public function check_errors_before_edit($id, $can_edit_subject, $errors)
{
global $lang_post, $pd;
// If it's a topic it must contain a subject
if ($can_edit_subject) {
$subject = feather_trim($this->request->post('req_subject'));
if ($this->config['o_censoring'] == '1') {
$censored_subject = feather_trim(censor_words($subject));
}
if ($subject == '') {
$errors[] = $lang_post['No subject'];
} elseif ($this->config['o_censoring'] == '1' && $censored_subject == '') {
$errors[] = $lang_post['No subject after censoring'];
} elseif (feather_strlen($subject) > 70) {
$errors[] = $lang_post['Too long subject'];
} elseif ($this->config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$this->user->is_admmod) {
$errors[] = $lang_post['All caps subject'];
}
}
// Clean up message from POST
$message = feather_linebreaks(feather_trim($this->request->post('req_message')));
// Here we use strlen() not feather_strlen() as we want to limit the post to FEATHER_MAX_POSTSIZE bytes, not characters
if (strlen($message) > FEATHER_MAX_POSTSIZE) {
$errors[] = sprintf($lang_post['Too long message'], forum_number_format(FEATHER_MAX_POSTSIZE));
} elseif ($this->config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$this->user->is_admmod) {
$errors[] = $lang_post['All caps message'];
}
// Validate BBCode syntax
if ($this->config['p_message_bbcode'] == '1') {
require FEATHER_ROOT . 'include/parser.php';
$message = preparse_bbcode($message, $errors);
}
if (empty($errors)) {
if ($message == '') {
$errors[] = $lang_post['No message'];
} elseif ($this->config['o_censoring'] == '1') {
// Censor message to see if that causes problems
$censored_message = feather_trim(censor_words($message));
if ($censored_message == '') {
$errors[] = $lang_post['No message after censoring'];
}
}
}
return $errors;
}
message($lang_prof_reg['Bad ICQ']);
}
break;
case 'personality':
$form = array();
// Clean up signature from POST
if ($pun_config['o_signatures'] == '1') {
$form['signature'] = pun_linebreaks(pun_trim($_POST['signature']));
// Validate signature
if (pun_strlen($form['signature']) > $pun_config['p_sig_length']) {
message(sprintf($lang_prof_reg['Sig too long'], $pun_config['p_sig_length'], pun_strlen($form['signature']) - $pun_config['p_sig_length']));
} else {
if (substr_count($form['signature'], "\n") > $pun_config['p_sig_lines'] - 1) {
message(sprintf($lang_prof_reg['Sig too many lines'], $pun_config['p_sig_lines']));
} else {
if ($form['signature'] && $pun_config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$pun_user['is_admmod']) {
$form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
}
}
}
// Validate BBCode syntax
if ($pun_config['p_sig_bbcode'] == '1') {
require PUN_ROOT . 'include/parser.php';
$errors = array();
$form['signature'] = preparse_bbcode($form['signature'], $errors, true);
if (count($errors) > 0) {
message('<ul><li>' . implode('</li><li>', $errors) . '</li></ul>');
}
}
}
break;
$errors[] = $lang_post['Too long subject'];
} else {
if ($panther_config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$panther_user['is_admmod']) {
$errors[] = $lang_post['All caps subject'];
}
}
}
}
}
// Clean up message from POST
$message = isset($_POST['req_message']) ? panther_linebreaks(panther_trim($_POST['req_message'])) : '';
// Here we use strlen() not panther_strlen() as we want to limit the post to PANTHER_MAX_POSTSIZE bytes, not characters
if (strlen($message) > PANTHER_MAX_POSTSIZE) {
$errors[] = sprintf($lang_post['Too long message'], forum_number_format(PANTHER_MAX_POSTSIZE));
} else {
if ($panther_config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$panther_user['is_admmod']) {
$errors[] = $lang_post['All caps message'];
}
}
// Validate BBCode syntax
if ($panther_config['p_message_bbcode'] == '1') {
