function sportal_pages()
{
    global $smcFunc, $context, $txt, $scripturl, $sourcedir, $user_info;
    loadTemplate('PortalPages');
    $page_id = !empty($_REQUEST['page']) ? $_REQUEST['page'] : 0;
    if (is_numeric($page_id)) {
        $page_id = (int) $page_id;
    } else {
        $page_id = $smcFunc['htmlspecialchars']($page_id, ENT_QUOTES);
    }
    $context['SPortal']['page'] = sportal_get_pages($page_id, true, true);
    if (empty($context['SPortal']['page']['id'])) {
        fatal_lang_error('error_sp_page_not_found', false);
    }
    $context['SPortal']['page']['style'] = sportal_parse_style('explode', $context['SPortal']['page']['style'], true);
    if (empty($_SESSION['last_viewed_page']) || $_SESSION['last_viewed_page'] != $context['SPortal']['page']['id']) {
        $smcFunc['db_query']('', '
			UPDATE {db_prefix}sp_pages
			SET views = views + 1
			WHERE id_page = {int:current_page}', array('current_page' => $context['SPortal']['page']['id']));
        $_SESSION['last_viewed_page'] = $context['SPortal']['page']['id'];
    }
    $context['linktree'][] = array('url' => $scripturl . '?page=' . $page_id, 'name' => $context['SPortal']['page']['title']);
    $context['page_title'] = $context['SPortal']['page']['title'];
    $context['sub_template'] = 'view_page';
}
function sportal_admin_state_change()
{
    checkSession('get');
    if (!empty($_REQUEST['block_id'])) {
        $id = (int) $_REQUEST['block_id'];
    } elseif (!empty($_REQUEST['category_id'])) {
        $id = (int) $_REQUEST['category_id'];
    } elseif (!empty($_REQUEST['article_id'])) {
        $id = (int) $_REQUEST['article_id'];
    } else {
        fatal_lang_error('error_sp_id_empty', false);
    }
    changeState($_REQUEST['type'], $id);
    if ($_REQUEST['type'] == 'block') {
        $sides = array(1 => 'left', 2 => 'top', 3 => 'bottom', 4 => 'right');
        $list = !empty($_GET['redirect']) && isset($sides[$_GET['redirect']]) ? $sides[$_GET['redirect']] : 'list';
        redirectexit('action=admin;area=portalblocks;sa=' . $list);
    } elseif ($_REQUEST['type'] == 'category') {
        redirectexit('action=admin;area=portalarticles;sa=categories');
    } elseif ($_REQUEST['type'] == 'article') {
        redirectexit('action=admin;area=portalarticles;sa=articles');
    } else {
        redirectexit('action=admin;area=portalconfig');
    }
}
Exemplo n.º 3
0
function ShowAdminHelp()
{
    global $txt, $helptxt, $context, $scripturl;
    if (!isset($_GET['help']) || !is_string($_GET['help'])) {
        fatal_lang_error('no_access', false);
    }
    if (!isset($helptxt)) {
        $helptxt = array();
    }
    // Load the admin help language file and template.
    loadLanguage('Help');
    // Permission specific help?
    if (isset($_GET['help']) && substr($_GET['help'], 0, 14) == 'permissionhelp') {
        loadLanguage('ManagePermissions');
    }
    loadTemplate('Help');
    // Set the page title to something relevant.
    $context['page_title'] = $context['forum_name'] . ' - ' . $txt['help'];
    // Don't show any template layers, just the popup sub template.
    $context['template_layers'] = array();
    $context['sub_template'] = 'popup';
    // What help string should be used?
    if (isset($helptxt[$_GET['help']])) {
        $context['help_text'] = $helptxt[$_GET['help']];
    } elseif (isset($txt[$_GET['help']])) {
        $context['help_text'] = $txt[$_GET['help']];
    } else {
        $context['help_text'] = $_GET['help'];
    }
    // Does this text contain a link that we should fill in?
    if (preg_match('~%([0-9]+\\$)?s\\?~', $context['help_text'], $match)) {
        $context['help_text'] = sprintf($context['help_text'], $scripturl, $context['session_id'], $context['session_var']);
    }
}
Exemplo n.º 4
0
function PrintTopic()
{
    global $db_prefix, $topic, $txt, $scripturl, $context;
    global $board_info;
    if (empty($topic)) {
        fatal_lang_error(472, false);
    }
    // Get the topic starter information.
    $request = db_query("\n\t\tSELECT m.posterTime, IFNULL(mem.realName, m.posterName) AS posterName\n\t\tFROM {$db_prefix}messages AS m\n\t\t\tLEFT JOIN {$db_prefix}members AS mem ON (mem.ID_MEMBER = m.ID_MEMBER)\n\t\tWHERE m.ID_TOPIC = {$topic}\n\t\tORDER BY ID_MSG\n\t\tLIMIT 1", __FILE__, __LINE__);
    if (mysql_num_rows($request) == 0) {
        fatal_lang_error('smf232');
    }
    $row = mysql_fetch_assoc($request);
    mysql_free_result($request);
    // Lets "output" all that info.
    loadTemplate('Printpage');
    $context['template_layers'] = array('print');
    $context['board_name'] = $board_info['name'];
    $context['category_name'] = $board_info['cat']['name'];
    $context['poster_name'] = $row['posterName'];
    $context['post_time'] = timeformat($row['posterTime'], false);
    // Split the topics up so we can print them.
    $request = db_query("\n\t\tSELECT subject, posterTime, body, IFNULL(mem.realName, posterName) AS posterName\n\t\tFROM {$db_prefix}messages AS m\n\t\t\tLEFT JOIN {$db_prefix}members AS mem ON (mem.ID_MEMBER = m.ID_MEMBER)\n\t\tWHERE ID_TOPIC = {$topic}\n\t\tORDER BY ID_MSG", __FILE__, __LINE__);
    $context['posts'] = array();
    while ($row = mysql_fetch_assoc($request)) {
        // Censor the subject and message.
        censorText($row['subject']);
        censorText($row['body']);
        $context['posts'][] = array('subject' => $row['subject'], 'member' => $row['posterName'], 'time' => timeformat($row['posterTime'], false), 'timestamp' => forum_time(true, $row['posterTime']), 'body' => parse_bbc($row['body'], 'print'));
        if (!isset($context['topic_subject'])) {
            $context['topic_subject'] = $row['subject'];
        }
    }
    mysql_free_result($request);
}
Exemplo n.º 5
0
 /**
  * Entry point function for likes, permission checks, just makes sure its on
  */
 public function pre_dispatch()
 {
     global $modSettings;
     // If likes are disabled, we don't go any further
     if (empty($modSettings['likes_enabled'])) {
         fatal_lang_error('feature_disabled', true);
     }
 }
Exemplo n.º 6
0
function XMLhttpMain()
{
    loadTemplate('Xml');
    $sub_actions = array('jumpto' => array('function' => 'GetJumpTo'), 'messageicons' => array('function' => 'ListMessageIcons'));
    if (!isset($_REQUEST['sa'], $sub_actions[$_REQUEST['sa']])) {
        fatal_lang_error('no_access', false);
    }
    $sub_actions[$_REQUEST['sa']]['function']();
}
Exemplo n.º 7
0
function XMLhttpMain()
{
    loadTemplate('Xml');
    $sub_actions = array('jumpto' => array('function' => 'GetJumpTo'), 'messageicons' => array('function' => 'ListMessageIcons'), 'mcard' => array('function' => 'GetMcard'), 'givelike' => array('function' => 'HandleLikeRequest'), 'mpeek' => array('function' => 'TopicPeek'), 'tags' => array('function' => 'TagsActionDispatcher'), 'whoposted' => array('function' => 'WhoPosted'), 'prefix' => array('function' => 'InlinePrefixActions'), 'collapse' => array('function' => 'AjaxCollapseCategory'), 'sidebar' => array('function' => 'GetSidebarContent'), 'togglesb' => array('function' => '_ToggleSideBar'), 'tzoffset' => array('function' => 'SetGuestTZOffset'));
    if (!isset($_REQUEST['sa'], $sub_actions[$_REQUEST['sa']])) {
        fatal_lang_error('no_access', false);
    }
    $sub_actions[$_REQUEST['sa']]['function']();
}
Exemplo n.º 8
0
 /**
  * Display some useful/interesting board statistics.
  *
  * What it does:
  * - Gets all the statistics in order and puts them in.
  * - Uses the Stats template and language file. (and main sub template.)
  * - Requires the view_stats permission.
  * - Accessed from ?action=stats.
