public function main($action)
{
$this->user->add_lang_ext('alg/newpmajax', 'newpmajax');
//not allowed send PM for anonymous
if ($this->user->data['is_bot'] || $this->user->data['user_id'] == ANONYMOUS) {
$return_error['ERROR'][] = $this->user->lang['LOGIN_REQUIRED'];
$json_response = new \phpbb\json_response();
$json_response->send($return_error);
}
switch ($action) {
case 'add_to':
case 'add_bcc':
$this->add_sender($action);
break;
default:
$this->error[] = array('error' => $this->user->lang('NO_ACTION_MODE', E_USER_ERROR));
}
if (sizeof($this->error)) {
$return_error = array();
foreach ($this->error as $cur_error) {
// replace lang vars if possible
$return_error['ERROR'][] = isset($this->user->lang[$cur_error['error']]) ? $this->user->lang[$cur_error['error']] : $cur_error['error'];
}
$json_response = new \phpbb\json_response();
$json_response->send($return_error);
} else {
$json_response = new \phpbb\json_response();
$json_response->send($this->return);
}
}
/**
* Mentions controller accessed from the URL /mentions/user_list
*
* @return null
* @access public
*/
public function get_userlist()
{
// Send a JSON response if an AJAX request was used
if ($this->request->is_ajax()) {
// If we have a query_string, we just get those usernames
$query_string = $this->request->variable('term', '') ? $this->request->variable('term', '') : false;
$user_list = $this->mentions->get_userlist($query_string);
$user_list = array_values($user_list);
$json_response = new \phpbb\json_response();
$json_response->send($user_list);
}
}
/**
* Check if request is ajax and output quickedit if it is
*
* @param object $event The event object
* @return null
* @access public
*/
public function catch_ajax_requests($event)
{
// Parse page for quickedit window
if ($this->helper->is_catchable_request($event)) {
// Add hidden fields
$this->helper->add_hidden_fields($event);
// Update S_HIDDEN_FIELDS in page_data
$this->template->assign_vars(array_merge($event['page_data'], array('S_HIDDEN_FIELDS' => $event['s_hidden_fields'])));
$this->template->set_filenames(array('body' => '@marc_quickedit/quickedit_body.html'));
$json = new \phpbb\json_response();
$json->send(array('POST_ID' => $event['post_id'], 'MESSAGE' => $this->template->assign_display('body')));
}
}
public function like($post_id)
{
if ($this->user->data['user_type'] != 1 and $this->user->data['user_type'] != 2) {
$json_response = new \phpbb\json_response();
$user_id = $this->user->data['user_id'];
if ($post_id and $user_id) {
$this->db->sql_query("INSERT INTO " . $this->table_prefix . "post_likes (`post_id`, `user_id`)\n\t\t\t\t\tVALUES ('" . $post_id . "', '" . $user_id . "')");
$err = $this->db->get_sql_error_returned();
if ($err['code'] == 1062) {
$json_response->send(['status' => 'already liked']);
}
}
$json_response->send(['status' => 'ok', 'postId' => $post_id, 'message' => $this->getLikeMessage($this->request->variable('like_opt', 'opt2'))]);
}
}
public function move($action)
{
if ($action == 'drag_drop') {
if (!$this->request->is_ajax()) {
return;
}
$tablename = $this->request->variable('tablename', '');
$bbcodes_list = $this->request->variable($tablename, array(0 => ''));
foreach ($bbcodes_list as $order => $bbcode_id) {
if ($order == 0) {
continue;
}
$sql = 'UPDATE ' . BBCODES_TABLE . '
SET bbcode_order = ' . $order . '
WHERE bbcode_id = ' . (int) $bbcode_id;
$this->db->sql_query($sql);
}
$this->resynchronize_bbcode_order();
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => true));
} else {
$bbcode_id = $this->request->variable('id', 0);
if (!check_link_hash($this->request->variable('hash', ''), $action . $bbcode_id)) {
trigger_error($this->user->lang('FORM_INVALID'), E_USER_WARNING);
}
$sql = 'SELECT bbcode_order
FROM ' . BBCODES_TABLE . "\n\t\t\t\tWHERE bbcode_id = {$bbcode_id}";
$result = $this->db->sql_query($sql);
$current_order = (int) $this->db->sql_fetchfield('bbcode_order');
$this->db->sql_freeresult($result);
if ($current_order <= 1 && $action == 'move_up') {
return;
}
$order_total = $current_order * 2 + ($action == 'move_up' ? -1 : 1);
$sql = 'UPDATE ' . BBCODES_TABLE . '
SET bbcode_order = ' . $order_total . ' - bbcode_order
WHERE bbcode_order IN (' . $current_order . ', ' . ($action == 'move_up' ? $current_order - 1 : $current_order + 1) . ')';
$this->db->sql_query($sql);
$this->resynchronize_bbcode_order();
if ($this->request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => (bool) $this->db->sql_affectedrows()));
}
}
}
/**
* Display the page
*
* @access public
*/
public function find_dup()
{
$this->user->add_lang_ext('forumhulp/loginwithemail', 'info_acp_loginwithemail');
$sql = 'SELECT username, user_email FROM ' . USERS_TABLE . ' list
INNER JOIN (SELECT user_email_hash FROM ' . USERS_TABLE . ' WHERE user_type <> 2
GROUP BY user_email_hash HAVING count(user_email_hash) > 1) dup ON list.user_email_hash = dup.user_email_hash';
$result = $this->db->sql_query($sql);
$message = '';
while ($row = $this->db->sql_fetchrow($result)) {
$message .= $row['username'] . ' » ' . $row['user_email'] . '<br />';
}
if ($this->request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $this->user->lang['DUP_RECORDS_FOUND'], 'MESSAGE_TEXT' => $message));
} else {
trigger_error($message, E_USER_NOTICE);
}
}
public function main($action, $poster, $forum, $topic, $post)
{
$this->user->add_lang_ext('gfksx/ThanksForPosts', 'thanks_mod');
//not allowed like for anonymous
if ($this->user->data['is_bot'] || $this->user->data['user_id'] == ANONYMOUS) {
$return_error['ERROR'][] = $this->user->lang['LOGIN_REQUIRED'];
$json_response = new \phpbb\json_response();
$json_response->send($return_error);
}
// If the main extension is not installed, generate error
if (!is_null($this->gfksx_helper)) {
switch ($action) {
case 'thanks':
case 'rthanks':
$this->thanks_for_post($action, $poster, $forum, $topic, $post);
break;
case 'clear_thanks':
$this->clear_list_thanks($poster, $forum, $topic, $post);
break;
default:
$this->error[] = array('error' => $this->user->lang['INCORRECT_THANKS']);
}
} else {
$this->user->add_lang_ext('alg/AddonForThanksForPosts', 'addon_tfp');
$this->error[] = array('error' => 'MAIN_EXT_NOT_INSTALLED');
}
if (sizeof($this->error)) {
$return_error = array();
foreach ($this->error as $cur_error) {
// replace lang vars if possible
$return_error['ERROR'][] = isset($this->user->lang[$cur_error['error']]) ? $this->user->lang[$cur_error['error']] : $cur_error['error'];
}
$json_response = new \phpbb\json_response();
$json_response->send($return_error);
} else {
$json_response = new \phpbb\json_response();
$json_response->send($this->return);
}
}
public function base($action, $post)
{
switch ($action) {
case 'togle':
if ($this->user->data['user_type'] == 1 || $this->user->data['user_type'] == 2) {
die;
} else {
//get state for the like
$sql_array = array('SELECT' => 'pl.timestamp as timestamp, p.topic_id as topic_id, p.poster_id as poster, p.post_subject as post_subject', 'FROM' => array(POSTS_TABLE => 'p', $this->table_prefix . 'posts_likes' => 'pl'), 'WHERE' => 'pl.post_id = p.post_id AND pl.post_id = ' . $post . ' AND pl.user_id = ' . $this->user->data['user_id']);
$sql = $this->db->sql_build_query('SELECT', $sql_array);
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
if (!$row['timestamp']) {
//so we don't have record for this user loving this post ... give some love!
$sql = 'INSERT INTO ' . $this->table_prefix . 'posts_likes (post_id, user_id, type, timestamp) VALUES (' . $post . ', ' . $this->user->data['user_id'] . ', \'post\', ' . time() . ')';
$result = $this->db->sql_query($sql);
$this->db->sql_freeresult($result);
$sql = 'SELECT topic_id, poster_id, post_subject FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post;
$result = $this->db->sql_query($sql);
$row1 = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
$this->notifyhelper->notify('add', $row1['topic_id'], $post, $row1['post_subject'], $row1['poster_id'], $this->user->data['user_id']);
$json_response = new \phpbb\json_response();
$json_response->send(array('togle_action' => 'add', 'togle_post' => $post));
} else {
//so we have a record ... and the user don't love it anymore!
$sql = 'DELETE FROM ' . $this->table_prefix . 'posts_likes WHERE post_id = ' . $post . ' AND user_id = ' . $this->user->data['user_id'];
$result = $this->db->sql_query($sql);
$this->db->sql_freeresult($result);
$this->notifyhelper->notify('remove', $row['topic_id'], $post, $row['post_subject'], $row['poster'], $this->user->data['user_id']);
$json_response = new \phpbb\json_response();
$json_response->send(array('togle_action' => 'remove', 'togle_post' => $post));
}
}
break;
}
}
if (!$auth->acl_get('f_read', $forum_id)) {
$template->assign_vars(array('S_NO_READ_ACCESS' => true));
page_footer();
}
// Handle marking posts
if ($mark_read == 'topics') {
$token = $request->variable('hash', '');
if (check_link_hash($token, 'global')) {
markread('topics', array($forum_id), false, $request->variable('mark_time', 0));
}
$redirect_url = append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $forum_id);
meta_refresh(3, $redirect_url);
if ($request->is_ajax()) {
// Tell the ajax script what language vars and URL need to be replaced
$data = array('NO_UNREAD_POSTS' => $user->lang['NO_UNREAD_POSTS'], 'UNREAD_POSTS' => $user->lang['UNREAD_POSTS'], 'U_MARK_TOPICS' => $user->data['is_registered'] || $config['load_anon_lastread'] ? append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'hash=' . generate_link_hash('global') . "&f={$forum_id}&mark=topics&mark_time=" . time()) : '', 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['TOPICS_MARKED']);
$json_response = new \phpbb\json_response();
$json_response->send($data);
}
trigger_error($user->lang['TOPICS_MARKED'] . '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect_url . '">', '</a>'));
}
// Is a forum specific topic count required?
if ($forum_data['forum_topics_per_page']) {
$config['topics_per_page'] = $forum_data['forum_topics_per_page'];
}
// Do the forum Prune thang - cron type job ...
if (!$config['use_system_cron']) {
/* @var $cron \phpbb\cron\manager */
$cron = $phpbb_container->get('cron.manager');
$task = $cron->find_task('cron.task.core.prune_forum');
$task->set_forum_data($forum_data);
if ($task->is_ready()) {
public function manage_position()
{
global $config, $db, $template, $user, $request, $phpbb_container;
$this->tpl_name = 'acp_groups_position';
$this->page_title = 'ACP_GROUPS_POSITION';
$field = $request->variable('field', '');
$action = $request->variable('action', '');
$group_id = $request->variable('g', 0);
$teampage_id = $request->variable('t', 0);
$category_id = $request->variable('c', 0);
/** @var \phpbb\group\helper $group_helper */
$group_helper = $phpbb_container->get('group_helper');
if ($field && !in_array($field, array('legend', 'teampage'))) {
// Invalid mode
trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if ($field && in_array($field, array('legend', 'teampage'))) {
/* @var $group_position \phpbb\groupposition\groupposition_interface */
$group_position = $phpbb_container->get('groupposition.' . $field);
}
}
if ($field == 'teampage') {
try {
switch ($action) {
case 'add':
$group_position->add_group_teampage($group_id, $category_id);
break;
case 'add_category':
$group_position->add_category_teampage($request->variable('category_name', '', true));
break;
case 'delete':
$group_position->delete_teampage($teampage_id);
break;
case 'move_up':
$group_position->move_up_teampage($teampage_id);
break;
case 'move_down':
$group_position->move_down_teampage($teampage_id);
break;
}
} catch (\phpbb\groupposition\exception $exception) {
trigger_error($user->lang($exception->getMessage()) . adm_back_link($this->u_action), E_USER_WARNING);
}
} else {
if ($field == 'legend') {
try {
switch ($action) {
case 'add':
$group_position->add_group($group_id);
break;
case 'delete':
$group_position->delete_group($group_id);
break;
case 'move_up':
$group_position->move_up($group_id);
break;
case 'move_down':
$group_position->move_down($group_id);
break;
}
} catch (\phpbb\groupposition\exception $exception) {
trigger_error($user->lang($exception->getMessage()) . adm_back_link($this->u_action), E_USER_WARNING);
}
} else {
switch ($action) {
case 'set_config_teampage':
$config->set('teampage_forums', $request->variable('teampage_forums', 0));
$config->set('teampage_memberships', $request->variable('teampage_memberships', 0));
trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
break;
case 'set_config_legend':
$config->set('legend_sort_groupname', $request->variable('legend_sort_groupname', 0));
trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
break;
}
}
}
if (($action == 'move_up' || $action == 'move_down') && $request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => true));
}
$sql = 'SELECT group_id, group_name, group_colour, group_type, group_legend
FROM ' . GROUPS_TABLE . '
ORDER BY group_legend ASC, group_type DESC, group_name ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$group_name = $group_helper->get_name($row['group_name']);
if ($row['group_legend']) {
$template->assign_block_vars('legend', array('GROUP_NAME' => $group_name, 'GROUP_COLOUR' => $row['group_colour'] ? '#' . $row['group_colour'] : '', 'GROUP_TYPE' => $user->lang[\phpbb\groupposition\legend::group_type_language($row['group_type'])], 'U_MOVE_DOWN' => "{$this->u_action}&field=legend&action=move_down&g=" . $row['group_id'], 'U_MOVE_UP' => "{$this->u_action}&field=legend&action=move_up&g=" . $row['group_id'], 'U_DELETE' => "{$this->u_action}&field=legend&action=delete&g=" . $row['group_id']));
} else {
$template->assign_block_vars('add_legend', array('GROUP_ID' => (int) $row['group_id'], 'GROUP_NAME' => $group_name, 'GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL));
}
}
$db->sql_freeresult($result);
$category_url_param = $category_id ? '&c=' . $category_id : '';
$sql = 'SELECT t.*, g.group_name, g.group_colour, g.group_type
FROM ' . TEAMPAGE_TABLE . ' t
LEFT JOIN ' . GROUPS_TABLE . ' g
ON (t.group_id = g.group_id)
WHERE t.teampage_parent = ' . $category_id . '
OR t.teampage_id = ' . $category_id . '
ORDER BY t.teampage_position ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if ($row['teampage_id'] == $category_id) {
$template->assign_vars(array('CURRENT_CATEGORY_NAME' => $row['teampage_name']));
continue;
}
if ($row['group_id']) {
$group_name = $group_helper->get_name($row['group_name']);
$group_type = $user->lang[\phpbb\groupposition\teampage::group_type_language($row['group_type'])];
} else {
$group_name = $row['teampage_name'];
$group_type = '';
}
$template->assign_block_vars('teampage', array('GROUP_NAME' => $group_name, 'GROUP_COLOUR' => $row['group_colour'] ? '#' . $row['group_colour'] : '', 'GROUP_TYPE' => $group_type, 'U_CATEGORY' => !$row['group_id'] ? "{$this->u_action}&c=" . $row['teampage_id'] : '', 'U_MOVE_DOWN' => "{$this->u_action}&field=teampage&action=move_down{$category_url_param}&t=" . $row['teampage_id'], 'U_MOVE_UP' => "{$this->u_action}&field=teampage&action=move_up{$category_url_param}&t=" . $row['teampage_id'], 'U_DELETE' => "{$this->u_action}&field=teampage&action=delete{$category_url_param}&t=" . $row['teampage_id']));
}
$db->sql_freeresult($result);
$sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_type
FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . TEAMPAGE_TABLE . ' t
ON (t.group_id = g.group_id)
WHERE t.teampage_id IS NULL
ORDER BY g.group_type DESC, g.group_name ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$group_name = $group_helper->get_name($row['group_name']);
$template->assign_block_vars('add_teampage', array('GROUP_ID' => (int) $row['group_id'], 'GROUP_NAME' => $group_name, 'GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL));
}
$db->sql_freeresult($result);
$template->assign_vars(array('U_ACTION' => $this->u_action, 'U_ACTION_LEGEND' => $this->u_action . '&field=legend', 'U_ACTION_TEAMPAGE' => $this->u_action . '&field=teampage' . $category_url_param, 'U_ACTION_TEAMPAGE_CAT' => $this->u_action . '&field=teampage_cat', 'S_TEAMPAGE_CATEGORY' => $category_id, 'DISPLAY_FORUMS' => $config['teampage_forums'] ? true : false, 'DISPLAY_MEMBERSHIPS' => $config['teampage_memberships'], 'LEGEND_SORT_GROUPNAME' => $config['legend_sort_groupname'] ? true : false));
}
if ($mark_notification = $request->variable('mark_notification', 0)) {
if ($user->data['user_id'] == ANONYMOUS) {
if ($request->is_ajax()) {
trigger_error('LOGIN_REQUIRED');
}
login_box('', $user->lang['LOGIN_REQUIRED']);
}
if (check_link_hash($request->variable('hash', ''), 'mark_notification_read')) {
/* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
$notification = $phpbb_notifications->load_notifications(array('notification_id' => $mark_notification));
if (isset($notification['notifications'][$mark_notification])) {
$notification = $notification['notifications'][$mark_notification];
$notification->mark_read();
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => true));
}
if ($redirect = $request->variable('redirect', '')) {
redirect(append_sid($phpbb_root_path . $redirect));
}
redirect($notification->get_redirect_url());
}
}
}
display_forums('', $config['load_moderators']);
$order_legend = $config['legend_sort_groupname'] ? 'group_name' : 'group_legend';
// Grab group details for legend display
if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) {
$sql = 'SELECT group_id, group_name, group_colour, group_type, group_legend
FROM ' . GROUPS_TABLE . '
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
global $request, $phpbb_container, $phpbb_dispatcher;
if (!function_exists('generate_smilies')) {
include $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
}
if (!function_exists('user_get_id_name')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
$user->add_lang(array('ucp', 'acp/profile'));
$this->tpl_name = 'acp_profile';
$this->page_title = 'ACP_CUSTOM_PROFILE_FIELDS';
$field_id = $request->variable('field_id', 0);
$action = isset($_POST['create']) ? 'create' : request_var('action', '');
$error = array();
$s_hidden_fields = '';
if (!$field_id && in_array($action, array('delete', 'activate', 'deactivate', 'move_up', 'move_down', 'edit'))) {
trigger_error($user->lang['NO_FIELD_ID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$cp = $phpbb_container->get('profilefields.manager');
$this->type_collection = $phpbb_container->get('profilefields.type_collection');
// Build Language array
// Based on this, we decide which elements need to be edited later and which language items are missing
$this->lang_defs = array();
$sql = 'SELECT lang_id, lang_iso
FROM ' . LANG_TABLE . '
ORDER BY lang_english_name';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
// Make some arrays with all available languages
$this->lang_defs['id'][$row['lang_id']] = $row['lang_iso'];
$this->lang_defs['iso'][$row['lang_iso']] = $row['lang_id'];
}
$db->sql_freeresult($result);
$sql = 'SELECT field_id, lang_id
FROM ' . PROFILE_LANG_TABLE . '
ORDER BY lang_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
// Which languages are available for each item
$this->lang_defs['entry'][$row['field_id']][] = $row['lang_id'];
}
$db->sql_freeresult($result);
// Have some fields been defined?
if (isset($this->lang_defs['entry'])) {
foreach ($this->lang_defs['entry'] as $field_ident => $field_ary) {
// Fill an array with the languages that are missing for each field
$this->lang_defs['diff'][$field_ident] = array_diff(array_values($this->lang_defs['iso']), $field_ary);
}
}
switch ($action) {
case 'delete':
if (confirm_box(true)) {
$sql = 'SELECT field_ident
FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\tWHERE field_id = {$field_id}";
$result = $db->sql_query($sql);
$field_ident = (string) $db->sql_fetchfield('field_ident');
$db->sql_freeresult($result);
$db->sql_transaction('begin');
$db->sql_query('DELETE FROM ' . PROFILE_FIELDS_TABLE . " WHERE field_id = {$field_id}");
$db->sql_query('DELETE FROM ' . PROFILE_FIELDS_LANG_TABLE . " WHERE field_id = {$field_id}");
$db->sql_query('DELETE FROM ' . PROFILE_LANG_TABLE . " WHERE field_id = {$field_id}");
$db_tools = $phpbb_container->get('dbal.tools');
$db_tools->sql_column_remove(PROFILE_FIELDS_DATA_TABLE, 'pf_' . $field_ident);
$order = 0;
$sql = 'SELECT *
FROM ' . PROFILE_FIELDS_TABLE . '
ORDER BY field_order';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$order++;
if ($row['field_order'] != $order) {
$sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\t\t\tSET field_order = {$order}\n\t\t\t\t\t\t\t\tWHERE field_id = {$row['field_id']}";
$db->sql_query($sql);
}
}
$db->sql_freeresult($result);
$db->sql_transaction('commit');
add_log('admin', 'LOG_PROFILE_FIELD_REMOVED', $field_ident);
trigger_error($user->lang['REMOVED_PROFILE_FIELD'] . adm_back_link($this->u_action));
} else {
confirm_box(false, 'DELETE_PROFILE_FIELD', build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'field_id' => $field_id)));
}
break;
case 'activate':
$sql = 'SELECT lang_id
FROM ' . LANG_TABLE . "\n\t\t\t\t\tWHERE lang_iso = '" . $db->sql_escape($config['default_lang']) . "'";
$result = $db->sql_query($sql);
$default_lang_id = (int) $db->sql_fetchfield('lang_id');
$db->sql_freeresult($result);
if (!in_array($default_lang_id, $this->lang_defs['entry'][$field_id])) {
trigger_error($user->lang['DEFAULT_LANGUAGE_NOT_FILLED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_active = 1\n\t\t\t\t\tWHERE field_id = {$field_id}";
$db->sql_query($sql);
$sql = 'SELECT field_ident
FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}";
$result = $db->sql_query($sql);
$field_ident = (string) $db->sql_fetchfield('field_ident');
$db->sql_freeresult($result);
add_log('admin', 'LOG_PROFILE_FIELD_ACTIVATE', $field_ident);
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('text' => $user->lang('DEACTIVATE')));
}
trigger_error($user->lang['PROFILE_FIELD_ACTIVATED'] . adm_back_link($this->u_action));
break;
case 'deactivate':
$sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_active = 0\n\t\t\t\t\tWHERE field_id = {$field_id}";
$db->sql_query($sql);
$sql = 'SELECT field_ident
FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}";
$result = $db->sql_query($sql);
$field_ident = (string) $db->sql_fetchfield('field_ident');
$db->sql_freeresult($result);
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('text' => $user->lang('ACTIVATE')));
}
add_log('admin', 'LOG_PROFILE_FIELD_DEACTIVATE', $field_ident);
trigger_error($user->lang['PROFILE_FIELD_DEACTIVATED'] . adm_back_link($this->u_action));
break;
case 'move_up':
case 'move_down':
$sql = 'SELECT field_order
FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}";
$result = $db->sql_query($sql);
$field_order = $db->sql_fetchfield('field_order');
$db->sql_freeresult($result);
if ($field_order === false || $field_order == 0 && $action == 'move_up') {
break;
}
$field_order = (int) $field_order;
$order_total = $field_order * 2 + ($action == 'move_up' ? -1 : 1);
$sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_order = {$order_total} - field_order\n\t\t\t\t\tWHERE field_order IN ({$field_order}, " . ($action == 'move_up' ? $field_order - 1 : $field_order + 1) . ')';
$db->sql_query($sql);
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => (bool) $db->sql_affectedrows()));
}
break;
case 'create':
case 'edit':
$step = request_var('step', 1);
$submit = isset($_REQUEST['next']) || isset($_REQUEST['prev']) ? true : false;
$save = isset($_REQUEST['save']) ? true : false;
// The language id of default language
$this->edit_lang_id = $this->lang_defs['iso'][$config['default_lang']];
// We are editing... we need to grab basic things
if ($action == 'edit') {
$sql = 'SELECT l.*, f.*
FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f
WHERE l.lang_id = ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND f.field_id = {$field_id}\n\t\t\t\t\t\t\tAND l.field_id = f.field_id";
$result = $db->sql_query($sql);
$field_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$field_row) {
// Some admin changed the default language?
