function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
exit('In the 7.1 release.');
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
k4_bread_crumbs($request['template'], $request['dba'], 'L_SEARCH');
$request['template']->setFile('content', 'search.html');
if (get_map('advsearch', 'can_view', array()) > $request['user']->get('perms')) {
no_perms_error($request);
return TRUE;
}
unset($_SESSION['search']['search_queries']);
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_WELCOME');
$request['template']->setVar('adv_view', 1);
$request['template']->setFile('content', 'admin_menu.html');
} else {
no_perms_error($request);
return TRUE;
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
global $_QUERYPARAMS, $_ALLFORUMS;
k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTS');
$request['template']->setVar('posts_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/posts.html');
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
if (!$request['user']->isMember()) {
no_perms_error($request);
return TRUE;
}
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
$action = new K4InformationAction(new K4LanguageElement('L_POLLDOESNTEXIST'), 'content', TRUE);
return $action->execute($request);
}
if (!isset($_POST['vote']) || intval($_POST['vote']) <= 0) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
$action = new K4InformationAction(new K4LanguageElement('L_CHOOSEPOLLOPTION'), 'content', TRUE);
return $action->execute($request);
}
$question = $request['dba']->getRow("SELECT * FROM " . K4POLLQUESTIONS . " WHERE id = " . intval($_REQUEST['id']));
if (!is_array($question) || empty($question)) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
$action = new K4InformationAction(new K4LanguageElement('L_POLLDOESNTEXIST'), 'content', TRUE);
return $action->execute($request);
}
$answer = $request['dba']->getRow("SELECT * FROM " . K4POLLANSWERS . " WHERE id = " . intval($_POST['vote']));
if (!is_array($answer) || empty($answer)) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
$action = new K4InformationAction(new K4LanguageElement('L_POLLOPTIONDOESNTEXIST'), 'content', TRUE);
return $action->execute($request);
}
$has_voted = $request['dba']->executeQuery("SELECT * FROM " . K4POLLVOTES . " WHERE question_id = " . intval($question['id']) . " AND user_id = " . intval($request['user']->get('id')));
if ($has_voted->numRows() > 0) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
$action = new K4InformationAction(new K4LanguageElement('L_USERHASVOTED'), 'content', TRUE);
return $action->execute($request);
}
$insert = $request['dba']->prepareStatement("INSERT INTO " . K4POLLVOTES . " (question_id, answer_id, user_id, user_name, voted_time) VALUES (?,?,?,?,?)");
$insert->setInt(1, $question['id']);
$insert->setInt(2, $answer['id']);
$insert->setInt(3, $request['user']->get('id'));
$insert->setString(4, $request['user']->get('name'));
$insert->setInt(5, time());
$insert->executeUpdate();
$request['dba']->executeUpdate("UPDATE " . K4POLLQUESTIONS . " SET num_votes=num_votes+1 WHERE id = " . intval($question['id']));
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
$action = new K4InformationAction(new K4LanguageElement('L_VOTEDONPOLL', $answer['answer'], $question['question']), 'content', TRUE, referer() . '#poll' . $question['id'], 3);
return $action->execute($request);
return TRUE;
}
function execute(&$request)
{
global $_QUERYPARAMS;
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_BAD' . strtoupper($this->table_column)), 'content', FALSE);
return $action->execute($request);
}
$avatar = $request['dba']->getRow("SELECT * FROM " . $this->table . " WHERE user_id = " . intval($_REQUEST['id']));
if (!is_array($avatar) || empty($avatar)) {
$action = new K4InformationAction(new K4LanguageElement('L_BAD' . strtoupper($this->table_column)), 'content', FALSE);
return $action->execute($request);
}
$user = $request['dba']->getRow("SELECT {$_QUERYPARAMS['user']}{$_QUERYPARAMS['userinfo']}{$_QUERYPARAMS['usersettings']} FROM ((" . K4USERS . " u LEFT JOIN " . K4USERINFO . " ui ON u.id=ui.user_id) LEFT JOIN " . K4USERSETTINGS . " us ON us.user_id=u.id) WHERE u.id=" . intval($_REQUEST['id']));
if (!is_array($user) || empty($user)) {
$action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE);
return $action->execute($request);
}
/* Do we have permission to view attachments in this forum? */
if (isset($user['attach' . $this->table_column]) && $user['attach' . $this->table_column] == 0) {
no_perms_error($request);
return TRUE;
}
// send our headers
header("Content-Type: " . $avatar['mime_type']);
header("Content-Length: " . $avatar['file_size']);
$avatar_file = BB_BASE_DIR . '/tmp/upload/' . $this->table_column . 's/' . intval($user['id']) . '.' . $avatar['file_type'];
if ($avatar['in_db'] == 1) {
$contents = $avatar['file_contents'];
} else {
if (file_exists($avatar_file)) {
$contents = file_get_contents($avatar_file);
} else {
$action = new K4InformationAction(new K4LanguageElement('L_BAD' . strtoupper($this->table_column)), 'content', FALSE);
return $action->execute($request);
}
}
echo $contents;
unset($contents);
exit;
}
function execute(&$request)
{
global $_QUERYPARAMS;
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_BADATTACHMENT'), 'content', FALSE);
return $action->execute($request);
}
$attachment = $request['dba']->getRow("SELECT * FROM " . K4ATTACHMENTS . " WHERE id = " . intval($_REQUEST['id']));
if (!is_array($attachment) || empty($attachment)) {
$action = new K4InformationAction(new K4LanguageElement('L_BADATTACHMENT'), 'content', FALSE);
return $action->execute($request);
}
if (isset($_REQUEST['post_id']) && intval($_REQUEST['post_id']) != 0) {
$post = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['post_id']));
} else {
//$action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE);
//return $action->execute($request);
$post = array('post_id' => 0, 'forum_id' => $attachment['forum_id'], 'row_type' => 0);
}
if (!is_array($post) || empty($post)) {
$action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
/* Get the current forum */
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($post['forum_id']));
if (!$forum || !is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
/* Do we have permission to delete attachments in this forum? */
if ($request['user']->get('perms') < get_map('attachments', 'can_del', array('forum_id' => $forum['forum_id']))) {
no_perms_error($request);
return TRUE;
}
if ($request['user']->get('id') != 0 && $request['user']->get('id') == $attachment['user_id'] || is_moderator($request['user']->getInfoArray(), $forum)) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_REMOVEATTACHMENT');
$request['dba']->executeUpdate("DELETE FROM " . K4ATTACHMENTS . " WHERE id = " . intval($attachment['id']));
if ($post['post_id'] > 0) {
$request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET total_attachments=total_attachments-1, attachments=attachments-1 WHERE post_id=" . intval($post['row_type'] & REPLY ? $post['parent_id'] : $post['post_id']));
if ($post['row_type'] & REPLY) {
$request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET attachments=attachments-1 WHERE post_id=" . intval($post['post_id']));
}
}
$referer = basename(referer());
if (strpos($referer, 'misc.php') === FALSE) {
$action = new K4InformationAction(new K4LanguageElement('L_REMOVEDATTACHMENT', k4_htmlentities($attachment['file_name'], ENT_QUOTES)), 'content', TRUE, referer(), 3);
return $action->execute($request);
} else {
header("Location: misc.php?act=attachments_manager&post_id=" . $post['post_id'] . "&forum_id=" . $post['forum_id'] . "");
exit;
}
} else {
no_perms_error($request);
return TRUE;
}
}
function execute(&$request)
{
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
$rss_version = isset($_REQUEST['v']) && intval($_REQUEST['v']) == 2 ? '2.0' : '0.92';
$request['template']->setVar('xml_definition', "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
/**
* Forum
*/
if (isset($_REQUEST['f']) && intval($_REQUEST['f']) > 0) {
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['f']));
if (!is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
if (get_map('topics', 'can_view', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) {
$action = new K4InformationAction(new K4LanguageElement('L_CANTVIEWFORUMTOPICS'), 'content_extra', FALSE);
return $action->execute($request);
}
k4_bread_crumbs($request['template'], $request['dba'], NULL, $forum);
