/** * Standard modular run function for snippet hooks. Generates XHTML to insert into a page using AJAX. * * @return tempcode The snippet */ function run() { $type = get_param('type'); if (!has_zone_access(get_member(), 'adminzone')) { return new ocp_tempcode(); } decache('main_staff_checklist'); require_lang('staff_checklist'); switch ($type) { case 'add': $recurinterval = get_param_integer('recurinterval', 0); $task_title = get_param('tasktitle', false, true); $id = $GLOBALS['SITE_DB']->query_insert('customtasks', array('tasktitle' => $task_title, 'datetimeadded' => time(), 'recurinterval' => $recurinterval, 'recurevery' => get_param('recurevery'), 'taskisdone' => NULL), true); require_code('notifications'); $subject = do_lang('CT_NOTIFICATION_MAIL_SUBJECT', get_site_name(), $task_title); $mail = do_lang('CT_NOTIFICATION_MAIL', comcode_escape(get_site_name()), comcode_escape($task_title)); dispatch_notification('checklist_task', NULL, $subject, $mail); return do_template('BLOCK_MAIN_STAFF_CHECKLIST_CUSTOM_TASK', array('TASKTITLE' => comcode_to_tempcode(get_param('tasktitle', false, true)), 'DATETIMEADDED' => display_time_period(time()), 'RECURINTERVAL' => $recurinterval == 0 ? '' : integer_format($recurinterval), 'RECUREVERY' => get_param('recurevery'), 'TASKDONE' => 'not_completed', 'ID' => strval($id))); case 'delete': $GLOBALS['SITE_DB']->query_delete('customtasks', array('id' => get_param_integer('id')), '', 1); break; case 'mark_done': $GLOBALS['SITE_DB']->query_update('customtasks', array('taskisdone' => time()), array('id' => get_param_integer('id')), '', 1); break; case 'mark_undone': $GLOBALS['SITE_DB']->query_update('customtasks', array('taskisdone' => NULL), array('id' => get_param_integer('id')), '', 1); break; } return new ocp_tempcode(); }
/** * Check the Comcode is valid. * * @param LONG_TEXT The comcode to convert * @param ?MEMBER The member the evaluation is running as. This is a security issue, and you should only run as an administrator if you have considered where the comcode came from carefully (NULL: current member) * @param boolean Whether to explicitly execute this with admin rights. There are a few rare situations where this should be done, for data you know didn't come from a member, but is being evaluated by one. * @param ?object The database connection to use (NULL: standard site connection) * @param boolean Whether there might be new attachments. If there are, we will check as lax- as attachments are always preserved by forcing lax parsing. */ function check_comcode($comcode, $source_member = NULL, $as_admin = false, $connection = NULL, $attachment_possibility = false) { if (running_script('stress_test_loader')) { return; } global $LAX_COMCODE; $temp = $LAX_COMCODE; if ($attachment_possibility) { $has_one = false; foreach ($_POST as $key => $value) { if (preg_match('#^hidFileID\\_#i', $key) != 0) { require_code('uploads'); $has_one = is_swf_upload(); } } foreach ($_FILES as $key => $file) { $matches = array(); if (is_uploaded_file($file['tmp_name']) && preg_match('#file(\\d)#', $key, $matches) != 0) { $has_one = true; } } if ($has_one) { $LAX_COMCODE = true; } // We don't want a simple syntax error to cause us to lose our attachments } comcode_to_tempcode($comcode, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, true); $LAX_COMCODE = $temp; }
/** * Standard modular run function for preview hooks. * * @return array A pair: The preview, the updated post Comcode */ function run() { require_code('comcode_add'); $comcode = _get_preview_environment_comcode(post_param('tag')); $temp_tpl = comcode_to_tempcode($comcode[0]); return array($temp_tpl, NULL); }
/** * Standard modular run function for preview hooks. * * @return array A pair: The preview, the updated post Comcode */ function run() { if (!has_specific_permission(get_member(), 'comcode_dangerous')) { exit; } require_code('zones2'); require_code('zones3'); $bparameters = ''; $bparameters_xml = ''; $block = post_param('block'); $parameters = get_block_parameters($block); $parameters[] = 'failsafe'; $parameters[] = 'cache'; $parameters[] = 'quick_cache'; foreach ($parameters as $parameter) { $value = post_param($parameter, NULL); if (is_null($value)) { if (post_param_integer('tick_on_form__' . $parameter, NULL) === NULL) { continue; } // If not on form, continue, otherwise must be 0 $value = '0'; } if ($value != '' && ($parameter != 'failsafe' || $value == '1') && ($parameter != 'cache' || $value != block_cache_default($block)) && ($parameter != 'quick_cache' || $value == '1')) { $bparameters .= ' ' . $parameter . '="' . str_replace('"', '\\"', $value) . '"'; $bparameters_xml = '<blockParam key="' . escape_html($parameter) . '" val="' . escape_html($value) . '" />'; } } $comcode = '[block' . $bparameters . ']' . $block . '[/block]'; $preview = comcode_to_tempcode($comcode); return array($preview, NULL); }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { unset($map); $forum = get_forum_type(); $out = new ocp_tempcode(); if ($forum != 'none') { // Standard welcome back vs into greeting $member = get_member(); if (is_guest($member)) { $redirect = get_self_url(true, true); $login_url = build_url(array('page' => 'login', 'type' => 'misc', 'redirect' => $redirect), get_module_zone('login')); $join_url = $GLOBALS['FORUM_DRIVER']->join_url(); $join_bits = do_template('JOIN_OR_LOGIN', array('LOGIN_URL' => $login_url, 'JOIN_URL' => $join_url)); $p = do_lang_tempcode('WELCOME', $join_bits); $out->attach(paragraph($p, 'hhrt4dsgdsgd')); } else { $out->attach(paragraph(do_lang_tempcode('WELCOME_BACK', escape_html($GLOBALS['FORUM_DRIVER']->get_username($member))), 'gfgdf9gjd')); } } $message = get_option('welcome_message'); if (has_actual_page_access(get_member(), 'admin_config')) { if ($message != '') { $message .= ' [[page="_SEARCH:admin_config:category:SITE#group_GENERAL"]' . do_lang('EDIT') . '[/page]]'; } } $out->attach(comcode_to_tempcode($message, NULL, true)); return $out; }
/** * Standard modular run function for preview hooks. * * @return array A pair: The preview, the updated post Comcode */ function run() { require_code('uploads'); $urls = get_url('', 'file', 'uploads/iotds', 0, OCP_UPLOAD_IMAGE, true, '', 'file2'); if ($urls[0] == '') { if (!is_null(post_param_integer('id', NULL))) { $rows = $GLOBALS['SITE_DB']->query_select('iotds', array('url', 'thumb_url'), array('id' => post_param_integer('id')), '', 1); $urls = $rows[0]; $url = $urls['url']; $thumb_url = $urls['thumb_url']; } else { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_UPLOAD')); } } else { $url = $urls[0]; $thumb_url = $urls[1]; } $caption = comcode_to_tempcode(post_param('caption', '')); $title = comcode_to_tempcode(post_param('title', '')); require_code('images'); $thumb = do_image_thumb(url_is_local($thumb_url) ? get_custom_base_url() . '/' . $thumb_url : $thumb_url, $caption, true); $url = url_is_local($url) ? get_custom_base_url() . '/' . $url : $url; $preview = do_template('IOTD', array('ID' => '', 'IMAGE_URL' => $url, 'SUBMITTER' => strval(get_member()), 'VIEW_URL' => $url, 'IMAGE' => $thumb, 'CAPTION' => $title)); return array($preview, NULL); }
function testHtml() { $expectations = array(" - foo" => "<ul><li>foo</li></ul>"); foreach ($expectations as $comcode => $html) { $actual = comcode_to_tempcode($comcode); assertTrue(preg_replace('#\\s#', '', $html) == preg_replace('#\\s#', '', $actual->evaluate())); } }