require PANTHER_ROOT . 'include/parser.php';
$message = $parser->preparse_bbcode($message, $errors);
}
if (empty($errors)) {
if ($message == '') {
$errors[] = $lang_post['No message'];
} else {
if ($panther_config['o_censoring'] == '1') {
// Censor message to see if that causes problems
$censored_message = panther_trim(censor_words($message));
// we should only check guests because members' addresses are already verified
if ($luna_user['is_guest'] && is_banned_email($email)) {
if ($luna_config['p_allow_banned_email'] == '0') {
$errors[] = __('The email address you entered is banned in this forum. Please choose another email address.', 'luna');
}
$banned_email = true;
// Used later when we send an alert email
}
}
}
// Clean up message from POST
$orig_message = $message = luna_linebreaks(luna_trim($_POST['req_message']));
// Here we use strlen() not luna_strlen() as we want to limit the comment to FORUM_MAX_POSTSIZE bytes, not characters
if (strlen($message) > FORUM_MAX_POSTSIZE) {
$errors[] = sprintf(__('Comments cannot be longer than %s bytes.', 'luna'), forum_number_format(FORUM_MAX_POSTSIZE));
} elseif ($luna_config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$luna_user['is_admmod']) {
$errors[] = __('Comments cannot contain only capital letters.', 'luna');
}
// Validate BBCode syntax
require FORUM_ROOT . 'include/parser.php';
$message = preparse_bbcode($message, $errors);
if (empty($errors)) {
if ($message == '') {
$errors[] = __('You must enter a message.', 'luna');
} elseif ($luna_config['o_censoring'] == '1') {
// Censor message to see if that causes problems
$censored_message = luna_trim(censor_words($message));
if ($censored_message == '') {
$errors[] = __('You must enter a message. After applying censoring filters, your message was empty.', 'luna');
}
}
$errors[] = $lang_poll['All caps question'];
}
}
}
if (empty($options)) {
$errors[] = $lang_poll['No options'];
}
$option_data = array();
for ($i = 0; $i <= $panther_config['o_max_poll_fields']; $i++) {
if (!empty($errors)) {
break;
}
if (panther_strlen($options[$i]) > 55) {
$errors[] = $lang_poll['Too long option'];
} else {
if ($panther_config['p_subject_all_caps'] == '0' && is_all_uppercase($options[$i]) && !$panther_user['is_admmod']) {
$errors[] = $lang_poll['All caps option'];
} else {
if ($options[$i] != '') {
$option_data[] = $options[$i];
}
}
}
}
if (count($options) < 2) {
$errors[] = $lang_poll['Low options'];
}
($hook = get_extensions('edit_poll_after_validation')) ? eval($hook) : null;
$now = time();
if (empty($errors)) {
$update = array('question' => $question);
public function check_errors_before_post($fid, $tid, $qid, $pid, $page, $errors)
{
global $lang_post, $lang_common, $lang_prof_reg, $lang_register, $lang_antispam, $lang_antispam_questions, $pd;
// Antispam feature
if ($this->user->is_guest) {
// It's a guest, so we have to validate the username
$errors = check_username(feather_trim($this->request->post('req_username')), $errors);
$question = $this->request->post('captcha_q') ? trim($this->request->post('captcha_q')) : '';
$answer = $this->request->post('captcha') ? strtoupper(trim($this->request->post('captcha'))) : '';
$lang_antispam_questions_array = array();
foreach ($lang_antispam_questions as $k => $v) {
$lang_antispam_questions_array[md5($k)] = strtoupper($v);
}
if (empty($lang_antispam_questions_array[$question]) || $lang_antispam_questions_array[$question] != $answer) {
$errors[] = $lang_antispam['Robot test fail'];
}
}
// Flood protection
if ($this->request->post('preview') != '' && $this->user->last_post != '' && time() - $this->user->last_post < $this->user->g_post_flood) {
$errors[] = sprintf($lang_post['Flood start'], $this->user->g_post_flood, $this->user->g_post_flood - (time() - $this->user->last_post));
