acp_manage_forums_request_data * @var string action Type of the action: add|edit * @var array forum_data Array with new forum data * @since 3.1.0-a1 */ $vars = array('action', 'forum_data'); extract($phpbb_dispatcher->trigger_event('core.acp_manage_forums_request_data', compact($vars))); // On add, add empty forum_options... else do not consider it (not updating it) if ($action == 'add') { $forum_data['forum_options'] = 0; } // Use link_display_on_index setting if forum type is link if ($forum_data['forum_type'] == FORUM_LINK) { $forum_data['display_on_index'] = $request->variable('link_display_on_index', false); } // Linked forums and categories are not able to be locked... if ($forum_data['forum_type'] == FORUM_LINK || $forum_data['forum_type'] == FORUM_CAT) { $forum_data['forum_status'] = ITEM_UNLOCKED; } $forum_data['show_active'] = $forum_data['forum_type'] == FORUM_POST ? $request->variable('display_recent', true) : $request->variable('display_active', false); // Get data for forum rules if specified... if ($forum_data['forum_rules']) { generate_text_for_storage($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options'], $request->variable('rules_parse_bbcode', false), $request->variable('rules_parse_urls', false), $request->variable('rules_parse_smilies', false)); } // Get data for forum description if specified if ($forum_data['forum_desc']) { generate_text_for_storage($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options'], $request->variable('desc_parse_bbcode', false), $request->variable('desc_parse_urls', false), $request->variable('desc_parse_smilies', false)); } $errors = $this->update_forum_data($forum_data); if (!sizeof($errors)) { $forum_perm_from = $request->variable('forum_perm_from', 0); $cache->destroy('sql', FORUMS_TABLE); $copied_permissions = false; // Copy permissions? if ($forum_perm_from && $forum_perm_from != $forum_data['forum_id'] && ($action != 'edit' || empty($forum_id) || $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth'))) { copy_forum_permissions($forum_perm_from, $forum_data['forum_id'], $action == 'edit' ? true : false); phpbb_cache_moderators($db, $cache, $auth); $copied_permissions = true; } /* Commented out because of questionable UI workflow - re-visit for 3.0.7 else if (!$this->parent_id && $action != 'edit' && $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')) { $this->copy_permission_page($forum_data); return; } */ $auth->acl_clear_prefetch(); $acl_url = '&mode=setting_forum_local&forum_id[]=' . $forum_data['forum_id']; $message = $action == 'add' ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED']; // redirect directly to permission settings screen if authed if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth')) { $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url) . '">', '</a>'); meta_refresh(4, append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url)); } trigger_error($message . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } break; } } switch ($action) { case 'move_up': case 'move_down': if (!$forum_id) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $sql = 'SELECT * FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $move_forum_name = $this->move_forum_by($row, $action, 1); if ($move_forum_name !== false) { $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_FORUM_' . strtoupper($action), false, array($row['forum_name'], $move_forum_name)); $cache->destroy('sql', FORUMS_TABLE); } if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => $move_forum_name !== false)); } break; case 'sync': if (!$forum_id) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } @set_time_limit(0); $sql = 'SELECT forum_name, (forum_topics_approved + forum_topics_unapproved + forum_topics_softdeleted) AS total_topics FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } if ($row['total_topics']) { $sql = 'SELECT MIN(topic_id) as min_topic_id, MAX(topic_id) as max_topic_id FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . $forum_id; $result = $db->sql_query($sql); $row2 = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Typecast to int if there is no data available $row2['min_topic_id'] = (int) $row2['min_topic_id']; $row2['max_topic_id'] = (int) $row2['max_topic_id']; $start = $request->variable('start', $row2['min_topic_id']); $batch_size = 2000; $end = $start + $batch_size; // Sync all topics in batch mode... sync('topic', 'range', 'topic_id BETWEEN ' . $start . ' AND ' . $end, true, true); if ($end < $row2['max_topic_id']) { // We really need to find a way of showing statistics... no progress here $sql = 'SELECT COUNT(topic_id) as num_topics FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . $forum_id . ' AND topic_id BETWEEN ' . $start . ' AND ' . $end; $result = $db->sql_query($sql); $topics_done = $request->variable('topics_done', 0) + (int) $db->sql_fetchfield('num_topics'); $db->sql_freeresult($result); $start += $batch_size; $url = $this->u_action . "&parent_id={$this->parent_id}&f={$forum_id}&action=sync&start={$start}&topics_done={$topics_done}&total={$row['total_topics']}"; meta_refresh(0, $url); $template->assign_vars(array('U_PROGRESS_BAR' => $this->u_action . "&action=progress_bar&start={$topics_done}&total={$row['total_topics']}", 'UA_PROGRESS_BAR' => addslashes($this->u_action . "&action=progress_bar&start={$topics_done}&total={$row['total_topics']}"), 'S_CONTINUE_SYNC' => true, 'L_PROGRESS_EXPLAIN' => sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], $topics_done, $row['total_topics']))); return; } } $url = $this->u_action . "&parent_id={$this->parent_id}&f={$forum_id}&action=sync_forum"; meta_refresh(0, $url); $template->assign_vars(array('U_PROGRESS_BAR' => $this->u_action . '&action=progress_bar', 'UA_PROGRESS_BAR' => addslashes($this->u_action . '&action=progress_bar'), 'S_CONTINUE_SYNC' => true, 'L_PROGRESS_EXPLAIN' => sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], 0, $row['total_topics']))); return; break; case 'sync_forum': $sql = 'SELECT forum_name, forum_type FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } sync('forum', 'forum_id', $forum_id, false, true); $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_FORUM_SYNC', false, array($row['forum_name'])); $cache->destroy('sql', FORUMS_TABLE); $template->assign_var('L_FORUM_RESYNCED', sprintf($user->lang['FORUM_RESYNCED'], $row['forum_name'])); break; case 'add': case 'edit': if ($update) { $forum_data['forum_flags'] = 0; $forum_data['forum_flags'] += $request->variable('forum_link_track', false) ? FORUM_FLAG_LINK_TRACK : 0; $forum_data['forum_flags'] += $request->variable('prune_old_polls', false) ? FORUM_FLAG_PRUNE_POLL : 0; $forum_data['forum_flags'] += $request->variable('prune_announce', false) ? FORUM_FLAG_PRUNE_ANNOUNCE : 0; $forum_data['forum_flags'] += $request->variable('prune_sticky', false) ? FORUM_FLAG_PRUNE_STICKY : 0; $forum_data['forum_flags'] += $forum_data['show_active'] ? FORUM_FLAG_ACTIVE_TOPICS : 0; $forum_data['forum_flags'] += $request->variable('enable_post_review', true) ? FORUM_FLAG_POST_REVIEW : 0; $forum_data['forum_flags'] += $request->variable('enable_quick_reply', false) ? FORUM_FLAG_QUICK_REPLY : 0; } // Initialise $row, so we always have it in the event $row = array(); // Show form to create/modify a forum if ($action == 'edit') { $this->page_title = 'EDIT_FORUM'; $row = $this->get_forum_info($forum_id); $old_forum_type = $row['forum_type']; if (!$update) { $forum_data = $row; } else { $forum_data['left_id'] = $row['left_id']; $forum_data['right_id'] = $row['right_id']; } // Make sure no direct child forums are able to be selected as parents. $exclude_forums = array(); foreach (get_forum_branch($forum_id, 'children') as $row) { $exclude_forums[] = $row['forum_id']; } $parents_list = make_forum_select($forum_data['parent_id'], $exclude_forums, false, false, false); $forum_data['forum_password_confirm'] = $forum_data['forum_password']; } else { $this->page_title = 'CREATE_FORUM'; $forum_id = $this->parent_id; $parents_list = make_forum_select($this->parent_id, false, false, false, false); // Fill forum data with default values if (!$update) { $forum_data = array('parent_id' => $this->parent_id, 'forum_type' => FORUM_POST, 'forum_status' => ITEM_UNLOCKED, 'forum_name' => $request->variable('forum_name', '', true), 'forum_link' => '', 'forum_link_track' => false, 'forum_desc' => '', 'forum_rules' => '', 'forum_rules_link' => '', 'forum_image' => '', 'forum_style' => 0, 'display_subforum_list' => true, 'display_on_index' => false, 'forum_topics_per_page' => 0, 'enable_indexing' => true, 'enable_icons' => false, 'enable_prune' => false, 'prune_days' => 7, 'prune_viewed' => 7, 'prune_freq' => 1, 'enable_shadow_prune' => false, 'prune_shadow_days' => 7, 'prune_shadow_freq' => 1, 'forum_flags' => FORUM_FLAG_POST_REVIEW + FORUM_FLAG_ACTIVE_TOPICS, 'forum_options' => 0, 'forum_password' => '', 'forum_password_confirm' => ''); } } /** * Initialise data before we display the add/edit form * * @event core.acp_manage_forums_initialise_data * @var string action Type of the action: add|edit * @var bool update Do we display the form only * or did the user press submit * @var int forum_id When editing: the forum id, * when creating: the parent forum id * @var array row Array with current forum data * empty when creating new forum * @var array forum_data Array with new forum data * @var string parents_list List of parent options * @since 3.1.0-a1 */ $vars = array('action', 'update', 'forum_id', 'row', 'forum_data', 'parents_list'); extract($phpbb_dispatcher->trigger_event('core.acp_manage_forums_initialise_data', compact($vars))); $forum_rules_data = array('text' => $forum_data['forum_rules'], 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true); $forum_desc_data = array('text' => $forum_data['forum_desc'], 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true); $forum_rules_preview = ''; // Parse rules if specified if ($forum_data['forum_rules']) { if (!isset($forum_data['forum_rules_uid'])) { // Before we are able to display the preview and plane text, we need to parse our $request->variable()'d value... $forum_data['forum_rules_uid'] = ''; $forum_data['forum_rules_bitfield'] = ''; $forum_data['forum_rules_options'] = 0; generate_text_for_storage($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options'], $request->variable('rules_allow_bbcode', false), $request->variable('rules_allow_urls', false), $request->variable('rules_allow_smilies', false)); } // Generate preview content $forum_rules_preview = generate_text_for_display($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options']); // decode... $forum_rules_data = generate_text_for_edit($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_options']); } // Parse desciption if specified if ($forum_data['forum_desc']) { if (!isset($forum_data['forum_desc_uid'])) { // Before we are able to display the preview and plane text, we need to parse our $request->variable()'d value... $forum_data['forum_desc_uid'] = ''; $forum_data['forum_desc_bitfield'] = ''; $forum_data['forum_desc_options'] = 0; generate_text_for_storage($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options'], $request->variable('desc_allow_bbcode', false), $request->variable('desc_allow_urls', false), $request->variable('desc_allow_smilies', false)); } // decode... $forum_desc_data = generate_text_for_edit($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_options']); } $forum_type_options = ''; $forum_type_ary = array(FORUM_CAT => 'CAT', FORUM_POST => 'FORUM', FORUM_LINK => 'LINK'); foreach ($forum_type_ary as $value => $lang) { $forum_type_options .