$sql = 'SELECT l.*, f.*
FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f
WHERE l.lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND f.field_id = {$field_id}\n\t\t\t\t\t\t\tAND l.field_id = f.field_id";
$result = $db->sql_query($sql);
$field_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$field_row) {
trigger_error($user->lang['FIELD_NOT_FOUND'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$this->edit_lang_id = $field_row['lang_id'];
}
$field_type = $field_row['field_type'];
$profile_field = $this->type_collection[$field_type];
// Get language entries
$sql = 'SELECT *
FROM ' . PROFILE_FIELDS_LANG_TABLE . '
WHERE lang_id = ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY option_id ASC";
$result = $db->sql_query($sql);
$lang_options = array();
while ($row = $db->sql_fetchrow($result)) {
$lang_options[$row['option_id']] = $row['lang_value'];
}
$db->sql_freeresult($result);
$s_hidden_fields = '<input type="hidden" name="field_id" value="' . $field_id . '" />';
} else {
// We are adding a new field, define basic params
$lang_options = $field_row = array();
$field_type = request_var('field_type', '');
if (!isset($this->type_collection[$field_type])) {
trigger_error($user->lang['NO_FIELD_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$profile_field = $this->type_collection[$field_type];
$field_row = array_merge($profile_field->get_default_option_values(), array('field_ident' => str_replace(' ', '_', utf8_clean_string(request_var('field_ident', '', true))), 'field_required' => 0, 'field_show_novalue' => 0, 'field_hide' => 0, 'field_show_profile' => 0, 'field_no_view' => 0, 'field_show_on_reg' => 0, 'field_show_on_pm' => 0, 'field_show_on_vt' => 0, 'field_show_on_ml' => 0, 'field_is_contact' => 0, 'field_contact_desc' => '', 'field_contact_url' => '', 'lang_name' => utf8_normalize_nfc(request_var('field_ident', '', true)), 'lang_explain' => '', 'lang_default_value' => ''));
$s_hidden_fields = '<input type="hidden" name="field_type" value="' . $field_type . '" />';
}
// $exclude contains the data we gather in each step
$exclude = array(1 => array('field_ident', 'lang_name', 'lang_explain', 'field_option_none', 'field_show_on_reg', 'field_show_on_pm', 'field_show_on_vt', 'field_show_on_ml', 'field_required', 'field_show_novalue', 'field_hide', 'field_show_profile', 'field_no_view', 'field_is_contact', 'field_contact_desc', 'field_contact_url'), 2 => array('field_length', 'field_maxlen', 'field_minlen', 'field_validation', 'field_novalue', 'field_default_value'), 3 => array('l_lang_name', 'l_lang_explain', 'l_lang_default_value', 'l_lang_options'));
// Visibility Options...
$visibility_ary = array('field_required', 'field_show_novalue', 'field_show_on_reg', 'field_show_on_pm', 'field_show_on_vt', 'field_show_on_ml', 'field_show_profile', 'field_hide', 'field_is_contact');
/**
* Event to add initialization for new profile field table fields
*
* @event core.acp_profile_create_edit_init
* @var string action create|edit
* @var int step Configuration step (1|2|3)
* @var bool submit Form has been submitted
* @var bool save Configuration should be saved
* @var string field_type Type of the field we are dealing with
* @var array field_row Array of data about the field
* @var array exclude Array of excluded fields by step
* @var array visibility_ary Array of fields that are visibility related
* @since 3.1.6-RC1
*/
$vars = array('action', 'step', 'submit', 'save', 'field_type', 'field_row', 'exclude', 'visibility_ary');
extract($phpbb_dispatcher->trigger_event('core.acp_profile_create_edit_init', compact($vars)));
$options = $profile_field->prepare_options_form($exclude, $visibility_ary);
$cp->vars['field_ident'] = $action == 'create' && $step == 1 ? utf8_clean_string(request_var('field_ident', $field_row['field_ident'], true)) : request_var('field_ident', $field_row['field_ident']);
$cp->vars['lang_name'] = $request->variable('lang_name', $field_row['lang_name'], true);
$cp->vars['lang_explain'] = $request->variable('lang_explain', $field_row['lang_explain'], true);
$cp->vars['lang_default_value'] = $request->variable('lang_default_value', $field_row['lang_default_value'], true);
$cp->vars['field_contact_desc'] = $request->variable('field_contact_desc', $field_row['field_contact_desc'], true);
$cp->vars['field_contact_url'] = $request->variable('field_contact_url', $field_row['field_contact_url'], true);
foreach ($visibility_ary as $val) {
$cp->vars[$val] = $submit || $save ? $request->variable($val, 0) : $field_row[$val];
}
$cp->vars['field_no_view'] = $request->variable('field_no_view', (int) $field_row['field_no_view']);
// If the user has submitted a form with options (i.e. dropdown field)
if ($options) {
$exploded_options = is_array($options) ? $options : explode("\n", $options);
if (sizeof($exploded_options) == sizeof($lang_options) || $action == 'create') {
// The number of options in the field is equal to the number of options already in the database
// Or we are creating a new dropdown list.
$cp->vars['lang_options'] = $exploded_options;
} else {
if ($action == 'edit') {
// Changing the number of options? (We remove and re-create the option fields)
$cp->vars['lang_options'] = $exploded_options;
}
}
} else {
$cp->vars['lang_options'] = $lang_options;
}
// step 2
foreach ($exclude[2] as $key) {
$var = utf8_normalize_nfc(request_var($key, $field_row[$key], true));
$field_data = $cp->vars;
$var = $profile_field->get_excluded_options($key, $action, $var, $field_data, 2);
$cp->vars = $field_data;
$cp->vars[$key] = $var;
}
// step 3 - all arrays
if ($action == 'edit') {
// Get language entries
$sql = 'SELECT *
FROM ' . PROFILE_FIELDS_LANG_TABLE . '
WHERE lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY option_id ASC";
$result = $db->sql_query($sql);
$l_lang_options = array();
while ($row = $db->sql_fetchrow($result)) {
$l_lang_options[$row['lang_id']][$row['option_id']] = $row['lang_value'];
}
$db->sql_freeresult($result);
$sql = 'SELECT lang_id, lang_name, lang_explain, lang_default_value
FROM ' . PROFILE_LANG_TABLE . '
WHERE lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY lang_id ASC";
$result = $db->sql_query($sql);
$l_lang_name = $l_lang_explain = $l_lang_default_value = array();
while ($row = $db->sql_fetchrow($result)) {
$l_lang_name[$row['lang_id']] = $row['lang_name'];
$l_lang_explain[$row['lang_id']] = $row['lang_explain'];
$l_lang_default_value[$row['lang_id']] = $row['lang_default_value'];
}
$db->sql_freeresult($result);
}
foreach ($exclude[3] as $key) {
$cp->vars[$key] = utf8_normalize_nfc(request_var($key, array(0 => ''), true));
if (!$cp->vars[$key] && $action == 'edit') {
$cp->vars[$key] = ${$key};
}
$field_data = $cp->vars;
$var = $profile_field->get_excluded_options($key, $action, $var, $field_data, 3);
$cp->vars = $field_data;
}
// Check for general issues in every step
if ($submit) {
// Check values for step 1
if ($cp->vars['field_ident'] == '') {
$error[] = $user->lang['EMPTY_FIELD_IDENT'];
}
if (!preg_match('/^[a-z_]+$/', $cp->vars['field_ident'])) {
$error[] = $user->lang['INVALID_CHARS_FIELD_IDENT'];
}
if (strlen($cp->vars['field_ident']) > 17) {
$error[] = $user->lang['INVALID_FIELD_IDENT_LEN'];
}
if ($cp->vars['lang_name'] == '') {
$error[] = $user->lang['EMPTY_USER_FIELD_NAME'];
}
$error = $profile_field->validate_options_on_submit($error, $cp->vars);
// Check for already existing field ident
if ($action != 'edit') {
$sql = 'SELECT field_ident
FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\t\tWHERE field_ident = '" . $db->sql_escape($cp->vars['field_ident']) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
$error[] = $user->lang['FIELD_IDENT_ALREADY_EXIST'];
}
}
}
if (sizeof($error)) {
$submit = false;
} else {
$step = isset($_REQUEST['next']) ? $step + 1 : (isset($_REQUEST['prev']) ? $step - 1 : $step);
}
// Build up the specific hidden fields
foreach ($exclude as $num => $key_ary) {
if ($num == $step) {
continue;
}
$_new_key_ary = array();
$field_data = $cp->vars;
foreach ($key_ary as $key) {
$var = $profile_field->prepare_hidden_fields($step, $key, $action, $field_data);
if ($var !== null) {
$_new_key_ary[$key] = $var;
}
}
$cp->vars = $field_data;
$s_hidden_fields .= build_hidden_fields($_new_key_ary);
}
if (!sizeof($error)) {
if ($step == 3 && (sizeof($this->lang_defs['iso']) == 1 || $save) || $action == 'edit' && $save) {
$this->save_profile_field($cp, $field_type, $action);
}
}
$template->assign_vars(array('S_EDIT' => true, 'S_EDIT_MODE' => $action == 'edit' ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'L_TITLE' => $user->lang['STEP_' . $step . '_TITLE_' . strtoupper($action)], 'L_EXPLAIN' => $user->lang['STEP_' . $step . '_EXPLAIN_' . strtoupper($action)], 'U_ACTION' => $this->u_action . "&action={$action}&step={$step}", 'U_BACK' => $this->u_action));
// Now go through the steps
switch ($step) {
// Create basic options - only small differences between field types
case 1:
$template_vars = array('S_STEP_ONE' => true, 'S_FIELD_REQUIRED' => $cp->vars['field_required'] ? true : false, 'S_FIELD_SHOW_NOVALUE' => $cp->vars['field_show_novalue'] ? true : false, 'S_SHOW_ON_REG' => $cp->vars['field_show_on_reg'] ? true : false, 'S_SHOW_ON_PM' => $cp->vars['field_show_on_pm'] ? true : false, 'S_SHOW_ON_VT' => $cp->vars['field_show_on_vt'] ? true : false, 'S_SHOW_ON_MEMBERLIST' => $cp->vars['field_show_on_ml'] ? true : false, 'S_FIELD_HIDE' => $cp->vars['field_hide'] ? true : false, 'S_SHOW_PROFILE' => $cp->vars['field_show_profile'] ? true : false, 'S_FIELD_NO_VIEW' => $cp->vars['field_no_view'] ? true : false, 'S_FIELD_CONTACT' => $cp->vars['field_is_contact'], 'FIELD_CONTACT_DESC' => $cp->vars['field_contact_desc'], 'FIELD_CONTACT_URL' => $cp->vars['field_contact_url'], 'L_LANG_SPECIFIC' => sprintf($user->lang['LANG_SPECIFIC_OPTIONS'], $config['default_lang']), 'FIELD_TYPE' => $profile_field->get_name(), 'FIELD_IDENT' => $cp->vars['field_ident'], 'LANG_NAME' => $cp->vars['lang_name'], 'LANG_EXPLAIN' => $cp->vars['lang_explain']);
$field_data = $cp->vars;
$profile_field->display_options($template_vars, $field_data);
$cp->vars = $field_data;
// Build common create options
$template->assign_vars($template_vars);
break;
case 2:
$template->assign_vars(array('S_STEP_TWO' => true, 'L_NEXT_STEP' => sizeof($this->lang_defs['iso']) == 1 ? $user->lang['SAVE'] : $user->lang['PROFILE_LANG_OPTIONS']));
// Build options based on profile type
$options = $profile_field->get_options($this->lang_defs['iso'][$config['default_lang']], $cp->vars);
foreach ($options as $num => $option_ary) {
$template->assign_block_vars('option', $option_ary);
}
break;
// Define remaining language variables
// Define remaining language variables
case 3:
$template->assign_var('S_STEP_THREE', true);
$options = $this->build_language_options($cp, $field_type, $action);
foreach ($options as $lang_id => $lang_ary) {
$template->assign_block_vars('options', array('LANGUAGE' => sprintf($user->lang[($lang_id == $this->edit_lang_id ? 'DEFAULT_' : '') . 'ISO_LANGUAGE'], $lang_ary['lang_iso'])));
foreach ($lang_ary['fields'] as $field_ident => $field_ary) {
$template->assign_block_vars('options.field', array('L_TITLE' => $field_ary['TITLE'], 'L_EXPLAIN' => isset($field_ary['EXPLAIN']) ? $field_ary['EXPLAIN'] : '', 'FIELD' => $field_ary['FIELD']));
}
}
break;
}
$field_data = $cp->vars;
/**
* Event to add template variables for new profile field table fields
*
* @event core.acp_profile_create_edit_after
* @var string action create|edit
* @var int step Configuration step (1|2|3)
* @var bool submit Form has been submitted
* @var bool save Configuration should be saved
* @var string field_type Type of the field we are dealing with
* @var array field_data Array of data about the field
* @var array s_hidden_fields Array of hidden fields in case this needs modification
* @var array options Array of options specific to this step
* @since 3.1.6-RC1
*/
$vars = array('action', 'step', 'submit', 'save', 'field_type', 'field_data', 's_hidden_fields', 'options');
extract($phpbb_dispatcher->trigger_event('core.acp_profile_create_edit_after', compact($vars)));
$template->assign_vars(array('S_HIDDEN_FIELDS' => $s_hidden_fields));
return;
break;
}
$sql = 'SELECT *
FROM ' . PROFILE_FIELDS_TABLE . '
ORDER BY field_order';
$result = $db->sql_query($sql);
$s_one_need_edit = false;
while ($row = $db->sql_fetchrow($result)) {
$active_lang = !$row['field_active'] ? 'ACTIVATE' : 'DEACTIVATE';
$active_value = !$row['field_active'] ? 'activate' : 'deactivate';
$id = $row['field_id'];
$s_need_edit = sizeof($this->lang_defs['diff'][$row['field_id']]) ? true : false;
if ($s_need_edit) {
$s_one_need_edit = true;
}
$profile_field = $this->type_collection[$row['field_type']];
$template->assign_block_vars('fields', array('FIELD_IDENT' => $row['field_ident'], 'FIELD_TYPE' => $profile_field->get_name(), 'L_ACTIVATE_DEACTIVATE' => $user->lang[$active_lang], 'U_ACTIVATE_DEACTIVATE' => $this->u_action . "&action={$active_value}&field_id={$id}", 'U_EDIT' => $this->u_action . "&action=edit&field_id={$id}", 'U_TRANSLATE' => $this->u_action . "&action=edit&field_id={$id}&step=3", 'U_DELETE' => $this->u_action . "&action=delete&field_id={$id}", 'U_MOVE_UP' => $this->u_action . "&action=move_up&field_id={$id}", 'U_MOVE_DOWN' => $this->u_action . "&action=move_down&field_id={$id}", 'S_NEED_EDIT' => $s_need_edit));
}
$db->sql_freeresult($result);
// At least one option field needs editing?
if ($s_one_need_edit) {
$template->assign_var('S_NEED_EDIT', true);
}
$s_select_type = '';
foreach ($this->type_collection as $key => $profile_field) {
$s_select_type .= '<option value="' . $key . '">' . $profile_field->get_name() . '</option>';
}
$template->assign_vars(array('U_ACTION' => $this->u_action, 'S_TYPE_OPTIONS' => $s_select_type));
}
public function main($id, $mode)
{
global $config, $template, $user, $request, $phpbb_container;
global $phpbb_root_path, $phpEx;
add_form_key('ucp_notification');
$start = $request->variable('start', 0);
$form_time = $request->variable('form_time', 0);
$form_time = $form_time <= 0 || $form_time > time() ? time() : $form_time;
/* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
switch ($mode) {
case 'notification_options':
$subscriptions = $phpbb_notifications->get_global_subscriptions(false);
// Add/remove subscriptions
if ($request->is_set_post('submit')) {
if (!check_form_key('ucp_notification')) {
trigger_error('FORM_INVALID');
}
$notification_methods = $phpbb_notifications->get_subscription_methods();
foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types) {
foreach ($subscription_types as $type => $data) {
foreach ($notification_methods as $method => $method_data) {
if ($request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && (!isset($subscriptions[$type]) || !in_array($method_data['id'], $subscriptions[$type]))) {
$phpbb_notifications->add_subscription($type, 0, $method_data['id']);
} else {
if (!$request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && isset($subscriptions[$type]) && in_array($method_data['id'], $subscriptions[$type])) {
$phpbb_notifications->delete_subscription($type, 0, $method_data['id']);
}
}
}
if ($request->is_set_post(str_replace('.', '_', $type) . '_notification') && !isset($subscriptions[$type])) {
$phpbb_notifications->add_subscription($type);
} else {
if (!$request->is_set_post(str_replace('.', '_', $type) . '_notification') && isset($subscriptions[$type])) {
$phpbb_notifications->delete_subscription($type);
}
}
}
}
meta_refresh(3, $this->u_action);
$message = $user->lang['PREFERENCES_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
trigger_error($message);
}
$this->output_notification_methods($phpbb_notifications, $template, $user, 'notification_methods');
$this->output_notification_types($subscriptions, $phpbb_notifications, $template, $user, 'notification_types');
$this->tpl_name = 'ucp_notifications';
$this->page_title = 'UCP_NOTIFICATION_OPTIONS';
break;
case 'notification_list':
default:
// Mark all items read
if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_notifications_read')) {
$phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time);
meta_refresh(3, $this->u_action);
$message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS'];
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'success' => true));
}
$message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>');
trigger_error($message);
}
// Mark specific notifications read
if ($request->is_set_post('submit')) {
if (!check_form_key('ucp_notification')) {
trigger_error('FORM_INVALID');
}
$mark_read = $request->variable('mark', array(0));
if (!empty($mark_read)) {
$phpbb_notifications->mark_notifications_read_by_id($mark_read, $form_time);
}
}
$notifications = $phpbb_notifications->load_notifications(array('start' => $start, 'limit' => $config['topics_per_page'], 'count_total' => true));
foreach ($notifications['notifications'] as $notification) {
$template->assign_block_vars('notification_list', $notification->prepare_for_display());
}
$base_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i=ucp_notifications&mode=notification_list");
$start = $pagination->validate_start($start, $config['topics_per_page'], $notifications['total_count']);
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $notifications['total_count'], $config['topics_per_page'], $start);
$template->assign_vars(array('TOTAL_COUNT' => $notifications['total_count'], 'U_MARK_ALL' => $base_url . '&mark=all&token=' . generate_link_hash('mark_all_notifications_read')));
$this->tpl_name = 'ucp_notifications';
$this->page_title = 'UCP_NOTIFICATION_LIST';
break;
}
$template->assign_vars(array('TITLE' => $user->lang($this->page_title), 'TITLE_EXPLAIN' => $user->lang($this->page_title . '_EXPLAIN'), 'MODE' => $mode, 'FORM_TIME' => time()));
}
private function report_feedback_action($request, $user)
{
$id = $request->variable('id', 0);
$user_id = (int) $user->data['user_id'];
// check that this is ajax request and that the user reporting the feedback is the recipient of the feedback
if ($request->is_ajax() && $user_id == $this->manager->getFeedbackRecipientID($id)) {
$reason = $request->variable('reason', '');
confirm_box(false, $user->lang['REPORT_DESC'], '', 'report_feedback_form.html', "trader/view-feedback/?action=report&id=" . $id);
if (confirm_box(true)) {
// REPORT the feedback
$this->manager->report_feedback($id, $reason);
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['REPORT_SUCCESS'], 'REFRESH_DATA' => array('time' => 3)));
}
}
} else {
// redirect to previous page if report is cancelled, or front page if no referrer
redirect($request->header('referer', './index.php'));
}
}
function main($id, $mode)
{
global $db, $user, $auth, $template, $cache;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
global $request, $phpbb_log;
$user->add_lang(array('mcp', 'acp/posting'));
// Set up general vars
$action = $request->variable('action', '');
$submit = isset($_POST['submit']) ? true : false;
$reason_id = $request->variable('id', 0);
$this->tpl_name = 'acp_reasons';
$this->page_title = 'ACP_REASONS';
$form_name = 'acp_reason';
add_form_key('acp_reason');
$error = array();
switch ($action) {
case 'add':
case 'edit':
$reason_row = array('reason_title' => $request->variable('reason_title', '', true), 'reason_description' => $request->variable('reason_description', '', true));
if ($submit) {
if (!check_form_key($form_name)) {
$error[] = $user->lang['FORM_INVALID'];
}
// Reason specified?
if (!$reason_row['reason_title'] || !$reason_row['reason_description']) {
$error[] = $user->lang['NO_REASON_INFO'];
}
$check_double = $action == 'add' ? true : false;
if ($action == 'edit') {
$sql = 'SELECT reason_title
FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (strtolower($row['reason_title']) == 'other' || strtolower($reason_row['reason_title']) == 'other') {
$reason_row['reason_title'] = 'other';
}
if ($row['reason_title'] != $reason_row['reason_title']) {
$check_double = true;
}
}
// Check for same reason if adding it...
if ($check_double) {
$sql = 'SELECT reason_id
FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\t\tWHERE reason_title = '" . $db->sql_escape($reason_row['reason_title']) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row || $action == 'add' && strtolower($reason_row['reason_title']) == 'other') {
$error[] = $user->lang['REASON_ALREADY_EXIST'];
}
}
if (!sizeof($error)) {
// New reason?
if ($action == 'add') {
// Get new order...