/**
* Pagination
*/
//$extra_topics = intval(@$_ALLFORUMS[GLBL_ANNOUNCEMENTS]['topics']);
$extra_topics = 0;
// TODO: need only Announcements from global announcements
/* Create the Pagination */
$resultsperpage = $request['user']->get('topicsperpage') <= 0 ? $forum['topicsperpage'] : $request['user']->get('topicsperpage');
$num_results = $forum['topics'] + $extra_topics;
$perpage = isset($_REQUEST['limit']) && ctype_digit($_REQUEST['limit']) && intval($_REQUEST['limit']) > 0 ? intval($_REQUEST['limit']) : $resultsperpage;
$perpage = $perpage > 100 ? 100 : $perpage;
$page = isset($_REQUEST['page']) && ctype_digit($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1;
/* Get the topics for this forum */
$daysprune = $_daysprune = isset($_REQUEST['daysprune']) && ctype_digit($_REQUEST['daysprune']) ? $_REQUEST['daysprune'] == 0 ? 0 : intval($_REQUEST['daysprune']) : 365;
$daysprune = $daysprune > 0 ? time() - @($daysprune * 86400) : 0;
$sortorder = isset($_REQUEST['order']) && ($_REQUEST['order'] == 'ASC' || $_REQUEST['order'] == 'DESC') ? $_REQUEST['order'] : 'DESC';
$sortedby = isset($_REQUEST['sort']) && in_array($_REQUEST['sort'], $sort_orders) ? $_REQUEST['sort'] : 'lastpost_created';
$start = ($page - 1) * $perpage;
if ($page == 1) {
$announcements = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE row_type=" . TOPIC . " AND (is_draft=0 AND display=1) AND post_type = " . TOPIC_ANNOUNCE . " AND (forum_id = " . intval($forum['forum_id']) . " OR forum_id = " . GLBL_ANNOUNCEMENTS . ") ORDER BY lastpost_created DESC");
}
$importants = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE row_type=" . TOPIC . " AND is_draft=0 AND display = 1 AND forum_id = " . intval($forum['forum_id']) . " AND (post_type <> " . TOPIC_ANNOUNCE . ") AND (post_type = " . TOPIC_STICKY . " OR is_feature = 1) ORDER BY lastpost_created DESC");
/* get the topics */
$result = $request['dba']->prepareStatement("SELECT * FROM " . K4POSTS . " WHERE row_type=" . TOPIC . " AND created>=? AND is_draft=0 AND display = 1 AND forum_id = " . intval($forum['forum_id']) . " AND (post_type <> " . TOPIC_ANNOUNCE . " AND post_type <> " . TOPIC_STICKY . " AND is_feature = 0) ORDER BY {$sortedby} {$sortorder} LIMIT ?,?");
/* Set the query values */
$result->setInt(1, $daysprune);
$result->setInt(2, $start);
$result->setInt(3, $perpage);
/* Execute the query */
$topics = $result->executeQuery();
if (isset($announcements)) {
$it = new FAChainedIterator($announcements);
$it->addIterator($importants);
} else {
$it = new FAChainedIterator($importants);
}
$it->addIterator($topics);
$request['template']->setList('topics', new RSSPostIterator($it));
$request['template']->setVarArray($forum);
$xml = $request['template']->render(BB_BASE_DIR . '/templates/RSS/rss-' . $rss_version . '/forum.xml');
header("Content-Type: text/xml");
echo $xml;
exit;
/**
* Topic
*/
} else {
if (isset($_REQUEST['t']) && intval($_REQUEST['t']) > 0) {
$result = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE post_id=" . intval($_REQUEST['t']) . " LIMIT 1");
$topic = $result->next();
$result->reset();
// reset the pointer of the iterator
if (!is_array($topic) || empty($topic)) {
$action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
if (get_map('topics', 'can_view', array('forum_id' => $topic['forum_id'])) > $request['user']->get('perms')) {
$action = new K4InformationAction(new K4LanguageElement('L_CANTVIEWFORUMTOPICS'), 'content_extra', FALSE);
return $action->execute($request);
}
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($topic['forum_id']));
if (!is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
$it = new FAChainedIterator($result);
if (get_map('replies', 'can_view', array('forum_id' => $topic['forum_id'])) <= $request['user']->get('perms')) {
if ($topic['num_replies'] > 0) {
$resultsperpage = $request['user']->get('postsperpage') <= 0 ? $forum['postsperpage'] : $request['user']->get('postsperpage');
$num_results = $topic['num_replies'];
$perpage = isset($_REQUEST['limit']) && ctype_digit($_REQUEST['limit']) && intval($_REQUEST['limit']) > 0 ? intval($_REQUEST['limit']) : $resultsperpage;
$num_pages = @ceil($num_results / $perpage);
$page = isset($_REQUEST['page']) && ctype_digit($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1;
$daysprune = isset($_REQUEST['daysprune']) && ctype_digit($_REQUEST['daysprune']) ? iif($_REQUEST['daysprune'] == -1, 0, intval($_REQUEST['daysprune'])) : 0;
$sortorder = isset($_REQUEST['order']) && ($_REQUEST['order'] == 'ASC' || $_REQUEST['order'] == 'DESC') ? $_REQUEST['order'] : 'ASC';
$sortedby = isset($_REQUEST['sort']) && in_array($_REQUEST['sort'], $sort_orders) ? $_REQUEST['sort'] : 'created';
$start = ($page - 1) * $perpage;
$replies = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE parent_id=" . intval($topic['post_id']) . " AND row_level>1 AND created>=" . 3600 * 24 * intval($daysprune) . " ORDER BY " . $sortedby . " " . $sortorder . " LIMIT " . intval($start) . "," . intval($perpage));
$it->addIterator($replies);
}
}
$request['template']->setList('posts', new RSSPostIterator($it));
$xml = $request['template']->render(BB_BASE_DIR . '/templates/RSS/rss-' . $rss_version . '/topic.xml');
header("Content-Type: text/xml");
echo $xml;
exit;
/**
* Error
*/
} else {
no_perms_error($request);
}
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
global $_FILTERS;
k4_bread_crumbs($request['template'], $request['dba'], 'L_EDITFORUMFILTERS');
$request['template']->setVar('forums_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/forums.html');
$request['template']->setFile('content', 'filters_selectforum.html');
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
global $_QUERYPARAMS, $_DATASTORE, $_SETTINGS;
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
/* Check the request ID */
if (!isset($_REQUEST['id']) || !$_REQUEST['id'] || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE);
return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_TOPICDOESNTEXIST');
}
/* Get our topic */
$topic = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['id']));
if (!$topic || !is_array($topic) || empty($topic)) {
$action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE);
return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_TOPICDOESNTEXIST');
}
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($topic['forum_id']));
if (!$forum || !is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_FORUMDOESNTEXIST');
}
if (!isset($_REQUEST['name']) || $_REQUEST['name'] == '') {
$name = $topic['name'];
} else {
$name = strip_tags($_REQUEST['name']);
}
$name = $name == '' ? $topic['name'] : $name;
if (strlen($name) < intval($_SETTINGS['topicminchars']) || strlen($name) > intval($_SETTINGS['topicmaxchars'])) {
$action = new K4InformationAction(new K4LanguageElement('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars'])), 'content', TRUE);
return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message(sprintf('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars'])));
}
if ($name != $topic['name']) {
$name = k4_htmlentities($name, ENT_QUOTES);
if (!is_moderator($request['user']->getInfoArray(), $forum)) {
no_perms_error($request);
return !USE_XMLHTTP ? TRUE : xmlhttp_message('L_NEEDPERMS');
}
if ($topic['poster_id'] == $request['user']->get('id')) {
if ($request['user']->get('perms') < get_map('topics', 'can_edit', array('forum_id' => $topic['forum_id']))) {
no_perms_error($request);
return !USE_XMLHTTP ? TRUE : xmlhttp_message('L_NEEDPERMS');
}
} else {
if ($request['user']->get('perms') < get_map('other_topics', 'can_edit', array('forum_id' => $topic['forum_id']))) {
no_perms_error($request);
return !USE_XMLHTTP ? TRUE : xmlhttp_message('L_NEEDPERMS');
}
}
/* If this topic is a redirect/ connects to one, update the original */
if ($topic['moved_new_post_id'] > 0 || $topic['moved_old_post_id'] > 0) {
$redirect = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET name=?,edited_time=?,edited_username=?,edited_userid=? WHERE post_id=?");
$redirect->setString(1, $name);
$redirect->setInt(2, time());
$redirect->setString(3, $request['user']->get('name'));
$redirect->setInt(4, $request['user']->get('id'));
$redirect->setInt(5, $topic['moved_new_post_id'] > 0 ? $topic['moved_new_post_id'] : $topic['moved_old_post_id']);
$redirect->executeUpdate();
}
$update_a = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET name=?,edited_time=?,edited_username=?,edited_userid=? WHERE post_id=?");