= '<option value="' . $value . '"' . ($value == $forum_data['forum_type'] ? ' selected="selected"' : '') . '>' . $user->lang['TYPE_' . $lang] . '</option>'; } $styles_list = style_select($forum_data['forum_style'], true); $statuslist = '<option value="' . ITEM_UNLOCKED . '"' . ($forum_data['forum_status'] == ITEM_UNLOCKED ? ' selected="selected"' : '') . '>' . $user->lang['UNLOCKED'] . '</option><option value="' . ITEM_LOCKED . '"' . ($forum_data['forum_status'] == ITEM_LOCKED ? ' selected="selected"' : '') . '>' . $user->lang['LOCKED'] . '</option>'; $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type = ' . FORUM_POST . "\n\t\t\t\t\t\tAND forum_id <> {$forum_id}"; $result = $db->sql_query_limit($sql, 1); $postable_forum_exists = false; if ($db->sql_fetchrow($result)) { $postable_forum_exists = true; } $db->sql_freeresult($result); // Subforum move options if ($action == 'edit' && $forum_data['forum_type'] == FORUM_CAT) { $subforums_id = array(); $subforums = get_forum_branch($forum_id, 'children'); foreach ($subforums as $row) { $subforums_id[] = $row['forum_id']; } $forums_list = make_forum_select($forum_data['parent_id'], $subforums_id); if ($postable_forum_exists) { $template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $subforums_id))); } $template->assign_vars(array('S_HAS_SUBFORUMS' => $forum_data['right_id'] - $forum_data['left_id'] > 1 ? true : false, 'S_FORUMS_LIST' => $forums_list)); } else { if ($postable_forum_exists) { $template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $forum_id, false, true, false))); } } $s_show_display_on_index = false; if ($forum_data['parent_id'] > 0) { // if this forum is a subforum put the "display on index" checkbox if ($parent_info = $this->get_forum_info($forum_data['parent_id'])) { if ($parent_info['parent_id'] > 0 || $parent_info['forum_type'] == FORUM_CAT) { $s_show_display_on_index = true; } } } if (strlen($forum_data['forum_password']) == 32) { $errors[] = $user->lang['FORUM_PASSWORD_OLD']; } $template_data = array('S_EDIT_FORUM' => true, 'S_ERROR' => sizeof($errors) ? true : false, 'S_PARENT_ID' => $this->parent_id, 'S_FORUM_PARENT_ID' => $forum_data['parent_id'], 'S_ADD_ACTION' => $action == 'add' ? true : false, 'U_BACK' => $this->u_action . '&parent_id=' . $this->parent_id, 'U_EDIT_ACTION' => $this->u_action . "&parent_id={$this->parent_id}&action={$action}&f={$forum_id}", 'L_COPY_PERMISSIONS_EXPLAIN' => $user->lang['COPY_PERMISSIONS_' . strtoupper($action) . '_EXPLAIN'], 'L_TITLE' => $user->lang[$this->page_title], 'ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '', 'FORUM_NAME' => $forum_data['forum_name'], 'FORUM_DATA_LINK' => $forum_data['forum_link'], 'FORUM_IMAGE' => $forum_data['forum_image'], 'FORUM_IMAGE_SRC' => $forum_data['forum_image'] ? $phpbb_root_path . $forum_data['forum_image'] : '', 'FORUM_POST' => FORUM_POST, 'FORUM_LINK' => FORUM_LINK, 'FORUM_CAT' => FORUM_CAT, 'PRUNE_FREQ' => $forum_data['prune_freq'], 'PRUNE_DAYS' => $forum_data['prune_days'], 'PRUNE_VIEWED' => $forum_data['prune_viewed'], 'PRUNE_SHADOW_FREQ' => $forum_data['prune_shadow_freq'], 'PRUNE_SHADOW_DAYS' => $forum_data['prune_shadow_days'], 'TOPICS_PER_PAGE' => $forum_data['forum_topics_per_page'], 'FORUM_RULES_LINK' => $forum_data['forum_rules_link'], 'FORUM_RULES' => $forum_data['forum_rules'], 'FORUM_RULES_PREVIEW' => $forum_rules_preview, 'FORUM_RULES_PLAIN' => $forum_rules_data['text'], 'S_BBCODE_CHECKED' => $forum_rules_data['allow_bbcode'] ? true : false, 'S_SMILIES_CHECKED' => $forum_rules_data['allow_smilies'] ? true : false, 'S_URLS_CHECKED' => $forum_rules_data['allow_urls'] ? true : false, 'S_FORUM_PASSWORD_SET' => empty($forum_data['forum_password']) ? false : true, 'FORUM_DESC' => $forum_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => $forum_desc_data['allow_bbcode'] ? true : false, 'S_DESC_SMILIES_CHECKED' => $forum_desc_data['allow_smilies'] ? true : false, 'S_DESC_URLS_CHECKED' => $forum_desc_data['allow_urls'] ? true : false, 'S_FORUM_TYPE_OPTIONS' => $forum_type_options, 'S_STATUS_OPTIONS' => $statuslist, 'S_PARENT_OPTIONS' => $parents_list, 'S_STYLES_OPTIONS' => $styles_list, 'S_FORUM_OPTIONS' => make_forum_select($action == 'add' ? $forum_data['parent_id'] : false, $action == 'edit' ? $forum_data['forum_id'] : false, false, false, false), 'S_SHOW_DISPLAY_ON_INDEX' => $s_show_display_on_index, 'S_FORUM_POST' => $forum_data['forum_type'] == FORUM_POST ? true : false, 'S_FORUM_ORIG_POST' => isset($old_forum_type) && $old_forum_type == FORUM_POST ? true : false, 'S_FORUM_ORIG_CAT' => isset($old_forum_type) && $old_forum_type == FORUM_CAT ? true : false, 'S_FORUM_ORIG_LINK' => isset($old_forum_type) && $old_forum_type == FORUM_LINK ? true : false, 'S_FORUM_LINK' => $forum_data['forum_type'] == FORUM_LINK ? true : false, 'S_FORUM_CAT' => $forum_data['forum_type'] == FORUM_CAT ? true : false, 'S_ENABLE_INDEXING' => $forum_data['enable_indexing'] ? true : false, 'S_TOPIC_ICONS' => $forum_data['enable_icons'] ? true : false, 'S_DISPLAY_SUBFORUM_LIST' => $forum_data['display_subforum_list'] ? true : false, 'S_DISPLAY_ON_INDEX' => $forum_data['display_on_index'] ? true : false, 'S_PRUNE_ENABLE' => $forum_data['enable_prune'] ? true : false, 'S_PRUNE_SHADOW_ENABLE' => $forum_data['enable_shadow_prune'] ? true : false, 'S_FORUM_LINK_TRACK' => $forum_data['forum_flags'] & FORUM_FLAG_LINK_TRACK ? true : false, 'S_PRUNE_OLD_POLLS' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_POLL ? true : false, 'S_PRUNE_ANNOUNCE' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_ANNOUNCE ? true : false, 'S_PRUNE_STICKY' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_STICKY ? true : false, 'S_DISPLAY_ACTIVE_TOPICS' => $forum_data['forum_type'] == FORUM_POST ? $forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS : true, 'S_ENABLE_ACTIVE_TOPICS' => $forum_data['forum_type'] == FORUM_CAT ? $forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS : false, 'S_ENABLE_POST_REVIEW' => $forum_data['forum_flags'] & FORUM_FLAG_POST_REVIEW ? true : false, 'S_ENABLE_QUICK_REPLY' => $forum_data['forum_flags'] & FORUM_FLAG_QUICK_REPLY ? true : false, 'S_CAN_COPY_PERMISSIONS' => $action != 'edit' || empty($forum_id) || $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth') ? true : false); /** * Modify forum template data before we display the form * * @event core.acp_manage_forums_display_form * @var string action Type of the action: add|edit * @var bool update Do we display the form only * or did the user press submit * @var int forum_id When editing: the forum id, * when creating: the parent forum id * @var array row Array with current forum data * empty when creating new forum * @var array forum_data Array with new forum data * @var string parents_list List of parent options * @var array errors Array of errors, if you add errors * ensure to update the template variables * S_ERROR and ERROR_MSG to display it * @var array template_data Array with new forum data * @since 3.1.0-a1 */ $vars = array('action', 'update', 'forum_id', 'row', 'forum_data', 'parents_list', 'errors', 'template_data'); extract($phpbb_dispatcher->trigger_event('core.acp_manage_forums_display_form', compact($vars))); $template->assign_vars($template_data); return; break; case 'delete': if (!$forum_id) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $forum_data = $this->get_forum_info($forum_id); $subforums_id = array(); $subforums = get_forum_branch($forum_id, 'children'); foreach ($subforums as $row) { $subforums_id[] = $row['forum_id']; } $forums_list = make_forum_select($forum_data['parent_id'], $subforums_id); $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type = ' . FORUM_POST . "\n\t\t\t\t\t\tAND forum_id <> {$forum_id}"; $result = $db->sql_query_limit($sql, 1); if ($db->sql_fetchrow($result)) { $template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $subforums_id, false, true))); } $db->sql_freeresult($result); $parent_id = $this->parent_id == $forum_id ? 0 : $this->parent_id; $template->assign_vars(array('S_DELETE_FORUM' => true, 'U_ACTION' => $this->u_action . "&parent_id={$parent_id}&action=delete&f={$forum_id}", 'U_BACK' => $this->u_action . '&parent_id=' . $this->parent_id, 'FORUM_NAME' => $forum_data['forum_name'], 'S_FORUM_POST' => $forum_data['forum_type'] == FORUM_POST ? true : false, 'S_FORUM_LINK' => $forum_data['forum_type'] == FORUM_LINK ? true : false, 'S_HAS_SUBFORUMS' => $forum_data['right_id'] - $forum_data['left_id'] > 1 ? true : false, 'S_FORUMS_LIST' => $forums_list, 'S_ERROR' => sizeof($errors) ? true : false, 'ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '')); return; break; case 'copy_perm': $forum_perm_from = $request->variable('forum_perm_from', 0); // Copy permissions? if (!empty($forum_perm_from) && $forum_perm_from != $forum_id) { copy_forum_permissions($forum_perm_from, $forum_id, true); phpbb_cache_moderators($db, $cache, $auth); $auth->acl_clear_prefetch(); $cache->destroy('sql', FORUMS_TABLE); $acl_url = '&mode=setting_forum_local&forum_id[]=' . $forum_id; $message = $user->lang['FORUM_UPDATED']; // Redirect to permissions if ($auth->acl_get('a_fauth')) { $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url) . '">', '</a>'); } trigger_error($message . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } break; } // Default management page if (!$this->parent_id) { $navigation = $user->lang['FORUM_INDEX']; } else { $navigation = '<a href="' . $this->u_action . '">' . $user->lang['FORUM_INDEX'] . '</a>'; $forums_nav = get_forum_branch($this->parent_id, 'parents', 'descending'); foreach ($forums_nav as $row) { if ($row['forum_id'] == $this->parent_id) { $navigation .= ' -> ' . $row['forum_name']; } else { $navigation .= ' -> <a href="' . $this->u_action . '&parent_id=' . $row['forum_id'] . '">' . $row['forum_name'] . '</a>'; } } } // Jumpbox $forum_box = make_forum_select($this->parent_id, false, false, false, false); //make_forum_select($this->parent_id); if ($action == 'sync' || $action == 'sync_forum') { $template->assign_var('S_RESYNCED', true); } $sql = 'SELECT * FROM ' . FORUMS_TABLE . "\n\t\t\tWHERE parent_id = {$this->parent_id}\n\t\t\tORDER BY left_id"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { $forum_type = $row['forum_type']; if ($row['forum_status'] == ITEM_LOCKED) { $folder_image = '<img src="images/icon_folder_lock.gif" alt="' . $user->lang['LOCKED'] . '" />'; } else { switch ($forum_type) { case FORUM_LINK: $folder_image = '<img src="images/icon_folder_link.gif" alt="' . $user->lang['LINK'] . '" />'; break; default: $folder_image = $row['left_id'] + 1 != $row['right_id'] ? '<img src="images/icon_subfolder.gif" alt="' . $user->lang['SUBFORUM'] . '" />' : '<img src="images/icon_folder.gif" alt="' . $user->lang['FOLDER'] . '" />'; break; } } $url = $this->u_action . "&parent_id={$this->parent_id}&f={$row['forum_id']}"; $template->assign_block_vars('forums', array('FOLDER_IMAGE' => $folder_image, 'FORUM_IMAGE' => $row['forum_image'] ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="" />' : '', 'FORUM_IMAGE_SRC' => $row['forum_image'] ? $phpbb_root_path . $row['forum_image'] : '', 'FORUM_NAME' => $row['forum_name'], 'FORUM_DESCRIPTION' => generate_text_for_display($row['forum_desc'], $row['forum_desc_uid'], $row['forum_desc_bitfield'], $row['forum_desc_options']), 'FORUM_TOPICS' => $row['forum_topics_approved'], 'FORUM_POSTS' => $row['forum_posts_approved'], 'S_FORUM_LINK' => $forum_type == FORUM_LINK ? true : false, 'S_FORUM_POST' => $forum_type == FORUM_POST ? true : false, 'U_FORUM' => $this->u_action . '&parent_id=' . $row['forum_id'], 'U_MOVE_UP' => $url . '&action=move_up', 'U_MOVE_DOWN' => $url . '&action=move_down', 'U_EDIT' => $url . '&action=edit', 'U_DELETE' => $url . '&action=delete', 'U_SYNC' => $url . '&action=sync')); } while ($row = $db->sql_fetchrow($result)); } else { if ($this->parent_id) { $row = $this->get_forum_info($this->parent_id); $url = $this->u_action . '&parent_id=' . $this->parent_id . '&f=' . $row['forum_id']; $template->assign_vars(array('S_NO_FORUMS' => true, 'U_EDIT' => $url . '&action=edit', 'U_DELETE' => $url . '&action=delete', 'U_SYNC' => $url . '&action=sync')); } } $db->sql_freeresult($result); $template->assign_vars(array('ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '', 'NAVIGATION' => $navigation, 'FORUM_BOX' => $forum_box, 'U_SEL_ACTION' => $this->u_action, 'U_ACTION' => $this->u_action . '&parent_id=' . $this->parent_id, 'U_PROGRESS_BAR' => $this->u_action . '&action=progress_bar', 'UA_PROGRESS_BAR' => addslashes($this->u_action . '&action=progress_bar'))); }
