Exemplo n.º 1
0
function msg_selectbuddies($uid, $allusers = false)
{
    global $_USER, $_CONF, $_TABLES;
    $retval = '';
    if ($allusers) {
        // Show all site members - else users in selected group
        $result = DB_query("SELECT uid,username,fullname from {$_TABLES['users']} ORDER BY username");
        while (list($uid, $username, $fullname) = DB_fetchArray($result)) {
            if (DB_count($_TABLES['messenger_buddies'], array('uid', 'buddy_id'), array($_USER['uid'], $uid)) == 0) {
                if ($_CONF['show_fullname'] == 1 and trim($fullname) != '') {
                    $retval .= '<option value="' . $uid . '">' . $fullname . '</option>';
                } elseif ($_CONF['show_fullname'] == 0) {
                    $retval .= '<option value="' . $uid . '">' . $username . '</option>';
                }
            }
        }
    } else {
        $result = DB_query("SELECT user.uid,user.username,user.fullname FROM {$_TABLES['users']} user, {$_TABLES['messenger_buddies']} buddy WHERE user.uid=buddy.buddy_id AND buddy.uid={$_USER['uid']} ORDER BY username");
        while (list($uid, $username, $fullname) = DB_fetchArray($result)) {
            if ($_CONF['show_fullname'] == 1 and trim($fullname) != '') {
                $retval .= '<option value="' . $uid . '">' . $fullname . '</option>';
            } elseif ($_CONF['show_fullname'] == 0) {
                $retval .= '<option value="' . $uid . '">' . $username . '</option>';
            }
        }
    }
    return $retval;
}
Exemplo n.º 2
0
function upgrade_plugins_141()
{
    global $_TABLES;
    if (DB_count($_TABLES['plugins'], 'pi_name', 'links') == 1) {
        DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.0.1', pi_gl_version = '1.4.1' WHERE pi_name = 'links'");
    }
    // add remarks-field to polls
    if (DB_count($_TABLES['plugins'], 'pi_name', 'polls') == 1) {
        DB_query("ALTER TABLE {$_TABLES['pollanswers']} ADD remark varchar(255) NULL AFTER votes");
        DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.1.0', pi_gl_version = '1.4.1' WHERE pi_name = 'polls'");
    }
    if (DB_count($_TABLES['plugins'], 'pi_name', 'spamx') == 1) {
        // delete MT-Blacklist entries from Spam-X plugin
        DB_query("DELETE FROM {$_TABLES['spamx']} WHERE name = 'MTBlacklist'");
        // the count of deleted spams was introduced in 1.4.0 but not added
        // when upgrading from an older database, so add it now if it's missing
        $val = DB_getItem($_TABLES['vars'], 'value', "name = 'spamx.counter'");
        if (empty($val)) {
            DB_save($_TABLES['vars'], 'name,value', "'spamx.counter','0'");
        }
        DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.1.0', pi_gl_version = '1.4.1' WHERE pi_name = 'spamx'");
    }
    // add field to support advanced editor and a help link in staticpages
    if (DB_count($_TABLES['plugins'], 'pi_name', 'staticpages') == 1) {
        DB_query("ALTER TABLE {$_TABLES['staticpage']} ADD postmode varchar(16) DEFAULT 'html' NOT NULL AFTER sp_inblock");
        DB_query("ALTER TABLE {$_TABLES['staticpage']} ADD sp_help varchar(255) default '' AFTER sp_centerblock");
        DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.4.3', pi_gl_version = '1.4.1' WHERE pi_name = 'staticpages'");
    }
}
Exemplo n.º 3
0
function MG_showAdminSubMenu($sub_menu)
{
    global $_CONF, $_TABLES, $_MG_CONF, $LANG_MG01, $LANG_ADMIN, $LANG27;
    $menu = '';
    $admin_url = $_MG_CONF['admin_url'];
    switch ($sub_menu) {
        case 'member_albums':
            $menu .= '<h3>' . $LANG_MG01['member_albums'] . '</h3>' . LB;
            $menu .= '<ul>' . LB . '<li><a href="' . $admin_url . 'createmembers.php">' . $LANG_MG01['batch_create_members'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'purgealbums.php">' . $LANG_MG01['purge_member_albums'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'resetmembers.php">' . $LANG_MG01['reset_members'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'quotareport.php">' . $LANG_MG01['quota_reports'] . '</a></li>' . LB . '</ul>' . LB;
            break;
        case 'rss_feeds':
            $menu .= '<h3>' . $LANG_MG01['rss_feeds'] . '</h3>' . LB;
            $menu .= '<ul>' . LB . '<li><a href="' . $admin_url . 'rssrebuild.php?mode=full">' . $LANG_MG01['rss_rebuild_all'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'rssrebuild.php?mode=album">' . $LANG_MG01['rss_rebuild_album'] . '</a></li>' . LB . '</ul>' . LB;
            break;
        case 'batch_sessions':
            $session_count = DB_count($_TABLES['mg_sessions'], 'session_status', '1');
            $menu .= '<h3>' . $LANG_MG01['batch_sessions'] . '</h3>' . LB;
            $menu .= '<ul>' . LB . '<li><a href="' . $admin_url . 'sessions.php">' . $LANG_MG01['paused_sessions'] . ' (' . $session_count . ')' . '</a></li>' . LB . '<li><a href="' . $admin_url . 'maint.php?mode=thumbs&amp;step=one">' . $LANG_MG01['rebuild_thumb'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'maint.php?mode=resize&amp;step=one">' . $LANG_MG01['resize_display'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'maint.php?mode=remove&amp;step=one">' . $LANG_MG01['discard_originals'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'quota.php">' . $LANG_MG01['rebuild_quota'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'staticsortalbums.php">' . $LANG_MG01['static_sort_albums'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'staticsortmedia.php">' . $LANG_MG01['static_sort_media'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'massdelete.php">' . $LANG_MG01['batch_delete_albums'] . '</a></li>' . LB . '<li><a href="' . $_MG_CONF['site_url'] . '/admin.php?album_id=0&amp;mode=globalperm&amp;a=1">' . $LANG_MG01['globalperm'] . '</a></li>' . LB . '<li><a href="' . $_MG_CONF['site_url'] . '/admin.php?album_id=0&amp;mode=globalattr&amp;a=1">' . $LANG_MG01['globalattr'] . '</a></li>' . LB . '</ul>' . LB;
            break;
        case 'miscellaneous':
            $menu .= '<h3>' . $LANG_MG01['miscellaneous'] . '</h3>' . LB;
            $menu .= '<ul>' . LB . '<li><a href="' . $admin_url . 'usage_rpt.php">' . $LANG_MG01['usage_reports'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'exif_admin.php">' . $LANG_MG01['exif_admin_header'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'rssrebuild.php?mode=full">' . $LANG_MG01['rss_rebuild_all'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'rssrebuild.php?mode=album">' . $LANG_MG01['rss_rebuild_album'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'envcheck.php">' . $LANG_MG01['env_check'] . '</a></li>' . LB . '</ul>' . LB;
            break;
    }
    return $menu;
}
 function link()
 {
     global $_TABLES, $LANG_SX00;
     if (DB_count($_TABLES['spamx'], 'name', 'MTBlacklist') > 0) {
         $display = $LANG_SX00['uMTlist'];
     } else {
         $display = $LANG_SX00['initial_import'];
     }
     return $display;
 }
Exemplo n.º 5
0
function HELLO_count_hello()
{
    global $_CONF, $_TABLES, $_USER, $LANG_HELLO01, $_HE_CONF;
    $hellos = DB_count($_TABLES['hello_queue'], '1', '1');
    $retval = '<p>' . $hellos . ' ' . $LANG_HELLO01['email_schedule'] . '</p>';
    if ($hellos > 0) {
        $retval .= '<p><a href="' . $_CONF['site_admin_url'] . '/plugins/hello/manual.php?action=go">' . $LANG_HELLO01['send_next'] . '</a> ' . $_HE_CONF['max_email'] . ' ' . $LANG_HELLO01['max'] . '</p>';
    }
    return $retval;
}
Exemplo n.º 6
0
function MG_navigation()
{
    global $_MG_CONF, $_CONF, $_TABLES, $LANG_MG01;
    $retval = '';
    $T = new Template($_MG_CONF['template_path'] . '/admin');
    $T->set_file('admin', 'mg_navigation.thtml');
    $queue_count = DB_count($_TABLES['mg_media_album_queue'], '', '');
    $T->set_var(array('site_url' => $_MG_CONF['site_url'], 'admin_url' => $_MG_CONF['admin_url'], 'lang_configuration' => $LANG_MG01['configuration'], 'lang_system_options' => $LANG_MG01['system_options'], 'lang_exif_iptc' => $LANG_MG01['exif_admin_header'], 'lang_categories' => $LANG_MG01['category_manage_help'], 'lang_system_defaults' => $LANG_MG01['system_default_editor'], 'lang_album_defaults' => $LANG_MG01['album_default_editor'], 'lang_av_defaults' => $LANG_MG01['av_default_editor'], 'lang_reports' => $LANG_MG01['reports'], 'lang_usage_reports' => $LANG_MG01['usage_reports'], 'lang_quota_reports' => $LANG_MG01['quota_reports'], 'lang_batch_sessions' => $LANG_MG01['batch_sessions'], 'lang_paused_sessions' => $LANG_MG01['paused_sessions'], 'lang_rebuild_thumbs' => $LANG_MG01['rebuild_thumb'], 'lang_resize_images' => $LANG_MG01['resize_display'], 'lang_remove_originals' => $LANG_MG01['discard_originals'], 'lang_utilities' => $LANG_MG01['utilities'], 'lang_logviewer' => $LANG_MG01['log_viewer'], 'lang_php_info' => $LANG_MG01['phpinfo'], 'lang_documentation' => $LANG_MG01['documentation'], 'lang_import_wizards' => $LANG_MG01['import_wizards'], 'session_count' => DB_count($_TABLES['mg_sessions'], 'session_status', '1'), 'lang_member_album_options' => $LANG_MG01['member_album_options'], 'lang_rebuild_quota' => $LANG_MG01['rebuild_quota'], 'lang_batch_create_members' => $LANG_MG01['batch_create_members'], 'lang_member_albums' => $LANG_MG01['member_albums'], 'lang_static_sort_albums' => $LANG_MG01['static_sort_albums'], 'lang_static_sort_media' => $LANG_MG01['static_sort_media'], 'lang_mass_delete' => $LANG_MG01['batch_delete_albums'], 'lang_rss_options' => $LANG_MG01['rss_options'], 'lang_reset_member_attr' => $LANG_MG01['reset_members'], 'lang_rss_rebuild_all' => $LANG_MG01['rss_rebuild_all'], 'lang_rss_rebuild_album' => $LANG_MG01['rss_rebuild_album'], 'lang_rss_feeds' => $LANG_MG01['rss_feeds'], 'lang_album_sort' => $LANG_MG01['sort_albums'], 'lang_global_attr' => $LANG_MG01['globalattr'], 'lang_global_perm' => $LANG_MG01['globalperm'], 'lang_member_purge_album' => $LANG_MG01['purge_member_albums'], 'lang_reset_defaults' => $LANG_MG01['reset_defaults'], 'lang_filecheck' => $LANG_MG01['filecheck'], 'lang_glstory' => $LANG_MG01['gl_story']));