function testComcode() { $expectations = array(" - foo " => "<ul><li>foo</li></ul>", " - foo\n - bar" => "<ul><li>foo</li><li>bar</li></ul>", " - foo - bar" => " - foo - bar", "" => " ", " -foo" => "-foo", "-foo" => "-foo", "--foo" => "--foo", "[b]bar[/b]" => "<strongclass=\"comcode_bold\">bar</strong>"); foreach ($expectations as $comcode => $html) { $actual = comcode_to_tempcode($comcode, NULL, false, 60, NULL, NULL, false, false, false, false, false, NULL, NULL); $matches = preg_replace('#\\s#', '', $html) == str_replace(" ", "", preg_replace('#\\s#', '', $actual->evaluate())); // if (!$matches) // exit(preg_replace('#\s#','',$html).' vs '.str_replace(" ","",preg_replace('#\s#','',$actual->evaluate()))); $this->assertTrue($matches); } }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { if (!array_key_exists('param', $map)) { return new ocp_tempcode(); } if (match_key_match($map['param'])) { $caption = array_key_exists('caption', $map) ? $map['caption'] : ''; return comcode_to_tempcode($caption, get_member(), true); } return new ocp_tempcode(); }
/** * Show a download licence for display */ function download_licence_script() { $id = get_param_integer('id'); $rows = $GLOBALS['SITE_DB']->query_select('download_licences', array('*'), array('id' => $id), '', 1); if (!array_key_exists(0, $rows)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $licence_title = $rows[0]['l_title']; $licence_text = $rows[0]['l_text']; $echo = do_template('POPUP_HTML_WRAP', array('_GUID' => 'd8f60d5f6f56b08589ed6f4b874dad85', 'TITLE' => $licence_title, 'CONTENT' => comcode_to_tempcode($licence_text, $GLOBALS['FORUM_DRIVER']->get_guest_id(), false))); $echo->evaluate_echo(); }
/** * Standard modular run function for preview hooks. * * @return array A pair: The preview, the updated post Comcode */ function run() { // Find review, if there is one $individual_review_ratings = array(); $review_rating = post_param('review_rating', ''); if ($review_rating != '') { $individual_review_ratings[''] = array('REVIEW_TITLE' => '', 'REVIEW_RATING' => $review_rating); } $poster_name = $GLOBALS['FORUM_DRIVER']->get_username(get_member()); $post = comcode_to_tempcode(post_param('post')); // OCF renderings of poster static $hooks = NULL; if (is_null($hooks)) { $hooks = find_all_hooks('modules', 'topicview'); } static $hook_objects = NULL; if (is_null($hook_objects)) { $hook_objects = array(); foreach (array_keys($hooks) as $hook) { require_code('hooks/modules/topicview/' . filter_naughty_harsh($hook)); $object = object_factory('Hook_' . filter_naughty_harsh($hook), true); if (is_null($object)) { continue; } $hook_objects[$hook] = $object; } } if (!is_guest()) { require_code('ocf_members2'); $poster_details = ocf_show_member_box(get_member(), false, $hooks, $hook_objects, false); } else { $custom_fields = new ocp_tempcode(); $poster_details = new ocp_tempcode(); } if (addon_installed('ocf_forum')) { if (!is_guest()) { $poster = do_template('OCF_POSTER_MEMBER', array('ONLINE' => true, 'ID' => strval(get_member()), 'POSTER_DETAILS' => $poster_details, 'PROFILE_URL' => $GLOBALS['FORUM_DRIVER']->member_profile_url(get_member(), false, true), 'POSTER_USERNAME' => $poster_name)); } else { $poster = do_template('OCF_POSTER_GUEST', array('IP_LINK' => '', 'POSTER_DETAILS' => $poster_details, 'POSTER_USERNAME' => $poster_name)); } } else { $poster = make_string_tempcode(escape_html($poster_name)); // Should never happen actually, as applies discounts hook from even running } $highlight = false; $datetime_raw = time(); $datetime = get_timezoned_date(time()); $poster_url = $GLOBALS['FORUM_DRIVER']->member_profile_url(get_member()); $title = post_param('title', ''); $tpl = do_template('POST', array('INDIVIDUAL_REVIEW_RATINGS' => $individual_review_ratings, 'HIGHLIGHT' => $highlight, 'TITLE' => $title, 'TIME_RAW' => strval($datetime_raw), 'TIME' => $datetime, 'POSTER_URL' => $poster_url, 'POSTER_NAME' => $poster_name, 'POST' => $post, 'POSTER_ID' => strval(get_member()), 'POSTER' => $poster, 'POSTER_DETAILS' => $poster_details, 'ID' => '', 'CHILDREN' => '', 'RATING' => '', 'EMPHASIS' => '', 'BUTTONS' => '', 'TOPIC_ID' => '', 'UNVALIDATED' => '', 'IS_SPACER_POST' => false, 'NUM_TO_SHOW_LIMIT' => '0')); return array($tpl, NULL); }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { require_lang('quotes'); $file = array_key_exists('param', $map) ? $map['param'] : 'quotes'; $title = array_key_exists('title', $map) ? $map['title'] : do_lang('QUOTES'); require_code('textfiles'); $place = _find_text_file_path($file, ''); if (!file_exists($place)) { warn_exit(do_lang_tempcode('DIRECTORY_NOT_FOUND', escape_html($place))); } $edit_url = new ocp_tempcode(); if ($file == 'quotes' && has_actual_page_access(get_member(), 'quotes', 'adminzone')) { $edit_url = build_url(array('page' => 'quotes'), 'adminzone'); } return do_template('BLOCK_MAIN_QUOTES', array('_GUID' => '7cab7422f603f7b1197c940de48b99aa', 'TITLE' => $title, 'EDIT_URL' => $edit_url, 'FILE' => $file, 'CONTENT' => comcode_to_tempcode($this->get_random_line($place), NULL, true))); }
/** * Standard modular run function for preview hooks. * * @return array A pair: The preview, the updated post Comcode */ function run() { $original_comcode = post_param('post'); $posting_ref_id = post_param_integer('posting_ref_id', mt_rand(0, 100000)); $post_bits = do_comcode_attachments($original_comcode, 'news', strval(-$posting_ref_id), true, $GLOBALS['SITE_DB']); $post_comcode = $post_bits['comcode']; $post_html = $post_bits['tempcode']; $view_space_map = array(); $view_space_map[post_param('label_for__title')] = escape_html(post_param('title')); $view_space_map[post_param('label_for__post')] = $post_html; $view_space_map[post_param('label_for__news')] = comcode_to_tempcode(post_param('news', '')); require_code('templates_view_space'); $view_space_fields = new ocp_tempcode(); foreach ($view_space_map as $key => $val) { $view_space_fields->attach(view_space_field($key, $val, true)); } $output = do_template('VIEW_SPACE', array('WIDTH' => '170', 'FIELDS' => $view_space_fields)); return array($output, $post_comcode); }
function activities_ajax_submit_handler() { header('Content-Type: text/xml'); // header('HTTP/1.0 200 Ok'); header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past $response = '<' . '?xml version="1.0" encoding="' . get_charset() . '" ?' . '>'; $response .= '<response><content>'; $map = array(); $guest_id = intval($GLOBALS['FORUM_DRIVER']->get_guest_id()); if (!is_guest(get_member())) { $map['STATUS'] = trim(either_param('status', '')); if (post_param('zone', '') != '' && $map['STATUS'] != '' && $map['STATUS'] != do_lang('activities:TYPE_HERE')) { comcode_to_tempcode($map['STATUS'], $guest_id, false, NULL); $map['PRIVACY'] = either_param('privacy', 'private'); if (strlen(strip_tags($map['STATUS'])) < strlen($map['STATUS'])) { $cc_guide = build_url(array('page' => 'userguide_comcode'), 'site'); $response .= '<success>0</success><feedback><![CDATA[No HTML allowed. See <a href="' . $cc_guide->evaluate() . '">Comcode Help</a> for info on the alternative.]]></feedback>'; } else { if (strlen($map['STATUS']) > 255) { $response .= '<success>0</success><feedback>Message is ' . strval(strlen($map['STATUS']) - 255) . ' characters too long</feedback>'; } else { $stored_id = activities_addon_syndicate_described_activity('RAW_DUMP', $map['STATUS'], '', '', '', '', '', '', $map['PRIVACY'] == 'public' ? 1 : 0); if ($stored_id > 0) { $response .= '<success>1</success><feedback>Message received.</feedback>'; } elseif ($stored_id == -1) { $response .= '<success>0</success><feedback>Message already received.</feedback>'; } } } } } else { $response .= '<success>0</success><feedback>' . do_lang('LOGIN_EXPIRED_POST') . '</feedback>'; } $response .= '</content></response>'; echo $response; }