/** * Ajax submit * * @param object $event The event object * @return array * @access public */ public function ajax_submit($event) { if ($this->config['qr_ajax_submit'] && $this->request->is_ajax() && $this->request->is_set_post('qr')) { $json_response = new \phpbb\json_response(); $data = $event['data']; if (!$this->auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state']) || isset($data['force_approved_state']) && !$data['force_approved_state']) { // No approve $json_response->send(array('noapprove' => true, 'MESSAGE_TITLE' => $this->user->lang['INFORMATION'], 'MESSAGE_TEXT' => $this->user->lang['POST_STORED_MOD'] . ($this->user->data['user_id'] == ANONYMOUS ? '' : ' ' . $this->user->lang['POST_APPROVAL_NOTIFY']), 'REFRESH_DATA' => array('time' => 10))); } $qr_cur_post_id = $this->request->variable('qr_cur_post_id', 0); $url_hash = strpos($event['url'], '#'); $result_url = $url_hash !== false ? substr($event['url'], 0, $url_hash) : $event['url']; $json_response->send(array('success' => true, 'url' => $result_url, 'merged' => $qr_cur_post_id === $data['post_id'] ? 'merged' : 'not_merged')); } }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $phpbb_container; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; global $request; include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx; include_once $phpbb_root_path . 'includes/acp/auth.' . $phpEx; $this->auth_admin = new auth_admin(); $user->add_lang('acp/permissions'); add_permission_language(); $this->tpl_name = 'acp_permission_roles'; $submit = isset($_POST['submit']) ? true : false; $role_id = request_var('role_id', 0); $action = request_var('action', ''); $action = isset($_POST['add']) ? 'add' : $action; $form_name = 'acp_permissions'; add_form_key($form_name); if (!$role_id && in_array($action, array('remove', 'edit', 'move_up', 'move_down'))) { trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } switch ($mode) { case 'admin_roles': $permission_type = 'a_'; $this->page_title = 'ACP_ADMIN_ROLES'; break; case 'user_roles': $permission_type = 'u_'; $this->page_title = 'ACP_USER_ROLES'; break; case 'mod_roles': $permission_type = 'm_'; $this->page_title = 'ACP_MOD_ROLES'; break; case 'forum_roles': $permission_type = 'f_'; $this->page_title = 'ACP_FORUM_ROLES'; break; default: trigger_error('NO_MODE', E_USER_ERROR); break; } $template->assign_vars(array('L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'])); // Take action... admin submitted something if ($submit || $action == 'remove') { switch ($action) { case 'remove': $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } if (confirm_box(true)) { $this->remove_role($role_id, $permission_type); $role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name); trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action)); } else { confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array('i' => $id, 'mode' => $mode, 'role_id' => $role_id, 'action' => $action))); } break; case 'edit': // Get role we edit $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } // no break; // no break; case 'add': if (!check_form_key($form_name)) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } $role_name = utf8_normalize_nfc(request_var('role_name', '', true)); $role_description = utf8_normalize_nfc(request_var('role_description', '', true)); $auth_settings = request_var('setting', array('' => 0)); if (!$role_name) { trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); } if (utf8_strlen($role_description) > 4000) { trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); } // if we add/edit a role we check the name to be unique among the settings... $sql = 'SELECT role_id FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\t\tAND role_name = '" . $db->sql_escape($role_name) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Make sure we only print out the error if we add the role or change it's name if ($row && ($mode == 'add' || $mode == 'edit' && $role_row['role_name'] != $role_name)) { trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING); } $sql_ary = array('role_name' => (string) $role_name, 'role_description' => (string) $role_description, 'role_type' => (string) $permission_type); if ($action == 'edit') { $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE role_id = ' . $role_id; $db->sql_query($sql); } else { // Get maximum role order for inserting a new role... $sql = 'SELECT MAX(role_order) as max_order FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'"; $result = $db->sql_query($sql); $max_order = (int) $db->sql_fetchfield('max_order'); $db->sql_freeresult($result); $sql_ary['role_order'] = $max_order + 1; $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql); $role_id = $db->sql_nextid(); } // Now add the auth settings $this->auth_admin->acl_set_role($role_id, $auth_settings); $role_name = !empty($user->lang[$role_name]) ? $user->lang[$role_name] : $role_name; add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name); trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action)); break; } } // Display screens switch ($action) { case 'add': $options_from = request_var('options_from', 0); $role_row = array('role_name' => utf8_normalize_nfc(request_var('role_name', '', true)), 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)), 'role_type' => $permission_type); if ($options_from) { $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o WHERE o.auth_option_id = p.auth_option_id AND p.role_id = ' . $options_from . ' ORDER BY p.auth_option_id'; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = $row['auth_setting']; } $db->sql_freeresult($result); } else { $sql = 'SELECT auth_option_id, auth_option FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "\n\t\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\t\tORDER BY auth_option_id"; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = ACL_NO; } $db->sql_freeresult($result); } // no break; // no break; case 'edit': if ($action == 'edit') { $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o WHERE o.auth_option_id = p.auth_option_id AND p.role_id = ' . $role_id . ' ORDER BY p.auth_option_id'; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = $row['auth_setting']; } $db->sql_freeresult($result); } if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } $phpbb_permissions = $phpbb_container->get('acl.permissions'); $template->assign_vars(array('S_EDIT' => true, 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}", 'U_BACK' => $this->u_action, 'ROLE_NAME' => $role_row['role_name'], 'ROLE_DESCRIPTION' => $role_row['role_description'], 'L_ACL_TYPE' => $phpbb_permissions->get_type_lang($permission_type))); // We need to fill the auth options array with ACL_NO options ;) $sql = 'SELECT auth_option_id, auth_option FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "\n\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\tORDER BY auth_option_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!isset($auth_options[$row['auth_option']])) { $auth_options[$row['auth_option']] = ACL_NO; } } $db->sql_freeresult($result); // Unset global permission option unset($auth_options[$permission_type]); // Display auth options $this->display_auth_options($auth_options); // Get users/groups/forums using this preset... if ($action == 'edit') { $hold_ary = $this->auth_admin->get_role_mask($role_id); if (sizeof($hold_ary)) { $role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; $template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true, 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))); $this->auth_admin->display_role_mask($hold_ary); } } return; break; case 'move_up': case 'move_down': $sql = 'SELECT role_order FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\tWHERE role_id = {$role_id}"; $result = $db->sql_query($sql); $order = $db->sql_fetchfield('role_order'); $db->sql_freeresult($result); if ($order === false || $order == 0 && $action == 'move_up') { break; } $order = (int) $order; $order_total = $order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' SET role_order = ' . $order_total . " - role_order\n\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\tAND role_order IN ({$order}, " . ($action == 'move_up' ? $order - 1 : $order + 1) . ')'; $db->sql_query($sql); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => (bool) $db->sql_affectedrows())); } break; } // By default, check that role_order is valid and fix it if necessary $sql = 'SELECT role_id, role_order FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $order = 0; do { $order++; if ($row['role_order'] != $order) { $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = {$order} WHERE role_id = {$row['role_id']}"); } } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); // Display assigned items? $display_item = request_var('display_item', 0); // Select existing roles $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC"; $result = $db->sql_query($sql); $s_role_options = ''; while ($row = $db->sql_fetchrow($result)) { $role_name = !empty($user->lang[$row['role_name']]) ? $user->lang[$row['role_name']] : $row['role_name']; $template->assign_block_vars('roles', array('ROLE_NAME' => $role_name, 'ROLE_DESCRIPTION' => !empty($user->lang[$row['role_description']]) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'], 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'], 'U_MOVE_UP' => $this->u_action . '&action=move_up&role_id=' . $row['role_id'], 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&role_id=' . $row['role_id'], 'U_DISPLAY_ITEMS' => $row['role_id'] == $display_item ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to')); $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>'; if ($display_item == $row['role_id']) { $template->assign_vars(array('L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))); } } $db->sql_freeresult($result); $template->assign_vars(array('S_ROLE_OPTIONS' => $s_role_options)); if ($display_item) { $template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true)); $hold_ary = $this->auth_admin->get_role_mask($display_item); $this->auth_admin->display_role_mask($hold_ary); } }
/** * Output the response. * @param array $data The name of the extension and the status of the process. * The text of the error can also be provided if the status is 'error'. */ protected static function response(array $data) { if (objects::$is_ajax) { $output = new \phpbb\json_response(); $output->send($data); } else { if ($data['status'] !== 'error') { load::details($data['ext_name'], $data['status']); } else { files::catch_errors($data['error']); } } }