}
if ($tid) {
$subject_tid = DB::for_table('topics')->where('id', $tid)->find_one_col('subject');
if (!$subject_tid) {
message($lang_common['Bad request'], '404');
}
$url_subject = url_friendly($subject_tid);
} else {
$url_subject = '';
}
// If it's a new topic
if ($fid) {
$subject = feather_trim($this->request->post('req_subject'));
if ($this->config['o_censoring'] == '1') {
$censored_subject = feather_trim(censor_words($subject));
}
if ($subject == '') {
$errors[] = $lang_post['No subject'];
} elseif ($this->config['o_censoring'] == '1' && $censored_subject == '') {
$errors[] = $lang_post['No subject after censoring'];
} elseif (feather_strlen($subject) > 70) {
$errors[] = $lang_post['Too long subject'];
} elseif ($this->config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$this->user->is_admmod) {
$errors[] = $lang_post['All caps subject'];
}
}
if ($this->user->is_guest) {
$email = strtolower(feather_trim($this->config['p_force_guest_email'] == '1' ? $this->request->post('req_email') : $this->request->post('email')));
// Load the register.php/prof_reg.php language files
require FEATHER_ROOT . 'lang/' . $this->user->language . '/prof_reg.php';
require FEATHER_ROOT . 'lang/' . $this->user->language . '/register.php';
if ($this->config['p_force_guest_email'] == '1' || $email != '') {
require FEATHER_ROOT . 'include/email.php';
if (!is_valid_email($email)) {
$errors[] = $lang_common['Invalid email'];
}
// Check if it's a banned email address
// we should only check guests because members' addresses are already verified
if ($this->user->is_guest && is_banned_email($email)) {
if ($this->config['p_allow_banned_email'] == '0') {
$errors[] = $lang_prof_reg['Banned email'];
}
$errors['banned_email'] = 1;
// Used later when we send an alert email
}
}
}
// Clean up message from POST
$message = feather_linebreaks(feather_trim($this->request->post('req_message')));
// Here we use strlen() not feather_strlen() as we want to limit the post to FEATHER_MAX_POSTSIZE bytes, not characters
if (strlen($message) > FEATHER_MAX_POSTSIZE) {
$errors[] = sprintf($lang_post['Too long message'], forum_number_format(FEATHER_MAX_POSTSIZE));
} elseif ($this->config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$this->user->is_admmod) {
$errors[] = $lang_post['All caps message'];
}
// Validate BBCode syntax
if ($this->config['p_message_bbcode'] == '1') {
require FEATHER_ROOT . 'include/parser.php';
$message = preparse_bbcode($message, $errors);
}
if (empty($errors)) {
if ($message == '') {
$errors[] = $lang_post['No message'];
} elseif ($this->config['o_censoring'] == '1') {
// Censor message to see if that causes problems
$censored_message = feather_trim(censor_words($message));
if ($censored_message == '') {
$errors[] = $lang_post['No message after censoring'];
}
}
}
return $errors;
}
public function update_profile($id, $info, $section)
{
global $lang_common, $lang_profile, $lang_prof_reg, $pd;
$username_updated = false;
// Validate input depending on section
switch ($section) {
case 'essentials':
$form = array('timezone' => floatval($this->request->post('form_timezone')), 'dst' => $this->request->post('form_dst') ? '1' : '0', 'time_format' => intval($this->request->post('form_time_format')), 'date_format' => intval($this->request->post('form_date_format')));
// Make sure we got a valid language string
if ($this->request->post('form_language')) {
$languages = forum_list_langs();
$form['language'] = feather_trim($this->request->post('form_language'));
if (!in_array($form['language'], $languages)) {
message($lang_common['Bad request'], '404');
}
}
if ($this->user->is_admmod) {
$form['admin_note'] = feather_trim($this->request->post('admin_note'));
// Are we allowed to change usernames?