  *
  * @uses Stats language file
  * @uses Stats template, statistics sub template
  */
 public function action_stats()
 {
     global $txt, $scripturl, $modSettings, $context;
     // You have to be able to see these
     isAllowedTo('view_stats');
     // Page disabled - redirect them out
     if (empty($modSettings['trackStats'])) {
         fatal_lang_error('feature_disabled', true);
     }
     if (!empty($_REQUEST['expand'])) {
         $context['robot_no_index'] = true;
         $month = (int) substr($_REQUEST['expand'], 4);
         $year = (int) substr($_REQUEST['expand'], 0, 4);
         if ($year > 1900 && $year < 2200 && $month >= 1 && $month <= 12) {
             $_SESSION['expanded_stats'][$year][] = $month;
         }
     } elseif (!empty($_REQUEST['collapse'])) {
         $context['robot_no_index'] = true;
         $month = (int) substr($_REQUEST['collapse'], 4);
         $year = (int) substr($_REQUEST['collapse'], 0, 4);
         if (!empty($_SESSION['expanded_stats'][$year])) {
             $_SESSION['expanded_stats'][$year] = array_diff($_SESSION['expanded_stats'][$year], array($month));
         }
     }
     // Just a lil' help from our friend :P
     require_once SUBSDIR . '/Stats.subs.php';
     // Handle the XMLHttpRequest.
     if (isset($_REQUEST['xml'])) {
         // Collapsing stats only needs adjustments of the session variables.
         if (!empty($_REQUEST['collapse'])) {
             obExit(false);
         }
         $context['sub_template'] = 'stats';
         getDailyStats('YEAR(date) = {int:year} AND MONTH(date) = {int:month}', array('year' => $year, 'month' => $month));
         $context['yearly'][$year]['months'][$month]['date'] = array('month' => sprintf('%02d', $month), 'year' => $year);
         return;
     }
     // Stats it is
     loadLanguage('Stats');
     loadTemplate('Stats');
     loadJavascriptFile('stats.js');
     // Build the link tree......
     $context['linktree'][] = array('url' => $scripturl . '?action=stats', 'name' => $txt['stats_center']);
     // Prepare some things for the template page
     $context['page_title'] = $context['forum_name'] . ' - ' . $txt['stats_center'];
     $context['sub_template'] = 'statistics';
     // These are the templates that will be used to render the statistics
     $context['statistics_callbacks'] = array('general_statistics', 'top_statistics');
     // Call each area of statics to load our friend $context
     $this->loadGeneralStatistics();
     $this->loadTopStatistics();
     $this->loadMontlyActivity();
     // Custom stats (just add a template_layer or another callback to add it to the page!)
     call_integration_hook('integrate_forum_stats');
 }
Exemplo n.º 9
0
function XMLhttpMain()
{
    loadTemplate('Xml');
    $sub_actions = array('jumpto' => array('function' => 'GetJumpTo'), 'messageicons' => array('function' => 'ListMessageIcons'), 'corefeatures' => array('function' => 'EnableCoreFeatures'), 'previews' => array('function' => 'RetrievePreview'));
    // Easy adding of sub actions
    call_integration_hook('integrate_xmlhttp', array(&$sub_actions));
    if (!isset($_REQUEST['sa'], $sub_actions[$_REQUEST['sa']])) {
        fatal_lang_error('no_access', false);
    }
    $sub_actions[$_REQUEST['sa']]['function']();
}
Exemplo n.º 10
0
function ArcadeViewMatch()
{
    global $scripturl, $txt, $db_prefix, $context, $smcFunc, $user_info;
    if (empty($_REQUEST['match'])) {
        fatal_lang_error('match_not_found', false);
    }
    loadMatch((int) $_REQUEST['match']);
    // Delete Match
    if (isset($_REQUEST['delete']) && $context['can_edit_match']) {
        checkSession('get');
        deleteMatch($context['match']['id']);
        redirectexit('action=arcade;sa=arena');
    } elseif (isset($_GET['start']) && $context['can_start_match']) {
        checkSession('get');
        $smcFunc['db_query']('', '
			UPDATE {db_prefix}arcade_matches
			SET num_players = current_players
			WHERE id_match = {int:match}', array('match' => $context['match']['id']));
        matchUpdateStatus($context['match']['id']);
        redirectexit('action=arcade;sa=viewMatch;match=' . $context['match']['id']);
    } elseif (isset($_REQUEST['leave']) && ($context['can_leave'] || $context['can_decline'])) {
        checkSession('get');
        // It's starter leaving, delete whole match
        if ($user_info['id'] == $context['match']['starter']) {
            deleteMatch($context['match']['id']);
            redirectexit('action=arcade;sa=arena');
        } else {
            matchRemovePlayers($context['match']['id'], array($user_info['id']));
        }
        redirectexit('action=arcade;sa=viewMatch;match=' . $context['match']['id']);
    } elseif (isset($_REQUEST['kick']) && !empty($context['match']['players'][$_REQUEST['player']]['can_kick'])) {
        checkSession('get');
        matchRemovePlayers($context['match']['id'], array($_REQUEST['player']));
        redirectexit('action=arcade;sa=viewMatch;match=' . $context['match']['id']);
    } elseif (isset($_REQUEST['join']) && $context['can_join_match']) {
        checkSession('get');
        matchAddPlayers($context['match']['id'], array($user_info['id'] => 1));
        redirectexit('action=arcade;sa=viewMatch;match=' . $context['match']['id']);
    } elseif (isset($_REQUEST['join']) && $context['can_accept']) {
        checkSession('get');
        matchUpdatePlayers($context['match']['id'], array($user_info['id']), 1);
        redirectexit('action=arcade;sa=viewMatch;match=' . $context['match']['id']);
    }
    // Layout
    loadTemplate('ArcadeArena');
    $context['template_layers'][] = 'arcade_arena_view_match';
    $context['sub_template'] = 'arcade_arena_view_match';
    $context['page_title'] = sprintf($txt['arcade_arena_view_match_title'], $context['match']['name']);
    // Add Arena to link tree
    $context['linktree'][] = array('url' => $scripturl . '?action=arcade;sa=arena', 'name' => $txt['arcade_arena']);
    $context['linktree'][] = array('url' => $scripturl . '?action=arcade;sa=viewMatch;match=' . $context['match']['id'], 'name' => $context['match']['name']);
}
Exemplo n.º 11
0
/**
 * Related Topics
 *
 * @package RelatedTopics
 * @author Niko Pahajoki http://madjoki.com/
 * @version 1.5
 * @license http://madjoki.com/smf-mods/license/ New-BSD
 */
function RelatedTopicsAdminBuildIndex()
{
    global $smcFunc, $scripturl, $modSettings, $context, $txt;
    loadTemplate('Admin');
    loadLanguage('Admin');
    if (!isset($context['relatedClass']) && !initRelated()) {
        fatal_lang_error('no_methods_selected');
    }
    $context['step'] = empty($_REQUEST['step']) ? 0 : (int) $_REQUEST['step'];
    if ($context['step'] == 0) {
        // Clear caches
        foreach ($context['relatedClass'] as $class) {
            $class->recreateIndexTables();
        }
        $smcFunc['db_query']('', '
			DELETE FROM {db_prefix}related_topics');
    }
    $request = $smcFunc['db_query']('', '
		SELECT MAX(id_topic)
		FROM {db_prefix}topics');
    list($max_topics) = $smcFunc['db_fetch_row']($request);
    $smcFunc['db_free_result']($request);
    // How many topics to do per page load?
    $perStep = 150;
    $last = $context['step'] + $perStep;
    // Search for topic ids between first and last which are not in ignored boards
    $request = $smcFunc['db_query']('', '
		SELECT t.id_topic
		FROM {db_prefix}topics AS t
		WHERE t.id_topic > {int:start}
			AND t.id_topic <= {int:last}' . (!empty($context['rt_ignore']) ? '
			AND t.id_board NOT IN({array_int:ignored})' : ''), array('start' => $context['step'], 'last' => $last, 'ignored' => $context['rt_ignore']));
    $topics = array();
    while ($row = $smcFunc['db_fetch_assoc']($request)) {
        $topics[] = $row['id_topic'];
    }
    $smcFunc['db_free_result']($request);
    // Update topics
    relatedUpdateTopics($topics, true);
    if ($last >= $max_topics) {
        redirectexit('action=admin;area=relatedtopics;sa=methods');
    }
    $context['sub_template'] = 'not_done';
    $context['continue_get_data'] = '?action=admin;area=relatedtopics;sa=buildIndex;step=' . $last;
    $context['continue_percent'] = round(100 * ($last / $max_topics));
    $context['continue_post_data'] = '';
    $context['continue_countdown'] = '2';
    obExit();
}
 /**
  * Called from a mouse click,
  * works out what we want to do with attachments and actions it.
