public function display() { if (!$this->user->is_guest) { header('Location: ' . Url::base()); exit; } // Antispam feature require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/antispam.php'; $index_questions = rand(0, count($lang_antispam_questions) - 1); // Display an error message if new registrations are disabled // If $_REQUEST['username'] or $_REQUEST['password'] are filled, we are facing a bot if ($this->config['o_regs_allow'] == '0' || $this->request->post('username') || $this->request->post('password')) { throw new Error(__('No new regs'), 403); } $user['timezone'] = isset($user['timezone']) ? $user['timezone'] : $this->config['o_default_timezone']; $user['dst'] = isset($user['dst']) ? $user['dst'] : $this->config['o_default_dst']; $user['email_setting'] = isset($user['email_setting']) ? $user['email_setting'] : $this->config['o_default_email_setting']; $user['errors'] = ''; if ($this->feather->request()->isPost()) { $user = $this->model->check_for_errors(); // Did everything go according to plan? Insert the user if (empty($user['errors'])) { $this->model->insert_user($user); } } $this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Register')), 'focus_element' => array('register', 'req_user'), 'required_fields' => array('req_user' => __('Username'), 'req_password1' => __('Password'), 'req_password2' => __('Confirm pass'), 'req_email1' => __('Email'), 'req_email2' => __('Email') . ' 2', 'captcha' => __('Robot title')), 'active_page' => 'register', 'is_indexed' => true, 'errors' => $user['errors'], 'index_questions' => $index_questions, 'languages' => \FeatherBB\Core\Lister::getLangs(), 'question' => array_keys($lang_antispam_questions), 'qencoded' => md5(array_keys($lang_antispam_questions)[$index_questions])))->addTemplate('register/form.php')->display(); }
?> "<?php echo $button_status; ?> /> <input type="submit" name="delete_posts" value="<?php _e('Delete'); ?> "<?php echo $button_status; ?> /></p> <div class="clearer"></div> </div> <ul class="crumbs"> <li><a href="<?php echo Url::base(); ?> "><?php _e('Index'); ?> </a></li> <li><span>» </span><a href="<?php echo Router::pathFor('Forum', ['id' => $fid, 'name' => $url_forum]); ?> "><?php echo Utils::escape($cur_topic['forum_name']); ?> </a></li> <li><span>» </span><a href="<?php echo Router::pathFor('Topic', ['id' => $id, 'name' => $url_topic]); ?>
echo "\t\t\t\t\t\t" . '</tr>' . "\n"; } ?> <tr> <td class="tcl" colspan="2"><?php echo sprintf(__('Total query time'), round($queries_info['total_time'], 7)) . ' s'; ?> </td> </tr> </tbody> </table> </div> </div> </div> <?php } ?> </section> </body> <!-- JS --> <?php foreach ($assets['js'] as $script) { echo '<script '; foreach ($script['params'] as $key => $value) { echo $key . '="' . $value . '" '; } echo 'src="' . Url::base() . '/' . $script['file'] . '"/></script>' . "\n"; } ?> </html>
public function print_posts($topic_id, $start_from, $cur_topic, $is_admmod) { $post_data = array(); $post_data = Container::get('hooks')->fire('model.topic.print_posts_start', $post_data, $topic_id, $start_from, $cur_topic, $is_admmod); $post_count = 0; // Keep track of post numbers // Retrieve a list of post IDs, LIMIT is (really) expensive so we only fetch the IDs here then later fetch the remaining data $result = DB::for_table('posts')->select('id')->where('topic_id', $topic_id)->order_by('id')->limit(User::get()->disp_topics)->offset($start_from); $result = Container::get('hooks')->fireDB('model.topic.print_posts_ids_query', $result); $result = $result->find_many(); $post_ids = array(); foreach ($result as $cur_post_id) { $post_ids[] = $cur_post_id['id']; } if (empty($post_ids)) { throw new Error('The post table and topic table seem to be out of sync!', 500); } // Retrieve the posts (and their respective poster/online status) $result['select'] = array('u.email', 'u.title', 'u.url', 'u.location', 'u.signature', 'u.email_setting', 'u.num_posts', 'u.registered', 'u.admin_note', 'p.id', 'username' => 'p.poster', 'p.poster_id', 'p.poster_ip', 'p.poster_email', 'p.message', 'p.hide_smilies', 'p.posted', 'p.edited', 'p.edited_by', 'g.g_id', 'g.g_user_title', 'g.g_promote_next_group', 'is_online' => 'o.user_id'); $result = DB::for_table('posts')->table_alias('p')->select_many($result['select'])->inner_join('users', array('u.id', '=', 'p.poster_id'), 'u')->inner_join('groups', array('g.g_id', '=', 'u.group_id'), 'g')->raw_join('LEFT OUTER JOIN ' . ForumSettings::get('db_prefix') . 