function phorum_readable_permissions() { $PHORUM = $GLOBALS['PHORUM']; $newperms = array(); if (isset($PHORUM["user"]["permissions"])) { $forums = phorum_db_get_forums(array_keys($PHORUM["user"]["permissions"])); foreach ($PHORUM["user"]["permissions"] as $forum => $perms) { if (isset($forums[$forum])) { if ($perms & PHORUM_USER_ALLOW_MODERATE_MESSAGES) { $newperms[] = array('forum' => $forums[$forum]["name"], 'perm' => $PHORUM['DATA']['LANG']['PermModerator']); } if ($perms & PHORUM_USER_ALLOW_READ) { $newperms[] = array('forum' => $forums[$forum]["name"], 'perm' => $PHORUM['DATA']['LANG']['PermAllowRead']); } if ($perms & PHORUM_USER_ALLOW_REPLY) { $newperms[] = array('forum' => $forums[$forum]["name"], 'perm' => $PHORUM['DATA']['LANG']['PermAllowReply']); } if ($perms & PHORUM_USER_ALLOW_NEW_TOPIC) { $newperms[] = array('forum' => $forums[$forum]["name"], 'perm' => $PHORUM['DATA']['LANG']['PermAllowPost']); } } } } return $newperms; }
function phorum_check_upload_limits($is_install) { $PHORUM = $GLOBALS["PHORUM"]; if ($is_install) { return array(PHORUM_SANITY_SKIP, NULL, NULL); } // Keep track if uploads are used. $upload_used = false; // Get the maximum file upload size for PHP. list($system_max_upload, $php_max_upload, $db_max_upload) = phorum_get_system_max_upload(); // Check limits for file uploading in personal profile. if ($PHORUM["file_uploads"] && $PHORUM["max_file_size"]) { $upload_used = true; $res = phorum_single_check_upload_limits($PHORUM["max_file_size"] * 1024, "the Max File Size option for user file uploads " . "(in their profile)", $php_max_upload, $db_max_upload); if ($res != NULL) { return $res; } } // Check limits for attachment uploading in forums. $forums = phorum_db_get_forums(); foreach ($forums as $id => $forum) { if ($forum["max_attachments"] > 0 && $forum["max_attachment_size"]) { $upload_used = true; $res = phorum_single_check_upload_limits($forum["max_attachment_size"] * 1024, "the Max File Size option for uploading attachments\n in the forum \"{$forum['name']}\"", $php_max_upload, $db_max_upload); if ($res != NULL) { return $res; } } } // No upload functionality found so far? Then we're done. if (!$upload_used) { return array(PHORUM_SANITY_OK, NULL); } // Check if the upload temp directory can be written. $tmpdir = get_cfg_var('upload_tmp_dir'); if (!empty($tmpdir)) { $fp = @fopen("{$tmpdir}/sanity_checks_dummy_uploadtmpfile", "w"); if (!$fp) { return array(PHORUM_SANITY_CRIT, "The system is unable to write files\n to PHP's upload tmpdir \"" . htmlspecialchars($tmpdir) . "\".\n The system error was:<br/><br/>" . htmlspecialchars($php_errormsg) . ".", "Change the upload_tmp_dir setting in your php.ini file\n or give your webserver more permissions for the current\n upload directory."); } fclose($fp); unlink("{$tmpdir}/sanity_checks_dummy_uploadtmpfile"); } return array(PHORUM_SANITY_OK, NULL, NULL); }
function phorum_check_language() { $PHORUM = $GLOBALS["PHORUM"]; $checked = array(); // Check for the default language file. if (! file_exists("./include/lang/{$PHORUM["default_language"]}.php")) return array( PHORUM_SANITY_WARN, "Your default language is set to \"".htmlspecialchars($PHORUM["default_language"])."\", but the language file \"include/lang/". htmlspecialchars($PHORUM["default_language"].".php")."\" is not available on your system (anymore?).", "Install the specified language file to make this default language work or change the Default Language setting under General Settings." ); $checked[$PHORUM["default_language"]] = true; // Check for the forum specific language file(s). $forums = phorum_db_get_forums(); foreach ($forums as $id => $forum) { if (!empty($forum["language"]) && !$checked[$forum["language"]] && !file_exists("./include/lang/{$forum["language"]}.php")) { return array( PHORUM_SANITY_WARN, "The language for forum \"". htmlspecialchars($forum["name"])."\" is set to \"".htmlspecialchars($forum["language"])."\", but the language file \"include/lang/". htmlspecialchars($forum["language"].".php")."\" is not available on your system (anymore?).", "Install the specified language file to make this language work or change the language setting for the forum." ); } $checked[$forum["language"]] = true; } // All checks are OK. return array(PHORUM_SANITY_OK, NULL); }
