function bb_language_switcher_debug() { if (!bb_current_user_can('administrate')) { return; } bb_language_switcher_update(); $bb_language_switcher = bb_get_option('bb_language_switcher'); $url = bb_get_option('uri') . trim(str_replace(array(trim(BBPATH, "/\\"), "\\"), array("", "/"), BB_LANG_DIR), ' /\\') . '/'; $count = 0; echo "<html><table border='0' cellpadding='1' cellspacing='1' style='font-family:monospace;'>"; foreach ($bb_language_switcher as $value => $description) { if ($value) { $count++; echo "<tr><td>{$description}</td><td><a href='{$url}{$value}.mo'>{$value}.mo</a></td></tr>"; } } echo "</table>\n<br />{$count} language files total"; exit; }
function add_twitter_to_profile_edit() { global $user_id, $bb_current_user, $bb_twitter; if (bb_current_user_can('edit_profile', $user->ID) && bb_is_user_logged_in()) { $twitter = fetch_user_twitter($user_id); $user = bb_get_user($user_id); $tweets_on = $user->twitter_on; $tweets_on_post = $user->twitter_on_post; ?> <fieldset> <legend><?php _e('Twitter'); ?> </legend> <table border=0> <tr> <th>Twitter username : </th><td><input type="text" name="twitter" value="<?php echo $twitter; ?> " size="25"/></td> </tr> <?php if (false) { ?> <tr> <td>Show your latest <em>tweet</em> in your profile?</td><td> <input name="show_tweets" value="tweets_on" type="checkbox" checked="checked"/></td> <input name="show_tweets" value="tweets_on" type="checkbox"/></td> </tr> <tr> <td>Show your latest <em>tweet</em> under each post?</td><td> <input name="show_tweets_post" value="tweets_on_post" type="checkbox" checked="checked"/></td> <input name="show_tweets_post" value="tweets_on_post" type="checkbox"/></td> <?php } ?> </tr> </table> </fieldset> <?php } }
function blocklist_process_post() { if (!bb_current_user_can('administrate')) { return; } global $blocklist; if (isset($_POST['submit']) && isset($_POST['blocklist'])) { $options = array('data', 'email'); foreach ($options as $option) { if (!empty($_POST[$option])) { (array) ($data = explode("\n", trim($_POST[$option]))); array_walk($data, create_function('&$arr', '$arr=trim($arr);')); $blocklist[$option] = implode("\r\n", $data) . "\r\n"; } else { $blocklist[$option] = ""; } } bb_update_option('blocklist', $blocklist); } }
} elseif ($user_id == bb_get_current_user_info('id')) { ?> <p> <?php _e('This is how your profile appears to a logged in member.'); ?> <?php if (bb_current_user_can('edit_user', $user->ID)) { printf(__('You may <a href="%1$s">edit this information</a>.'), esc_attr(get_profile_tab_link($user_id, 'edit'))); } ?> </p> <?php if (bb_current_user_can('edit_favorites_of', $user->ID)) { ?> <p><?php printf(__('You can also <a href="%1$s">manage your favorites</a> and subscribe to your favorites’ <a href="%2$s"><abbr title="Really Simple Syndication">RSS</abbr> feed</a>.'), esc_attr(get_favorites_link()), esc_attr(get_favorites_rss_link())); ?> </p> <?php } } ?> <?php bb_profile_data(); ?> </div>
<?php require_once './bb-load.php'; bb_repermalink(); // The magic happens here. if ($self) { if (strpos($self, '.php') !== false) { require $self; } else { require BB_PATH . 'profile-base.php'; } return; } $reg_time = bb_gmtstrtotime($user->user_registered); $profile_info_keys = bb_get_profile_info_keys(); if (!isset($_GET['updated'])) { $updated = false; } else { $updated = true; } do_action('bb_profile.php_pre_db', $user_id); if (isset($user->is_bozo) && $user->is_bozo && $user->ID != bb_get_current_user_info('id') && !bb_current_user_can('moderate')) { $profile_info_keys = array(); } $posts = bb_get_recent_user_replies($user_id); $topics = get_recent_user_threads($user_id); bb_load_template('profile.php', array('reg_time', 'profile_info_keys', 'updated', 'threads'), $user_id);
function bb_forum_row($forum_id = 0, $echo = true, $close = false) { global $forum, $forums_count; if ($forum_id) { $_forum = bb_get_forum($forum_id); } else { $_forum =& $forum; } if (!$_forum) { return; } $description = get_forum_description($_forum->forum_id); $r = ''; if ($close) { $r .= "\t<li id='forum-{$_forum->forum_id}'" . get_alt_class('forum', 'forum clear list-block') . ">\n"; } $r .= "\t\t<div class='list-block posrel'>\n"; $r .= "\t\t\t<div class=\"row-title\">" . get_forum_name($_forum->forum_id) . "</div>\n"; if ($description) { $r .= "\t\t\t<p class=\"row-description\">" . get_forum_description($_forum->forum_id) . "</p>\n"; } $r .= "\t\t\t<div class=\"row-actions\"><span>\n"; $r .= "\t\t\t\t<a class='edit' href='" . get_forum_link() . "'>" . __('View') . "</a>\n"; if (bb_current_user_can('manage_forums')) { $r .= "\t\t\t\t| <a class='edit' href='" . esc_attr(bb_get_uri('bb-admin/forums.php', array('action' => 'edit', 'id' => $_forum->forum_id), BB_URI_CONTEXT_A_HREF + BB_URI_CONTEXT_BB_ADMIN)) . "'>" . __('Edit') . "</a>\n"; } if (bb_current_user_can('delete_forum', $_forum->forum_id) && 1 < $forums_count) { $r .= "\t\t\t\t| <a class='delete' href='" . esc_attr(bb_get_uri('bb-admin/forums.php', array('action' => 'delete', 'id' => $_forum->forum_id), BB_URI_CONTEXT_A_HREF + BB_URI_CONTEXT_BB_ADMIN)) . "'>" . __('Delete') . "</a>\n"; } $r .= "\t\t\t</span> </div>\n"; $r .= "\t\t</div>\n"; if ($close) { $r .= "\t</li>\n"; } if ($echo) { echo $r; } return $r; }
