function phpbb_com_titania_page_footer($hook, $run_cron, $template_body) { if (defined('TEST_INSTALLATION')) { return; } // Setup the phpBB.com footer phpbb::$template->set_custom_template(TITANIA_ROOT . '../../template/', 'website'); phpbb::$template->set_filenames(array('phpbb_com_footer' => 'overall_footer.html')); phpbb::$template->assign_display('phpbb_com_footer', 'PHPBB_COM_FOOTER', false); titania::set_custom_template(); }
/** * Display the message box */ public function display() { $for_edit = $this->post_object->generate_text_for_edit(); // Initialize our post options class $post_options = new post_options(); $post_options->set_auth($this->auth['bbcode'], $this->auth['smilies'], true, true, true); $post_options->set_status($for_edit['allow_bbcode'], $for_edit['allow_smilies'], $for_edit['allow_urls']); // Setup the attachments! $this->setup_attachments(); if ($this->auth['polls']) { $this->posting_panels['poll-panel'] = 'POLL'; } // Add the forum key add_form_key($this->settings['form_name']); // Generate smiley listing if ($post_options->get_status('smilies')) { phpbb::_include('functions_posting', 'generate_smilies'); generate_smilies('inline', false); } // Build custom bbcodes array if ($post_options->get_status('bbcode')) { phpbb::_include('functions_display', 'display_custom_bbcodes'); display_custom_bbcodes(); } // Display the Captcha if required if ($this->settings['display_captcha']) { phpbb::_include('captcha/captcha_factory', false, 'phpbb_captcha_factory'); $captcha =& phpbb_captcha_factory::get_instance(phpbb::$config['captcha_plugin']); $captcha->init(CONFIRM_POST); if ($captcha->validate($this->request_data()) !== false) { phpbb::reset_template(); // Parse the captcha template phpbb::$template->set_filenames(array('captcha' => $captcha->get_template())); // Correct confirm image link phpbb::$template->assign_var('CONFIRM_IMAGE_LINK', phpbb::append_sid('ucp', 'mode=confirm&confirm_id=' . $captcha->confirm_id . '&type=' . $captcha->type)); phpbb::$template->assign_display('captcha', 'CAPTCHA', false); titania::set_custom_template(); } $this->s_hidden_fields = array_merge($this->s_hidden_fields, $captcha->get_hidden_fields()); } $post_options->set_in_template(); // Save the opened panel to show again $default_panel = request_var('open_panel', 'options-panel'); $default_panel = isset($this->posting_panels[$default_panel]) ? $default_panel : 'options-panel'; phpbb::$template->assign_vars(array('ACCESS_OPTIONS' => titania_access_select(isset($for_edit['access']) ? $for_edit['access'] : TITANIA_ACCESS_PUBLIC), 'EDIT_REASON' => isset($for_edit['edit_reason']) ? $for_edit['edit_reason'] : '', 'POSTING_FORM_NAME' => $this->settings['form_name'], 'POSTING_TEXT_NAME' => $this->settings['text_name'], 'POSTING_SUBJECT_NAME' => $this->settings['subject_name'], 'POSTING_PANELS_DEFAULT' => $default_panel, 'POSTING_TEXT' => $this->settings['text_default_override'] !== false ? $this->settings['text_default_override'] : $for_edit['text'], 'SUBJECT' => $this->settings['subject_default_override'] !== false ? $this->settings['subject_default_override'] : (isset($for_edit['subject']) ? $for_edit['subject'] : ''), 'S_ENHANCED_EDITOR' => phpbb::$user->data['titania_enhanced_editor'], 'S_DISPLAY_ERROR' => $this->settings['display_error'], 'S_DISPLAY_SUBJECT' => $this->settings['display_subject'], 'S_STICKY_TOPIC_ALLOWED' => $this->auth['sticky_topic'], 'S_STICKY_TOPIC_CHECKED' => isset($for_edit['topic_sticky']) ? $for_edit['topic_sticky'] : false, 'S_LOCK_TOPIC_ALLOWED' => $this->auth['lock_topic'], 'S_LOCK_TOPIC_CHECKED' => isset($for_edit['topic_locked']) ? $for_edit['topic_locked'] : false, 'S_LOCK_POST_ALLOWED' => $this->auth['lock'], 'S_LOCK_POST_CHECKED' => isset($for_edit['locked']) ? $for_edit['locked'] : false, 'S_EDIT_REASON' => $this->settings['display_edit_reason'], 'S_HIDDEN_FIELDS' => build_hidden_fields($this->s_hidden_fields))); if ($this->attachments) { phpbb::$template->assign_vars(array('UPLOADER' => $this->attachments->parse_uploader($this->settings['attachment_tpl']), 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"')); } $this->display_panels(); }