  * Accessed by ?action=attachapprove
  */
 public function action_attachapprove()
 {
     global $user_info;
     // Security is our primary concern...
     checkSession('get');
     // If it approve or delete?
     $is_approve = !isset($_GET['sa']) || $_GET['sa'] != 'reject' ? true : false;
     $attachments = array();
     require_once SUBSDIR . '/ManageAttachments.subs.php';
     // If we are approving all ID's in a message , get the ID's.
     if ($_GET['sa'] == 'all' && !empty($_GET['mid'])) {
         $id_msg = (int) $_GET['mid'];
         $attachments = attachmentsOfMessage($id_msg);
     } elseif (!empty($_GET['aid'])) {
         $attachments[] = (int) $_GET['aid'];
     }
     if (empty($attachments)) {
         fatal_lang_error('no_access', false);
     }
     // @todo nb: this requires permission to approve posts, not manage attachments
     // Now we have some ID's cleaned and ready to approve, but first - let's check we have permission!
     $allowed_boards = !empty($user_info['mod_cache']['ap']) ? $user_info['mod_cache']['ap'] : boardsAllowedTo('approve_posts');
     if ($allowed_boards == array(0)) {
         $approve_query = '';
     } elseif (!empty($allowed_boards)) {
         $approve_query = ' AND m.id_board IN (' . implode(',', $allowed_boards) . ')';
     } else {
         $approve_query = ' AND 0';
     }
     // Validate the attachments exist and have the right approval state.
     $attachments = validateAttachments($attachments, $approve_query);
     // Set up a return link based off one of the attachments for this message
     $attach_home = attachmentBelongsTo($attachments[0]);
     $redirect = 'topic=' . $attach_home['id_topic'] . '.msg' . $attach_home['id_msg'] . '#msg' . $attach_home['id_msg'];
     if (empty($attachments)) {
         fatal_lang_error('no_access', false);
     }
     // Finally, we are there. Follow through!
     if ($is_approve) {
         // Checked and deemed worthy.
         approveAttachments($attachments);
     } else {
         removeAttachments(array('id_attach' => $attachments, 'do_logging' => true));
     }
     // We approved or removed, either way we reset those numbers
     cache_put_data('num_menu_errors', null, 900);
     // Return to the topic....
     redirectexit($redirect);
 }
Exemplo n.º 13
0
 /**
  * Main dispatcher for action=xmlhttp.
  *
  * @see Action_Controller::action_index()
  */
 public function action_index()
 {
     loadTemplate('Xml');
     require_once SUBSDIR . '/Action.class.php';
     $subActions = array('jumpto' => array('controller' => $this, 'function' => 'action_jumpto'), 'messageicons' => array('controller' => $this, 'function' => 'action_messageicons'), 'groupicons' => array('controller' => $this, 'function' => 'action_groupicons'), 'corefeatures' => array('controller' => $this, 'function' => 'action_corefeatures', 'permission' => 'admin_forum'), 'profileorder' => array('controller' => $this, 'function' => 'action_profileorder', 'permission' => 'admin_forum'), 'messageiconorder' => array('controller' => $this, 'function' => 'action_messageiconorder', 'permission' => 'admin_forum'), 'smileyorder' => array('controller' => $this, 'function' => 'action_smileyorder', 'permission' => 'admin_forum'), 'boardorder' => array('controller' => $this, 'function' => 'action_boardorder', 'permission' => 'manage_boards'), 'parserorder' => array('controller' => $this, 'function' => 'action_parserorder', 'permission' => 'admin_forum'));
     // Easy adding of xml sub actions with integrate_xmlhttp
     $action = new Action('xmlhttp');
     $subAction = $action->initialize($subActions);
     // Act a bit special for XML, probably never see it anyway :P
     if (empty($subAction)) {
         fatal_lang_error('no_access', false);
     }
     // Off we go then, (it will check permissions)
     $action->dispatch($subAction);
 }
Exemplo n.º 14
0
/**
 * Get the admin info file from the database
 *
 * @param string $filename
 *
 * @return array
 */
function adminInfoFile($filename)
{
    $db = database();
    $file = array();
    $request = $db->query('', '
		SELECT data, filetype
		FROM {db_prefix}admin_info_files
		WHERE filename = {string:current_filename}
		LIMIT 1', array('current_filename' => $filename));
    if ($db->num_rows($request) == 0) {
        fatal_lang_error('admin_file_not_found', true, array($filename));
    }
    list($file['file_data'], $file['filetype']) = $db->fetch_row($request);
    $db->free_result($request);
    return $file;
}
Exemplo n.º 15
0
/**
 * Save a new draft, or update an existing draft.
 */
function saveDraft()
{
    global $smcFunc, $topic, $board, $user_info, $options;
    if (!isset($_REQUEST['draft']) || $user_info['is_guest'] || empty($options['use_drafts'])) {
        return false;
    }
    $msgid = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : 0;
    // Clean up what we may or may not have
    $subject = isset($_POST['subject']) ? $_POST['subject'] : '';
    $message = isset($_POST['message']) ? $_POST['message'] : '';
    $icon = isset($_POST['icon']) ? preg_replace('~[\\./\\\\*:"\'<>]~', '', $_POST['icon']) : 'xx';
    // Sanitise what we do have
    $subject = commonAPI::htmltrim(commonAPI::htmlspecialchars($subject));
    $message = commonAPI::htmlspecialchars($message, ENT_QUOTES);
    preparsecode($message);
    if (commonAPI::htmltrim(commonAPI::htmlspecialchars($subject)) === '' && commonAPI::htmltrim(commonAPI::htmlspecialchars($_POST['message']), ENT_QUOTES) === '') {
        fatal_lang_error('empty_draft', false);
    }
    // Hrm, so is this a new draft or not?
    if (isset($_REQUEST['draft_id']) && (int) $_REQUEST['draft_id'] > 0 || $msgid) {
        $_REQUEST['draft_id'] = (int) $_REQUEST['draft_id'];
        $id_cond = $msgid ? ' 1=1 ' : ' id_draft = {int:draft} ';
        $id_sel = $msgid ? ' AND id_msg = {int:message} ' : ' AND id_board = {int:board} AND id_topic = {int:topic} ';
        // Does this draft exist?
        smf_db_query('
			UPDATE {db_prefix}drafts
			SET subject = {string:subject},
				body = {string:body},
				updated = {int:post_time},
				icon = {string:post_icon},
				smileys = {int:smileys_enabled},
				is_locked = {int:locked},
				is_sticky = {int:sticky}
			WHERE ' . $id_cond . '
				AND id_member = {int:member}
				' . $id_sel . '
			LIMIT 1', array('draft' => $_REQUEST['draft_id'], 'board' => $board, 'topic' => $topic, 'message' => $msgid, 'member' => $user_info['id'], 'subject' => $subject, 'body' => $message, 'post_time' => time(), 'post_icon' => $icon, 'smileys_enabled' => !isset($_POST['ns']) ? 1 : 0, 'locked' => !empty($_POST['lock_draft']) ? 1 : 0, 'sticky' => isset($_POST['sticky']) ? 1 : 0));
        if (smf_db_affected_rows() != 0) {
            return $_REQUEST['draft_id'];
        }
    }
    smf_db_insert('insert', '{db_prefix}drafts', array('id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'id_member' => 'int', 'subject' => 'string', 'body' => 'string', 'updated' => 'int', 'icon' => 'string', 'smileys' => 'int', 'is_locked' => 'int', 'is_sticky' => 'int'), array($board, $topic, $msgid, $user_info['id'], $subject, $message, time(), $icon, !isset($_POST['ns']) ? 1 : 0, !empty($_POST['lock_draft']) ? 1 : 0, isset($_POST['sticky']) ? 1 : 0), array('id_draft'));
    return smf_db_insert_id('{db_prefix}drafts');
}
Exemplo n.º 16
0
 /**
  * Show boxes with more detailed help on items, when the user clicks on their help icon.
  * It handles both administrative or user help.
  * Data: $_GET['help'] parameter, it holds what string to display
  * and where to get the string from. ($helptxt or $txt)
  * It is accessed via ?action=quickhelp;help=?.
  *
  * @uses ManagePermissions language file, if the help starts with permissionhelp.
  * @uses Help template, 'popup' sub-template.
  */
 public function action_quickhelp()
 {
     global $txt, $helptxt, $context, $scripturl;
     if (!isset($_GET['help']) || !is_string($_GET['help'])) {
         fatal_lang_error('no_access', false);
     }
     if (!isset($helptxt)) {
         $helptxt = array();
     }
     $help_str = Util::htmlspecialchars($_GET['help']);
     // Load the admin help language file and template.
     loadLanguage('Help');
     // Load permission specific help
     if (substr($help_str, 0, 14) == 'permissionhelp') {
         loadLanguage('ManagePermissions');
     }
     // Load our template
     loadTemplate('Help');
     // Allow addons to load their own language file here.
     call_integration_hook('integrate_quickhelp');
     // Set the page title to something relevant.