/** * Standard modular run function for preview hooks. * * @return array A pair: The preview, the updated post Comcode */ function run() { require_code('uploads'); require_lang('banners'); // Check according to banner type $title_text = post_param('title_text', ''); $direct_code = post_param('direct_code', ''); $url_param_name = 'image_url'; $file_param_name = 'file'; require_code('uploads'); $is_upload = is_swf_upload() || array_key_exists($file_param_name, $_FILES) && (array_key_exists('tmp_name', $_FILES[$file_param_name]) && is_uploaded_file($_FILES[$file_param_name]['tmp_name'])); $_banner_type_rows = $GLOBALS['SITE_DB']->query_select('banner_types', array('*'), array('id' => post_param('b_type')), '', 1); if (!array_key_exists(0, $_banner_type_rows)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $banner_type_row = $_banner_type_rows[0]; if ($banner_type_row['t_is_textual'] == 0) { if ($direct_code == '') { $urls = get_url($url_param_name, $file_param_name, 'uploads/banners', 0, $is_upload ? OCP_UPLOAD_IMAGE : OCP_UPLOAD_ANYTHING); $img_url = fixup_protocolless_urls($urls[0]); if ($img_url == '') { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_UPLOAD_BANNERS')); } } else { $img_url = ''; } } else { $img_url = ''; if ($title_text == '') { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_BANNERS')); } if (strlen($title_text) > $banner_type_row['t_max_file_size']) { warn_exit(do_lang_tempcode('BANNER_TOO_LARGE_2', integer_format(strlen($title_text)), integer_format($banner_type_row['t_max_file_size']))); } } require_code('banners'); $preview = show_banner(post_param('name'), post_param('title_text', ''), comcode_to_tempcode(post_param('caption')), $img_url, '', post_param('site_url'), post_param('b_type')); return array($preview, NULL); }
/** * Output the ocWorld messages script. */ function ocworld_messages_script() { require_lang('ocworld'); require_lang('chat'); $member_id = get_member(); $rows = $GLOBALS['SITE_DB']->query_select('w_members', array('location_realm', 'location_x', 'location_y'), array('id' => $member_id), '', 1); if (!array_key_exists(0, $rows)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } list($realm, $x, $y) = array($rows[0]['location_realm'], $rows[0]['location_x'], $rows[0]['location_y']); $rows = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'w_messages WHERE location_x=' . strval((int) $x) . ' AND location_y=' . strval((int) $y) . ' AND location_realm=' . strval((int) $realm) . ' AND (destination=' . strval((int) $member_id) . ' OR destination IS NULL OR originator_id=' . strval((int) $member_id) . ') ORDER BY m_datetime DESC'); $messages = new ocp_tempcode(); foreach ($rows as $myrow) { $message_sender = $GLOBALS['FORUM_DRIVER']->get_username($myrow['originator_id']); if (is_null($message_sender)) { $message_sender = do_lang('UNKNOWN'); } $messages->attach(do_template('W_MESSAGE_' . (is_null($myrow['destination']) ? 'ALL' : 'TO'), array('MESSAGESENDER' => $message_sender, 'MESSAGE' => comcode_to_tempcode($myrow['m_message'], $myrow['originator_id']), 'DATETIME' => get_timezoned_date($myrow['m_datetime'])))); } $css = do_template('CSS_NEED', array('_GUID' => '0c2b42583214051a3841d4654537b16f', 'CODE' => 'ocworld')); $tpl = do_template('W_MESSAGES', array('_GUID' => '05b40c794578d3221e2775895ecf8dbb', 'MESSAGES' => $messages, 'CSS' => $css)); $tpl->evaluate_echo(); }
/** * Standard modular run function for preview hooks. * * @return array A pair: The preview, the updated post Comcode */ function run() { // Our questions templated $tpl = new ocp_tempcode(); $i = 1; do { $answer_plain = post_param('option' . strval($i)); if ($answer_plain != '') { $answer = comcode_to_tempcode($answer_plain); $votes = 0; $width = 0; $tpl->attach(do_template('POLL_ANSWER_RESULT', array('PID' => '', 'I' => strval($i), 'VOTE_URL' => '', 'ANSWER' => $answer, 'ANSWER_PLAIN' => $answer_plain, 'WIDTH' => strval($width), 'VOTES' => integer_format($votes)))); $i++; } } while ($answer_plain != ''); $submit_url = new ocp_tempcode(); // Do our final template $question_plain = post_param('question'); $question = comcode_to_tempcode($question_plain); $archive_url = build_url(array('page' => 'polls', 'type' => 'misc'), get_module_zone('polls')); $map2 = array('VOTE_URL' => '', 'SUBMITTER' => strval(get_member()), 'PID' => '', 'FULL_URL' => '', 'CONTENT' => $tpl, 'QUESTION' => $question, 'QUESTION_PLAIN' => $question_plain, 'SUBMIT_URL' => $submit_url, 'ARCHIVE_URL' => $archive_url, 'RESULT_URL' => '', 'ZONE' => ''); $output = do_template('POLL', $map2); return array($output, NULL); }
/** * Makes a post in the specified forum, in the specified topic according to the given specifications. If the topic doesn't exist, it is created along with a spacer-post. * Spacer posts exist in order to allow staff to delete the first true post in a topic. Without spacers, this would not be possible with most forum systems. They also serve to provide meta information on the topic that cannot be encoded in the title (such as a link to the content being commented upon). * * @param SHORT_TEXT The forum name * @param SHORT_TEXT The topic identifier (usually <content-type>_<content-id>) * @param MEMBER The member ID * @param LONG_TEXT The post title * @param LONG_TEXT The post content in Comcode format * @param string The topic title; must be same as content title if this is for a comment topic * @param string This is put together with the topic identifier to make a more-human-readable topic title or topic description (hopefully the latter and a $content_title title, but only if the forum supports descriptions) * @param ?URLPATH URL to the content (NULL: do not make spacer post) * @param ?TIME The post time (NULL: use current time) * @param ?IP The post IP address (NULL: use current members IP address) * @param ?BINARY Whether the post is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver. * @param ?BINARY Whether the topic is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver. * @param boolean Whether to skip post checks * @param SHORT_TEXT The name of the poster * @param ?AUTO_LINK ID of post being replied to (NULL: N/A) * @param boolean Whether the reply is only visible to staff * @return array Topic ID (may be NULL), and whether a hidden post has been made */ function make_post_forum_topic($forum_name, $topic_identifier, $member, $post_title, $_post, $content_title, $topic_identifier_encapsulation_prefix, $content_url = NULL, $time = NULL, $ip = NULL, $validated = NULL, $topic_validated = 1, $skip_post_checks = false, $poster_name_if_guest = '', $parent_id = NULL, $staff_only = false) { $__post = comcode_to_tempcode($_post); $post = $__post->evaluate(); if (is_null($time)) { $time = time(); } if (is_null($ip)) { $ip = get_ip_address(); } $forum_id = $this->forum_id_from_name($forum_name); if (is_null($forum_id)) { warn_exit(do_lang_tempcode('MISSING_FORUM', escape_html($forum_name))); } $username = $this->get_username($member); $topic_id = $this->find_topic_id_for_topic_identifier($forum_name, $topic_identifier); $is_new = is_null($topic_id); if ($is_new) { $topic_id = $this->connection->query_insert('topics', array('title' => $this->ipb_escape($content_title . ', ' . $topic_identifier_encapsulation_prefix . ': #' . $topic_identifier), 'state' => 'open', 'posts' => 1, 'starter_id' => $member, 