/** * Move a rule up/down * * @param int $rule_id The rule identifier to move * @param string $direction The direction (up|down) * @param int $amount The number of places to move the rule * @return null * @access public */ public function move_rule($rule_id, $direction, $amount = 1) { // If the link hash is invalid, stop and show an error message to the user if (!check_link_hash($this->request->variable('hash', ''), $direction . $rule_id)) { trigger_error($this->user->lang('FORM_INVALID') . adm_back_link($this->u_action), E_USER_WARNING); } // Move the rule $this->rule_operator->move($rule_id, $direction, $amount); // Send a JSON response if an AJAX request was used if ($this->request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => true)); } // Initiate and load the rule entity for no AJAX request /* @var $entity \phpbb\boardrules\entity\rule */ $entity = $this->container->get('phpbb.boardrules.entity')->load($rule_id); // Use a redirect to reload the current page redirect("{$this->u_action}&language={$entity->get_language()}&parent_id={$entity->get_parent_id()}"); }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $request, $phpbb_dispatcher; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; $user->add_lang('acp/posting'); // Set up general vars $action = request_var('action', ''); $bbcode_id = request_var('bbcode', 0); $this->tpl_name = 'acp_bbcodes'; $this->page_title = 'ACP_BBCODES'; $form_key = 'acp_bbcodes'; add_form_key($form_key); // Set up mode-specific vars switch ($action) { case 'add': $bbcode_match = $bbcode_tpl = $bbcode_helpline = ''; $display_on_posting = 0; break; case 'edit': $sql = 'SELECT bbcode_match, bbcode_tpl, display_on_posting, bbcode_helpline FROM ' . BBCODES_TABLE . ' WHERE bbcode_id = ' . $bbcode_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); } $bbcode_match = $row['bbcode_match']; $bbcode_tpl = htmlspecialchars($row['bbcode_tpl']); $display_on_posting = $row['display_on_posting']; $bbcode_helpline = $row['bbcode_helpline']; break; case 'modify': $sql = 'SELECT bbcode_id, bbcode_tag FROM ' . BBCODES_TABLE . ' WHERE bbcode_id = ' . $bbcode_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); } // No break here // No break here case 'create': $display_on_posting = request_var('display_on_posting', 0); $bbcode_match = request_var('bbcode_match', ''); $bbcode_tpl = htmlspecialchars_decode(utf8_normalize_nfc(request_var('bbcode_tpl', '', true))); $bbcode_helpline = utf8_normalize_nfc(request_var('bbcode_helpline', '', true)); break; } // Do major work switch ($action) { case 'edit': case 'add': $tpl_ary = array('S_EDIT_BBCODE' => true, 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=' . ($action == 'add' ? 'create' : 'modify') . ($bbcode_id ? "&bbcode={$bbcode_id}" : ''), 'L_BBCODE_USAGE_EXPLAIN' => sprintf($user->lang['BBCODE_USAGE_EXPLAIN'], '<a href="#down">', '</a>'), 'BBCODE_MATCH' => $bbcode_match, 'BBCODE_TPL' => $bbcode_tpl, 'BBCODE_HELPLINE' => $bbcode_helpline, 'DISPLAY_ON_POSTING' => $display_on_posting); $bbcode_tokens = array('TEXT', 'SIMPLETEXT', 'INTTEXT', 'IDENTIFIER', 'NUMBER', 'EMAIL', 'URL', 'LOCAL_URL', 'RELATIVE_URL', 'COLOR'); /** * Modify custom bbcode template data before we display the add/edit form * * @event core.acp_bbcodes_edit_add * @var string action Type of the action: add|edit * @var array tpl_ary Array with custom bbcode add/edit data * @var int bbcode_id When editing: the bbcode id, * when creating: 0 * @var array bbcode_tokens Array of bbcode tokens * @since 3.1.0-a3 */ $vars = array('action', 'tpl_ary', 'bbcode_id', 'bbcode_tokens'); extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_edit_add', compact($vars))); $template->assign_vars($tpl_ary); foreach ($bbcode_tokens as $token) { $template->assign_block_vars('token', array('TOKEN' => '{' . $token . '}', 'EXPLAIN' => $token === 'LOCAL_URL' ? $user->lang(array('tokens', $token), generate_board_url() . '/') : $user->lang(array('tokens', $token)))); } return; break; case 'modify': case 'create': $sql_ary = $hidden_fields = array(); /** * Modify custom bbcode data before the modify/create action * * @event core.acp_bbcodes_modify_create * @var string action Type of the action: modify|create * @var array sql_ary Array with new bbcode data * @var int bbcode_id When editing: the bbcode id, * when creating: 0 * @var bool display_on_posting Display bbcode on posting form * @var string bbcode_match The bbcode usage string to match * @var string bbcode_tpl The bbcode HTML replacement string * @var string bbcode_helpline The bbcode help line string * @var array hidden_fields Array of hidden fields for use when * submitting form when $warn_text is true * @since 3.1.0-a3 */ $vars = array('action', 'sql_ary', 'bbcode_id', 'display_on_posting', 'bbcode_match', 'bbcode_tpl', 'bbcode_helpline', 'hidden_fields'); extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_modify_create', compact($vars))); $warn_text = preg_match('%<[^>]*\\{text[\\d]*\\}[^>]*>%i', $bbcode_tpl); if (!$warn_text || confirm_box(true)) { $data = $this->build_regexp($bbcode_match, $bbcode_tpl); // Make sure the user didn't pick a "bad" name for the BBCode tag. $hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash='); if ($action == 'modify' && strtolower($data['bbcode_tag']) !== strtolower($row['bbcode_tag']) || $action == 'create') { $sql = 'SELECT 1 as test FROM ' . BBCODES_TABLE . "\n\t\t\t\t\t\t\tWHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'"; $result = $db->sql_query($sql); $info = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Grab the end, interrogate the last closing tag if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded) || preg_match('#\\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded)) { trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING); } } if (substr($data['bbcode_tag'], -1) === '=') { $test = substr($data['bbcode_tag'], 0, -1); } else { $test = $data['bbcode_tag']; } if (!preg_match('%\\[' . $test . '[^]]*].*?\\[/' . $test . ']%s', $bbcode_match)) { trigger_error($user->lang['BBCODE_OPEN_ENDED_TAG'] . adm_back_link($this->u_action), E_USER_WARNING); } if (strlen($data['bbcode_tag']) > 16) { trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); } if (strlen($bbcode_match) > 4000) { trigger_error($user->lang['BBCODE_TAG_DEF_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); } if (strlen($bbcode_helpline) > 255) { trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql_ary = array_merge($sql_ary, array('bbcode_tag' => $data['bbcode_tag'], 'bbcode_match' => $bbcode_match, 'bbcode_tpl' => $bbcode_tpl, 'display_on_posting' => $display_on_posting, 'bbcode_helpline' => $bbcode_helpline, 'first_pass_match' => $data['first_pass_match'], 'first_pass_replace' => $data['first_pass_replace'], 'second_pass_match' => $data['second_pass_match'], 'second_pass_replace' => $data['second_pass_replace'])); if ($action == 'create') { $sql = 'SELECT MAX(bbcode_id) as max_bbcode_id FROM ' . BBCODES_TABLE; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { $bbcode_id = $row['max_bbcode_id'] + 1; // Make sure it is greater than the core bbcode ids... if ($bbcode_id <= NUM_CORE_BBCODES) { $bbcode_id = NUM_CORE_BBCODES + 1; } } else { $bbcode_id = NUM_CORE_BBCODES + 1; } if ($bbcode_id > BBCODE_LIMIT) { trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql_ary['bbcode_id'] = (int) $bbcode_id; $db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary)); $cache->destroy('sql', BBCODES_TABLE); $lang = 'BBCODE_ADDED'; $log_action = 'LOG_BBCODE_ADD'; } else { $sql = 'UPDATE ' . BBCODES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE bbcode_id = ' . $bbcode_id; $db->sql_query($sql); $cache->destroy('sql', BBCODES_TABLE); $lang = 'BBCODE_EDITED'; $log_action = 'LOG_BBCODE_EDIT'; } add_log('admin', $log_action, $data['bbcode_tag']); trigger_error($user->lang[$lang] . adm_back_link($this->u_action)); } else { confirm_box(false, $user->lang['BBCODE_DANGER'], build_hidden_fields(array_merge($hidden_fields, array('action' => $action, 'bbcode' => $bbcode_id, 'bbcode_match' => $bbcode_match, 'bbcode_tpl' => htmlspecialchars($bbcode_tpl), 'bbcode_helpline' => $bbcode_helpline, 'display_on_posting' => $display_on_posting))), 'confirm_bbcode.html'); } break; case 'delete': $sql = 'SELECT bbcode_tag FROM ' . BBCODES_TABLE . "\n\t\t\t\t\tWHERE bbcode_id = {$bbcode_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { if (confirm_box(true)) { $db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = {$bbcode_id}"); $cache->destroy('sql', BBCODES_TABLE); add_log('admin', 'LOG_BBCODE_DELETE', $row['bbcode_tag']); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['BBCODE_DELETED'], 'REFRESH_DATA' => array('time' => 3))); } } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('bbcode' => $bbcode_id, 'i' => $id, 'mode' => $mode, 'action' => $action))); } } break; } $u_action = $this->u_action; $template_data = array('U_ACTION' => $this->u_action . '&action=add'); $sql_ary = array('SELECT' => 'b.*', 'FROM' => array(BBCODES_TABLE => 'b'), 'ORDER_BY' => 'b.bbcode_tag'); /** * Modify custom bbcode template data before we display the form * * @event core.acp_bbcodes_display_form * @var string action Type of the action: modify|create * @var string sql_ary The SQL array to get custom bbcode data * @var array template_data Array with form template data * @var string u_action The u_action link * @since 3.1.0-a3 */ $vars = array('action', 'sql_ary', 'template_data', 'u_action'); extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_display_form', compact($vars))); $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary)); $template->assign_vars($template_data); while ($row = $db->sql_fetchrow($result)) { $bbcodes_array = array('BBCODE_TAG' => $row['bbcode_tag'], 'U_EDIT' => $u_action . '&action=edit&bbcode=' . $row['bbcode_id'], 'U_DELETE' => $u_action . '&action=delete&bbcode=' . $row['bbcode_id']); /** * Modify display of custom bbcodes in the form * * @event core.acp_bbcodes_display_bbcodes * @var array row Array with current bbcode data * @var array bbcodes_array Array of bbcodes template data * @var string u_action The u_action link * @since 3.1.0-a3 */ $vars = array('bbcodes_array', 'row', 'u_action'); extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_display_bbcodes', compact($vars))); $template->assign_block_vars('bbcodes', $bbcodes_array); } $db->sql_freeresult($result); }
function main($id, $mode) { global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config, $request; if (!$user->data['is_registered']) { trigger_error('NO_MESSAGE'); } // Is PM disabled? if (!$config['allow_privmsg']) { trigger_error('PM_DISABLED'); } $user->add_lang('posting'); $template->assign_var('S_PRIVMSGS', true); // Folder directly specified? $folder_specified = $request->variable('folder', ''); if (!in_array($folder_specified, array('inbox', 'outbox', 'sentbox'))) { $folder_specified = (int) $folder_specified; } else { $folder_specified = $folder_specified == 'inbox' ? PRIVMSGS_INBOX : ($folder_specified == 'outbox' ? PRIVMSGS_OUTBOX : PRIVMSGS_SENTBOX); } if (!$folder_specified) { $mode = !$mode ? $request->variable('mode', 'view') : $mode; } else { $mode = 'view'; } include $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; switch ($mode) { // Compose message case 'compose': $action = $request->variable('action', 'post'); $user_folders = get_folder($user->data['user_id']); if ($action != 'delete' && !$auth->acl_get('u_sendpm')) { // trigger_error('NO_AUTH_SEND_MESSAGE'); $template->assign_vars(array('S_NO_AUTH_SEND_MESSAGE' => true, 'S_COMPOSE_PM_VIEW' => true)); $tpl_file = 'ucp_pm_viewfolder'; break; } include $phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx; compose_pm($id, $mode, $action, $user_folders); $tpl_file = 'posting_body'; break; case 'options': set_user_message_limit(); get_folder($user->data['user_id']); include $phpbb_root_path . 'includes/ucp/ucp_pm_options.' . $phpEx; message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions); $tpl_file = 'ucp_pm_options'; break; case 'drafts': get_folder($user->data['user_id']); $this->p_name = 'pm'; // Call another module... please do not try this at home... Hoochie Coochie Man include $phpbb_root_path . 