/** * Retrieve the data for forums and/or folders in various ways. * * @param mixed $forum_ids * A single forum_id or an array of forum_ids for which to retrieve the * forum data. If this parameter is NULL, then the $parent_id * parameter will be checked. * * @param mixed $parent_id * Retrieve the forum data for all forums that have their parent_id set * to $parent_id. If this parameter is NULL, then the $vroot parameter * will be checked. * * @param mixed $vroot * Retrieve the forum data for all forums that are in the given $vroot. * If this parameter is NULL, then the $inherit_id parameter will be * checked. * * @param mixed $inherit_id * Retrieve the forum data for all forums that inherit their settings * from the forum with id $inherit_id. * * @return mixed * If the $forum_ids parameter is used and if it contains a single * forum_id, then a single array containg forum data is returned or * NULL if the forum was not found. * For all other cases, an array of forum data arrays is returned, indexed * by the forum_id and sorted by their display order. If the $forum_ids * parameter is an array containing non-existent forum_ids, then the * return array will have no entry available in the returned array. */ function phorum_api_forums_get($forum_ids = NULL, $parent_id = NULL, $vroot = NULL, $inherit_id = NULL) { // Retrieve the forums/folders from the database. $forums = phorum_db_get_forums($forum_ids, $parent_id, $vroot, $inherit_id); // Filter and process the returned records. foreach ($forums as $id => $forum) { // Find the fields specification to use for this record. $fields = $forum['folder_flag'] ? $GLOBALS['PHORUM']['API']['folder_fields'] : $GLOBALS['PHORUM']['API']['forum_fields']; // Initialize the filtered data array. $filtered = array('folder_flag' => $forum['folder_flag'] ? 1 : 0); // Add fields to the filtered data. foreach ($fields as $fld => $fldtype) { switch ($fldtype) { case 'int': $filtered[$fld] = (int) $forum[$fld]; break; case 'string': $filtered[$fld] = $forum[$fld]; break; case 'bool': $filtered[$fld] = empty($forum[$fld]) ? 0 : 1; break; case 'array': $filtered[$fld] = unserialize($forum[$fld]); break; default: trigger_error('phorum_api_forums_get(): Illegal field type used: ' . htmlspecialchars($fldtype), E_USER_ERROR); break; } } $forums[$id] = $filtered; } if ($forum_ids === NULL || is_array($forum_ids)) { return $forums; } else { return isset($forums[$forum_ids]) ? $forums[$forum_ids] : NULL; } }
function phorum_admin_build_path_array($only_forum = NULL) { $paths = array(); // The forum_id = 0 root node is not in the database. // Here, we create a representation for that node that will work. $root = array('vroot' => 0, 'forum_id' => 0, 'name' => $GLOBALS['PHORUM']['title']); // If we are going to update the paths for all nodes, then we pull // in our full list of forums and folders from the database. If we only // need the path for a single node, then the node and all its parent // nodes are retrieved using single calls to the database. if ($only_forum === NULL) { $nodes = phorum_db_get_forums(); $nodes[0] = $root; } else { if ($only_forum == 0) { $nodes = array(0 => $root); } else { $nodes = phorum_db_get_forums($only_forum); } } // Build the paths for the retrieved node(s). foreach ($nodes as $id => $node) { $path = array(); while (TRUE) { // Add the node to the path. $path[$node['forum_id']] = $node['name']; // Stop building when we hit a (v)root. if ($node['forum_id'] == 0 || $node['vroot'] == $node['forum_id']) { break; } // Find the parent node. The root node (forum_id = 0) is special, // since that one is not in the database. We create an entry on // the fly for that one here. if ($node['parent_id'] == 0) { $node = $root; } elseif ($only_forum !== NULL) { $tmp = phorum_db_get_forums($node['parent_id']); $node = $tmp[$node['parent_id']]; } else { $node = $nodes[$node['parent_id']]; } } // Reverse the path, since we have been walking up the path here. // For the parts of the application that use this data, it's more // logical if the root nodes come first in the path arrays. $paths[$id] = array_reverse($path, TRUE); } // We cannot remember what this was needed for. For now, we leave it out. // $paths = array_reverse($folders, true); return $paths; }
} $cache_key = $_SERVER["QUERY_STRING"].",".$PHORUM["user"]["user_id"]; $data = phorum_cache_get("rss", $cache_key); if(empty($data)){ if($PHORUM["forum_id"]==$PHORUM["vroot"]){ $forums = phorum_db_get_forums(0, -1, $PHORUM["vroot"]); $forum_ids = array_keys($forums); } elseif($PHORUM["folder_flag"] && $PHORUM["vroot"]==0 && $PHORUM["forum_id"]!=0){ // we don't support rss for normal folders exit(); } else { $forum_ids = $PHORUM["forum_id"]; $forums = phorum_db_get_forums($PHORUM["forum_id"]); } // find default forum for announcements foreach($forums as $forum_id=>$forum){ if($forum["folder_flag"]){ unset($forums[$forum_id]); } elseif(empty($default_forum_id)) { $default_forum_id = $forum_id; } } $PHORUM["threaded_list"]=false; $PHORUM["float_to_top"]=false; // get the thread set started
foreach ($files as $file_id => $data) { if (phorum_api_file_check_delete_access($file_id)) { phorum_api_file_delete($file_id); } } } // Run a hook for performing custom actions after cleanup. if (isset($PHORUM["hooks"]["delete"])) { phorum_hook("delete", array($msgthd_id)); } } } } $PHORUM['DATA']['PREPOST'] = array(); if ($gotforums) { $foruminfo = phorum_db_get_forums($mod_forums, NULL, $PHORUM['vroot']); } else { $foruminfo = array(); } foreach ($mod_forums as $forum => $rest) { $checkvar = 1; // Get the threads $rows = array(); // get the thread set started $rows = phorum_db_get_unapproved_list($forum, $showwaiting, $moddays); // loop through and read all the data in. foreach ($rows as $key => $row) { $numunapproved++; $rows[$key]['forumname'] = $foruminfo[$forum]['name']; $rows[$key]['checkvar'] = $checkvar; if ($checkvar) {