'start_date' => $time, 'icon_id' => 0, 'starter_name' => $username, 'poll_state' => 0, 'last_vote' => 0, 'forum_id' => $forum_id, 'approved' => 1, 'author_mode' => 1), true); $home_link = hyperlink($content_url, escape_html($content_title)); $this->connection->query_insert('posts', array('author_id' => 0, 'author_name' => do_lang('SYSTEM', '', '', '', get_site_default_lang()), 'ip_address' => '127.0.0.1', 'post_date' => $time, 'icon_id' => 0, 'post' => do_lang('SPACER_POST', $home_link->evaluate(), '', '', get_site_default_lang()), 'queued' => 0, 'topic_id' => $topic_id, 'forum_id' => $forum_id, 'attach_id' => '', 'attach_hits' => 0, 'attach_type' => '', 'attach_file' => '', 'post_title' => '', 'new_topic' => 1)); $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'forums SET topics=(topics+1) WHERE id=' . strval((int) $forum_id), 1); } $GLOBALS['LAST_TOPIC_ID'] = $topic_id; $GLOBALS['LAST_TOPIC_IS_NEW'] = $is_new; if ($post == '') { return array($topic_id, false); } $this->connection->query_insert('posts', array('author_id' => $member, 'author_name' => $this->ipb_escape($username), 'ip_address' => $ip, 'post_date' => $time, 'icon_id' => 0, 'post' => $post, 'queued' => 0, 'topic_id' => $topic_id, 'forum_id' => $forum_id, 'attach_id' => '', 'attach_hits' => 0, 'attach_type' => '', 'attach_file' => '', 'post_title' => $this->ipb_escape($post_title), 'new_topic' => 0)); $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'forums SET posts=(posts+1), last_post=' . strval($time) . ', last_poster_id=' . strval((int) $member) . ', last_poster_name=\'' . db_escape_string($this->ipb_escape($username)) . '\', last_id=' . strval((int) $topic_id) . ', last_title=\'' . db_escape_string($this->ipb_escape($post_title)) . '\' WHERE id=' . strval((int) $forum_id), 1); $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'topics SET posts=(posts+1), last_post=' . strval($time) . ', last_poster_id=' . strval((int) $member) . ', last_poster_name=\'' . db_escape_string($this->ipb_escape($username)) . '\' WHERE tid=' . strval((int) $topic_id), 1); return array($topic_id, false); }
/** * Standard stage of pointstore item purchase. * * @return tempcode The UI */ function __text() { if (get_option('is_on_flagrant_buy') == '0') { return new ocp_tempcode(); } $title = get_page_title('TITLE_NEWTEXT'); //So we don't need to call this big long ugly name... $days = post_param_integer('days'); $message = post_param('message'); $member_id = get_member(); $pointsleft = available_points($member_id); //First we need to know the price of the number of days we ordered. After that, compare that price //with our users current number of points. $dayprice = intval(get_option('text')); $total = $dayprice * $days; if (!($days >= 1)) { return warn_screen($title, do_lang_tempcode('FLAGRANT_POSITIVE_DAYS')); } if ($pointsleft < $total && !has_specific_permission(get_member(), 'give_points_self')) { return warn_screen($title, do_lang_tempcode('FLAGRANT_LACK_POINTS', integer_format($days), integer_format($total), array(integer_format($pointsleft)))); } // the order screen... $action = do_lang_tempcode('CONFIRM_FLAGRANT', integer_format($days)); $keep = form_input_hidden('message', $message); $keep->attach(form_input_hidden('days', strval($days))); $proceed_url = build_url(array('page' => '_SELF', 'type' => '___text', 'id' => 'flagrant'), '_SELF'); return do_template('POINTSTORE_CONFIRM_SCREEN', array('_GUID' => 'e2b139122d95af6a1930e84b41609145', 'TITLE' => $title, 'KEEP' => $keep, 'ACTION' => $action, 'COST' => integer_format($total), 'POINTS_AFTER' => integer_format($pointsleft - $total), 'PROCEED_URL' => $proceed_url, 'MESSAGE' => comcode_to_tempcode($message), 'CANCEL_URL' => build_url(array('page' => '_SELF'), '_SELF'))); }
/** * Get tempcode for a Comcode rich-media attachment. * * @param ID_TEXT The attachment tag * @set attachment attachment_safe attachment2 * @param array A map of the attributes (name=>val) for the tag * @param array A map of the attachment properties (name=>val) for the attachment * @param string A special identifier to mark where the resultant tempcode is going to end up (e.g. the ID of a post) * @param MEMBER The member who is responsible for this Comcode * @param boolean Whether to check as arbitrary admin * @param object The database connection to use * @param ?array A list of words to highlight (NULL: none) * @param ?MEMBER The member we are running on behalf of, with respect to how attachments are handled; we may use this members attachments that are already within this post, and our new attachments will be handed to this member (NULL: member evaluating) * @param boolean Whether to parse so as to create something that would fit inside a semihtml tag. It means we generate HTML, with Comcode written into it where the tag could never be reverse-converted (e.g. a block). * @return tempcode The tempcode for the attachment */ function render_attachment($tag, $attributes, $attachment, $pass_id, $source_member, $as_admin, $connection, $highlight_bits = NULL, $on_behalf_of_member = NULL, $semiparse_mode = false) { require_code('comcode_renderer'); $extension = get_file_extension($attachment['a_original_filename']); require_code('mime_types'); $mime_type = get_mime_type($extension); $attachment['CLEAN_SIZE'] = clean_file_size($attachment['a_file_size']); $attachment['MIME_TYPE'] = $mime_type; $attachment['PASS_ID'] = intval($pass_id) < 0 ? strval(mt_rand(0, 10000)) : $pass_id; $attachment['SCRIPT'] = find_script('attachment'); $attachment['RAND'] = strval(mt_rand(0, 32000)); if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) { $attachment['SUP_PARAMS'] = '&forum_db=1'; $attachment['FORUM_DB_BIN'] = '1'; } else { $attachment['SUP_PARAMS'] = ''; $attachment['FORUM_DB_BIN'] = ''; } $type = trim(array_key_exists('type', $attributes) ? $attributes['type'] : 'auto'); $attachment['id'] = strval($attachment['id']); $attachment['a_member_id'] = strval($attachment['a_member_id']); $attachment['a_file_size'] = strval($attachment['a_file_size']); $attachment['a_last_downloaded_time'] = is_null($attachment['a_last_downloaded_time']) ? '' : strval($attachment['a_last_downloaded_time']); $attachment['a_add_time'] = strval($attachment['a_add_time']); $attachment['a_num_downloads'] = integer_format($attachment['a_num_downloads']); require_code('images'); $attachment['a_width'] = array_key_exists('width', $attributes) ? strval(intval($attributes['width'])) : ''; $attachment['a_height'] = array_key_exists('height', $attributes) ? strval(intval($attributes['height'])) : ''; if ($attachment['a_width'] == '' || $attachment['a_height'] == '') { if (addon_installed('galleries') && is_video($attachment['a_original_filename']) && url_is_local($attachment['a_url'])) { require_code('galleries2'); $vid_details = get_video_details(get_custom_file_base() . '/' . rawurldecode($attachment['a_url']), $attachment['a_original_filename'], true); if ($vid_details !