/** * Generate login box or verify password */ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) { self::_include('captcha/captcha_factory', 'phpbb_captcha_factory'); self::$user->add_lang('ucp'); $err = ''; // Make sure user->setup() has been called if (empty(self::$user->lang)) { self::$user->setup(); } // Print out error if user tries to authenticate as an administrator without having the privileges... if ($admin && !self::$auth->acl_get('a_')) { // Not authd // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } trigger_error('NO_AUTH_ADMIN'); } if (isset($_POST['login'])) { // Get credential if ($admin) { $credential = request_var('credential', ''); if (strspn($credential, 'abcdef0123456789') !== strlen($credential) || strlen($credential) != 32) { if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } trigger_error('NO_AUTH_ADMIN'); } $password = request_var('password_' . $credential, '', true); } else { $password = request_var('password', '', true); } $username = request_var('username', '', true); $autologin = !empty($_POST['autologin']) ? true : false; $viewonline = !empty($_POST['viewonline']) ? 0 : 1; $admin = $admin ? 1 : 0; $viewonline = $admin ? self::$user->data['session_viewonline'] : $viewonline; // Check if the supplied username is equal to the one stored within the database if re-authenticating if ($admin && utf8_clean_string(self::$username) != utf8_clean_string(self::$user->data['username'])) { // We log the attempt to use a different username... add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); trigger_error('NO_AUTH_ADMIN_USER_DIFFER'); } // If authentication is successful we redirect user to previous page $result = self::$auth->login($username, $password, $autologin, $viewonline, $admin); // If admin authentication and login, we will log if it was a success or not... // We also break the operation on the first non-success login - it could be argued that the user already knows if ($admin) { if ($result['status'] == LOGIN_SUCCESS) { add_log('admin', 'LOG_ADMIN_AUTH_SUCCESS'); } else { // Only log the failed attempt if a real user tried to. // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } } } // The result parameter is always an array, holding the relevant information... if ($result['status'] == LOGIN_SUCCESS) { $redirect = request_var('redirect', ''); if ($redirect) { $redirect = titania_url::unbuild_url($redirect); $base = $append = false; titania_url::split_base_params($base, $append, $redirect); redirect(titania_url::build_url($base, $append)); } else { redirect(titania_url::build_url(titania_url::$current_page, titania_url::$params)); } } // Something failed, determine what... if ($result['status'] == LOGIN_BREAK) { trigger_error($result['error_msg']); } // Special cases... determine switch ($result['status']) { case LOGIN_ERROR_ATTEMPTS: $captcha = phpbb_captcha_factory::get_instance(self::$config['captcha_plugin']); $captcha->init(CONFIRM_LOGIN); // $captcha->reset(); // Parse the captcha template self::reset_template(); self::$template->set_filenames(array('captcha' => $captcha->get_template())); // Correct confirm image link self::$template->assign_var('CONFIRM_IMAGE_LINK', self::append_sid('ucp', 'mode=confirm&confirm_id=' . $captcha->confirm_id . '&type=' . $captcha->type)); self::$template->assign_display('captcha', 'CAPTCHA', false); titania::set_custom_template(); $err = self::$user->lang[$result['error_msg']]; break; case LOGIN_ERROR_PASSWORD_CONVERT: $err = sprintf(self::$user->lang[$result['error_msg']], self::$config['email_enable'] ? '<a href="' . self::append_sid('ucp', 'mode=sendpassword') . '">' : '', self::$config['email_enable'] ? '</a>' : '', self::$config['board_contact'] ? '<a href="mailto:' . htmlspecialchars(self::$config['board_contact']) . '">' : '', self::$config['board_contact'] ? '</a>' : ''); break; // Username, password, etc... // Username, password, etc... default: $err = self::$user->lang[$result['error_msg']]; // Assign admin contact to some error messages if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') { $err = !self::$config['board_contact'] ? sprintf(self::$user->lang[$result['error_msg']], '', '') : sprintf(self::$user->lang[$result['error_msg']], '<a href="mailto:' . htmlspecialchars(self::$config['board_contact']) . '">', '</a>'); } break; } } // Assign credential for username/password pair $credential = $admin ? md5(unique_id()) : false; $s_hidden_fields = array('sid' => self::$user->session_id); if ($redirect) { $s_hidden_fields['redirect'] = $redirect; } if ($admin) { $s_hidden_fields['credential'] = $credential; } $s_hidden_fields = build_hidden_fields($s_hidden_fields); titania::page_header('LOGIN'); self::$template->assign_vars(array('LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, 'U_SEND_PASSWORD' => self::$config['email_enable'] ? self::append_sid('ucp', 'mode=sendpassword') : '', 'U_RESEND_ACTIVATION' => self::$config['require_activation'] == USER_ACTIVATION_SELF && self::$config['email_enable'] ? self::append_sid('ucp', 'mode=resend_act') : '', 'U_TERMS_USE' => self::append_sid('ucp', 'mode=terms'), 'U_PRIVACY' => self::append_sid('ucp', 'mode=privacy'), 'S_DISPLAY_FULL_LOGIN' => $s_display ? true : false, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_ADMIN_AUTH' => $admin, 'USERNAME' => $admin ? self::$user->data['username'] : '', 'USERNAME_CREDENTIAL' => 'username', 'PASSWORD_CREDENTIAL' => $admin ? 'password_' . $credential : 'password')); titania::page_footer(true, 'login_body.html'); }