} elseif ('blocked' != $role && array_key_exists('blocked', $user->capabilities)) { bb_fix_password($user->ID); } } foreach ($profile_admin_keys as $key => $label) { if (${$key} != '' || isset($user->{$key})) { bb_update_usermeta($user->ID, $key, ${$key}); } } foreach ($assignable_caps as $cap => $label) { if (!($already = array_key_exists($cap, $user->capabilities)) && ${$cap}) { $user_obj->add_cap($cap); } elseif (!${$cap} && $already) { $user_obj->remove_cap($cap); } } } if (bb_current_user_can('change_user_password', $user->ID) && !empty($_POST['pass1'])) { $_POST['pass1'] = addslashes($_POST['pass1']); bb_update_user_password($user->ID, $_POST['pass1']); if (bb_get_current_user_info('ID') == $user->ID) { bb_clear_auth_cookie(); bb_set_auth_cookie($user->ID); } } do_action('profile_edited', $user->ID); nxt_redirect(add_query_arg('updated', 'true', get_user_profile_link($user->ID))); exit; } } bb_load_template('profile-edit.php', array('profile_info_keys', 'profile_admin_keys', 'assignable_caps', 'user_email', 'bb_roles', 'errors', 'self'));
<?php require_once 'admin.php'; // Query the users $bb_user_search = new BB_User_Search(@$_GET['usersearch'], @$_GET['page'], @$_GET['userrole']); $bb_admin_body_class = ' bb-admin-users'; bb_get_admin_header(); ?> <div class="wrap"> <?php $bb_user_search->display(true, bb_current_user_can('edit_users')); ?> </div> <?php bb_get_admin_footer();
function socialit_hide_show_do() { if (bb_is_topic() && $_GET['socialit_hide_show'] == "1" && isset($_GET['shs_opt']) && isset($_GET['tid']) && bb_current_user_can('moderate')) { $topic = get_topic($_GET['tid']); if (bb_verify_nonce($_GET['_wpnonce'], 'socialit_hide_show_' . $topic->topic_id)) { if ($_GET['shs_opt'] == "2") { bb_update_topicmeta($topic->topic_id, 'hide_socialit', 'true'); } else { bb_delete_topicmeta($topic->topic_id, 'hide_socialit'); } } else { _e('Sorry, but that could not be done.', 'socialit'); exit; } wp_redirect(get_topic_link($topic->topic_id)); } }
<?php require_once 'admin-action.php'; $topic_id = absint($_POST['topic_id']); $forum_id = absint($_POST['forum_id']); if (!is_numeric($topic_id) || !is_numeric($forum_id)) { bb_die(__('Invalid topic or forum.')); } if (!bb_current_user_can('move_topic', $topic_id, $forum_id)) { nxt_redirect(bb_get_uri(null, null, BB_URI_CONTEXT_HEADER)); exit; } bb_check_admin_referer('move-topic_' . $topic_id); $topic = get_topic($topic_id); $forum = bb_get_forum($forum_id); if (!$topic || !$forum) { bb_die(__('Your topic or forum caused all manner of confusion')); } bb_move_topic($topic_id, $forum_id); if (!($redirect = nxt_get_referer())) { $redirect = get_topic_link($topic_id); } bb_safe_redirect($redirect); exit;
<?php require 'admin-action.php'; $topic_id = (int) $_GET['id']; if (!bb_current_user_can('delete_topic', $topic_id)) { wp_redirect(bb_get_uri(null, null, BB_URI_CONTEXT_HEADER)); exit; } bb_check_admin_referer('delete-topic_' . $topic_id); $topic = get_topic($topic_id); $old_status = (int) $topic->topic_status; if (!$topic) { bb_die(__('There is a problem with that topic, pardner.')); } $status = $topic->topic_status ? 0 : 1; bb_delete_topic($topic->topic_id, $status); $message = ''; switch ($old_status) { case 0: switch ($status) { case 0: break; case 1: $message = 'deleted'; break; } break; case 1: switch ($status) { case 0: $message = 'undeleted';
<?php require_once 'admin.php'; $forums = bb_get_forums(); $forums_count = $forums ? count($forums) : 0; if (isset($_GET['action']) && 'delete' == $_GET['action']) { $forum_to_delete = (int) $_GET['id']; $deleted_forum = bb_get_forum($forum_to_delete); if (!$deleted_forum || $forums_count < 2 || !bb_current_user_can('delete_forum', $forum_to_delete)) { bb_safe_redirect(add_query_arg(array('action' => false, 'id' => false))); exit; } } if (isset($_GET['message'])) { switch ($_GET['message']) { case 'updated': bb_admin_notice(__('<strong>Forum Updated.</strong>')); break; case 'deleted': bb_admin_notice(sprintf(__('<strong>Forum deleted.</strong> You should <a href="%s">recount your site information</a>.'), bb_get_uri('bb-admin/tools-recount.php', null, BB_URI_CONTEXT_A_HREF + BB_URI_CONTEXT_BB_ADMIN))); break; } } if (!isset($_GET['action'])) { nxt_enqueue_script('admin-forums'); } elseif ('delete' == @$_GET['action']) { bb_admin_notice(sprintf(__('Are you sure you want to delete the "<strong>%s</strong>" forum?'), $deleted_forum->forum_name)); } $bb_admin_body_class = ' bb-admin-forums'; bb_get_admin_header(); ?>
