function show_message_row($thread, $parent_post) { global $g_logged_in_user; global $content; global $preview; $x1 = "Message:" . html_info() . post_warning(); $x2 = ""; if ($parent_post) { $x2 .= " reply to <a href=#" . $parent_post->id . ">Message ID " . $parent_post->id . "</a>:"; } $x2 .= "<form action=forum_reply.php?thread=" . $thread->id; if ($parent_post) { $x2 .= "&post=" . $parent_post->id; } $x2 .= " method=\"post\">\n"; $x2 .= form_tokens($g_logged_in_user->authenticator); $x2 .= "<textarea name=\"content\" rows=\"18\" cols=\"80\">"; $no_quote = get_int("no_quote", true) == 1; if ($preview) { $x2 .= htmlspecialchars($content); } else { if (!$no_quote) { if ($parent_post) { $x2 .= quote_text(htmlspecialchars($parent_post->content), 80) . "\n"; } } } if (!$g_logged_in_user->prefs->no_signature_by_default) { $enable_signature = "checked=\"true\""; } else { $enable_signature = ""; } $x2 .= "</textarea><p>\r\n\t\t<input type=\"submit\" name=\"preview\" value=\"" . tra("Preview") . "\">\r\n\t\t<input type=\"submit\" value=\"Post reply\">\r\n\t\t<input name=\"add_signature\" id=\"add_signature\" value=\"add_it\" " . $enable_signature . " type=\"checkbox\">\r\n\t\t<label for=\"add_signature\">Add my signature to this reply</label>\r\n\r\n\t\t</form>\r\n\t"; row2($x1, $x2); }
function show_message_row($thread, $parent_post) { global $logged_in_user, $bbcode_html; global $content, $preview; $x1 = tra("Message:") . html_info() . post_warning(); $x2 = ""; if ($parent_post) { $x2 .= " " . tra("reply to %1Message ID%2:", "<a href=#" . $parent_post->id . ">", " " . $parent_post->id . "</a>"); } $x2 .= "<form action=forum_reply.php?thread=" . $thread->id; if ($parent_post) { $x2 .= "&post=" . $parent_post->id; } $x2 .= " method=\"post\" name=\"post\" onsubmit=\"return checkForm(this)\">\n"; $x2 .= form_tokens($logged_in_user->authenticator); $x2 .= $bbcode_html . "<textarea name=\"content\" rows=\"18\" cols=\"80\">"; $no_quote = get_int("no_quote", true) == 1; if ($preview) { $x2 .= htmlspecialchars($content); } else { if (!$no_quote) { if ($parent_post) { $x2 .= quote_text(htmlspecialchars($parent_post->content)) . "\n"; } } } if (!$logged_in_user->prefs->no_signature_by_default) { $enable_signature = "checked=\"true\""; } else { $enable_signature = ""; } $x2 .= "</textarea><p>\n <input type=\"submit\" name=\"preview\" value=\"" . tra("Preview") . "\">\n <input type=\"submit\" value=\"" . tra("Post reply") . "\">\n \n <input type=\"checkbox\" name=\"add_signature\" id=\"add_signature\" value=\"add_it\" " . $enable_signature . ">\n <label for=\"add_signature\">" . tra("Add my signature to this reply") . "</label>\n\n </form>\n "; row2($x1, $x2); }
function show_message($group, $group_filter, $start, $msg, $search, $threaded) { global $PHP_SELF, $_COOKIE, $options; // print("<!-- show_message(group='$group', group_filter='$group_filter', " // ."start=$start, msg=$msg, search='$search', threaded=$threaded) -->\n"); // Figure out which messages to show... $stream = nntp_connect(); $matches = nntp_search($stream, $group, $search, $threaded); $count = count($matches); if ($msg[0] == ':') { // Lookup a specific message ID... $msg = (int) substr($msg, 1); for ($i = 0; $i < $count; $i++) { $fields = explode("\t", $matches[$i]); if ($msg == $fields[0]) { break; } } if ($i >= $count) { nntp_error("We were unable to show the requested message for the following " . "reason:", "The message number ({$msg}) is out of range.", $group); nntp_close($stream); return; } $msg = $i; } else { // Lookup index into search... if ($msg < 1 || $msg > $count) { nntp_error("We were unable to show the requested message for the following " . "reason:", "The message number is out of range.", $group); nntp_close($stream); return; } $fields = explode("\t", $matches[$msg - 1]); } // print("<!-- fields ="); // print_r($fields); // print("-->\n"); $msgnum = (int) $fields[0]; $subject = htmlspecialchars(eregi_replace("\\[[a-z]+\\.[a-z]+\\] ", "", $fields[1]), ENT_QUOTES); $author = sanitize_email($fields[2]); $date = format_date($fields[3]); if ($subject == "") { $subject = "(No Subject)"; } // Save last message read... $cookie = str_replace(".", "_", $group); if ($search == "" && (!array_key_exists($group, $_COOKIE) || (int) $_COOKIE[$cookie] < $msgnum)) { setcookie($cookie, $msgnum, time() + 90 * 86400, "/"); } $status = nntp_command($stream, "BODY {$msgnum}", 222); if ((int) $status != 222) { nntp_close($stream); nntp_error("We were unable to show the requested message for the following " . "reason:", $status, $group); return NULL; } $body = ""; while ($line = fgets($stream, 1024)) { $line = rtrim($line); if ($line == ".") { break; } $body = $body . $line . "\n"; } nntp_close($stream); $body = quote_text($body); nntp_header("{$subject}", array("All Forums" => "forums.php?g{$options}", "Back to {$group}" => "forums.php?g{$group}+s{$start}{$options}")); show_prevnext_msg($group, $group_filter, $start, $count, $msg, $threaded); html_start_table(array($subject, $author, $date), "", "", TRUE); html_start_row(); print "<td colspan='3'><tt>{$body}</tt><br />\n" . "[ <a href='{$PHP_SELF}?g{$group}+v:{$msgnum}'>Direct Link" . " to Message</a> ]</td>"; html_end_row(); html_end_table(); show_prevnext_msg($group, $group_filter, $start, $count, $msg, $threaded); html_footer(); }