     $context['page_title'] = $context['forum_name'] . ' - ' . $txt['help'];
     // Only show the 'popup' sub-template, no layers.
     Template_Layers::getInstance()->removeAll();
     $context['sub_template'] = 'popup';
     $helps = explode('+', $help_str);
     $context['help_text'] = '';
     // Find what to display: the string will be in $helptxt['help'] or in $txt['help]
     foreach ($helps as $help) {
         if (isset($helptxt[$help])) {
             $context['help_text'] .= $helptxt[$help];
         } elseif (isset($txt[$help])) {
             $context['help_text'] .= $txt[$help];
         } else {
             // nothing :(
             $context['help_text'] .= $help;
         }
     }
     // Link to the forum URL, and include session id.
     if (preg_match('~%([0-9]+\\$)?s\\?~', $context['help_text'], $match)) {
         $context['help_text'] = sprintf($context['help_text'], $scripturl, $context['session_id'], $context['session_var']);
     }
 }
Exemplo n.º 17
0
 /**
  *
  */
 public static function Main()
 {
     global $context, $scripturl, $txt, $sourcedir, $modSettings;
     // Do we have permission?
     isAllowedTo('arcade_view');
     // Load Arcade
     self::loadArcade('normal');
     // Fatal error if Arcade is disabled
     if (empty($modSettings['arcadeEnabled'])) {
         fatal_lang_error('arcade_disabled', false);
     }
     // Information for actions (file, function, [permission])
     $subActions = array('arena' => array('ArcadeArena.php', 'ArcadeMatchList'), 'newMatch' => array('ArcadeArena.php', 'ArcadeNewMatch', 'arcade_create_match'), 'newMatch2' => array('ArcadeArena.php', 'ArcadeNewMatch2', 'arcade_create_match'), 'viewMatch' => array('ArcadeArena.php', 'ArcadeViewMatch'), 'list' => array('ArcadeList.php', 'ArcadeList'), 'suggest' => array('ArcadeList.php', 'ArcadeXMLSuggest'), 'search' => array('ArcadeList.php', 'ArcadeList'), 'rate' => array('ArcadeList.php', 'ArcadeRate'), 'favorite' => array('ArcadeList.php', 'ArcadeFavorite'), 'play' => array('ArcadeGame.php', 'ArcadePlay', 'arcade_play'), 'highscore' => array('ArcadeGame.php', 'ArcadeHighscore'), 'save' => array('ArcadeGame.php', 'ArcadeSave_Guest'), 'stats' => array('ArcadeStats.php', 'ArcadeStatistics'), 'submit' => array('ArcadeGame.php', 'ArcadeSubmit'), 'ibpverify' => array('Submit-ibp.php', 'ArcadeVerifyIBP'), 'ibpsubmit2' => array('ArcadeGame.php', 'ArcadeSubmit'), 'ibpsubmit3' => array('ArcadeGame.php', 'ArcadeSubmit'), 'v2Start' => array('Submit-v2game.php', 'ArcadeV2Start'), 'v2Hash' => array('Submit-v2game.php', 'ArcadeV2Hash'), 'v2Score' => array('Submit-v2game.php', 'ArcadeV2Score'), 'v2Submit' => array('ArcadeGame.php', 'ArcadeSubmit'), 'vbSessionStart' => array('Submit-v3arcade.php', 'ArcadeVbStart'), 'vbPermRequest' => array('Submit-v3arcade.php', 'ArcadeVbPermRequest'), 'vbBurn' => array('ArcadeGame.php', 'ArcadeSubmit'));
     if (empty($modSettings['arcadeArenaEnabled'])) {
         unset($subActions['arena'], $subActions['newMatch'], $subActions['newMatch2'], $subActions['viewMatch']);
     }
     // Fix for broken games which doesn't send sa/do=submit
     if (isset($_POST['game']) && isset($_POST['score']) && !isset($_REQUEST['sa'])) {
         $_REQUEST['sa'] = 'submit';
     } elseif (isset($_REQUEST['game']) && is_numeric($_REQUEST['game']) && !isset($_REQUEST['sa'])) {
         $_REQUEST['sa'] = 'play';
     } elseif (isset($_REQUEST['match']) && is_numeric($_REQUEST['match']) && !isset($_REQUEST['sa'])) {
         $_REQUEST['sa'] = 'viewMatch';
     } elseif (isset($_REQUEST['game']) && isset($_REQUEST['xml']) && !isset($_REQUEST['sa'])) {
         $_REQUEST['sa'] = 'custData';
     }
     $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'list';
     $context['arcade_tabs'] = array('title' => $txt['arcade'], 'tabs' => array(array('href' => $scripturl . '?action=arcade', 'title' => $txt['arcade'], 'is_selected' => in_array($_REQUEST['sa'], array('play', 'list', 'highscore', 'submit', 'search')))));
     if (!empty($modSettings['arcadeArenaEnabled'])) {
         $context['arcade_tabs']['tabs'][] = array('href' => $scripturl . '?action=arcade;sa=arena', 'title' => $txt['arcade_arena'], 'is_selected' => in_array($_REQUEST['sa'], array('arena', 'newMatch', 'newMatch2', 'viewMatch')));
     }
     $context['arcade_tabs']['tabs'][] = array('href' => $scripturl . '?action=arcade;sa=stats', 'title' => $txt['arcade_stats'], 'is_selected' => in_array($_REQUEST['sa'], array('stats')));
     if (!in_array($_REQUEST['sa'], array('highscore', 'comment')) && isset($_SESSION['arcade']['highscore'])) {
         unset($_SESSION['arcade']['highscore']);
     }
     // Check permission if needed
     if (isset($subActions[$_REQUEST['sa']][2])) {
         isAllowedTo($subActions[$_REQUEST['sa']][2]);
     }
     require_once $sourcedir . '/' . $subActions[$_REQUEST['sa']][0];
     $subActions[$_REQUEST['sa']][1]();
 }
function pv_delete($memID)
{
    global $smcFunc, $context, $user_info;
    checkSession('get');
    if ($context['user']['is_owner'] && !allowedTo('pv_remove_own')) {
        isAllowedTo('pv_remove_any_any');
    } elseif ($user_info['id'] == $member && !allowedTo('pv_remove_any_own')) {
        isAllowedTo('pv_remove_any_any');
    }
    $member = !empty($_REQUEST['member']) ? (int) $_REQUEST['member'] : 0;
    if (empty($member)) {
        fatal_lang_error('pv_no_member', false);
    }
    $smcFunc['db_query']('', '
		DELETE FROM {db_prefix}log_Maximum_visitors
		WHERE id_member = {int:member}
			AND id_profile = {int:profile}
		LIMIT 1', array('member' => $member, 'profile' => $memID));
    redirectexit('action=profile;u=' . $memID . ';pv');
}
/**
 * Toggles the current state of a block / control
 *
 * - calls sp_changeState to toggle the on/off status
 * - directs back based on type passed
 *
 * @param string $type type of control
 * @param int $id id of the control
 */
function sportal_admin_state_change($type, $id)
{
    if (!in_array($type, array('block', 'category', 'article'))) {
        fatal_lang_error('error_sp_id_empty', false);
    }
    // Toggle the current state
    sp_changeState($type, $id);
    // Based on the type, find our way back
    if ($type == 'block') {
        $sides = array(1 => 'left', 2 => 'top', 3 => 'bottom', 4 => 'right');
        $list = !empty($_GET['redirect']) && isset($sides[$_GET['redirect']]) ? $sides[$_GET['redirect']] : 'list';
        redirectexit('action=admin;area=portalblocks;sa=' . $list);
    } elseif ($type == 'category') {
        redirectexit('action=admin;area=portalarticles;sa=categories');
    } elseif ($type == 'article') {
        redirectexit('action=admin;area=portalarticles;sa=articles');
    } else {
        redirectexit('action=admin;area=portalconfig');
    }
}
Exemplo n.º 20
0
function UltimatePortalEditLangs()
{
    global $context, $txt, $sourcedir;
    require_once $sourcedir . '/Subs-UltimatePortal.php';
    if (!empty($_POST['save'])) {
        checkSession('post');
        //Content and File
        $file = trim($_POST['file']);
        $content = trim($_POST['content']);
        //Create Edit Lang File
        CreateSpecificLang($file, $content);
        redirectexit('action=adminportal;area=preferences;sa=lang-maintenance;' . $context['session_var'] . '=' . $context['session_id']);
    }
    if (!empty($_POST['duplicate'])) {
        checkSession('post');
        if (empty($_POST['new_file'])) {
            fatal_lang_error('ultport_error_no_name', false);
        }
        //Content and File
        $file = trim($_POST['file']);
        //Load the original lang
        LoadSpecificLang($file);
        $new_file_name = $_POST['new_file'] . '.php';
        //Create Edit Lang File
        CreateSpecificLang($new_file_name, $context['content']);
        redirectexit('action=adminportal;area=preferences;sa=lang-maintenance;' . $context['session_var'] . '=' . $context['session_id']);
    }
    if (!empty($_POST['editing'])) {
        checkSession('post');
    }
    //If not select the lang file, then redirect the selec lang form
    if (empty($_POST['file'])) {
        redirectexit('action=adminportal;area=preferences;sa=lang-maintenance');
    }
    $context['file'] = stripslashes($_POST['file']);
    $this_file = $context['file'];
    //Load Specific Lang - from Subs-UltimatePortal.php
    LoadSpecificLang($this_file);
    $context['sub_template'] = 'preferences_lang_edit';
    $context['page_title'] = $txt['ultport_admin_lang_maintenance_edit'] . ' - ' . $txt['ultport_preferences_title'];
}
Exemplo n.º 21
0
function getImageList()
{
    global $sourcedir;
    // Start with an empty array
    $imageList = array();
    // Try to open the images directory
    if ($handle = opendir($sourcedir . '/shop/item_images')) {
        // For each file in the directory...