    $T->parse('output', 'admin');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}
Exemplo n.º 7
0
function nf_chkLookupListsbeforeDelete($listid, $id)
{
    global $_TABLES, $NF_LISTS, $NF_MYAPP;
    $retval = '';
    // Depending on the list, you will need to customize this logic to test if it is used
    // Example: Check if role name (list field 1) in this list is used in any workflows
    if ($listid = $NF_MYAPP['lookuplists']['expense_request_roles']) {
        // Check and see if this role 'process variable name' is used in a workflows
        $variableName = nexlistValue($listid, $id, 0);
        if (DB_count($_TABLES['nf_templatevariables'], 'variableName', $variableName)) {
            $retval = 'Nexflow is using this list item to assign workflow tasks';
        }
    }
    return $retval;
}
Exemplo n.º 8
0
/**
* List all markers that the user has access to
*
* @retun    string      HTML for the list
*
*/
function MAPS_listMarkersAdmin()
{
    global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG_MAPS_1;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    if (DB_count($_TABLES['maps_markers']) == 0) {
        return $retval = '';
    }
    $header_arr = array(array('text' => $LANG_MAPS_1['id'], 'field' => 'mkid', 'sort' => true), array('text' => $LANG_MAPS_1['name'], 'field' => 'name', 'sort' => true), array('text' => $LANG_MAPS_1['map_label'], 'field' => 'mapname', 'sort' => true), array('text' => $LANG_MAPS_1['active_field'], 'field' => 'active', 'sort' => true), array('text' => $LANG_MAPS_1['hidden_field'], 'field' => 'hidden', 'sort' => true), array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false));
    $defsort_arr = array('field' => 'modified', 'direction' => 'desc');
    $text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/maps/markers.php');
    $sql = "SELECT\n\t            a.*, b.name as mapname\n            FROM {$_TABLES['maps_markers']} AS a\n\t\t\tLEFT JOIN\n\t\t\t     {$_TABLES['maps_maps']} AS b\n\t\t\tON a.mid = b.mid\n\t\t\tWHERE 1=1";
    $query_arr = array('sql' => $sql, 'default_filter' => COM_getPermSQL('AND', 0, 3));
    $retval .= ADMIN_list('markers', 'plugin_getListField_markers', $header_arr, $text_arr, $query_arr, $defsort_arr);
    return $retval;
}
Exemplo n.º 9
0
Arquivo: index.php Projeto: ivywe/maps
/**
* List all maps that the user has access to
*
* @retun    string      HTML for the list
*
*/
function MAPS_listmaps()
{
    global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG_MAPS_1;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    if (DB_count($_TABLES['maps_maps']) == 0) {
        return $retval = '';
    }
    $header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => $LANG_MAPS_1['id'], 'field' => 'mid', 'sort' => true), array('text' => $LANG_MAPS_1['name'], 'field' => 'name', 'sort' => true), array('text' => $LANG_MAPS_1['active_field'], 'field' => 'active', 'sort' => true), array('text' => $LANG_MAPS_1['hidden_field'], 'field' => 'hidden', 'sort' => true));
    $defsort_arr = array('field' => 'mid', 'direction' => 'asc');
    $text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/maps/index.php');
    $sql = "SELECT\n\t            *\n            FROM {$_TABLES['maps_maps']}\n\t\t\tWHERE 1=1";
    $query_arr = array('table' => 'maps_maps', 'sql' => $sql, 'query_fields' => array('name', 'description'), 'default_filter' => COM_getPermSQL('AND', 0, 3));
    $retval .= ADMIN_list('maps', 'plugin_getListField_maps', $header_arr, $text_arr, $query_arr, $defsort_arr);
    return $retval;
}
Exemplo n.º 10
0
/**
 * Displays the list of ipn history from the log stored in the database
 *
 */
function PAYPAL_listIPNlog()
{
    global $_CONF, $_TABLES, $LANG_PAYPAL_1, $_USER;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    if (DB_count($_TABLES['paypal_ipnlog']) == 0) {
        $retval .= '<p>' . $LANG_PAYPAL_1['ipnlog_empty'] . '</p>';
    }
    $header_arr = array(array('text' => $LANG_PAYPAL_1['ID'], 'field' => 'id', 'sort' => true), array('text' => $LANG_PAYPAL_1['IP_address'], 'field' => 'ip_addr', 'sort' => true), array('text' => $LANG_PAYPAL_1['date_time'], 'field' => 'time', 'sort' => true), array('text' => $LANG_PAYPAL_1['verified'], 'field' => 'verified', 'sort' => true), array('text' => $LANG_PAYPAL_1['txn_id'], 'field' => 'txn_id', 'sort' => true), array('text' => $LANG_PAYPAL_1['payment_status'], 'field' => 'payment_status', 'sort' => true), array('text' => $LANG_PAYPAL_1['purchaser'], 'field' => 'custom', 'sort' => true));
    $defsort_arr = array('field' => 'id', 'direction' => 'desc');
    $text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/paypal/ipnlog.php');
    $sql = "SELECT * FROM {$_TABLES['paypal_ipnlog']} WHERE 1=1";
    $query_arr = array('table' => 'paypal_ipnlog', 'sql' => $sql, 'query_fields' => array('id', 'ip_addr', 'time', 'verified', 'txn_id', 'ipn_data'), 'default_filter' => COM_getPermSQL('AND', 0, 3));
    $retval .= ADMIN_list('paypal', 'plugin_getListField_paypal_IPNlog', $header_arr, $text_arr, $query_arr, $defsort_arr);
    return $retval;
}
Exemplo n.º 11
0
function PAYPAL_listDownloads()
{
    global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG_PAYPAL_1;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    if (DB_count($_TABLES['paypal_downloads']) == 0) {
        $retval .= '<p>' . $LANG_PAYPAL_1['downloads_history_empty'] . '</p>';
    }
    $header_arr = array(array('text' => $LANG_PAYPAL_1['ID'], 'field' => 'id', 'sort' => true), array('text' => $LANG_PAYPAL_1['product_id'], 'field' => 'product_id', 'sort' => true), array('text' => $LANG_PAYPAL_1['filename_label'], 'field' => 'file', 'sort' => true), array('text' => $LANG_PAYPAL_1['date_time'], 'field' => 'dl_date', 'sort' => true), array('text' => $LANG_PAYPAL_1['user_id'], 'field' => 'user_id', 'sort' => true));
    $defsort_arr = array('field' => 'id', 'direction' => 'desc');
    $text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/paypal/downloads_history.php');
    $sql = "SELECT\n\t            *\n            FROM {$_TABLES['paypal_downloads']}\n\t\t\tWHERE 1=1";
    $query_arr = array('table' => 'paypal_downloads', 'sql' => $sql, 'query_fields' => array('id', 'product_id', 'file', 'dl_date', 'user_id'), 'default_filter' => COM_getPermSQL('AND', 0, 3));
    $retval .= ADMIN_list('paypal', 'plugin_getListField_paypal_downloads', $header_arr, $text_arr, $query_arr, $defsort_arr);
    return $retval;
}
Exemplo n.º 12
0
/**
* Add a file to the submission queue
*
* Most of the code in this function has been lifted from the File Management
* plugin's submit.php
*
*/
function submit_file($submitter, $filename, $title, $desc, $version, $homepage, $cid = 0)
{
    global $_CONF, $_USER, $_FM_TABLES, $_FMDOWNLOAD, $filemgmt_FileStore;
    $myts = new MyTextSanitizer();
    // MyTextSanitizer object
    $name = basename($filename);
    $url = rawurlencode($name);
    $name = $myts->makeTboxData4Save($name);
    $url = $myts->makeTboxData4Save($url);
    if (DB_count($_FM_TABLES['filemgmt_filedetail'], 'url', $name) > 0) {
        COM_errorLog("FM submit_file: file '" . $name . "' already exists in DB");
        return false;
    }
    $title = $myts->makeTboxData4Save($title);
    $homepage = $myts->makeTboxData4Save($homepage);
    $version = $myts->makeTboxData4Save($version);
    $size = sprintf('%u', filesize($filename));
    $description = $myts->makeTareaData4Save($desc);
    //$comments = ($_CONF['comment_code'] == 0) ? 1 : 0;
    $comments = 0;
    // prefer no comments on Geeklog tarballs
    $date = time();
    $tmpfilename = randomfilename();
    $uploadfilename = basename($filename);
    $pos = strrpos($uploadfilename, '.') + 1;
    $fileExtension = strtolower(substr($uploadfilename, $pos));
    if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
        if ($_FMDOWNLOAD[$fileExtension] == 'reject') {
            COM_errorLog("FM submit_file: file extension '" . $fileExtension . "' not allowed.");
            return false;
        }
        $fileExtension = $_FMDOWNLOAD[$fileExtension];
        $tmpfilename = $tmpfilename . '.' . $fileExtension;
        $pos = strrpos($url, '.') + 1;
        $url = strtolower(substr($url, 0, $pos)) . $fileExtension;
    } else {
        $tmpfilename = $tmpfilename . '.' . $fileExtension;
    }
    // would have preferred rename (i.e. move), but ran into file permission
    // problems on www.geeklog.net ...