'online', "o.user_id!=1 AND o.idle=0 AND o.user_id=u.id", 'o')->where_in('p.id', $post_ids)->order_by('p.id'); $result = Container::get('hooks')->fireDB('model.topic.print_posts_query', $result); $result = $result->find_array(); foreach ($result as $cur_post) { $post_count++; $cur_post['user_avatar'] = ''; $cur_post['user_info'] = array(); $cur_post['user_contacts'] = array(); $cur_post['post_actions'] = array(); $cur_post['is_online_formatted'] = ''; $cur_post['signature_formatted'] = ''; // If the poster is a registered user if ($cur_post['poster_id'] > 1) { if (User::get()->g_view_users == '1') { $cur_post['username_formatted'] = '<a href="' . Url::base() . '/user/' . $cur_post['poster_id'] . '/">' . Utils::escape($cur_post['username']) . '</a>'; } else { $cur_post['username_formatted'] = Utils::escape($cur_post['username']); } $cur_post['user_title_formatted'] = Utils::get_title($cur_post); if (ForumSettings::get('o_censoring') == '1') { $cur_post['user_title_formatted'] = Utils::censor($cur_post['user_title_formatted']); } // Format the online indicator $cur_post['is_online_formatted'] = $cur_post['is_online'] == $cur_post['poster_id'] ? '<strong>' . __('Online') . '</strong>' : '<span>' . __('Offline') . '</span>'; if (ForumSettings::get('o_avatars') == '1' && User::get()->show_avatars != '0') { if (isset($avatar_cache[$cur_post['poster_id']])) { $cur_post['user_avatar'] = $avatar_cache[$cur_post['poster_id']]; } else { $cur_post['user_avatar'] = $avatar_cache[$cur_post['poster_id']] = Utils::generate_avatar_markup($cur_post['poster_id']); } } // We only show location, register date, post count and the contact links if "Show user info" is enabled if (ForumSettings::get('o_show_user_info') == '1') { if ($cur_post['location'] != '') { if (ForumSettings::get('o_censoring') == '1') { $cur_post['location'] = Utils::censor($cur_post['location']); } $cur_post['user_info'][] = '<dd><span>' . __('From') . ' ' . Utils::escape($cur_post['location']) . '</span></dd>'; } $cur_post['user_info'][] = '<dd><span>' . __('Registered topic') . ' ' . Utils::format_time($cur_post['registered'], true) . '</span></dd>'; if (ForumSettings::get('o_show_post_count') == '1' || User::get()->is_admmod) { $cur_post['user_info'][] = '<dd><span>' . __('Posts topic') . ' ' . Utils::forum_number_format($cur_post['num_posts']) . '</span></dd>'; } // Now let's deal with the contact links (Email and URL) if (($cur_post['email_setting'] == '0' && !User::get()->is_guest || User::get()->is_admmod) && User::get()->g_send_email == '1') { $cur_post['user_contacts'][] = '<span class="email"><a href="mailto:' . Utils::escape($cur_post['email']) . '">' . __('Email') . '</a></span>'; } elseif ($cur_post['email_setting'] == '1' && !User::get()->is_guest && User::get()->g_send_email == '1') { $cur_post['user_contacts'][] = '<span class="email"><a href="' . Router::pathFor('email', ['id' => $cur_post['poster_id']]) . '">' . __('Email') . '</a></span>'; } if ($cur_post['url'] != '') { if (ForumSettings::get('o_censoring') == '1') { $cur_post['url'] = Utils::censor($cur_post['url']); } $cur_post['user_contacts'][] = '<span class="website"><a href="' . Utils::escape($cur_post['url']) . '" rel="nofollow">' . __('Website') . '</a></span>'; } } if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && User::get()->g_mod_promote_users == '1') { if ($cur_post['g_promote_next_group']) { $cur_post['user_info'][] = '<dd><span><a href="' . Url::base() . '/user/' . $cur_post['poster_id'] . '/action/promote/pid/' . $cur_post['id'] . '">' . __('Promote user') . '</a></span></dd>'; } } if (User::get()->is_admmod) { $cur_post['user_info'][] = '<dd><span><a href="' . Router::pathFor('getPostHost', ['pid' => $cur_post['id']]) . '" title="' . Utils::escape($cur_post['poster_ip']) . '">' . __('IP