        while (false !== ($file = readdir($handle))) {
            // ...if it's a valid file, add it to the list
            if (!in_array($file, array('.', '..', 'blank.gif'))) {
                $imageList[] = $file;
            }
        }
        // Sort the list
        sort($imageList);
        return $imageList;
    } else {
        fatal_lang_error('shop_cannot_open_images');
    }
}
 /**
  * View a specific category, showing all articles it contains
  */
 public function action_sportal_category()
 {
     global $context, $scripturl, $modSettings;
     // Basic article support
     require_once SUBSDIR . '/PortalArticle.subs.php';
     $category_id = !empty($_REQUEST['category']) ? $_REQUEST['category'] : 0;
     if (is_int($category_id)) {
         $category_id = (int) $category_id;
     } else {
         $category_id = Util::htmlspecialchars($category_id, ENT_QUOTES);
     }
     $context['category'] = sportal_get_categories($category_id, true, true);
     if (empty($context['category']['id'])) {
         fatal_lang_error('error_sp_category_not_found', false);
     }
     // Set up the pages
     $total_articles = sportal_get_articles_in_cat_count($context['category']['id']);
     $per_page = min($total_articles, !empty($modSettings['sp_articles_per_page']) ? $modSettings['sp_articles_per_page'] : 10);
     $start = !empty($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0;
     if ($total_articles > $per_page) {
         $context['page_index'] = constructPageIndex($context['category']['href'] . ';start=%1$d', $start, $total_articles, $per_page, true);
     }
     // Load the articles in this category
     $context['articles'] = sportal_get_articles(0, true, true, 'spa.id_article DESC', $context['category']['id'], $per_page, $start);
     foreach ($context['articles'] as $article) {
         // Cut me mick
         if (($cutoff = Util::strpos($article['body'], '[cutoff]')) !== false) {
             $article['body'] = Util::substr($article['body'], 0, $cutoff);
             if ($article['type'] === 'bbc') {
                 require_once SUBSDIR . '/Post.subs.php';
                 preparsecode($article['body']);
             }
         }
         $context['articles'][$article['id']]['preview'] = sportal_parse_content($article['body'], $article['type'], 'return');
         $context['articles'][$article['id']]['date'] = htmlTime($article['date']);
     }
     $context['linktree'][] = array('url' => $scripturl . '?category=' . $context['category']['category_id'], 'name' => $context['category']['name']);
     $context['page_title'] = $context['category']['name'];
     $context['sub_template'] = 'view_category';
 }
Exemplo n.º 23
0
/**
 * Creates a search API and returns the object.
 *
 * @package Search
 */
function findSearchAPI()
{
    global $modSettings, $search_versions, $searchAPI, $txt;
    require_once SUBSDIR . '/Package.subs.php';
    // Load up the search API we are going to use.
    $modSettings['search_index'] = empty($modSettings['search_index']) ? 'standard' : $modSettings['search_index'];
    if (!file_exists(SUBSDIR . '/SearchAPI-' . ucwords($modSettings['search_index']) . '.class.php')) {
        fatal_lang_error('search_api_missing');
    }
    require_once SUBSDIR . '/SearchAPI-' . ucwords($modSettings['search_index']) . '.class.php';
    // Create an instance of the search API and check it is valid for this version of the software.
    $search_class_name = $modSettings['search_index'] . '_search';
    $searchAPI = new $search_class_name();
    // An invalid Search API.
    if (!$searchAPI || $searchAPI->supportsMethod('isValid') && !$searchAPI->isValid() || !matchPackageVersion($search_versions['forum_version'], $searchAPI->min_elk_version . '-' . $searchAPI->version_compatible)) {
        // Log the error.
        loadLanguage('Errors');
        log_error(sprintf($txt['search_api_not_compatible'], 'SearchAPI-' . ucwords($modSettings['search_index']) . '.class.php'), 'critical');
        require_once SUBSDIR . '/SearchAPI-Standard.class.php';
        $searchAPI = new Standard_Search();
    }
    return $searchAPI;
}
Exemplo n.º 24
0
function arcadeChallenge($memID)
{
    global $db_prefix, $scripturl, $txt, $modSettings, $context, $settings, $user_info, $smcFunc, $sourcedir;
    require_once $sourcedir . '/Arcade.php';
    require_once $sourcedir . '/ArcadeArena.php';
    require_once $sourcedir . '/Subs-Members.php';
    SMFArcade::loadArcade('profile');
    if (!memberAllowedTo(array('arcade_join_match', 'arcade_join_invite_match'), $memID)) {
        fatal_lang_error('arcade_no_invite', false);
    }
    $context['matches'] = array();
    $request = $smcFunc['db_query']('', '
		SELECT id_match, name
		FROM {db_prefix}arcade_matches
		WHERE id_member = {int:member}
			AND status = 0', array('member' => $user_info['id']));
    while ($row = $smcFunc['db_fetch_assoc']($request)) {
        $context['matches'][] = array('id' => $row['id_match'], 'name' => $row['name']);
    }
    $smcFunc['db_free_result']($request);
    // Layout
    $context['sub_template'] = 'arcade_arena_challenge';
    $context['page_title'] = sprintf($txt['arcade_arena_challenge_title'], $context['member']['name']);
}
 /**
  * View a specific page in the system
  */
 public function action_sportal_page()
 {
     global $context, $scripturl;
     // Use the requested page id
     $page_id = !empty($_REQUEST['page']) ? $_REQUEST['page'] : 0;
     // Fetch the page
     $context['SPortal']['page'] = sportal_get_pages($page_id, true, true);
     if (empty($context['SPortal']['page']['id'])) {
         fatal_lang_error('error_sp_page_not_found', false);
     }
     // Fetch any style associated with the page
     $context['SPortal']['page']['style'] = sportal_parse_style('explode', $context['SPortal']['page']['style'], true);
     // Prepare the body
     $context['SPortal']['page']['body'] = sportal_parse_content($context['SPortal']['page']['body'], $context['SPortal']['page']['type'], 'return');
     // Increase the view counter
     if (empty($_SESSION['last_viewed_page']) || $_SESSION['last_viewed_page'] != $context['SPortal']['page']['id']) {
         sportal_increase_viewcount('page', $context['SPortal']['page']['id']);
         $_SESSION['last_viewed_page'] = $context['SPortal']['page']['id'];
     }
     // Prep the template for display
     $context['linktree'][] = array('url' => $scripturl . '?page=' . $page_id, 'name' => $context['SPortal']['page']['title']);
     $context['page_title'] = $context['SPortal']['page']['title'];
     $context['sub_template'] = 'view_page';
 }
Exemplo n.º 26
0
function ViewFile()
{
    global $context, $txt, $boarddir, $sourcedir;
    // Check for the administrative permission to do this.