== false) { list($_width, $_height, ) = $vid_details; if ($attachment['a_width'] == '') { $attachment['a_width'] = strval($_width); } if ($attachment['a_height'] == '') { $attachment['a_height'] = strval($_height); } } } if ($attachment['a_width'] == '' || $attachment['a_height'] == '') { if ($attachment['a_width'] == '') { $attachment['a_width'] = '240'; } if ($attachment['a_height'] == '') { $attachment['a_height'] = '216'; } } } $attachment['a_align'] = array_key_exists('align', $attributes) ? $attributes['align'] : 'left'; if (!array_key_exists('a_description', $attachment)) { if (array_key_exists('description', $attributes)) { $attachment['description'] = $attributes['description']; } if (!array_key_exists('description', $attachment)) { $attachment['description'] = ''; } $attachment['a_description'] = is_object($attachment['description']) ? $attachment['description'] : comcode_to_tempcode($attachment['description'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, NULL, $on_behalf_of_member); } else { $attachment['a_description'] = comcode_to_tempcode($attachment['a_description'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, NULL, $on_behalf_of_member); } $attachment['a_type'] = $type; $attachment['a_thumb'] = array_key_exists('thumb', $attributes) ? $attributes['thumb'] : '1'; if ($attachment['a_thumb'] != '0') { $attachment['a_thumb'] = '1'; } $attachment['a_thumb_url'] = array_key_exists('thumb_url', $attributes) ? $attributes['thumb_url'] : $attachment['a_thumb_url']; switch ($type) { case 'email': require_code('mail'); global $EMAIL_ATTACHMENTS; if (url_is_local($attachment['a_url'])) { $attachment['a_url'] = get_custom_base_url() . '/' . $attachment['a_url']; } $EMAIL_ATTACHMENTS[$attachment['a_url']] = $attachment['a_original_filename']; $temp_tpl = new ocp_tempcode(); break; case 'code': $url = $attachment['a_url']; if (url_is_local($url)) { $url = get_custom_base_url() . '/' . $url; } $file_contents = http_download_file($url, 1024 * 1024 * 20); list($_embed, $title) = do_code_box($extension, make_string_tempcode($file_contents)); if ($attachment['a_original_filename'] != '') { $title = escape_html($attachment['a_original_filename']); } $temp_tpl = do_template('COMCODE_CODE', array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true, 'STYLE' => '', 'TYPE' => $extension, 'CONTENT' => $_embed, 'TITLE' => $title)); break; case 'hyperlink': if ($tag == 'attachment') { $keep = symbol_tempcode('KEEP'); $_url = new ocp_tempcode(); $_url->attach(find_script('attachment') . '?id=' . urlencode($attachment['id']) . $keep->evaluate()); if (get_option('anti_leech') == '1') { $_url->attach('&for_session='); $_url->attach(symbol_tempcode('SESSION_HASHED')); } } else { $url = $attachment['a_url']; if (url_is_local($url)) { $url = get_custom_base_url() . '/' . $url; } $_url = make_string_tempcode($url); } $temp_tpl = hyperlink($_url, is_object($attachment['a_description']) ? $attachment['a_description']->evaluate() : $attachment['a_description'] != '' ? $attachment['a_description'] : $attachment['a_original_filename'], true); break; default: if (is_image($attachment['a_original_filename'])) { if ($type == 'inline' || $type == 'left_inline' || $type == 'right_inline') { $attachment['mini'] = '1'; } require_code('images'); ensure_thumbnail($attachment['a_url'], $attachment['a_thumb_url'], 'attachments', 'attachments', intval($attachment['id']), 'a_thumb_url'); $temp_tpl = do_template('ATTACHMENT_IMG' . (array_key_exists('mini', $attachment) && $attachment['mini'] == '1' ? '_MINI' : ''), map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true)); if ($type == 'left' || $type == 'left_inline') { $temp_tpl = do_template('ATTACHMENT_LEFT', array('_GUID' => 'aee2a6842d369c8dae212c3478a3a3e9', 'WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true, 'CONTENT' => $temp_tpl)); } if ($type == 'right' || $type == 'right_inline') { $temp_tpl = do_template('ATTACHMENT_RIGHT', array('_GUID' => '1a7209d67d91db740c86e7a331720195', 'WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true, 'CONTENT' => $temp_tpl)); } break; } elseif ($extension == 'swf') { $temp_tpl = do_template('ATTACHMENT_SWF', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true)); break; } elseif (addon_installed('jwplayer') && ($mime_type == 'video/x-flv' || $mime_type == 'video/mp4' || $mime_type == 'video/webm')) { $temp_tpl = do_template('ATTACHMENT_FLV', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true)); break; } elseif ($mime_type == 'video/quicktime') { $temp_tpl = do_template('ATTACHMENT_QT', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true)); break; } elseif ($mime_type == 'audio/x-pn-realaudio') { $temp_tpl = do_template('ATTACHMENT_RM', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true)); break; } elseif (substr($mime_type, 0, 5) == 'video' || substr($mime_type, 0, 5) == 'audio') { $temp_tpl = do_template('ATTACHMENT_MEDIA', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true)); break; } // Continues on, as it's not a media type... // Continues on, as it's not a media type... case 'download': if (is_null($attachment['a_file_size'])) { $temp_tpl = do_template('ATTACHMENT_DOWNLOAD_REMOTE', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true)); } else { $temp_tpl = do_template('ATTACHMENT_DOWNLOAD', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true)); } break; } return $temp_tpl; }
/** * Makes a post in the specified forum, in the specified topic according to the given specifications. If the topic doesn't exist, it is created along with a spacer-post. * Spacer posts exist in order to allow staff to delete the first true post in a topic. Without spacers, this would not be possible with most forum systems. They also serve to provide meta information on the topic that cannot be encoded in the title (such as a link to the content being commented upon). * * @param SHORT_TEXT The forum name * @param SHORT_TEXT The topic identifier (usually <content-type>_<content-id>) * @param MEMBER The member ID * @param LONG_TEXT The post title * @param LONG_TEXT The post content in Comcode format * @param string The topic title; must be same as content title if this is for a comment topic * @param string This is put together with the topic identifier to make a more-human-readable topic title or topic description (hopefully the latter and a $content_title title, but only if the forum supports descriptions) * @param ?URLPATH URL to the content (NULL: do not make spacer post) * @param ?TIME The post time (NULL: use current time) * @param ?IP The post IP address (NULL: use current members IP address) * @param ?BINARY Whether the post is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver. * @param ?BINARY Whether the topic is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver. * @param boolean Whether to skip post checks * @param SHORT_TEXT The name of the poster * @param ?AUTO_LINK ID of post being replied to (NULL: N/A) * @param boolean Whether the reply is only visible to staff * @return array Topic ID (may be NULL), and whether a hidden post has been made */ function make_post_forum_topic($forum_name, $topic_identifier, $member, $post_title, $_post, $content_title, $topic_identifier_encapsulation_prefix, $content_url = NULL, $time = NULL, $ip = NULL, $validated = NULL, $topic_validated = 1, $skip_post_checks = false, $poster_name_if_guest = '', $parent_id = NULL, $staff_only = false) { $__post = comcode_to_tempcode($_post); $post = $__post->evaluate(); if (is_null($time)) { $time = time(); } if (is_null($ip)) { $ip = get_ip_address(); } $forum_id = $this->forum_id_from_name($forum_name); if (is_null($forum_id)) { warn_exit(do_lang_tempcode('MISSING_FORUM', escape_html($forum_name))); } $test = $this->connection->query_select('forums', array('*'), NULL, '', 1); $fm = array_key_exists('status', $test[0]); $ip_address = $ip; $local_ip_address = '127.0.0.1'; $topic_id = $this->find_topic_id_for_topic_identifier($forum_name, $topic_identifier); $is_new = is_null($topic_id); if ($is_new) { $map = array('t_bid' => $forum_id, 'topic' => $content_title, 