'includes/ucp/ucp_main.' . $phpEx; $module = new ucp_main($this); $module->u_action = $this->u_action; $module->main($id, $mode); $this->tpl_name = $module->tpl_name; $this->page_title = 'UCP_PM_DRAFTS'; unset($module); return; break; case 'view': set_user_message_limit(); if ($folder_specified) { $folder_id = $folder_specified; $action = 'view_folder'; } else { $folder_id = $request->variable('f', PRIVMSGS_NO_BOX); $action = $request->variable('action', 'view_folder'); } $msg_id = $request->variable('p', 0); $view = $request->variable('view', ''); // View message if specified if ($msg_id) { $action = 'view_message'; } if (!$auth->acl_get('u_readpm')) { trigger_error('NO_AUTH_READ_MESSAGE'); } // Do not allow hold messages to be seen if ($folder_id == PRIVMSGS_HOLD_BOX) { trigger_error('NO_AUTH_READ_HOLD_MESSAGE'); } // First Handle Mark actions and moving messages $submit_mark = isset($_POST['submit_mark']) ? true : false; $move_pm = isset($_POST['move_pm']) ? true : false; $mark_option = $request->variable('mark_option', ''); $dest_folder = $request->variable('dest_folder', PRIVMSGS_NO_BOX); // Is moving PM triggered through mark options? if (!in_array($mark_option, array('mark_important', 'delete_marked')) && $submit_mark) { $move_pm = true; $dest_folder = (int) $mark_option; $submit_mark = false; } // Move PM if ($move_pm) { $move_msg_ids = isset($_POST['marked_msg_id']) ? $request->variable('marked_msg_id', array(0)) : array(); $cur_folder_id = $request->variable('cur_folder_id', PRIVMSGS_NO_BOX); if (move_pm($user->data['user_id'], $user->data['message_limit'], $move_msg_ids, $dest_folder, $cur_folder_id)) { // Return to folder view if single message moved if ($action == 'view_message') { $msg_id = 0; $folder_id = $request->variable('cur_folder_id', PRIVMSGS_NO_BOX); $action = 'view_folder'; } } } // Message Mark Options if ($submit_mark) { handle_mark_actions($user->data['user_id'], $mark_option); } // If new messages arrived, place them into the appropriate folder $num_not_moved = $num_removed = 0; $release = $request->variable('release', 0); if ($user->data['user_new_privmsg'] && ($action == 'view_folder' || $action == 'view_message')) { $return = place_pm_into_folder($global_privmsgs_rules, $release); $num_not_moved = $return['not_moved']; $num_removed = $return['removed']; } if (!$msg_id && $folder_id == PRIVMSGS_NO_BOX) { $folder_id = PRIVMSGS_INBOX; } else { if ($msg_id && $folder_id == PRIVMSGS_NO_BOX) { $sql = 'SELECT folder_id FROM ' . PRIVMSGS_TO_TABLE . "\n\t\t\t\t\t\tWHERE msg_id = {$msg_id}\n\t\t\t\t\t\t\tAND folder_id <> " . PRIVMSGS_NO_BOX . ' AND user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_MESSAGE'); } $folder_id = (int) $row['folder_id']; } } if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read')) { mark_folder_read($user->data['user_id'], $folder_id); meta_refresh(3, $this->u_action); $message = $user->lang['PM_MARK_ALL_READ_SUCCESS']; if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'success' => true)); } $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } $message_row = array(); if ($action == 'view_message' && $msg_id) { // Get Message user want to see if ($view == 'next' || $view == 'previous') { $sql_condition = $view == 'next' ? '>' : '<'; $sql_ordering = $view == 'next' ? 'ASC' : 'DESC'; $sql = 'SELECT t.msg_id FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TABLE . " p2\n\t\t\t\t\t\t\tWHERE p2.msg_id = {$msg_id}\n\t\t\t\t\t\t\t\tAND t.folder_id = {$folder_id}\n\t\t\t\t\t\t\t\tAND t.user_id = " . $user->data['user_id'] . "\n\t\t\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\t\t\tAND p.message_time {$sql_condition} p2.message_time\n\t\t\t\t\t\t\tORDER BY p.message_time {$sql_ordering}"; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { $message = $view == 'next' ? 'NO_NEWER_PM' : 'NO_OLDER_PM'; trigger_error($message); } else { $msg_id = $row['msg_id']; } } $sql = 'SELECT t.*, p.*, u.* FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\t\tAND t.folder_id = {$folder_id}\n\t\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\t\tAND p.msg_id = {$msg_id}"; $result = $db->sql_query($sql); $message_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$message_row) { trigger_error('NO_MESSAGE'); } // Update unread status update_unread_status($message_row['pm_unread'], $message_row['msg_id'], $user->data['user_id'], $folder_id); } $folder = get_folder($user->data['user_id'], $folder_id); $s_folder_options = $s_to_folder_options = ''; foreach ($folder as $f_id => $folder_ary) { $option = '<option' . (!in_array($f_id, array(PRIVMSGS_INBOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX)) ? ' class="sep"' : '') . ' value="' . $f_id . '"' . ($f_id == $folder_id ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ($folder_ary['unread_messages'] ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . '</option>'; $s_to_folder_options .= $f_id != PRIVMSGS_OUTBOX && $f_id != PRIVMSGS_SENTBOX ? $option : ''; $s_folder_options .= $option; } clean_sentbox($folder[PRIVMSGS_SENTBOX]['num_messages']); // Header for message view - folder and so on $folder_status = get_folder_status($folder_id, $folder); $template->assign_vars(array('CUR_FOLDER_ID' => $folder_id, 'CUR_FOLDER_NAME' => $folder_status['folder_name'], 'NUM_NOT_MOVED' => $num_not_moved, 'NUM_REMOVED' => $num_removed, 'RELEASE_MESSAGE_INFO' => sprintf($user->lang['RELEASE_MESSAGES'], '<a href="' . $this->u_action . '&folder=' . $folder_id . '&release=1">', '</a>'), 'NOT_MOVED_MESSAGES' => $user->lang('NOT_MOVED_MESSAGES', (int) $num_not_moved), 'RULE_REMOVED_MESSAGES' => $user->lang('RULE_REMOVED_MESSAGES', (int) $num_removed), 'S_FOLDER_OPTIONS' => $s_folder_options, 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, 'S_FOLDER_ACTION' => $this->u_action . '&action=view_folder', 'S_PM_ACTION' => $this->u_action . '&action=' . $action, 'U_INBOX' => $this->u_action . '&folder=inbox', 'U_OUTBOX' => $this->u_action . '&folder=outbox', 'U_SENTBOX' => $this->u_action . '&folder=sentbox', 'U_CREATE_FOLDER' => $this->u_action . '&mode=options', 'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id, 'U_MARK_ALL' => $this->u_action . '&folder=' . $folder_id . '&mark=all&token=' . generate_link_hash('mark_all_pms_read'), 'S_IN_INBOX' => $folder_id == PRIVMSGS_INBOX ? true : false, 'S_IN_OUTBOX' => $folder_id == PRIVMSGS_OUTBOX ? true : false, 'S_IN_SENTBOX' => $folder_id == PRIVMSGS_SENTBOX ? true : false, 'FOLDER_STATUS' => $folder_status['message'], 'FOLDER_MAX_MESSAGES' => $folder_status['max'], 'FOLDER_CUR_MESSAGES' => $folder_status['cur'], 'FOLDER_REMAINING_MESSAGES' => $folder_status['remaining'], 'FOLDER_PERCENT' => $folder_status['percent'])); if ($action == 'view_folder') { include $phpbb_root_path . 'includes/ucp/ucp_pm_viewfolder.' . $phpEx; view_folder($id, $mode, $folder_id, $folder); $tpl_file = 'ucp_pm_viewfolder'; } else { if ($action == 'view_message') { $template->assign_vars(array('S_VIEW_MESSAGE' => true, 'L_RETURN_TO_FOLDER' => $user->lang('RETURN_TO', $folder_status['folder_name']), 'MSG_ID' => $msg_id)); if (!$msg_id) { trigger_error('NO_MESSAGE'); } include $phpbb_root_path . 'includes/ucp/ucp_pm_viewmessage.' . $phpEx; view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row); $tpl_file = $view == 'print' ? 'ucp_pm_viewmessage_print' : 'ucp_pm_viewmessage'; } } break; default: trigger_error('NO_ACTION_MODE', E_USER_ERROR); break; } $template->assign_vars(array('L_TITLE' => $user->lang['UCP_PM_' . strtoupper($mode)], 'S_UCP_ACTION' => $this->u_action . (isset($action) ? "&action={$action}" : ''))); // Set desired template $this->tpl_name = $tpl_file; $this->page_title = 'UCP_PM_' . strtoupper($mode); }
/** * Sends an error message back to the client via JSON response * * @param int $code The error code * @param string $msg The translation string of the message to be sent * * @return null */ public function emit_error($code, $msg) { $json_response = new \phpbb\json_response(); $json_response->send(array('jsonrpc' => '2.0', 'id' => 'id', 'error' => array('code' => $code, 'message' => $this->user->lang($msg)))); }
* form submission. * NOTE: Should be actual language strings, NOT * language keys. * @var bool is_authed Does the user have the required permissions? * @since 3.1.3-RC1 */ $vars = array('post_id', 'topic_id', 'forum_id', 'draft_id', 'lastclick', 'submit', 'preview', 'save', 'load', 'refresh', 'mode', 'error', 'is_authed'); extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars))); if (!$is_authed) { $check_auth = $mode == 'quote' ? 'reply' : $mode; if ($user->data['is_registered']) { trigger_error('USER_CANNOT_' . strtoupper($check_auth)); } $message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]; if ($request->is_ajax()) { $json = new phpbb\json_response(); $json->send(array('title' => $user->lang['INFORMATION'], 'message' => $message)); } login_box('', $message); } // Is the user able to post within this forum? if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) { trigger_error('USER_CANNOT_FORUM_POST'); } // Forum/Topic locked? if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) { trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); } // Can we edit this post ... if we're a moderator with rights then always yes // else it depends on editing times, lock status and if we're the correct user if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) {
/** * Update BBCode order fields in the db on drag_drop * * @return null * @access public */ public function drag_drop() { if (!$this->request->is_ajax()) { return; } // Get the bbcodes html table's name $tablename = $this->request->variable('tablename', ''); // Fetch the posted list $bbcodes_list = $this->request->variable($tablename, array(0 => '')); $this->db->sql_transaction('begin'); // Run through the list foreach ($bbcodes_list as $order => $bbcode_id) { // First one is the header, skip it if ($order == 0) { continue; } // Update the db $sql = 'UPDATE ' . BBCODES_TABLE . ' SET bbcode_order = ' . $order . ' WHERE bbcode_id = ' . (int) $bbcode_id; $this->db->sql_query($sql); } $this->db->sql_transaction('commit'); // Resync bbcode_order $this->resynchronize_bbcode_order(); // return an AJAX JSON response $json_response = new \phpbb\json_response(); $json_response->send(array('success' => true)); }