$sql = 'SELECT MAX(reason_order) as max_reason_order
FROM ' . REPORTS_REASONS_TABLE;
$result = $db->sql_query($sql);
$max_order = (int) $db->sql_fetchfield('max_reason_order');
$db->sql_freeresult($result);
$sql_ary = array('reason_title' => (string) $reason_row['reason_title'], 'reason_description' => (string) $reason_row['reason_description'], 'reason_order' => $max_order + 1);
$db->sql_query('INSERT INTO ' . REPORTS_REASONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$log = 'ADDED';
} else {
if ($reason_id) {
$sql_ary = array('reason_title' => (string) $reason_row['reason_title'], 'reason_description' => (string) $reason_row['reason_description']);
$db->sql_query('UPDATE ' . REPORTS_REASONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE reason_id = ' . $reason_id);
$log = 'UPDATED';
}
}
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_REASON_' . $log, false, array($reason_row['reason_title']));
trigger_error($user->lang['REASON_' . $log] . adm_back_link($this->u_action));
}
} else {
if ($reason_id) {
$sql = 'SELECT *
FROM ' . REPORTS_REASONS_TABLE . '
WHERE reason_id = ' . $reason_id;
$result = $db->sql_query($sql);
$reason_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$reason_row) {
trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
}
$l_title = $action == 'edit' ? 'EDIT' : 'ADD';
$translated = false;
// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])])) {
$translated = true;
}
$template->assign_vars(array('L_TITLE' => $user->lang['REASON_' . $l_title], 'U_ACTION' => $this->u_action . "&id={$reason_id}&action={$action}", 'U_BACK' => $this->u_action, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'REASON_TITLE' => $reason_row['reason_title'], 'REASON_DESCRIPTION' => $reason_row['reason_description'], 'TRANSLATED_TITLE' => $translated ? $user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])] : '', 'TRANSLATED_DESCRIPTION' => $translated ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])] : '', 'S_AVAILABLE_TITLES' => implode($user->lang['COMMA_SEPARATOR'], array_map('htmlspecialchars', array_keys($user->lang['report_reasons']['TITLE']))), 'S_EDIT_REASON' => true, 'S_TRANSLATED' => $translated, 'S_ERROR' => sizeof($error) ? true : false));
return;
break;
case 'delete':
$sql = 'SELECT *
FROM ' . REPORTS_REASONS_TABLE . '
WHERE reason_id = ' . $reason_id;
$result = $db->sql_query($sql);
$reason_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$reason_row) {
trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (strtolower($reason_row['reason_title']) == 'other') {
trigger_error($user->lang['NO_REMOVE_DEFAULT_REASON'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Let the deletion be confirmed...
if (confirm_box(true)) {
$sql = 'SELECT reason_id
FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\tWHERE LOWER(reason_title) = 'other'";
$result = $db->sql_query($sql);
$other_reason_id = (int) $db->sql_fetchfield('reason_id');
$db->sql_freeresult($result);
switch ($db->get_sql_layer()) {
// The ugly one!
case 'mysqli':
case 'mysql4':
case 'mysql':
// Change the reports using this reason to 'other'
$sql = 'UPDATE ' . REPORTS_TABLE . '
SET reason_id = ' . $other_reason_id . ", report_text = CONCAT('" . $db->sql_escape($reason_row['reason_description']) . "\n\n', report_text)\n\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}";
break;
// Standard? What's that?
// Standard? What's that?
case 'mssql':
case 'mssql_odbc':
case 'mssqlnative':
// Change the reports using this reason to 'other'
$sql = "DECLARE @ptrval binary(16)\n\n\t\t\t\t\t\t\t\t\tSELECT @ptrval = TEXTPTR(report_text)\n\t\t\t\t\t\t\t\t\t\tFROM " . REPORTS_TABLE . "\n\t\t\t\t\t\t\t\t\tWHERE reason_id = " . $reason_id . "\n\n\t\t\t\t\t\t\t\t\tUPDATETEXT " . REPORTS_TABLE . ".report_text @ptrval 0 0 '" . $db->sql_escape($reason_row['reason_description']) . "\n\n'\n\n\t\t\t\t\t\t\t\t\tUPDATE " . REPORTS_TABLE . '
SET reason_id = ' . $other_reason_id . "\n\t\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}";
break;
// Teh standard
// Teh standard
case 'postgres':
case 'oracle':
case 'sqlite':
case 'sqlite3':
// Change the reports using this reason to 'other'
$sql = 'UPDATE ' . REPORTS_TABLE . '
SET reason_id = ' . $other_reason_id . ", report_text = '" . $db->sql_escape($reason_row['reason_description']) . "\n\n' || report_text\n\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}";
break;
}
$db->sql_query($sql);
$db->sql_query('DELETE FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id);
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_REASON_REMOVED', false, array($reason_row['reason_title']));
trigger_error($user->lang['REASON_REMOVED'] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'id' => $reason_id)));
}
break;
case 'move_up':
case 'move_down':
$sql = 'SELECT reason_order
FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\tWHERE reason_id = {$reason_id}";
$result = $db->sql_query($sql);
$order = $db->sql_fetchfield('reason_order');
$db->sql_freeresult($result);
if ($order === false || $order == 0 && $action == 'move_up') {
break;
}
$order = (int) $order;
$order_total = $order * 2 + ($action == 'move_up' ? -1 : 1);
$sql = 'UPDATE ' . REPORTS_REASONS_TABLE . '
SET reason_order = ' . $order_total . ' - reason_order
WHERE reason_order IN (' . $order . ', ' . ($action == 'move_up' ? $order - 1 : $order + 1) . ')';
$db->sql_query($sql);
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => (bool) $db->sql_affectedrows()));
}
break;
}
// By default, check that order is valid and fix it if necessary
$sql = 'SELECT reason_id, reason_order
FROM ' . REPORTS_REASONS_TABLE . '
ORDER BY reason_order';
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) {
$order = 0;
do {
++$order;
if ($row['reason_order'] != $order) {
$sql = 'UPDATE ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\tSET reason_order = {$order}\n\t\t\t\t\t\tWHERE reason_id = {$row['reason_id']}";
$db->sql_query($sql);
}
} while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
$template->assign_vars(array('U_ACTION' => $this->u_action));
// Reason count
$sql = 'SELECT reason_id, COUNT(reason_id) AS reason_count
FROM ' . REPORTS_TABLE . '
GROUP BY reason_id';
$result = $db->sql_query($sql);
$reason_count = array();
while ($row = $db->sql_fetchrow($result)) {
$reason_count[$row['reason_id']] = $row['reason_count'];
}
$db->sql_freeresult($result);
$sql = 'SELECT *
FROM ' . REPORTS_REASONS_TABLE . '
ORDER BY reason_order ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$translated = false;
$other_reason = $row['reason_title'] == 'other' ? true : false;
// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) {
$row['reason_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])];
$row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])];
$translated = true;
}
$template->assign_block_vars('reasons', array('REASON_TITLE' => $row['reason_title'], 'REASON_DESCRIPTION' => $row['reason_description'], 'REASON_COUNT' => isset($reason_count[$row['reason_id']]) ? $reason_count[$row['reason_id']] : 0, 'S_TRANSLATED' => $translated, 'S_OTHER_REASON' => $other_reason, 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row['reason_id'], 'U_DELETE' => !$other_reason ? $this->u_action . '&action=delete&id=' . $row['reason_id'] : '', 'U_MOVE_UP' => $this->u_action . '&action=move_up&id=' . $row['reason_id'], 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&id=' . $row['reason_id']));
}
$db->sql_freeresult($result);
}
/**
* Disapprove Post
*
* @param $post_id_list array IDs of the posts to disapprove/delete
* @param $id mixed Category of the current active module
* @param $mode string Active module
* @return null
*/
public static function disapprove_posts($post_id_list, $id, $mode)
{
global $db, $template, $user, $config, $phpbb_container, $phpbb_dispatcher;
global $phpEx, $phpbb_root_path, $request, $phpbb_log;
if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve'))) {
trigger_error('NOT_AUTHORISED');
}
$redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode={$mode}");
$redirect = reapply_sid($redirect);
$reason = $request->variable('reason', '', true);
$reason_id = $request->variable('reason_id', 0);
$success_msg = $additional_msg = '';
$s_hidden_fields = build_hidden_fields(array('i' => $id, 'mode' => $mode, 'post_id_list' => $post_id_list, 'action' => 'disapprove', 'redirect' => $redirect));
$notify_poster = $request->is_set('notify_poster');
$disapprove_reason = '';
if ($reason_id) {
$sql = 'SELECT reason_title, reason_description
FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\tWHERE reason_id = {$reason_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row || !$reason && strtolower($row['reason_title']) == 'other') {
$additional_msg = $user->lang['NO_REASON_DISAPPROVAL'];
$request->overwrite('confirm', null, \phpbb\request\request_interface::POST);
$request->overwrite('confirm_key', null, \phpbb\request\request_interface::POST);
$request->overwrite('confirm_key', null, \phpbb\request\request_interface::REQUEST);
} else {
// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
$disapprove_reason = strtolower($row['reason_title']) != 'other' ? isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description'] : '';
$disapprove_reason .= $reason ? "\n\n" . $reason : '';
if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) {
$disapprove_reason_lang = strtoupper($row['reason_title']);
}
}
}
$post_info = phpbb_get_post_data($post_id_list, 'm_approve');
$is_disapproving = false;
foreach ($post_info as $post_id => $post_data) {
if ($post_data['post_visibility'] == ITEM_DELETED) {
continue;
}
$is_disapproving = true;
}
if (confirm_box(true)) {
$disapprove_log = $disapprove_log_topics = $disapprove_log_posts = array();
$topic_posts_unapproved = $post_disapprove_list = $topic_information = array();
// Build a list of posts to be disapproved and get the related topics real replies count
foreach ($post_info as $post_id => $post_data) {
$post_disapprove_list[$post_id] = $post_data['topic_id'];
if (!isset($topic_posts_unapproved[$post_data['topic_id']])) {
$topic_information[$post_data['topic_id']] = $post_data;
$topic_posts_unapproved[$post_data['topic_id']] = 0;
}
$topic_posts_unapproved[$post_data['topic_id']]++;
}
// Now we build the log array
foreach ($post_disapprove_list as $post_id => $topic_id) {
// If the count of disapproved posts for the topic is equal
// to the number of unapproved posts in the topic, and there are no different
// posts, we disapprove the hole topic
if ($topic_information[$topic_id]['topic_posts_approved'] == 0 && $topic_information[$topic_id]['topic_posts_softdeleted'] == 0 && $topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id]) {
// Don't write the log more than once for every topic
if (!isset($disapprove_log_topics[$topic_id])) {
// Build disapproved topics log
$disapprove_log_topics[$topic_id] = array('type' => 'topic', 'post_subject' => $post_info[$post_id]['topic_title'], 'forum_id' => $post_info[$post_id]['forum_id'], 'topic_id' => 0, 'post_username' => $post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username']) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username']);
}
} else {
// Build disapproved posts log
$disapprove_log_posts[] = array('type' => 'post', 'post_subject' => $post_info[$post_id]['post_subject'], 'forum_id' => $post_info[$post_id]['forum_id'], 'topic_id' => $post_info[$post_id]['topic_id'], 'post_username' => $post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username']) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username']);
}
}
// Get disapproved posts/topics counts separately
$num_disapproved_topics = sizeof($disapprove_log_topics);
$num_disapproved_posts = sizeof($disapprove_log_posts);
// Build the whole log
$disapprove_log = array_merge($disapprove_log_topics, $disapprove_log_posts);
// Unset unneeded arrays
unset($post_data, $disapprove_log_topics, $disapprove_log_posts);
// Let's do the job - delete disapproved posts
if (sizeof($post_disapprove_list)) {
if (!function_exists('delete_posts')) {
include $phpbb_root_path . 'includes/functions_admin.' . $phpEx;
}
// We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts
// Note: function delete_posts triggers related forums/topics sync,
// so we don't need to call update_post_information later and to adjust real topic replies or forum topics count manually
delete_posts('post_id', array_keys($post_disapprove_list));
foreach ($disapprove_log as $log_data) {
if ($is_disapproving) {
$l_log_message = $log_data['type'] == 'topic' ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED';
$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array('forum_id' => $log_data['forum_id'], 'topic_id' => $log_data['topic_id'], $log_data['post_subject'], $disapprove_reason, $log_data['post_username']));
} else {
$l_log_message = $log_data['type'] == 'topic' ? 'LOG_DELETE_TOPIC' : 'LOG_DELETE_POST';
$phpbb_log->add('mod', $user->data['user_id'], $user->ip, $l_log_message, false, array('forum_id' => $log_data['forum_id'], 'topic_id' => $log_data['topic_id'], $log_data['post_subject'], $log_data['post_username']));
}
}
}
/* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
$lang_reasons = array();
foreach ($post_info as $post_id => $post_data) {
$disapprove_all_posts_in_topic = $topic_information[$topic_id]['topic_posts_approved'] == 0 && $topic_information[$topic_id]['topic_posts_softdeleted'] == 0 && $topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id];
$phpbb_notifications->delete_notifications('notification.type.post_in_queue', $post_id);
// Do we disapprove the whole topic? Remove potential notifications
if ($disapprove_all_posts_in_topic) {
$phpbb_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']);
}
// Notify Poster?
if ($notify_poster) {
if ($post_data['poster_id'] == ANONYMOUS) {
continue;
}
$post_data['disapprove_reason'] = $disapprove_reason;
if (isset($disapprove_reason_lang)) {
// Okay we need to get the reason from the posters language
if (!isset($lang_reasons[$post_data['user_lang']])) {
// Assign the current users translation as the default, this is not ideal but getting the board default adds another layer of complexity.
$lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
// Only load up the language pack if the language is different to the current one
if ($post_data['user_lang'] != $user->lang_name && file_exists($phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx)) {
// Load up the language pack
$lang = array();
@(include $phpbb_root_path . '/language/' . basename($post_data['user_lang']) . '/mcp.' . $phpEx);
// If we find the reason in this language pack use it
if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang])) {
$lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang];
}
unset($lang);
// Free memory
}
}
$post_data['disapprove_reason'] = $lang_reasons[$post_data['user_lang']];
$post_data['disapprove_reason'] .= $reason ? "\n\n" . $reason : '';
}
if ($disapprove_all_posts_in_topic && $topic_information[$topic_id]['topic_posts_unapproved'] == 1) {
// If there is only 1 post when disapproving the topic,
// we send the user a "disapprove topic" notification...
$phpbb_notifications->add_notifications('notification.type.disapprove_topic', $post_data);
} else {
// ... otherwise there are multiple unapproved posts and
// all of them are disapproved as posts.
$phpbb_notifications->add_notifications('notification.type.disapprove_post', $post_data);
}
}
}
if ($num_disapproved_topics) {
$success_msg = $num_disapproved_topics == 1 ? 'TOPIC' : 'TOPICS';
} else {
$success_msg = $num_disapproved_posts == 1 ? 'POST' : 'POSTS';
}
if ($is_disapproving) {
$success_msg .= '_DISAPPROVED_SUCCESS';
} else {
$success_msg .= '_DELETED_SUCCESS';
}
// If we came from viewtopic, we try to go back to it.
if (strpos($redirect, $phpbb_root_path . 'viewtopic.' . $phpEx) === 0) {
if ($num_disapproved_topics == 0) {
// So we need to remove the post id part from the Url
$redirect = str_replace("&p={$post_id_list[0]}#p{$post_id_list[0]}", '', $redirect);
} else {
// However this is only possible if the topic still exists,
// Otherwise we go back to the viewforum page
$redirect = append_sid($phpbb_root_path . 'viewforum.' . $phpEx, 'f=' . $request->variable('f', 0));
}
}
/**
* Perform additional actions during post(s) disapproval
*
* @event core.disapprove_posts_after
* @var array post_info Array containing info for all posts being disapproved
* @var array topic_information Array containing information for the topics
* @var array topic_posts_unapproved Array containing list of topic ids and the count of disapproved posts in them
* @var array post_disapprove_list Array containing list of posts and their topic id
* @var int num_disapproved_topics Variable containing the number of disapproved topics
* @var int num_disapproved_posts Variable containing the number of disapproved posts
* @var array lang_reasons Array containing the language keys for reasons
* @var string disapprove_reason Variable containing the language key for the success message
* @var string disapprove_reason_lang Variable containing the language key for the success message
* @var bool is_disapproving Variable telling if anything is going to be disapproved
* @var bool notify_poster Variable telling if the post should be notified or not
* @var string success_msg Variable containing the language key for the success message
* @var string redirect Variable containing the redirect url
* @since 3.1.4-RC1
*/
$vars = array('post_info', 'topic_information', 'topic_posts_unapproved', 'post_disapprove_list', 'num_disapproved_topics', 'num_disapproved_posts', 'lang_reasons', 'disapprove_reason', 'disapprove_reason_lang', 'is_disapproving', 'notify_poster', 'success_msg', 'redirect');
extract($phpbb_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars)));
unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang);
meta_refresh(3, $redirect);
$message = $user->lang[$success_msg];
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'REFRESH_DATA' => null, 'visible' => false));
}
$message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>');
trigger_error($message);
} else {
$show_notify = false;
foreach ($post_info as $post_data) {
if ($post_data['poster_id'] == ANONYMOUS) {
continue;
} else {
$show_notify = true;
break;
}
}
$l_confirm_msg = 'DISAPPROVE_POST';
$confirm_template = 'mcp_approve.html';
if ($is_disapproving) {
$phpbb_container->get('phpbb.report.report_reason_list_provider')->display_reasons($reason_id);
} else {
$user->add_lang('posting');
$l_confirm_msg = 'DELETE_POST_PERMANENTLY';
$confirm_template = 'confirm_delete_body.html';
}
$l_confirm_msg .= sizeof($post_id_list) == 1 ? '' : 'S';
$template->assign_vars(array('S_NOTIFY_POSTER' => $show_notify, 'S_APPROVE' => false, 'REASON' => $is_disapproving ? $reason : '', 'ADDITIONAL_MSG' => $additional_msg));
confirm_box(false, $l_confirm_msg, $s_hidden_fields, $confirm_template);
}
redirect($redirect);
}
/**
* Parse Attachments
*/
function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
{
global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $request;
global $phpbb_container;
$error = array();
$num_attachments = sizeof($this->attachment_data);
$this->filename_data['filecomment'] = $request->variable('filecomment', '', true);
$upload = $request->file($form_name);
$upload_file = !empty($upload) && $upload['name'] !== 'none' && trim($upload['name']);
$add_file = isset($_POST['add_file']) ? true : false;
$delete_file = isset($_POST['delete_file']) ? true : false;
// First of all adjust comments if changed
$actual_comment_list = $request->variable('comment_list', array(''), true);
foreach ($actual_comment_list as $comment_key => $comment) {
if (!isset($this->attachment_data[$comment_key])) {
continue;
}
if ($this->attachment_data[$comment_key]['attach_comment'] != $actual_comment_list[$comment_key]) {
$this->attachment_data[$comment_key]['attach_comment'] = $actual_comment_list[$comment_key];
}
}
$cfg = array();
$cfg['max_attachments'] = $is_message ? $config['max_attachments_pm'] : $config['max_attachments'];
$forum_id = $is_message ? 0 : $forum_id;
if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file) {
if ($num_attachments < $cfg['max_attachments'] || $auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) {
/** @var \phpbb\attachment\manager $attachment_manager */
$attachment_manager = $phpbb_container->get('attachment.manager');
$filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message);
$error = $filedata['error'];
if ($filedata['post_attach'] && !sizeof($error)) {
$sql_ary = array('physical_filename' => $filedata['physical_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'real_filename' => $filedata['real_filename'], 'extension' => $filedata['extension'], 'mimetype' => $filedata['mimetype'], 'filesize' => $filedata['filesize'], 'filetime' => $filedata['filetime'], 'thumbnail' => $filedata['thumbnail'], 'is_orphan' => 1, 'in_message' => $is_message ? 1 : 0, 'poster_id' => $user->data['user_id']);
$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$new_entry = array('attach_id' => $db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'filesize' => $filedata['filesize']);
$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
$this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) {
return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]';
}, $this->message);
$this->filename_data['filecomment'] = '';
// This Variable is set to false here, because Attachments are entered into the
// Database in two modes, one if the id_list is 0 and the second one if post_attach is true
// Since post_attach is automatically switched to true if an Attachment got added to the filesystem,
// but we are assigning an id of 0 here, we have to reset the post_attach variable to false.