't_mem_id' => $member, 'n_views' => 0, 'n_posts' => 0, 't_status' => 1, 'type_image' => 0, 'first_post_id' => 0, 'last_post_id' => 0, 't_description' => $topic_identifier_encapsulation_prefix . ': #' . $topic_identifier_encapsulation_prefix . ': ' . $topic_identifier); if ($fm) { $map = array_merge($map, array('t_status' => 0)); } $topic_id = $this->connection->query_insert('topics', $map, true); } $GLOBALS['LAST_TOPIC_ID'] = $topic_id; $GLOBALS['LAST_TOPIC_IS_NEW'] = $is_new; if ($post == '') { return array($topic_id, false); } $map = array('post_tid' => $topic_id, 'post_fid' => $forum_id, 'poster_id' => $member, 'ptime' => $time, 'poster_ip' => $ip_address, 'gposter_name' => '', 'use_smileys' => 1, 'modtime' => 'now()', 'post_title' => $post_title, 'post' => $post); if ($fm) { $map = array_merge($map, array('num_attachments' => 0, 'modifiers_id' => '')); } $post_id = $this->connection->query_insert('posts', $map, true); $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'topics SET first_post_id=' . strval((int) $post_id) . ', last_post_id=' . strval((int) $post_id) . ' WHERE tid=' . strval((int) $topic_id), 1); $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'forums SET ntopic=(ntopic+1),nposts=(nposts+1), f_last_pid=' . strval((int) $post_id) . ' WHERE fid=' . strval((int) $forum_id), 1); return array($topic_id, false); }
/** * The UI to view a past newsletter. * * @return tempcode The UI */ function view() { $id = get_param_integer('id'); $rows = $GLOBALS['SITE_DB']->query_select('newsletter_archive', array('*'), array('id' => $id)); $time = get_timezoned_date($rows[0]['date_and_time']); $subject = $rows[0]['subject']; $message = $rows[0]['newsletter']; $language = $rows[0]['language']; $level = $rows[0]['importance_level']; /*require_code('lang2'); $language=lookup_language_full_name($rows[0]['language']);*/ breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('MANAGE_NEWSLETTER')), array('_SELF:_SELF:archive', do_lang_tempcode('NEWSLETTER_ARCHIVE')))); breadcrumb_set_self($subject); require_code('templates_view_space'); return view_space(get_page_title('NEWSLETTER'), array('DATE_TIME' => $time, 'LANGUAGE' => $language, 'SUBSCRIPTION_LEVEL' => integer_format($level), 'SUBJECT' => $subject, 'MESSAGE' => comcode_to_tempcode($message))); }
/** * Attempt to send an e-mail to the specified recipient. The mail will be forwarding to the CC address specified in the options (if there is one, and if not specified not to cc). * The mail will be sent in dual HTML/text format, where the text is the unconverted comcode source: if a member does not read HTML mail, they may wish to fallback to reading that. * * @param string The subject of the mail in plain text * @param LONG_TEXT The message, as Comcode * @param ?array The destination (recipient) e-mail addresses [array of strings] (NULL: site staff address) * @param ?mixed The recipient name. Array or string. (NULL: site name) * @param EMAIL The from address (blank: site staff address) * @param string The from name (blank: site name) * @param integer The message priority (1=urgent, 3=normal, 5=low) * @range 1 5 * @param ?array An list of attachments (each attachment being a map, path=>filename) (NULL: none) * @param boolean Whether to NOT CC to the CC address * @param ?MEMBER Convert comcode->tempcode as this member (a privilege thing: we don't want people being able to use admin rights by default!) (NULL: guest) * @param boolean Replace above with arbitrary admin * @param boolean HTML-only * @param boolean Whether to bypass queueing, because this code is running as a part of the queue management tools * @param ID_TEXT The template used to show the email * @param boolean Whether to bypass queueing * @return ?tempcode A full page (not complete XHTML) piece of tempcode to output (NULL: it worked so no tempcode message) */ function mail_wrap($subject_tag, $message_raw, $to_email = NULL, $to_name = NULL, $from_email = '', $from_name = '', $priority = 3, $attachments = NULL, $no_cc = false, $as = NULL, $as_admin = false, $in_html = false, $coming_out_of_queue = false, $mail_template = 'MAIL', $bypass_queue = false) { if (get_option('smtp_sockets_use') == '0') { return non_overrided__mail_wrap($subject_tag, $message_raw, $to_email, $to_name, $from_email, $from_name, $priority, $attachments, $no_cc, $as, $as_admin, $in_html, $coming_out_of_queue); } if (running_script('stress_test_loader')) { return NULL; } if (is_null($bypass_queue)) { $bypass_queue = $priority < 3 || strpos(serialize($attachments), 'tmpfile') !== false; } global $EMAIL_ATTACHMENTS; $EMAIL_ATTACHMENTS = array(); require_code('site'); require_code('mime_types'); if (is_null($as)) { $as = $GLOBALS['FORUM_DRIVER']->get_guest_id(); } if (!$coming_out_of_queue) { $GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'logged_mail_messages WHERE m_date_and_time<' . strval(time() - 60 * 60 * 24 * 14) . ' AND m_queued=0'); // Log it all for 2 weeks, then delete $through_queue = !$bypass_queue && (get_option('mail_queue_debug') === '1' || get_option('mail_queue') === '1' && cron_installed()); $GLOBALS['SITE_DB']->query_insert('logged_mail_messages', array('m_subject' => $subject_tag, 'm_message' => $message_raw, 'm_to_email' => serialize($to_email), 'm_to_name' => serialize($to_name), 'm_from_email' => $from_email, 'm_from_name' => $from_name, 'm_priority' => 3, 'm_attachments' => serialize($attachments), 'm_no_cc' => $no_cc ? 1 : 0, 'm_as' => $as, 'm_as_admin' => $as_admin ? 1 : 0, 'm_in_html' => $in_html ? 1 : 0, 'm_date_and_time' => time(), 'm_member_id' => get_member(), 'm_url' => get_self_url(true), 'm_queued' => $through_queue ? 1 : 0, 'm_template' => $mail_template)); if ($through_queue) { return NULL; } } if (count($attachments) == 0) { $attachments = NULL; } global $SENDING_MAIL; if ($SENDING_MAIL) { return NULL; } $SENDING_MAIL = true; // To and from, and language $staff_address = get_option('staff_address'); if (is_null($to_email)) { $to_email = array($staff_address); } $to_email_new = array(); foreach ($to_email as $test_address) { if ($test_address != '') { $to_email_new[] = $test_address; } } $to_email = $to_email_new; if ($to_email == array()) { $SENDING_MAIL = false; return NULL; } if ($to_email[0] == $staff_address) { $lang = get_site_default_lang(); } else { $lang = user_lang(); if (method_exists($GLOBALS['FORUM_DRIVER'], 'get_member_from_email_address')) { $member_id = $GLOBALS['FORUM_DRIVER']->get_member_from_email_address($to_email[0]); if (!is_null($member_id)) { $lang = get_lang($member_id); } } } if (is_null($to_name)) { if ($to_email[0] == $staff_address) { $to_name = get_site_name(); } else { $to_name = ''; } } if ($from_email == '') { $from_email = get_option('staff_address'); } if ($from_name == '') { $from_name = get_site_name(); } $theme = method_exists($GLOBALS['FORUM_DRIVER'], 'get_theme') ? $GLOBALS['FORUM_DRIVER']->get_theme() : 'default'; if ($theme == 'default') { $theme = $GLOBALS['FORUM_DRIVER']->get_theme(''); // ... So get theme of welcome zone } // Our subject $_subject = do_template('MAIL_SUBJECT', array('_GUID' => '44a57c666bb00f96723256e26aade9e5', 'SUBJECT_TAG' => $subject_tag), $lang, false, NULL, '.tpl', 'templates', $theme); $subject = $_subject->evaluate($lang); // Note that this is slightly against spec, because characters aren't forced to be printable us-ascii. But it's better we allow this (which works in practice) than risk incompatibility via charset-base64 encoding. // Evaluate message. Needs doing early so we know if we have any headers // Misc settings $website_email = get_option('website_email'); if ($website_email == '') { $website_email = $from_email; } $cc_address = $no_cc ? '' : get_option("cc_address"); global $CID_IMG_ATTACHMENT; $CID_IMG_ATTACHMENT = array(); // Decide message $GLOBALS['NO_LINK_TITLES'] = true; global $LAX_COMCODE; $temp = $LAX_COMCODE; $LAX_COMCODE = true; $html_content = comcode_to_tempcode($message_raw, $as, $as_admin); $LAX_COMCODE = $temp; $GLOBALS['NO_LINK_TITLES'] = false; if (!