/** * Check if a user has certain access right for forum(s). * * @param integer $permission * The permission to check for. Multiple permissions can be OR-ed * together. The available permissions are: * - {@link PHORUM_USER_ALLOW_READ} * - {@link PHORUM_USER_ALLOW_REPLY} * - {@link PHORUM_USER_ALLOW_EDIT} * - {@link PHORUM_USER_ALLOW_NEW_TOPIC} * - {@link PHORUM_USER_ALLOW_ATTACH} * - {@link PHORUM_USER_ALLOW_MODERATE_MESSAGES} * - {@link PHORUM_USER_ALLOW_MODERATE_USERS} * * @param mixed $forum_id * Specifies the forum(s) to look at. Available options are: * - The id of the forum for which to check the access * - 0 (zero, the default) to check access for the active forum * - An array of forum_ids to check * - {@link PHORUM_ACCESS_ANY} to check if the user has access rights * for any of the available forums * - {@link PHORUM_ACCESS_LIST} to return a list of forum_ids for which the * user has access rights * * @param mixed $user * Specifies the user to look at. Available options are: * - 0 (zero, the default) to look at the active Phorum user. * - A full user data array. * - A single user_id. * * @return mixed * The return value depends on the $forum_id argument that was used: * * - Single forum_id , 0 (zero) or {@link PHORUM_ACCESS_ANY}: * return either TRUE (access granted) or FALSE (access denied). * * - An array of forum_ids or {@link PHORUM_ACCESS_LIST}: * return an array, containing all forum_ids for which * permission was granted (both keys and values are forum_ids * in this array). */ function phorum_api_user_check_access($permission, $forum_id = 0, $user = 0) { $PHORUM = $GLOBALS['PHORUM']; // Prepare the array of forum ids to check. $forum_access = array(); $forums = NULL; $single_forum_id = NULL; // An array of forum ids. if (is_array($forum_id)) { foreach ($forum_id as $id) { $forum_access[$id] = FALSE; } // Forum id 0 (zero). } elseif (empty($forum_id)) { $single_forum_id = $PHORUM['forum_id']; $forum_access[$PHORUM['forum_id']] = FALSE; $forums = array($PHORUM['forum_id'] => array('reg_perms' => $PHORUM['reg_perms'], 'pub_perms' => $PHORUM['pub_perms'])); // Retrieve a forum access list or access-rights-in-any-forum. } elseif ($forum_id == PHORUM_ACCESS_LIST || $forum_id == PHORUM_ACCESS_ANY) { $forums = phorum_db_get_forums(0, NULL, $PHORUM['vroot']); foreach ($forums as $id => $data) { $forum_access[$id] = FALSE; } // A single forum id. } else { $single_forum_id = $forum_id; $forum_access[$forum_id] = FALSE; } // Prepare the user to check the access for. if (empty($user)) { $user = $PHORUM['user']; } elseif (!is_array($user)) { $user = phorum_api_user_get($user, true); } // Inactive users have no permissions at all. if (!empty($user['user_id']) && empty($user['active'])) { if ($forum_id == PHORUM_ACCESS_ANY) { return FALSE; } // No further code required. We'll just keep all forum // permissions set to FALSE here. } elseif (!empty($user['user_id']) && !empty($user['admin'])) { if ($forum_id == PHORUM_ACCESS_ANY) { return TRUE; } foreach ($forum_access as $id => $data) { $forum_access[$id] = TRUE; } } else { // Fetch data for the forums, unless we already have that // data available. if ($forums === NULL) { $forums = phorum_db_get_forums(array_keys($forum_access)); } // Check the access rights for each forum. foreach ($forum_access as $id => $data) { // Access to folders is always granted. if (!empty($forums[$id]['folder_flag'])) { $forum_access[$id] = TRUE; continue; } $perm = NULL; // Authenticated user with specific access rights. if (!empty($user['user_id']) && isset($user['permissions'][$id])) { $perm = $user['permissions'][$id]; } else { $key = empty($user['user_id']) ? 'pub_perms' : 'reg_perms'; if (isset($forums[$id][$key])) { $perm = $forums[$id][$key]; } } // Check if the user has the requested permission for the forum. if (!empty($perm) && ($perm & $permission) == $permission) { if ($forum_id == PHORUM_ACCESS_ANY) { return TRUE; } else { $forum_access[$id] = TRUE; } } } } // If we reach this code, then we did not find any forum for the user. if ($forum_id == PHORUM_ACCESS_ANY) { return FALSE; } // Return the results. if ($single_forum_id !== NULL) { // Return either TRUE or FALSE. return empty($forum_access[$single_forum_id]) ? FALSE : TRUE; } else { // Return an array of forums for which permission is granted. // Both the keys and values are the forum ids. $return = array(); foreach ($forum_access as $id => $has_permission) { if ($has_permission) { $return[$id] = $id; } } return $return; } }