//
// This is very relevant, because it could happen that the post got not submitted, but we do not
// know this circumstance here. We could be at the posting page or we could be redirected to the entered
// post. :)
$filedata['post_attach'] = false;
}
} else {
$error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']);
}
}
if ($preview || $refresh || sizeof($error)) {
if (isset($this->plupload) && $this->plupload->is_active()) {
$json_response = new \phpbb\json_response();
}
// Perform actions on temporary attachments
if ($delete_file) {
include_once $phpbb_root_path . 'includes/functions_admin.' . $phpEx;
$index = array_keys($request->variable('delete_file', array(0 => 0)));
$index = !empty($index) ? $index[0] : false;
if ($index !== false && !empty($this->attachment_data[$index])) {
/** @var \phpbb\attachment\manager $attachment_manager */
$attachment_manager = $phpbb_container->get('attachment.manager');
// delete selected attachment
if ($this->attachment_data[$index]['is_orphan']) {
$sql = 'SELECT attach_id, physical_filename, thumbnail
FROM ' . ATTACHMENTS_TABLE . '
WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . '
AND is_orphan = 1
AND poster_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
$attachment_manager->unlink($row['physical_filename'], 'file');
if ($row['thumbnail']) {
$attachment_manager->unlink($row['physical_filename'], 'thumbnail');
}
$db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']);
}
} else {
$attachment_manager->delete('attach', $this->attachment_data[$index]['attach_id']);
}
unset($this->attachment_data[$index]);
$this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) use($index) {
return $match[1] == $index ? '' : ($match[1] > $index ? '[attachment=' . ($match[1] - 1) . ']' . $match[2] . '[/attachment]' : $match[0]);
}, $this->message);
// Reindex Array
$this->attachment_data = array_values($this->attachment_data);
if (isset($this->plupload) && $this->plupload->is_active()) {
$json_response->send($this->attachment_data);
}
}
} else {
if (($add_file || $preview) && $upload_file) {
if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_', $forum_id)) {
/** @var \phpbb\attachment\manager $attachment_manager */
$attachment_manager = $phpbb_container->get('attachment.manager');
$filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message);
$error = array_merge($error, $filedata['error']);
if (!sizeof($error)) {
$sql_ary = array('physical_filename' => $filedata['physical_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'real_filename' => $filedata['real_filename'], 'extension' => $filedata['extension'], 'mimetype' => $filedata['mimetype'], 'filesize' => $filedata['filesize'], 'filetime' => $filedata['filetime'], 'thumbnail' => $filedata['thumbnail'], 'is_orphan' => 1, 'in_message' => $is_message ? 1 : 0, 'poster_id' => $user->data['user_id']);
$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$new_entry = array('attach_id' => $db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'filesize' => $filedata['filesize']);
$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
$this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) {
return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]';
}, $this->message);
$this->filename_data['filecomment'] = '';
if (isset($this->plupload) && $this->plupload->is_active()) {
$download_url = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'mode=view&id=' . $new_entry['attach_id']);
// Send the client the attachment data to maintain state
$json_response->send(array('data' => $this->attachment_data, 'download_url' => $download_url));
}
}
} else {
$error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']);
}
if (!empty($error) && isset($this->plupload) && $this->plupload->is_active()) {
// If this is a plupload (and thus ajax) request, give the
// client the first error we have
$json_response->send(array('jsonrpc' => '2.0', 'id' => 'id', 'error' => array('code' => 105, 'message' => current($error))));
}
}
}
}
foreach ($error as $error_msg) {
$this->warn_msg[] = $error_msg;
}
}
function main($id, $mode)
{
global $db, $user, $auth, $template, $cache, $request, $phpbb_dispatcher;
global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx, $phpbb_log;
$user->add_lang('acp/forums');
$this->tpl_name = 'acp_forums';
$this->page_title = 'ACP_MANAGE_FORUMS';
$form_key = 'acp_forums';
add_form_key($form_key);
$action = $request->variable('action', '');
$update = isset($_POST['update']) ? true : false;
$forum_id = $request->variable('f', 0);
$this->parent_id = $request->variable('parent_id', 0);
$forum_data = $errors = array();
if ($update && !check_form_key($form_key)) {
$update = false;
$errors[] = $user->lang['FORM_INVALID'];
}
// Check additional permissions
switch ($action) {
case 'progress_bar':
$start = $request->variable('start', 0);
$total = $request->variable('total', 0);
$this->display_progress_bar($start, $total);
break;
case 'delete':
if (!$auth->acl_get('a_forumdel')) {
trigger_error($user->lang['NO_PERMISSION_FORUM_DELETE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING);
}
break;
case 'add':
if (!$auth->acl_get('a_forumadd')) {
trigger_error($user->lang['NO_PERMISSION_FORUM_ADD'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING);
}
break;
}
// Major routines
if ($update) {
switch ($action) {
case 'delete':
$action_subforums = $request->variable('action_subforums', '');
$subforums_to_id = $request->variable('subforums_to_id', 0);
$action_posts = $request->variable('action_posts', '');
$posts_to_id = $request->variable('posts_to_id', 0);
$errors = $this->delete_forum($forum_id, $action_posts, $action_subforums, $posts_to_id, $subforums_to_id);
if (sizeof($errors)) {
break;
}
$auth->acl_clear_prefetch();
$cache->destroy('sql', FORUMS_TABLE);
trigger_error($user->lang['FORUM_DELETED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id));
break;
case 'edit':
$forum_data = array('forum_id' => $forum_id);
// No break here
// No break here
case 'add':
$forum_data += array('parent_id' => $request->variable('forum_parent_id', $this->parent_id), 'forum_type' => $request->variable('forum_type', FORUM_POST), 'type_action' => $request->variable('type_action', ''), 'forum_status' => $request->variable('forum_status', ITEM_UNLOCKED), 'forum_parents' => '', 'forum_name' => $request->variable('forum_name', '', true), 'forum_link' => $request->variable('forum_link', ''), 'forum_link_track' => $request->variable('forum_link_track', false), 'forum_desc' => $request->variable('forum_desc', '', true), 'forum_desc_uid' => '', 'forum_desc_options' => 7, 'forum_desc_bitfield' => '', 'forum_rules' => $request->variable('forum_rules', '', true), 'forum_rules_uid' => '', 'forum_rules_options' => 7, 'forum_rules_bitfield' => '', 'forum_rules_link' => $request->variable('forum_rules_link', ''), 'forum_image' => $request->variable('forum_image', ''), 'forum_style' => $request->variable('forum_style', 0), 'display_subforum_list' => $request->variable('display_subforum_list', false), 'display_on_index' => $request->variable('display_on_index', false), 'forum_topics_per_page' => $request->variable('topics_per_page', 0), 'enable_indexing' => $request->variable('enable_indexing', true), 'enable_icons' => $request->variable('enable_icons', false), 'enable_prune' => $request->variable('enable_prune', false), 'enable_post_review' => $request->variable('enable_post_review', true), 'enable_quick_reply' => $request->variable('enable_quick_reply', false), 'enable_shadow_prune' => $request->variable('enable_shadow_prune', false), 'prune_days' => $request->variable('prune_days', 7), 'prune_viewed' => $request->variable('prune_viewed', 7), 'prune_freq' => $request->variable('prune_freq', 1), 'prune_old_polls' => $request->variable('prune_old_polls', false), 'prune_announce' => $request->variable('prune_announce', false), 'prune_sticky' => $request->variable('prune_sticky', false), 'prune_shadow_days' => $request->variable('prune_shadow_days', 7), 'prune_shadow_freq' => $request->variable('prune_shadow_freq', 1), 'forum_password' => $request->variable('forum_password', '', true), 'forum_password_confirm' => $request->variable('forum_password_confirm', '', true), 'forum_password_unset' => $request->variable('forum_password_unset', false));
/**
* Request forum data and operate on it (parse texts, etc.)
*
* @event core.acp_manage_forums_request_data
* @var string action Type of the action: add|edit
* @var array forum_data Array with new forum data
* @since 3.1.0-a1
*/
$vars = array('action', 'forum_data');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_forums_request_data', compact($vars)));
// On add, add empty forum_options... else do not consider it (not updating it)
if ($action == 'add') {
$forum_data['forum_options'] = 0;
}
// Use link_display_on_index setting if forum type is link
if ($forum_data['forum_type'] == FORUM_LINK) {
$forum_data['display_on_index'] = $request->variable('link_display_on_index', false);
}
// Linked forums and categories are not able to be locked...
if ($forum_data['forum_type'] == FORUM_LINK || $forum_data['forum_type'] == FORUM_CAT) {
$forum_data['forum_status'] = ITEM_UNLOCKED;
}
$forum_data['show_active'] = $forum_data['forum_type'] == FORUM_POST ? $request->variable('display_recent', true) : $request->variable('display_active', false);
// Get data for forum rules if specified...
if ($forum_data['forum_rules']) {
generate_text_for_storage($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options'], $request->variable('rules_parse_bbcode', false), $request->variable('rules_parse_urls', false), $request->variable('rules_parse_smilies', false));
}
// Get data for forum description if specified
if ($forum_data['forum_desc']) {
generate_text_for_storage($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options'], $request->variable('desc_parse_bbcode', false), $request->variable('desc_parse_urls', false), $request->variable('desc_parse_smilies', false));
}
$errors = $this->update_forum_data($forum_data);
if (!sizeof($errors)) {
$forum_perm_from = $request->variable('forum_perm_from', 0);
$cache->destroy('sql', FORUMS_TABLE);
$copied_permissions = false;
// Copy permissions?
if ($forum_perm_from && $forum_perm_from != $forum_data['forum_id'] && ($action != 'edit' || empty($forum_id) || $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth'))) {
copy_forum_permissions($forum_perm_from, $forum_data['forum_id'], $action == 'edit' ? true : false);
phpbb_cache_moderators($db, $cache, $auth);
$copied_permissions = true;
}
/* Commented out because of questionable UI workflow - re-visit for 3.0.7
else if (!$this->parent_id && $action != 'edit' && $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth'))
{
$this->copy_permission_page($forum_data);
return;
}
*/
$auth->acl_clear_prefetch();
$acl_url = '&mode=setting_forum_local&forum_id[]=' . $forum_data['forum_id'];
$message = $action == 'add' ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED'];
// redirect directly to permission settings screen if authed
if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth')) {
$message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url) . '">', '</a>');
meta_refresh(4, append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url));
}
trigger_error($message . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id));
}
break;
}
}
switch ($action) {
case 'move_up':
case 'move_down':
if (!$forum_id) {
trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING);
}
$sql = 'SELECT *
FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING);
}
$move_forum_name = $this->move_forum_by($row, $action, 1);
if ($move_forum_name !== false) {
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_FORUM_' . strtoupper($action), false, array($row['forum_name'], $move_forum_name));
$cache->destroy('sql', FORUMS_TABLE);
}
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => $move_forum_name !== false));
}
break;
case 'sync':
if (!$forum_id) {
trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING);
}
@set_time_limit(0);
$sql = 'SELECT forum_name, (forum_topics_approved + forum_topics_unapproved + forum_topics_softdeleted) AS total_topics
FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING);
}
if ($row['total_topics']) {
$sql = 'SELECT MIN(topic_id) as min_topic_id, MAX(topic_id) as max_topic_id
FROM ' . TOPICS_TABLE . '
WHERE forum_id = ' . $forum_id;
$result = $db->sql_query($sql);
$row2 = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Typecast to int if there is no data available
$row2['min_topic_id'] = (int) $row2['min_topic_id'];
$row2['max_topic_id'] = (int) $row2['max_topic_id'];
$start = $request->variable('start', $row2['min_topic_id']);
$batch_size = 2000;
$end = $start + $batch_size;
// Sync all topics in batch mode...
sync('topic', 'range', 'topic_id BETWEEN ' . $start . ' AND ' . $end, true, true);
if ($end < $row2['max_topic_id']) {
// We really need to find a way of showing statistics... no progress here
$sql = 'SELECT COUNT(topic_id) as num_topics
FROM ' . TOPICS_TABLE . '
WHERE forum_id = ' . $forum_id . '
AND topic_id BETWEEN ' . $start . ' AND ' . $end;
$result = $db->sql_query($sql);
$topics_done = $request->variable('topics_done', 0) + (int) $db->sql_fetchfield('num_topics');
$db->sql_freeresult($result);
$start += $batch_size;
$url = $this->u_action . "&parent_id={$this->parent_id}&f={$forum_id}&action=sync&start={$start}&topics_done={$topics_done}&total={$row['total_topics']}";
meta_refresh(0, $url);
$template->assign_vars(array('U_PROGRESS_BAR' => $this->u_action . "&action=progress_bar&start={$topics_done}&total={$row['total_topics']}", 'UA_PROGRESS_BAR' => addslashes($this->u_action . "&action=progress_bar&start={$topics_done}&total={$row['total_topics']}"), 'S_CONTINUE_SYNC' => true, 'L_PROGRESS_EXPLAIN' => sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], $topics_done, $row['total_topics'])));
return;
}
}
$url = $this->u_action . "&parent_id={$this->parent_id}&f={$forum_id}&action=sync_forum";
meta_refresh(0, $url);
$template->assign_vars(array('U_PROGRESS_BAR' => $this->u_action . '&action=progress_bar', 'UA_PROGRESS_BAR' => addslashes($this->u_action . '&action=progress_bar'), 'S_CONTINUE_SYNC' => true, 'L_PROGRESS_EXPLAIN' => sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], 0, $row['total_topics'])));
return;
break;
case 'sync_forum':
$sql = 'SELECT forum_name, forum_type
FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING);
}
sync('forum', 'forum_id', $forum_id, false, true);
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_FORUM_SYNC', false, array($row['forum_name']));
$cache->destroy('sql', FORUMS_TABLE);
$template->assign_var('L_FORUM_RESYNCED', sprintf($user->lang['FORUM_RESYNCED'], $row['forum_name']));
break;
case 'add':
case 'edit':
if ($update) {
$forum_data['forum_flags'] = 0;
$forum_data['forum_flags'] += $request->variable('forum_link_track', false) ? FORUM_FLAG_LINK_TRACK : 0;
$forum_data['forum_flags'] += $request->variable('prune_old_polls', false) ? FORUM_FLAG_PRUNE_POLL : 0;
$forum_data['forum_flags'] += $request->variable('prune_announce', false) ? FORUM_FLAG_PRUNE_ANNOUNCE : 0;
$forum_data['forum_flags'] += $request->variable('prune_sticky', false) ? FORUM_FLAG_PRUNE_STICKY : 0;
$forum_data['forum_flags'] += $forum_data['show_active'] ? FORUM_FLAG_ACTIVE_TOPICS : 0;
$forum_data['forum_flags'] += $request->variable('enable_post_review', true) ? FORUM_FLAG_POST_REVIEW : 0;
$forum_data['forum_flags'] += $request->variable('enable_quick_reply', false) ? FORUM_FLAG_QUICK_REPLY : 0;
}
// Initialise $row, so we always have it in the event
$row = array();
// Show form to create/modify a forum
if ($action == 'edit') {
$this->page_title = 'EDIT_FORUM';
$row = $this->get_forum_info($forum_id);
$old_forum_type = $row['forum_type'];
if (!$update) {
$forum_data = $row;
} else {
$forum_data['left_id'] = $row['left_id'];
$forum_data['right_id'] = $row['right_id'];
}
// Make sure no direct child forums are able to be selected as parents.
$exclude_forums = array();
foreach (get_forum_branch($forum_id, 'children') as $row) {
$exclude_forums[] = $row['forum_id'];
}
$parents_list = make_forum_select($forum_data['parent_id'], $exclude_forums, false, false, false);
$forum_data['forum_password_confirm'] = $forum_data['forum_password'];
} else {
$this->page_title = 'CREATE_FORUM';
$forum_id = $this->parent_id;
$parents_list = make_forum_select($this->parent_id, false, false, false, false);
// Fill forum data with default values
if (!$update) {
$forum_data = array('parent_id' => $this->parent_id, 'forum_type' => FORUM_POST, 'forum_status' => ITEM_UNLOCKED, 'forum_name' => $request->variable('forum_name', '', true), 'forum_link' => '', 'forum_link_track' => false, 'forum_desc' => '', 'forum_rules' => '', 'forum_rules_link' => '', 'forum_image' => '', 'forum_style' => 0, 'display_subforum_list' => true, 'display_on_index' => false, 'forum_topics_per_page' => 0, 'enable_indexing' => true, 'enable_icons' => false, 'enable_prune' => false, 'prune_days' => 7, 'prune_viewed' => 7, 'prune_freq' => 1, 'enable_shadow_prune' => false, 'prune_shadow_days' => 7, 'prune_shadow_freq' => 1, 'forum_flags' => FORUM_FLAG_POST_REVIEW + FORUM_FLAG_ACTIVE_TOPICS, 'forum_options' => 0, 'forum_password' => '', 'forum_password_confirm' => '');
}
}
/**
* Initialise data before we display the add/edit form
*
* @event core.acp_manage_forums_initialise_data
* @var string action Type of the action: add|edit
* @var bool update Do we display the form only
* or did the user press submit
* @var int forum_id When editing: the forum id,
* when creating: the parent forum id
* @var array row Array with current forum data
* empty when creating new forum
* @var array forum_data Array with new forum data
* @var string parents_list List of parent options
* @since 3.1.0-a1
*/
$vars = array('action', 'update', 'forum_id', 'row', 'forum_data', 'parents_list');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_forums_initialise_data', compact($vars)));
$forum_rules_data = array('text' => $forum_data['forum_rules'], 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$forum_desc_data = array('text' => $forum_data['forum_desc'], 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$forum_rules_preview = '';
// Parse rules if specified
if ($forum_data['forum_rules']) {
if (!isset($forum_data['forum_rules_uid'])) {
// Before we are able to display the preview and plane text, we need to parse our $request->variable()'d value...
$forum_data['forum_rules_uid'] = '';
$forum_data['forum_rules_bitfield'] = '';
$forum_data['forum_rules_options'] = 0;
generate_text_for_storage($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options'], $request->variable('rules_allow_bbcode', false), $request->variable('rules_allow_urls', false), $request->variable('rules_allow_smilies', false));
}
// Generate preview content
$forum_rules_preview = generate_text_for_display($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options']);
// decode...
$forum_rules_data = generate_text_for_edit($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_options']);
}
// Parse desciption if specified
if ($forum_data['forum_desc']) {
if (!isset($forum_data['forum_desc_uid'])) {
// Before we are able to display the preview and plane text, we need to parse our $request->variable()'d value...
$forum_data['forum_desc_uid'] = '';
$forum_data['forum_desc_bitfield'] = '';
$forum_data['forum_desc_options'] = 0;
generate_text_for_storage($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options'], $request->variable('desc_allow_bbcode', false), $request->variable('desc_allow_urls', false), $request->variable('desc_allow_smilies', false));
}
// decode...