    copy($filename, $filemgmt_FileStore . 'tmp/' . $tmpfilename);
    $logourl = '';
    DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedetail']} (cid, title, url, homepage, version, size, platform, logourl, submitter, status, date, hits, rating, votes, comments) VALUES ('{$cid}', '{$title}', '{$url}', '{$homepage}', '{$version}', '{$size}', '{$tmpfilename}', '{$logourl}', '{$submitter}', 0, '{$date}', 0, 0, 0, '{$comments}')");
    $newid = DB_insertId();
    DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')");
    return true;
}
Exemplo n.º 13
0
function gf_resyncforum($id)
{
    global $_CONF, $_TABLES;
    COM_errorLog("Re-Syncing Forum id:{$id}");
    // Update all the Topics lastupdated timestamp to that of the last posted comment
    $topicsQuery = DB_query("SELECT id FROM {$_TABLES['gf_topic']} WHERE forum={$id} and pid=0");
    $topicCount = DB_numRows($topicsQuery);
    if ($topicCount > 0) {
        $lastTopicQuery = DB_query("SELECT MAX(id) as maxid FROM {$_TABLES['gf_topic']} WHERE forum={$id}");
        $lasttopic = DB_fetchArray($lastTopicQuery);
        DB_query("UPDATE {$_TABLES['gf_forums']} SET last_post_rec = {$lasttopic['maxid']} WHERE forum_id={$id}");
        $postCount = DB_Count($_TABLES['gf_topic'], 'forum', $id);
        // Update the forum definition record to know the number of topics and number of posts
        DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count={$topicCount}, post_count={$postCount} WHERE forum_id={$id}");
        $recCount = 0;
        while ($trecord = DB_fetchArray($topicsQuery)) {
            $recCount++;
            // Retrieve the oldest post records for this topic and update the lastupdated time in the parent topic record
            $lsql = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['gf_topic']} WHERE pid={$trecord['id']}");
            $lastrec = DB_fetchArray($lsql);
            if ($lastrec['maxid'] != NULL) {
                $postCount = DB_count($_TABLES['gf_topic'], 'forum', $id);
                $latest = DB_getITEM($_TABLES['gf_topic'], date, "id={$lastrec['maxid']}");
                DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = '{$latest}' where id='{$trecord['id']}'");
                // Update the parent topic record to know the id of the Last Reply
                DB_query("UPDATE {$_TABLES['gf_topic']} SET last_reply_rec = {$lastrec['maxid']} where id='{$trecord['id']}'");
            } else {
                $latest = DB_getITEM($_TABLES['gf_topic'], date, "id={$trecord['id']}");
                DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = '{$latest}' WHERE id='{$trecord['id']}'");
            }
            // Recalculate and Update the number of replies
            $numreplies = DB_Count($_TABLES['gf_topic'], "pid", $trecord['id']);
            DB_query("UPDATE {$_TABLES['gf_topic']} SET replies = '{$numreplies}' WHERE id='{$trecord['id']}'");
        }
        COM_errorLog("{$recCount} Topic Records Updated");
    } else {
        DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=0, post_count=0 WHERE forum_id={$id}");
        COM_errorLog("No topic records to resync");
    }
}
Exemplo n.º 14
0
/**
 * Displays the list of ipn history from the log stored in the database
 *
 */
function PAYPAL_listTransactions()
{
    global $_CONF, $_TABLES, $LANG_PAYPAL_1, $_USER;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    if (DB_count($_TABLES['paypal_ipnlog']) == 0) {
        $retval .= '<p>' . $LANG_PAYPAL_1['ipnlog_empty'] . '</p>';
    }
    // Todo make mc_gross sortable (need a new field in paypal_purchases table
    $header_arr = array(array('text' => $LANG_PAYPAL_1['date_time'], 'field' => 'time', 'sort' => true), array('text' => $LANG_PAYPAL_1['user_id'], 'field' => 'user_id', 'sort' => true), array('text' => $LANG_PAYPAL_1['gross_payment'], 'field' => 'mc_gross', 'sort' => false), array('text' => $LANG_PAYPAL_1['txn_id'], 'field' => 'txnid', 'sort' => true), array('text' => $LANG_PAYPAL_1['payment_status'], 'field' => 'status', 'sort' => true));
    $defsort_arr = array('field' => 'time', 'direction' => 'desc');
    $text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/paypal/purchase_history.php');
    $sql = "SELECT i.txn_id AS txnid, i.ipn_data, i.time, u.username, u.uid, p.*\n\t\t\t\tFROM {$_TABLES['paypal_ipnlog']} AS i\n\t\t\tLEFT JOIN \n\t\t\t    {$_TABLES['paypal_purchases']} AS p\n\t\t\tON\n\t\t\t    i.txn_id = p.txn_id\n\t\t\tLEFT JOIN\n\t\t\t\t{$_TABLES['users']} AS u \n\t\t\tON\n\t\t\t\tp.user_id = u.uid\n\t\t\t\n\t\t\tWHERE 1 = 1 AND p.quantity <> ''\n\t\t\t\n\t\t\t";
    $query_arr = array('sql' => $sql, 'default_filter' => 'GROUP BY i.txn_id', 'query_fields' => array('time', 'user_id', 'i.txn_id', 'p.status', 'u.username', 'i.ipn_data'));
    $_SESSION['gross_total'] = 0;
    //TODO $extra params to pass values to getListField
    $retval .= ADMIN_list('paypal', 'PAYPAL_getListField_paypal_transactions', $header_arr, $text_arr, $query_arr, $defsort_arr, $filter = '', $extra = '', $options = '', $form_arr = '', $showsearch = true);
    if ($_SESSION['gross_total'] > 0) {
        $retval .= "<h2>Total page :  {$_SESSION['gross_total']}</h2>";
    }
    return $retval;
}
Exemplo n.º 15
0
function ajaxhandler_assignedVariables($taskid)
{
    global $_TABLES, $op;
    $options = '';
    $sql = "SELECT b.id, b.variableName FROM {$_TABLES['nf_templateassignment']} a, {$_TABLES['nf_templatevariables']} b ";
    if ($op == 'addAssignVar' or $op == 'delAssignVar') {
        $sql .= "WHERE a.nf_processVariable=b.id AND a.nf_templateDataID='{$taskid}'";
        $fieldid = 'selvariableassignment';
        $fieldname = 'task_assignedVariables';
    } elseif ($op == 'addPreNotifyVariable' or $op == 'delPreNotifyVariable') {
        $sql .= "WHERE a.nf_prenotifyVariable=b.id AND a.nf_templateDataID='{$taskid}'";
        if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_prenotifyVariable'), array($taskid, 999)) == 1) {
            $options = "<option value=\"999\">TASK_OWNER</option>";
        }
        $fieldid = 'selprenotify';
        $fieldname = 'task_prenotify';
    } elseif ($op == 'addPostNotifyVariable' or $op == 'delPostNotifyVariable') {
        $sql .= "WHERE a.nf_postnotifyVariable=b.id AND a.nf_templateDataID='{$taskid}'";
        if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_postnotifyVariable'), array($taskid, 999)) == 1) {
            $options = "<option value=\"999\">TASK_OWNER</option>";
        }
        $fieldid = 'selpostnotify';
        $fieldname = 'task_postnotify';
    } elseif ($op == 'addReminderNotifyVariable' or $op == 'delReminderNotifyVariable') {
        $sql .= "WHERE a.nf_remindernotifyVariable=b.id AND a.nf_templateDataID='{$taskid}'";
        if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_remindernotifyVariable'), array($taskid, 999)) == 1) {
            $options = "<option value=\"999\">TASK_OWNER</option>";
        }
        $fieldid = 'selremindernotify';
        $fieldname = 'task_remindernotify';
    }
    $q = DB_query($sql);
    while (list($id, $label) = DB_fetchArray($q)) {
        $options .= "<option value=\"{$id}\">{$label}</option>";
    }
    $html .= '<select id="' . $fieldid . '" name="' . $fieldname . '" size="4" style="width:160px;"><option value="1">' . $options . '</option></select>';
    return htmlentities($html);
}
Exemplo n.º 16
0
/**
* This function allows the administrator to import batches of users
*
* TODO: This function should first display the users that are to be imported,
* together with the invalid users and the reason of invalidity. Each valid line
* should have a checkbox that allows selection of final to be imported users.
* After clicking an extra button, the actual import should take place. This will
* prevent problems in case the list formatting is incorrect.
*
* @return   string          HTML with success or error message
*
*/
function importusers()
{
    global $_CONF, $_TABLES, $LANG04, $LANG28;
    // Setting this to true will cause import to print processing status to
    // webpage and to the error.log file
    $verbose_import = true;
    $retval = '';
    // Bulk import implies admin authorisation:
    $_CONF['usersubmission'] = 0;
    // First, upload the file
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    $upload->setPath($_CONF['path_data']);
    $upload->setAllowedMimeTypes(array('text/plain' => '.txt'));
    $upload->setFileNames('user_import_file.txt');
    if ($upload->uploadFiles()) {
        // Good, file got uploaded, now install everything
        $thefile = current($_FILES);
        $filename = $_CONF['path_data'] . 'user_import_file.txt';
        if (!file_exists($filename)) {
            // empty upload form
            $retval = COM_refresh($_CONF['site_admin_url'] . '/user.php?mode=importform');
            return $retval;
        }
    } else {
        // A problem occurred, print debug information
        $retval = COM_showMessageText($upload->printErrors(false), $LANG28[24]);
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[22]));
        return $retval;
    }
    $users = file($filename);
    $retval .= COM_startBlock($LANG28[31], '', COM_getBlockTemplate('_admin_block', 'header'));
    // Following variables track import processing statistics
    $successes = 0;
    $failures = 0;
    foreach ($users as $line) {
        $line = rtrim($line);
        if (empty($line)) {
            continue;
        }
        list($full_name, $u_name, $email) = explode("\t", $line);
        $full_name = strip_tags($full_name);
        $u_name = COM_applyFilter($u_name);
        $email = COM_applyFilter($email);
        if ($verbose_import) {
            $retval .= "<br" . XHTML . "><b>Working on username={$u_name}, fullname={$full_name}, and email={$email}</b><br" . XHTML . ">\n";
            COM_errorLog("Working on username={$u_name}, fullname={$full_name}, and email={$email}", 1);
        }
        // prepare for database
        $userName = trim($u_name);
        $fullName = trim($full_name);
        $emailAddr = trim($email);
        if (COM_isEmail($email)) {
            // email is valid form
            $ucount = DB_count($_TABLES['users'], 'username', DB_escapeString($userName));
            $ecount = DB_count($_TABLES['users'], 'email', DB_escapeString($emailAddr));
            if ($ucount == 0 && $ecount == 0) {
                // user doesn't already exist - pass in optional true for $batchimport parm
                $uid = USER_createAccount($userName, $emailAddr, '', $fullName, '', '', '', true);
                $result = USER_createAndSendPassword($userName, $emailAddr, $uid);
                if ($result) {
                    $successes++;
                    if ($verbose_import) {
                        $retval .= "<br" . XHTML . "> Account for <b>{$u_name}</b> created successfully.<br" . XHTML . ">\n";
                        COM_errorLog("Account for {$u_name} created successfully", 1);
                    }
                } else {
                    // user creation failed
                    $retval .= "<br" . XHTML . ">ERROR: There was a problem creating the account for <b>{$u_name}</b>.<br" . XHTML . ">\n";
                    COM_errorLog("ERROR: here was a problem creating the account for {$u_name}.", 1);
                }
            } else {
                if ($verbose_import) {
                    $retval .= "<br" . XHTML . "><b>{$u_name}</b> or <b>{$email}</b> already exists, account not created.<br" . XHTML . ">\n";
                    // user already exists
                    COM_errorLog("{$u_name},{$email}: username or email already exists, account not created", 1);
                }
                $failures++;
            }
            // end if $ucount == 0 && ecount == 0
        } else {
            if ($verbose_import) {
                $retval .= "<br" . XHTML . "><b>{$email}</b> is not a valid email address, account not created<br" . XHTML . ">\n";
                // malformed email
                COM_errorLog("{$email} is not a valid email address, account not created", 1);
            }
            $failures++;
        }
        // end if COM_isEmail($email)
    }
    // end foreach
    unlink($filename);
    $retval .= '<p>' . sprintf($LANG28[32], $successes, $failures);
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[24]));
    return $retval;
}
Exemplo n.º 17
0
/**
 * Plugin function that is called after comment form is submitted.
