<p>Enter your password: <input type="password" name="confirmpwd" /></p> <p><input type="hidden" name="delete_id" value="<?php echo $id; ?> " /> <input type="submit" name="delete" value="Yes" /> <a href="<?php echo $base_config['baseurl']; ?> /admin/interface/pages">No</a></p> </form> <?php return; } $q = new DBSelect('pages', array('*'), '', 'Failed to get page list'); $result = $q->commit(); if (isset($_POST['form_sent_b'])) { if (futurebb_hash($_POST['confirmpwd']) == $futurebb_user['password']) { foreach ($_POST as $key => $val) { if (ctype_digit((string) $key)) { //insert history entry $select = new DBSelect('pages', array('*'), 'id=' . intval($key), 'Failed to get old value'); $result = $select->commit(); $element = $db->fetch_assoc($result); $lines = array(); foreach ($element as $db_key => $db_val) { $lines[] = $db_key . '=>' . $db_val; } $insertquery = new DBInsert('interface_history', array('action' => 'edit', 'area' => 'pages', 'field' => intval($key), 'user' => $futurebb_user['id'], 'time' => time(), 'old_value' => base64_encode(implode("\n", $lines))), 'Failed to insert history entry'); $insertquery->commit(); foreach ($val as $field => $field_value) { //update the field $updatequery = new DBUpdate('pages', array($field => $field_value), 'id=' . intval($key), 'Failed to update page entry');
#loginform { border:1px solid #000; padding-left:10px; } body { font-family:Arial, Helvetica, sans-serif; } </style> </head> <body> <h1>FutureBB Database Upgrade</h1> <div> <?php if (isset($_POST['form_sent'])) { $result = $db->query('SELECT 1 FROM `#^users` AS u LEFT JOIN `#^user_groups` AS g ON g.g_id=u.group_id WHERE username=\'' . $db->escape($_POST['username']) . '\' AND password=\'' . futurebb_hash($_POST['password']) . '\' AND g.g_admin_privs=1') or error('Failed to check login'); if ($db->num_rows($result)) { ?> <ul> <?php //include all files between old revision and new revision for ($i = (isset($futurebb_config['db_version']) ? $futurebb_config['db_version'] : 0) + 1; $i <= DB_VERSION; $i++) { include FORUM_ROOT . '/app_resources/database/upgrades/' . $i . '.php'; } ?> </ul> <p>Database upgrade success! You may now <a href="<?php echo $base_config['baseurl']; ?> ">visit your forum</a>.</p> <?php
<link path="users" perm="g_user_list">userlist</link> <link path="search">search</link> <link path="admin" perm="g_admin_privs">administration</link> <link path="admin/bans" perm="g_mod_privs ~g_admin_privs">administration</link> <link path="register/$reghash$" perm="~valid">register</link> <link path="logout" perm="valid">logout</link> </linkset>'); set_config('admin_pages', 'PT5pbmRleApiYW5zPT5iYW5zCnJlcG9ydHM9PnJlcG9ydHMKY2Vuc29yaW5nPT5jZW5zb3JpbmcKZm9ydW1zPT5mb3J1bXMKaXBfdHJhY2tlcj0+aXB0cmFja2VyCnVzZXJfZ3JvdXBzPT51c2VyZ3JvdXBzCnRyYXNoX2Jpbj0+dHJhc2hiaW4KbWFpbnRlbmFuY2U9Pm1haW50ZW5hbmNlCnN0eWxlPT5zdHlsZQpleHRlbnNpb25zPT5leHRlbnNpb25zCmludGVyZmFjZT0+aW50ZXJmYWNl'); set_config('mod_pages', 'YmFucz0+YmFucwpyZXBvcnRzPT5yZXBvcnRzCnRyYXNoX2Jpbj0+dHJhc2hiaW4KaXBfdHJhY2tlcj0+aXB0cmFja2Vy'); set_config('date_format', 'd M Y'); set_config('time_format', 'H:i'); //create guest user $insert = new DBInsert('users', array('username' => 'Guest', 'password' => 'Guest', 'email' => '', 'registered' => 0, 'registration_ip' => '', 'group_id' => 0, 'last_visit' => 0, 'last_page_load' => 0, 'signature' => ''), 'Failed to create admin user'); $insert->commit(); //create admin user $insert = new DBInsert('users', array('username' => get_cookie_data('adminusername'), 'password' => futurebb_hash(get_cookie_data('adminpass')), 'email' => get_cookie_data('adminemail'), 'registered' => time(), 'registration_ip' => $_SERVER['REMOTE_ADDR'], 'group_id' => 1, 'last_visit' => time(), 'last_page_load' => time(), 'rss_token' => md5(time())), 'Failed to create admin user'); $insert->commit(); //create user groups $insert = new DBInsert('user_groups', array('g_permanent' => 1, 'g_guest_group' => 0, 'g_name' => 'Administrators', 'g_title' => 