phorum_admin_set_vroot($cur_folder_id, $parent_folder[$oldfolder['parent_id']]['vroot'], $cur_folder_id); } } else { // just default root ... phorum_admin_set_vroot($cur_folder_id, 0, $cur_folder_id); } // done with vroots phorum_db_drop_folder($cur_folder_id); $msg = "The folder was deleted. All forums and folders in this folder have been moved to this folder's parent."; } else { phorum_db_drop_forum($_GET["forum_id"]); $msg = "The forum was deleted. All messages in that forum were deleted."; } } elseif ($_GET["confirm"] == "No") { $msg = "No action was taken."; } else { $forums = phorum_db_get_forums((int) $_GET["forum_id"]); $forum = array_shift($forums); if ($forum["folder_flag"]) { $msg = "Are you sure you want to delete {$forum['name']}? All forums and folders in this folder will be moved to this folder's parent."; } else { $msg = "Are you sure you want to delete {$forum['name']}? All messages in this forum will be deleted"; } $msg .= "<form action=\"{$PHORUM["admin_http_path"]}\" method=\"get\"><input type=\"hidden\" name=\"module\" value=\"{$module}\" /><input type=\"hidden\" name=\"forum_id\" value=\"{$forum['forum_id']}\" /><input type=\"hidden\" name=\"folder_flag\" value=\"{$forum['folder_flag']}\" /><input type=\"submit\" name=\"confirm\" value=\"Yes\" /> <input type=\"submit\" name=\"confirm\" value=\"No\" /></form>"; } ?> <div class="PhorumInfoMessage"><?php echo $msg; ?> </div>
// // // This program is free software. You can redistribute it and/or modify // // it under the terms of either the current Phorum License (viewable at // // phorum.org) or the Phorum License that was distributed with this file // // // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY, without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // You should have received a copy of the Phorum License // // along with this program. // //////////////////////////////////////////////////////////////////////////////// if (!defined("PHORUM")) { return; } $forums = phorum_db_get_forums(0, $parent_id); $PHORUM["DATA"]["FORUMS"] = array(); $forums_shown = false; $new_checks = array(); if ($PHORUM["DATA"]["LOGGEDIN"] && !empty($forums)) { if ($PHORUM["show_new_on_index"] == 2) { $new_checks = phorum_db_newflag_check(array_keys($forums)); } elseif ($PHORUM["show_new_on_index"] == 1) { $new_counts = phorum_db_newflag_count(array_keys($forums)); } } foreach ($forums as $forum) { if ($forum["folder_flag"]) { $forum["URL"]["LIST"] = phorum_get_url(PHORUM_INDEX_URL, $forum["forum_id"]); } else { if ($PHORUM["hide_forums"] && !phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, $forum["forum_id"])) {
// check if the thread to move is an announcement thread $message = phorum_db_get_message($msgthd_id); if ($message["sort"] == PHORUM_SORT_ANNOUNCEMENT) { $PHORUM['DATA']['MESSAGE']=$PHORUM["DATA"]["LANG"]["MoveAnnouncementForbidden"]; break; } $PHORUM['DATA']['URL']["ACTION"]=phorum_get_url(PHORUM_MODERATION_ACTION_URL); $PHORUM['DATA']["FORM"]["forum_id"]=$PHORUM["forum_id"]; $PHORUM['DATA']["FORM"]["thread_id"]=$msgthd_id; $PHORUM['DATA']["FORM"]["mod_step"]=PHORUM_DO_THREAD_MOVE; // get all the forums the moderator may move to $PHORUM['DATA']["MoveForumsOption"]=""; $forums=phorum_db_get_forums(0,-1,$PHORUM['vroot']); asort($forums); foreach($forums as $id=>$forum){ if ($id == $PHORUM["forum_id"]) continue; // add && phorum_user_moderate_allowed($id) if the mod should only be able // to move to forums he also moderates if($forum["folder_flag"]==0){ // it makes no sense to move to the forum we are in already if($forum['forum_id'] != $PHORUM['forum_id']) { $forum_data[strtolower($forum["name"])]=array("forum_id"=>$id, "name"=>$forum["name"]); } } } $PHORUM['DATA']['FRM']=1;
$email = $name . '@example.com'; $pass = "******"; $user = array("user_id" => NULL, "username" => $name, "password" => $pass, "email" => $email, "active" => PHORUM_USER_ACTIVE); phorum_api_user_save($user); print "."; } print "\n"; } // Retrieve users which we can use to post with. $users = phorum_api_user_list(PHORUM_GET_ACTIVE); $user_ids = array_keys($users); if (!count($user_ids)) { die("No users found that can be used for posting.\n"); } // Retrieve forums to post in. $forums = phorum_db_get_forums(0, NULL, 0); $forum_ids = array(); foreach ($forums as $id => $forum) { if ($forum["folder_flag"]) { continue; } $forum_ids[] = $id; } if (!count($forum_ids)) { die("No users found that can be used for posting.\n"); } if ($tcount) { $batch = time(); print "\nPosting {$tcount} threads to the database:\n\n"; $count = 0; while ($tcount) {
exit(); } } // checking for upgrade or new install if ( !isset( $PHORUM['internal_version'] ) ) { echo "<html><head><title>Phorum error</title></head><body>No Phorum settings were found. Either this is a brand new installation of Phorum or there is an error with your database server. If this is a new install, please <a href=\"admin.php\">go to the admin page</a> to complete the installation. If not, check your database server.</body></html>"; exit(); } elseif ( $PHORUM['internal_version'] < PHORUMINTERNAL ) { echo "<html><head><title>Error</title></head><body>Looks like you have installed a new version. Go to the admin to complete the upgrade!</body></html>"; exit(); } // load the forum's settings if ( !empty( $PHORUM["forum_id"] ) ) { $forum_settings = phorum_db_get_forums( $PHORUM["forum_id"] ); if ( empty( $forum_settings[$PHORUM["forum_id"]] ) ) { phorum_hook( "common_no_forum", "" ); phorum_redirect_by_url( phorum_get_url( PHORUM_INDEX_URL ) ); exit(); } $PHORUM = array_merge( $PHORUM, $forum_settings[$PHORUM["forum_id"]] ); } else { // some defaults we might need if no forum is set (i.e. on the index-page) $PHORUM['vroot']=0; $PHORUM['parent_id']=0; $PHORUM['active']=1; $PHORUM['folder_flag']=1; } // stick some stuff from the settings into the DATA member