 * Needs to at least save the comment and check return value.
 * Add any additional logic your plugin may need to perform on comments.
 *
 * $title       comment title
 * $comment     comment text
 * $id          Item id to which $cid belongs
 * $pid         comment parent
 * $postmode    'html' or 'text'
 *
 */
function _mg_savecomment($title, $comment, $id, $pid, $postmode)
{
    global $_CONF, $_MG_CONF, $_TABLES, $LANG03;
    $retval = '';
    $title = strip_tags($title);
    $pid = COM_applyFilter($pid, true);
    $postmode = COM_applyFilter($postmode);
    $ret = CMT_saveComment($title, $comment, $id, $pid, 'mediagallery', $postmode);
    if ($ret > 0) {
        $retval = '';
        if (SESS_isSet('glfusion.commentpresave.error')) {
            $retval = COM_showMessageText(SESS_getVar('glfusion.commentpresave.error'), '', true);
            SESS_unSet('glfusion.commentpresave.error');
        }
        $retval .= CMT_commentform($title, $comment, $id, $pid, 'mediagallery', $LANG03[14], $postmode);
        return $retval;
    } else {
        $comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($id), 'mediagallery'));
        DB_change($_TABLES['mg_media'], 'media_comments', $comments, 'media_id', DB_escapeString($id));
        return COM_refresh($_MG_CONF['site_url'] . "/media.php?s={$id}#comments");
    }
}
Exemplo n.º 18
0
function nf_updateMiscDataField($fieldid, $taskid, $projectid, $data)
{
    global $_CONF, $_TABLES, $CONF_NF;
    $fielddata = ppPrepareForDB($data);
    if (!empty($fielddata)) {
        if (DB_count($_TABLES['nf_projectdataresults'], array('field_id', 'project_id', 'task_id'), array($fieldid, $projectid, $taskid))) {
            $sql = "UPDATE {$_TABLES['nf_projectdataresults']} SET textdata = '{$fielddata}' ";
            $sql .= "WHERE field_id={$fieldid} AND project_id={$projectid} AND task_id={$taskid}";
        } else {
            $sql = "INSERT INTO {$_TABLES['nf_projectdataresults']} (field_id,project_id,task_id,textdata) ";
            $sql .= "VALUES ({$fieldid},{$projectid},{$taskid},'{$fielddata}') ";
        }
        DB_query($sql);
    }
}
Exemplo n.º 19
0
 $sql .= "WHERE a.nf_postnotifyVariable=b.id AND a.nf_templateDataID='{$taskID}'";
 $q = DB_query($sql);
 $options = '';
 if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_postnotifyVariable'), array($taskID, 999)) == 1) {
     $options = "<option value=\"999\">TASK_OWNER</option>";
 }
 while (list($id, $label) = DB_fetchArray($q)) {
     $options .= "<option value=\"{$id}\">{$label}</option>";
 }
 $p->set_var('assigned_postNotifyVariables', $options);
 // Set task reminder notify variables dropdown list options
 $sql = "SELECT b.id, b.variableName FROM {$_TABLES['nf_templateassignment']} a, {$_TABLES['nf_templatevariables']} b ";
 $sql .= "WHERE a.nf_remindernotifyVariable=b.id AND a.nf_templateDataID='{$taskID}'";
 $q = DB_query($sql);
 $options = '';
 if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_remindernotifyVariable'), array($taskID, 999)) == 1) {
     $options = "<option value=\"999\">TASK_OWNER</option>";
 }
 while (list($id, $label) = DB_fetchArray($q)) {
     $options .= "<option value=\"{$id}\">{$label}</option>";
 }
 $p->set_var('assigned_reminderNotifyVariables', $options);
 // Set Next-tasks field
 $next_tasks = '';
 if ($taskID != null) {
     $sql = "Select nf_templateDataTo FROM {$_TABLES['nf_templatedatanextstep']} WHERE nf_templateDataFrom={$taskID} ";
     $sql .= "ORDER BY nf_templateDataTo";
     $tempvar = DB_query($sql);
     $numTasks = DB_numRows($tempvar);
     if ($numTasks > 0) {
         for ($tasksCntr = 0; $tasksCntr < $numTasks; $tasksCntr++) {
Exemplo n.º 20
0
/**
 * Save topic to the database
 *
 * @param    string $tid              Topic ID
 * @param    string $topic            Name of topic (what the user sees)
 * @param    int    $inherit          whether to inherit
 * @param    int    $hidden           whether to hide
 * @param    string $parent_id        Parent ID
 * @param    string $imageUrl         (partial) URL to topic image
 * @param    string $meta_description Topic meta description
 * @param    string $meta_keywords    Topic meta keywords
 * @param    int    $sortNum          number for sort order in "Topics" block
 * @param    int    $limitNews        number of stories per page for this topic
 * @param    int    $owner_id         ID of owner
 * @param    int    $group_id         ID of group topic belongs to
 * @param    int    $perm_owner       Permissions the owner has
 * @param    int    $perm_group       Permissions the group has
 * @param    int    $perm_members     Permissions members have
 * @param    int    $perm_anon        Permissions anonymous users have
 * @param    string $is_default       'on' if this is the default topic
 * @param    string $is_archive       'on' if this is the archive topic
 * @return   string                   HTML redirect or error message
 */
function savetopic($tid, $topic, $inherit, $hidden, $parent_id, $imageUrl, $meta_description, $meta_keywords, $sortNum, $limitNews, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $is_default, $is_archive)
{
    global $_CONF, $_TABLES, $_USER, $LANG27, $MESSAGE;
    $retval = '';
    // Convert array values to numeric permission values
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    $tid = COM_sanitizeID($tid);
    // Check if tid is a restricted name
    $restricted_tid = false;
    if (!strcasecmp($tid, TOPIC_ALL_OPTION) || !strcasecmp($tid, TOPIC_NONE_OPTION) || !strcasecmp($tid, TOPIC_HOMEONLY_OPTION) || !strcasecmp($tid, TOPIC_SELECTED_OPTION) || !strcasecmp($tid, TOPIC_ROOT)) {
        $restricted_tid = true;
    }
    // Check if tid is used by another topic
    $duplicate_tid = false;
    $old_tid = '';
    if (isset($_POST['old_tid'])) {
        $old_tid = COM_applyFilter($_POST['old_tid']);
        if (!empty($old_tid)) {
            $old_tid = COM_sanitizeID($old_tid);
            // See if new topic id
            if (strcasecmp($tid, $old_tid)) {
                if (!strcasecmp($tid, DB_getItem($_TABLES['topics'], 'tid', "tid = '{$tid}'"))) {
                    $duplicate_tid = true;
                }
            }
        } else {
            if (!strcasecmp($tid, DB_getItem($_TABLES['topics'], 'tid', "tid = '{$tid}'"))) {
                $duplicate_tid = true;
            }
        }
    }
    // Make sure parent id exists
    $parent_id_found = false;
    if ($parent_id == DB_getItem($_TABLES['topics'], 'tid', "tid = '{$parent_id}'") || $parent_id == TOPIC_ROOT) {
        $parent_id_found = true;
    }
    // Check if parent archive topic, if so bail
    $archive_parent = false;
    $archive_tid = DB_getItem($_TABLES['topics'], 'tid', 'archive_flag = 1');
    if ($parent_id == $archive_tid) {
        $archive_parent = true;
    }
    // If archive topic, make sure no child topics else bail
    $archive_child = false;
    $is_archive = $is_archive == 'on' ? 1 : 0;
    if ($is_archive) {
        if ($tid == DB_getItem($_TABLES['topics'], 'parent_id', "parent_id = '{$tid}'")) {
            $archive_child = true;
        }
    }
    if (DB_count($_TABLES['topics'], 'tid', $tid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$tid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    if ($access < 3 || !SEC_inGroup($group_id)) {
        $retval .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $MESSAGE[30]));
        COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
    } else {
        // Now check access to parent topic
        if ($parent_id != TOPIC_ROOT) {
            if (DB_count($_TABLES['topics'], 'tid', $parent_id) > 0) {
                $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$parent_id}'");
                $A = DB_fetchArray($result);
                $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
            }
            $in_Group = SEC_inGroup($A['group_id']);
        } else {
            $access = 3;
            $in_Group = true;
        }
        if ($access < 3 || !$in_Group) {
            $retval .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $MESSAGE[30]));
            COM_accessLog("User {$_USER['username']} tried to illegally assign topic {$tid} to {$parent_id}.");
        } elseif (!empty($tid) && !empty($topic) && !$restricted_tid && !$duplicate_tid && !$archive_parent && !$archive_child && $parent_id_found) {
            if ($imageUrl === '/images/topics/') {
                $imageUrl = '';
            }
            $topic = GLText::remove4byteUtf8Chars(strip_tags($topic));
            $topic = DB_escapeString($topic);
            $meta_description = GLText::remove4byteUtf8Chars(strip_tags($meta_description));
            $meta_description = DB_escapeString($meta_description);
            $meta_keywords = GLText::remove4byteUtf8Chars(strip_tags($meta_keywords));
            $meta_keywords = DB_escapeString($meta_keywords);
            if ($is_default == 'on') {
                $is_default = 1;
                DB_query("UPDATE {$_TABLES['topics']} SET is_default = 0 WHERE is_default = 1");
            } else {
                $is_default = 0;
            }
            if ($is_archive) {
                // $tid is the archive topic
                // - if it wasn't already, mark all its stories "archived" now
                if ($archive_tid != $tid) {
                    $sql = "UPDATE {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n                            SET s.featured = 0, s.frontpage = 0, s.statuscode = " . STORY_ARCHIVE_ON_EXPIRE . "\n                            WHERE ta.type = 'article' AND ta.tid = '{$tid}' AND ta.id = s.sid";
                    DB_query($sql);
                    $sql = "UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1";
                    DB_query($sql);
                }
                // Set hidden and inherit to false since archive topic now
                $inherit = '';
                $hidden = '';
            } else {
                // $tid is not the archive topic
                // - if it was until now, reset the "archived" status of its stories
                if ($archive_tid == $tid) {
                    $sql = "UPDATE {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n                            SET s.statuscode = 0\n                            WHERE ta.type = 'article' AND ta.tid = '{$tid}' AND ta.id = s.sid";
                    DB_query($sql);
                    $sql = "UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1";
                    DB_query($sql);
                }
            }
            $inherit = $inherit == 'on' ? 1 : 0;
            $hidden = $hidden == 'on' ? 1 : 0;
            // Cannot hide root topics so switch if needed
            if ($parent_id == TOPIC_ROOT && $hidden == 1) {
                $hidden = 0;
            }
            // If not a new topic and id change then...