$forum_desc_data = generate_text_for_edit($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_options']);
}
$forum_type_options = '';
$forum_type_ary = array(FORUM_CAT => 'CAT', FORUM_POST => 'FORUM', FORUM_LINK => 'LINK');
foreach ($forum_type_ary as $value => $lang) {
$forum_type_options .= '<option value="' . $value . '"' . ($value == $forum_data['forum_type'] ? ' selected="selected"' : '') . '>' . $user->lang['TYPE_' . $lang] . '</option>';
}
$styles_list = style_select($forum_data['forum_style'], true);
$statuslist = '<option value="' . ITEM_UNLOCKED . '"' . ($forum_data['forum_status'] == ITEM_UNLOCKED ? ' selected="selected"' : '') . '>' . $user->lang['UNLOCKED'] . '</option><option value="' . ITEM_LOCKED . '"' . ($forum_data['forum_status'] == ITEM_LOCKED ? ' selected="selected"' : '') . '>' . $user->lang['LOCKED'] . '</option>';
$sql = 'SELECT forum_id
FROM ' . FORUMS_TABLE . '
WHERE forum_type = ' . FORUM_POST . "\n\t\t\t\t\t\tAND forum_id <> {$forum_id}";
$result = $db->sql_query_limit($sql, 1);
$postable_forum_exists = false;
if ($db->sql_fetchrow($result)) {
$postable_forum_exists = true;
}
$db->sql_freeresult($result);
// Subforum move options
if ($action == 'edit' && $forum_data['forum_type'] == FORUM_CAT) {
$subforums_id = array();
$subforums = get_forum_branch($forum_id, 'children');
foreach ($subforums as $row) {
$subforums_id[] = $row['forum_id'];
}
$forums_list = make_forum_select($forum_data['parent_id'], $subforums_id);
if ($postable_forum_exists) {
$template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $subforums_id)));
}
$template->assign_vars(array('S_HAS_SUBFORUMS' => $forum_data['right_id'] - $forum_data['left_id'] > 1 ? true : false, 'S_FORUMS_LIST' => $forums_list));
} else {
if ($postable_forum_exists) {
$template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $forum_id, false, true, false)));
}
}
$s_show_display_on_index = false;
if ($forum_data['parent_id'] > 0) {
// if this forum is a subforum put the "display on index" checkbox
if ($parent_info = $this->get_forum_info($forum_data['parent_id'])) {
if ($parent_info['parent_id'] > 0 || $parent_info['forum_type'] == FORUM_CAT) {
$s_show_display_on_index = true;
}
}
}
if (strlen($forum_data['forum_password']) == 32) {
$errors[] = $user->lang['FORUM_PASSWORD_OLD'];
}
$template_data = array('S_EDIT_FORUM' => true, 'S_ERROR' => sizeof($errors) ? true : false, 'S_PARENT_ID' => $this->parent_id, 'S_FORUM_PARENT_ID' => $forum_data['parent_id'], 'S_ADD_ACTION' => $action == 'add' ? true : false, 'U_BACK' => $this->u_action . '&parent_id=' . $this->parent_id, 'U_EDIT_ACTION' => $this->u_action . "&parent_id={$this->parent_id}&action={$action}&f={$forum_id}", 'L_COPY_PERMISSIONS_EXPLAIN' => $user->lang['COPY_PERMISSIONS_' . strtoupper($action) . '_EXPLAIN'], 'L_TITLE' => $user->lang[$this->page_title], 'ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '', 'FORUM_NAME' => $forum_data['forum_name'], 'FORUM_DATA_LINK' => $forum_data['forum_link'], 'FORUM_IMAGE' => $forum_data['forum_image'], 'FORUM_IMAGE_SRC' => $forum_data['forum_image'] ? $phpbb_root_path . $forum_data['forum_image'] : '', 'FORUM_POST' => FORUM_POST, 'FORUM_LINK' => FORUM_LINK, 'FORUM_CAT' => FORUM_CAT, 'PRUNE_FREQ' => $forum_data['prune_freq'], 'PRUNE_DAYS' => $forum_data['prune_days'], 'PRUNE_VIEWED' => $forum_data['prune_viewed'], 'PRUNE_SHADOW_FREQ' => $forum_data['prune_shadow_freq'], 'PRUNE_SHADOW_DAYS' => $forum_data['prune_shadow_days'], 'TOPICS_PER_PAGE' => $forum_data['forum_topics_per_page'], 'FORUM_RULES_LINK' => $forum_data['forum_rules_link'], 'FORUM_RULES' => $forum_data['forum_rules'], 'FORUM_RULES_PREVIEW' => $forum_rules_preview, 'FORUM_RULES_PLAIN' => $forum_rules_data['text'], 'S_BBCODE_CHECKED' => $forum_rules_data['allow_bbcode'] ? true : false, 'S_SMILIES_CHECKED' => $forum_rules_data['allow_smilies'] ? true : false, 'S_URLS_CHECKED' => $forum_rules_data['allow_urls'] ? true : false, 'S_FORUM_PASSWORD_SET' => empty($forum_data['forum_password']) ? false : true, 'FORUM_DESC' => $forum_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => $forum_desc_data['allow_bbcode'] ? true : false, 'S_DESC_SMILIES_CHECKED' => $forum_desc_data['allow_smilies'] ? true : false, 'S_DESC_URLS_CHECKED' => $forum_desc_data['allow_urls'] ? true : false, 'S_FORUM_TYPE_OPTIONS' => $forum_type_options, 'S_STATUS_OPTIONS' => $statuslist, 'S_PARENT_OPTIONS' => $parents_list, 'S_STYLES_OPTIONS' => $styles_list, 'S_FORUM_OPTIONS' => make_forum_select($action == 'add' ? $forum_data['parent_id'] : false, $action == 'edit' ? $forum_data['forum_id'] : false, false, false, false), 'S_SHOW_DISPLAY_ON_INDEX' => $s_show_display_on_index, 'S_FORUM_POST' => $forum_data['forum_type'] == FORUM_POST ? true : false, 'S_FORUM_ORIG_POST' => isset($old_forum_type) && $old_forum_type == FORUM_POST ? true : false, 'S_FORUM_ORIG_CAT' => isset($old_forum_type) && $old_forum_type == FORUM_CAT ? true : false, 'S_FORUM_ORIG_LINK' => isset($old_forum_type) && $old_forum_type == FORUM_LINK ? true : false, 'S_FORUM_LINK' => $forum_data['forum_type'] == FORUM_LINK ? true : false, 'S_FORUM_CAT' => $forum_data['forum_type'] == FORUM_CAT ? true : false, 'S_ENABLE_INDEXING' => $forum_data['enable_indexing'] ? true : false, 'S_TOPIC_ICONS' => $forum_data['enable_icons'] ? true : false, 'S_DISPLAY_SUBFORUM_LIST' => $forum_data['display_subforum_list'] ? true : false, 'S_DISPLAY_ON_INDEX' => $forum_data['display_on_index'] ? true : false, 'S_PRUNE_ENABLE' => $forum_data['enable_prune'] ? true : false, 'S_PRUNE_SHADOW_ENABLE' => $forum_data['enable_shadow_prune'] ? true : false, 'S_FORUM_LINK_TRACK' => $forum_data['forum_flags'] & FORUM_FLAG_LINK_TRACK ? true : false, 'S_PRUNE_OLD_POLLS' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_POLL ? true : false, 'S_PRUNE_ANNOUNCE' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_ANNOUNCE ? true : false, 'S_PRUNE_STICKY' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_STICKY ? true : false, 'S_DISPLAY_ACTIVE_TOPICS' => $forum_data['forum_type'] == FORUM_POST ? $forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS : true, 'S_ENABLE_ACTIVE_TOPICS' => $forum_data['forum_type'] == FORUM_CAT ? $forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS : false, 'S_ENABLE_POST_REVIEW' => $forum_data['forum_flags'] & FORUM_FLAG_POST_REVIEW ? true : false, 'S_ENABLE_QUICK_REPLY' => $forum_data['forum_flags'] & FORUM_FLAG_QUICK_REPLY ? true : false, 'S_CAN_COPY_PERMISSIONS' => $action != 'edit' || empty($forum_id) || $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth') ? true : false);
/**
* Modify forum template data before we display the form
*
* @event core.acp_manage_forums_display_form
* @var string action Type of the action: add|edit
* @var bool update Do we display the form only
* or did the user press submit
* @var int forum_id When editing: the forum id,
* when creating: the parent forum id
* @var array row Array with current forum data
* empty when creating new forum
* @var array forum_data Array with new forum data
* @var string parents_list List of parent options
* @var array errors Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @var array template_data Array with new forum data
* @since 3.1.0-a1
*/
$vars = array('action', 'update', 'forum_id', 'row', 'forum_data', 'parents_list', 'errors', 'template_data');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_forums_display_form', compact($vars)));
$template->assign_vars($template_data);
return;
break;
case 'delete':
if (!$forum_id) {
trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING);
}
$forum_data = $this->get_forum_info($forum_id);
$subforums_id = array();
$subforums = get_forum_branch($forum_id, 'children');
foreach ($subforums as $row) {
$subforums_id[] = $row['forum_id'];
}
$forums_list = make_forum_select($forum_data['parent_id'], $subforums_id);
$sql = 'SELECT forum_id
FROM ' . FORUMS_TABLE . '
WHERE forum_type = ' . FORUM_POST . "\n\t\t\t\t\t\tAND forum_id <> {$forum_id}";
$result = $db->sql_query_limit($sql, 1);
if ($db->sql_fetchrow($result)) {
$template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $subforums_id, false, true)));
}
$db->sql_freeresult($result);
$parent_id = $this->parent_id == $forum_id ? 0 : $this->parent_id;
$template->assign_vars(array('S_DELETE_FORUM' => true, 'U_ACTION' => $this->u_action . "&parent_id={$parent_id}&action=delete&f={$forum_id}", 'U_BACK' => $this->u_action . '&parent_id=' . $this->parent_id, 'FORUM_NAME' => $forum_data['forum_name'], 'S_FORUM_POST' => $forum_data['forum_type'] == FORUM_POST ? true : false, 'S_FORUM_LINK' => $forum_data['forum_type'] == FORUM_LINK ? true : false, 'S_HAS_SUBFORUMS' => $forum_data['right_id'] - $forum_data['left_id'] > 1 ? true : false, 'S_FORUMS_LIST' => $forums_list, 'S_ERROR' => sizeof($errors) ? true : false, 'ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : ''));
return;
break;
case 'copy_perm':
$forum_perm_from = $request->variable('forum_perm_from', 0);
// Copy permissions?
if (!empty($forum_perm_from) && $forum_perm_from != $forum_id) {
copy_forum_permissions($forum_perm_from, $forum_id, true);
phpbb_cache_moderators($db, $cache, $auth);
$auth->acl_clear_prefetch();
$cache->destroy('sql', FORUMS_TABLE);
$acl_url = '&mode=setting_forum_local&forum_id[]=' . $forum_id;
$message = $user->lang['FORUM_UPDATED'];
// Redirect to permissions
if ($auth->acl_get('a_fauth')) {
$message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url) . '">', '</a>');
}
trigger_error($message . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id));
}
break;
}
// Default management page
if (!$this->parent_id) {
$navigation = $user->lang['FORUM_INDEX'];
} else {
$navigation = '<a href="' . $this->u_action . '">' . $user->lang['FORUM_INDEX'] . '</a>';
$forums_nav = get_forum_branch($this->parent_id, 'parents', 'descending');
foreach ($forums_nav as $row) {
if ($row['forum_id'] == $this->parent_id) {
$navigation .= ' -> ' . $row['forum_name'];
} else {
$navigation .= ' -> <a href="' . $this->u_action . '&parent_id=' . $row['forum_id'] . '">' . $row['forum_name'] . '</a>';
}
}
}
// Jumpbox
$forum_box = make_forum_select($this->parent_id, false, false, false, false);
//make_forum_select($this->parent_id);
if ($action == 'sync' || $action == 'sync_forum') {
$template->assign_var('S_RESYNCED', true);
}
$sql = 'SELECT *
FROM ' . FORUMS_TABLE . "\n\t\t\tWHERE parent_id = {$this->parent_id}\n\t\t\tORDER BY left_id";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) {
do {
$forum_type = $row['forum_type'];
if ($row['forum_status'] == ITEM_LOCKED) {
$folder_image = '<img src="images/icon_folder_lock.gif" alt="' . $user->lang['LOCKED'] . '" />';
} else {
switch ($forum_type) {
case FORUM_LINK:
$folder_image = '<img src="images/icon_folder_link.gif" alt="' . $user->lang['LINK'] . '" />';
break;
default:
$folder_image = $row['left_id'] + 1 != $row['right_id'] ? '<img src="images/icon_subfolder.gif" alt="' . $user->lang['SUBFORUM'] . '" />' : '<img src="images/icon_folder.gif" alt="' . $user->lang['FOLDER'] . '" />';
break;
}
}
$url = $this->u_action . "&parent_id={$this->parent_id}&f={$row['forum_id']}";
$template->assign_block_vars('forums', array('FOLDER_IMAGE' => $folder_image, 'FORUM_IMAGE' => $row['forum_image'] ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="" />' : '', 'FORUM_IMAGE_SRC' => $row['forum_image'] ? $phpbb_root_path . $row['forum_image'] : '', 'FORUM_NAME' => $row['forum_name'], 'FORUM_DESCRIPTION' => generate_text_for_display($row['forum_desc'], $row['forum_desc_uid'], $row['forum_desc_bitfield'], $row['forum_desc_options']), 'FORUM_TOPICS' => $row['forum_topics_approved'], 'FORUM_POSTS' => $row['forum_posts_approved'], 'S_FORUM_LINK' => $forum_type == FORUM_LINK ? true : false, 'S_FORUM_POST' => $forum_type == FORUM_POST ? true : false, 'U_FORUM' => $this->u_action . '&parent_id=' . $row['forum_id'], 'U_MOVE_UP' => $url . '&action=move_up', 'U_MOVE_DOWN' => $url . '&action=move_down', 'U_EDIT' => $url . '&action=edit', 'U_DELETE' => $url . '&action=delete', 'U_SYNC' => $url . '&action=sync'));
} while ($row = $db->sql_fetchrow($result));
} else {
if ($this->parent_id) {
$row = $this->get_forum_info($this->parent_id);
$url = $this->u_action . '&parent_id=' . $this->parent_id . '&f=' . $row['forum_id'];
$template->assign_vars(array('S_NO_FORUMS' => true, 'U_EDIT' => $url . '&action=edit', 'U_DELETE' => $url . '&action=delete', 'U_SYNC' => $url . '&action=sync'));
}
}
$db->sql_freeresult($result);
$template->assign_vars(array('ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '', 'NAVIGATION' => $navigation, 'FORUM_BOX' => $forum_box, 'U_SEL_ACTION' => $this->u_action, 'U_ACTION' => $this->u_action . '&parent_id=' . $this->parent_id, 'U_PROGRESS_BAR' => $this->u_action . '&action=progress_bar', 'UA_PROGRESS_BAR' => addslashes($this->u_action . '&action=progress_bar')));
}
/**
* Ajax submit
*
* @param object $event The event object
* @return array
* @access public
*/
public function ajax_submit($event)
{
if ($this->config['qr_ajax_submit'] && $this->request->is_ajax() && $this->request->is_set_post('qr')) {
$json_response = new \phpbb\json_response();
$data = $event['data'];
if (!$this->auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state']) || isset($data['force_approved_state']) && !$data['force_approved_state']) {
// No approve
$json_response->send(array('noapprove' => true, 'MESSAGE_TITLE' => $this->user->lang['INFORMATION'], 'MESSAGE_TEXT' => $this->user->lang['POST_STORED_MOD'] . ($this->user->data['user_id'] == ANONYMOUS ? '' : ' ' . $this->user->lang['POST_APPROVAL_NOTIFY']), 'REFRESH_DATA' => array('time' => 10)));
}
$qr_cur_post_id = $this->request->variable('qr_cur_post_id', 0);
$url_hash = strpos($event['url'], '#');
$result_url = $url_hash !== false ? substr($event['url'], 0, $url_hash) : $event['url'];
$json_response->send(array('success' => true, 'url' => $result_url, 'merged' => $qr_cur_post_id === $data['post_id'] ? 'merged' : 'not_merged'));
}
}
function main($id, $mode)
{
global $db, $user, $auth, $template, $cache, $phpbb_container;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
global $request;
include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx;
include_once $phpbb_root_path . 'includes/acp/auth.' . $phpEx;
$this->auth_admin = new auth_admin();
$user->add_lang('acp/permissions');
add_permission_language();
$this->tpl_name = 'acp_permission_roles';
$submit = isset($_POST['submit']) ? true : false;
$role_id = request_var('role_id', 0);
$action = request_var('action', '');
$action = isset($_POST['add']) ? 'add' : $action;
$form_name = 'acp_permissions';
add_form_key($form_name);
if (!$role_id && in_array($action, array('remove', 'edit', 'move_up', 'move_down'))) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
switch ($mode) {
case 'admin_roles':
$permission_type = 'a_';
$this->page_title = 'ACP_ADMIN_ROLES';
break;
case 'user_roles':
$permission_type = 'u_';
$this->page_title = 'ACP_USER_ROLES';
break;
case 'mod_roles':
$permission_type = 'm_';
$this->page_title = 'ACP_MOD_ROLES';
break;
case 'forum_roles':
$permission_type = 'f_';
$this->page_title = 'ACP_FORUM_ROLES';
break;
default:
trigger_error('NO_MODE', E_USER_ERROR);
break;
}
$template->assign_vars(array('L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN']));
// Take action... admin submitted something
if ($submit || $action == 'remove') {
switch ($action) {
case 'remove':
$sql = 'SELECT *
FROM ' . ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$result = $db->sql_query($sql);
$role_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$role_row) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (confirm_box(true)) {
$this->remove_role($role_id, $permission_type);
$role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name);
trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action));
} else {
confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array('i' => $id, 'mode' => $mode, 'role_id' => $role_id, 'action' => $action)));
}
break;
case 'edit':
// Get role we edit
$sql = 'SELECT *
FROM ' . ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$result = $db->sql_query($sql);
$role_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$role_row) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// no break;
// no break;
case 'add':
if (!check_form_key($form_name)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$role_name = utf8_normalize_nfc(request_var('role_name', '', true));
$role_description = utf8_normalize_nfc(request_var('role_description', '', true));
$auth_settings = request_var('setting', array('' => 0));
if (!$role_name) {
trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (utf8_strlen($role_description) > 4000) {
trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// if we add/edit a role we check the name to be unique among the settings...
$sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\t\tAND role_name = '" . $db->sql_escape($role_name) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Make sure we only print out the error if we add the role or change it's name
if ($row && ($mode == 'add' || $mode == 'edit' && $role_row['role_name'] != $role_name)) {
trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql_ary = array('role_name' => (string) $role_name, 'role_description' => (string) $role_description, 'role_type' => (string) $permission_type);
if ($action == 'edit') {
$sql = 'UPDATE ' . ACL_ROLES_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE role_id = ' . $role_id;
$db->sql_query($sql);
} else {
// Get maximum role order for inserting a new role...
$sql = 'SELECT MAX(role_order) as max_order
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'";
$result = $db->sql_query($sql);
$max_order = (int) $db->sql_fetchfield('max_order');
$db->sql_freeresult($result);
$sql_ary['role_order'] = $max_order + 1;
$sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql);
$role_id = $db->sql_nextid();
}
// Now add the auth settings
$this->auth_admin->acl_set_role($role_id, $auth_settings);
$role_name = !empty($user->lang[$role_name]) ? $user->lang[$role_name] : $role_name;
add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name);
trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action));
break;
}
}
// Display screens
switch ($action) {
case 'add':
$options_from = request_var('options_from', 0);
$role_row = array('role_name' => utf8_normalize_nfc(request_var('role_name', '', true)), 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)), 'role_type' => $permission_type);
if ($options_from) {
$sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
WHERE o.auth_option_id = p.auth_option_id
AND p.role_id = ' . $options_from . '
ORDER BY p.auth_option_id';
$result = $db->sql_query($sql);
$auth_options = array();
while ($row = $db->sql_fetchrow($result)) {
$auth_options[$row['auth_option']] = $row['auth_setting'];
}
$db->sql_freeresult($result);
} else {
$sql = 'SELECT auth_option_id, auth_option
FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "\n\t\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\t\tORDER BY auth_option_id";
$result = $db->sql_query($sql);
$auth_options = array();
while ($row = $db->sql_fetchrow($result)) {
$auth_options[$row['auth_option']] = ACL_NO;
}
$db->sql_freeresult($result);
}
// no break;
// no break;
case 'edit':
if ($action == 'edit') {
$sql = 'SELECT *
FROM ' . ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$result = $db->sql_query($sql);
$role_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
WHERE o.auth_option_id = p.auth_option_id
AND p.role_id = ' . $role_id . '
ORDER BY p.auth_option_id';
$result = $db->sql_query($sql);
$auth_options = array();
while ($row = $db->sql_fetchrow($result)) {
$auth_options[$row['auth_option']] = $row['auth_setting'];
}
$db->sql_freeresult($result);
}
if (!$role_row) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$phpbb_permissions = $phpbb_container->get('acl.permissions');
$template->assign_vars(array('S_EDIT' => true, 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}", 'U_BACK' => $this->u_action, 'ROLE_NAME' => $role_row['role_name'], 'ROLE_DESCRIPTION' => $role_row['role_description'], 'L_ACL_TYPE' => $phpbb_permissions->get_type_lang($permission_type)));
// We need to fill the auth options array with ACL_NO options ;)
$sql = 'SELECT auth_option_id, auth_option
FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "\n\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\tORDER BY auth_option_id";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if (!isset($auth_options[$row['auth_option']])) {
$auth_options[$row['auth_option']] = ACL_NO;
}
}
$db->sql_freeresult($result);
// Unset global permission option
unset($auth_options[$permission_type]);
// Display auth options
$this->display_auth_options($auth_options);
// Get users/groups/forums using this preset...
if ($action == 'edit') {
$hold_ary = $this->auth_admin->get_role_mask($role_id);
if (sizeof($hold_ary)) {
$role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
$template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true, 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)));
$this->auth_admin->display_role_mask($hold_ary);
}
}
return;
break;
case 'move_up':
case 'move_down':
$sql = 'SELECT role_order
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\tWHERE role_id = {$role_id}";
$result = $db->sql_query($sql);
$order = $db->sql_fetchfield('role_order');
$db->sql_freeresult($result);
if ($order === false || $order == 0 && $action == 'move_up') {
break;
}
$order = (int) $order;
$order_total = $order * 2 + ($action == 'move_up' ? -1 : 1);
$sql = 'UPDATE ' . ACL_ROLES_TABLE . '
SET role_order = ' . $order_total . " - role_order\n\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\tAND role_order IN ({$order}, " . ($action == 'move_up' ? $order - 1 : $order + 1) . ')';
$db->sql_query($sql);
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => (bool) $db->sql_affectedrows()));
}
break;
}
// By default, check that role_order is valid and fix it if necessary
$sql = 'SELECT role_id, role_order
FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) {
$order = 0;
do {
$order++;
if ($row['role_order'] != $order) {
$db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = {$order} WHERE role_id = {$row['role_id']}");
}
} while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
// Display assigned items?
$display_item = request_var('display_item', 0);
// Select existing roles
$sql = 'SELECT *
FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC";
$result = $db->sql_query($sql);
$s_role_options = '';
while ($row = $db->sql_fetchrow($result)) {
$role_name = !empty($user->lang[$row['role_name']]) ? $user->lang[$row['role_name']] : $row['role_name'];
$template->assign_block_vars('roles', array('ROLE_NAME' => $role_name, 'ROLE_DESCRIPTION' => !empty($user->lang[$row['role_description']]) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'], 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'], 'U_MOVE_UP' => $this->u_action . '&action=move_up&role_id=' . $row['role_id'], 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&role_id=' . $row['role_id'], 'U_DISPLAY_ITEMS' => $row['role_id'] == $display_item ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to'));
$s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>';
if ($display_item == $row['role_id']) {
$template->assign_vars(array('L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)));
}
}
$db->sql_freeresult($result);
$template->assign_vars(array('S_ROLE_OPTIONS' => $s_role_options));
if ($display_item) {
$template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true));
$hold_ary = $this->auth_admin->get_role_mask($display_item);
$this->auth_admin->display_role_mask($hold_ary);
}
}
/**
* Output the response.