$update_a->setString(1, $name);
$update_a->setInt(2, time());
$update_a->setString(3, $request['user']->get('name'));
$update_a->setInt(4, $request['user']->get('id'));
$update_a->setInt(5, $topic['post_id']);
$update_a->executeUpdate();
if ($forum['post_id'] == $topic['post_id']) {
$update_c = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET post_name=? WHERE forum_id=?");
$update_c->setString(1, $name);
$update_c->setInt(2, $forum['forum_id']);
$update_c->executeUpdate();
}
// id this is the last post in a forum
if ($forum['post_id'] == $topic['post_id'] && $forum['post_created'] == $topic['created']) {
$update_d = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET post_name=? WHERE forum_id=?");
$update_d->setString(1, $name);
$update_d->setInt(2, $forum['forum_id']);
$update_d->executeUpdate();
}
}
if (!USE_XMLHTTP) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_EDITTOPIC', $forum);
$action = new K4InformationAction(new K4LanguageElement('L_UPDATEDTOPIC', $topic['name']), 'content', FALSE, referer(), 3);
return $action->execute($request);
} else {
xmlhttp_header();
echo '<a href="viewtopic.php?id=' . $topic['post_id'] . '" title="' . $name . '" style="font-size: 13px;">' . (strlen($name) > 40 ? substr($name, 0, 40) . '...' : $name) . '</a>';
xmlhttp_footer();
}
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
global $_DATASTORE;
k4_bread_crumbs($request['template'], $request['dba'], 'L_EMAILUSERS');
$request['template']->setVar('misc_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/misc.html');
if (isset($_DATASTORE['massmail'])) {
$action = new K4InformationAction(new K4LanguageElement('L_EMAILINPROGRESS'), 'content', FALSE);
return $action->execute($request);
}
if (!isset($_REQUEST['subject']) || $_REQUEST['subject'] == '') {
$action = new K4InformationAction(new K4LanguageElement('L_INSERTMAILSUBJECT'), 'content', TRUE);
return $action->execute($request);
}
if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') {
$action = new K4InformationAction(new K4LanguageElement('L_INSERTMAILMESSAGE'), 'content', TRUE);
return $action->execute($request);
}
$from = isset($_REQUEST['from']) && $_REQUEST['from'] != '' ? $_REQUEST['from'] : 'noreply';
$subject = $_REQUEST['subject'];
$message = preg_replace("~(\r\n|\r|\n)~i", "\n", $_REQUEST['message']);
// set where to start the userids to email in the datastore
$update = $request['dba']->prepareStatement("INSERT INTO " . K4DATASTORE . " (varname, data) VALUES (?,?)");
$update->setString(1, 'massmail');
$update->setString(2, serialize(array('startid' => 0, 'from' => $from, 'subject' => $subject, 'message' => $message)));
$update->executeUpdate();
reset_cache('email_queue');
// success
$action = new K4InformationAction(new K4LanguageElement('L_EMAILSSENTTOUSERS'), 'content', FALSE);
return $action->execute($request);
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
global $_QUERYPARAMS;
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDCATEGORY'), 'content', FALSE);
return $action->execute($request);
}
$category = $request['dba']->getRow("SELECT * FROM " . K4CATEGORIES . " WHERE category_id = " . intval($_REQUEST['id']));
if (!is_array($category) || empty($category)) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDCATEGORY'), 'content', FALSE);
return $action->execute($request);
}
foreach ($category as $key => $val) {
$request['template']->setVar('category_' . $key, $val);
}
$category_map = $request['dba']->getRow("SELECT * FROM " . K4MAPS . " WHERE varname = 'category" . $category['category_id'] . "' AND category_id = " . intval($category['category_id']));
$category_maps = $request['dba']->executeQuery("SELECT * FROM " . K4MAPS . " WHERE category_id = " . intval($category['category_id']) . " AND forum_id = 0");
while ($category_maps->next()) {
$c = $category_maps->current();
if (isset($_REQUEST[$c['varname'] . '_can_view']) && isset($_REQUEST[$c['varname'] . '_can_add']) && isset($_REQUEST[$c['varname'] . '_can_edit']) && isset($_REQUEST[$c['varname'] . '_can_del'])) {
if ($_REQUEST[$c['varname'] . '_can_view'] != $c['can_view'] || $_REQUEST[$c['varname'] . '_can_add'] != $c['can_add'] || $_REQUEST[$c['varname'] . '_can_edit'] != $c['can_edit'] || $_REQUEST[$c['varname'] . '_can_del'] != $c['can_del']) {
$update = $request['dba']->prepareStatement("UPDATE " . K4MAPS . " SET can_view=?,can_add=?,can_edit=?,can_del=? WHERE varname=? AND category_id=?");
$update->setInt(1, $_REQUEST[$c['varname'] . '_can_view']);
$update->setInt(2, $_REQUEST[$c['varname'] . '_can_add']);
$update->setInt(3, $_REQUEST[$c['varname'] . '_can_edit']);
$update->setInt(4, $_REQUEST[$c['varname'] . '_can_del']);
$update->setString(5, $c['varname']);
$update->setInt(6, $category['category_id']);
$update->executeUpdate();
unset($update);
}
}
}
reset_cache('all_forums');
k4_bread_crumbs($request['template'], $request['dba'], 'L_CATEGORIES');
$request['template']->setVar('forums_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/forums.html');
$action = new K4InformationAction(new K4LanguageElement('L_UPDATEDCATEGORYPERMS', $category['name']), 'content', FALSE, 'admin.php?act=categories', 3);
return $action->execute($request);
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) {
$fields = $request['dba']->executeQuery("SELECT * FROM " . K4PROFILEFIELDS . " ORDER BY name ASC");
while ($fields->next()) {
$field = $fields->current();
if (isset($_REQUEST['display_order_' . $field['name']]) && intval($_REQUEST['display_order_' . $field['name']]) >= 0) {
$update = $request['dba']->prepareStatement("UPDATE " . K4PROFILEFIELDS . " SET display_order=? WHERE name=?");
$update->setInt(1, $_REQUEST['display_order_' . $field['name']]);
$update->setString(2, $field['name']);
$update->executeUpdate();
unset($update);
}
}
k4_bread_crumbs($request['template'], $request['dba'], 'L_USERPROFILEFIELDS');
$request['template']->setVar('users_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/users.html');
$action = new K4InformationAction(new K4LanguageElement('L_UPDATEDPROFILEFIELDS'), 'content', FALSE, 'admin.php?act=userfields', 3);
return $action->execute($request);
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
global $_QUERYPARAMS, $_USERGROUPS, $_URL;
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
/**
* Error Checking
*/
if (!isset($_REQUEST['post_id']) || intval($_REQUEST['post_id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
/* Get our topic */
$post = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['post_id']));
if (!$post || !is_array($post) || empty($post)) {
$action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
/* Should we redirect this user? */
if ($post['moved_new_post_id'] > 0) {
header("Location: viewpost.php?post_id=" . intval($post['moved_new_post_id']));
}
/* Get the current forum */
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($post['forum_id']));
if (!$forum || !is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
/**
* This sets the last time that we've seen this forum
*/
$cookieinfo = get_forum_cookies();
$cookieinfo[$forum['forum_id']] = time();
$cookiestr = '';
foreach ($cookieinfo as $key => $val) {
$cookiestr .= ',' . $key . ',' . intval($val);
}
$domain = get_domain();
setcookie(K4FORUMINFO, trim($cookiestr, ','), time() + 2592000, $domain);
unset($cookieinfo, $cookiestr);
$cookieinfo = get_topic_cookies();
/**
* Set the new breadcrumbs bit
*/
k4_bread_crumbs($request['template'], $request['dba'], $post['name'], $forum);
/**
* Now tell the cookies that we've read this topic
*/
$cookieinfo[$post['post_id']] = time();
$cookiestr = '';
foreach ($cookieinfo as $key => $val) {
// make sure to weed out 30-day old topic views
if ((time() - intval($val)) / 30 <= 2592000) {
$cookiestr .= ',' . $key . ',' . intval($val);
}
}
setcookie(K4TOPICINFO, trim($cookiestr, ','), time() + 2592000, $domain);
unset($cookieinfo, $cookiestr);
/**
* More error checking
*/
if ($post['is_draft'] == 1 || $post['display'] == 0 || $post['queue'] == 1 && !$moderator) {
no_perms_error($request);
return TRUE;
}
if (get_map('forums', 'can_view', array()) > $request['user']->get('perms') || get_map($post['row_type'] & TOPIC ? 'topics' : 'replies', 'can_view', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) {
$action = new K4InformationAction(new K4LanguageElement('L_PERMCANTVIEWTOPIC'), 'content', FALSE);
return $action->execute($request);
}
/**
* Is this topic expired?