<?php require_once '../bb-load.php'; require_once BB_PATH . 'bb-admin/includes/functions.bb-admin.php'; define('BB_EXPORT_USERS', 1); define('BB_EXPORT_FORUMS', 2); define('BB_EXPORT_TOPICS', 4); // Some example usage of the bitwise export levels (can be defined in bb-config.php) //define('BB_EXPORT_LEVEL', BB_EXPORT_USERS); //define('BB_EXPORT_LEVEL', BB_EXPORT_USERS + BB_EXPORT_FORUMS); //define('BB_EXPORT_LEVEL', BB_EXPORT_USERS + BB_EXPORT_FORUMS + BB_EXPORT_TOPICS); if (!defined('BB_EXPORT_LEVEL')) { define('BB_EXPORT_LEVEL', 0); } if (!BB_EXPORT_LEVEL || !bb_current_user_can('import_export')) { bb_die(__('Either export is disabled or you are not allowed to export.')); } // See bb_export_user for syntax function _bb_export_object($object, $properties = null, $tabs = 1) { $r = ''; if (!($type = $object['type'])) { return; } unset($object['type']); $atts = ''; $id = 0; foreach ($object as $att => $v) { if ('id' == $att) { $id = $v; $v = $type . '_' . $v;
function blocklist_check($post_id = 0, $wall = false) { if (bb_current_user_can('moderate') || bb_current_user_can('throttle')) { return; } if ($wall) { $bb_post = user_wall_get_post($post_id); } else { $bb_post = bb_get_post($post_id); } if (empty($post_id) || empty($bb_post) || !empty($bb_post->post_status)) { return; } global $blocklist, $bbdb; blocklist_initialize(); if (empty($blocklist['data'])) { return; } (array) ($data = explode("\r\n", $blocklist['data'])); $user = bb_get_user($bb_post->poster_id); foreach ($data as $item) { if (empty($item) || strlen($item) < 4 || ord($item) == 35) { continue; } if (preg_match('/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/', $item)) { // is IP if (strpos($bb_post->poster_ip, $item) === 0) { $found = "IP address"; $bad = $item; break; } } else { // is word $qitem = preg_quote($item); if (preg_match('/\\b' . $qitem . '/simU', $user->user_email)) { $found = "email"; $bad = $item; break; } if (preg_match('/\\b' . $qitem . '/simU', $user->user_login)) { $found = "username"; $bad = $item; break; } if (preg_match('/\\b' . $qitem . '/simU', $bb_post->post_text)) { $found = "post text"; $bad = $item; break; } elseif (!$wall && $bb_post->post_position == 1) { if (empty($topic)) { $topic = get_topic($bb_post->topic_id); } if (!empty($topic->topic_title) && preg_match('/\\b' . $qitem . '/simU', $topic->topic_title)) { $found = "topic title"; $bad = $item; break; } } } if (!empty($bad)) { break; } } if (!empty($bad)) { if ($wall) { user_wall_delete_post($post_id, 2); $uri = bb_get_option('uri') . "bb-admin/admin-base.php?post_status=2&plugin=user_wall_admin&user-wall-recent=1"; } else { bb_delete_post($post_id, 2); if (empty($topic)) { $topic = get_topic($bb_post->topic_id); } if (empty($topic->topic_posts)) { bb_delete_topic($topic->topic_id, 2); } // if no posts in topic, also set topic to spam $uri = bb_get_option('uri') . 'bb-admin/' . (defined('BACKPRESS_PATH') ? '' : 'content-') . 'posts.php?post_status=2'; } if (empty($blocklist['email'])) { return; } (array) ($email = explode("\r\n", $blocklist['email'])); $message = "The blocklist has been triggered... \r\n\r\n"; $message .= "Matching entry " . '"' . $bad . '"' . " found in {$found}.\r\n"; $message .= "{$uri}\r\n\r\n"; $message .= sprintf(__('Username: %s'), stripslashes($user->user_login)) . "\r\n"; $message .= sprintf(__('Profile: %s'), get_user_profile_link($user->ID)) . "\r\n"; $message .= sprintf(__('Email: %s'), stripslashes($user->user_email)) . "\r\n"; $message .= sprintf(__('IP address: %s'), $_SERVER['REMOTE_ADDR']) . "\r\n"; $message .= sprintf(__('Agent: %s'), substr(stripslashes($_SERVER["HTTP_USER_AGENT"]), 0, 255)) . "\r\n\r\n"; foreach ($email as $to) { if (empty($to) || strlen($to) < 8) { continue; } @bb_mail($to, "[" . bb_get_option('name') . "] blocklist triggered", $message); } } }