            if (!empty($old_tid)) {
                if ($tid != $old_tid) {
                    changetopicid($tid, $old_tid);
                    $old_tid = DB_escapeString($old_tid);
                    DB_delete($_TABLES['topics'], 'tid', $old_tid);
                }
            }
            DB_save($_TABLES['topics'], 'tid, topic, inherit, hidden, parent_id, imageurl, meta_description, meta_keywords, sortnum, limitnews, is_default, archive_flag, owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon', "'{$tid}', '{$topic}', {$inherit}, {$hidden}, '{$parent_id}', '{$imageUrl}', '{$meta_description}', '{$meta_keywords}','{$sortNum}','{$limitNews}',{$is_default},'{$is_archive}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}");
            if ($old_tid != $tid) {
                PLG_itemSaved($tid, 'topic', $old_tid);
            } else {
                PLG_itemSaved($tid, 'topic');
            }
            // Reorder Topics, Delete topic cache and reload topic tree
            reorderTopics();
            // update feed(s)
            COM_rdfUpToDateCheck('article', $tid);
            COM_redirect($_CONF['site_admin_url'] . '/topic.php?msg=13');
        } elseif ($restricted_tid) {
            $retval .= COM_errorLog($LANG27[31], 2);
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
        } elseif ($duplicate_tid) {
            $retval .= COM_errorLog($LANG27[49], 2);
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
        } elseif ($archive_parent) {
            $retval .= COM_errorLog($LANG27[46], 2);
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
        } elseif ($archive_child) {
            $retval .= COM_errorLog($LANG27[47], 2);
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
        } elseif (!$parent_id_found) {
            $retval .= COM_errorLog($LANG27[48], 2);
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
        } else {
            $retval .= COM_errorLog($LANG27[7], 2);
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
        }
    }
    return $retval;
}
Exemplo n.º 21
0
 echo ppNavbar($navbarMenu);
 list($questions, $answers, $score) = DB_fetchArray($query);
 echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">';
 echo '<tr><td width="100%" style="padding-left:5px;">Your score for the quiz <b>' . $quizname . '</b> was: ' . $score . '/' . $total_score . ', pass score is: ' . $pass_score;
 echo $helpmsg . '</td></tr>';
 echo '<tr><td width="100%"><hr></td></tr>';
 echo '<tr><td width="100%">';
 $arrQuest = explode(",", $questions);
 $arrAns = explode(",", $answers);
 $i = 0;
 foreach ($arrQuest as $qid) {
     $quizResultAnsID = $arrAns[$i];
     $i++;
     $query = DB_query("SELECT  question, qanswer, qvalue FROM {$_TABLES['quiz_questions']} WHERE qid={$qid}");
     list($question, $qanswer, $qvalue) = DB_fetchArray($query);
     if (DB_count($_TABLES['quiz_images'], "qid", $qid) != 0) {
         $imageonfile = true;
     } else {
         $imageonfile = false;
     }
     echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">
             <tr> 
             <td colspan="4"align="left">' . $i . ') ' . $question . '<br><span style="padding-left:18px;"><b>Value:&nbsp;</b>' . $qvalue . '</span></td>
             </tr>
             <tr>';
     if ($imageonfile) {
         $iquery = DB_query("SELECT * FROM {$_TABLES['quiz_images']} WHERE qid={$qid}");
         list($id, $qid, $filename, $title) = DB_fetchArray($iquery);
         $questionimage = $_CONF['site_url'] . "/quiz/question_images/{$qid}/{$filename}";
         echo '<td valign="top" style="padding:5px;"><img src="' . $questionimage . '"></td>';
     } else {
Exemplo n.º 22
0
/**
* Creates list of uninstalled plugins (if any) and offers install link to them.
*
* @param    string  $token  Security token to use in list
* @return   string          HTML containing list of uninstalled plugins
*
*/
function show_newplugins($token)
{
    global $_CONF, $_TABLES, $LANG32;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $plugins = array();
    $plugins_dir = $_CONF['path'] . 'plugins/';
    $fd = opendir($plugins_dir);
    $index = 1;
    $retval = '';
    $data_arr = array();
    while (($dir = @readdir($fd)) == TRUE) {
        if ($dir != '.' && $dir != '..' && $dir != 'CVS' && substr($dir, 0, 1) != '.' && is_dir($plugins_dir . $dir)) {
            clearstatcache();
            // Check and see if this plugin is installed - if there is a record.
            // If not then it's a new plugin
            if (DB_count($_TABLES['plugins'], 'pi_name', $dir) == 0) {
                $plugin_ok = false;
                $plugin_new_style = false;
                // additionally, check if a 'functions.inc' exists
                if (file_exists($plugins_dir . $dir . '/functions.inc')) {
                    // new plugins will have a autoinstall.php
                    if (file_exists($plugins_dir . $dir . '/autoinstall.php')) {
                        $plugin_ok = true;
                        $plugin_new_style = true;
                    } else {
                        // and finally, since we're going to link to it, check
                        // if an install script exists
                        $adminurl = $_CONF['site_admin_url'];
                        if (strrpos($adminurl, '/') == strlen($adminurl)) {
                            $adminurl = substr($adminurl, 0, -1);
                        }
                        $pos = strrpos($adminurl, '/');
                        if ($pos === false) {
                            // didn't work out - use the URL
                            $admindir = $_CONF['site_admin_url'];
                        } else {
                            $admindir = $_CONF['path_html'] . substr($adminurl, $pos + 1);
                        }
                        $fh = @fopen($admindir . '/plugins/' . $dir . '/install.php', 'r');
                        if ($fh) {
                            fclose($fh);
                            $plugin_ok = true;
                            $plugin_new_style = false;
                        }
                    }
                    if ($plugin_ok) {
                        if ($plugin_new_style) {
                            $url = $_CONF['site_admin_url'] . '/plugins.php' . '?mode=autoinstall&amp;plugin=' . $dir;
                        } else {
                            $url = $_CONF['site_admin_url'] . '/plugins/' . $dir . '/install.php?action=install';
                        }
                        $url .= '&amp;' . CSRF_TOKEN . '=' . $token;
                        $data_arr[] = array('pi_name' => $dir, 'pi_display_name' => plugin_get_pluginname($dir), 'pi_gl_version' => '', 'number' => $index, 'install_link' => $url);
                        $index++;
                    }
                }
            }
        }
    }
    $header_arr = array(array('text' => $LANG32[59], 'field' => 'info_uninstalled'), array('text' => $LANG32[16], 'field' => 'pi_display_name'), array('text' => $LANG32[17], 'field' => 'pi_version'), array('text' => $LANG32[50], 'field' => 'pi_dependencies'), array('text' => $LANG32[22], 'field' => 'install_link'));
    $text_arr = array('title' => $LANG32[14]);
    $retval .= ADMIN_simpleList('ADMIN_getListField_newplugins', $header_arr, $text_arr, $data_arr);
    return $retval;
}
Exemplo n.º 23
0
/**
 * Submit static page. The page is updated if it exists, or a new one is created
 *
 * @param   array   args     Contains all the data provided by the client
 * @param   string  &output  OUTPUT parameter containing the returned text
 * @param   string  &svc_msg OUTPUT parameter containing any service messages
 * @return  int		     Response code as defined in lib-plugins.php
 */
function service_submit_staticpages($args, &$output, &$svc_msg)
{
    global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG12, $LANG_STATIC, $LANG_LOGIN, $_GROUPS, $_SP_CONF;
    $output = '';
    if (!SEC_hasRights('staticpages.edit')) {
        $output = COM_siteHeader('menu', $LANG_STATIC['access_denied']);
        $output .= COM_showMessageText($LANG_STATIC['access_denied_msg'], $LANG_STATIC['access_denied'], true);
        $output .= COM_siteFooter();
        return PLG_RET_AUTH_FAILED;
    }
    if (defined('DEMO_MODE')) {
        $output = COM_siteHeader('menu');
        $output .= COM_showMessageText('Option disabled in Demo Mode', 'Option disabled in Demo Mode', true);
        $output .= COM_siteFooter();
        return PLG_REG_AUTH_FAILED;
    }
    $gl_edit = false;
    if (isset($args['gl_edit'])) {
        $gl_edit = $args['gl_edit'];
    }
    if ($gl_edit) {
        // This is EDIT mode, so there should be an sp_old_id
        if (empty($args['sp_old_id'])) {
            if (!empty($args['id'])) {
                $args['sp_old_id'] = $args['id'];
            } else {
                return PLG_RET_ERROR;
            }
            if (empty($args['sp_id'])) {
                $args['sp_id'] = $args['sp_old_id'];
            }
        }
    } else {
        if (empty($args['sp_id']) && !empty($args['id'])) {
            $args['sp_id'] = $args['id'];
        }
    }
    if (empty($args['sp_uid'])) {
        $args['sp_uid'] = $_USER['uid'];
    }
    if (empty($args['sp_title']) && !empty($args['title'])) {
        $args['sp_title'] = $args['title'];
    }
    if (empty($args['sp_content']) && !empty($args['content'])) {
        $args['sp_content'] = $args['content'];
    }
    if (isset($args['category']) && is_array($args['category']) && !empty($args['category'][0])) {
        $args['sp_tid'] = $args['category'][0];
    }
    if (!isset($args['owner_id'])) {
        $args['owner_id'] = $_USER['uid'];
    }
    if (empty($args['group_id'])) {
        $args['group_id'] = SEC_getFeatureGroup('staticpages.edit', $_USER['uid']);
    }
    $args['sp_id'] = COM_sanitizeID($args['sp_id']);
    if (!$gl_edit) {
        if (strlen($args['sp_id']) > STATICPAGE_MAX_ID_LENGTH) {
            if (function_exists('WS_makeId')) {
                $args['sp_id'] = WS_makeId($slug, STATICPAGE_MAX_ID_LENGTH);
            } else {
                $args['sp_id'] = COM_makeSid();
            }
        }
    }
    // Apply filters to the parameters passed by the webservice
    if ($args['gl_svc']) {
        $par_str = array('mode', 'sp_id', 'sp_old_id', 'sp_tid', 'sp_format', 'postmode');
        $par_num = array('sp_uid', 'sp_hits', 'owner_id', 'group_id', 'sp_where', 'sp_php', 'commentcode', 'sp_search', 'sp_status');