address logged') . '</a></span></dd>'; if ($cur_post['admin_note'] != '') { $cur_post['user_info'][] = '<dd><span>' . __('Note') . ' <strong>' . Utils::escape($cur_post['admin_note']) . '</strong></span></dd>'; } } } else { $cur_post['username_formatted'] = Utils::escape($cur_post['username']); $cur_post['user_title_formatted'] = Utils::get_title($cur_post); if (User::get()->is_admmod) { $cur_post['user_info'][] = '<dd><span><a href="' . Router::pathFor('getPostHost', ['pid' => $cur_post['id']]) . '" title="' . Utils::escape($cur_post['poster_ip']) . '">' . __('IP address logged') . '</a></span></dd>'; } if (ForumSettings::get('o_show_user_info') == '1' && $cur_post['poster_email'] != '' && !User::get()->is_guest && User::get()->g_send_email == '1') { $cur_post['user_contacts'][] = '<span class="email"><a href="mailto:' . Utils::escape($cur_post['poster_email']) . '">' . __('Email') . '</a></span>'; } } // Generation post action array (quote, edit, delete etc.) if (!$is_admmod) { if (!User::get()->is_guest) { $cur_post['post_actions'][] = '<li class="postreport"><span><a href="' . Router::pathFor('report', ['id' => $cur_post['id']]) . '">' . __('Report') . '</a></span></li>'; } if ($cur_topic['closed'] == '0') { if ($cur_post['poster_id'] == User::get()->id) { if ($start_from + $post_count == 1 && User::get()->g_delete_topics == '1' || $start_from + $post_count > 1 && User::get()->g_delete_posts == '1') { $cur_post['post_actions'][] = '<li class="postdelete"><span><a href="' . Router::pathFor('deletePost', ['id' => $cur_post['id']]) . '">' . __('Delete') . '</a></span></li>'; } if (User::get()->g_edit_posts == '1') { $cur_post['post_actions'][] = '<li class="postedit"><span><a href="' . Router::pathFor('editPost', ['id' => $cur_post['id']]) . '">' . __('Edit') . '</a></span></li>'; } } if ($cur_topic['post_replies'] == '' && User::get()->g_post_replies == '1' || $cur_topic['post_replies'] == '1') { $cur_post['post_actions'][] = '<li class="postquote"><span><a href="' . Router::pathFor('newQuoteReply', ['tid' => $topic_id, 'qid' => $cur_post['id']]) . '">' . __('Quote') . '</a></span></li>'; } } } else { $cur_post['post_actions'][] = '<li class="postreport"><span><a href="' . Router::pathFor('report', ['id' => $cur_post['id']]) . '">' . __('Report') . '</a></span></li>'; if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || !in_array($cur_post['poster_id'], $admin_ids)) { $cur_post['post_actions'][] = '<li class="postdelete"><span><a href="' . Router::pathFor('deletePost', ['id' => $cur_post['id']]) . '">' . __('Delete') . '</a></span></li>'; $cur_post['post_actions'][] = '<li class="postedit"><span><a href="' . Router::pathFor('editPost', ['id' => $cur_post['id']]) . '">' . __('Edit') . '</a></span></li>'; } $cur_post['post_actions'][] = '<li class="postquote"><span><a href="' . Router::pathFor('newQuoteReply', ['tid' => $topic_id, 'qid' => $cur_post['id']]) . '">' . __('Quote') . '</a></span></li>'; } // Perform the main parsing of the message (BBCode, smilies, censor words etc) $cur_post['message'] = Container::get('parser')->parse_message($cur_post['message'], $cur_post['hide_smilies']); // Do signature parsing/caching if (ForumSettings::get('o_signatures') == '1' && $cur_post['signature'] != '' && User::get()->show_sig != '0') { // if (isset($avatar_cache[$cur_post['poster_id']])) { // $cur_post['signature_formatted'] = $avatar_cache[$cur_post['poster_id']]; // } else { $cur_post['signature_formatted'] = Container::get('parser')->parse_signature($cur_post['signature']); // $avatar_cache[$cur_post['poster_id']] = $cur_post['signature_formatted']; // } } $cur_post = Container::get('hooks')->fire('model.print_posts.one', $cur_post); $post_data[] = $cur_post; } $post_data = Container::get('hooks')->fire('model.topic.print_posts', $post_data); return $post_data; }
<p><a name="img"></a><?php _e('Images info'); ?> </p> dede <p><code>[img=<?php _e('FeatherBB bbcode test'); ?> ]<?php echo Utils::escape(Url::base(true)); ?> /style/img/logo.png[/img]</code> <?php _e('produces'); ?> <samp><img style="height: 21px" src="<?php echo Utils::escape(Url::base(true)); ?> /style/img/logo.png" alt="<?php _e('FeatherBB bbcode test'); ?> " /></samp></p> </div> </div> <h2><span><?php _e('Quotes'); ?> </span></h2> <div class="box"> <div class="inbox"> <p><?php _e('Quotes info');