    isAllowedTo('admin_forum');
    // decode the file and get the line
    $file = base64_decode($_REQUEST['file']);
    $line = isset($_REQUEST['line']) ? (int) $_REQUEST['line'] : 0;
    // Make sure the file we are looking for is one they are allowed to look at
    if (!is_readable($file) || strpos($file, '../') !== false && (strpos($file, $boarddir) === false || strpos($file, $sourcedir) === false)) {
        fatal_lang_error('error_bad_file', true, array(htmlspecialchars($file)));
    }
    // get the min and max lines
    $min = $line - 20 <= 0 ? 1 : $line - 20;
    $max = $line + 21;
    // One additional line to make everything work out correctly
    if ($max <= 0 || $min >= $max) {
        fatal_lang_error('error_bad_line');
    }
    $file_data = explode('<br />', highlight_php_code(htmlspecialchars(implode('', file($file)))));
    // We don't want to slice off too many so lets make sure we stop at the last one
    $max = min($max, max(array_keys($file_data)));
    $file_data = array_slice($file_data, $min - 1, $max - $min);
    $context['file_data'] = array('contents' => $file_data, 'min' => $min, 'target' => $line, 'file' => strtr($file, array('"' => '\\"')));
    loadTemplate('Errors');
    $context['template_layers'] = array();
    $context['sub_template'] = 'show_file';
}
Exemplo n.º 27
0
function getBoardParents($id_parent)
{
    global $db_prefix, $scripturl, $txt;
    $boards = array();
    // Loop while the parent is non-zero.
    while ($id_parent != 0) {
        $result = db_query("\n\t\t\tSELECT\n\t\t\t\tb.ID_PARENT, b.name, {$id_parent} AS ID_BOARD, IFNULL(mem.ID_MEMBER, 0) AS ID_MODERATOR,\n\t\t\t\tmem.realName, b.childLevel\n\t\t\tFROM {$db_prefix}boards AS b\n\t\t\t\tLEFT JOIN {$db_prefix}moderators AS mods ON (mods.ID_BOARD = b.ID_BOARD)\n\t\t\t\tLEFT JOIN {$db_prefix}members AS mem ON (mem.ID_MEMBER = mods.ID_MEMBER)\n\t\t\tWHERE b.ID_BOARD = {$id_parent}", __FILE__, __LINE__);
        // In the EXTREMELY unlikely event this happens, give an error message.
        if (mysql_num_rows($result) == 0) {
            fatal_lang_error('parent_not_found');
        }
        while ($row = mysql_fetch_assoc($result)) {
            if (!isset($boards[$row['ID_BOARD']])) {
                $id_parent = $row['ID_PARENT'];
                $boards[$row['ID_BOARD']] = array('url' => $scripturl . '?board=' . $row['ID_BOARD'] . '.0', 'name' => $row['name'], 'level' => $row['childLevel'], 'moderators' => array());
            }
            // If a moderator exists for this board, add that moderator for all children too.
            if (!empty($row['ID_MODERATOR'])) {
                foreach ($boards as $id => $dummy) {
                    $boards[$id]['moderators'][$row['ID_MODERATOR']] = array('id' => $row['ID_MODERATOR'], 'name' => $row['realName'], 'href' => $scripturl . '?action=profile;u=' . $row['ID_MODERATOR'], 'link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['ID_MODERATOR'] . '" title="' . $txt[62] . '">' . $row['realName'] . '</a>');
                }
            }
        }
        mysql_free_result($result);
    }
    return $boards;
}
Exemplo n.º 28
0
function CalendarPost()
{
    global $context, $txt, $db_prefix, $user_info, $sourcedir, $scripturl;
    global $modSettings, $topic, $ID_MEMBER, $func;
    // Well - can they?
    isAllowedTo('calendar_post');
    // Cast this for safety...
    if (isset($_REQUEST['eventid'])) {
        $_REQUEST['eventid'] = (int) $_REQUEST['eventid'];
    }
    // Submitting?
    if (isset($_POST['sc'], $_REQUEST['eventid'])) {
        checkSession();
        // Validate the post...
        if (!isset($_POST['link_to_board'])) {
            require_once $sourcedir . '/Subs-Post.php';
            calendarValidatePost();
        }
        // If you're not allowed to edit any events, you have to be the poster.
        if ($_REQUEST['eventid'] > 0 && !allowedTo('calendar_edit_any')) {
            // Get the event's poster.
            $request = db_query("\n\t\t\t\tSELECT ID_MEMBER\n\t\t\t\tFROM {$db_prefix}calendar\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
            list($poster) = mysql_fetch_row($request);
            mysql_free_result($request);
            // Finally, test if they can either edit ANY, or just their own...
            if (!allowedTo('calendar_edit_any')) {
                isAllowedTo('calendar_edit_' . ($poster == $ID_MEMBER ? 'own' : 'any'));
            }
        }
        // New - and directing?
        if ($_REQUEST['eventid'] == -1 && isset($_POST['link_to_board'])) {
            $_REQUEST['calendar'] = 1;
            require_once $sourcedir . '/Post.php';
            return Post();
        } elseif ($_REQUEST['eventid'] == -1) {
            calendarInsertEvent(0, 0, $_POST['evtitle'], $ID_MEMBER, $_POST['month'], $_POST['day'], $_POST['year'], isset($_POST['span']) ? $_POST['span'] : null);
        } elseif (isset($_REQUEST['deleteevent'])) {
            db_query("\n\t\t\t\tDELETE FROM {$db_prefix}calendar\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
        } else {
            // Calculate the eventDate depending on span.
            $span = empty($modSettings['cal_allowspan']) || empty($_POST['span']) || $_POST['span'] == 1 || empty($modSettings['cal_maxspan']) || $_POST['span'] > $modSettings['cal_maxspan'] ? 0 : min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1);
            $start_time = mktime(0, 0, 0, (int) $_REQUEST['month'], (int) $_REQUEST['day'], (int) $_REQUEST['year']);
            db_query("\n\t\t\t\tUPDATE {$db_prefix}calendar\n\t\t\t\tSET \n\t\t\t\t\tstartDate = '" . strftime('%Y-%m-%d', $start_time) . "',\n\t\t\t\t\tendDate = '" . strftime('%Y-%m-%d', $start_time + $span * 86400) . "', \n\t\t\t\t\ttitle = '" . $func['htmlspecialchars']($_REQUEST['evtitle'], ENT_QUOTES) . "'\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
        }
        updateStats('calendar');
        // No point hanging around here now...
        redirectexit($scripturl . '?action=calendar;month=' . $_POST['month'] . ';year=' . $_POST['year']);
    }
    // If we are not enabled... we are not enabled.
    if (empty($modSettings['cal_allow_unlinked']) && empty($_REQUEST['eventid'])) {
        $_REQUEST['calendar'] = 1;
        require_once $sourcedir . '/Post.php';
        return Post();
    }
    // New?
    if (!isset($_REQUEST['eventid'])) {
        $today = getdate();
        $context['event'] = array('boards' => array(), 'board' => !empty($modSettings['cal_defaultboard']) ? $modSettings['cal_defaultboard'] : 0, 'new' => 1, 'eventid' => -1, 'year' => isset($_REQUEST['year']) ? $_REQUEST['year'] : $today['year'], 'month' => isset($_REQUEST['month']) ? $_REQUEST['month'] : $today['mon'], 'day' => isset($_REQUEST['day']) ? $_REQUEST['day'] : $today['mday'], 'title' => '', 'span' => 1);
        // Get list of boards that can be posted in.
        $boards = boardsAllowedTo('post_new');
        if (empty($boards)) {
            fatal_lang_error('cannot_post_new');
        }
        $request = db_query("\n\t\t\tSELECT c.name AS catName, c.ID_CAT, b.ID_BOARD, b.name AS boardName, b.childLevel\n\t\t\tFROM {$db_prefix}boards AS b\n\t\t\t\tLEFT JOIN {$db_prefix}categories AS c ON (c.ID_CAT = b.ID_CAT)\n\t\t\tWHERE {$user_info['query_see_board']}" . (in_array(0, $boards) ? '' : "\n\t\t\t\tAND b.ID_BOARD IN (" . implode(', ', $boards) . ")"), __FILE__, __LINE__);
        while ($row = mysql_fetch_assoc($request)) {
            $context['event']['boards'][] = array('id' => $row['ID_BOARD'], 'name' => $row['boardName'], 'childLevel' => $row['childLevel'], 'prefix' => str_repeat('&nbsp;', $row['childLevel'] * 3), 'cat' => array('id' => $row['ID_CAT'], 'name' => $row['catName']));
        }
        mysql_free_result($request);
    } else {
        $request = db_query("\n\t\t\tSELECT\n\t\t\t\tc.ID_EVENT, c.ID_BOARD, c.ID_TOPIC, MONTH(c.startDate) AS month,\n\t\t\t\tDAYOFMONTH(c.startDate) AS day, YEAR(c.startDate) AS year,\n\t\t\t\t(TO_DAYS(c.endDate) - TO_DAYS(c.startDate)) AS span, c.ID_MEMBER, c.title,\n\t\t\t\tt.ID_FIRST_MSG, t.ID_MEMBER_STARTED\n\t\t\tFROM {$db_prefix}calendar AS c\n\t\t\t\tLEFT JOIN {$db_prefix}topics AS t ON (t.ID_TOPIC = c.ID_TOPIC)\n\t\t\tWHERE c.ID_EVENT = {$_REQUEST['eventid']}", __FILE__, __LINE__);
        // If nothing returned, we are in poo, poo.
        if (mysql_num_rows($request) == 0) {
            fatal_lang_error(1);
        }
        $row = mysql_fetch_assoc($request);
        mysql_free_result($request);
        // If it has a board, then they should be editing it within the topic.
        if ($row['ID_TOPIC'] && $row['ID_FIRST_MSG']) {
            // We load the board up, for a check on the board access rights...