phorum_redirect_by_url(phorum_get_url(PHORUM_INDEX_URL)); exit; } $PHORUM = array_merge($PHORUM, $forum_settings[$PHORUM["forum_id"]]); } elseif (isset($PHORUM["forum_id"]) && $PHORUM["forum_id"] == 0) { $PHORUM = array_merge($PHORUM, $PHORUM["default_forum_options"]); // some hard settings are needed if we are looking at forum_id 0 $PHORUM['vroot'] = 0; $PHORUM['parent_id'] = 0; $PHORUM['active'] = 1; $PHORUM['folder_flag'] = 1; $PHORUM['cache_version'] = 0; } // handling vroots if (!empty($PHORUM['vroot'])) { $vroot_folders = phorum_db_get_forums($PHORUM['vroot']); $PHORUM["title"] = $vroot_folders[$PHORUM['vroot']]['name']; $PHORUM["DATA"]["TITLE"] = $PHORUM["title"]; $PHORUM["DATA"]["HTML_TITLE"] = $PHORUM["title"]; if ($PHORUM['vroot'] == $PHORUM['forum_id']) { // unset the forum-name if we are in the vroot-index // otherwise the NAME and TITLE would be the same and still shown twice unset($PHORUM['name']); } } // stick some stuff from the settings into the DATA member $PHORUM["DATA"]["NAME"] = isset($PHORUM["name"]) ? $PHORUM["name"] : ""; $PHORUM["DATA"]["HTML_DESCRIPTION"] = isset($PHORUM["description"]) ? preg_replace("!\\s+!", " ", $PHORUM["description"]) : ""; $PHORUM["DATA"]["DESCRIPTION"] = strip_tags($PHORUM["DATA"]["HTML_DESCRIPTION"]); // clean up some more stuff in the description without html $search_arr = array('\'', '"');
$subdays = $_POST['subdays']; } elseif(isset($PHORUM['args']['subdays']) && !empty($PHORUM["args"]['subdays']) && is_numeric($PHORUM["args"]['subdays'])) { $subdays = $PHORUM['args']['subdays']; } else { $subdays = 2; } $PHORUM['DATA']['SELECTED'] = $subdays; // reading all subscriptions to messages $subscr_array = phorum_db_get_message_subscriptions($PHORUM['user']['user_id'], $subdays); // reading all forums $forum_ids = $subscr_array['forum_ids']; unset($subscr_array['forum_ids']); $forums_arr = phorum_db_get_forums($forum_ids,-1,$PHORUM['vroot']); $subscr_array_final = array(); foreach($subscr_array as $dummy => $data) { if ($data['forum_id'] == 0) { $data['forum'] = $PHORUM['DATA']['LANG']['Announcement']; } else { $data['forum'] = $forums_arr[$data['forum_id']]['name']; } $data['datestamp'] = phorum_date($PHORUM["short_date"], $data["modifystamp"]); $data['readurl'] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $data["forum_id"], $data["thread"]); if(!empty($data["user_id"])) { $data["profile_url"] = phorum_get_url(PHORUM_PROFILE_URL, $data["user_id"]); // we don't normally put HTML in this code, but this makes it easier on template builders $data["linked_author"] = "<a href=\"".$data["profile_url"]."\">".htmlspecialchars($data["author"])."</a>";
function phorum_admin_get_descending($parent) { $ret_data=array(); $arr_data=phorum_db_get_forums(0,$parent); foreach($arr_data as $key => $val) { $ret_data[$key]=$val; if($val['folder_flag'] == 1) { $more_data=phorum_db_get_forums(0,$val['forum_id']); $ret_data=$ret_data + $more_data; // array_merge reindexes the array } } return $ret_data; }
/** * phorum_user_access_list() * * This function will return a list of forum ids in which * the current user has $permission * * @param $permission Use the PHORUM_ALLOW_* constants * @return bool */ function phorum_user_access_list( $permission ) { $PHORUM = $GLOBALS["PHORUM"]; $forums = phorum_db_get_forums(0,-1,$PHORUM['vroot']); $forum_list = array(); $field = ( $PHORUM["user"]["user_id"] > 0 ) ? "reg_perms" : "pub_perms"; foreach( $forums as $forum_id => $forum ) { if ( $PHORUM["user"]["admin"] || $forum[$field] &$permission ) { $forum_list[$forum_id] = $forum_id; } // if its a folder, they have read but nothing else elseif ($forum["folder_flag"] && $permission == PHORUM_USER_ALLOW_READ){ $forum_list[$forum_id] = $forum_id; } } if ( !$PHORUM["user"]["admin"] && !empty( $PHORUM["user"]["permissions"] ) ) { foreach( $PHORUM["user"]["permissions"] as $forum_id => $perms ) { if ( isset( $forum_list[$forum_id] ) ) unset( $forum_list[$forum_id] ); if ( $perms & $permission ) { $forum_list[$forum_id] = $forum_id; } } } // Admins also have rights for forum_id 0 (announcements) if ($PHORUM["user"]["admin"]) { $forum_list[0] = 0; } return $forum_list; }