public function change_email($id) { $id = Container::get('hooks')->fire('model.profile.change_email_start', $id); // Make sure we are allowed to change this user's email if (User::get()->id != $id) { $id = Container::get('hooks')->fire('model.profile.change_email_not_id', $id); if (!User::get()->is_admmod) { // A regular user trying to change another user's email? throw new Error(__('No permission'), 403); } elseif (User::get()->g_moderator == '1') { // A moderator trying to change a user's email? $user['select'] = array('u.group_id', 'g.g_moderator'); $user = DB::for_table('users')->table_alias('u')->select_many($user['select'])->inner_join('groups', array('g.g_id', '=', 'u.group_id'), 'g')->where('u.id', $id); $user = Container::get('hooks')->fireDB('model.profile.change_email_not_id_query', $user); $user = $user->find_one(); if (!$user) { throw new Error(__('Bad request'), 404); } if (User::get()->g_mod_edit_users == '0' || User::get()->g_mod_change_passwords == '0' || $user['group_id'] == ForumEnv::get('FEATHER_ADMIN') || $user['g_moderator'] == '1') { throw new Error(__('No permission'), 403); } } } if (Input::query('key')) { $key = Input::query('key'); $key = Container::get('hooks')->fire('model.profile.change_email_key', $key); $new_email_key = DB::for_table('users')->where('id', $id); $new_email_key = Container::get('hooks')->fireDB('model.profile.change_email_key_query', $new_email_key); $new_email_key = $new_email_key->find_one_col('activate_key'); if ($key == '' || $key != $new_email_key) { throw new Error(__('Email key bad') . ' <a href="mailto:' . Utils::escape(ForumSettings::get('o_admin_email')) . '">' . Utils::escape(ForumSettings::get('o_admin_email')) . '</a>.', 400); } else { $update_mail = DB::for_table('users')->where('id', $id)->find_one()->set_expr('email', 'activate_string')->set_expr('activate_string', 'NULL')->set_expr('activate_key', 'NULL'); $update_mail = Container::get('hooks')->fireDB('model.profile.change_email_query', $update_mail); $update_mail = $update_mail->save(); return Router::redirect(Router::pathFor('home'), __('Email updated')); } } elseif (Request::isPost()) { Container::get('hooks')->fire('model.profile.change_email_post'); if (Random::hash(Input::post('req_password')) !== User::get()->password) { throw new Error(__('Wrong pass')); } // Validate the email address $new_email = strtolower(Utils::trim(Input::post('req_new_email'))); $new_email = Container::get('hooks')->fire('model.profile.change_email_new_email', $new_email); if (!Container::get('email')->is_valid_email($new_email)) { throw new Error(__('Invalid email'), 400); } // Check if it's a banned email address if (Container::get('email')->is_banned_email($new_email)) { if (ForumSettings::get('p_allow_banned_email') == '0') { throw new Error(__('Banned email'), 403); } elseif (ForumSettings::get('o_mailing_list') != '') { // Load the "banned email change" template $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/banned_email_change.tpl')); $mail_tpl = Container::get('hooks')->fire('model.profile.change_email_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = Container::get('hooks')->fire('model.profile.change_email_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', User::get()->username, $mail_message); $mail_message = str_replace('<email>', $new_email, $mail_message); $mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $id]), $mail_message); $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message); $mail_message = Container::get('hooks')->fire('model.profile.change_email_mail_message', $mail_message); Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message); } } // Check if someone else already has registered with that email address $result['select'] = array('id', 'username'); $result = DB::for_table('users')->select_many($result['select'])->where('email', $new_email); $result = Container::get('hooks')->fireDB('model.profile.change_email_check_mail', $result); $result = $result->find_many(); if ($result) { if (ForumSettings::get('p_allow_dupe_email') == '0') { throw new Error(__('Dupe email'), 400); } elseif (ForumSettings::get('o_mailing_list') != '') { foreach ($result as $cur_dupe) { $dupe_list[] = $cur_dupe['username']; } // Load the "dupe email change" template $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/dupe_email_change.tpl')); $mail_tpl = Container::get('hooks')->fire('model.profile.change_email_mail_dupe_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = Container::get('hooks')->fire('model.profile.change_email_mail_dupe_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', User::get()->username, $mail_message); $mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message); $mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $id]), $mail_message); $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message); $mail_message = Container::get('hooks')->fire('model.profile.change_email_mail_dupe_message', $mail_message); Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message); } } $new_email_key = Random::pass(8); $new_email_key = Container::get('hooks')->fire('model.profile.change_email_new_email_key', $new_email_key); // Update the user unset($user); $user['update'] = array('activate_string' => $new_email, 'activate_key' => $new_email_key); $user = DB::for_table('users')->where('id', tid)->find_one()->set($user['update']); $user = Container::get('hooks')->fireDB('model.profile.change_email_user_query', $user); $user = $user->save(); // Load the "activate email" template $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/activate_email.tpl')); $mail_tpl = Container::get('hooks')->fire('model.profile.change_email_mail_activate_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = Container::get('hooks')->fire('model.profile.change_email_mail_activate_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', User::get()->username, $mail_message); $mail_message = str_replace('<base_url>', Url::base(), $mail_message); $mail_message = str_replace('<activation_url>', Router::pathFor('profileAction', ['id' => $id, 'action' => 'change_email']) . '?key=' . $new_email_key, $mail_message); $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message); $mail_message = Container::get('hooks')->fire('model.profile.change_email_mail_activate_message', $mail_message); Container::get('email')->feather_mail($new_email, $mail_subject, $mail_message); Container::get('hooks')->fire('model.profile.change_email_sent'); throw new Error(__('Activate email sent') . ' <a href="mailto:' . Utils::escape(ForumSettings::get('o_admin_email')) . '">' . Utils::escape(ForumSettings::get('o_admin_email')) . '</a>.', true); } Container::get('hooks')->fire('model.profile.change_email'); }
public function run() { Container::get('hooks')->fire('controller.install.run_install'); if (Input::getParsedBodyParam('choose_lang')) { if (in_array(Utils::trim(Input::getParsedBodyParam('install_lang')), $this->available_langs)) { $this->install_lang = Input::getParsedBodyParam('install_lang'); } } $csrf = new \FeatherBB\Middleware\Csrf(); $csrf->generateNewToken(Container::get('request')); translate('install', 'featherbb', $this->install_lang); if (Request::isPost() && empty(Input::getParsedBodyParam('choose_lang'))) { $missing_fields = array(); $data = array_map(function ($item) { return Utils::escape(Utils::trim($item)); }, Input::getParsedBodyParam('install')); foreach ($data as $field => $value) { // Handle empty fields if (empty($value)) { // If the field is required, or if user and pass are missing even though mysql or pgsql are selected as DB if (!in_array($field, $this->optional_fields) || in_array($field, array('db_user')) && in_array($data['db_type'], array('mysql', 'pgsql'))) { $missing_fields[] = $field; } } } if (!empty($missing_fields)) { $this->errors = 'The following fields are required but are missing : ' . implode(', ', $missing_fields); } else { // Missing fields, so we don't need to validate the others // VALIDATION // Make sure