'Administrator', 'g_admin_privs' => 1, 'g_mod_privs' => 1, 'g_edit_posts' => 1, 'g_delete_posts' => 1, 'g_signature' => 1, 'g_user_list' => 1, 'g_user_list_groups' => '', 'g_promote_group' => 0, 'g_promote_posts' => 0, 'g_promote_operator' => 0, 'g_promote_days' => 0, 'g_post_flood' => 0, 'g_posts_per_hour' => 0, 'g_post_links' => 1, 'g_post_images' => 1), 'Failed to create admin user group'); $insert->commit(); $insert = new DBInsert('user_groups', array('g_permanent' => 1, 'g_guest_group' => 1, 'g_name' => 'Guests', 'g_title' => 'Guest', 'g_admin_privs' => 0, 'g_mod_privs' => 0, 'g_edit_posts' => 0, 'g_delete_posts' => 0, 'g_signature' => 0, 'g_user_list' => 0, 'g_user_list_groups' => '', 'g_promote_group' => 0, 'g_promote_posts' => 0, 'g_promote_operator' => 0, 'g_promote_days' => 0, 'g_post_flood' => 0, 'g_posts_per_hour' => 0, 'g_post_links' => 0, 'g_post_images' => 0), 'Failed to create guest user group'); $insert->commit(); $insert = new DBInsert('user_groups', array('g_permanent' => 1, 'g_guest_group' => 0, 'g_name' => 'Members', 'g_title' => 'Member', 'g_admin_privs' => 0, 'g_mod_privs' => 0, 'g_edit_posts' => 1, 'g_delete_posts' => 1, 'g_signature' => 1, 'g_user_list' => 1, 'g_user_list_groups' => '', 'g_promote_group' => 0, 'g_promote_posts' => 0, 'g_promote_operator' => 0, 'g_promote_days' => 0, 'g_post_flood' => 60, 'g_posts_per_hour' => 0, 'g_post_links' => 1, 'g_post_images' => 1), 'Failed to create member user group'); $insert->commit(); //run through stock cache to insert pages and language keys include FORUM_ROOT . '/app_config/cache/pages.php'; $q = 'INSERT INTO `#^pages`(url,file,template,nocontentbox,admin,moderator,subdirs) VALUES'; $page_insert_data = array(); foreach ($pages as $url => $info) { $page_insert_data[] = '(\'' . $db->escape($url) . '\',\'' . $db->escape($info['file']) . '\',' . ($info['template'] ? '1' : '0') . ',' . (isset($info['nocontentbox']) ? '1' : '0') . ',' . ($info['admin'] ? '1' : '0') . ',' . ($info['mod'] ? '1' : '0') . ',0)'; }
echo '<b style="color:#F00">[Failed]</b></p></body></html>'; die; } echo '<b style="color:#0A0">[Success]</b></p>'; $db->query('TRUNCATE TABLE `#^config`') or error('Failed to wipe config', __FILE__, __LINE__, $db->error()); set_config('board_title', $_POST['config']['board_title']); set_config('admin_email', $_POST['config']['admin_email']); set_config('announcement_text', ''); set_config('announcement_enable', 0); set_config('default_user_group', 3); set_config('censoring', ''); set_config('footer_text', ''); $db->query('TRUNCATE TABLE `#^users`') or error('Failed to wipe users table', __FILE__, __LINE__, $db->error()); $db->query('INSERT INTO `#^users`(id,username,group_id,timezone) VALUES(0,\'Guest\',2,0)') or error('Failed to create guest user', __FILE__, __LINE__, $db->error()); $db->query('UPDATE `#^users` SET id=0 WHERE username=\'Guest\'') or error('Failed to zero ID of guest user', __FILE__, __LINE__, $db->error()); $db->query('INSERT INTO `#^users`(username,password,email,registered,registration_ip,group_id,last_visit,timezone) VALUES(\'' . $db->escape($_POST['username']) . '\',\'' . futurebb_hash($_POST['pwd1']) . '\',\'' . $db->escape($_POST['email']) . '\',' . time() . ',\'' . $db->escape($_SERVER['REMOTE_ADDR']) . '\',1,' . time() . ',0)') or error('Failed to create admin user', __FILE__, __LINE__, $db->error()); $db->query('TRUNCATE TABLE `#^user_groups') or error('Failed to wipe user groups', __FILE__, __LINE__, $db->error()); $db->query('INSERT INTO `#^user_groups`(g_permanent,g_guest_group,g_name,g_title,g_admin_privs,g_mod_privs,g_edit_posts,g_delete_posts,g_signature) VALUES(1,0,\'Administrators\',\'Administrator\',1,1,1,1,1)') or error('Failed to create admin user group', __FILE__, __LINE__, $db->error()); $db->query('INSERT INTO `#^user_groups`(g_permanent,g_guest_group,g_name,g_title,g_admin_privs,g_mod_privs,g_edit_posts,g_delete_posts,g_signature) VALUES(1,1,\'Guests\',\'Guest\',0,0,0,0,0)') or error('Failed to create guest user group', __FILE__, __LINE__, $db->error()); $db->query('INSERT INTO `#^user_groups`(g_permanent,g_guest_group,g_name,g_title,g_admin_privs,g_mod_privs,g_edit_posts,g_delete_posts,g_signature) VALUES(1,0,\'Members\',\'Member\',0,0,1,1,1)') or error('Failed to create member user group', __FILE__, __LINE__, $db->error()); $config['ready'] = 1; update_config(); header('Refresh: 0'); } else { if (isset($config['config.xml'])) { ?> <form action="install.php" method="post" enctype="multipart/form-data"> <h2>Board settings</h2> <table border="0"> <tr> <td>Board title</td>