        foreach ($par_str as $str) {
            if (isset($args[$str])) {
                $args[$str] = COM_applyBasicFilter($args[$str]);
            } else {
                $args[$str] = '';
            }
        }
        foreach ($par_num as $num) {
            if (isset($args[$num])) {
                $args[$num] = COM_applyBasicFilter($args[$num], true);
            } else {
                $args[$num] = 0;
            }
        }
    }
    // START: Staticpages defaults
    if ($args['sp_status'] != 1) {
        $args['sp_status'] = 0;
    }
    if (empty($args['sp_format'])) {
        $args['sp_format'] = 'allblocks';
    }
    if (empty($args['sp_tid'])) {
        $args['sp_tid'] = 'all';
    }
    if ($args['sp_where'] < 0 || $args['sp_where'] > 4) {
        $args['sp_where'] = 0;
    }
    if ($args['sp_php'] < 0 || $args['sp_php'] > 2) {
        $args['sp_php'] = 0;
    }
    if ($args['commentcode'] < -1 || $args['commentcode'] > 1) {
        $args['commentcode'] = $_CONF['comment_code'];
    }
    if ($args['sp_search'] != 1) {
        $args['sp_search'] = 0;
    }
    if ($args['gl_svc']) {
        // Permissions
        if (!isset($args['perm_owner'])) {
            $args['perm_owner'] = $_SP_CONF['default_permissions'][0];
        } else {
            $args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true);
        }
        if (!isset($args['perm_group'])) {
            $args['perm_group'] = $_SP_CONF['default_permissions'][1];
        } else {
            $args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true);
        }
        if (!isset($args['perm_members'])) {
            $args['perm_members'] = $_SP_CONF['default_permissions'][2];
        } else {
            $args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true);
        }
        if (!isset($args['perm_anon'])) {
            $args['perm_anon'] = $_SP_CONF['default_permissions'][3];
        } else {
            $args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true);
        }
        if (!isset($args['sp_onmenu'])) {
            $args['sp_onmenu'] = '';
        } else {
            if ($args['sp_onmenu'] == 'on' && empty($args['sp_label'])) {
                $svc_msg['error_desc'] = 'Menu label missing';
                return PLG_RET_ERROR;
            }
        }
        if (empty($args['sp_content'])) {
            $svc_msg['error_desc'] = 'No content';
            return PLG_RET_ERROR;
        }
        if (empty($args['sp_inblock']) && $_SP_CONF['in_block'] == '1') {
            $args['sp_inblock'] = 'on';
        }
        if (empty($args['sp_centerblock'])) {
            $args['sp_centerblock'] = '';
        }
    }
    // END: Staticpages defaults
    $sp_id = $args['sp_id'];
    $sp_status = $args['sp_status'];
    $sp_uid = $args['sp_uid'];
    $sp_title = $args['sp_title'];
    $sp_content = $args['sp_content'];
    $sp_hits = $args['sp_hits'];
    $sp_format = $args['sp_format'];
    $sp_onmenu = $args['sp_onmenu'];
    $sp_label = '';
    if (!empty($args['sp_label'])) {
        $sp_label = $args['sp_label'];
    }
    $commentcode = $args['commentcode'];
    $owner_id = $args['owner_id'];
    $group_id = $args['group_id'];
    $perm_owner = $args['perm_owner'];
    $perm_group = $args['perm_group'];
    $perm_members = $args['perm_members'];
    $perm_anon = $args['perm_anon'];
    $sp_php = $args['sp_php'];
    $sp_nf = '';
    if (!empty($args['sp_nf'])) {
        $sp_nf = $args['sp_nf'];
    }
    $sp_old_id = $args['sp_old_id'];
    $sp_centerblock = $args['sp_centerblock'];
    $sp_help = '';
    if (!empty($args['sp_help'])) {
        $sp_help = $args['sp_help'];
    }
    $sp_tid = $args['sp_tid'];
    $sp_where = $args['sp_where'];
    $sp_inblock = $args['sp_inblock'];
    $postmode = $args['postmode'];
    $sp_search = $args['sp_search'];
    if ($gl_edit && !empty($args['gl_etag'])) {
        // First load the original staticpage to check if it has been modified
        $o = array();
        $s = array();
        $r = service_get_staticpages(array('sp_id' => $sp_old_id, 'gl_svc' => true), $o, $s);
        if ($r == PLG_RET_OK) {
            if ($args['gl_etag'] != $o['updated']) {
                $svc_msg['error_desc'] = 'A more recent version of the staticpage is available';
                return PLG_RET_PRECONDITION_FAILED;
            }
        } else {
            $svc_msg['error_desc'] = 'The requested staticpage no longer exists';
            return PLG_RET_ERROR;
        }
    }
    // Check for unique page ID
    $duplicate_id = false;
    $delete_old_page = false;
    if (DB_count($_TABLES['staticpage'], 'sp_id', $sp_id) > 0) {
        if ($sp_id != $sp_old_id) {
            $duplicate_id = true;
        }
    } elseif (!empty($sp_old_id)) {
        if ($sp_id != $sp_old_id) {
            $delete_old_page = true;
        }
    }
    if ($duplicate_id) {
        $output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
        $output .= COM_errorLog($LANG_STATIC['duplicate_id'], 2);
        if (!$args['gl_svc']) {
            $output .= PAGE_edit($sp_id);
        }
        $output .= COM_siteFooter();
        $svc_msg['error_desc'] = 'Duplicate ID';
        return PLG_RET_ERROR;
    } elseif (!empty($sp_title) && !empty($sp_content)) {
        if (empty($sp_hits)) {
            $sp_hits = 0;
        }
        if ($sp_onmenu == 'on') {
            $sp_onmenu = 1;
        } else {
            $sp_onmenu = 0;
        }
        if ($sp_nf == 'on') {
            $sp_nf = 1;
        } else {
            $sp_nf = 0;
        }
        if ($sp_centerblock == 'on') {
            $sp_centerblock = 1;
        } else {
            $sp_centerblock = 0;
        }
        if ($sp_inblock == 'on') {
            $sp_inblock = 1;
        } else {
            $sp_inblock = 0;
        }
        // Clean up the text
        if ($_SP_CONF['censor'] == 1) {
            $sp_content = COM_checkWords($sp_content);
            $sp_title = COM_checkWords($sp_title);
        }
        if ($_SP_CONF['filter_html'] == 1) {
            $sp_content = COM_checkHTML($sp_content, 'staticpages.edit');
        }
        $sp_title = strip_tags($sp_title);
        $sp_label = strip_tags($sp_label);
        $sp_content = DB_escapeString($sp_content);
        $sp_title = DB_escapeString($sp_title);
        $sp_label = DB_escapeString($sp_label);
        // If user does not have php edit perms, then set php flag to 0.
        if ($_SP_CONF['allow_php'] != 1 || !SEC_hasRights('staticpages.PHP')) {
            $sp_php = 0;
        }
        // make sure there's only one "entire page" static page per topic
        if ($sp_centerblock == 1 && $sp_where == 0) {
            $sql = "UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 0 WHERE sp_centerblock = 1 AND sp_where = 0 AND sp_tid = '" . DB_escapeString($sp_tid) . "'";
            // multi-language configuration - allow one entire page
            // centerblock for all or none per language
            if (!empty($_CONF['languages']) && !empty($_CONF['language_files']) && ($sp_tid == 'all' || $sp_tid == 'none')) {
                $ids = explode('_', $sp_id);
                if (count($ids) > 1) {
                    $lang_id = array_pop($ids);
                    $sql .= " AND sp_id LIKE '%\\_" . DB_escapeString($lang_id) . "'";
                }
            }
            DB_query($sql);
        }
        $formats = array('allblocks', 'blankpage', 'leftblocks', 'rightblocks', 'noblocks');
        if (!in_array($sp_format, $formats)) {
            $sp_format = 'allblocks';
        }
        if (!$args['gl_svc']) {
            list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
        }
        DB_save($_TABLES['staticpage'], 'sp_id,sp_status,sp_uid,sp_title,sp_content,sp_date,sp_hits,sp_format,sp_onmenu,sp_label,commentcode,owner_id,group_id,' . 'perm_owner,perm_group,perm_members,perm_anon,sp_php,sp_nf,sp_centerblock,sp_help,sp_tid,sp_where,sp_inblock,postmode,sp_search', "'{$sp_id}',{$sp_status}, {$sp_uid},'{$sp_title}','{$sp_content}',NOW(),{$sp_hits},'{$sp_format}',{$sp_onmenu},'{$sp_label}','{$commentcode}',{$owner_id},{$group_id}," . "{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},'{$sp_php}','{$sp_nf}',{$sp_centerblock},'{$sp_help}','{$sp_tid}',{$sp_where}," . "'{$sp_inblock}','{$postmode}',{$sp_search}");
        if ($delete_old_page && !empty($sp_old_id)) {
            DB_delete($_TABLES['staticpage'], 'sp_id', $sp_old_id);
            DB_change($_TABLES['comments'], 'sid', DB_escapeString($sp_id), array('sid', 'type'), array(DB_escapeString($sp_old_id), 'staticpages'));
            PLG_itemDeleted($sp_old_id, 'staticpages');
        }
        PLG_itemSaved($sp_id, 'staticpages');
        $url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $sp_id);
        $output .= PLG_afterSaveSwitch($_SP_CONF['aftersave'], $url, 'staticpages');
        $svc_msg['id'] = $sp_id;
        return PLG_RET_OK;
    } else {
        $output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
        $output .= COM_errorLog($LANG_STATIC['no_title_or_content'], 2);
        if (!$args['gl_svc']) {
            $output .= PAGE_edit($sp_id);
        }
        $output .= COM_siteFooter();
        return PLG_RET_ERROR;
    }
}
Exemplo n.º 24
0
/**
 * Move a route UP or Down
 *
 * @param int $rid
 */
function moveRoute($rid)
{
    global $_TABLES;
    $rid = intval($rid, 10);
    $direction = \Geeklog\Input::fGet('dir', '');
    // if the router id exists
    if (DB_count($_TABLES['routes'], 'rid', $rid)) {
        $rid = DB_escapeString($rid);
        if ($direction === 'up') {
            $sql = "UPDATE {$_TABLES['routes']} SET priority = priority - 11 WHERE rid = " . $rid;
            DB_query($sql);
            reorderRoutes();
        } elseif ($direction === 'down') {
            $sql = "UPDATE {$_TABLES['routes']} SET priority = priority + 11 WHERE rid = " . $rid;
            DB_query($sql);
            reorderRoutes();
        }
    } else {
        COM_errorLog("block admin error: Attempt to move an non-existing route id: {$rid}");
    }
}
Exemplo n.º 25
0
     $numpages = 1;
     $offset = 0;
     $show = 0;
     $skipForum = true;
 } else {
     if ($show == 0 and $FF_userprefs['topicsperpage'] > 0) {
         $show = $FF_userprefs['topicsperpage'];
     } elseif ($show == 0) {
         $show = 20;
     }
     // Check if this is the first page.