base_url doesn't end with a slash if (substr($data['base_url'], -1) == '/') { $data['base_url'] = substr($data['base_url'], 0, -1); } // Validate username and passwords if (Utils::strlen($data['username']) < 2) { $this->errors[] = __('Username 1'); } elseif (Utils::strlen($data['username']) > 25) { // This usually doesn't happen since the form element only accepts 25 characters $this->errors[] = __('Username 2'); } elseif (!strcasecmp($data['username'], 'Guest')) { $this->errors[] = __('Username 3'); } elseif (preg_match('%[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}%', $data['username']) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $data['username'])) { $this->errors[] = __('Username 4'); } elseif ((strpos($data['username'], '[') !== false || strpos($data['username'], ']') !== false) && strpos($data['username'], '\'') !== false && strpos($data['username'], '"') !== false) { $this->errors[] = __('Username 5'); } elseif (preg_match('%(?:\\[/?(?:b|u|i|h|colou?r|quote|code|img|url|email|list)\\]|\\[(?:code|quote|list)=)%i', $data['username'])) { $this->errors[] = __('Username 6'); } if (Utils::strlen($data['password']) < 6) { $this->errors[] = __('Short password'); } elseif ($data['password'] != $data['password_conf']) { $this->errors[] = __('Passwords not match'); } // Validate email if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) { $this->errors[] = __('Wrong email'); } // Validate language if (!in_array($data['default_lang'], Lister::getLangs())) { $this->errors[] = __('Error default language'); } // Check if the cache directory is writable if (!is_writable(ForumEnv::get('FORUM_CACHE_DIR'))) { $this->errors[] = sprintf(__('Alert cache'), ForumEnv::get('FORUM_CACHE_DIR')); } // Check if default avatar directory is writable if (!is_writable(ForumEnv::get('FEATHER_ROOT') . 'style/img/avatars/')) { $this->errors[] = sprintf(__('Alert avatar'), ForumEnv::get('FEATHER_ROOT') . 'style/img/avatars/'); } // Validate db_prefix if existing if (!empty($data['db_prefix']) && (strlen($data['db_prefix']) > 0 && (!preg_match('%^[a-zA-Z_][a-zA-Z0-9_]*$%', $data['db_prefix']) || strlen($data['db_prefix']) > 40))) { $this->errors[] = sprintf(__('Table prefix error'), $data['db_prefix']); } } // End validation and check errors if (!empty($this->errors)) { return View::setPageInfo(array('languages' => $this->available_langs, 'supported_dbs' => $this->supported_dbs, 'data' => $data, 'errors' => $this->errors))->addTemplate('install.php')->display(false); } else { $data['default_style'] = $this->default_style; $data['avatars'] = in_array(strtolower(@ini_get('file_uploads')), array('on', 'true', '1')) ? 1 : 0; return $this->create_config($data); } } else { $base_url = str_replace('index.php', '', Url::base()); $data = array('title' => __('My FeatherBB Forum'), 'description' => __('Description'), 'base_url' => $base_url, 'default_lang' => $this->install_lang); return View::setPageInfo(array('languages' => $this->available_langs, 'supported_dbs' => $this->supported_dbs, 'data' => $data, 'alerts' => array()))->addTemplate('install.php')->display(false); } }
public function get_redirect_url() { $this->hook->fire('get_redirect_url_start'); if (!empty($this->request->getReferrer())) { $redirect_url = $this->request->getReferrer(); } if (!isset($redirect_url)) { $redirect_url = Url::base(); } elseif (preg_match('%Topic\\.php\\?pid=(\\d+)$%', $redirect_url, $matches)) { // TODO $redirect_url .= '#p' . $matches[1]; } $redirect_url = $this->hook->fire('get_redirect_url', $redirect_url); return $redirect_url; }
</td> </tr> </tbody> </table> </div> </div> </div> <?php } ?> </section> </body> <!-- JS --> <script> var baseUrl = '<?php echo Utils::escape(Url::base()); ?> ', phpVars = <?php echo isset($jsVars) ? json_encode($jsVars) : json_encode(array()); ?> ; </script> <?php foreach ($assets['js'] as $script) { echo '<script '; foreach ($script['params'] as $key => $value) { echo $key . '="' . $value . '" '; } echo 'src="' . Url::base_static() . '/' . $script['file'] . '"/></script>' . "\n"; }