$in_html) { $_html_content = $html_content->evaluate($lang); $_html_content = preg_replace('#(keep|for)_session=[\\d\\w]*#', 'filtered=1', $_html_content); $message_html = strpos($_html_content, '<html') !== false ? make_string_tempcode($_html_content) : do_template($mail_template, array('_GUID' => 'b23069c20202aa59b7450ebf8d49cde1', 'CSS' => '{CSS}', 'LOGOURL' => get_logo_url(''), 'LANG' => $lang, 'TITLE' => $subject, 'CONTENT' => $_html_content), $lang, false, NULL, '.tpl', 'templates', $theme); $css = css_tempcode(true, true, $message_html->evaluate($lang), $theme); $_css = $css->evaluate($lang); if (get_option('allow_ext_images') != '1') { $_css = preg_replace_callback('#url\\(["\']?(http://[^"]*)["\']?\\)#U', '_mail_css_rep_callback', $_css); } $html_evaluated = $message_html->evaluate($lang); $html_evaluated = str_replace('{CSS}', $_css, $html_evaluated); // Cleanup the Comcode a bit $message_plain = comcode_to_clean_text($message_raw); } else { $html_evaluated = $message_raw; } // Character set $regexp = '#^[\\x' . dechex(32) . '-\\x' . dechex(126) . ']*$#'; $charset = preg_match($regexp, $html_evaluated) == 0 ? do_lang('charset', NULL, NULL, NULL, $lang) : 'us-ascii'; // CID attachments if (get_option('allow_ext_images') != '1') { $html_evaluated = preg_replace_callback('#<img\\s([^>]*)src="(http://[^"]*)"#U', '_mail_img_rep_callback', $html_evaluated); $matches = array(); foreach (array('#<([^"<>]*\\s)style="([^"]*)"#', '#<style( [^<>]*)?' . '>(.*)</style>#Us') as $over) { $num_matches = preg_match_all($over, $html_evaluated, $matches); for ($i = 0; $i < $num_matches; $i++) { $altered_inner = preg_replace_callback('#url\\(["\']?(http://[^"]*)["\']?\\)#U', '_mail_css_rep_callback', $matches[2][$i]); if ($matches[2][$i] != $altered_inner) { $altered_outer = str_replace($matches[2][$i], $altered_inner, $matches[0][$i]); $html_evaluated = str_replace($matches[0][$i], $altered_outer, $html_evaluated); } } } } $cid_attachments = array(); foreach ($CID_IMG_ATTACHMENT as $id => $img) { $file_path_stub = convert_url_to_path($img); $mime_type = get_mime_type(get_file_extension($img)); $filename = basename($img); if (!is_null($file_path_stub)) { $cid_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $file_path_stub, 'temp' => false, 'cid' => $id); } else { $myfile = ocp_tempnam('email_attachment'); http_download_file($img, NULL, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $myfile); if (!is_null($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'])) { $mime_type = $GLOBALS['HTTP_DOWNLOAD_MIME_TYPE']; } if (!is_null($GLOBALS['HTTP_FILENAME'])) { $filename = $GLOBALS['HTTP_FILENAME']; } $cid_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $myfile, 'temp' => true, 'cid' => $id); } $cid_attachments[] = $cid_attachment; } // Attachments $real_attachments = array(); $attachments = array_merge(is_null($attachments) ? array() : $attachments, $EMAIL_ATTACHMENTS); if (!is_null($attachments)) { foreach ($attachments as $path => $filename) { $mime_type = get_mime_type(get_file_extension($filename)); if (strpos($path, '://') === false) { $real_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $path, 'temp' => false); } else { $myfile = ocp_tempnam('email_attachment'); http_download_file($path, NULL, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $myfile); if (!is_null($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'])) { $mime_type = $GLOBALS['HTTP_DOWNLOAD_MIME_TYPE']; } if (!is_null($GLOBALS['HTTP_FILENAME'])) { $filename = $GLOBALS['HTTP_FILENAME']; } $real_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $myfile, 'temp' => true); } $real_attachments[] = $real_attachment; } } // ========================== // Interface with SwiftMailer // ========================== require_code('Swift-4.1.1/lib/swift_required'); // Read in SMTP settings $host = get_option('smtp_sockets_host'); $port = intval(get_option('smtp_sockets_port')); $username = get_option('smtp_sockets_username'); $password = get_option('smtp_sockets_password'); $smtp_from_address = get_option('smtp_from_address'); if ($smtp_from_address != '') { $from_email = $smtp_from_address; } // Create the Transport $transport = Swift_SmtpTransport::newInstance($host, $port)->setUsername($username)->setPassword($password); if ($port == 419 || $port == 465 || $port == 587) { $transport->setEncryption('tls'); } // Create the Mailer using your created Transport $mailer = Swift_Mailer::newInstance($transport); // Create a message $to_array = array(); if ($to_name === '') { foreach ($to_email as $_to_email) { $to_array[] = $_to_email; } } else { foreach ($to_email as $i => $_to_email) { $to_array[$_to_email] = is_array($to_name) ? $to_name[$i] : $to_name; } } $message = Swift_Message::newInstance($subject)->setFrom(array($website_email => $from_name))->setReplyTo(array($from_email => $from_name))->setTo($to_array)->setPriority($priority)->setCharset($charset)->setBody($html_evaluated, 'text/html', $charset)->addPart($message_plain, 'text/plain', $charset); if ($cc_address != '') { $message->setCc($cc_address); } // Attachments foreach ($real_attachments as $r) { $attachment = Swift_Attachment::fromPath($r['path'], $r['mime'])->setFilename($r['filename'])->setDisposition('attachment'); $message->attach($attachment); } foreach ($cid_attachments as $r) { $attachment = Swift_Attachment::fromPath($r['path'], $r['mime'])->setFilename($r['filename'])->setDisposition('attachment')->setId($r['cid']); $message->attach($attachment); } // Send the message, and error collection $error = ''; try { $result = $mailer->send($message); } catch (Exception $e) { $error = $e->getMessage(); } if ($error == '' && !$result) { $error = 'Unknown error'; } // Attachment cleanup foreach ($real_attachments as $r) { if ($r['temp']) { @unlink($r['path']); } } foreach ($cid_attachments as $r) { if ($r['temp']) { @unlink($r['path']); } } // Return / Error handling $SENDING_MAIL = false; if ($error != '') { if (get_param_integer('keep_hide_mail_failure', 0) == 0) { require_code('site'); attach_message(!is_null($error) ? make_string_tempcode($error) : do_lang_tempcode('MAIL_FAIL', escape_html(get_option('staff_address'))), 'warn'); } else { return warn_screen(get_page_title('ERROR_OCCURRED'), do_lang_tempcode('MAIL_FAIL', escape_html(get_option('staff_address')))); } } return NULL; }