function bb_insert_post($args = null) { global $bbdb, $bb_current_user, $bb; if (!($args = nxt_parse_args($args))) { return false; } $fields = array_keys($args); if (isset($args['post_id']) && false !== $args['post_id']) { $update = true; if (!($post_id = (int) get_post_id($args['post_id']))) { return false; } // Get from db, not cache. Good idea? $post = $bbdb->get_row($bbdb->prepare("SELECT * FROM {$bbdb->posts} WHERE post_id = %d", $post_id)); $defaults = get_object_vars($post); unset($defaults['post_id']); // Only update the args we passed $fields = array_intersect($fields, array_keys($defaults)); if (in_array('topic_id', $fields)) { $fields[] = 'forum_id'; } // No need to run filters if these aren't changing // bb_new_post() and bb_update_post() will always run filters $run_filters = (bool) array_intersect(array('post_status', 'post_text'), $fields); } else { $post_id = false; $update = false; $now = bb_current_time('mysql'); $current_user_id = bb_get_current_user_info('id'); $ip_address = $_SERVER['REMOTE_ADDR']; $defaults = array('topic_id' => 0, 'post_text' => '', 'post_time' => $now, 'poster_id' => $current_user_id, 'poster_ip' => $ip_address, 'post_status' => 0, 'post_position' => false); // Insert all args $fields = array_keys($defaults); $fields[] = 'forum_id'; $run_filters = true; } $defaults['throttle'] = true; extract(nxt_parse_args($args, $defaults)); // If the user is not logged in and loginless posting is ON, then this function expects $post_author, $post_email and $post_url to be sanitized (check bb-post.php for example) if (!($topic = get_topic($topic_id))) { return false; } if (bb_is_login_required() && !($user = bb_get_user($poster_id))) { return false; } $topic_id = (int) $topic->topic_id; $forum_id = (int) $topic->forum_id; if ($run_filters && !($post_text = apply_filters('pre_post', $post_text, $post_id, $topic_id))) { return false; } if ($update) { // Don't change post_status with this function. Use bb_delete_post(). $post_status = $post->post_status; } if ($run_filters) { $post_status = (int) apply_filters('pre_post_status', $post_status, $post_id, $topic_id); } if (false === $post_position) { $post_position = $topic_posts = intval(0 == $post_status ? $topic->topic_posts + 1 : $topic->topic_posts); } unset($defaults['throttle']); if ($update) { $bbdb->update($bbdb->posts, compact($fields), compact('post_id')); nxt_cache_delete($post_id, 'bb_post'); } else { $bbdb->insert($bbdb->posts, compact($fields)); $post_id = $topic_last_post_id = (int) $bbdb->insert_id; if (0 == $post_status) { $topic_time = $post_time; $topic_last_poster = !bb_is_user_logged_in() && !bb_is_login_required() ? -1 : $poster_id; $topic_last_poster_name = !bb_is_user_logged_in() && !bb_is_login_required() ? $post_author : $user->user_login; $bbdb->query($bbdb->prepare("UPDATE {$bbdb->forums} SET posts = posts + 1 WHERE forum_id = %d;", $topic->forum_id)); $bbdb->update($bbdb->topics, compact('topic_time', 'topic_last_poster', 'topic_last_poster_name', 'topic_last_post_id', 'topic_posts'), compact('topic_id')); $query = new BB_Query('post', array('post_author_id' => $poster_id, 'topic_id' => $topic_id, 'post_id' => "-{$post_id}")); if (!$query->results) { $topics_replied_key = $bbdb->prefix . 'topics_replied'; bb_update_usermeta($poster_id, $topics_replied_key, $user->{$topics_replied_key} + 1); } } else { bb_update_topicmeta($topic->topic_id, 'deleted_posts', isset($topic->deleted_posts) ? $topic->deleted_posts + 1 : 1); } } bb_update_topic_voices($topic_id); // if user not logged in, save user data as meta data if (!$user) { bb_update_meta($post_id, 'post_author', $post_author, 'post'); bb_update_meta($post_id, 'post_email', $post_email, 'post'); bb_update_meta($post_id, 'post_url', $post_url, 'post'); } if ($throttle && !bb_current_user_can('throttle')) { if ($user) { bb_update_usermeta($poster_id, 'last_posted', time()); } else { bb_set_transient($_SERVER['REMOTE_ADDR'] . '_last_posted', time()); } } if (!bb_is_login_required() && !($user = bb_get_user($poster_id))) { $post_cookie_lifetime = apply_filters('bb_post_cookie_lifetime', 30000000); setcookie('post_author_' . BB_HASH, $post_author, time() + $post_cookie_lifetime, $bb->cookiepath, $bb->cookiedomain); setcookie('post_author_email_' . BB_HASH, $post_email, time() + $post_cookie_lifetime, $bb->cookiepath, $bb->cookiedomain); setcookie('post_author_url_' . BB_HASH, $post_url, time() + $post_cookie_lifetime, $bb->cookiepath, $bb->cookiedomain); } nxt_cache_delete($topic_id, 'bb_topic'); nxt_cache_delete($topic_id, 'bb_thread'); nxt_cache_delete($forum_id, 'bb_forum'); nxt_cache_flush('bb_forums'); nxt_cache_flush('bb_query'); nxt_cache_flush('bb_cache_posts_post_ids'); if ($update) { // fire actions after cache is flushed do_action('bb_update_post', $post_id); } else { do_action('bb_new_post', $post_id); } do_action('bb_insert_post', $post_id, $args, compact(array_keys($args))); // post_id, what was passed, what was used if (bb_get_option('enable_pingback')) { bb_update_postmeta($post_id, 'pingback_queued', ''); nxt_schedule_single_event(time(), 'do_pingbacks'); } return $post_id; }