if ($this->user->g_id == FEATHER_ADMIN || $this->user->g_moderator == '1' && $this->user->g_mod_rename_users == '1') {
$form['username'] = feather_trim($this->request->post('req_username'));
if ($form['username'] != $info['old_username']) {
// Check username
require FEATHER_ROOT . 'lang/' . $this->user->language . '/register.php';
$errors = '';
$errors = check_username($form['username'], $errors, $id);
if (!empty($errors)) {
message($errors[0]);
}
$username_updated = true;
}
}
// We only allow administrators to update the post count
if ($this->user->g_id == FEATHER_ADMIN) {
$form['num_posts'] = intval($this->request->post('num_posts'));
}
}
if ($this->config['o_regs_verify'] == '0' || $this->user->is_admmod) {
require FEATHER_ROOT . 'include/email.php';
// Validate the email address
$form['email'] = strtolower(feather_trim($this->request->post('req_email')));
if (!is_valid_email($form['email'])) {
message($lang_common['Invalid email']);
}
}
break;
case 'personal':
$form = array('realname' => $this->request->post('form_realname') ? feather_trim($this->request->post('form_realname')) : '', 'url' => $this->request->post('form_url') ? feather_trim($this->request->post('form_url')) : '', 'location' => $this->request->post('form_location') ? feather_trim($this->request->post('form_location')) : '');
// Add http:// if the URL doesn't contain it already (while allowing https://, too)
if ($this->user->g_post_links == '1') {
if ($form['url'] != '') {
$url = url_valid($form['url']);
if ($url === false) {
message($lang_profile['Invalid website URL']);
}
$form['url'] = $url['url'];
}
} else {
if (!empty($form['url'])) {
message($lang_profile['Website not allowed']);
}
$form['url'] = '';
}
if ($this->user->g_id == FEATHER_ADMIN) {
$form['title'] = feather_trim($this->request->post('title'));
} elseif ($this->user->g_set_title == '1') {
$form['title'] = feather_trim($this->request->post('title'));
if ($form['title'] != '') {
// A list of words that the title may not contain
// If the language is English, there will be some duplicates, but it's not the end of the world
$forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower($lang_common['Member']), utf8_strtolower($lang_common['Moderator']), utf8_strtolower($lang_common['Administrator']), utf8_strtolower($lang_common['Banned']), utf8_strtolower($lang_common['Guest']));
if (in_array(utf8_strtolower($form['title']), $forbidden)) {
message($lang_profile['Forbidden title']);
}
}
}
break;
case 'messaging':
$form = array('jabber' => feather_trim($this->request->post('form_jabber')), 'icq' => feather_trim($this->request->post('form_icq')), 'msn' => feather_trim($this->request->post('form_msn')), 'aim' => feather_trim($this->request->post('form_aim')), 'yahoo' => feather_trim($this->request->post('form_yahoo')));
// If the ICQ UIN contains anything other than digits it's invalid
if (preg_match('%[^0-9]%', $form['icq'])) {
message($lang_prof_reg['Bad ICQ']);
}
break;
case 'personality':
$form = array();
// Clean up signature from POST
if ($this->config['o_signatures'] == '1') {
$form['signature'] = feather_linebreaks(feather_trim($this->request->post('signature')));
// Validate signature
if (feather_strlen($form['signature']) > $this->config['p_sig_length']) {
message(sprintf($lang_prof_reg['Sig too long'], $this->config['p_sig_length'], feather_strlen($form['signature']) - $this->config['p_sig_length']));
} elseif (substr_count($form['signature'], "\n") > $this->config['p_sig_lines'] - 1) {
message(sprintf($lang_prof_reg['Sig too many lines'], $this->config['p_sig_lines']));
} elseif ($form['signature'] && $this->config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$this->user->is_admmod) {
$form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
}
// Validate BBCode syntax
if ($this->config['p_sig_bbcode'] == '1') {
require FEATHER_ROOT . 'include/parser.php';
$errors = array();
$form['signature'] = preparse_bbcode($form['signature'], $errors, true);
if (count($errors) > 0) {
message('<ul><li>' . implode('</li><li>', $errors) . '</li></ul>');