*/
$extra = '';
if ($post['post_type'] > TOPIC_NORMAL && $post['post_expire'] > 0) {
if ($post['created'] + 3600 * 24 * $post['post_expire'] > time()) {
$extra = ",post_expire=0,post_type=" . TOPIC_NORMAL;
}
}
/* Add the topic info to the template */
foreach ($post as $key => $val) {
$request['template']->setVar('post_' . $key, $val);
}
/* Add the forum info to the template */
foreach ($forum as $key => $val) {
$request['template']->setVar('forum_' . $key, $val);
}
/* Update the number of views for this topic */
$request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET views=views+1 {$extra} WHERE post_id=" . intval($post['post_id']));
/* set the topic iterator */
if ($post['row_type'] & TOPIC) {
$request['template']->setVar('next_oldest', intval($request['dba']->getValue("SELECT post_id FROM " . K4POSTS . " WHERE post_id < " . $post['post_id'] . " LIMIT 1")));
$request['template']->setVar('next_newest', intval($request['dba']->getValue("SELECT post_id FROM " . K4POSTS . " WHERE post_id > " . $post['post_id'] . " LIMIT 1")));
/**
* Topic subscription stuff
*/
if ($request['user']->isMember()) {
$subscribed = $request['dba']->executeQuery("SELECT * FROM " . K4SUBSCRIPTIONS . " WHERE post_id = " . intval($post['post_id']) . " AND user_id = " . $request['user']->get('id'));
$request['template']->setVar('is_subscribed', iif($subscribed->numRows() > 0, 1, 0));
}
}
$request['template']->setVar('header_text', $use_reply ? $reply['name'] : $post['name']);
$request['template']->setVar('show_close_button', 1);
$request['template']->setFile('content', 'post_preview.html');
return TRUE;
}
function execute(&$request)
{
global $_SETTINGS;
if ($request['user']->get('perms') < get_map('warnuser', 'can_add', array())) {
no_perms_error($request);
return TRUE;
}
if (isset($_REQUEST['id'])) {
$user = $request['dba']->getRow("SELECT * FROM " . K4USERS . " WHERE id = " . intval($_REQUEST['id']));
k4_bread_crumbs($request['template'], $request['dba'], 'L_WARNUSER');
if (!isset($_REQUEST['warning']) || $_REQUEST['warning'] == '') {
$action = new K4InformationAction(new K4LanguageElement('L_PASTPAGELIMIT'), 'content', FALSE, 'mod.php?act=findusers&username='******'&limit=' . $perpage . '&page=' . $num_pages, 3);
return $action->execute($request);
}
if (!is_array($user) || empty($user)) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
$action = new K4InformationAction(new K4LanguageElement('L_INSERTWARNING'), 'content', TRUE);
return $action->execute($request);
}
$request['dba']->executeUpdate("UPDATE " . K4USERS . " SET warn_level=warn_level+1 WHERE id = " . intval($user['id']));
email_user($user['email'], $request['template']->getVar('L_WARNING'), $_REQUEST['warning']);
$action = new K4InformationAction(new K4LanguageElement('L_SENTWARNING', $user['name']), 'content', TRUE, 'index.php', 3);
return $action->execute($request);
} else {
k4_bread_crumbs($request['template'], $request['dba'], 'L_WARNUSER');
$request['template']->setFile('content', 'finduser.html');
}
}
function execute(&$request)
{
global $_QUERYPARAMS;
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
/**
* Error checking on this member
*/
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE);
return $action->execute($request);
}
$member = $request['dba']->getRow("SELECT " . $_QUERYPARAMS['user'] . $_QUERYPARAMS['userinfo'] . " FROM " . K4USERS . " u LEFT JOIN " . K4USERINFO . " ui ON u.id = ui.user_id WHERE u.id = " . intval($_REQUEST['id']));
if (!$member || !is_array($member) || empty($member)) {
$action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE);
return $action->execute($request);
}
if (!$request['user']->isMember()) {
no_perms_error($request);
return TRUE;
}
if (!isset($_REQUEST['subject']) || $_REQUEST['subject'] == '') {
$action = new K4InformationAction(new K4LanguageElement('L_INSERTMAILSUBJECT'), 'content', TRUE);
return $action->execute($request);
}
if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') {
$action = new K4InformationAction(new K4LanguageElement('L_INSERTMAILMESSAGE'), 'content', TRUE);
return $action->execute($request);
}
k4_bread_crumbs($request['template'], $request['dba'], 'L_EMAILUSER');
$message_header = "From: " . $request['user']->get('name') . "\n";
$message_header .= "User ID: " . $request['user']->get('id') . "\n";
$message_header .= "Email: " . $request['user']->get('email') . "\n\n";
if (!email_user($member['email'], k4_htmlentities(stripslashes($_REQUEST['subject']), ENT_NOQUOTES), $message_header . k4_htmlentities(stripslashes($_REQUEST['message']), ENT_NOQUOTES))) {
$action = new K4InformationAction(new K4LanguageElement('L_ERROREMAILING', $member['name']), 'content', FALSE);
return $action->execute($request);
} else {
$action = new K4InformationAction(new K4LanguageElement('L_EMAILSENT', $member['name']), 'content', FALSE, 'member.php?id=' . $member['id'], 3);
return $action->execute($request);
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_PERMISSIONMASKS');
if (!isset($_REQUEST['f']) || intval($_REQUEST['f']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDFORUM'), 'content', FALSE);
return $action->execute($request);
}
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['f']));
if (!is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDFORUM'), 'content', FALSE);
return $action->execute($request);
}
if (!isset($_REQUEST['g']) || intval($_REQUEST['g']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDUSERGROUP'), 'content', TRUE);
return $action->execute($request);
}
$group = $request['dba']->getRow("SELECT * FROM " . K4USERGROUPS . " WHERE id = " . intval($_REQUEST['g']));
if (!is_array($group) || empty($group)) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDUSERGROUP'), 'content', TRUE);
return $action->execute($request);
}
$maps = $request['dba']->executeQuery("SELECT * FROM " . K4MAPS . " WHERE group_id = 0 AND forum_id = " . intval($forum['forum_id']));
// delete all of the perms because we are going to readd them
// by doing this, we are guranteed to store the minimum number
// of changed permissions
$request['dba']->executeUpdate("DELETE FROM " . K4MAPS . " WHERE group_id = " . intval($group['id']) . " AND forum_id = " . intval($forum['forum_id']));
$insert = $request['dba']->prepareStatement("INSERT INTO " . K4MAPS . " (row_level,name,varname,category_id,forum_id,user_id,group_id,can_view,can_add,can_edit,can_del,value,parent_id) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)");
while ($maps->next()) {
$temp = $maps->current();
$add = FALSE;
if (isset($_REQUEST[$temp['varname'] . '_can_view']) && $_REQUEST[$temp['varname'] . '_can_view'] != $temp['can_view']) {
$add = TRUE;
}
if (isset($_REQUEST[$temp['varname'] . '_can_add']) && $_REQUEST[$temp['varname'] . '_can_add'] != $temp['can_add']) {
$add = TRUE;
}
if (isset($_REQUEST[$temp['varname'] . '_can_edit']) && $_REQUEST[$temp['varname'] . '_can_edit'] != $temp['can_edit']) {
$add = TRUE;
}
if (isset($_REQUEST[$temp['varname'] . '_can_del']) && $_REQUEST[$temp['varname'] . '_can_del'] != $temp['can_del']) {
$add = TRUE;
}
if ($add) {
$insert->setInt(1, $temp['row_level']);
$insert->setString(2, $temp['name']);
$insert->setString(3, $temp['varname']);
$insert->setInt(4, $temp['category_id']);
$insert->setInt(5, $temp['forum_id']);
$insert->setInt(6, $temp['user_id']);
$insert->setInt(7, $group['id']);
$insert->setInt(8, $_REQUEST[$temp['varname'] . '_can_view']);
$insert->setInt(9, $_REQUEST[$temp['varname'] . '_can_add']);
$insert->setInt(10, $_REQUEST[$temp['varname'] . '_can_edit']);
$insert->setInt(11, $_REQUEST[$temp['varname'] . '_can_del']);
$insert->setString(12, $temp['value']);