* @param array $data The name of the extension and the status of the process.
* The text of the error can also be provided if the status is 'error'.
*/
protected static function response(array $data)
{
if (objects::$is_ajax) {
$output = new \phpbb\json_response();
$output->send($data);
} else {
if ($data['status'] !== 'error') {
load::details($data['ext_name'], $data['status']);
} else {
files::catch_errors($data['error']);
}
}
}
/**
* Move a rule up/down
*
* @param int $rule_id The rule identifier to move
* @param string $direction The direction (up|down)
* @param int $amount The number of places to move the rule
* @return null
* @access public
*/
public function move_rule($rule_id, $direction, $amount = 1)
{
// If the link hash is invalid, stop and show an error message to the user
if (!check_link_hash($this->request->variable('hash', ''), $direction . $rule_id)) {
trigger_error($this->user->lang('FORM_INVALID') . adm_back_link($this->u_action), E_USER_WARNING);
}
// Move the rule
$this->rule_operator->move($rule_id, $direction, $amount);
// Send a JSON response if an AJAX request was used
if ($this->request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => true));
}
// Initiate and load the rule entity for no AJAX request
/* @var $entity \phpbb\boardrules\entity\rule */
$entity = $this->container->get('phpbb.boardrules.entity')->load($rule_id);
// Use a redirect to reload the current page
redirect("{$this->u_action}&language={$entity->get_language()}&parent_id={$entity->get_parent_id()}");
}
function main($id, $mode)
{
global $db, $user, $auth, $template, $cache, $request, $phpbb_dispatcher;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
$user->add_lang('acp/posting');
// Set up general vars
$action = request_var('action', '');
$bbcode_id = request_var('bbcode', 0);
$this->tpl_name = 'acp_bbcodes';
$this->page_title = 'ACP_BBCODES';
$form_key = 'acp_bbcodes';
add_form_key($form_key);
// Set up mode-specific vars
switch ($action) {
case 'add':
$bbcode_match = $bbcode_tpl = $bbcode_helpline = '';
$display_on_posting = 0;
break;
case 'edit':
$sql = 'SELECT bbcode_match, bbcode_tpl, display_on_posting, bbcode_helpline
FROM ' . BBCODES_TABLE . '
WHERE bbcode_id = ' . $bbcode_id;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$bbcode_match = $row['bbcode_match'];
$bbcode_tpl = htmlspecialchars($row['bbcode_tpl']);
$display_on_posting = $row['display_on_posting'];
$bbcode_helpline = $row['bbcode_helpline'];
break;
case 'modify':
$sql = 'SELECT bbcode_id, bbcode_tag
FROM ' . BBCODES_TABLE . '
WHERE bbcode_id = ' . $bbcode_id;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// No break here
// No break here
case 'create':
$display_on_posting = request_var('display_on_posting', 0);
$bbcode_match = request_var('bbcode_match', '');
$bbcode_tpl = htmlspecialchars_decode(utf8_normalize_nfc(request_var('bbcode_tpl', '', true)));
$bbcode_helpline = utf8_normalize_nfc(request_var('bbcode_helpline', '', true));
break;
}
// Do major work
switch ($action) {
case 'edit':
case 'add':
$tpl_ary = array('S_EDIT_BBCODE' => true, 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=' . ($action == 'add' ? 'create' : 'modify') . ($bbcode_id ? "&bbcode={$bbcode_id}" : ''), 'L_BBCODE_USAGE_EXPLAIN' => sprintf($user->lang['BBCODE_USAGE_EXPLAIN'], '<a href="#down">', '</a>'), 'BBCODE_MATCH' => $bbcode_match, 'BBCODE_TPL' => $bbcode_tpl, 'BBCODE_HELPLINE' => $bbcode_helpline, 'DISPLAY_ON_POSTING' => $display_on_posting);
$bbcode_tokens = array('TEXT', 'SIMPLETEXT', 'INTTEXT', 'IDENTIFIER', 'NUMBER', 'EMAIL', 'URL', 'LOCAL_URL', 'RELATIVE_URL', 'COLOR');
/**
* Modify custom bbcode template data before we display the add/edit form
*
* @event core.acp_bbcodes_edit_add
* @var string action Type of the action: add|edit
* @var array tpl_ary Array with custom bbcode add/edit data
* @var int bbcode_id When editing: the bbcode id,
* when creating: 0
* @var array bbcode_tokens Array of bbcode tokens
* @since 3.1.0-a3
*/
$vars = array('action', 'tpl_ary', 'bbcode_id', 'bbcode_tokens');
extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_edit_add', compact($vars)));
$template->assign_vars($tpl_ary);
foreach ($bbcode_tokens as $token) {
$template->assign_block_vars('token', array('TOKEN' => '{' . $token . '}', 'EXPLAIN' => $token === 'LOCAL_URL' ? $user->lang(array('tokens', $token), generate_board_url() . '/') : $user->lang(array('tokens', $token))));
}
return;
break;
case 'modify':
case 'create':
$sql_ary = $hidden_fields = array();
/**
* Modify custom bbcode data before the modify/create action
*
* @event core.acp_bbcodes_modify_create
* @var string action Type of the action: modify|create
* @var array sql_ary Array with new bbcode data
* @var int bbcode_id When editing: the bbcode id,
* when creating: 0
* @var bool display_on_posting Display bbcode on posting form
* @var string bbcode_match The bbcode usage string to match
* @var string bbcode_tpl The bbcode HTML replacement string
* @var string bbcode_helpline The bbcode help line string
* @var array hidden_fields Array of hidden fields for use when
* submitting form when $warn_text is true
* @since 3.1.0-a3
*/
$vars = array('action', 'sql_ary', 'bbcode_id', 'display_on_posting', 'bbcode_match', 'bbcode_tpl', 'bbcode_helpline', 'hidden_fields');
extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_modify_create', compact($vars)));
$warn_text = preg_match('%<[^>]*\\{text[\\d]*\\}[^>]*>%i', $bbcode_tpl);
if (!$warn_text || confirm_box(true)) {
$data = $this->build_regexp($bbcode_match, $bbcode_tpl);
// Make sure the user didn't pick a "bad" name for the BBCode tag.
$hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash=');
if ($action == 'modify' && strtolower($data['bbcode_tag']) !== strtolower($row['bbcode_tag']) || $action == 'create') {
$sql = 'SELECT 1 as test
FROM ' . BBCODES_TABLE . "\n\t\t\t\t\t\t\tWHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'";
$result = $db->sql_query($sql);
$info = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Grab the end, interrogate the last closing tag
if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded) || preg_match('#\\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded)) {
trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
if (substr($data['bbcode_tag'], -1) === '=') {
$test = substr($data['bbcode_tag'], 0, -1);
} else {
$test = $data['bbcode_tag'];
}
if (!preg_match('%\\[' . $test . '[^]]*].*?\\[/' . $test . ']%s', $bbcode_match)) {
trigger_error($user->lang['BBCODE_OPEN_ENDED_TAG'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (strlen($data['bbcode_tag']) > 16) {
trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (strlen($bbcode_match) > 4000) {
trigger_error($user->lang['BBCODE_TAG_DEF_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (strlen($bbcode_helpline) > 255) {
trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql_ary = array_merge($sql_ary, array('bbcode_tag' => $data['bbcode_tag'], 'bbcode_match' => $bbcode_match, 'bbcode_tpl' => $bbcode_tpl, 'display_on_posting' => $display_on_posting, 'bbcode_helpline' => $bbcode_helpline, 'first_pass_match' => $data['first_pass_match'], 'first_pass_replace' => $data['first_pass_replace'], 'second_pass_match' => $data['second_pass_match'], 'second_pass_replace' => $data['second_pass_replace']));
if ($action == 'create') {
$sql = 'SELECT MAX(bbcode_id) as max_bbcode_id
FROM ' . BBCODES_TABLE;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
$bbcode_id = $row['max_bbcode_id'] + 1;
// Make sure it is greater than the core bbcode ids...
if ($bbcode_id <= NUM_CORE_BBCODES) {
$bbcode_id = NUM_CORE_BBCODES + 1;
}
} else {
$bbcode_id = NUM_CORE_BBCODES + 1;
}
if ($bbcode_id > BBCODE_LIMIT) {
trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql_ary['bbcode_id'] = (int) $bbcode_id;
$db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary));
$cache->destroy('sql', BBCODES_TABLE);
$lang = 'BBCODE_ADDED';
$log_action = 'LOG_BBCODE_ADD';
} else {
$sql = 'UPDATE ' . BBCODES_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE bbcode_id = ' . $bbcode_id;
$db->sql_query($sql);
$cache->destroy('sql', BBCODES_TABLE);
$lang = 'BBCODE_EDITED';
$log_action = 'LOG_BBCODE_EDIT';
}
add_log('admin', $log_action, $data['bbcode_tag']);
trigger_error($user->lang[$lang] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang['BBCODE_DANGER'], build_hidden_fields(array_merge($hidden_fields, array('action' => $action, 'bbcode' => $bbcode_id, 'bbcode_match' => $bbcode_match, 'bbcode_tpl' => htmlspecialchars($bbcode_tpl), 'bbcode_helpline' => $bbcode_helpline, 'display_on_posting' => $display_on_posting))), 'confirm_bbcode.html');
}
break;
case 'delete':
$sql = 'SELECT bbcode_tag
FROM ' . BBCODES_TABLE . "\n\t\t\t\t\tWHERE bbcode_id = {$bbcode_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
if (confirm_box(true)) {
$db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = {$bbcode_id}");
$cache->destroy('sql', BBCODES_TABLE);
add_log('admin', 'LOG_BBCODE_DELETE', $row['bbcode_tag']);
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['BBCODE_DELETED'], 'REFRESH_DATA' => array('time' => 3)));
}
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('bbcode' => $bbcode_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
}
break;
}
$u_action = $this->u_action;
$template_data = array('U_ACTION' => $this->u_action . '&action=add');
$sql_ary = array('SELECT' => 'b.*', 'FROM' => array(BBCODES_TABLE => 'b'), 'ORDER_BY' => 'b.bbcode_tag');
/**
* Modify custom bbcode template data before we display the form
*
* @event core.acp_bbcodes_display_form
* @var string action Type of the action: modify|create
* @var string sql_ary The SQL array to get custom bbcode data
* @var array template_data Array with form template data
* @var string u_action The u_action link
* @since 3.1.0-a3
*/
$vars = array('action', 'sql_ary', 'template_data', 'u_action');
extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_display_form', compact($vars)));
$result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));
$template->assign_vars($template_data);
while ($row = $db->sql_fetchrow($result)) {
$bbcodes_array = array('BBCODE_TAG' => $row['bbcode_tag'], 'U_EDIT' => $u_action . '&action=edit&bbcode=' . $row['bbcode_id'], 'U_DELETE' => $u_action . '&action=delete&bbcode=' . $row['bbcode_id']);
/**
* Modify display of custom bbcodes in the form
*
* @event core.acp_bbcodes_display_bbcodes
* @var array row Array with current bbcode data
* @var array bbcodes_array Array of bbcodes template data
* @var string u_action The u_action link
* @since 3.1.0-a3
*/
$vars = array('bbcodes_array', 'row', 'u_action');
extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_display_bbcodes', compact($vars)));
$template->assign_block_vars('bbcodes', $bbcodes_array);
}
$db->sql_freeresult($result);
}
function main($id, $mode)
{
global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config, $request;
if (!$user->data['is_registered']) {
trigger_error('NO_MESSAGE');
}
// Is PM disabled?
if (!$config['allow_privmsg']) {
trigger_error('PM_DISABLED');
}
$user->add_lang('posting');
$template->assign_var('S_PRIVMSGS', true);
// Folder directly specified?
$folder_specified = $request->variable('folder', '');
if (!in_array($folder_specified, array('inbox', 'outbox', 'sentbox'))) {
$folder_specified = (int) $folder_specified;
} else {
$folder_specified = $folder_specified == 'inbox' ? PRIVMSGS_INBOX : ($folder_specified == 'outbox' ? PRIVMSGS_OUTBOX : PRIVMSGS_SENTBOX);
}
if (!$folder_specified) {
$mode = !$mode ? $request->variable('mode', 'view') : $mode;
} else {
$mode = 'view';
}
include $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx;
switch ($mode) {
// Compose message
case 'compose':
$action = $request->variable('action', 'post');
$user_folders = get_folder($user->data['user_id']);
if ($action != 'delete' && !$auth->acl_get('u_sendpm')) {
// trigger_error('NO_AUTH_SEND_MESSAGE');
$template->assign_vars(array('S_NO_AUTH_SEND_MESSAGE' => true, 'S_COMPOSE_PM_VIEW' => true));
$tpl_file = 'ucp_pm_viewfolder';
break;
}
include $phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx;
compose_pm($id, $mode, $action, $user_folders);
$tpl_file = 'posting_body';
break;
case 'options':
set_user_message_limit();
get_folder($user->data['user_id']);
include $phpbb_root_path . 'includes/ucp/ucp_pm_options.' . $phpEx;
message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions);
$tpl_file = 'ucp_pm_options';
break;
case 'drafts':
get_folder($user->data['user_id']);
$this->p_name = 'pm';
// Call another module... please do not try this at home... Hoochie Coochie Man
include $phpbb_root_path . 'includes/ucp/ucp_main.' . $phpEx;
$module = new ucp_main($this);
$module->u_action = $this->u_action;
$module->main($id, $mode);
$this->tpl_name = $module->tpl_name;
$this->page_title = 'UCP_PM_DRAFTS';
unset($module);
return;
break;
case 'view':
set_user_message_limit();
if ($folder_specified) {
$folder_id = $folder_specified;
$action = 'view_folder';
} else {
$folder_id = $request->variable('f', PRIVMSGS_NO_BOX);
$action = $request->variable('action', 'view_folder');
}
$msg_id = $request->variable('p', 0);
$view = $request->variable('view', '');
// View message if specified
if ($msg_id) {
$action = 'view_message';
}
if (!$auth->acl_get('u_readpm')) {
trigger_error('NO_AUTH_READ_MESSAGE');
}
// Do not allow hold messages to be seen
if ($folder_id == PRIVMSGS_HOLD_BOX) {
trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
}
// First Handle Mark actions and moving messages
$submit_mark = isset($_POST['submit_mark']) ? true : false;
$move_pm = isset($_POST['move_pm']) ? true : false;
$mark_option = $request->variable('mark_option', '');
$dest_folder = $request->variable('dest_folder', PRIVMSGS_NO_BOX);
// Is moving PM triggered through mark options?
if (!in_array($mark_option, array('mark_important', 'delete_marked')) && $submit_mark) {
$move_pm = true;
$dest_folder = (int) $mark_option;
$submit_mark = false;
}
// Move PM
if ($move_pm) {
$move_msg_ids = isset($_POST['marked_msg_id']) ? $request->variable('marked_msg_id', array(0)) : array();
$cur_folder_id = $request->variable('cur_folder_id', PRIVMSGS_NO_BOX);
if (move_pm($user->data['user_id'], $user->data['message_limit'], $move_msg_ids, $dest_folder, $cur_folder_id)) {
// Return to folder view if single message moved
if ($action == 'view_message') {
$msg_id = 0;
$folder_id = $request->variable('cur_folder_id', PRIVMSGS_NO_BOX);
$action = 'view_folder';
}
}
}
// Message Mark Options
if ($submit_mark) {
handle_mark_actions($user->data['user_id'], $mark_option);
}
// If new messages arrived, place them into the appropriate folder
$num_not_moved = $num_removed = 0;
$release = $request->variable('release', 0);
if ($user->data['user_new_privmsg'] && ($action == 'view_folder' || $action == 'view_message')) {
$return = place_pm_into_folder($global_privmsgs_rules, $release);
$num_not_moved = $return['not_moved'];
$num_removed = $return['removed'];
}
if (!$msg_id && $folder_id == PRIVMSGS_NO_BOX) {
$folder_id = PRIVMSGS_INBOX;
} else {
if ($msg_id && $folder_id == PRIVMSGS_NO_BOX) {
$sql = 'SELECT folder_id
FROM ' . PRIVMSGS_TO_TABLE . "\n\t\t\t\t\t\tWHERE msg_id = {$msg_id}\n\t\t\t\t\t\t\tAND folder_id <> " . PRIVMSGS_NO_BOX . '
AND user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error('NO_MESSAGE');
}
$folder_id = (int) $row['folder_id'];
}
}
if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read')) {
mark_folder_read($user->data['user_id'], $folder_id);
meta_refresh(3, $this->u_action);
$message = $user->lang['PM_MARK_ALL_READ_SUCCESS'];
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'success' => true));
}
$message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>');
trigger_error($message);
}
$message_row = array();
if ($action == 'view_message' && $msg_id) {
// Get Message user want to see
if ($view == 'next' || $view == 'previous') {
$sql_condition = $view == 'next' ? '>' : '<';
$sql_ordering = $view == 'next' ? 'ASC' : 'DESC';
$sql = 'SELECT t.msg_id
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TABLE . " p2\n\t\t\t\t\t\t\tWHERE p2.msg_id = {$msg_id}\n\t\t\t\t\t\t\t\tAND t.folder_id = {$folder_id}\n\t\t\t\t\t\t\t\tAND t.user_id = " . $user->data['user_id'] . "\n\t\t\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\t\t\tAND p.message_time {$sql_condition} p2.message_time\n\t\t\t\t\t\t\tORDER BY p.message_time {$sql_ordering}";
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
$message = $view == 'next' ? 'NO_NEWER_PM' : 'NO_OLDER_PM';
trigger_error($message);
} else {
$msg_id = $row['msg_id'];
}
}
$sql = 'SELECT t.*, p.*, u.*
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE t.user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\t\tAND t.folder_id = {$folder_id}\n\t\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\t\tAND p.msg_id = {$msg_id}";
$result = $db->sql_query($sql);
$message_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$message_row) {
trigger_error('NO_MESSAGE');
}
// Update unread status
update_unread_status($message_row['pm_unread'], $message_row['msg_id'], $user->data['user_id'], $folder_id);
}
$folder = get_folder($user->data['user_id'], $folder_id);
$s_folder_options = $s_to_folder_options = '';
foreach ($folder as $f_id => $folder_ary) {
$option = '<option' . (!in_array($f_id, array(PRIVMSGS_INBOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX)) ? ' class="sep"' : '') . ' value="' . $f_id . '"' . ($f_id == $folder_id ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ($folder_ary['unread_messages'] ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . '</option>';
$s_to_folder_options .= $f_id != PRIVMSGS_OUTBOX && $f_id != PRIVMSGS_SENTBOX ? $option : '';
$s_folder_options .= $option;
}
clean_sentbox($folder[PRIVMSGS_SENTBOX]['num_messages']);
// Header for message view - folder and so on
$folder_status = get_folder_status($folder_id, $folder);
$template->assign_vars(array('CUR_FOLDER_ID' => $folder_id, 'CUR_FOLDER_NAME' => $folder_status['folder_name'], 'NUM_NOT_MOVED' => $num_not_moved, 'NUM_REMOVED' => $num_removed, 'RELEASE_MESSAGE_INFO' => sprintf($user->lang['RELEASE_MESSAGES'], '<a href="' . $this->u_action . '&folder=' . $folder_id . '&release=1">', '</a>'), 'NOT_MOVED_MESSAGES' => $user->lang('NOT_MOVED_MESSAGES', (int) $num_not_moved), 'RULE_REMOVED_MESSAGES' => $user->lang('RULE_REMOVED_MESSAGES', (int) $num_removed), 'S_FOLDER_OPTIONS' => $s_folder_options, 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, 'S_FOLDER_ACTION' => $this->u_action . '&action=view_folder', 'S_PM_ACTION' => $this->u_action . '&action=' . $action, 'U_INBOX' => $this->u_action . '&folder=inbox', 'U_OUTBOX' => $this->u_action . '&folder=outbox', 'U_SENTBOX' => $this->u_action . '&folder=sentbox', 'U_CREATE_FOLDER' => $this->u_action . '&mode=options', 'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id, 'U_MARK_ALL' => $this->u_action . '&folder=' . $folder_id . '&mark=all&token=' . generate_link_hash('mark_all_pms_read'), 'S_IN_INBOX' => $folder_id == PRIVMSGS_INBOX ? true : false, 'S_IN_OUTBOX' => $folder_id == PRIVMSGS_OUTBOX ? true : false, 'S_IN_SENTBOX' => $folder_id == PRIVMSGS_SENTBOX ? true : false, 'FOLDER_STATUS' => $folder_status['message'], 'FOLDER_MAX_MESSAGES' => $folder_status['max'], 'FOLDER_CUR_MESSAGES' => $folder_status['cur'], 'FOLDER_REMAINING_MESSAGES' => $folder_status['remaining'], 'FOLDER_PERCENT' => $folder_status['percent']));
if ($action == 'view_folder') {
include $phpbb_root_path . 'includes/ucp/ucp_pm_viewfolder.' . $phpEx;
view_folder($id, $mode, $folder_id, $folder);
$tpl_file = 'ucp_pm_viewfolder';
} else {
if ($action == 'view_message') {
$template->assign_vars(array('S_VIEW_MESSAGE' => true, 'L_RETURN_TO_FOLDER' => $user->lang('RETURN_TO', $folder_status['folder_name']), 'MSG_ID' => $msg_id));
if (!$msg_id) {
trigger_error('NO_MESSAGE');
}
include $phpbb_root_path . 'includes/ucp/ucp_pm_viewmessage.' . $phpEx;
view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row);
$tpl_file = $view == 'print' ? 'ucp_pm_viewmessage_print' : 'ucp_pm_viewmessage';
}
}
break;
default:
trigger_error('NO_ACTION_MODE', E_USER_ERROR);
break;
}
$template->assign_vars(array('L_TITLE' => $user->lang['UCP_PM_' . strtoupper($mode)], 'S_UCP_ACTION' => $this->u_action . (isset($action) ? "&action={$action}" : '')));
// Set desired template
$this->tpl_name = $tpl_file;
$this->page_title = 'UCP_PM_' . strtoupper($mode);
}
/**
* Sends an error message back to the client via JSON response
*
* @param int $code The error code
* @param string $msg The translation string of the message to be sent
*
* @return null
*/
public function emit_error($code, $msg)
{
$json_response = new \phpbb\json_response();
$json_response->send(array('jsonrpc' => '2.0', 'id' => 'id', 'error' => array('code' => $code, 'message' => $this->user->lang($msg))));
}
* form submission.