function bb_merge_tags($old_id, $new_id) { if (!bb_current_user_can('manage_tags')) { return false; } $old_id = (int) $old_id; $new_id = (int) $new_id; if ($old_id == $new_id) { return false; } do_action('bb_pre_merge_tags', $old_id, $new_id); // Get all topics tagged with old tag $old_topics = bb_get_tagged_topic_ids($old_id); // Get all toics tagged with new tag $new_topics = bb_get_tagged_topic_ids($new_id); // Get intersection of those topics $both_topics = array_intersect($old_topics, $new_topics); // Discard the intersection from the old tags topics $old_topics = array_diff($old_topics, $both_topics); // Add the remainder of the old tag topics to the new tag if (count($old_topics)) { $new_tag = bb_get_tag($new_id); foreach ($old_topics as $old_topic) { bb_add_topic_tag($old_topic, $new_tag->slug); } } // Destroy the old tag $old_tag = bb_destroy_tag($old_id); return array('destroyed' => $old_tag, 'old_count' => count($old_topics), 'diff_count' => count($both_topics)); }
/** * Removes the specified tags from the specified topic * * @since 1.0 * @return integer|object 1 when successfully executed or an IXR_Error object on failure * @param array $args Arguments passed by the XML-RPC call * @param string $args[0] The username for authentication * @param string $args[1] The password for authentication * @param string|integer $args[2] The topic id or slug * @param string|array $args[3] The tags to remove from the topic * * XML-RPC request to remove the tag "banana" to the topic with id 219 * <methodCall> * <methodName>bb.removeTopicTags</methodName> * <params> * <param><value><string>joeblow</string></value></param> * <param><value><string>123password</string></value></param> * <param><value><int>219</int></value></param> * <param><value><string>banana</string></value></param> * </params> * </methodCall> * * XML-RPC request to remove the tags "banana" and "man" to the topic with id 219 * <methodCall> * <methodName>bb.removeTopicTags</methodName> * <params> * <param><value><string>joeblow</string></value></param> * <param><value><string>123password</string></value></param> * <param><value><int>219</int></value></param> * <param><value><string>banana, man</string></value></param> * </params> * </methodCall> * * XML-RPC request to remove the tags "banana" and "man" to the topic with id 219 using an array * <methodCall> * <methodName>bb.removeTopicTags</methodName> * <params> * <param><value><string>joeblow</string></value></param> * <param><value><string>123password</string></value></param> * <param><value><int>219</int></value></param> * <param><value><array> * <data><value><string>banana</string></value></data> * <data><value><string>man</string></value></data> * </array></value></param> * </params> * </methodCall> */ function bb_removeTopicTags($args) { do_action('bb_xmlrpc_call', 'bb.removeTopicTags'); // Escape args $this->escape($args); // Get the login credentials $username = $args[0]; $password = (string) $args[1]; // Check the user is valid $user = $this->authenticate($username, $password, 'edit_tags', __('You do not have permission to edit tags.')); do_action('bb_xmlrpc_call_authenticated', 'bb.removeTopicTags'); // If an error was raised by authentication or by an action then return it if ($this->error) { return $this->error; } // Can be numeric id or slug $topic_id = isset($args[2]) ? $args[2] : false; // Check for bad data if (!$topic_id || !is_string($topic_id) && !is_integer($topic_id)) { $this->error = new IXR_Error(400, __('The topic id is invalid.')); return $this->error; } // Check the requested topic exists if (!($topic = get_topic($topic_id))) { $this->error = new IXR_Error(400, __('No topic found.')); return $this->error; } // The topic id may have been a slug, so make sure it's an integer here $topic_id = (int) $topic->topic_id; // Make sure they are allowed to add tags to this topic if (!bb_current_user_can('add_tag_to', $topic_id)) { $this->error = new IXR_Error(403, __('You do not have permission to remove tags from this topic.')); return $this->error; } $tags = isset($args[3]) ? $args[3] : false; // Check for bad data if (!$tags || !is_string($tags) && !is_array($tags)) { $this->error = new IXR_Error(400, __('The tag data is invalid.')); return $this->error; } // Add the tags if (!bb_remove_topic_tags($topic_id, $tags)) { $this->error = new IXR_Error(500, __('The tags could not be removed.')); return $this->error; } $result = 1; do_action('bb_xmlrpc_call_return', 'bb.removeTopicTags'); // Return the result return $result; }
function bb_attachments_lookup($array, $specific = '') { $key = 'default'; // there is probably a faster/more dynamic way to do role checks??? if (isset($array['administrate']) && bb_current_user_can('administrate')) { $key = 'administrate'; } else { if (isset($array['moderate']) && bb_current_user_can('moderate')) { $key = 'moderate'; } else { if ($specific && isset($array[$specific])) { $key = $specific; } } } if (isset($array[$key])) { return $array[$key]; } else { return ''; } }