$insert->setInt(13, $temp['parent_id']);
$insert->executeUpdate();
}
}
reset_cache('maps');
// usermasks are part of the maps
$action = new K4InformationAction(new K4LanguageElement('L_UPDATEDPERMMASK', $group['name'], $forum['name']), 'content', TRUE, 'admin.php?act=masks', 3);
return $action->execute($request);
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) {
/**
* Error checking on all _three_ fields :P
*/
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_POSTICONDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
$icon = $request['dba']->getRow("SELECT * FROM " . K4POSTICONS . " WHERE id = " . intval($_REQUEST['id']));
if (!is_array($icon) || empty($icon)) {
$action = new K4InformationAction(new K4LanguageElement('L_POSTICONDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
if (!isset($_REQUEST['description']) || $_REQUEST['description'] == '') {
$action = new K4InformationAction(new K4LanguageElement('L_INSERTICONDESC'), 'content', TRUE);
return $action->execute($request);
}
if (!isset($_REQUEST['image_browse']) && !isset($_FILES['image_upload'])) {
$action = new K4InformationAction(new K4LanguageElement('L_NEEDCHOOSEICONIMG'), 'content', TRUE);
return $action->execute($request);
}
if (isset($_FILES['image_upload']) && is_array($_FILES['image_upload'])) {
$filename = $_FILES['image_upload']['tmp_name'];
}
if (isset($_REQUEST['image_browse']) && $_REQUEST['image_browse'] != '') {
$filename = $_REQUEST['image_browse'];
} else {
$action = new K4InformationAction(new K4LanguageElement('L_NEEDCHOOSEICONIMG'), 'content', TRUE);
return $action->execute($request);
}
$file_ext = explode(".", $filename);
$exts = array('gif', 'jpg', 'jpeg', 'bmp', 'png', 'tiff');
if (count($file_ext) >= 2) {
$file_ext = $file_ext[count($file_ext) - 1];
if (!in_array(strtolower($file_ext), $exts)) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDICONEXT'), 'content', TRUE);
return $action->execute($request);
}
} else {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDICONEXT'), 'content', TRUE);
return $action->execute($request);
}
/**
* Update the icon finally
*/
$query = $request['dba']->prepareStatement("UPDATE " . K4POSTICONS . " SET description=?,image=? WHERE id=?");
$query->setString(1, $_REQUEST['description']);
$query->setString(2, $filename);
$query->setInt(3, $icon['id']);
$query->executeUpdate();
if (isset($_FILES['image_upload']) && is_array($_FILES['image_upload'])) {
$dir = BB_BASE_DIR . '/tmp/upload/posticons';
@chmod($dir, 0777);
@move_uploaded_file($_FILES['image_upload']['tmp_name'], $dir . '/' . $filename);
}
/* Change all of the topics to have no icon */
$request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET posticon = '" . $request['dba']->quote($filename) . "' WHERE posticon = '" . $request['dba']->quote($icon['image']) . "'");
k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTICONS');
$request['template']->setVar('posts_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/posts.html');
$action = new K4InformationAction(new K4LanguageElement('L_UPDATEDPOSTICON'), 'content', TRUE, 'admin.php?act=posticons', 3);
return $action->execute($request);
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
global $_QUERYPARAMS;
if (!$request['user']->isMember()) {
no_perms_error($request);
return TRUE;
}
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
if (!isset($_REQUEST['id']) || !$_REQUEST['id'] || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
/* Get our topic */
$topic = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['id']));
if (!$topic || !is_array($topic) || empty($topic)) {
$action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
if ($topic['poster_id'] > 0 && $topic['poster_id'] == $request['user']->get('id')) {
$action = new K4InformationAction(new K4LanguageElement('L_CANNOTRATEOWNPOSTS'), 'content', TRUE, referer(), 2);
return $action->execute($request);
}
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($topic['forum_id']));
if (!isset($_REQUEST['rating']) || $_REQUEST['rating'] < 0 || $_REQUEST['rating'] > 5) {
$action = new K4InformationAction(new K4LanguageElement('L_SUPPLIEDBADRATING'), 'content', FALSE);
return $action->execute($request);
}
/* Check the forum data given */
if (!$forum || !is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
$has_rated = $request['dba']->executeQuery("SELECT * FROM " . K4RATINGS . " WHERE post_id = " . intval($topic['post_id']) . " AND user_id = " . intval($request['user']->get('id')));
if ($has_rated->numRows() > 0) {
$action = new K4InformationAction(new K4LanguageElement('L_ALREADYRATED', $topic['name']), 'content', FALSE);
return $action->execute($request);
}
$add_rate = $request['dba']->prepareStatement("INSERT INTO " . K4RATINGS . " (post_id,user_id,user_name) VALUES (?,?,?)");
$add_rate->setInt(1, $topic['post_id']);
$add_rate->setInt(2, $request['user']->get('id'));
$add_rate->setString(3, $request['user']->get('name'));
$rating = round(($topic['ratings_sum'] + $_REQUEST['rating']) / ($topic['ratings_num'] + 1), 0);
$rate = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET ratings_sum=ratings_sum+?, ratings_num=ratings_num+1, rating=? WHERE post_id=?");
$rate->setInt(1, $_REQUEST['rating']);
$rate->setInt(2, $rating);
$rate->setInt(3, $topic['post_id']);
$add_rate->executeUpdate();
$rate->executeUpdate();
/* Redirect the user */
k4_bread_crumbs($request['template'], $request['dba'], 'L_RATETOPIC', $topic, $forum);
$action = new K4InformationAction(new K4LanguageElement('L_RATEDTOPIC', $topic['name']), 'content', FALSE, referer(), 3);
return $action->execute($request);
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
setcookie('k4_cssedit', isset($_COOKIE['k4_cssedit']) ? '' : 1, isset($_COOKIE['k4_cssedit']) ? time() - 3600 : time() + 3600);
header("Location: index.php");
} else {
no_perms_error($request);
}
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
/* Error check */
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDMAPID'), 'content', FALSE);
return $action->execute($request);
}
$map = $request['dba']->getRow("SELECT * FROM " . K4MAPS . " WHERE id = " . intval($_REQUEST['id']));
/* Error check */
if (!is_array($map) || empty($map)) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDMAPID'), 'content', FALSE);
return $action->execute($request);
}
/* Update this map's parent */
if ($map['parent_id'] > 0) {
$num_children = intval($map['num_children']) + 1;
$request['dba']->executeUpdate("UPDATE " . K4MAPS . " SET num_children=num_children-" . $num_children . " WHERE id = " . intval($map['parent_id']));
}
/* Remove this mapp node */
$request['dba']->executeUpdate("DELETE FROM " . K4MAPS . " WHERE id = " . intval($map['id']));
/* Recursively remove all of its children */
if ($map['num_children'] > 0) {
$this->recursive_remove($map['id']);
}
reset_cache('maps');
k4_bread_crumbs($request['template'], $request['dba'], 'L_PERMISSIONS');
$request['template']->setVar('options_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/options.html');
/* Redirect the user */
$action = new K4InformationAction(new K4LanguageElement('L_REMOVEDMAPSITEM'), 'content', FALSE, 'admin.php?act=permissions_gui', 3);
return $action->execute($request);
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_FAQ');
$request['template']->setVar('faq_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/faq.html');
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_BADFAQANSER'), 'content', FALSE);
return $action->execute($request);
}
$faq = $request['dba']->getRow("SELECT * FROM " . K4FAQANSWERS . " WHERE answer_id = " . intval($_REQUEST['id']));