* NOTE: Should be actual language strings, NOT
* language keys.
* @var bool is_authed Does the user have the required permissions?
* @since 3.1.3-RC1
*/
$vars = array('post_id', 'topic_id', 'forum_id', 'draft_id', 'lastclick', 'submit', 'preview', 'save', 'load', 'refresh', 'mode', 'error', 'is_authed');
extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars)));
if (!$is_authed) {
$check_auth = $mode == 'quote' ? 'reply' : $mode;
if ($user->data['is_registered']) {
trigger_error('USER_CANNOT_' . strtoupper($check_auth));
}
$message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)];
if ($request->is_ajax()) {
$json = new phpbb\json_response();
$json->send(array('title' => $user->lang['INFORMATION'], 'message' => $message));
}
login_box('', $message);
}
// Is the user able to post within this forum?
if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) {
trigger_error('USER_CANNOT_FORUM_POST');
}
// Forum/Topic locked?
if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) {
trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
}
// Can we edit this post ... if we're a moderator with rights then always yes
// else it depends on editing times, lock status and if we're the correct user
if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) {
/**
* Update BBCode order fields in the db on drag_drop
*
* @return null
* @access public
*/
public function drag_drop()
{
if (!$this->request->is_ajax()) {
return;
}
// Get the bbcodes html table's name
$tablename = $this->request->variable('tablename', '');
// Fetch the posted list
$bbcodes_list = $this->request->variable($tablename, array(0 => ''));
$this->db->sql_transaction('begin');
// Run through the list
foreach ($bbcodes_list as $order => $bbcode_id) {
// First one is the header, skip it
if ($order == 0) {
continue;
}
// Update the db
$sql = 'UPDATE ' . BBCODES_TABLE . '
SET bbcode_order = ' . $order . '
WHERE bbcode_id = ' . (int) $bbcode_id;
$this->db->sql_query($sql);
}
$this->db->sql_transaction('commit');
// Resync bbcode_order
$this->resynchronize_bbcode_order();
// return an AJAX JSON response
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => true));
}
function main($id, $mode)
{
global $db, $user, $template, $cache;
global $config, $phpbb_root_path;
global $request, $phpbb_container;
$user->add_lang('acp/posting');
// Set up general vars
$action = $request->variable('action', '');
$action = isset($_POST['add']) ? 'add' : $action;
$action = isset($_POST['edit']) ? 'edit' : $action;
$action = isset($_POST['import']) ? 'import' : $action;
$icon_id = $request->variable('id', 0);
$submit = $request->is_set_post('submit', false);
$form_key = 'acp_icons';
add_form_key($form_key);
$mode = $mode == 'smilies' ? 'smilies' : 'icons';
$this->tpl_name = 'acp_icons';
// What are we working on?
switch ($mode) {
case 'smilies':
$table = SMILIES_TABLE;
$lang = 'SMILIES';
$fields = 'smiley';
$img_path = $config['smilies_path'];
break;
case 'icons':
$table = ICONS_TABLE;
$lang = 'ICONS';
$fields = 'icons';
$img_path = $config['icons_path'];
break;
}
$this->page_title = 'ACP_' . $lang;
// Clear some arrays
$_images = $_paks = array();
$notice = '';
// Grab file list of paks and images
if ($action == 'edit' || $action == 'add' || $action == 'import') {
$imglist = filelist($phpbb_root_path . $img_path, '');
foreach ($imglist as $path => $img_ary) {
if (empty($img_ary)) {
continue;
}
asort($img_ary, SORT_STRING);
foreach ($img_ary as $img) {
$img_size = getimagesize($phpbb_root_path . $img_path . '/' . $path . $img);
if (!$img_size[0] || !$img_size[1] || strlen($img) > 255) {
continue;
}
// adjust the width and height to be lower than 128px while perserving the aspect ratio (for icons)
if ($mode == 'icons') {
if ($img_size[0] > 127 && $img_size[0] > $img_size[1]) {
$img_size[1] = (int) ($img_size[1] * (127 / $img_size[0]));
$img_size[0] = 127;
} else {
if ($img_size[1] > 127) {
$img_size[0] = (int) ($img_size[0] * (127 / $img_size[1]));
$img_size[1] = 127;
}
}
}
$_images[$path . $img]['file'] = $path . $img;
$_images[$path . $img]['width'] = $img_size[0];
$_images[$path . $img]['height'] = $img_size[1];
}
}
unset($imglist);
if ($dir = @opendir($phpbb_root_path . $img_path)) {
while (($file = readdir($dir)) !== false) {
if (is_file($phpbb_root_path . $img_path . '/' . $file) && preg_match('#\\.pak$#i', $file)) {
$_paks[] = $file;
}
}
closedir($dir);
if (!empty($_paks)) {
asort($_paks, SORT_STRING);
}
}
}
// What shall we do today? Oops, I believe that's trademarked ...
switch ($action) {
case 'edit':
unset($_images);
$_images = array();
// no break;
// no break;
case 'add':
$smilies = $default_row = array();
$smiley_options = $order_list = $add_order_list = '';
if ($action == 'add' && $mode == 'smilies') {
$sql = 'SELECT *
FROM ' . SMILIES_TABLE . '
ORDER BY smiley_order';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if (empty($smilies[$row['smiley_url']])) {
$smilies[$row['smiley_url']] = $row;
}
}
$db->sql_freeresult($result);
if (sizeof($smilies)) {
foreach ($smilies as $row) {
$selected = false;
if (!$smiley_options) {
$selected = true;
$default_row = $row;
}
$smiley_options .= '<option value="' . $row['smiley_url'] . '"' . ($selected ? ' selected="selected"' : '') . '>' . $row['smiley_url'] . '</option>';
$template->assign_block_vars('smile', array('SMILEY_URL' => addslashes($row['smiley_url']), 'CODE' => addslashes($row['code']), 'EMOTION' => addslashes($row['emotion']), 'WIDTH' => $row['smiley_width'], 'HEIGHT' => $row['smiley_height'], 'ORDER' => $row['smiley_order'] + 1));
}
}
}
$sql = "SELECT *\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tORDER BY {$fields}_order " . ($icon_id || $action == 'add' ? 'DESC' : 'ASC');
$result = $db->sql_query($sql);
$data = array();
$after = false;
$order_lists = array('', '');
$add_order_lists = array('', '');
$display_count = 0;
while ($row = $db->sql_fetchrow($result)) {
if ($action == 'add') {
unset($_images[$row[$fields . '_url']]);
}
if ($row[$fields . '_id'] == $icon_id) {
$after = true;
$data[$row[$fields . '_url']] = $row;
} else {
if ($action == 'edit' && !$icon_id) {
$data[$row[$fields . '_url']] = $row;
}
$selected = '';
if (!empty($after)) {
$selected = ' selected="selected"';
$after = false;
}
if ($row['display_on_posting']) {
$display_count++;
}
$after_txt = $mode == 'smilies' ? $row['code'] : $row['icons_url'];
$order_lists[$row['display_on_posting']] = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . $selected . '>' . sprintf($user->lang['AFTER_' . $lang], ' -> ' . $after_txt) . '</option>' . $order_lists[$row['display_on_posting']];
if (!empty($default_row)) {
$add_order_lists[$row['display_on_posting']] = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . ($row[$fields . '_id'] == $default_row['smiley_id'] ? ' selected="selected"' : '') . '>' . sprintf($user->lang['AFTER_' . $lang], ' -> ' . $after_txt) . '</option>' . $add_order_lists[$row['display_on_posting']];
}
}
}
$db->sql_freeresult($result);
$order_list = '<option value="1"' . (!isset($after) ? ' selected="selected"' : '') . '>' . $user->lang['FIRST'] . '</option>';
$add_order_list = '<option value="1">' . $user->lang['FIRST'] . '</option>';
if ($action == 'add') {
$data = $_images;
}
$colspan = $mode == 'smilies' ? 7 : 6;
$colspan += $icon_id ? 1 : 0;
$colspan += $action == 'add' ? 2 : 0;
$template->assign_vars(array('S_EDIT' => true, 'S_SMILIES' => $mode == 'smilies' ? true : false, 'S_ADD' => $action == 'add' ? true : false, 'S_ORDER_LIST_DISPLAY' => $order_list . $order_lists[1], 'S_ORDER_LIST_UNDISPLAY' => $order_list . $order_lists[0], 'S_ORDER_LIST_DISPLAY_COUNT' => $display_count + 1, 'L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_CONFIG' => $user->lang[$lang . '_CONFIG'], 'L_URL' => $user->lang[$lang . '_URL'], 'L_LOCATION' => $user->lang[$lang . '_LOCATION'], 'L_WIDTH' => $user->lang[$lang . '_WIDTH'], 'L_HEIGHT' => $user->lang[$lang . '_HEIGHT'], 'L_ORDER' => $user->lang[$lang . '_ORDER'], 'L_NO_ICONS' => $user->lang['NO_' . $lang . '_' . strtoupper($action)], 'COLSPAN' => $colspan, 'ID' => $icon_id, 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=' . ($action == 'add' ? 'create' : 'modify')));
foreach ($data as $img => $img_row) {
$template->assign_block_vars('items', array('IMG' => $img, 'A_IMG' => addslashes($img), 'IMG_SRC' => $phpbb_root_path . $img_path . '/' . $img, 'CODE' => $mode == 'smilies' && isset($img_row['code']) ? $img_row['code'] : '', 'EMOTION' => $mode == 'smilies' && isset($img_row['emotion']) ? $img_row['emotion'] : '', 'S_ID' => isset($img_row[$fields . '_id']) ? true : false, 'ID' => isset($img_row[$fields . '_id']) ? $img_row[$fields . '_id'] : 0, 'WIDTH' => !empty($img_row[$fields . '_width']) ? $img_row[$fields . '_width'] : $img_row['width'], 'HEIGHT' => !empty($img_row[$fields . '_height']) ? $img_row[$fields . '_height'] : $img_row['height'], 'TEXT_ALT' => $mode == 'icons' && !empty($img_row['icons_alt']) ? $img_row['icons_alt'] : $img, 'ALT' => $mode == 'icons' && !empty($img_row['icons_alt']) ? $img_row['icons_alt'] : '', 'POSTING_CHECKED' => !empty($img_row['display_on_posting']) || $action == 'add' ? ' checked="checked"' : ''));
}
// Ok, another row for adding an addition code for a pre-existing image...
if ($action == 'add' && $mode == 'smilies' && sizeof($smilies)) {
$template->assign_vars(array('S_ADD_CODE' => true, 'S_IMG_OPTIONS' => $smiley_options, 'S_ADD_ORDER_LIST_DISPLAY' => $add_order_list . $add_order_lists[1], 'S_ADD_ORDER_LIST_UNDISPLAY' => $add_order_list . $add_order_lists[0], 'IMG_SRC' => $phpbb_root_path . $img_path . '/' . $default_row['smiley_url'], 'IMG_PATH' => $img_path, 'CODE' => $default_row['code'], 'EMOTION' => $default_row['emotion'], 'WIDTH' => $default_row['smiley_width'], 'HEIGHT' => $default_row['smiley_height']));
}
return;
break;
case 'create':
case 'modify':
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Get items to create/modify
$images = isset($_POST['image']) ? array_keys($request->variable('image', array('' => 0))) : array();
// Now really get the items
$image_id = isset($_POST['id']) ? $request->variable('id', array('' => 0)) : array();
$image_order = isset($_POST['order']) ? $request->variable('order', array('' => 0)) : array();
$image_width = isset($_POST['width']) ? $request->variable('width', array('' => 0)) : array();
$image_height = isset($_POST['height']) ? $request->variable('height', array('' => 0)) : array();
$image_add = isset($_POST['add_img']) ? $request->variable('add_img', array('' => 0)) : array();
$image_emotion = $request->variable('emotion', array('' => ''), true);
$image_code = $request->variable('code', array('' => ''), true);
$image_alt = $request->is_set_post('alt') ? $request->variable('alt', array('' => ''), true) : array();
$image_display_on_posting = isset($_POST['display_on_posting']) ? $request->variable('display_on_posting', array('' => 0)) : array();
// Ok, add the relevant bits if we are adding new codes to existing emoticons...
if ($request->variable('add_additional_code', false, false, \phpbb\request\request_interface::POST)) {
$add_image = $request->variable('add_image', '');
$add_code = $request->variable('add_code', '', true);
$add_emotion = $request->variable('add_emotion', '', true);
if ($add_image && $add_emotion && $add_code) {
$images[] = $add_image;
$image_add[$add_image] = true;
$image_code[$add_image] = $add_code;
$image_emotion[$add_image] = $add_emotion;
$image_width[$add_image] = $request->variable('add_width', 0);
$image_height[$add_image] = $request->variable('add_height', 0);
if ($request->variable('add_display_on_posting', false, false, \phpbb\request\request_interface::POST)) {
$image_display_on_posting[$add_image] = 1;
}
$image_order[$add_image] = $request->variable('add_order', 0);
}
}
if ($mode == 'smilies' && $action == 'create') {
$smiley_count = $this->item_count($table);
$addable_smileys_count = sizeof($images);
foreach ($images as $image) {
if (!isset($image_add[$image])) {
--$addable_smileys_count;
}
}
if ($smiley_count + $addable_smileys_count > SMILEY_LIMIT) {
trigger_error($user->lang('TOO_MANY_SMILIES', SMILEY_LIMIT) . adm_back_link($this->u_action), E_USER_WARNING);
}
}
$icons_updated = 0;
$errors = array();
foreach ($images as $image) {
if ($mode == 'smilies' && ($image_emotion[$image] == '' || $image_code[$image] == '')) {
$errors[$image] = 'SMILIE_NO_' . ($image_emotion[$image] == '' ? 'EMOTION' : 'CODE');
} else {
if ($action == 'create' && !isset($image_add[$image])) {
// skip images where add wasn't checked
} else {
if (!file_exists($phpbb_root_path . $img_path . '/' . $image)) {
$errors[$image] = 'SMILIE_NO_FILE';
} else {
if ($image_width[$image] == 0 || $image_height[$image] == 0) {
$img_size = getimagesize($phpbb_root_path . $img_path . '/' . $image);
$image_width[$image] = $img_size[0];
$image_height[$image] = $img_size[1];
}
// Adjust image width/height for icons
if ($mode == 'icons') {
if ($image_width[$image] > 127 && $image_width[$image] > $image_height[$image]) {
$image_height[$image] = (int) ($image_height[$image] * (127 / $image_width[$image]));
$image_width[$image] = 127;
} else {
if ($image_height[$image] > 127) {
$image_width[$image] = (int) ($image_width[$image] * (127 / $image_height[$image]));
$image_height[$image] = 127;
}
}
}
$img_sql = array($fields . '_url' => $image, $fields . '_width' => $image_width[$image], $fields . '_height' => $image_height[$image], 'display_on_posting' => isset($image_display_on_posting[$image]) ? 1 : 0);
if ($mode == 'smilies') {
$img_sql = array_merge($img_sql, array('emotion' => $image_emotion[$image], 'code' => $image_code[$image]));
}
if ($mode == 'icons') {
$img_sql = array_merge($img_sql, array('icons_alt' => $image_alt[$image]));
}
// Image_order holds the 'new' order value
if (!empty($image_order[$image])) {
$img_sql = array_merge($img_sql, array($fields . '_order' => $image_order[$image]));
// Since we always add 'after' an item, we just need to increase all following + the current by one
$sql = "UPDATE {$table}\n\t\t\t\t\t\t\t\tSET {$fields}_order = {$fields}_order + 1\n\t\t\t\t\t\t\t\tWHERE {$fields}_order >= {$image_order[$image]}";
$db->sql_query($sql);
// If we adjust the order, we need to adjust all other orders too - they became inaccurate...
foreach ($image_order as $_image => $_order) {
if ($_image == $image) {
continue;
}
if ($_order >= $image_order[$image]) {
$image_order[$_image]++;
}
}
}
if ($action == 'modify' && !empty($image_id[$image])) {
$sql = "UPDATE {$table}\n\t\t\t\t\t\t\t\tSET " . $db->sql_build_array('UPDATE', $img_sql) . "\n\t\t\t\t\t\t\t\tWHERE {$fields}_id = " . $image_id[$image];
$db->sql_query($sql);
$icons_updated++;
} else {
if ($action !== 'modify') {
$sql = "INSERT INTO {$table} " . $db->sql_build_array('INSERT', $img_sql);
$db->sql_query($sql);
$icons_updated++;
}
}
}
}
}
}
$cache->destroy('_icons');
$cache->destroy('sql', $table);
$phpbb_container->get('text_formatter.cache')->invalidate();
$level = $icons_updated ? E_USER_NOTICE : E_USER_WARNING;
$errormsgs = '';
foreach ($errors as $img => $error) {
$errormsgs .= '<br />' . sprintf($user->lang[$error], $img);
}
if ($action == 'modify') {
trigger_error($user->lang($lang . '_EDITED', $icons_updated) . $errormsgs . adm_back_link($this->u_action), $level);
} else {
trigger_error($user->lang($lang . '_ADDED', $icons_updated) . $errormsgs . adm_back_link($this->u_action), $level);
}
break;
case 'import':
$pak = $request->variable('pak', '');
$current = $request->variable('current', '');
if ($pak != '') {
$order = 0;
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!($pak_ary = @file($phpbb_root_path . $img_path . '/' . $pak))) {
trigger_error($user->lang['PAK_FILE_NOT_READABLE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Make sure the pak_ary is valid
foreach ($pak_ary as $pak_entry) {
if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data)) {
if (sizeof($data[1]) != 4 && $mode == 'icons' || (sizeof($data[1]) != 6 || (empty($data[1][4]) || empty($data[1][5]))) && $mode == 'smilies') {
trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
} else {
trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
// The user has already selected a smilies_pak file
if ($current == 'delete') {
switch ($db->get_sql_layer()) {
case 'sqlite3':
$db->sql_query('DELETE FROM ' . $table);
break;
default:
$db->sql_query('TRUNCATE TABLE ' . $table);
break;
}
switch ($mode) {
case 'smilies':
break;
case 'icons':
// Reset all icon_ids
$db->sql_query('UPDATE ' . TOPICS_TABLE . ' SET icon_id = 0');
$db->sql_query('UPDATE ' . POSTS_TABLE . ' SET icon_id = 0');
break;
}
} else {
$cur_img = array();
$field_sql = $mode == 'smilies' ? 'code' : 'icons_url';
$sql = "SELECT {$field_sql}\n\t\t\t\t\t\t\tFROM {$table}";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
++$order;
$cur_img[$row[$field_sql]] = 1;
}
$db->sql_freeresult($result);
}
if ($mode == 'smilies') {
$smiley_count = $this->item_count($table);
if ($smiley_count + sizeof($pak_ary) > SMILEY_LIMIT) {
trigger_error($user->lang('TOO_MANY_SMILIES', SMILEY_LIMIT) . adm_back_link($this->u_action), E_USER_WARNING);
}
}
foreach ($pak_ary as $pak_entry) {
$data = array();
if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data)) {
if (sizeof($data[1]) != 4 && $mode == 'icons' || sizeof($data[1]) != 6 && $mode == 'smilies') {
trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Stripslash here because it got addslashed before... (on export)
$img = stripslashes($data[1][0]);
$width = stripslashes($data[1][1]);
$height = stripslashes($data[1][2]);
$display_on_posting = stripslashes($data[1][3]);
if (isset($data[1][4]) && isset($data[1][5])) {
$emotion = stripslashes($data[1][4]);
$code = stripslashes($data[1][5]);
}
if ($current == 'replace' && ($mode == 'smilies' && !empty($cur_img[$code]) || $mode == 'icons' && !empty($cur_img[$img]))) {
$replace_sql = $mode == 'smilies' ? $code : $img;
$sql = array($fields . '_url' => $img, $fields . '_height' => (int) $height, $fields . '_width' => (int) $width, 'display_on_posting' => (int) $display_on_posting);
if ($mode == 'smilies') {
$sql = array_merge($sql, array('emotion' => $emotion));
}
$sql = "UPDATE {$table} SET " . $db->sql_build_array('UPDATE', $sql) . "\n\t\t\t\t\t\t\t\t\tWHERE {$field_sql} = '" . $db->sql_escape($replace_sql) . "'";
$db->sql_query($sql);
} else {
++$order;
$sql = array($fields . '_url' => $img, $fields . '_height' => (int) $height, $fields . '_width' => (int) $width, $fields . '_order' => (int) $order, 'display_on_posting' => (int) $display_on_posting);
if ($mode == 'smilies') {
$sql = array_merge($sql, array('code' => $code, 'emotion' => $emotion));
}
$db->sql_query("INSERT INTO {$table} " . $db->sql_build_array('INSERT', $sql));
}
}
}
$cache->destroy('_icons');
$cache->destroy('sql', $table);
$phpbb_container->get('text_formatter.cache')->invalidate();
trigger_error($user->lang[$lang . '_IMPORT_SUCCESS'] . adm_back_link($this->u_action));
} else {
$pak_options = '';
foreach ($_paks as $pak) {
$pak_options .= '<option value="' . $pak . '">' . htmlspecialchars($pak) . '</option>';
}
$template->assign_vars(array('S_CHOOSE_PAK' => true, 'S_PAK_OPTIONS' => $pak_options, 'L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_NO_PAK_OPTIONS' => $user->lang['NO_' . $lang . '_PAK'], 'L_CURRENT' => $user->lang['CURRENT_' . $lang], 'L_CURRENT_EXPLAIN' => $user->lang['CURRENT_' . $lang . '_EXPLAIN'], 'L_IMPORT_SUBMIT' => $user->lang['IMPORT_' . $lang], 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=import'));
}
break;
case 'export':
$this->page_title = 'EXPORT_' . $lang;
$this->tpl_name = 'message_body';
$template->assign_vars(array('MESSAGE_TITLE' => $user->lang['EXPORT_' . $lang], 'MESSAGE_TEXT' => sprintf($user->lang['EXPORT_' . $lang . '_EXPLAIN'], '<a href="' . $this->u_action . '&action=send&hash=' . generate_link_hash('acp_icons') . '">', '</a>'), 'S_USER_NOTICE' => true));
return;
break;
case 'send':
if (!check_link_hash($request->variable('hash', ''), 'acp_icons')) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql = "SELECT *\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tORDER BY {$fields}_order";
$result = $db->sql_query($sql);
$pak = '';
while ($row = $db->sql_fetchrow($result)) {
$pak .= "'" . addslashes($row[$fields . '_url']) . "', ";
$pak .= "'" . addslashes($row[$fields . '_width']) . "', ";
$pak .= "'" . addslashes($row[$fields . '_height']) . "', ";
$pak .= "'" . addslashes($row['display_on_posting']) . "', ";
if ($mode == 'smilies') {
$pak .= "'" . addslashes($row['emotion']) . "', ";
$pak .= "'" . addslashes($row['code']) . "', ";
}
$pak .= "\n";
}
$db->sql_freeresult($result);
if ($pak != '') {
garbage_collection();
header('Cache-Control: public');
// Send out the Headers
header('Content-Type: text/x-delimtext; name="' . $mode . '.pak"');
header('Content-Disposition: inline; filename="' . $mode . '.pak"');
echo $pak;
flush();
exit;
} else {
trigger_error($user->lang['NO_' . strtoupper($fields) . '_EXPORT'] . adm_back_link($this->u_action), E_USER_WARNING);
}
break;
case 'delete':
if (confirm_box(true)) {
$sql = "DELETE FROM {$table}\n\t\t\t\t\t\tWHERE {$fields}_id = {$icon_id}";
$db->sql_query($sql);
switch ($mode) {
case 'smilies':
break;
case 'icons':
// Reset appropriate icon_ids
$db->sql_query('UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\t\t\t\tSET icon_id = 0\n\t\t\t\t\t\t\t\tWHERE icon_id = {$icon_id}");
$db->sql_query('UPDATE ' . POSTS_TABLE . "\n\t\t\t\t\t\t\t\tSET icon_id = 0\n\t\t\t\t\t\t\t\tWHERE icon_id = {$icon_id}");
break;
}
$notice = $user->lang[$lang . '_DELETED'];
$cache->destroy('_icons');
$cache->destroy('sql', $table);
$phpbb_container->get('text_formatter.cache')->invalidate();
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $notice, 'REFRESH_DATA' => array('time' => 3)));
}
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'id' => $icon_id, 'action' => 'delete')));
}
break;
case 'move_up':
case 'move_down':
if (!check_link_hash($request->variable('hash', ''), 'acp_icons')) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Get current order id...