function main($id, $mode) { global $db, $user, $template, $cache; global $config, $phpbb_root_path; global $request, $phpbb_container; $user->add_lang('acp/posting'); // Set up general vars $action = $request->variable('action', ''); $action = isset($_POST['add']) ? 'add' : $action; $action = isset($_POST['edit']) ? 'edit' : $action; $action = isset($_POST['import']) ? 'import' : $action; $icon_id = $request->variable('id', 0); $submit = $request->is_set_post('submit', false); $form_key = 'acp_icons'; add_form_key($form_key); $mode = $mode == 'smilies' ? 'smilies' : 'icons'; $this->tpl_name = 'acp_icons'; // What are we working on? switch ($mode) { case 'smilies': $table = SMILIES_TABLE; $lang = 'SMILIES'; $fields = 'smiley'; $img_path = $config['smilies_path']; break; case 'icons': $table = ICONS_TABLE; $lang = 'ICONS'; $fields = 'icons'; $img_path = $config['icons_path']; break; } $this->page_title = 'ACP_' . $lang; // Clear some arrays $_images = $_paks = array(); $notice = ''; // Grab file list of paks and images if ($action == 'edit' || $action == 'add' || $action == 'import') { $imglist = filelist($phpbb_root_path . $img_path, ''); foreach ($imglist as $path => $img_ary) { if (empty($img_ary)) { continue; } asort($img_ary, SORT_STRING); foreach ($img_ary as $img) { $img_size = getimagesize($phpbb_root_path . $img_path . '/' . $path . $img); if (!$img_size[0] || !$img_size[1] || strlen($img) > 255) { continue; } // adjust the width and height to be lower than 128px while perserving the aspect ratio (for icons) if ($mode == 'icons') { if ($img_size[0] > 127 && $img_size[0] > $img_size[1]) { $img_size[1] = (int) ($img_size[1] * (127 / $img_size[0])); $img_size[0] = 127; } else { if ($img_size[1] > 127) { $img_size[0] = (int) ($img_size[0] * (127 / $img_size[1])); $img_size[1] = 127; } } } $_images[$path . $img]['file'] = $path . $img; $_images[$path . $img]['width'] = $img_size[0]; $_images[$path . $img]['height'] = $img_size[1]; } } unset($imglist); if ($dir = @opendir($phpbb_root_path . $img_path)) { while (($file = readdir($dir)) !== false) { if (is_file($phpbb_root_path . $img_path . '/' . $file) && preg_match('#\\.pak$#i', $file)) { $_paks[] = $file; } } closedir($dir); if (!empty($_paks)) { asort($_paks, SORT_STRING); } } } // What shall we do today? Oops, I believe that's trademarked ... switch ($action) { case 'edit': unset($_images); $_images = array(); // no break; // no break; case 'add': $smilies = $default_row = array(); $smiley_options = $order_list = $add_order_list = ''; if ($action == 'add' && $mode == 'smilies') { $sql = 'SELECT * FROM ' . SMILIES_TABLE . ' ORDER BY smiley_order'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (empty($smilies[$row['smiley_url']])) { $smilies[$row['smiley_url']] = $row; } } $db->sql_freeresult($result); if (sizeof($smilies)) { foreach ($smilies as $row) { $selected = false; if (!$smiley_options) { $selected = true; $default_row = $row; } $smiley_options .= '<option value="' . $row['smiley_url'] . '"' . ($selected ? ' selected="selected"' : '') . '>' . $row['smiley_url'] . '</option>'; $template->assign_block_vars('smile', array('SMILEY_URL' => addslashes($row['smiley_url']), 'CODE' => addslashes($row['code']), 'EMOTION' => addslashes($row['emotion']), 'WIDTH' => $row['smiley_width'], 'HEIGHT' => $row['smiley_height'], 'ORDER' => $row['smiley_order'] + 1)); } } } $sql = "SELECT *\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tORDER BY {$fields}_order " . ($icon_id || $action == 'add' ? 'DESC' : 'ASC'); $result = $db->sql_query($sql); $data = array(); $after = false; $order_lists = array('', ''); $add_order_lists = array('', ''); $display_count = 0; while ($row = $db->sql_fetchrow($result)) { if ($action == 'add') { unset($_images[$row[$fields . '_url']]); } if ($row[$fields . '_id'] == $icon_id) { $after = true; $data[$row[$fields . '_url']] = $row; } else { if ($action == 'edit' && !$icon_id) { $data[$row[$fields . '_url']] = $row; } $selected = ''; if (!empty($after)) { $selected = ' selected="selected"'; $after = false; } if ($row['display_on_posting']) { $display_count++; } $after_txt = $mode == 'smilies' ? $row['code'] : $row['icons_url']; $order_lists[$row['display_on_posting']] = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . $selected . '>' . sprintf($user->lang['AFTER_' . $lang], ' -> ' . $after_txt) . '</option>' . $order_lists[$row['display_on_posting']]; if (!empty($default_row)) { $add_order_lists[$row['display_on_posting']] = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . ($row[$fields . '_id'] == $default_row['smiley_id'] ? ' selected="selected"' : '') . '>' . sprintf($user->lang['AFTER_' . $lang], ' -> ' . $after_txt) . '</option>' . $add_order_lists[$row['display_on_posting']]; } } } $db->sql_freeresult($result); $order_list = '<option value="1"' . (!isset($after) ? ' selected="selected"' : '') . '>' . $user->lang['FIRST'] . '</option>'; $add_order_list = '<option value="1">' . $user->lang['FIRST'] . '</option>'; if ($action == 'add') { $data = $_images; } $colspan = $mode == 'smilies' ? 7 : 6; $colspan += $icon_id ? 1 : 0; $colspan += $action == 'add' ? 2 : 0; $template->assign_vars(array('S_EDIT' => true, 'S_SMILIES' => $mode == 'smilies' ? true : false, 'S_ADD' => $action == 'add' ? true : false, 'S_ORDER_LIST_DISPLAY' => $order_list . $order_lists[1], 'S_ORDER_LIST_UNDISPLAY' => $order_list . $order_lists[0], 'S_ORDER_LIST_DISPLAY_COUNT' => $display_count + 1, 'L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_CONFIG' => $user->lang[$lang . '_CONFIG'], 'L_URL' => $user->lang[$lang . '_URL'], 'L_LOCATION' => $user->lang[$lang . '_LOCATION'], 'L_WIDTH' => $user->lang[$lang . '_WIDTH'], 'L_HEIGHT' => $user->lang[$lang . '_HEIGHT'], 'L_ORDER' => $user->lang[$lang . '_ORDER'], 'L_NO_ICONS' => $user->lang['NO_' . $lang . '_' . strtoupper($action)], 'COLSPAN' => $colspan, 'ID' => $icon_id, 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=' . ($action == 'add' ? 'create' : 'modify'))); foreach ($data as $img => $img_row) { $template->assign_block_vars('items', array('IMG' => $img, 'A_IMG' => addslashes($img), 'IMG_SRC' => $phpbb_root_path . $img_path . '/' . $img, 'CODE' => $mode == 'smilies' && isset($img_row['code']) ? $img_row['code'] : '', 'EMOTION' => $mode == 'smilies' && isset($img_row['emotion']) ? $img_row['emotion'] : '', 'S_ID' => isset($img_row[$fields . '_id']) ? true : false, 'ID' => isset($img_row[$fields . '_id']) ? $img_row[$fields . '_id'] : 0, 'WIDTH' => !empty($img_row[$fields . '_width']) ? $img_row[$fields . '_width'] : $img_row['width'], 'HEIGHT' => !empty($img_row[$fields . '_height']) ? $img_row[$fields . '_height'] : $img_row['height'], 'TEXT_ALT' => $mode == 'icons' && !empty($img_row['icons_alt']) ? $img_row['icons_alt'] : $img, 'ALT' => $mode == 'icons' && !empty($img_row['icons_alt']) ? $img_row['icons_alt'] : '', 'POSTING_CHECKED' => !empty($img_row['display_on_posting']) || $action == 'add' ? ' checked="checked"' : '')); } // Ok, another row for adding an addition code for a pre-existing image... if ($action == 'add' && $mode == 'smilies' && sizeof($smilies)) { $template->assign_vars(array('S_ADD_CODE' => true, 'S_IMG_OPTIONS' => $smiley_options, 'S_ADD_ORDER_LIST_DISPLAY' => $add_order_list . $add_order_lists[1], 'S_ADD_ORDER_LIST_UNDISPLAY' => $add_order_list . $add_order_lists[0], 'IMG_SRC' => $phpbb_root_path . $img_path . '/' . $default_row['smiley_url'], 'IMG_PATH' => $img_path, 'CODE' => $default_row['code'], 'EMOTION' => $default_row['emotion'], 'WIDTH' => $default_row['smiley_width'], 'HEIGHT' => $default_row['smiley_height'])); } return; break; case 'create': case 'modify': if (!check_form_key($form_key)) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } // Get items to create/modify $images = isset($_POST['image']) ? array_keys($request->variable('image', array('' => 0))) : array(); // Now really get the items $image_id = isset($_POST['id']) ? $request->variable('id', array('' => 0)) : array(); $image_order = isset($_POST['order']) ? $request->variable('order', array('' => 0)) : array(); $image_width = isset($_POST['width']) ? $request->variable('width', array('' => 0)) : array(); $image_height = isset($_POST['height']) ? $request->variable('height', array('' => 0)) : array(); $image_add = isset($_POST['add_img']) ? $request->variable('add_img', array('' => 0)) : array(); $image_emotion = $request->variable('emotion', array('' => ''), true); $image_code = $request->variable('code', array('' => ''), true); $image_alt = $request->is_set_post('alt') ? $request->variable('alt', array('' => ''), true) : array(); $image_display_on_posting = isset($_POST['display_on_posting']) ? $request->variable('display_on_posting', array('' => 0)) : array(); // Ok, add the relevant bits if we are adding new codes to existing emoticons... if ($request->variable('add_additional_code', false, false, \phpbb\request\request_interface::POST)) { $add_image = $request->variable('add_image', ''); $add_code = $request->variable('add_code', '', true); $add_emotion = $request->variable('add_emotion', '', true); if ($add_image && $add_emotion && $add_code) { $images[] = $add_image; $image_add[$add_image] = true; $image_code[$add_image] = $add_code; $image_emotion[$add_image] = $add_emotion; $image_width[$add_image] = $request->variable('add_width', 0); $image_height[$add_image] = $request->variable('add_height', 0); if ($request->variable('add_display_on_posting', false, false, \phpbb\request\request_interface::POST)) { $image_display_on_posting[$add_image] = 1; } $image_order[$add_image] = $request->variable('add_order', 0); } } if ($mode == 'smilies' && $action == 'create') { $smiley_count = $this->item_count($table); $addable_smileys_count = sizeof($images); foreach ($images as $image) { if (!isset($image_add[$image])) { --$addable_smileys_count; } } if ($smiley_count + $addable_smileys_count > SMILEY_LIMIT) { trigger_error($user->lang('TOO_MANY_SMILIES', SMILEY_LIMIT) . adm_back_link($this->u_action), E_USER_WARNING); } } $icons_updated = 0; $errors = array(); foreach ($images as $image) { if ($mode == 'smilies' && ($image_emotion[$image] == '' || $image_code[$image] == '')) { $errors[$image] = 'SMILIE_NO_' . ($image_emotion[$image] == '' ? 'EMOTION' : 'CODE'); } else { if ($action == 'create' && !isset($image_add[$image])) { // skip images where add wasn't checked } else { if (!file_exists($phpbb_root_path . $img_path . '/' . $image)) { $errors[$image] = 'SMILIE_NO_FILE'; } else { if ($image_width[$image] == 0 || $image_height[$image] == 0) { $img_size = getimagesize($phpbb_root_path . $img_path . '/' . $image); $image_width[$image] = $img_size[0]; $image_height[$image] = $img_size[1]; } // Adjust image width/height for icons if ($mode == 'icons') { if ($image_width[$image] > 127 && $image_width[$image] > $image_height[$image]) { $image_height[$image] = (int) ($image_height[$image] * (127 / $image_width[$image])); $image_width[$image] = 127; } else { if ($image_height[$image] > 127) { $image_width[$image] = (int) ($image_width[$image] * (127 / $image_height[$image])); $image_height[$image] = 127; } } } $img_sql = array($fields . '_url' => $image, $fields . '_width' => $image_width[$image], $fields . '_height' => $image_height[$image], 'display_on_posting' => isset($image_display_on_posting[$image]) ? 1 : 0); if ($mode == 'smilies') { $img_sql = array_merge($img_sql, array('emotion' => $image_emotion[$image], 'code' => $image_code[$image])); } if ($mode == 'icons') { $img_sql = array_merge($img_sql, array('icons_alt' => $image_alt[$image])); } // Image_order holds the 'new' order value if (!empty($image_order[$image])) { $img_sql = array_merge($img_sql, array($fields . '_order' => $image_order[$image])); // Since we always add 'after' an item, we just need to increase all following + the current by one $sql = "UPDATE {$table}\n\t\t\t\t\t\t\t\tSET {$fields}_order = {$fields}_order + 1\n\t\t\t\t\t\t\t\tWHERE {$fields}_order >= {$image_order[$image]}"; $db->sql_query($sql); // If we adjust the order, we need to adjust all other orders too - they became inaccurate... foreach ($image_order as $_image => $_order) { if ($_image == $image) { continue; } if ($_order >= $image_order[$image]) { $image_order[$_image]++; } } } if ($action == 'modify' && !empty($image_id[$image])) { $sql = "UPDATE {$table}\n\t\t\t\t\t\t\t\tSET " . $db->sql_build_array('UPDATE', $img_sql) . "\n\t\t\t\t\t\t\t\tWHERE {$fields}_id = " . $image_id[$image]; $db->sql_query($sql); $icons_updated++; } else { if ($action !== 'modify') { $sql = "INSERT INTO {$table} " . $db->sql_build_array('INSERT', $img_sql); $db->sql_query($sql); $icons_updated++; } } } } } } $cache->destroy('_icons'); $cache->destroy('sql', $table); $phpbb_container->get('text_formatter.cache')->invalidate(); $level = $icons_updated ? E_USER_NOTICE : E_USER_WARNING; $errormsgs = ''; foreach ($errors as $img => $error) { $errormsgs .= '<br />' . sprintf($user->lang[$error], $img); } if ($action == 'modify') { trigger_error($user->lang($lang . '_EDITED', $icons_updated) . $errormsgs . adm_back_link($this->u_action), $level); } else { trigger_error($user->lang($lang . '_ADDED', $icons_updated) . $errormsgs . adm_back_link($this->u_action), $level); } break; case 'import': $pak = $request->variable('pak', ''); $current = $request->variable('current', ''); if ($pak != '') { $order = 0; if (!check_form_key($form_key)) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } if (!