            $topic = $row['ID_TOPIC'];
            loadBoard();
        }
        // Make sure the user is allowed to edit this event.
        if ($row['ID_MEMBER'] != $ID_MEMBER) {
            isAllowedTo('calendar_edit_any');
        } elseif (!allowedTo('calendar_edit_any')) {
            isAllowedTo('calendar_edit_own');
        }
        $context['event'] = array('boards' => array(), 'board' => $row['ID_BOARD'], 'new' => 0, 'eventid' => $_REQUEST['eventid'], 'year' => $row['year'], 'month' => $row['month'], 'day' => $row['day'], 'title' => $row['title'], 'span' => 1 + $row['span']);
    }
    $context['event']['last_day'] = (int) strftime('%d', mktime(0, 0, 0, $context['event']['month'] == 12 ? 1 : $context['event']['month'] + 1, 0, $context['event']['month'] == 12 ? $context['event']['year'] + 1 : $context['event']['year']));
    // Template, sub template, etc.
    loadTemplate('Calendar');
    $context['sub_template'] = 'event_post';
    $context['page_title'] = isset($_REQUEST['eventid']) ? $txt['calendar20'] : $txt['calendar23'];
    $context['linktree'][] = array('name' => $context['page_title']);
}
Exemplo n.º 29
0
/**
 * Function for editing a task.
 *
 * @uses ManageScheduledTasks template, edit_scheduled_tasks sub-template
 */
function EditTask()
{
    global $context, $txt, $sourcedir, $smcFunc, $user_info, $modSettings;
    // Just set up some lovely context stuff.
    $context[$context['admin_menu_name']]['current_subsection'] = 'tasks';
    $context['sub_template'] = 'edit_scheduled_tasks';
    $context['page_title'] = $txt['scheduled_task_edit'];
    $context['server_time'] = timeformat(time(), false, 'server');
    // Cleaning...
    if (!isset($_GET['tid'])) {
        fatal_lang_error('no_access', false);
    }
    $_GET['tid'] = (int) $_GET['tid'];
    // Saving?
    if (isset($_GET['save'])) {
        checkSession();
        validateToken('admin-st');
        // We'll need this for calculating the next event.
        require_once $sourcedir . '/ScheduledTasks.php';
        // Do we have a valid offset?
        preg_match('~(\\d{1,2}):(\\d{1,2})~', $_POST['offset'], $matches);
        // If a half is empty then assume zero offset!
        if (!isset($matches[2]) || $matches[2] > 59) {
            $matches[2] = 0;
        }
        if (!isset($matches[1]) || $matches[1] > 23) {
            $matches[1] = 0;
        }
        // Now the offset is easy; easy peasy - except we need to offset by a few hours...
        $offset = $matches[1] * 3600 + $matches[2] * 60 - date('Z');
        // The other time bits are simple!
        $interval = max((int) $_POST['regularity'], 1);
        $unit = in_array(substr($_POST['unit'], 0, 1), array('m', 'h', 'd', 'w')) ? substr($_POST['unit'], 0, 1) : 'd';
        // Don't allow one minute intervals.
        if ($interval == 1 && $unit == 'm') {
            $interval = 2;
        }
        // Is it disabled?
        $disabled = !isset($_POST['enabled']) ? 1 : 0;
        // Do the update!
        $smcFunc['db_query']('', '
			UPDATE {db_prefix}scheduled_tasks
			SET disabled = {int:disabled}, time_offset = {int:time_offset}, time_unit = {string:time_unit},
				time_regularity = {int:time_regularity}
			WHERE id_task = {int:id_task}', array('disabled' => $disabled, 'time_offset' => $offset, 'time_regularity' => $interval, 'id_task' => $_GET['tid'], 'time_unit' => $unit));
        // Check the next event.
        CalculateNextTrigger($_GET['tid'], true);
        // Return to the main list.
        redirectexit('action=admin;area=scheduledtasks');
    }
    // Load the task, understand? Que? Que?
    $request = $smcFunc['db_query']('', '
		SELECT id_task, next_time, time_offset, time_regularity, time_unit, disabled, task
		FROM {db_prefix}scheduled_tasks
		WHERE id_task = {int:id_task}', array('id_task' => $_GET['tid']));
    // Should never, ever, happen!
    if ($smcFunc['db_num_rows']($request) == 0) {
        fatal_lang_error('no_access', false);
    }
    while ($row = $smcFunc['db_fetch_assoc']($request)) {
        $context['task'] = array('id' => $row['id_task'], 'function' => $row['task'], 'name' => isset($txt['scheduled_task_' . $row['task']]) ? $txt['scheduled_task_' . $row['task']] : $row['task'], 'desc' => isset($txt['scheduled_task_desc_' . $row['task']]) ? $txt['scheduled_task_desc_' . $row['task']] : '', 'next_time' => $row['disabled'] ? $txt['scheduled_tasks_na'] : timeformat($row['next_time'] == 0 ? time() : $row['next_time'], true, 'server'), 'disabled' => $row['disabled'], 'offset' => $row['time_offset'], 'regularity' => $row['time_regularity'], 'offset_formatted' => date('H:i', $row['time_offset']), 'unit' => $row['time_unit']);
    }
    $smcFunc['db_free_result']($request);
    createToken('admin-st');
}
function sportal_admin_page_edit()
{
    global $txt, $context, $modSettings, $smcFunc, $sourcedir, $options;
    require_once $sourcedir . '/Subs-Editor.php';
    require_once $sourcedir . '/Subs-Post.php';
    $context['SPortal']['is_new'] = empty($_REQUEST['page_id']);
    if (!empty($_REQUEST['content_mode']) && $_POST['type'] == 'bbc') {
        $_REQUEST['content'] = html_to_bbc($_REQUEST['content']);
        $_REQUEST['content'] = un_htmlspecialchars($_REQUEST['content']);
        $_POST['content'] = $_REQUEST['content'];
    }
    $context['sides'] = array(5 => $txt['sp-positionHeader'], 1 => $txt['sp-positionLeft'], 2 => $txt['sp-positionTop'], 3 => $txt['sp-positionBottom'], 4 => $txt['sp-positionRight'], 6 => $txt['sp-positionFooter']);
    $blocks = getBlockInfo();
    $context['page_blocks'] = array();
    foreach ($blocks as $block) {
        $shown = false;
        $tests = array('all', 'allpages', 'sforum');
        if (!$context['SPortal']['is_new']) {
            $tests[] = 'p' . (int) $_REQUEST['page_id'];
        }
        foreach (array('display', 'display_custom') as $field) {
            if (substr($block[$field], 0, 4) === '$php') {
                continue 2;
            }
            $block[$field] = explode(',', $block[$field]);
            if (!$context['SPortal']['is_new'] && in_array('-p' . (int) $_REQUEST['page_id'], $block[$field])) {
                continue;
            }
            foreach ($tests as $test) {
                if (in_array($test, $block[$field])) {
                    $shown = true;
                    break;
                }
            }
        }
        $context['page_blocks'][$block['column']][] = array('id' => $block['id'], 'label' => $block['label'], 'shown' => $shown);
    }
    if (!empty($_POST['submit'])) {
        checkSession();
        if (!isset($_POST['title']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES)) === '') {
            fatal_lang_error('sp_error_page_name_empty', false);
        }
        if (!isset($_POST['namespace']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES)) === '') {
            fatal_lang_error('sp_error_page_namespace_empty', false);
        }
        $result = $smcFunc['db_query']('', '
			SELECT id_page
			FROM {db_prefix}sp_pages
			WHERE namespace = {string:namespace}
				AND id_page != {int:current}
			LIMIT 1', array('limit' => 1, 'namespace' => $smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES), 'current' => (int) $_POST['page_id']));
        list($has_duplicate) = $smcFunc['db_fetch_row']($result);
        $smcFunc['db_free_result']($result);
        if (!empty($has_duplicate)) {
            fatal_lang_error('sp_error_page_namespace_duplicate', false);
        }
        if (preg_match('~[^A-Za-z0-9_]+~', $_POST['namespace']) != 0) {
            fatal_lang_error('sp_error_page_namespace_invalid_chars', false);
        }
        if (preg_replace('~[0-9]+~', '', $_POST['namespace']) === '') {
            fatal_lang_error('sp_error_page_namespace_numeric', false);
        }
        if ($_POST['type'] == 'php' && !empty($_POST['content']) && empty($modSettings['sp_disable_php_validation'])) {
            $error = sp_validate_php($_POST['content']);
            if ($error) {
                fatal_lang_error('error_sp_php_' . $error, false);
            }
        }
        $permission_set = 0;
        $groups_allowed = $groups_denied = '';
        if (!empty($_POST['permission_set'])) {