) # End $1: non-whitespace before first [*] (or [/list]). (?<!\\s) # Backtrack to exclude any trailing whitespace. (?=\\s*\\[(?:\\*|/list)\\]) # Done once we reach a [*] or [/list]. %ix', 'smilies' => array(), 'bbcd' => array()); unset($config); // If this server's PHP installation won't allow access to remote files, // then unconditionally turn off validate images option. if (!ini_get('allow_url_fopen')) { $pd['config']['valid_imgs'] = false; } // Validate and compute replacement texts for smilies array. $re_keys = array(); // Array of regex-safe smiley texts. $file_path = ForumEnv::get('FEATHER_ROOT') . 'style/img/smilies/'; // File system path to smilies. $url_path = Url::base(); // Convert abs URL to relative URL. $url_path = preg_replace('%^https?://[^/]++(.*)$%i', '$1', $url_path) . '/style/img/smilies/'; foreach ($smilies as $smiley_text => $smiley_img) { // Loop through all smilieys in array. $file = $file_path . $smiley_img['file']; // Local file system address of smiley. if (!file_exists($file)) { continue; } // Skip if the file does not exist. $info = getimagesize($file); // Fetch width & height the image. // Scale the smiley image to fit inside tiny smiley box; default = 15 by 15 pixels (@ 100%). if (isset($info) && is_array($info) && ($iw = (int) $info[0]) && ($ih = (int) $info[1])) { $ar = (double) $iw / (double) $ih;
public function forget() { if (!$this->feather->user->is_guest) { Url::redirect($this->feather->urlFor('home'), 'Already logged in'); } if ($this->feather->request->isPost()) { // Validate the email address $email = strtolower(Utils::trim($this->feather->request->post('req_email'))); if (!$this->feather->email->is_valid_email($email)) { throw new Error(__('Invalid email'), 400); } $user = ModelAuth::get_user_from_email($email); if ($user) { // Load the "activate password" template $mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->feather->user->language . '/mail_templates/activate_password.tpl')); $mail_tpl = $this->feather->hooks->fire('mail_tpl_password_forgotten', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_message = trim(substr($mail_tpl, $first_crlf)); // Do the generic replacements first (they apply to all emails sent out here) $mail_message = str_replace('<base_url>', Url::base() . '/', $mail_message); $mail_message = str_replace('<board_mailer>', $this->feather->forum_settings['o_board_title'], $mail_message); $mail_message = $this->feather->hooks->fire('mail_message_password_forgotten', $mail_message); if ($user->last_email_sent != '' && time() - $user->last_email_sent < 3600 && time() - $user->last_email_sent >= 0) { throw new Error(sprintf(__('Email flood'), intval((3600 - (time() - $user->last_email_sent)) / 60)), 429); } // Generate a new password and a new password activation code $new_password = Random::pass(12); $new_password_key = Random::pass(8); ModelAuth::set_new_password($new_password, $new_password_key, $user->id); // Do the user specific replacements to the template $cur_mail_message = str_replace('<username>', $user->username, $mail_message); $cur_mail_message = str_replace('<activation_url>', $this->feather->urlFor('profileAction', ['action' => 'change_pass']) . '?key=' . $new_password_key, $cur_mail_message); $cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message); $cur_mail_message = $this->feather->hooks->fire('cur_mail_message_password_forgotten', $cur_mail_message); $this->feather->email->feather_mail($email, $mail_subject, $cur_mail_message); Url::redirect($this->feather->urlFor('home'), __('Forget mail') . ' <a href="mailto:' . $this->feather->utils->escape($this->feather->forum_settings['o_admin_email']) . '">' . $this->feather->utils->escape($this->feather->forum_settings['o_admin_email']) . '</a>.', 200); } else { throw new Error(__('No email match') . ' ' . Utils::escape($email) . '.', 400); } } $this->feather->template->setPageInfo(array('active_page' => 'login', 'title' => array(Utils::escape($this->feather->forum_settings['o_board_title']), __('Request pass')), 'required_fields' => array('req_email' => __('Email')), 'focus_element' => array('request_pass', 'req_email')))->addTemplate('login/password_forgotten.php')->display(); }