function bb_ksd_post_delete_link($parts, $args) { if (!bb_current_user_can('moderate')) { return $parts; } $bb_post = bb_get_post(get_post_id($args['post_id'])); if (2 == $bb_post->post_status) { $query = array('id' => $bb_post->post_id, 'status' => 0, 'view' => 'all'); $display = __('Not Spam'); } else { $query = array('id' => $bb_post->post_id, 'status' => 2); $display = __('Spam'); } $uri = bb_get_uri('bb-admin/delete-post.php', $query, BB_URI_CONTEXT_A_HREF + BB_URI_CONTEXT_BB_ADMIN); $uri = esc_url(bb_nonce_url($uri, 'delete-post_' . $bb_post->post_id)); if (!is_array($parts)) { $parts = array(); $before = ''; $after = ''; } else { $before = $args['last_each']['before']; $after = $args['last_each']['after']; } // Make sure that the last tag in $before gets a class (if it's there) if (preg_match('/.*(<[^>]+>)[^<]*/', $before, $_node)) { if (preg_match('/class=(\'|")(.*)\\1/U', $_node[1], $_class)) { $before = str_replace($_class[0], 'class=' . $_class[1] . 'before-post-spam-link ' . $_class[2] . $_class[1], $before); } else { $before = preg_replace('/(.*)<([a-z0-9_-]+)(\\s?)([^>]*)>([^<]*)/i', '$1<$2 class="before-post-spam-link"$3$4>$5', $before, 1); } } $parts[] = $before . '<a class="post-spam-link" href="' . $uri . '" >' . $display . '</a>' . $after; return $parts; }
<?php require 'admin-action.php'; $topic_id = (int) $_GET['id']; $topic = get_topic($topic_id); $super = isset($_GET['super']) && 1 == (int) $_GET['super'] ? 1 : 0; if (!$topic) { bb_die(__('There is a problem with that topic, pardner.')); } if (!bb_current_user_can('stick_topic', $topic_id)) { wp_redirect(bb_get_uri(null, null, BB_URI_CONTEXT_HEADER)); exit; } bb_check_admin_referer('stick-topic_' . $topic_id); if (topic_is_sticky($topic_id)) { bb_unstick_topic($topic_id); } else { bb_stick_topic($topic_id, $super); } if (!($redirect = wp_get_referer())) { $redirect = get_topic_link($topic_id); } bb_safe_redirect($redirect); exit;
function bb_repermalink() { global $page; $location = bb_get_location(); $uri = $_SERVER['REQUEST_URI']; if (isset($_GET['id'])) { $id = $_GET['id']; } else { $id = bb_get_path(); } $_original_id = $id; do_action('pre_permalink', $id); $id = apply_filters('bb_repermalink', $id); switch ($location) { case 'front-page': $path = null; $querystring = null; if ($page > 1) { if (bb_get_option('mod_rewrite')) { $path = 'page/' . $page; } else { $querystring = array('page' => $page); } } $permalink = bb_get_uri($path, $querystring, BB_URI_CONTEXT_HEADER); $issue_404 = true; break; case 'forum-page': if (empty($id)) { $permalink = bb_get_uri(null, null, BB_URI_CONTEXT_HEADER); break; } global $forum_id, $forum; $forum = bb_get_forum($id); $forum_id = $forum->forum_id; $permalink = get_forum_link($forum->forum_id, $page); break; case 'topic-edit-page': case 'topic-page': if (empty($id)) { $permalink = bb_get_uri(null, null, BB_URI_CONTEXT_HEADER); break; } global $topic_id, $topic; $topic = get_topic($id); $topic_id = $topic->topic_id; $permalink = get_topic_link($topic->topic_id, $page); break; case 'profile-page': // This handles the admin side of the profile as well. global $user_id, $user, $profile_hooks, $self; if (isset($_GET['id'])) { $id = $_GET['id']; } elseif (isset($_GET['username'])) { $id = $_GET['username']; } else { $id = bb_get_path(); } $_original_id = $id; if (!$id) { $user = bb_get_current_user(); // Attempt to go to the current users profile } else { if (bb_get_option('mod_rewrite') === 'slugs') { if (!($user = bb_get_user_by_nicename($id))) { $user = bb_get_user($id); } } else { if (!($user = bb_get_user($id))) { $user = bb_get_user_by_nicename($id); } } } if (!$user || 1 == $user->user_status && !bb_current_user_can('moderate')) { bb_die(__('User not found.'), '', 404); } $user_id = $user->ID; bb_global_profile_menu_structure(); $valid = false; if ($tab = isset($_GET['tab']) ? $_GET['tab'] : bb_get_path(2)) { foreach ($profile_hooks as $valid_tab => $valid_file) { if ($tab == $valid_tab) { $valid = true; $self = $valid_file; } } } if ($valid) { $permalink = get_profile_tab_link($user->ID, $tab, $page); } else { $permalink = get_user_profile_link($user->ID, $page); unset($self, $tab); } break; case 'favorites-page': $permalink = get_favorites_link(); break; case 'tag-page': // It's not an integer and tags.php pulls double duty. $id = isset($_GET['tag']) ? $_GET['tag'] : false; if (!