/** * Send forgotten password * @param $email */ public function SendPassword($email) { global $objSettings; $lang = Application::Get('lang'); // deny all operations in demo version if (strtolower(SITE_MODE) == 'demo') { $this->error = _OPERATION_BLOCKED; return false; } if (!empty($email)) { if (check_email_address($email)) { if (!PASSWORDS_ENCRYPTION) { $sql = 'SELECT id, first_name, last_name, user_name, password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text(encode_text($email)) . ' AND is_active = 1'; } else { if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'aes') { $sql = 'SELECT id, first_name, last_name, user_name, AES_DECRYPT(password, ' . quote_text(PASSWORDS_ENCRYPT_KEY) . ') as password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text(encode_text($email)) . ' AND is_active = 1'; } else { if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'md5') { $sql = 'SELECT id, first_name, last_name, user_name, \'\' as password, preferred_language FROM ' . TABLE_ACCOUNTS . ' WHERE email = ' . quote_text($email) . ' AND is_active = 1'; } } } $temp = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY); if (is_array($temp) && count($temp) > 0) { ////////////////////////////////////////////////////////////////// if (!PASSWORDS_ENCRYPTION) { $password = $temp['password']; } else { if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'aes') { $password = $temp['password']; } else { if (strtolower(PASSWORDS_ENCRYPTION_TYPE) == 'md5') { $password = get_random_string(8); $sql = 'UPDATE ' . TABLE_ACCOUNTS . ' SET password = '******' WHERE id = ' . (int) $temp['id']; database_void_query($sql); } } } send_email($email, $objSettings->GetParameter('admin_email'), 'password_forgotten', array('{FIRST NAME}' => $temp['first_name'], '{LAST NAME}' => $temp['last_name'], '{USER NAME}' => $temp['user_name'], '{USER PASSWORD}' => $password, '{BASE URL}' => APPHP_BASE, '{WEB SITE}' => $_SERVER['SERVER_NAME'], '{YEAR}' => date('Y')), $temp['preferred_language']); ////////////////////////////////////////////////////////////////// return true; } else { $this->error = _EMAIL_NOT_EXISTS; return false; } } else { $this->error = _EMAIL_IS_WRONG; return false; } } else { $this->error = _EMAIL_EMPTY_ALERT; return false; } return true; }
function // O - Sanitized text sanitize_text($text) // I - Original text { $len = strlen($text); $word = ""; $qtext = ""; for ($i = 0; $i < $len; $i ++) { switch ($text[$i]) { case "\n" : if (!strncmp($word, "http://", 7) || !strncmp($word, "https://", 8) || !strncmp($word, "ftp://", 6)) $qtext .= "<a href='$word'>$word</a>"; else if (strchr($word, '@')) $qtext .= sanitize_email($word); else $qtext .= quote_text($word); $qtext .= "<br />"; $word = ""; break; case "\r" : break; case "\t" : case " " : if (!strncmp($word, "http://", 7) || !strncmp($word, "https://", 8) || !strncmp($word, "ftp://", 6)) $qtext .= "<a href='$word'>$word</a>"; else if (strchr($word, '@')) $qtext .= sanitize_email($word); else $qtext .= quote_text($word); if ($word) $qtext .= " "; else $qtext .= " "; $word = ""; break; default : $word .= $text[$i]; break; } } if (!strncmp($word, "http://", 7) || !strncmp($word, "https://", 8) || !strncmp($word, "ftp://", 6)) $qtext .= "<a href='$word'>$word</a>"; else if (strchr($word, '@')) $qtext .= sanitize_email($word); else $qtext .= quote_text($word); return ($qtext); }
} print "</table>\n"; } db_free($result); print "<p><b>Trouble Report Dialog:</b> " . "<a href='{$PHP_SELF}?T{$id}{$options}'>Post Text</a>" . "</p>\n"; $result = db_query("SELECT * FROM strtext WHERE " . "str_id = {$id}"); if (db_count($result) == 0) { print "<p><i>No text</i></p>\n"; } else { print "<table width='100%' border='0' cellpadding='5' " . "cellspacing='0'>\n" . "<tr class='header'><th>Name/Time/Date</th>" . "<th>Text</th></tr>\n"; $line = 0; while ($row = db_next($result)) { $date = date("M d, Y", $row['create_date']); $time = date("H:i", $row['create_date']); $email = sanitize_email($row['create_user']); $contents = quote_text($row['contents']); print "<tr class='data{$line}'>" . "<td align='center' valign='top'>{$email}<br>{$time} {$date}<br>" . "<form method='POST' action='{$PHP_SELF}?M{$id}{$options}'>" . "<input type='hidden' name='TEXT_ID' value='{$row['id']}'>"; if ($row['is_published']) { print "<input type='hidden' name='IS_PUBLISHED' value='0'>" . "<input type='submit' value='Hide'>"; } else { print "<input type='hidden' name='IS_PUBLISHED' value='1'>" . "<input type='submit' value='Show'>"; } print "</form></td>" . "<td valign='top'><tt>{$contents}</tt></td>" . "</tr>\n"; $line = 1 - $line; } print "</table>\n"; } db_free($result); html_footer(); } break;