($pak_ary = @file($phpbb_root_path . $img_path . '/' . $pak))) { trigger_error($user->lang['PAK_FILE_NOT_READABLE'] . adm_back_link($this->u_action), E_USER_WARNING); } // Make sure the pak_ary is valid foreach ($pak_ary as $pak_entry) { if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data)) { if (sizeof($data[1]) != 4 && $mode == 'icons' || (sizeof($data[1]) != 6 || (empty($data[1][4]) || empty($data[1][5]))) && $mode == 'smilies') { trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } } else { trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } } // The user has already selected a smilies_pak file if ($current == 'delete') { switch ($db->get_sql_layer()) { case 'sqlite3': $db->sql_query('DELETE FROM ' . $table); break; default: $db->sql_query('TRUNCATE TABLE ' . $table); break; } switch ($mode) { case 'smilies': break; case 'icons': // Reset all icon_ids $db->sql_query('UPDATE ' . TOPICS_TABLE . ' SET icon_id = 0'); $db->sql_query('UPDATE ' . POSTS_TABLE . ' SET icon_id = 0'); break; } } else { $cur_img = array(); $field_sql = $mode == 'smilies' ? 'code' : 'icons_url'; $sql = "SELECT {$field_sql}\n\t\t\t\t\t\t\tFROM {$table}"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { ++$order; $cur_img[$row[$field_sql]] = 1; } $db->sql_freeresult($result); } if ($mode == 'smilies') { $smiley_count = $this->item_count($table); if ($smiley_count + sizeof($pak_ary) > SMILEY_LIMIT) { trigger_error($user->lang('TOO_MANY_SMILIES', SMILEY_LIMIT) . adm_back_link($this->u_action), E_USER_WARNING); } } foreach ($pak_ary as $pak_entry) { $data = array(); if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data)) { if (sizeof($data[1]) != 4 && $mode == 'icons' || sizeof($data[1]) != 6 && $mode == 'smilies') { trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } // Stripslash here because it got addslashed before... (on export) $img = stripslashes($data[1][0]); $width = stripslashes($data[1][1]); $height = stripslashes($data[1][2]); $display_on_posting = stripslashes($data[1][3]); if (isset($data[1][4]) && isset($data[1][5])) { $emotion = stripslashes($data[1][4]); $code = stripslashes($data[1][5]); } if ($current == 'replace' && ($mode == 'smilies' && !empty($cur_img[$code]) || $mode == 'icons' && !empty($cur_img[$img]))) { $replace_sql = $mode == 'smilies' ? $code : $img; $sql = array($fields . '_url' => $img, $fields . '_height' => (int) $height, $fields . '_width' => (int) $width, 'display_on_posting' => (int) $display_on_posting); if ($mode == 'smilies') { $sql = array_merge($sql, array('emotion' => $emotion)); } $sql = "UPDATE {$table} SET " . $db->sql_build_array('UPDATE', $sql) . "\n\t\t\t\t\t\t\t\t\tWHERE {$field_sql} = '" . $db->sql_escape($replace_sql) . "'"; $db->sql_query($sql); } else { ++$order; $sql = array($fields . '_url' => $img, $fields . '_height' => (int) $height, $fields . '_width' => (int) $width, $fields . '_order' => (int) $order, 'display_on_posting' => (int) $display_on_posting); if ($mode == 'smilies') { $sql = array_merge($sql, array('code' => $code, 'emotion' => $emotion)); } $db->sql_query("INSERT INTO {$table} " . $db->sql_build_array('INSERT', $sql)); } } } $cache->destroy('_icons'); $cache->destroy('sql', $table); $phpbb_container->get('text_formatter.cache')->invalidate(); trigger_error($user->lang[$lang . '_IMPORT_SUCCESS'] . adm_back_link($this->u_action)); } else { $pak_options = ''; foreach ($_paks as $pak) { $pak_options .= '<option value="' . $pak . '">' . htmlspecialchars($pak) . '</option>'; } $template->assign_vars(array('S_CHOOSE_PAK' => true, 'S_PAK_OPTIONS' => $pak_options, 'L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_NO_PAK_OPTIONS' => $user->lang['NO_' . $lang . '_PAK'], 'L_CURRENT' => $user->lang['CURRENT_' . $lang], 'L_CURRENT_EXPLAIN' => $user->lang['CURRENT_' . $lang . '_EXPLAIN'], 'L_IMPORT_SUBMIT' => $user->lang['IMPORT_' . $lang], 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=import')); } break; case 'export': $this->page_title = 'EXPORT_' . $lang; $this->tpl_name = 'message_body'; $template->assign_vars(array('MESSAGE_TITLE' => $user->lang['EXPORT_' . $lang], 'MESSAGE_TEXT' => sprintf($user->lang['EXPORT_' . $lang . '_EXPLAIN'], '<a href="' . $this->u_action . '&action=send&hash=' . generate_link_hash('acp_icons') . '">', '</a>'), 'S_USER_NOTICE' => true)); return; break; case 'send': if (!check_link_hash($request->variable('hash', ''), 'acp_icons')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql = "SELECT *\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tORDER BY {$fields}_order"; $result = $db->sql_query($sql); $pak = ''; while ($row = $db->sql_fetchrow($result)) { $pak .= "'" . addslashes($row[$fields . '_url']) . "', "; $pak .= "'" . addslashes($row[$fields . '_width']) . "', "; $pak .= "'" . addslashes($row[$fields . '_height']) . "', "; $pak .= "'" . addslashes($row['display_on_posting']) . "', "; if ($mode == 'smilies') { $pak .= "'" . addslashes($row['emotion']) . "', "; $pak .= "'" . addslashes($row['code']) . "', "; } $pak .= "\n"; } $db->sql_freeresult($result); if ($pak != '') { garbage_collection(); header('Cache-Control: public'); // Send out the Headers header('Content-Type: text/x-delimtext; name="' . $mode . '.pak"'); header('Content-Disposition: inline; filename="' . $mode . '.pak"'); echo $pak; flush(); exit; } else { trigger_error($user->lang['NO_' . strtoupper($fields) . '_EXPORT'] . adm_back_link($this->u_action), E_USER_WARNING); } break; case 'delete': if (confirm_box(true)) { $sql = "DELETE FROM {$table}\n\t\t\t\t\t\tWHERE {$fields}_id = {$icon_id}"; $db->sql_query($sql); switch ($mode) { case 'smilies': break; case 'icons': // Reset appropriate icon_ids $db->sql_query('UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\t\t\t\tSET icon_id = 0\n\t\t\t\t\t\t\t\tWHERE icon_id = {$icon_id}"); $db->sql_query('UPDATE ' . POSTS_TABLE . "\n\t\t\t\t\t\t\t\tSET icon_id = 0\n\t\t\t\t\t\t\t\tWHERE icon_id = {$icon_id}"); break; } $notice = $user->lang[$lang . '_DELETED']; $cache->destroy('_icons'); $cache->destroy('sql', $table); $phpbb_container->get('text_formatter.cache')->invalidate(); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $notice, 'REFRESH_DATA' => array('time' => 3))); } } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'id' => $icon_id, 'action' => 'delete'))); } break; case 'move_up': case 'move_down': if (!check_link_hash($request->variable('hash', ''), 'acp_icons')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } // Get current order id... $sql = "SELECT {$fields}_order as current_order\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tWHERE {$fields}_id = {$icon_id}"; $result = $db->sql_query($sql); $current_order = (int) $db->sql_fetchfield('current_order'); $db->sql_freeresult($result); if ($current_order == 0 && $action == 'move_up') { break; } // on move_down, switch position with next order_id... // on move_up, switch position with previous order_id... $switch_order_id = $action == 'move_down' ? $current_order + 1 : $current_order - 1; // $sql = "UPDATE {$table}\n\t\t\t\t\tSET {$fields}_order = {$current_order}\n\t\t\t\t\tWHERE {$fields}_order = {$switch_order_id}\n\t\t\t\t\t\tAND {$fields}_id <> {$icon_id}"; $db->sql_query($sql); $move_executed = (bool) $db->sql_affectedrows(); // Only update the other entry too if the previous entry got updated if ($move_executed) { $sql = "UPDATE {$table}\n\t\t\t\t\t\tSET {$fields}_order = {$switch_order_id}\n\t\t\t\t\t\tWHERE {$fields}_order = {$current_order}\n\t\t\t\t\t\t\tAND {$fields}_id = {$icon_id}"; $db->sql_query($sql); } $cache->destroy('_icons'); $cache->destroy('sql', $table); $phpbb_container->get('text_formatter.cache')->invalidate(); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('success' => $move_executed)); } break; } // By default, check that image_order is valid and fix it if necessary $sql = "SELECT {$fields}_id AS order_id, {$fields}_order AS fields_order\n\t\t\tFROM {$table}\n\t\t\tORDER BY display_on_posting DESC, {$fields}_order"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $order = 0; do { ++$order; if ($row['fields_order'] != $order) { $db->sql_query("UPDATE {$table}\n\t\t\t\t\t\tSET {$fields}_order = {$order}\n\t\t\t\t\t\tWHERE {$fields}_id = " . $row['order_id']); } } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); $template->assign_vars(array('L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_IMPORT' => $user->lang['IMPORT_' . $lang], 'L_EXPORT' => $user->lang['EXPORT_' . $lang], 'L_NOT_DISPLAYED' => $user->lang[$lang . '_NOT_DISPLAYED'], 'L_ICON_ADD' => $user->lang['ADD_' . $lang], 'L_ICON_EDIT' => $user->lang['EDIT_' . $lang], 'NOTICE' => $notice, 'COLSPAN' => $mode == 'smilies' ? 5 : 3, 'S_SMILIES' => $mode == 'smilies' ? true : false, 'U_ACTION' => $this->u_action, 'U_IMPORT' => $this->u_action . '&action=import', 'U_EXPORT' => $this->u_action . '&action=export')); /* @var $pagination \phpbb\pagination */ $pagination = $phpbb_container->get('pagination'); $pagination_start = $request->variable('start', 0); $spacer = false; $item_count = $this->item_count($table); $sql = "SELECT *\n\t\t\tFROM {$table}\n\t\t\tORDER BY {$fields}_order ASC"; $result = $db->sql_query_limit($sql, $config['smilies_per_page'], $pagination_start); while ($row = $db->sql_fetchrow($result)) { $alt_text = $mode == 'smilies' ? $row['code'] : ($mode == 'icons' && !empty($row['icons_alt']) ? $row['icons_alt'] : $row['icons_url']); $template->assign_block_vars('items', array('S_SPACER' => !$spacer && !$row['display_on_posting'] ? true : false, 'ALT_TEXT' => $alt_text, 'IMG_SRC' => $phpbb_root_path . $img_path . '/' . $row[$fields . '_url'], 'WIDTH' => $row[$fields . '_width'], 'HEIGHT' => $row[$fields . '_height'], 'CODE' => isset($row['code']) ? $row['code'] : '', 'EMOTION' => isset($row['emotion']) ? $row['emotion'] : '', 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row[$fields . '_id'], 'U_DELETE' => $this->u_action . '&action=delete&id=' . $row[$fields . '_id'], 'U_MOVE_UP' => $this->u_action . '&action=move_up&id=' . $row[$fields . '_id'] . '&start=' . $pagination_start . '&hash=' . generate_link_hash('acp_icons'), 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&id=' . $row[$fields . '_id'] . '&start=' . $pagination_start . '&hash=' . generate_link_hash('acp_icons'))); if (!$spacer && !$row['display_on_posting']) { $spacer = true; } } $db->sql_freeresult($result); $pagination->generate_template_pagination($this->u_action, 'pagination', 'start', $item_count, $config['smilies_per_page'], $pagination_start); }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $request, $phpbb_dispatcher; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; $user->add_lang('acp/posting'); // Set up general vars $action = request_var('action', ''); $action = isset($_POST['add']) ? 'add' : $action; $action = isset($_POST['save']) ? 'save' : $action; $rank_id = request_var('id', 0); $this->tpl_name = 'acp_ranks'; $this->page_title = 'ACP_MANAGE_RANKS'; $form_name = 'acp_ranks'; add_form_key($form_name); switch ($action) { case 'save': if (!check_form_key($form_name)) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } $rank_title = utf8_normalize_nfc(request_var('title', '', true)); $special_rank = request_var('special_rank', 0); $min_posts = $special_rank ? 0 : max(0, request_var('min_posts', 0)); $rank_image = request_var('rank_image', ''); // The rank image has to be a jpg, gif or png if ($rank_image != '' && !preg_match('#(\\.gif|\\.png|\\.jpg|\\.jpeg)$#i', $rank_image)) { $rank_image = ''; } if (!