$id || !bb_get_tag((string) $id)) { $permalink = bb_get_tag_page_link(); } else { global $tag, $tag_name; $tag_name = $id; $tag = bb_get_tag((string) $id); $permalink = bb_get_tag_link(0, $page); // 0 => grabs $tag from global. } break; case 'view-page': // Not an integer if (isset($_GET['view'])) { $id = $_GET['view']; } else { $id = bb_get_path(); } $_original_id = $id; global $view; $view = $id; $permalink = get_view_link($view, $page); break; default: return; break; } nxt_parse_str($_SERVER['QUERY_STRING'], $args); $args = urlencode_deep($args); if ($args) { $permalink = add_query_arg($args, $permalink); if (bb_get_option('mod_rewrite')) { $pretty_args = array('id', 'page', 'tag', 'tab', 'username'); // these are already specified in the path if ($location == 'view-page') { $pretty_args[] = 'view'; } foreach ($pretty_args as $pretty_arg) { $permalink = remove_query_arg($pretty_arg, $permalink); } } } $permalink = apply_filters('bb_repermalink_result', $permalink, $location); $domain = bb_get_option('domain'); $domain = preg_replace('/^https?/', '', $domain); $check = preg_replace('|^.*' . trim($domain, ' /') . '|', '', $permalink, 1); $uri = rtrim($uri, " \t\n\r\v?"); $uri = str_replace('/index.php', '/', $uri); global $bb_log; $bb_log->debug($uri, 'bb_repermalink() ' . __('REQUEST_URI')); $bb_log->debug($check, 'bb_repermalink() ' . __('should be')); $bb_log->debug($permalink, 'bb_repermalink() ' . __('full permalink')); $bb_log->debug(isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : null, 'bb_repermalink() ' . __('PATH_INFO')); if ($check != $uri && $check != str_replace(urlencode($_original_id), $_original_id, $uri)) { if ($issue_404 && rtrim($check, " \t\n\r\v/") !== rtrim($uri, " \t\n\r\v/")) { status_header(404); bb_load_template('404.php'); } else { nxt_redirect($permalink); } exit; } do_action('post_permalink', $permalink); }
function bb_bozo_topic_pages_add($add) { global $topic; if (isset($_GET['view']) && 'all' == $_GET['view'] && bb_current_user_can('browse_deleted')) { $add += @array_sum($topic->bozos); } if (bb_current_user_is_bozo($topic->topic_id)) { $add += $topic->bozos[bb_get_current_user_info('id')]; } return $add; }
bb_die(__('No forums to update!')); } if ((int) $_POST['forum_id'] && isset($_POST['forum_name']) && '' !== $_POST['forum_name']) { bb_update_forum($_POST); } foreach (array('action', 'id') as $arg) { $sent_from = remove_query_arg($arg, $sent_from); } bb_safe_redirect(add_query_arg('message', 'updated', $sent_from)); exit; break; case 'delete': bb_check_admin_referer('delete-forums'); $forum_id = (int) $_POST['forum_id']; $move_topics_forum = (int) $_POST['move_topics_forum']; if (!bb_current_user_can('delete_forum', $forum_id)) { bb_die(__("You don't have the authority to kill off the forums.")); } if (isset($_POST['move_topics']) && $_POST['move_topics'] != 'delete') { bb_move_forum_topics($forum_id, $move_topics_forum); } if (!bb_delete_forum($forum_id)) { bb_die(__('Error occured while trying to delete forum')); } foreach (array('action', 'id') as $arg) { $sent_from = remove_query_arg($arg, $sent_from); } bb_safe_redirect(add_query_arg('message', 'deleted', $sent_from)); exit; break; }
bb_check_admin_referer('create-topic'); $topic = trim($_POST['topic']); $tags = trim($_POST['tags']); if ('' == $topic) { bb_die(__('Please enter a topic title')); } $args = array(); if (isset($post_author)) { $args['topic_poster_name'] = $args['topic_last_poster_name'] = $post_author; } $topic_id = bb_new_topic($topic, $forum_id, $tags, $args); } elseif (isset($_POST['topic_id'])) { $topic_id = (int) $_POST['topic_id']; bb_check_admin_referer('create-post_' . $topic_id); } if (bb_is_login_required() && !bb_current_user_can('write_post', $topic_id)) { bb_die(__('You are not allowed to post. Are you logged in?')); } if (!topic_is_open($topic_id)) { bb_die(__('This topic has been closed')); } $post_data = array('post_text' => stripslashes($_POST['post_content']), 'topic_id' => $topic_id); foreach (array('post_author', 'post_email', 'post_url') as $field) { if (!empty(${$field})) { $post_data[$field] = ${$field}; } } $post_id = bb_insert_post($post_data); $tags = trim($_POST['tags']); bb_add_topic_tags($topic_id, $tags); $topic = get_topic($topic_id, false);
<?php require 'admin-action.php'; $topic_id = (int) $_GET['id']; $topic = get_topic($topic_id); if (!$topic) { bb_die(__('There is a problem with that topic, pardner.')); } if (!bb_current_user_can('close_topic', $topic_id)) { nxt_redirect(bb_get_uri(null, null, BB_URI_CONTEXT_HEADER)); exit; } bb_check_admin_referer('close-topic_' . $topic_id); if (topic_is_open($topic_id)) { bb_close_topic($topic_id); $message = 'closed'; } else { bb_open_topic($topic_id); $message = 'opened'; } if ($sendto = nxt_get_referer()) { $sendto = remove_query_arg('message', $sendto); $sendto = add_query_arg('message', $message, $sendto); } else { $sendto = get_topic_link($topic_id); } bb_safe_redirect($sendto); exit;