if (!is_array($faq) || empty($faq)) {
$action = new K4InformationAction(new K4LanguageElement('L_BADFAQANSER'), 'content', FALSE);
return $action->execute($request);
}
$request['dba']->executeUpdate("DELETE FROM " . K4FAQANSWERS . " WHERE answer_id = " . intval($faq['answer_id']));
$request['dba']->executeUpdate("UPDATE " . K4FAQCATEGORIES . " SET num_answers=num_answers-1 WHERE category_id = " . intval($faq['category_id']));
$action = new K4InformationAction(new K4LanguageElement('L_DELETEDFAQANSWER', $faq['question']), 'content', FALSE, 'admin.php?act=faq_answers', 3);
return $action->execute($request);
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) {
// // DEMO VERSION
// if(K4DEMOMODE) {
// no_perms_error($request, 'content');
// return TRUE;
// }
global $_QUERYPARAMS;
if (isset($_REQUEST['settinggroupid']) && intval($_REQUEST['settinggroupid']) > 0) {
$settings = $request['dba']->executeQuery("SELECT * FROM " . K4SETTINGS . " WHERE settinggroupid = " . intval($_REQUEST['settinggroupid']));
while ($settings->next()) {
$setting = $settings->current();
$new_val = ctype_digit($_REQUEST[$setting['varname']]) && $_REQUEST[$setting['varname']] != '' ? intval($_REQUEST[$setting['varname']]) : $request['dba']->quote($_REQUEST[$setting['varname']]);
$request['dba']->executeUpdate("UPDATE " . K4SETTINGS . " SET value = '{$new_val}' WHERE varname = '" . $request['dba']->quote($setting['varname']) . "'");
}
}
k4_bread_crumbs($request['template'], $request['dba'], 'L_OPTIONS');
reset_cache('settings');
$request['template']->setVar('options_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/options.html');
$action = new K4InformationAction(new K4LanguageElement('L_UPDATEDOPTIONS'), 'content', FALSE, 'admin.php?act=options', 3);
return $action->execute($request);
} else {
no_perms_error($request, 'content');
}
return TRUE;
}
function execute(&$request)
{
global $_QUERYPARAMS, $_DATASTORE, $_USERGROUPS;
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
/* Get our topic */
$post = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['id']));
if (!$post || !is_array($post) || empty($post)) {
$action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($post['forum_id']));
/* Check the forum data given */
if (!$forum || !is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
$delete_topic = FALSE;
if ($forum['forum_id'] == GARBAGE_BIN && $this->row_type & TOPIC) {
$delete_topic = TRUE;
}
/* Make sure the we are trying to delete from a forum */
if (!($forum['row_type'] & FORUM)) {
$action = new K4InformationAction(new K4LanguageElement('L_CANTDELFROMNONFORUM'), 'content', FALSE);
return $action->execute($request);
}
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], $this->row_type & REPLY ? 'L_DELETEREPLY' : 'L_DELETETOPIC', $post, $forum);
$maps_var = $this->row_type & TOPIC ? 'topics' : 'replies';
/* Does this person have permission to remove this post? */
if ($post['poster_id'] == $request['user']->get('id')) {
if (get_map($maps_var, 'can_del', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) {
no_perms_error($request);
return TRUE;
}
} else {
if (get_map('other_' . $maps_var, 'can_del', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) {
no_perms_error($request);
return TRUE;
}
}
$user_usergroups = $request['user']->get('usergroups') != '' ? explode('|', $request['user']->get('usergroups')) : array();
$forum_usergroups = $forum['moderating_groups'] != '' ? explode('|', $forum['moderating_groups']) : array();
if (!is_moderator($request['user']->getInfoArray(), $forum)) {
no_perms_error($request);
return TRUE;
}
/* Begin the SQL transaction */
$request['dba']->beginTransaction();
/**
* Should we update the topic?
*/
if ($this->row_type & REPLY) {
$topic_last_reply = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id <> " . intval($post['post_id']) . " AND parent_id=" . intval($post['parent_id']) . " ORDER BY created DESC LIMIT 1");
$topic_update = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET lastpost_created=?,lastpost_uname=?,lastpost_uid=?,lastpost_id=?,num_replies=? WHERE post_id=?");
$topic_update->setInt(1, $topic_last_reply['created']);
$topic_update->setString(2, $topic_last_reply['poster_name']);
$topic_update->setInt(3, $topic_last_reply['poster_id']);
$topic_update->setInt(4, $topic_last_reply['post_id']);
$topic_update->setInt(5, intval($request['dba']->getValue("SELECT COUNT(*) FROM " . K4POSTS . " WHERE parent_id=" . intval($post['parent_id'])) - 1));
// use this to make sure we get the right count
$topic_update->setInt(6, $post['parent_id']);
$topic_update->executeUpdate();
}
/**
* Remove any bad post reports, get a count of replies, change
* user post counts and remove attachments! WOAH!
*/
$num_replies_to_remove = 1;
if ($this->row_type & REPLY) {
$request['dba']->executeUpdate("DELETE FROM " . K4BADPOSTREPORTS . " WHERE post_id = " . intval($post['post_id']));
} else {
$posts = $request['dba']->executeQuery("SELECT post_id,poster_id,attachments FROM " . K4POSTS . " WHERE ( (parent_id=" . intval($post['post_id']) . " AND row_type=" . REPLY . ") OR (post_id=" . intval($post['post_id']) . " AND row_type=" . TOPIC . ") )");
$num_replies_to_remove = intval($posts->numrows() - 1);
while ($posts->next()) {
$p = $posts->current();
// remove bad post report
$request['dba']->executeUpdate("DELETE FROM " . K4BADPOSTREPORTS . " WHERE post_id = " . intval($p['post_id']));
// change user post count
if ($delete_topic || $this->row_type & REPLY) {
$request['dba']->executeUpdate("UPDATE " . K4USERINFO . " SET num_posts=num_posts-1 WHERE user_id=" . intval($p['poster_id']));
}
if ($p['attachments'] > 0) {
remove_attachments($request, $p, FALSE);
}
}
}
/**
* Delete/Move the post
*/
if ($delete_topic || $this->row_type & REPLY) {
$request['dba']->executeUpdate("DELETE FROM " . K4POSTS . " WHERE post_id = " . intval($post['post_id']));
// change or remove replies
if ($this->row_type & REPLY) {
$request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET row_order=row_order-1 WHERE row_order>" . intval($post['row_order']) . " AND post_id=" . intval($post['forum_id']));
} else {
$request['dba']->executeUpdate("DELETE FROM " . K4POSTS . " WHERE parent_id=" . intval($post['post_id']));
$request['dba']->executeUpdate("DELETE FROM " . K4RATINGS . " WHERE post_id = " . intval($post['post_id']));
}
} else {
/* Move this topic and its replies to the garbage bin */
if ($this->row_type & TOPIC) {
// parent_id is left as the current forum id
$request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET forum_id=" . GARBAGE_BIN . " WHERE ( (parent_id=" . intval($post['post_id']) . " AND row_type=" . REPLY . ") OR post_id=" . intval($post['post_id']) . ")");
// update the garbage bin
$newpost_created = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE forum_id=" . GARBAGE_BIN . " ORDER BY created DESC LIMIT 1");
$forum_update = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET posts=posts+?,replies=replies+?,topics=topics+?,post_created=?,post_name=?,post_uname=?,post_id=?,post_uid=?,post_posticon=? WHERE forum_id=?");
$forum_update->setInt(1, $this->row_type & REPLY ? $num_replies_to_remove : $num_replies_to_remove + 1);
$forum_update->setInt(2, $num_replies_to_remove);
$forum_update->setInt(3, $this->row_type & REPLY ? 0 : 1);
$forum_update->setInt(4, $newpost_created['created']);
$forum_update->setString(5, $newpost_created['name']);
$forum_update->setString(6, $newpost_created['poster_name']);
$forum_update->setInt(7, $newpost_created['post_id']);
$forum_update->setInt(8, $newpost_created['poster_id']);