}
}
}
break;
case 'display':
$form = array('disp_topics' => feather_trim($this->request->post('form_disp_topics')), 'disp_posts' => feather_trim($this->request->post('form_disp_posts')), 'show_smilies' => $this->request->post('form_show_smilies') ? '1' : '0', 'show_img' => $this->request->post('form_show_img') ? '1' : '0', 'show_img_sig' => $this->request->post('form_show_img_sig') ? '1' : '0', 'show_avatars' => $this->request->post('form_show_avatars') ? '1' : '0', 'show_sig' => $this->request->post('form_show_sig') ? '1' : '0');
if ($form['disp_topics'] != '') {
$form['disp_topics'] = intval($form['disp_topics']);
if ($form['disp_topics'] < 3) {
$form['disp_topics'] = 3;
} elseif ($form['disp_topics'] > 75) {
$form['disp_topics'] = 75;
}
}
if ($form['disp_posts'] != '') {
$form['disp_posts'] = intval($form['disp_posts']);
if ($form['disp_posts'] < 3) {
$form['disp_posts'] = 3;
} elseif ($form['disp_posts'] > 75) {
$form['disp_posts'] = 75;
}
}
// Make sure we got a valid style string
if ($this->request->post('form_style')) {
$styles = forum_list_styles();
$form['style'] = feather_trim($this->request->post('form_style'));
if (!in_array($form['style'], $styles)) {
message($lang_common['Bad request'], '404');
}
}
break;
case 'privacy':
$form = array('email_setting' => intval($this->request->post('form_email_setting')), 'notify_with_post' => $this->request->post('form_notify_with_post') ? '1' : '0', 'auto_notify' => $this->request->post('form_auto_notify') ? '1' : '0');
if ($form['email_setting'] < 0 || $form['email_setting'] > 2) {
$form['email_setting'] = $this->config['o_default_email_setting'];
}
break;
default:
message($lang_common['Bad request'], '404');
}
// Single quotes around non-empty values and nothing for empty values
$temp = array();
foreach ($form as $key => $input) {
$temp[$key] = $input;
}
if (empty($temp)) {
message($lang_common['Bad request'], '404');
}
DB::for_table('users')->where('id', $id)->find_one()->set($temp)->save();
// If we changed the username we have to update some stuff
if ($username_updated) {
$bans_updated = DB::for_table('bans')->where('username', $info['old_username'])->update_many('username', $form['username']);
DB::for_table('posts')->where('poster_id', $id)->update_many('poster', $form['username']);
DB::for_table('posts')->where('edited_by', $info['old_username'])->update_many('edited_by', $form['username']);
DB::for_table('topics')->where('poster', $info['old_username'])->update_many('poster', $form['username']);
DB::for_table('topics')->where('last_poster', $info['old_username'])->update_many('last_poster', $form['username']);
DB::for_table('forums')->where('last_poster', $info['old_username'])->update_many('last_poster', $form['username']);
DB::for_table('online')->where('ident', $info['old_username'])->update_many('ident', $form['username']);
// If the user is a moderator or an administrator we have to update the moderator lists
$group_id = DB::for_table('users')->where('id', $id)->find_one_col('group_id');
$group_mod = DB::for_table('groups')->where('g_id', $group_id)->find_one_col('g_moderator');
if ($group_id == FEATHER_ADMIN || $group_mod == '1') {
$select_mods = array('id', 'moderators');
$result = DB::for_table('forums')->select_many($select_mods)->find_many();
foreach ($result as $cur_forum) {
$cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array();
if (in_array($id, $cur_moderators)) {
unset($cur_moderators[$info['old_username']]);
$cur_moderators[$form['username']] = $id;
uksort($cur_moderators, 'utf8_strcasecmp');
DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators))->save();
}
}
}
// Regenerate the users info cache
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
require FEATHER_ROOT . 'include/cache.php';
}
generate_users_info_cache();
// Check if the bans table was updated and regenerate the bans cache when needed
if ($bans_updated) {
generate_bans_cache();
}
}
redirect(get_link('user/' . $id . '/section/' . $section . '/'), $lang_profile['Profile redirect']);
}