bb_die(__('Every post needs an author name!')); } elseif (!($post_email = sanitize_email(trim($_POST['email'])))) { bb_die(__('Every post needs a valid email address!')); } if (!empty($_POST['url'])) { $post_url = esc_url(trim($_POST['url'])); } } // Loop through possible anonymous post data foreach (array('post_author', 'post_email', 'post_url') as $field) { if (!empty(${$field})) { $post_data[$field] = ${$field}; } } // Setup topic data if (bb_is_first($bb_post->post_id) && bb_current_user_can('edit_topic', $bb_post->topic_id)) { $post_data['topic_title'] = stripslashes($_POST['topic']); $post_data['topic_id'] = $bb_post->topic_id; bb_insert_topic($post_data); } // Setup post data $post_data['post_text'] = stripslashes($_POST['post_content']); $post_data['post_id'] = $post_id; bb_insert_post($post_data); if ($post_id) { if ($_REQUEST['view'] === 'all') { add_filter('get_post_link', 'bb_make_link_view_all'); } $post_link = get_post_link($post_id); nxt_redirect($post_link); } else {
?> </a></p> <?php topic_pages(array('before' => '<div class="nav">', 'after' => '</div>')); } if (topic_is_open($bb_post->topic_id)) { post_form(); } else { ?> <h2><?php _e('Question Closed'); ?> </h2> <p><?php _e('This topic has been closed to new replies.'); ?> </p> <?php } if (bb_current_user_can('delete_topic', get_topic_id()) || bb_current_user_can('close_topic', get_topic_id()) || bb_current_user_can('stick_topic', get_topic_id()) || bb_current_user_can('move_topic', get_topic_id())) { ?> <div class="admin"> <?php bb_topic_admin(); ?> </div> <?php } bb_get_footer();
function user_favorites_link($add = array(), $rem = array(), $user_id = 0) { global $topic, $bb_current_user; if (empty($add) || !is_array($add)) { $add = array('mid' => __('Add this topic to your favorites'), 'post' => __(' (%?%)')); } if (empty($rem) || !is_array($rem)) { $rem = array('pre' => __('This topic is one of your %favorites% ['), 'mid' => __('×'), 'post' => __(']')); } if ($user_id) { if (!bb_current_user_can('edit_favorites_of', (int) $user_id)) { return false; } if (!($user = bb_get_user(bb_get_user_id($user_id)))) { return false; } } else { if (!bb_current_user_can('edit_favorites')) { return false; } $user =& $bb_current_user->data; } $url = esc_url(get_favorites_link($user_id)); if ($is_fav = is_user_favorite($user->ID, $topic->topic_id)) { $rem = preg_replace('|%(.+)%|', "<a href='{$url}'>\$1</a>", $rem); $favs = array('fav' => '0', 'topic_id' => $topic->topic_id); $pre = is_array($rem) && isset($rem['pre']) ? $rem['pre'] : ''; $mid = is_array($rem) && isset($rem['mid']) ? $rem['mid'] : (is_string($rem) ? $rem : ''); $post = is_array($rem) && isset($rem['post']) ? $rem['post'] : ''; } elseif (false === $is_fav) { $add = preg_replace('|%(.+)%|', "<a href='{$url}'>\$1</a>", $add); $favs = array('fav' => '1', 'topic_id' => $topic->topic_id); $pre = is_array($add) && isset($add['pre']) ? $add['pre'] : ''; $mid = is_array($add) && isset($add['mid']) ? $add['mid'] : (is_string($add) ? $add : ''); $post = is_array($add) && isset($add['post']) ? $add['post'] : ''; } $url = esc_url(bb_nonce_url(add_query_arg($favs, get_favorites_link($user_id)), 'toggle-favorite_' . $topic->topic_id)); if (!is_null($is_fav)) { echo "<span id='favorite-{$topic->topic_id}'>{$pre}<a href='{$url}' class='dim:favorite-toggle:favorite-{$topic->topic_id}:is-favorite'>{$mid}</a>{$post}</span>"; } }
<?php require 'admin.php'; if (!bb_current_user_can('manage_tags')) { bb_die(__('You are not allowed to manage tags.')); } $tag_id = (int) $_POST['id']; $tag = stripslashes($_POST['tag']); bb_check_admin_referer('rename-tag_' . $tag_id); if (!($old_tag = bb_get_tag($tag_id))) { bb_die(__('Tag not found.')); } if ($tag = bb_rename_tag($tag_id, $tag)) { wp_redirect(bb_get_tag_link()); } else { bb_die(printf(__('There already exists a tag by that name or the name is invalid. <a href="%s">Try Again</a>'), wp_get_referer())); } exit;
bb_admin_notice(__('<strong>Post removed from spam.</strong> It is now a normal post.')); break; case 'unspammed-deleted': bb_admin_notice(__('<strong>Post removed from spam.</strong> It is now a deleted post.')); break; } } $ip_available = false; if (bb_current_user_can('view_by_ip')) { $ip_available = true; } elseif (isset($_GET['poster_ip'])) { unset($_GET['poster_ip']); } $bb_admin_body_class = ' bb-admin-posts'; bb_get_admin_header(); if (!bb_current_user_can('browse_deleted')) { die(__("Now how'd you get here? And what did you think you'd being doing?")); } //This should never happen. add_filter('get_topic_where', 'bb_no_where'); add_filter('get_topic_link', 'bb_make_link_view_all'); add_filter('post_edit_uri', 'bb_make_link_view_all'); $post_query = new BB_Query_Form('post', array('post_status' => 'normal', 'count' => true, 'per_page' => 20)); $bb_posts =& $post_query->results; $total = $post_query->found_rows; ?> <div class="wrap"> <h2><?php _e('Posts');