     if ($page == 0) {
         $page = 1;
     }
     $topicCount = 0;
     $topicCount = DB_count($_TABLES['ff_topic'], array('pid', 'forum'), array(0, $forum));
     $numpages = ceil($topicCount / $show);
     $offset = ($page - 1) * $show;
 }
 $base_url = $_CONF['site_url'] . '/forum/index.php?forum=' . $forum . '&amp;show=' . $show;
 $displaypostpages = '';
 $dt = new Date('now', $_USER['tzid']);
 $topiclisting = new Template($_CONF['path'] . 'plugins/forum/templates/');
 $topiclisting->set_file('topiclisting', 'topiclisting.thtml');
 $topiclisting->set_var(array('LANG_HOME' => $LANG_GF01['HOMEPAGE'], 'forum_home' => $LANG_GF01['INDEXPAGE'], 'navbreadcrumbsimg' => '<img src="' . _ff_getImage('nav_breadcrumbs') . '" alt=""/>', 'img_asc1' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc2' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc3' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc4' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc5' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_desc1' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc2' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc3' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc4' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc5' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'tooltip_style' => COM_getToolTipStyle()));
 switch ($sort) {
     case 1:
         if ($order == 0) {
             $sortOrder = "subject ASC";
             $topiclisting->set_var('img_asc1', '<img src="' . _ff_getImage('asc_on') . '" alt=""/>');
             $topiclisting->set_var('sort_subject', true);
Exemplo n.º 26
0
function _userSetnewpwd()
{
    global $_CONF, $_TABLES, $_USER, $LANG04;
    $retval = '';
    if (empty($_POST['passwd']) || $_POST['passwd'] != $_POST['passwd_conf']) {
        echo COM_refresh($_CONF['site_url'] . '/users.php?mode=newpwd&amp;uid=' . COM_applyFilter($_POST['uid'], true) . '&amp;rid=' . COM_applyFilter($_POST['rid']));
    } else {
        $uid = COM_applyFilter($_POST['uid'], true);
        $reqid = COM_sanitizeID(COM_applyFilter($_POST['rid']));
        if (!empty($uid) && is_numeric($uid) && $uid > 1 && !empty($reqid) && strlen($reqid) == 16) {
            $uid = (int) $uid;
            $safereqid = DB_escapeString($reqid);
            $valid = DB_count($_TABLES['users'], array('uid', 'pwrequestid'), array($uid, $safereqid));
            if ($valid == 1) {
                $passwd = SEC_encryptPassword($_POST['passwd']);
                DB_change($_TABLES['users'], 'passwd', DB_escapeString($passwd), "uid", $uid);
                DB_delete($_TABLES['sessions'], 'uid', $uid);
                DB_change($_TABLES['users'], 'pwrequestid', "NULL", 'uid', $uid);
                echo COM_refresh($_CONF['site_url'] . '/users.php?msg=53');
            } else {
                // request invalid or expired
                $retval .= COM_showMessage(54, '', '', 1, 'error');
                $retval .= getpasswordform();
            }
        } else {
            // this request doesn't make sense - ignore it
            echo COM_refresh($_CONF['site_url']);
        }
    }
}
Exemplo n.º 27
0
 /**
  * Checks for Static Pages Version
  * Note: Needed for upgrades from old versions - don't remove.
  *
  * @return int indicates which version of the plugin we're dealing with:
  *             - 0 = not installed,
  *             - 1 = original plugin,
  *             - 2 = version by Phill or Tom,
  *             - 3 = v1.3 (center block, etc.),
  *             - 4 = v1.4 ('in block' flag)
  */
 private function getStaticPagesVersion()
 {
     global $_TABLES;
     $retval = 0;
     if (DB_count($_TABLES['plugins'], 'pi_name', 'staticpages') > 0) {
         $result = DB_query("DESCRIBE {$_TABLES['staticpage']}");
         $numRows = DB_numRows($result);
         $retval = 1;
         // assume v1.1 for now ...
         for ($i = 0; $i < $numRows; $i++) {
             $A = DB_fetchArray($result, true);
             if ($A[0] === 'sp_nf') {
                 $retval = 3;
                 // v1.3
             } elseif ($A[0] === 'sp_pos') {
                 $retval = 2;
                 // v1.2
             } elseif ($A[0] === 'sp_inblock') {
                 $retval = 4;
                 // v1.4
                 break;
             }
         }
     }
     return $retval;
 }
Exemplo n.º 28
0
/**
* List logged requests
*
* @param    int     $page   page number
* @return   string          HTML for list of entries
*
*/
function _bb_listEntries($page = 1, $msg = '')
{
    global $_CONF, $_USER, $_TABLES, $LANG_BAD_BEHAVIOR, $LANG_BB2_RESPONSE, $LANG_ADMIN;
    $retval = '';
    if ($page < 1) {
        $page = 1;
    }
    $filter = 'all';
    if (isset($_REQUEST['filter'])) {
        $filter = COM_applyFilter($_REQUEST['filter']);
    }
    $where = '';
    if ($filter != 'all') {
        $where = ' WHERE ' . WP_BB_LOG . '.key="' . DB_escapeString($filter) . '"';
    }
    $start = ($page - 1) * 50;
    if ($filter != 'all') {
        $entries = DB_count(WP_BB_LOG, WP_BB_LOG . '.key', DB_escapeString($filter));
    } else {
        $entries = DB_count(WP_BB_LOG);
    }
    if ($start > $entries) {
        $start = 1;
        $page = 1;
    }
    $donate = $LANG_BAD_BEHAVIOR['description'];
    if (DB_getItem($_TABLES['vars'], 'value', "name = 'bad_behavior2.donate'") == 1) {
        $donate .= '<p>' . $LANG_BAD_BEHAVIOR['donate_msg'] . '</p>' . LB;
    }
    // writing the menu on top
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/ban.php', 'text' => 'List Banned IPs'), array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/ban.php?mode=add', 'text' => 'Ban IPs'), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $retval .= COM_startBlock($LANG_BAD_BEHAVIOR['plugin_display_name'] . ' - ' . $LANG_BAD_BEHAVIOR['block_title_list'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= ADMIN_createMenu($menu_arr, $donate, $_CONF['site_url'] . '/bad_behavior2/images/bad_behavior2.png');
    $retval .= '<br />';
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, 'bad_behavior2');
    }
    $templates = new Template($_CONF['path'] . 'plugins/' . BAD_BEHAVIOR_PLUGIN . '/templates');
    $templates->set_file('list', 'log.thtml');
    $templates->set_var(array('lang_ip' => $LANG_BAD_BEHAVIOR['row_ip'], 'lang_user_agent' => $LANG_BAD_BEHAVIOR['row_user_agent'], 'lang_referer' => $LANG_BAD_BEHAVIOR['row_referer'], 'lang_reason' => $LANG_BAD_BEHAVIOR['row_reason'], 'lang_response' => $LANG_BAD_BEHAVIOR['row_response'], 'lang_method' => $LANG_BAD_BEHAVIOR['row_method'], 'lang_protocol' => $LANG_BAD_BEHAVIOR['row_protocol'], 'lang_date' => $LANG_BAD_BEHAVIOR['row_date'], 'lang_search' => $LANG_BAD_BEHAVIOR['search'], 'lang_ip_date' => $LANG_BAD_BEHAVIOR['ip_date'], 'lang_headers' => $LANG_BAD_BEHAVIOR['headers'], 'lang_filter_select' => $LANG_BAD_BEHAVIOR['filter'], 'lang_go' => $LANG_BAD_BEHAVIOR['go']));
    $filter_select = '<option value="all"';
    if ($filter == '') {
        $filter_select .= ' selected="selected" ';
    }
    $filter_select .= '>' . $LANG_BAD_BEHAVIOR['no_filter'] . '</option>';
    foreach ($LANG_BB2_RESPONSE as $code => $text) {
        $filter_select .= '<option value="' . $code . '"';
        if ($filter == $code) {
            $filter_select .= ' selected="selected" ';
        }
        $filter_select .= '>' . $text . '</option>';
    }
    $templates->set_var('filter_select', $filter_select);
    $result = DB_query("SELECT id,ip,date,request_method,request_uri,server_protocol,http_headers,user_agent,request_entity,`key` FROM " . WP_BB_LOG . " " . $where . " ORDER BY date DESC LIMIT {$start},50");
    $num = DB_numRows($result);
    $templates->set_block('list', 'logrow', 'lrow');
    for ($i = 0; $i < $num; $i++) {
        $A = DB_fetchArray($result);
        $lcount = 50 * ($page - 1) + $i + 1;
        foreach ($A as $key => $val) {
            $A[$key] = htmlspecialchars($val, ENT_QUOTES, COM_getEncodingt());
        }
        $dt = new Date($A['date'], $_USER['tzid']);
        $headers = str_replace("\n", "<br/>\n", $A['http_headers']);
        $headers = str_replace("User-Agent:", "<strong>User-Agent:</strong>", $headers);
        $headers = str_replace("Host:", "<strong>Host:</strong>", $headers);
        $headers = str_replace("POST ", "<strong>POST</strong> ", $headers);
        $headers = str_replace("GET ", "<strong>GET</strong> ", $headers);
        $headers = str_replace("Accept-Language:", "<strong>Accept-Language:</strong> ", $headers);
        $headers = str_replace("Accept-Encoding:", "<strong>Accept-Encoding:</strong> ", $headers);
        $headers = str_replace("Accept-Charset:", "<strong>Accept-Charset:</strong> ", $headers);
        $headers = str_replace("X-Forwarded-For:", "<strong>X-Forwarded-For:</strong> ", $headers);
        $headers = str_replace("Cookie:", "<strong>Cookie:</strong> ", $headers);
        $headers = str_replace("Via:", "<strong>Via:</strong> ", $headers);
        $headers = str_replace("Connection:", "<strong>Connection:</strong>", $headers);
        $headers = str_replace("Accept:", "<strong>Accept:</strong>", $headers);
        $headers = str_replace("Cache-Control:", "<strong>Cache-Control:</strong>", $headers);
        $headers = str_replace("Referer:", "<strong>Referer:</strong>", $headers);
        $headers = str_replace("Pragma:", "<strong>Pragma:</strong>", $headers);
        $headers = str_replace("Proxy-", "<strong>Proxy-</strong>", $headers);