            $permission_set = (int) $_POST['permission_set'];
        } elseif (!empty($_POST['membergroups']) && is_array($_POST['membergroups'])) {
            $groups_allowed = $groups_denied = array();
            foreach ($_POST['membergroups'] as $id => $value) {
                if ($value == 1) {
                    $groups_allowed[] = (int) $id;
                } elseif ($value == -1) {
                    $groups_denied[] = (int) $id;
                }
            }
            $groups_allowed = implode(',', $groups_allowed);
            $groups_denied = implode(',', $groups_denied);
        }
        if (!empty($_POST['blocks']) && is_array($_POST['blocks'])) {
            foreach ($_POST['blocks'] as $id => $block) {
                $_POST['blocks'][$id] = (int) $block;
            }
        } else {
            $_POST['blocks'] = array();
        }
        $fields = array('namespace' => 'string', 'title' => 'string', 'body' => 'string', 'type' => 'string', 'permission_set' => 'int', 'groups_allowed' => 'string', 'groups_denied' => 'string', 'style' => 'string', 'status' => 'int');
        $page_info = array('id' => (int) $_POST['page_id'], 'namespace' => $smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES), 'title' => $smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES), 'body' => $smcFunc['htmlspecialchars']($_POST['content'], ENT_QUOTES), 'type' => $_POST['type'], 'permission_set' => $permission_set, 'groups_allowed' => $groups_allowed, 'groups_denied' => $groups_denied, 'style' => sportal_parse_style('implode'), 'status' => !empty($_POST['status']) ? 1 : 0);
        if ($page_info['type'] == 'bbc') {
            preparsecode($page_info['body']);
        }
        if ($context['SPortal']['is_new']) {
            unset($page_info['id']);
            $smcFunc['db_insert']('', '{db_prefix}sp_pages', $fields, $page_info, array('id_page'));
            $page_info['id'] = $smcFunc['db_insert_id']('{db_prefix}sp_pages', 'id_page');
        } else {
            $update_fields = array();
            foreach ($fields as $name => $type) {
                $update_fields[] = $name . ' = {' . $type . ':' . $name . '}';
            }
            $smcFunc['db_query']('', '
				UPDATE {db_prefix}sp_pages
				SET ' . implode(', ', $update_fields) . '
				WHERE id_page = {int:id}', $page_info);
        }
        $to_show = array();
        $not_to_show = array();
        $changes = array();
        foreach ($context['page_blocks'] as $page_blocks) {
            foreach ($page_blocks as $block) {
                if ($block['shown'] && !in_array($block['id'], $_POST['blocks'])) {
                    $not_to_show[] = $block['id'];
                } elseif (!$block['shown'] && in_array($block['id'], $_POST['blocks'])) {
                    $to_show[] = $block['id'];
                }
            }
        }
        foreach ($to_show as $id) {
            if (empty($blocks[$id]['display']) && empty($blocks[$id]['display_custom']) || $blocks[$id]['display'] == 'sportal') {
                $changes[$id] = array('display' => 'portal,p' . $page_info['id'], 'display_custom' => '');
            } elseif (in_array($blocks[$id]['display'], array('allaction', 'allboard'))) {
                $changes[$id] = array('display' => '', 'display_custom' => $blocks[$id]['display'] . ',p' . $page_info['id']);
            } elseif (in_array('-p' . $page_info['id'], explode(',', $blocks[$id]['display_custom']))) {
                $changes[$id] = array('display' => $blocks[$id]['display'], 'display_custom' => implode(',', array_diff(explode(',', $blocks[$id]['display_custom']), array('-p' . $page_info['id']))));
            } elseif (empty($blocks[$id]['display_custom'])) {
                $changes[$id] = array('display' => implode(',', array_merge(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => '');
            } else {
                $changes[$id] = array('display' => $blocks[$id]['display'], 'display_custom' => implode(',', array_merge(explode(',', $blocks[$id]['display_custom']), array('p' . $page_info['id']))));
            }
        }
        foreach ($not_to_show as $id) {
            if (count(array_intersect(array($blocks[$id]['display'], $blocks[$id]['display_custom']), array('sforum', 'allpages', 'all'))) > 0) {
                $changes[$id] = array('display' => '', 'display_custom' => $blocks[$id]['display'] . $blocks[$id]['display_custom'] . ',-p' . $page_info['id']);
            } elseif (empty($blocks[$id]['display_custom'])) {
                $changes[$id] = array('display' => implode(',', array_diff(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => '');
            } else {
                $changes[$id] = array('display' => implode(',', array_diff(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => implode(',', array_diff(explode(',', $blocks[$id]['display_custom']), array('p' . $page_info['id']))));
            }
        }
        foreach ($changes as $id => $data) {
            $smcFunc['db_query']('', '
				UPDATE {db_prefix}sp_blocks
				SET
					display = {string:display},
					display_custom = {string:display_custom}
				WHERE id_block = {int:id}', array('id' => $id, 'display' => $data['display'], 'display_custom' => $data['display_custom']));
        }
        redirectexit('action=admin;area=portalpages');
    }
    if (!empty($_POST['preview'])) {
        $permission_set = 0;
        $groups_allowed = $groups_denied = array();
        if (!empty($_POST['permission_set'])) {
            $permission_set = (int) $_POST['permission_set'];
        } elseif (!empty($_POST['membergroups']) && is_array($_POST['membergroups'])) {
            foreach ($_POST['membergroups'] as $id => $value) {
                if ($value == 1) {
                    $groups_allowed[] = (int) $id;
                } elseif ($value == -1) {
                    $groups_denied[] = (int) $id;
                }
            }
        }
        $context['SPortal']['page'] = array('id' => $_POST['page_id'], 'page_id' => $_POST['namespace'], 'title' => $smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES), 'body' => $smcFunc['htmlspecialchars']($_POST['content'], ENT_QUOTES), 'type' => $_POST['type'], 'permission_set' => $permission_set, 'groups_allowed' => $groups_allowed, 'groups_denied' => $groups_denied, 'style' => sportal_parse_style('implode'), 'status' => !empty($_POST['status']));
        if ($context['SPortal']['page']['type'] == 'bbc') {
            preparsecode($context['SPortal']['page']['body']);
        }
        loadTemplate('PortalPages');
        $context['SPortal']['preview'] = true;
    } elseif ($context['SPortal']['is_new']) {
        $context['SPortal']['page'] = array('id' => 0, 'page_id' => 'page' . mt_rand(1, 5000), 'title' => $txt['sp_pages_default_title'], 'body' => '', 'type' => 'bbc', 'permission_set' => 3, 'groups_allowed' => array(), 'groups_denied' => array(), 'style' => '', 'status' => 1);
    } else {
        $_REQUEST['page_id'] = (int) $_REQUEST['page_id'];
        $context['SPortal']['page'] = sportal_get_pages($_REQUEST['page_id']);
    }
    if ($context['SPortal']['page']['type'] == 'bbc') {
        $context['SPortal']['page']['body'] = str_replace(array('"', '<', '>', '&nbsp;'), array('&quot;', '&lt;', '&gt;', ' '), un_preparsecode($context['SPortal']['page']['body']));
    }
    if ($context['SPortal']['page']['type'] != 'bbc') {
        $temp_editor = !empty($options['wysiwyg_default']);
        $options['wysiwyg_default'] = false;
    }
    $editorOptions = array('id' => 'content', 'value' => $context['SPortal']['page']['body'], 'width' => '95%', 'height' => '200px', 'preview_type' => 0);
    create_control_richedit($editorOptions);
    $context['post_box_name'] = $editorOptions['id'];
    if (isset($temp_editor)) {
        $options['wysiwyg_default'] = $temp_editor;
    }
    $context['SPortal']['page']['groups'] = sp_load_membergroups();
    $context['SPortal']['page']['style'] = sportal_parse_style('explode', $context['SPortal']['page']['style'], !empty($context['SPortal']['preview']));
    $context['page_title'] = $context['SPortal']['is_new'] ? $txt['sp_admin_pages_add'] : $txt['sp_admin_pages_edit'];
    $context['sub_template'] = 'pages_edit';
}