define("phorum_page", "feed"); include_once "./common.php"; include_once "./include/format_functions.php"; include_once "./include/feed_functions.php"; // Check if feeds are allowed. if (empty($PHORUM['use_rss'])) { exit; } // somehow we got to a folder if (!empty($PHORUM["folder_flag"]) && $PHORUM["forum_id"] != $PHORUM["vroot"]) { exit; } // Get the forums that this user can read. // Check all forums below the current (v)root. if ($PHORUM["forum_id"] == $PHORUM["vroot"]) { $forums = phorum_db_get_forums(null, null, $PHORUM["forum_id"]); } else { // its cheap to copy this even though there is more than needed in it $forums[$PHORUM["forum_id"]] = $PHORUM; } // grab the data from cache if we can // only do this with caching enabled $cache_key = $_SERVER["REQUEST_URI"] . "," . $PHORUM["user"]["user_id"]; if (isset($PHORUM['cache_rss']) && !empty($PHORUM['cache_rss'])) { $cache = phorum_cache_get("feed", $cache_key); } if (!empty($cache)) { // extract the two members from cache list($data, $content_type) = $cache; } else { // if it wasn't in cache, we need to make it
/** * Build Email to send new comment to moderator. * Based on emailallposts module, and use it's admin settings. * * @param array $data */ public function mod_emailcomments($data) { $PHORUM = $GLOBALS["PHORUM"]; if (empty($PHORUM['mod_emailcomments']['addresses'][$data["forum_id"]])) { return; } $forum = phorum_db_get_forums($data["forum_id"]); $subject = "{$forum["$data[forum_id]"]["name"]} : {$_REQUEST['IdLanguage']} : {$_REQUEST['NrArticle']}"; $body = "Name/Email: " . stripslashes( $data["author"] ); $body .= "<br>Subject: " . stripslashes( $data["subject"] ); $body .= "<br>Comment:<br>" . $data['body']; $body .= "<br>------------------------------------------------------------------------------------------------ Admin Comments: <a href=\"http://{$_SERVER['HTTP_HOST']}/admin/comments/index.php?f_comment_screen=archive\">http://{$_SERVER['HTTP_HOST']}/admin/comments/index.php?f_comment_screen=archive</a> View Article: <a href=\"http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}\">http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}</a>"; $toAddress = array(); if ( !empty( $PHORUM["mod_emailcomments"]["email_to"] ) ) { array_push( $toAddress, $PHORUM["mod_emailcomments"]["email_to"] ); } if ( !empty( $PHORUM["mod_emailcomments"]["addresses"]["$data[forum_id]"] ) ) { array_push( $toAddress, $PHORUM["mod_emailcomments"]["addresses"]["$data[forum_id]"] ); } $from = $PHORUM["mod_emailcomments"]["from_addresses"]["$data[forum_id]"]; #$from = "\"".$PHORUM['system_email_from_name']."\" <".$PHORUM["mod_emailcomments"]["from_addresses"]["$data[forum_id]"].">"; $header = array("msgid" => $data["msgid"], "from" => $from); $this->mail_mime( $toAddress, $subject, $body, $header); }
$forum_list["0"] = "Use Default Forum Settings"; $forum_list["NULL"] = "None - I want to customize this forum's settings"; // Remove this Forum if ($forum_id > 0) { unset($forum_list[$forum_id]); } $dbforums = phorum_db_get_forums(); // remove forums that inherit foreach ($dbforums as $dbforum_id => $forum) { if ($forum["inherit_id"] !== NULL) { unset($forum_list[$dbforum_id]); } } // Check for Slaves if (intval($forum_id)) { $forum_inherit_settings = phorum_db_get_forums(false, false, false, intval($forum_id)); if (count($forum_inherit_settings) > 0) { $disabled_form_input_inherit = "disabled=\"disabled\""; } } // set to NULL if inherit is disabled if ($inherit_id == "" && $inherit_id !== 0) { $inherit_id = "NULL"; } $add_inherit_text = ""; if (!empty($disabled_form_input_inherit)) { $add_inherit_text = "<br />You can't inherit from another forum as these forums inherit from the current forum already:<br /><ul>\n"; foreach ($forum_inherit_settings as $set_id => $set_data) { $add_inherit_text .= "<li>" . $set_data['name'] . " ( Id: {$set_id} ) </li>\n"; } $add_inherit_text .= "</ul>\n";
/** * Add newflag info for the active Phorum user to a list of messages. * * In the message data for messages that should have the new flag enabled, * a field $msg["new"] is added. This field is initialized to the language * variable {LANG->newflag}. * * @param array $messages * An array of messages to process. * * @param integer $mode * The mode in which to add newflags. Possible values are: * {@link PHORUM_NEWFLAGS_BY_THREAD}, * {@link PHORUM_NEWFLAGS_BY_MESSAGE}, * {@link PHORUM_NEWFLAGS_BY_MESSAGE_EXSTICKY} * * @param boolean $fullcount * This parameter only acts on newflags that are processed by thread. * If it is set to a true value, then instead of checking if there * is any new message in a thread, the function will count how many * new messages are available exactly. This total count will be * put in the variable $msg["new_count"]. * * @return array $messages * The possibly modified array of messages. */ function phorum_api_newflags_format_messages($messages, $mode = PHORUM_NEWFLAGS_BY_MESSAGE, $fullcount = FALSE) { global $PHORUM; // No newflags for anonymous users. if (!