$rank_title) { trigger_error($user->lang['NO_RANK_TITLE'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql_ary = array('rank_title' => $rank_title, 'rank_special' => $special_rank, 'rank_min' => $min_posts, 'rank_image' => htmlspecialchars_decode($rank_image)); /** * Modify the SQL array when saving a rank * * @event core.acp_ranks_save_modify_sql_ary * @var int rank_id The ID of the rank (if available) * @var array sql_ary Array with the rank's data * @since 3.1.0-RC3 */ $vars = array('rank_id', 'sql_ary'); extract($phpbb_dispatcher->trigger_event('core.acp_ranks_save_modify_sql_ary', compact($vars))); if ($rank_id) { $sql = 'UPDATE ' . RANKS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE rank_id = {$rank_id}"; $message = $user->lang['RANK_UPDATED']; add_log('admin', 'LOG_RANK_UPDATED', $rank_title); } else { $sql = 'INSERT INTO ' . RANKS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $message = $user->lang['RANK_ADDED']; add_log('admin', 'LOG_RANK_ADDED', $rank_title); } $db->sql_query($sql); $cache->destroy('_ranks'); trigger_error($message . adm_back_link($this->u_action)); break; case 'delete': if (!$rank_id) { trigger_error($user->lang['MUST_SELECT_RANK'] . adm_back_link($this->u_action), E_USER_WARNING); } if (confirm_box(true)) { $sql = 'SELECT rank_title FROM ' . RANKS_TABLE . ' WHERE rank_id = ' . $rank_id; $result = $db->sql_query($sql); $rank_title = (string) $db->sql_fetchfield('rank_title'); $db->sql_freeresult($result); $sql = 'DELETE FROM ' . RANKS_TABLE . "\n\t\t\t\t\t\tWHERE rank_id = {$rank_id}"; $db->sql_query($sql); $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\t\t\tSET user_rank = 0\n\t\t\t\t\t\tWHERE user_rank = {$rank_id}"; $db->sql_query($sql); $cache->destroy('_ranks'); add_log('admin', 'LOG_RANK_REMOVED', $rank_title); if ($request->is_ajax()) { $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['RANK_REMOVED'], 'REFRESH_DATA' => array('time' => 3))); } } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'rank_id' => $rank_id, 'action' => 'delete'))); } break; case 'edit': case 'add': $data = $ranks = $existing_imgs = array(); $sql = 'SELECT * FROM ' . RANKS_TABLE . ' ORDER BY rank_min ASC, rank_special ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $existing_imgs[] = $row['rank_image']; if ($action == 'edit' && $rank_id == $row['rank_id']) { $ranks = $row; } } $db->sql_freeresult($result); $imglist = filelist($phpbb_root_path . $config['ranks_path'], ''); $edit_img = $filename_list = ''; foreach ($imglist as $path => $img_ary) { sort($img_ary); foreach ($img_ary as $img) { $img = $path . $img; if ($ranks && $img == $ranks['rank_image']) { $selected = ' selected="selected"'; $edit_img = $img; } else { $selected = ''; } if (strlen($img) > 255) { continue; } $filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . $img . (in_array($img, $existing_imgs) ? ' ' . $user->lang['RANK_IMAGE_IN_USE'] : '') . '</option>'; } } $filename_list = '<option value=""' . ($edit_img == '' ? ' selected="selected"' : '') . '>----------</option>' . $filename_list; unset($existing_imgs, $imglist); $tpl_ary = array('S_EDIT' => true, 'U_BACK' => $this->u_action, 'RANKS_PATH' => $phpbb_root_path . $config['ranks_path'], 'U_ACTION' => $this->u_action . '&id=' . $rank_id, 'RANK_TITLE' => isset($ranks['rank_title']) ? $ranks['rank_title'] : '', 'S_FILENAME_LIST' => $filename_list, 'RANK_IMAGE' => $edit_img ? $phpbb_root_path . $config['ranks_path'] . '/' . $edit_img : htmlspecialchars($phpbb_admin_path) . 'images/spacer.gif', 'S_SPECIAL_RANK' => isset($ranks['rank_special']) && $ranks['rank_special'] ? true : false, 'MIN_POSTS' => isset($ranks['rank_min']) && !$ranks['rank_special'] ? $ranks['rank_min'] : 0); /** * Modify the template output array for editing/adding ranks * * @event core.acp_ranks_edit_modify_tpl_ary * @var array ranks Array with the rank's data * @var array tpl_ary Array with the rank's template data * @since 3.1.0-RC3 */ $vars = array('ranks', 'tpl_ary'); extract($phpbb_dispatcher->trigger_event('core.acp_ranks_edit_modify_tpl_ary', compact($vars))); $template->assign_vars($tpl_ary); return; break; } $template->assign_vars(array('U_ACTION' => $this->u_action)); $sql = 'SELECT * FROM ' . RANKS_TABLE . ' ORDER BY rank_special DESC, rank_min ASC, rank_title ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $rank_row = array('S_RANK_IMAGE' => $row['rank_image'] ? true : false, 'S_SPECIAL_RANK' => $row['rank_special'] ? true : false, 'RANK_IMAGE' => $phpbb_root_path . $config['ranks_path'] . '/' . $row['rank_image'], 'RANK_TITLE' => $row['rank_title'], 'MIN_POSTS' => $row['rank_min'], 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row['rank_id'], 'U_DELETE' => $this->u_action . '&action=delete&id=' . $row['rank_id']); /** * Modify the template output array for each listed rank * * @event core.acp_ranks_list_modify_rank_row * @var array row Array with the rank's data * @var array rank_row Array with the rank's template data * @since 3.1.0-RC3 */ $vars = array('row', 'rank_row'); extract($phpbb_dispatcher->trigger_event('core.acp_ranks_list_modify_rank_row', compact($vars))); $template->assign_block_vars('ranks', $rank_row); } $db->sql_freeresult($result); }
/** * Error and message handler, call with trigger_error if read */ function msg_handler($errno, $msg_text, $errfile, $errline) { global $cache, $db, $auth, $template, $config, $user, $request; global $phpEx, $phpbb_root_path, $msg_title, $msg_long_text; // Do not display notices if we suppress them via @ if (error_reporting() == 0 && $errno != E_USER_ERROR && $errno != E_USER_WARNING && $errno != E_USER_NOTICE) { return; } // Message handler is stripping text. In case we need it, we are possible to define long text... if (isset($msg_long_text) && $msg_long_text && !$msg_text) { $msg_text = $msg_long_text; } if (!defined('E_DEPRECATED')) { define('E_DEPRECATED', 8192); } switch ($errno) { case E_NOTICE: case E_WARNING: // Check the error reporting level and return if the error level does not match // If DEBUG is defined the default level is E_ALL if (($errno & (defined('DEBUG') ? E_ALL : error_reporting())) == 0) { return; } if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false) { $errfile = phpbb_filter_root_path($errfile); $msg_text = phpbb_filter_root_path($msg_text); $error_name = $errno === E_WARNING ? 'PHP Warning' : 'PHP Notice'; echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n"; // we are writing an image - the user won't see the debug, so let's place it in the log if (defined('IMAGE_OUTPUT') || defined('IN_CRON')) { add_log('critical', 'LOG_IMAGE_GENERATION_ERROR', $errfile, $errline, $msg_text); } // echo '<br /><br />BACKTRACE<br />' . get_backtrace() . '<br />' . "\n"; } return; break; case E_USER_ERROR: if (!empty($user) && !empty($user->lang)) { $msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text; $msg_title = !isset($msg_title) ? $user->lang['GENERAL_ERROR'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title); $l_return_index = sprintf($user->lang['RETURN_INDEX'], '<a href="' . $phpbb_root_path . '">', '</a>'); $l_notify = ''; if (!empty($config['board_contact'])) { $l_notify = '<p>' . sprintf($user->lang['NOTIFY_ADMIN_EMAIL'], $config['board_contact']) . '</p>'; } } else { $msg_title = 'General Error'; $l_return_index = '<a href="' . $phpbb_root_path . '">Return to index page</a>'; $l_notify = ''; if (!empty($config['board_contact'])) { $l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . $config['board_contact'] . '">' . $config['board_contact'] . '</a></p>'; } } $log_text = $msg_text; $backtrace = get_backtrace(); if ($backtrace) { $log_text .= '<br /><br />BACKTRACE<br />' . $backtrace; } if (defined('IN_INSTALL') || defined('DEBUG') || isset($auth) && $auth->acl_get('a_')) { $msg_text = $log_text; // If this is defined there already was some output // So let's not break it if (defined('IN_DB_UPDATE')) { echo '<div class="errorbox">' . $msg_text . '</div>'; $db->sql_return_on_error(true); phpbb_end_update($cache, $config); } } if ((defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db)) { // let's avoid loops $db->sql_return_on_error(true); add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $log_text); $db->sql_return_on_error(false); } // Do not send 200 OK, but service unavailable on errors send_status_line(503, 'Service Unavailable'); garbage_collection(); // Try to not call the adm page data... echo '<!DOCTYPE html>'; echo '<html dir="ltr">'; echo '<head>'; echo '<meta charset="utf-8">'; echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">'; echo '<title>' . $msg_title . '</title>'; echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n"; echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } '; echo 'a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } '; echo '#wrap { padding: 0 20px 15px 20px; min-width: 615px; } #page-header { text-align: right; height: 40px; } #page-footer { clear: both; font-size: 1em; text-align: center; } '; echo '.panel { margin: 4px 0; background-color: #FFFFFF; border: solid 1px #A9B8C2; } '; echo '#errorpage #page-header a { font-weight: bold; line-height: 6em; } #errorpage #content { padding: 10px; } #errorpage #content h1 { line-height: 1.2em; margin-bottom: 0; color: #DF075C; } '; echo '#errorpage #content div { margin-top: 20px; margin-bottom: 5px; border-bottom: 1px solid #CCCCCC; padding-bottom: 5px; color: #333333; font: bold 1.2em "Lucida Grande", Arial, Helvetica, sans-serif; text-decoration: none; line-height: 120%; text-align: left; } '; echo "\n" . '/* ]]> */' . "\n"; echo '</style>'; echo '</head>'; echo '<body id="errorpage">'; echo '<div id="wrap">'; echo ' <div id="page-header">'; echo ' ' . $l_return_index; echo ' </div>'; echo ' <div id="acp">'; echo ' <div class="panel">'; echo ' <div id="content">'; echo ' <h1>' . $msg_title . '</h1>'; echo ' <div>' . $msg_text . '</div>'; echo $l_notify; echo ' </div>'; echo ' </div>'; echo ' </div>'; echo ' <div id="page-footer">'; echo ' Powered by <a href="https://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Limited'; echo ' </div>'; echo '</div>'; echo '</body>'; echo '</html>'; exit_handler(); // On a fatal error (and E_USER_ERROR *is* fatal) we never want other scripts to continue and force an exit here. exit; break; case E_USER_WARNING: case E_USER_NOTICE: define('IN_ERROR_HANDLER', true); if (empty($user->data)) { $user->session_begin(); } // We re-init the auth array to get correct results on login/logout $auth->acl($user->data); if (empty($user->lang)) { $user->setup(); } if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') { send_status_line(404, 'Not Found'); } $msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text; $msg_title = !isset($msg_title) ? $user->lang['INFORMATION'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title); if (!defined('HEADER_INC')) { if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) { adm_page_header($msg_title); } else { page_header($msg_title); } } $template->set_filenames(array('body' => 'message_body.html')); $template->assign_vars(array('MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text, 'S_USER_WARNING' => $errno == E_USER_WARNING ? true : false, 'S_USER_NOTICE' => $errno == E_USER_NOTICE ? true : false)); if ($request->is_ajax()) { global $refresh_data; $json_response = new \phpbb\json_response(); $json_response->send(array('MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text, 'S_USER_WARNING' => $errno == E_USER_WARNING ? true : false, 'S_USER_NOTICE' => $errno == E_USER_NOTICE ? true : false, 'REFRESH_DATA' => !empty($refresh_data) ? $refresh_data : null)); } // We do not want the cron script to be called on error messages define('IN_CRON', true); if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) { adm_page_footer(); } else { page_footer(); } exit_handler(); break; // PHP4 compatibility // PHP4 compatibility case E_DEPRECATED: return true; break; } // If we notice an error not handled here we pass this back to PHP by returning false // This may not work for all php versions return false; }