$forum_update->setString(9, $newpost_created['posticon']);
$forum_update->setInt(10, GARBAGE_BIN);
$forum_update->executeUpdate();
}
}
/* Get that last post in this forum that's not part of/from this topic */
$lastpost_created = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE forum_id=" . intval($post['forum_id']) . " ORDER BY created DESC LIMIT 1");
if (!is_array($lastpost_created) || empty($lastpost_created)) {
$lastpost_created = array('created' => 0, 'name' => '', 'poster_name' => '', 'post_id' => 0, 'poster_id' => 0, 'posticon' => '');
}
/**
* Update the forum and the datastore
*/
$forum_update = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET posts=posts-?,replies=replies-?,topics=topics-?,post_created=?,post_name=?,post_uname=?,post_id=?,post_uid=?,post_posticon=? WHERE forum_id=?");
/* Set the forum values */
$forum_update->setInt(1, $this->row_type & REPLY ? $num_replies_to_remove : $num_replies_to_remove + 1);
$forum_update->setInt(2, $num_replies_to_remove);
$forum_update->setInt(3, $this->row_type & REPLY ? 0 : 1);
$forum_update->setInt(4, $lastpost_created['created']);
$forum_update->setString(5, $lastpost_created['name']);
$forum_update->setString(6, $lastpost_created['poster_name']);
$forum_update->setInt(7, $lastpost_created['post_id']);
$forum_update->setInt(8, $lastpost_created['poster_id']);
$forum_update->setString(9, $lastpost_created['posticon']);
$forum_update->setInt(10, $forum['forum_id']);
$forum_update->executeUpdate();
/* Set the datastore values */
if ($delete_topic || $this->row_type & REPLY) {
$datastore_update = $request['dba']->prepareStatement("UPDATE " . K4DATASTORE . " SET data=? WHERE varname=?");
$datastore = $_DATASTORE['forumstats'];
$datastore['num_replies'] = $request['dba']->getValue("SELECT COUNT(*) FROM " . K4POSTS . " WHERE row_type=" . REPLY);
$datastore['num_topics'] = $request['dba']->getValue("SELECT COUNT(*) FROM " . K4POSTS . " WHERE row_type=" . TOPIC);
$datastore_update->setString(1, serialize($datastore));
$datastore_update->setString(2, 'forumstats');
/* Execute datastore update query */
$datastore_update->executeUpdate();
// Update the datastore cache
reset_cache('datastore');
}
$request['dba']->commitTransaction();
/* Redirect the user */
$action = new K4InformationAction(new K4LanguageElement($this->row_type & REPLY ? 'L_DELETEDREPLY' : 'L_DELETEDTOPIC', $post['name']), 'content', FALSE, $this->row_type & REPLY ? 'viewtopic.php?id=' . $post['parent_id'] : 'viewforum.php?f=' . $post['forum_id'], 3);
return $action->execute($request);
}
function execute(&$request)
{
global $_QUERYPARAMS;
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION');
/* Check the request ID */
if (!isset($_REQUEST['id']) || !$_REQUEST['id'] || intval($_REQUEST['id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['id']));
/* Check the forum data given */
if (!$forum || !is_array($forum) || empty($forum)) {
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
/* Make sure the we are trying to post into a forum */
if (!($forum['row_type'] & FORUM) || $forum['forum_id'] == GARBAGE_BIN) {
no_perms_error($request);
return TRUE;
}
$is_poll = isset($_REQUEST['poll']) && intval($_REQUEST['poll']) == 1 ? TRUE : FALSE;
$perm = $is_poll ? 'polls' : 'topics';
/* Do we have permission to post to this forum? */
if ($request['user']->get('perms') < get_map($perm, 'can_add', array('forum_id' => $forum['forum_id']))) {
no_perms_error($request);
return TRUE;
}
/* Prevent post flooding */
$last_topic = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE poster_ip = '" . USER_IP . "' ORDER BY created DESC LIMIT 1");
$last_reply = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE poster_ip = '" . USER_IP . "' ORDER BY created DESC LIMIT 1");
if (is_array($last_topic) && !empty($last_topic)) {
if (intval($last_topic['created']) + POST_IMPULSE_LIMIT > time() && $request['user']->get('perms') < MODERATOR) {
$action = new K4InformationAction(new K4LanguageElement('L_MUSTWAITSECSTOPOST'), 'content', TRUE);
return $action->execute($request);
}
}
if (is_array($last_reply) && !empty($last_reply)) {
if (intval($last_reply['created']) + POST_IMPULSE_LIMIT > time() && $request['user']->get('perms') < MODERATOR) {
$action = new K4InformationAction(new K4LanguageElement('L_MUSTWAITSECSTOPOST'), 'content', TRUE);
return $action->execute($request);
}
}
/**
* Start setting useful template information
*/
if ($is_poll) {
$request['template']->setVar('poll', 1);
}
/* Get and set the emoticons and post icons to the template */
$emoticons = $request['dba']->executeQuery("SELECT * FROM " . K4EMOTICONS . " WHERE clickable = 1");
$posticons = $request['dba']->executeQuery("SELECT * FROM " . K4POSTICONS);
$request['template']->setList('emoticons', $emoticons);
$request['template']->setList('posticons', $posticons);
$request['template']->setVar('emoticons_per_row', $request['template']->getVar('smcolumns'));
$request['template']->setVar('emoticons_per_row_remainder', $request['template']->getVar('smcolumns') - 1);
topic_post_options($request['template'], $request['user'], $forum);
/* Set the forum info to the template */
foreach ($forum as $key => $val) {
$request['template']->setVar('forum_' . $key, $val);
}
$request['template']->setVar('newtopic_action', 'newtopic.php?act=posttopic');
// set the default number of available attachments to 0
// if a draft is loaded, we might subtract from that ;)
$num_attachments = 0;
/**
* Get topic drafts for this forum
*/
$body_text = '';
$drafts = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE forum_id = " . intval($forum['forum_id']) . " AND is_draft = 1 AND poster_id = " . intval($request['user']->get('id')));
if ($drafts->numrows() > 0) {
$request['template']->setVisibility('load_button', TRUE);
if (isset($_REQUEST['load_drafts']) && $_REQUEST['load_drafts'] == 1) {
$request['template']->setVisibility('load_button', FALSE);
$request['template']->setFile('drafts', 'post_drafts.html');
$request['template']->setList('drafts', $drafts);
}
if (isset($_REQUEST['draft']) && intval($_REQUEST['draft']) != 0) {
/* Get our topic */
$draft = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id=" . intval($_REQUEST['draft']) . " AND is_draft=1 AND poster_id=" . intval($request['user']->get('id')));
if (!$draft || !is_array($draft) || empty($draft)) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_INVALIDDRAFT');
$action = new K4InformationAction(new K4LanguageElement('L_DRAFTDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
}
$request['template']->setVar('attach_post_id', $draft['post_id']);
$request['template']->setVar('newtopic_action', 'newtopic.php?act=postdraft');
//$action = new K4InformationAction(new K4LanguageElement('L_DRAFTLOADED'), 'drafts', FALSE);
/* Turn the draft text back into bbcode */
$parser =& new BBParser();
$draft['body_text'] = $parser->revert($draft['body_text']);
$body_text = $draft['body_text'];
$request['template']->setVisibility('save_draft', FALSE);
$request['template']->setVisibility('load_button', FALSE);
$request['template']->setVisibility('edit_topic', TRUE);
$request['template']->setVisibility('post_id', TRUE);
$request['template']->setVisibility('br', TRUE);
$num_attachments = $draft['attachments'];
/* Assign the draft information to the template */
foreach ($draft as $key => $val) {
$request['template']->setVar('post_' . $key, $val);
}
if ($request['template']->getVar('nojs') == 0) {
post_attachment_options($request, $forum, $draft);
}
//$action->execute($request);
}
}
/**
* Deal with file attachments
*/
if ($request['template']->getVar('nojs') == 0) {
if ($request['template']->getVar('attach_inputs') == '') {