if (isset($_GET['reset_pass'])) { if (!isset($_GET['username'])) { httperror(404); } $result = $db->query('SELECT id FROM `#^users` WHERE username=\'' . $db->escape($_GET['username']) . '\' AND recover_key=\'' . $db->escape($_GET['key']) . '\'') or error('Failed to find user', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) { httperror(404); } list($id) = $db->fetch_row($result); if (isset($_POST['reset_form_sent'])) { if ($_POST['pass1'] != $_POST['pass2']) { echo '<p>' . translate('passnomatch') . '</p>'; return; } $db->query('UPDATE `#^users` SET password=\'' . $db->escape(futurebb_hash($_POST['pass1'])) . '\',recover_key=NULL WHERE id=' . $id) or error('Failed to update password', __FILE__, __LINE__, $db->error()); LoginController::LogInUser($id, futurebb_hash($_POST['pass1']), $_SERVER['HTTP_USER_AGENT'], true); echo '<p>' . translate('pwdresetsuccess') . '<br /><a href="' . $base_config['baseurl'] . '">' . translate('login') . '</a></p>'; return; } else { ?> <form action="<?php echo $base_config['baseurl']; ?> /login?reset_pass&username=<?php echo htmlspecialchars($_GET['username']); ?> &key=<?php echo htmlspecialchars($_GET['key']); ?> " method="post" enctype="multipart/form-data"> <h2><?php
echo '</form>'; PMBox(); break; case 'security': if (isset($_POST['form_sent'])) { $common = explode("\n", base64_decode(file_get_contents(FORUM_ROOT . '/app_config/commonpasswords.txt'))); if ($_POST['pwd1'] != $_POST['pwd2']) { echo '<p><b>' . translate('passnomatch') . '</b></p>'; } elseif (strlen($_POST['pwd1']) < 8) { echo '<p><b>' . translate('shortpass') . '</b></p>'; } elseif (in_array($_POST['pwd1'], $common)) { echo '<p><b>' . translate('commonpass') . '</b></p>'; } else { $db->query('UPDATE `#^users` SET password=\'' . futurebb_hash($_POST['pwd1']) . '\' WHERE username=\'' . $db->escape($user) . '\'') or error('Failed to update password', __FILE__, __LINE__, $db->error()); if ($cur_user['id'] == $futurebb_user['id']) { LoginController::LogInUser($futurebb_user['id'], futurebb_hash($_POST['pwd1']), $_SERVER['HTTP_USER_AGENT']); } redirect($base_config['baseurl'] . '/users/' . rawurlencode($dirs[2])); } } echo '<form action="' . $base_config['baseurl'] . '/users/' . htmlspecialchars($dirs[2]) . '/security" method="post" enctype="multipart/form-data">'; ?> <h2><?php echo translate('changepass'); ?> </h2> <table border="0"> <tr> <td><?php echo translate('newpass'); ?>
?> <h2><?php echo translate('register'); ?> </h2> <?php if ($futurebb_config['rules'] != '') { echo '<h3>Rules</h3><p>' . $futurebb_config['rules'] . '</p><h3>Information</h3>'; } $_SESSION['verified'] = 0; ?> <form action="<?php echo $base_config['baseurl']; ?> /register/<?php echo futurebb_hash(LoginController::GetRandId()); ?> " method="post" enctype="multipart/form-data"> <?php if (isset($errors) && !empty($errors)) { echo '<ul><li>' . implode('</li><li>', $errors) . '</li></ul>'; } ?> <table border="0" class="in_form"> <tr> <th><?php echo translate('username'); ?> </th> <td><input type="text" name="username" /></td> </tr>
static function replace_interface_strings($text) { //this is for header text, when spitting it out in real time to replace stuff like $username$ global $futurebb_user; $text = str_replace('$username$', $futurebb_user['username'], $text); $text = str_replace('$reghash$', futurebb_hash(LoginController::GetRandID()), $text); return $text; }