        $headers = str_replace("Cf-Connecting-Ip", "<strong>Cf-Connecting-Ip</strong>", $headers);
        $headers = str_replace("Cf-Ipcountry", "<strong>Cf-Ipcountry</strong>", $headers);
        $headers = str_replace("X-Forwarded-Proto", "<strong>X-Forwarded-Proto</strong>", $headers);
        $headers = str_replace("Cf-Visitor", "<strong>Cf-Visitor</strong>", $headers);
        $headers = str_replace("X-Http-Proto", "<strong>X-Http-Proto</strong>", $headers);
        $headers = str_replace("X-Real-Ip", "<strong>X-Real-Ip</strong>", $headers);
        $headers = str_replace("Content-Length", "<strong>Content-Length</strong>", $headers);
        $headers = str_replace("Content-Type", "<strong>Content-Type</strong>", $headers);
        $headers = str_replace("Te:", "<strong>Te:</strong>", $headers);
        $headers = str_replace("Expect:", "<strong>Expect:</strong>", $headers);
        $headers = str_replace("Dnt:", "<strong>Dnt:</strong>", $headers);
        $entity = str_replace("\n", "<br/>\n", $A["request_entity"]);
        $templates->set_var(array('row_num' => $lcount, 'cssid' => $i % 2 + 1, 'id' => $A['id'], 'ip' => $A['ip'], 'request_method' => $A['request_method'], 'http_host' => $A['request_uri'], 'server_protocol' => $A['server_protocol'], 'http_referer' => $headers, 'reason' => $LANG_BB2_RESPONSE[$A['key']], 'http_user_agent' => $A['user_agent'], 'http_response' => $entity, 'date_and_time' => $dt->toRFC822(true)));
        $url = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=view&amp;id=' . $A['id'];
        if ($page > 1) {
            $url .= '&amp;page=' . $page;
        }
        $templates->set_var('start_headers_anchortag', '<a href="' . $url . '" title="' . $LANG_BAD_BEHAVIOR['title_show_headers'] . '">');
        $templates->set_var('end_headers_anchortag', '</a>');
        if (!empty($_CONF['ip_lookup'])) {
            $iplookup = str_replace('*', $A['ip'], $_CONF['ip_lookup']);
            $templates->set_var('start_ip_lookup_anchortag', '<a href="' . $iplookup . '" title="' . $LANG_BAD_BEHAVIOR['title_lookup_ip'] . '" target="_new">');
            $templates->set_var('end_ip_lookup_anchortag', '</a>');
        } else {
            $templates->set_var('start_ip_lookup_anchortag', '');
            $templates->set_var('end_ip_lookup_anchortag', '');
        }
        $templates->parse('lrow', 'logrow', true);
    }
    if ($entries > 50) {
        $baseurl = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=list&filter=' . $filter;
        $numpages = ceil($entries / 50);
        $templates->set_var('google_paging', COM_printPageNavigation($baseurl, $page, $numpages));
    } else {
        $templates->set_var('google_paging', '');
    }
    $templates->parse('output', 'list');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemplo n.º 29
0
function LIB_Edit($pi_name, $id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit")
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $MESSAGE;
    global $LANG_ACCESS;
    global $_USER;
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box = "LANG_" . strtoupper($pi_name);
    global ${$lang_box};
    $lang_box = ${$lang_box};
    $lang_box_noyes = "LANG_" . strtoupper($pi_name) . "_NOYES";
    global ${$lang_box_noyes};
    $lang_box_noyes = ${$lang_box_noyes};
    $lang_box_inputtype = "LANG_" . strtoupper($pi_name) . "_INPUTTYPE";
    global ${$lang_box_inputtype};
    $lang_box_inputtype = ${$lang_box_inputtype};
    $table = $_TABLES[strtoupper($pi_name) . '_def_group'];
    $table1 = $_TABLES[strtoupper($pi_name) . '_def_category'];
    $table2 = $_TABLES[strtoupper($pi_name) . '_def_field'];
    //        $cur_year = date( 'Y' );
    //        $year_startoffset=1990 - $cur_year +1;
    //        $year_endoffset=0;
    $retval = '';
    $delflg = false;
    //メッセージ表示
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, $pi_name);
        $retval .= $errmsg;
        // clean 'em up
        $code = COM_applyFilter($_POST['code']);
        $name = COM_applyFilter($_POST['name']);
        $description = $_POST['description'];
        //COM_applyFilter($_POST['description']);
        $orderno = COM_applyFilter($_POST['orderno']);
        $parent_flg = COM_applyFilter($_POST['parent_flg'], true);
        $input_type = COM_applyFilter($_POST['input_type'], true);
        $uuid = $_USER['uid'];
    } else {
        if (empty($id)) {
            $id = 0;
            $code = "";
            $name = "";
            $description = "";
            $orderno = "";
            $parent_flg = 0;
            $uuid = 0;
            $udatetime = "";
            //"";
        } else {
            $sql = "SELECT ";
            $sql .= " *";
            $sql .= " ,UNIX_TIMESTAMP(udatetime) AS udatetime_un" . LB;
            $sql .= " FROM ";
            $sql .= $table;
            $sql .= " WHERE ";
            $sql .= " group_id = {$id}";
            $result = DB_query($sql);
            $A = DB_fetchArray($result);
            $code = COM_stripslashes($A['code']);
            $name = COM_stripslashes($A['name']);
            $description = COM_stripslashes($A['description']);
            $orderno = COM_stripslashes($A['orderno']);
            $parent_flg = COM_stripslashes($A['parent_flg']);
            $input_type = COM_stripslashes($A['input_type']);
            $uuid = COM_stripslashes($A['uuid']);
            $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['udatetime_un']));
            $udatetime = $wary[0];
            if ($edt_flg == FALSE) {
                $delflg = true;
            }
        }
    }
    if ($mode === "copy") {
        $id = 0;
        //作成日付
        $created = 0;
        $created_month = 0;
        $created_day = 0;
        $created_year = 0;
        $created_hour = 0;
        $created_minute = 0;
        //
        $delflg = false;
    }
    $retval .= COM_startBlock($lang_box_admin['edit'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file('editor', "group_editor.thtml");
    //--
    $templates->set_var('about_thispage', $lang_box_admin['about_admin_group']);
    $templates->set_var('lang_must', $lang_box_admin['must']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    //
    $templates->set_var('lang_link_admin', $lang_box_admin['link_admin']);
    $templates->set_var('lang_link_admin_top', $lang_box_admin['link_admin_top']);
    //id
    $templates->set_var('lang_group_id', $lang_box_admin['group_id']);
    $templates->set_var('id', $id);
    //コード、名前&説明
    $templates->set_var('lang_code', $lang_box_admin['code']);
    $templates->set_var('code', $code);
    $templates->set_var('lang_name', $lang_box_admin['name']);
    $templates->set_var('name', $name);
    $templates->set_var('lang_description', $lang_box_admin['description']);
    $templates->set_var('description', $description);
    //順番
    $templates->set_var('lang_orderno', $lang_box_admin['orderno']);
    $templates->set_var('orderno', $orderno);
    //親ブループ?
    $templates->set_var('lang_parent_flg', $lang_box_admin['parent_flg']);
    $list_parent_flg = DATABOX_getradiolist($lang_box_noyes, "parent_flg", $parent_flg);
    $templates->set_var('list_parent_flg', $list_parent_flg);
    //入力タイプ
    $templates->set_var('lang_input_type', $lang_box_admin['input_type']);
    $list_input_type = DATABOX_getradiolist($lang_box_inputtype, "input_type", $input_type);
    $templates->set_var('list_input_type', $list_input_type);
    //保存日時
    $templates->set_var('lang_udatetime', $lang_box_admin['udatetime']);
    $templates->set_var('udatetime', $udatetime);
    $templates->set_var('lang_uuid', $lang_box_admin['uuid']);
    $templates->set_var('uuid', $uuid);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    //delete_option
    if ($delflg) {
        $wkcnt = DB_count($table1, "categorygroup_id", $id);
        if ($wkcnt > 0) {
            $templates->set_var('lang_delete_help', $lang_box_admin['delete_help_group']);
        } else {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>';
            $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
            $templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        }
    }
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemplo n.º 30
0
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
//
require_once '../lib-common.php';
$project_id = COM_applyFilter($_POST['projectid'], true);
$taskuser = COM_applyFilter($_REQUEST['taskuser'], true);
if ($taskuser > 0 and SEC_inGroup('nexflow Admin')) {
    $usermodeUID = $taskuser;
} else {
    $usermodeUID = $_USER['uid'];
}
if (DB_count($_TABLES['nf_projects'], 'id', $project_id) == 1) {
    if ($CONF_NF['debug']) {
        COM_errorLog("Reclaim Project:{$project_id}");
    }
    $status = DB_getItem($_TABLES['nf_projects'], 'status', "id='{$project_id}'");
    $prev_status = DB_getItem($_TABLES['nf_projects'], 'prev_status', "id='{$project_id}'");
    if ($prev_status < 1 or $status == $prev_status) {
        $prev_status = 1;
    }
    if ($status == 6) {
        // Currently in Recycled State
        DB_query("UPDATE {$_TABLES['nf_projects']} SET status='{$prev_status}', prev_status=6 WHERE id='{$project_id}'");
    } elseif ($status == 7) {
        // Currently in On-Hold State
        DB_query("UPDATE {$_TABLES['nf_projects']} SET status='{$prev_status}', prev_status=7 WHERE id='{$project_id}'");
        $taskQuery = DB_query("SELECT * FROM {$_TABLES['nf_projecttaskhistory']} WHERE project_id={$project_id} AND date_completed=0 AND status = 2");