if ($request['user']->get('perms') >= get_map('attachments', 'can_add', array('forum_id' => $forum['forum_id']))) {
$num_attachments = $request['template']->getVar('nummaxattaches') - $num_attachments;
$attach_inputs = '';
for ($i = 1; $i <= $num_attachments; $i++) {
$attach_inputs .= '<br /><input type="file" class="inputbox" name="attach' . $i . '" id="attach' . $i . '" value="" size="55" />';
}
$request['template']->setVar('attach_inputs', $attach_inputs);
}
}
}
/* Create our editor */
create_editor($request, $body_text, 'post', $forum);
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTTOPIC', $forum);
/* Set the post topic form */
$request['template']->setVar('is_topic', 1);
$request['template']->setFile('content', 'newtopic.html');
$request['template']->setVar('forum_forum_id', $forum['forum_id']);
$request['template']->setVisibility('post_topic', TRUE);
$request['template']->setVar('L_TITLETOOSHORT', sprintf($request['template']->getVar('L_TITLETOOSHORT'), $request['template']->getVar('topicminchars'), $request['template']->getVar('topicmaxchars')));
return TRUE;
}
function execute(&$request)
{
global $_QUERYPARAMS;
if (!$request['user']->isMember()) {
no_perms_error($request);
return TRUE;
}
if (!isset($_REQUEST['id']) || !$_REQUEST['id'] || intval($_REQUEST['id']) == 0) {
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INVALIDFORUM');
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
return TRUE;
}
/* Get our forum */
$forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['id']));
if (!$forum || !is_array($forum) || empty($forum)) {
/* set the breadcrumbs bit */
k4_bread_crumbs($request['template'], $request['dba'], 'L_INVALIDFORUM');
$action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE);
return $action->execute($request);
return TRUE;
}
$subscribe = $request['dba']->prepareStatement("DELETE FROM " . K4SUBSCRIPTIONS . " WHERE user_id=? AND post_id=0 AND forum_id=?");
$subscribe->setInt(1, $request['user']->get('id'));
$subscribe->setInt(2, $forum['forum_id']);
$subscribe->executeUpdate();
/* Redirect the user */
k4_bread_crumbs($request['template'], $request['dba'], 'L_SUBSCRIPTIONS', $forum);
$action = new K4InformationAction(new K4LanguageElement('L_UNSUBSCRIBEDFORUM', $forum['name']), 'content', FALSE, referer(), 3);
// 'viewforum.php?f='. $forum['forum_id']
return $action->execute($request);
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) {
$request['template']->setVar('current_location', $request['template']->getVar('L_FILEBROWSER'));
$request['template']->setVar('opener_input', @$_REQUEST['input']);
$request['template']->setVar('selected', @$_REQUEST['selected']);
$directory = BB_BASE_DIR . DIRECTORY_SEPARATOR . @$_REQUEST['dir'];
if (!isset($_REQUEST['dir']) || $_REQUEST['dir'] == '' || !file_exists($directory) || !is_dir($directory)) {
$action = new K4InformationAction(new K4LanguageElement('L_DIRECTORYDOESNTEXIST', BB_BASE_DIR . DIRECTORY_SEPARATOR . $dir), 'content', FALSE);
return $action->execute($request);
}
$filetypes = array('html' => array('HTM', 'HTML', 'JS'), 'php' => array('PHP'), 'img' => array('GIF', 'PNG', 'TIFF', 'JPG', 'JPEG', 'BMP', 'ICO'));
$filetype = (!isset($_REQUEST['filetype']) || $_REQUEST['filetype'] == '') && !array_key_exists(@$_REQUEST['filetype'], $filetypes) ? FALSE : $_REQUEST['filetype'];
$dir = dir($directory);
$files = array();
while (false !== ($file = $dir->read())) {
if ($file != '.' && $file != '..' && $file != 'Thumbs.db') {
if (!is_dir($directory . DIRECTORY_SEPARATOR . $file)) {
$temp = array();
/* Get File extension */
$exts = explode(".", $file);
$temp['fileext'] = count($exts) < 2 ? '' : strtoupper($exts[count($exts) - 1]);
$temp['shortname'] = $file;
$temp['filename'] = $_REQUEST['dir'] . '/' . $file;
$temp['file'] = $exts[0];
if (in_array($temp['fileext'], $filetypes['html'])) {
$temp['filetype'] = 'html';
} else {
if (in_array($temp['fileext'], $filetypes['php'])) {
$temp['filetype'] = 'php';
} else {
if (in_array($temp['fileext'], $filetypes['img'])) {
$temp['filetype'] = 'img';
$dimensions = $this->resize_image($temp['filename']);
$temp['width'] = $dimensions[0];
$temp['height'] = $dimensions[1];
} else {
$temp['filetype'] = '';
}
}
}
if (!$filetype) {
$files[] = $temp;
} else {
if ($temp['filetype'] == $filetype) {
$files[] = $temp;
}
}
}
}
}
$files =& new FAArrayIterator($files);
$request['template']->setVar('img', 'img');
$request['template']->setList('files_list', $files);
$request['template']->setFile('content', 'file_browser.html');
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) {
k4_bread_crumbs($request['template'], $request['dba'], 'L_USERTITLES');
$request['template']->setVar('users_on', '_on');
$request['template']->setFile('sidebar_menu', 'menus/users.html');
if (!isset($_REQUEST['user_id']) || intval($_REQUEST['user_id']) == 0) {
$action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE);
return $action->execute($request);
}
$user = $request['dba']->getRow("SELECT * FROM " . K4USERS . " WHERE id = " . intval($_REQUEST['user_id']));
if (!is_array($user) || empty($user)) {
$action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE);
return $action->execute($request);
}
$title = isset($_REQUEST['user_title']) ? $_REQUEST['user_title'] : '';
$request['dba']->executeUpdate("UPDATE " . K4USERINFO . " SET user_title = '" . $request['dba']->quote($title) . "' WHERE user_id = " . intval($_REQUEST['user_id']));
$action = new K4InformationAction(new K4LanguageElement('L_UPDATEDUSERTITLE', $user['name']), 'content', TRUE, 'admin.php?act=usertitles', 3);
return $action->execute($request);
} else {
no_perms_error($request);
}
return TRUE;
}
function execute(&$request)
{
/* Create the ancestors bar */
k4_bread_crumbs($request['template'], $request['dba'], 'L_RESENDVALIDATIONEMAIL');
/* Check if the user is logged in or not */
if ($request['user']->isMember()) {
no_perms_error($request);
return TRUE;
}
if (!$this->runPostFilter('email', new FARequiredFilter())) {
$action = new K4InformationAction(new K4LanguageElement('L_SUPPLYEMAIL'), 'content', TRUE);
return $action->execute($request);
}
if (!$this->runPostFilter('email', new FARegexFilter('~^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$~'))) {
$action = new K4InformationAction(new K4LanguageElement('L_NEEDVALIDEMAIL'), 'content', TRUE);
return $action->execute($request);
}
$user = $request['dba']->getRow("SELECT * FROM " . K4USERS . " WHERE email = '" . $request['dba']->quote($_REQUEST['email']) . "'");
if (!is_array($user) || empty($user)) {
$action = new K4InformationAction(new K4LanguageElement('L_INVALIDEMAILRVE', $_REQUEST['email']), 'content', TRUE);
return $action->execute($request);
}
if ($user['reg_key'] == '') {
$action = new K4InformationAction(new K4LanguageElement('L_USERREGGEDRVE'), 'content', TRUE);
return $action->execute($request);
}
// .'/member.php?act=activate_accnt&key='. $user['reg_key']
$url = new FAUrl(K4_URL);
$url->file = 'member.php';
$url->args = array('act' => 'activate_accnt', 'key' => $user['reg_key']);
$email = sprintf($request['template']->getVar('L_REGISTEREMAILRMSG'), $user['name'], $request['template']->getVar('bbtitle'), str_replace('&', '&', $url->__toString()), $request['template']->getVar('bbtitle'));
email_user($user['email'], $request['template']->getVar('bbtitle') . ' - ' . $request['template']->getVar('L_RESENDVALIDATIONEMAIL'), $email);
$action = new K4InformationAction(new K4LanguageElement('L_RESENTREGEMAIL', $_REQUEST['email']), 'content', TRUE);
return $action->execute($request);
}
function execute(&$request)
{
no_perms_error($request);
return TRUE;
}