$sql = "SELECT {$fields}_order as current_order\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tWHERE {$fields}_id = {$icon_id}";
$result = $db->sql_query($sql);
$current_order = (int) $db->sql_fetchfield('current_order');
$db->sql_freeresult($result);
if ($current_order == 0 && $action == 'move_up') {
break;
}
// on move_down, switch position with next order_id...
// on move_up, switch position with previous order_id...
$switch_order_id = $action == 'move_down' ? $current_order + 1 : $current_order - 1;
//
$sql = "UPDATE {$table}\n\t\t\t\t\tSET {$fields}_order = {$current_order}\n\t\t\t\t\tWHERE {$fields}_order = {$switch_order_id}\n\t\t\t\t\t\tAND {$fields}_id <> {$icon_id}";
$db->sql_query($sql);
$move_executed = (bool) $db->sql_affectedrows();
// Only update the other entry too if the previous entry got updated
if ($move_executed) {
$sql = "UPDATE {$table}\n\t\t\t\t\t\tSET {$fields}_order = {$switch_order_id}\n\t\t\t\t\t\tWHERE {$fields}_order = {$current_order}\n\t\t\t\t\t\t\tAND {$fields}_id = {$icon_id}";
$db->sql_query($sql);
}
$cache->destroy('_icons');
$cache->destroy('sql', $table);
$phpbb_container->get('text_formatter.cache')->invalidate();
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('success' => $move_executed));
}
break;
}
// By default, check that image_order is valid and fix it if necessary
$sql = "SELECT {$fields}_id AS order_id, {$fields}_order AS fields_order\n\t\t\tFROM {$table}\n\t\t\tORDER BY display_on_posting DESC, {$fields}_order";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) {
$order = 0;
do {
++$order;
if ($row['fields_order'] != $order) {
$db->sql_query("UPDATE {$table}\n\t\t\t\t\t\tSET {$fields}_order = {$order}\n\t\t\t\t\t\tWHERE {$fields}_id = " . $row['order_id']);
}
} while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
$template->assign_vars(array('L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_IMPORT' => $user->lang['IMPORT_' . $lang], 'L_EXPORT' => $user->lang['EXPORT_' . $lang], 'L_NOT_DISPLAYED' => $user->lang[$lang . '_NOT_DISPLAYED'], 'L_ICON_ADD' => $user->lang['ADD_' . $lang], 'L_ICON_EDIT' => $user->lang['EDIT_' . $lang], 'NOTICE' => $notice, 'COLSPAN' => $mode == 'smilies' ? 5 : 3, 'S_SMILIES' => $mode == 'smilies' ? true : false, 'U_ACTION' => $this->u_action, 'U_IMPORT' => $this->u_action . '&action=import', 'U_EXPORT' => $this->u_action . '&action=export'));
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
$pagination_start = $request->variable('start', 0);
$spacer = false;
$item_count = $this->item_count($table);
$sql = "SELECT *\n\t\t\tFROM {$table}\n\t\t\tORDER BY {$fields}_order ASC";
$result = $db->sql_query_limit($sql, $config['smilies_per_page'], $pagination_start);
while ($row = $db->sql_fetchrow($result)) {
$alt_text = $mode == 'smilies' ? $row['code'] : ($mode == 'icons' && !empty($row['icons_alt']) ? $row['icons_alt'] : $row['icons_url']);
$template->assign_block_vars('items', array('S_SPACER' => !$spacer && !$row['display_on_posting'] ? true : false, 'ALT_TEXT' => $alt_text, 'IMG_SRC' => $phpbb_root_path . $img_path . '/' . $row[$fields . '_url'], 'WIDTH' => $row[$fields . '_width'], 'HEIGHT' => $row[$fields . '_height'], 'CODE' => isset($row['code']) ? $row['code'] : '', 'EMOTION' => isset($row['emotion']) ? $row['emotion'] : '', 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row[$fields . '_id'], 'U_DELETE' => $this->u_action . '&action=delete&id=' . $row[$fields . '_id'], 'U_MOVE_UP' => $this->u_action . '&action=move_up&id=' . $row[$fields . '_id'] . '&start=' . $pagination_start . '&hash=' . generate_link_hash('acp_icons'), 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&id=' . $row[$fields . '_id'] . '&start=' . $pagination_start . '&hash=' . generate_link_hash('acp_icons')));
if (!$spacer && !$row['display_on_posting']) {
$spacer = true;
}
}
$db->sql_freeresult($result);
$pagination->generate_template_pagination($this->u_action, 'pagination', 'start', $item_count, $config['smilies_per_page'], $pagination_start);
}
function main($id, $mode)
{
global $db, $user, $auth, $template, $cache, $request, $phpbb_dispatcher;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
$user->add_lang('acp/posting');
// Set up general vars
$action = request_var('action', '');
$action = isset($_POST['add']) ? 'add' : $action;
$action = isset($_POST['save']) ? 'save' : $action;
$rank_id = request_var('id', 0);
$this->tpl_name = 'acp_ranks';
$this->page_title = 'ACP_MANAGE_RANKS';
$form_name = 'acp_ranks';
add_form_key($form_name);
switch ($action) {
case 'save':
if (!check_form_key($form_name)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$rank_title = utf8_normalize_nfc(request_var('title', '', true));
$special_rank = request_var('special_rank', 0);
$min_posts = $special_rank ? 0 : max(0, request_var('min_posts', 0));
$rank_image = request_var('rank_image', '');
// The rank image has to be a jpg, gif or png
if ($rank_image != '' && !preg_match('#(\\.gif|\\.png|\\.jpg|\\.jpeg)$#i', $rank_image)) {
$rank_image = '';
}
if (!$rank_title) {
trigger_error($user->lang['NO_RANK_TITLE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql_ary = array('rank_title' => $rank_title, 'rank_special' => $special_rank, 'rank_min' => $min_posts, 'rank_image' => htmlspecialchars_decode($rank_image));
/**
* Modify the SQL array when saving a rank
*
* @event core.acp_ranks_save_modify_sql_ary
* @var int rank_id The ID of the rank (if available)
* @var array sql_ary Array with the rank's data
* @since 3.1.0-RC3
*/
$vars = array('rank_id', 'sql_ary');
extract($phpbb_dispatcher->trigger_event('core.acp_ranks_save_modify_sql_ary', compact($vars)));
if ($rank_id) {
$sql = 'UPDATE ' . RANKS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE rank_id = {$rank_id}";
$message = $user->lang['RANK_UPDATED'];
add_log('admin', 'LOG_RANK_UPDATED', $rank_title);
} else {
$sql = 'INSERT INTO ' . RANKS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$message = $user->lang['RANK_ADDED'];
add_log('admin', 'LOG_RANK_ADDED', $rank_title);
}
$db->sql_query($sql);
$cache->destroy('_ranks');
trigger_error($message . adm_back_link($this->u_action));
break;
case 'delete':
if (!$rank_id) {
trigger_error($user->lang['MUST_SELECT_RANK'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (confirm_box(true)) {
$sql = 'SELECT rank_title
FROM ' . RANKS_TABLE . '
WHERE rank_id = ' . $rank_id;
$result = $db->sql_query($sql);
$rank_title = (string) $db->sql_fetchfield('rank_title');
$db->sql_freeresult($result);
$sql = 'DELETE FROM ' . RANKS_TABLE . "\n\t\t\t\t\t\tWHERE rank_id = {$rank_id}";
$db->sql_query($sql);
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\t\t\tSET user_rank = 0\n\t\t\t\t\t\tWHERE user_rank = {$rank_id}";
$db->sql_query($sql);
$cache->destroy('_ranks');
add_log('admin', 'LOG_RANK_REMOVED', $rank_title);
if ($request->is_ajax()) {
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['RANK_REMOVED'], 'REFRESH_DATA' => array('time' => 3)));
}
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'rank_id' => $rank_id, 'action' => 'delete')));
}
break;
case 'edit':
case 'add':
$data = $ranks = $existing_imgs = array();
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
ORDER BY rank_min ASC, rank_special ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$existing_imgs[] = $row['rank_image'];
if ($action == 'edit' && $rank_id == $row['rank_id']) {
$ranks = $row;
}
}
$db->sql_freeresult($result);
$imglist = filelist($phpbb_root_path . $config['ranks_path'], '');
$edit_img = $filename_list = '';
foreach ($imglist as $path => $img_ary) {
sort($img_ary);
foreach ($img_ary as $img) {
$img = $path . $img;
if ($ranks && $img == $ranks['rank_image']) {
$selected = ' selected="selected"';
$edit_img = $img;
} else {
$selected = '';
}
if (strlen($img) > 255) {
continue;
}
$filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . $img . (in_array($img, $existing_imgs) ? ' ' . $user->lang['RANK_IMAGE_IN_USE'] : '') . '</option>';
}
}
$filename_list = '<option value=""' . ($edit_img == '' ? ' selected="selected"' : '') . '>----------</option>' . $filename_list;
unset($existing_imgs, $imglist);
$tpl_ary = array('S_EDIT' => true, 'U_BACK' => $this->u_action, 'RANKS_PATH' => $phpbb_root_path . $config['ranks_path'], 'U_ACTION' => $this->u_action . '&id=' . $rank_id, 'RANK_TITLE' => isset($ranks['rank_title']) ? $ranks['rank_title'] : '', 'S_FILENAME_LIST' => $filename_list, 'RANK_IMAGE' => $edit_img ? $phpbb_root_path . $config['ranks_path'] . '/' . $edit_img : htmlspecialchars($phpbb_admin_path) . 'images/spacer.gif', 'S_SPECIAL_RANK' => isset($ranks['rank_special']) && $ranks['rank_special'] ? true : false, 'MIN_POSTS' => isset($ranks['rank_min']) && !$ranks['rank_special'] ? $ranks['rank_min'] : 0);
/**
* Modify the template output array for editing/adding ranks
*
* @event core.acp_ranks_edit_modify_tpl_ary
* @var array ranks Array with the rank's data
* @var array tpl_ary Array with the rank's template data
* @since 3.1.0-RC3
*/
$vars = array('ranks', 'tpl_ary');
extract($phpbb_dispatcher->trigger_event('core.acp_ranks_edit_modify_tpl_ary', compact($vars)));
$template->assign_vars($tpl_ary);
return;
break;
}
$template->assign_vars(array('U_ACTION' => $this->u_action));
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
ORDER BY rank_special DESC, rank_min ASC, rank_title ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$rank_row = array('S_RANK_IMAGE' => $row['rank_image'] ? true : false, 'S_SPECIAL_RANK' => $row['rank_special'] ? true : false, 'RANK_IMAGE' => $phpbb_root_path . $config['ranks_path'] . '/' . $row['rank_image'], 'RANK_TITLE' => $row['rank_title'], 'MIN_POSTS' => $row['rank_min'], 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row['rank_id'], 'U_DELETE' => $this->u_action . '&action=delete&id=' . $row['rank_id']);
/**
* Modify the template output array for each listed rank
*
* @event core.acp_ranks_list_modify_rank_row
* @var array row Array with the rank's data
* @var array rank_row Array with the rank's template data
* @since 3.1.0-RC3
*/
$vars = array('row', 'rank_row');
extract($phpbb_dispatcher->trigger_event('core.acp_ranks_list_modify_rank_row', compact($vars)));
$template->assign_block_vars('ranks', $rank_row);
}
$db->sql_freeresult($result);
}
/**
* Error and message handler, call with trigger_error if read
*/
function msg_handler($errno, $msg_text, $errfile, $errline)
{
global $cache, $db, $auth, $template, $config, $user, $request;
global $phpEx, $phpbb_root_path, $msg_title, $msg_long_text;
// Do not display notices if we suppress them via @
if (error_reporting() == 0 && $errno != E_USER_ERROR && $errno != E_USER_WARNING && $errno != E_USER_NOTICE) {
return;
}
// Message handler is stripping text. In case we need it, we are possible to define long text...
if (isset($msg_long_text) && $msg_long_text && !$msg_text) {
$msg_text = $msg_long_text;
}
if (!defined('E_DEPRECATED')) {
define('E_DEPRECATED', 8192);
}
switch ($errno) {
case E_NOTICE:
case E_WARNING:
// Check the error reporting level and return if the error level does not match
// If DEBUG is defined the default level is E_ALL
if (($errno & (defined('DEBUG') ? E_ALL : error_reporting())) == 0) {
return;
}
if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false) {
$errfile = phpbb_filter_root_path($errfile);
$msg_text = phpbb_filter_root_path($msg_text);
$error_name = $errno === E_WARNING ? 'PHP Warning' : 'PHP Notice';
echo '<b>[phpBB Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n";
// we are writing an image - the user won't see the debug, so let's place it in the log
if (defined('IMAGE_OUTPUT') || defined('IN_CRON')) {
add_log('critical', 'LOG_IMAGE_GENERATION_ERROR', $errfile, $errline, $msg_text);
}
// echo '<br /><br />BACKTRACE<br />' . get_backtrace() . '<br />' . "\n";
}
return;
break;
case E_USER_ERROR:
if (!empty($user) && !empty($user->lang)) {
$msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text;
$msg_title = !isset($msg_title) ? $user->lang['GENERAL_ERROR'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title);
$l_return_index = sprintf($user->lang['RETURN_INDEX'], '<a href="' . $phpbb_root_path . '">', '</a>');
$l_notify = '';
if (!empty($config['board_contact'])) {
$l_notify = '<p>' . sprintf($user->lang['NOTIFY_ADMIN_EMAIL'], $config['board_contact']) . '</p>';
}
} else {
$msg_title = 'General Error';
$l_return_index = '<a href="' . $phpbb_root_path . '">Return to index page</a>';
$l_notify = '';
if (!empty($config['board_contact'])) {
$l_notify = '<p>Please notify the board administrator or webmaster: <a href="mailto:' . $config['board_contact'] . '">' . $config['board_contact'] . '</a></p>';
}
}
$log_text = $msg_text;
$backtrace = get_backtrace();
if ($backtrace) {
$log_text .= '<br /><br />BACKTRACE<br />' . $backtrace;
}
if (defined('IN_INSTALL') || defined('DEBUG') || isset($auth) && $auth->acl_get('a_')) {
$msg_text = $log_text;
// If this is defined there already was some output
// So let's not break it
if (defined('IN_DB_UPDATE')) {
echo '<div class="errorbox">' . $msg_text . '</div>';
$db->sql_return_on_error(true);
phpbb_end_update($cache, $config);
}
}
if ((defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db)) {
// let's avoid loops
$db->sql_return_on_error(true);
add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $log_text);
$db->sql_return_on_error(false);
}
// Do not send 200 OK, but service unavailable on errors
send_status_line(503, 'Service Unavailable');
garbage_collection();
// Try to not call the adm page data...
echo '<!DOCTYPE html>';
echo '<html dir="ltr">';
echo '<head>';
echo '<meta charset="utf-8">';
echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">';
echo '<title>' . $msg_title . '</title>';
echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n";
echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } ';
echo 'a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } ';
echo '#wrap { padding: 0 20px 15px 20px; min-width: 615px; } #page-header { text-align: right; height: 40px; } #page-footer { clear: both; font-size: 1em; text-align: center; } ';
echo '.panel { margin: 4px 0; background-color: #FFFFFF; border: solid 1px #A9B8C2; } ';
echo '#errorpage #page-header a { font-weight: bold; line-height: 6em; } #errorpage #content { padding: 10px; } #errorpage #content h1 { line-height: 1.2em; margin-bottom: 0; color: #DF075C; } ';
echo '#errorpage #content div { margin-top: 20px; margin-bottom: 5px; border-bottom: 1px solid #CCCCCC; padding-bottom: 5px; color: #333333; font: bold 1.2em "Lucida Grande", Arial, Helvetica, sans-serif; text-decoration: none; line-height: 120%; text-align: left; } ';
echo "\n" . '/* ]]> */' . "\n";
echo '</style>';
echo '</head>';
echo '<body id="errorpage">';
echo '<div id="wrap">';
echo ' <div id="page-header">';
echo ' ' . $l_return_index;
echo ' </div>';
echo ' <div id="acp">';
echo ' <div class="panel">';
echo ' <div id="content">';
echo ' <h1>' . $msg_title . '</h1>';
echo ' <div>' . $msg_text . '</div>';
echo $l_notify;
echo ' </div>';
echo ' </div>';
echo ' </div>';
echo ' <div id="page-footer">';
echo ' Powered by <a href="https://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Limited';
echo ' </div>';
echo '</div>';
echo '</body>';
echo '</html>';
exit_handler();
// On a fatal error (and E_USER_ERROR *is* fatal) we never want other scripts to continue and force an exit here.
exit;
break;
case E_USER_WARNING:
case E_USER_NOTICE:
define('IN_ERROR_HANDLER', true);
if (empty($user->data)) {
$user->session_begin();
}
// We re-init the auth array to get correct results on login/logout
$auth->acl($user->data);
if (empty($user->lang)) {
$user->setup();
}
if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') {
send_status_line(404, 'Not Found');
}
$msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text;
$msg_title = !isset($msg_title) ? $user->lang['INFORMATION'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title);
if (!defined('HEADER_INC')) {
if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) {
adm_page_header($msg_title);
} else {
page_header($msg_title);
}
}
$template->set_filenames(array('body' => 'message_body.html'));
$template->assign_vars(array('MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text, 'S_USER_WARNING' => $errno == E_USER_WARNING ? true : false, 'S_USER_NOTICE' => $errno == E_USER_NOTICE ? true : false));
if ($request->is_ajax()) {
global $refresh_data;
$json_response = new \phpbb\json_response();
$json_response->send(array('MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text, 'S_USER_WARNING' => $errno == E_USER_WARNING ? true : false, 'S_USER_NOTICE' => $errno == E_USER_NOTICE ? true : false, 'REFRESH_DATA' => !empty($refresh_data) ? $refresh_data : null));
}
// We do not want the cron script to be called on error messages
define('IN_CRON', true);
if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) {
adm_page_footer();
} else {
page_footer();
}
exit_handler();
break;
// PHP4 compatibility
// PHP4 compatibility
case E_DEPRECATED:
return true;
break;
}
// If we notice an error not handled here we pass this back to PHP by returning false
// This may not work for all php versions
return false;
}