$PHORUM['user']['user_id']) { return $messages; } // Fetch info about the available forums. $forums = phorum_db_get_forums(NULL, NULL, $PHORUM['vroot']); foreach ($messages as $id => $message) { // Do not handle newflags for moved message notifications. if ($message['move']) { continue; } // Find the info for the message's forum. $forum_id = $message['forum_id']; if (!isset($forums[$forum_id])) { continue; } $forum = $forums[$forum_id]; // Fetch the user's newflags for the message's forum. if (!isset($PHORUM['user']['newflags'][$forum_id])) { $newflags = phorum_api_newflags_by_forum($forum); } else { $newflags = $PHORUM['user']['newflags'][$forum_id]; } if (empty($newflags)) { continue; } $new = 0; if ($mode == PHORUM_NEWFLAGS_BY_THREAD || $mode == PHORUM_NEWFLAGS_BY_MESSAGE_EXSTICKY && $message['sort'] == PHORUM_SORT_STICKY) { // Is this really a thread starter message? if (empty($message['meta']['message_ids'])) { continue; } // Check for new messages in the thread. foreach ($message['meta']['message_ids'] as $mid) { if (!isset($newflags[$mid]) && $mid > $newflags['min_id']) { $new++; if (!$fullcount) { break; } } } } else { $mid = $message['message_id']; if (!isset($newflags[$mid]) && $mid > $newflags['min_id']) { $new++; } } // Add newflag information to the message if needed. if ($new) { $messages[$id]['new'] = $PHORUM['DATA']['LANG']['newflag']; if ($fullcount) { $messages[$id]['new_count'] = $new; } } } return $messages; }
$error="Database error while adding/updating folder."; } } if(empty($error)) { phorum_redirect_by_url($_SERVER['PHP_SELF']); exit(); } foreach($_POST as $key=>$value){ $$key=$value; } } elseif(defined("PHORUM_EDIT_FOLDER")) { $forum_settings = phorum_db_get_forums($_REQUEST["forum_id"]); extract($forum_settings[$_REQUEST["forum_id"]]); } if($error){ phorum_admin_error($error); } include_once "./include/admin/PhorumInputForm.php"; $frm = new PhorumInputForm ("", "post"); $folder_data=phorum_get_folder_info(); if(defined("PHORUM_EDIT_FOLDER")){
// the number of days to show if (isset($_POST['subdays']) && is_numeric($_POST['subdays'])) { $subdays = $_POST['subdays']; } elseif (isset($PHORUM['args']['subdays']) && !empty($PHORUM["args"]['subdays']) && is_numeric($PHORUM["args"]['subdays'])) { $subdays = $PHORUM['args']['subdays']; } else { $subdays = phorum_api_user_get_setting('cc_subscriptions_subdays'); } if ($subdays === NULL) { $subdays = 2; } $PHORUM['DATA']['SELECTED'] = $subdays; // Store current selection for the user. phorum_api_user_save_settings(array("cc_subscriptions_subdays" => $subdays)); // reading all forums for the current vroot $forums = phorum_db_get_forums(0, NULL, $PHORUM["vroot"]); // reading all subscriptions to messages in the current vroot. $forum_ids = array($PHORUM["vroot"]); foreach ($forums as $forum) { $forum_ids[] = $forum["forum_id"]; } $subscr_array = phorum_api_user_list_subscriptions($PHORUM['user']['user_id'], $subdays, $forum_ids); // storage for newflags $PHORUM['user']['newinfo'] = array(); // go through all subscriptions $subscr_array_final = array(); unset($subscr_array["forum_ids"]); foreach ($subscr_array as $id => $data) { $data['forum'] = $forums[$data['forum_id']]['name']; $data['raw_datestamp'] = $data["modifystamp"]; $data['datestamp'] = phorum_date($PHORUM["short_date_time"], $data["modifystamp"]);
foreach ($_POST as $key => $value) { ${$key} = $value; } $forum_settings = $_POST; if ($setvroot) { $vroot = $_POST["forum_id"]; } else { if ($_POST["forum_id"] != $oldfolder["vroot"]) { $vroot = $oldfolder["vroot"]; } else { $vroot = 0; } } $forum_settings["vroot"] = $vroot; } elseif (defined("PHORUM_EDIT_FOLDER")) { $forums = phorum_db_get_forums($_REQUEST["forum_id"]); $forum_settings = $forums[$_REQUEST["forum_id"]]; extract($forum_settings); } if ($error) { phorum_admin_error($error); } include_once "./include/admin/PhorumInputForm.php"; $frm = new PhorumInputForm("", "post"); $folder_data = phorum_get_folder_info(); if (defined("PHORUM_EDIT_FOLDER")) { $frm->hidden("module", "editfolder"); $frm->hidden("forum_id", $forum_id); $title = "Edit Folder"; $this_folder = $folder_data[$_REQUEST["forum_id"]]; foreach ($folder_data as $folder_id => $folder) {
$forums_to_check[] = $forum_id; } } } $folders[$PHORUM["forum_id"]] = $PHORUM["forum_id"]; } // loop the children and get their children. foreach ($forums as $key => $forum) { if ($forum["folder_flag"] && $forum["vroot"] == $PHORUM["vroot"]) { $folders[$key] = $forum["forum_id"]; $forums[$key]["URL"]["LIST"] = phorum_get_url(PHORUM_INDEX_URL, $forum["forum_id"]); $forums[$key]["level"] = 0; if (isset($more_forums) && $forum["forum_id"] == $PHORUM["forum_id"]) { $sub_forums = $more_forums; } else { $sub_forums = phorum_db_get_forums(0, $forum["forum_id"]); } foreach ($sub_forums as $sub_forum) { if (!$sub_forum["folder_flag"] || $sub_forum["folder_flag"] && $sub_forum["parent_id"] != $PHORUM['vroot']) { $folder_forums[$sub_forum["parent_id"]][] = $sub_forum; if ($PHORUM["show_new_on_index"] != 0 && $sub_forum["folder_flag"] == 0) { $forums_to_check[] = $sub_forum["forum_id"]; } } } } } if ($PHORUM["DATA"]["LOGGEDIN"] && !empty($forums_to_check)) { if ($PHORUM["show_new_on_index"] == 2) { $new_checks = phorum_db_newflag_check($forums_to_check); } elseif ($PHORUM["show_new_on_index"] == 1) {
$itemval = trim($user[$item['name']]); } $frm->addrow($item['name'], $itemval); } } phorum_hook("admin_users_form", $frm, $user); $frm->show(); echo "<br /><hr class=\"PhorumAdminHR\" /><br /><a name=\"forums\"></a>"; $frm = new PhorumInputForm("", "post", "Update"); $frm->hidden("user_id", $_REQUEST["user_id"]); $frm->hidden("module", "users"); $frm->hidden("section", "forums"); $frm->hidden("referrer", $referrer); $row = $frm->addbreak("Edit Forum Permissions"); $frm->addhelp($row, "Forum Permissions", "These are permissions set exclusively for this user. You need to grant all permisssions you want the user to have for a forum here. No permissions from groups or a forum's properties will be used once the user has specific permissions for a forum."); $forums = phorum_db_get_forums(); $forumpaths = phorum_get_forum_info(1); $perm_frm = $frm->checkbox("new_forum_permissions[" . PHORUM_USER_ALLOW_READ . "]", 1, "Read") . " " . $frm->checkbox("new_forum_permissions[" . PHORUM_USER_ALLOW_REPLY . "]", 1, "Reply") . " " . $frm->checkbox("new_forum_permissions[" . PHORUM_USER_ALLOW_NEW_TOPIC . "]", 1, "Create New Topics") . " " . $frm->checkbox("new_forum_permissions[" . PHORUM_USER_ALLOW_EDIT . "]", 1, "Edit Their Posts") . "<br />" . $frm->checkbox("new_forum_permissions[" . PHORUM_USER_ALLOW_ATTACH . "]", 1, "Attach Files") . "<br />" . $frm->checkbox("new_forum_permissions[" . PHORUM_USER_ALLOW_MODERATE_MESSAGES . "]", 1, "Moderate Messages") . " " . $frm->checkbox("new_forum_permissions[" . PHORUM_USER_ALLOW_MODERATE_USERS . "]", 1, "Moderate Users") . " "; $arr[] = "Add A Forum..."; foreach ($forumpaths as $forum_id => $forumname) { if (!isset($user["forum_permissions"][$forum_id]) && $forums[$forum_id]['folder_flag'] == 0) { $arr[$forum_id] = $forumname; } } if (count($arr) > 1) { $frm->addrow($frm->select_tag("new_forum", $arr), $perm_frm); } if (is_array($user["forum_permissions"])) { foreach ($user["forum_permissions"] as $forum_id => $perms) { $perm_frm = $frm->checkbox("forum_permissions[{$forum_id}][" . PHORUM_USER_ALLOW_READ . "]", 1, "Read", $perms & PHORUM_USER_ALLOW_READ) . " " . $frm->checkbox("forum_permissions[{$forum_id}][" . PHORUM_USER_ALLOW_REPLY . "]", 1, "Reply", $perms & PHORUM_USER_ALLOW_REPLY) . " " . $frm->checkbox("forum_permissions[{$forum_id}][" . PHORUM_USER_ALLOW_NEW_TOPIC . "]", 1, "Create New Topics", $perms & PHORUM_USER_ALLOW_NEW_TOPIC) . " " . $frm->checkbox("forum_permissions[{$forum_id}][" . PHORUM_USER_ALLOW_EDIT . "]", 1, "Edit Their Posts", $perms & PHORUM_USER_ALLOW_EDIT) . "<br />" . $frm->checkbox("forum_permissions[{$forum_id}][" . PHORUM_USER_ALLOW_ATTACH . "]", 1, "Attach Files", $perms & PHORUM_USER_ALLOW_ATTACH) . "<br />" . $frm->checkbox("forum_permissions[{$forum_id}][" . PHORUM_USER_ALLOW_MODERATE_MESSAGES . "]", 1, "Moderate Messages", $perms & PHORUM_USER_ALLOW_MODERATE_MESSAGES) . " " . $frm->checkbox("forum_permissions[{$forum_id}][" . PHORUM_USER_ALLOW_MODERATE_USERS . "]", 1, "Moderate Users", $perms & PHORUM_USER_ALLOW_MODERATE_USERS) . " " . $frm->hidden("forums[{$forum_id}]", $forum_id); $row = $frm->addrow($forumpaths[$forum_id] . "<br />" . $frm->checkbox("delforum[{$forum_id}]", 1, "Delete"), $perm_frm);
function phorum_check_upload_limits() { $PHORUM = $GLOBALS["PHORUM"]; // Keep track if uploads are used. $upload_used = false; // Get the maximum file upload size for PHP. $php_max_upload = phorum_php_max_upload(); // Get the maximum packet size for the database. // For determining the maximum allowed upload size, // we have to take packet overhead into account. $max_packetsize = phorum_db_maxpacketsize(); if ($max_packetsize == NULL) { $db_max_upload = $php_max_upload; } else { $db_max_upload = phorum_db_maxpacketsize() * 0.6; } // Check limits for file uploading in personal profile. if ($PHORUM["file_uploads"] && $PHORUM["max_file_size"]) { $upload_used = true; $res = phorum_single_check_upload_limits( $PHORUM["max_file_size"]*1024, "the Max File Size option for user file uploads " . "(in their profile)", $php_max_upload, $db_max_upload ); if ($res != NULL) return $res; } // Check limits for attachment uploading in forums. $forums = phorum_db_get_forums(); foreach ($forums as $id => $forum) { if ($forum["max_attachments"] > 0 && $forum["max_attachment_size"]) { $upload_used = true; $res = phorum_single_check_upload_limits( $forum["max_attachment_size"]*1024, "the Max File Size option for uploading attachments in the forum \"{$forum['name']}\"", $php_max_upload, $db_max_upload ); } } // No upload functionality found so far? Then we're done. if (! $upload_used) return array(PHORUM_SANITY_OK, NULL); // Check if the upload temp directory can be written. $tmpdir = get_cfg_var('upload_tmp_dir'); if (!empty($tmpdir)) { $fp = @fopen("$tmpdir/sanity_checks_dummy_uploadtmpfile", "w"); if (! $fp) return array( PHORUM_SANITY_CRIT, "The system is unable to write files to PHP's upload tmpdir \"".htmlspecialchars($tmpdir)."\". The system error was:<br/><br/>". htmlspecialchars($php_errormsg).".", "Change the upload_tmp_dir setting in your php.ini file or give your webserver more permissions for the current upload directory." ); } fclose($fp); unlink("$tmpdir/sanity_checks_dummy_uploadtmpfile"); return array(PHORUM_SANITY_OK, NULL); }