/** * Standard PHP XML parser function. * * @param object The parser object (same as 'this') */ function endElement($parser) { $tag = array_pop($this->tag_stack); $tag_attributes = array_pop($this->attribute_stack); switch ($tag) { case 'substitution': list($zone, $attributes, $hash) = page_link_decode($this->substitution_current_match_key); if ($zone == '_WILD') { $zone = REGEXP_CODENAME; } if (!isset($attributes['page'])) { $attributes['page'] = ''; } /* Commented for performance. This isn't user-data, so we're safe $zone=str_replace('~','\~',preg_quote($zone)); // We are using '~' as deliminators for the regexp, as the usual '/' and '#' feature in URL separators $hash=str_replace('~','\~',preg_quote($hash)); */ if ($attributes['page'] == '_WILD_NOT_START') { $zones = find_all_zones(false, true); if (isset($zones[$zone])) { $attributes['page'] = '(?!' . $zones[$zone][3] . ')' . REGEXP_CODENAME; } else { $attributes['page'] = '_WILD'; } } if ($attributes['page'] == '_WILD') { $attributes['page'] = REGEXP_CODENAME; } foreach ($attributes as $key => $val) { $attributes[$key] = $val; } $_source_url = build_url($attributes, $zone, NULL, false, false, true, $hash); $source_url = urldecode(urldecode($_source_url->evaluate())); // urldecode because we don't want our regexp syntax mangled. Highly unlikely our sub's are going to really use special characters as parts of the URL if (strpos($source_url, '.htm') === false && strpos($source_url, '.php') === false) { $source_url .= '(?:/index\\.php)?'; } $source_url1 = str_replace(array('.htm', '?', '(\\?', ')\\?', '&', get_base_url() . '/' . REGEXP_CODENAME . '/'), array('\\.htm', '\\?', '(?', ')?', '(?:&[^<>]*)*&', get_base_url() . '/?' . REGEXP_CODENAME . '/'), $source_url) . '(?:[&\\?][^<>]*)*'; $escaped_source_url = escape_html($source_url); if ($source_url == $escaped_source_url) { $source_url2 = $source_url1; } else { $source_url2 = str_replace(array('.htm', '?', '(\\?', ')\\?', '&', get_base_url() . '/' . REGEXP_CODENAME . '/'), array('\\.htm', '\\?', '(?', ')?', '(?:&[^<>]*)*&', get_base_url() . '/?' . REGEXP_CODENAME . '/'), $escaped_source_url) . '(?:[&\\?][^<>]*)*'; } $from = '^.*<a[^<>]*\\shref="(' . $source_url2 . ')"[^<>]*>(<abbr[^<>]*>)?([^<>]*)(</abbr>)?</a>'; $regexp = '#^' . $source_url1 . '$#'; $have_url_match = preg_match($regexp, get_self_url(true)) != 0; // we either bind rule via URL match, or finding it in the defined breadcrumb chain if ($have_url_match && preg_match('~' . $from . '~Us', $this->current_breadcrumbs) == 0) { // Probably it's a non-link chain in the breadcrumbs, so try to bind to the <span> portion too (possibly nested) $from = '^.*(<span>(<span[^<>]*>)?|<a[^<>]*\\shref="(' . $source_url2 . ')"[^<>]*>)(<abbr[^<>]*>)?([^<>]*)(</abbr>)?((</(span)>)?</(a|span)>)'; $from_non_link = true; } else { $from_non_link = false; } $to = ''; foreach (array_reverse($this->links) as $link) { list($zone, $attributes, $hash) = page_link_decode($link[0]); $target_url = build_url($attributes, $zone, NULL, false, false, false, $hash); $_link_title = $link[1] === NULL ? do_lang('UNKNOWN') : $link[1]; $link_title = preg_match('#\\{\\!|\\{\\?|\\{\\$|\\[#', $_link_title) == 0 ? $_link_title : static_evaluate_tempcode(comcode_to_tempcode($_link_title)); if ($target_url->evaluate() == '') { $to .= $link_title . $this->breadcrumb_tpl; } else { $to .= '<a title="' . do_lang('GO_BACKWARDS_TO', escape_html(strip_tags($link_title))) . '" href="' . escape_html($target_url->evaluate()) . '">' . $link_title . '</a>' . $this->breadcrumb_tpl; } } $_target_url = $from_non_link ? '${3}' : '${1}'; $existing_label = $from_non_link ? '${5}' : '${3}'; $_link_title = $this->substitution_current_label === NULL ? $existing_label : $this->substitution_current_label; $link_title = preg_match('#(\\{\\!)|(\\{\\?)|(\\{\\$)|(\\[)#', $_link_title) == 0 ? $_link_title : static_evaluate_tempcode(comcode_to_tempcode($_link_title)); if ($from_non_link) { $to .= '${1}' . $link_title . '${7}'; } else { $to .= '<a title="' . do_lang('GO_BACKWARDS_TO', escape_html(strip_tags($link_title))) . '" href="' . escape_html($_target_url) . '">${2}' . $link_title . '${4}</a>'; } $this->substitutions[$from] = $to; break; case 'link': $text = trim(str_replace('\\n', chr(10), $this->text_so_far)); $this->links[] = array($text, isset($tag_attributes['label']) ? $tag_attributes['label'] : NULL); break; } }
/** * Get an array of topics in the given forum. Each topic is an array with the following attributes: * - id, the topic ID * - title, the topic title * - lastusername, the username of the last poster * - lasttime, the timestamp of the last reply * - closed, a Boolean for whether the topic is currently closed or not * - firsttitle, the title of the first post * - firstpost, the first post (only set if $show_first_posts was true) * * @param mixed The forum name or an array of forum IDs * @param integer The limit * @param integer The start position * @param integer The total rows (not a parameter: returns by reference) * @param SHORT_TEXT The topic title filter * @param boolean Whether to show the first posts * @param string The date key to sort by * @set lasttime firsttime * @param boolean Whether to limit to hot topics * @param SHORT_TEXT The topic description filter * @return ?array The array of topics (NULL: error) */ function show_forum_topics($name, $limit, $start, &$max_rows, $filter_topic_title = '', $show_first_posts = false, $date_key = 'lasttime', $hot = false, $filter_topic_description = '') { if (is_integer($name)) { $id_list = 'forum_id=' . strval((int) $name); } elseif (!is_array($name)) { $id = $this->forum_id_from_name($name); if (is_null($id)) { return NULL; } $id_list = 'forum_id=' . strval((int) $id); } else { $id_list = ''; foreach (array_keys($name) as $id) { if ($id_list != '') { $id_list .= ' OR '; } $id_list .= 'forum_id=' . strval((int) $id); } if ($id_list == '') { return NULL; } } $topic_filter = $filter_topic_title != '' ? 'AND topic_title LIKE \'' . db_encode_like($filter_topic_title) . '\'' : ''; $topic_filter .= ' ORDER BY ' . ($date_key == 'lasttime' ? 'topic_last_post_id' : 'topic_time') . ' DESC'; $rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'topics WHERE (' . $id_list . ') ' . $topic_filter, $limit, $start); $max_rows = $this->connection->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $this->connection->get_table_prefix() . 'topics WHERE (' . $id_list . ') ' . $topic_filter); $i = 0; $firsttime = array(); $username = array(); $memberid = array(); $datetimes = array(); $rs = array(); while (array_key_exists($i, $rows)) { $r = $rows[$i]; $id = $r['topic_id']; $firsttime[$id] = $r['topic_time']; $post_rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'posts p WHERE topic_id=' . strval((int) $id) . ' AND post_text NOT LIKE \'' . db_encode_like(substr(do_lang('SPACER_POST', '', '', '', get_site_default_lang()), 0, 20) . '%') . '\' ORDER BY post_time DESC', 1); if (!array_key_exists(0, $post_rows)) { $i++; continue; } $r2 = $post_rows[0]; $username[$id] = $this->get_username($r2['poster_id']); $memberid[$id] = $r2['poster_id']; $datetimes[$id] = $r2['post_time']; $rs[$id] = $r; $i++; } if ($i > 0) { arsort($datetimes); $i = 0; $out = array(); if (count($datetimes) > 0) { foreach ($datetimes as $id => $datetime) { $r = $rs[$id]; $out[$i] = array(); $out[$i]['id'] = $id; $out[$i]['num'] = $r['topic_replies_real'] + 1; $out[$i]['title'] = $r['topic_title']; $out[$i]['description'] = $r['topic_title']; $out[$i]['firsttime'] = $r['topic_time']; $out[$i]['firstusername'] = $this->get_username($r['topic_poster']); $out[$i]['lastusername'] = $username[$id]; $out[$i]['firstmemberid'] = $r['topic_poster']; $out[$i]['lastmemberid'] = $memberid[$id]; $out[$i]['lasttime'] = $datetime; $out[$i]['closed'] = $r['topic_status'] == 1; $fp_rows = $this->connection->query('SELECT post_subject,post_text,bbcode_uid,poster_id FROM ' . $this->connection->get_table_prefix() . 'posts p WHERE post_text NOT LIKE \'' . db_encode_like(substr(do_lang('SPACER_POST', '', '', '', get_site_default_lang()), 0, 20) . '%') . '\' AND post_time=' . strval((int) $firsttime[$id]) . ' AND topic_id=' . strval((int) $id), 1); if (!array_key_exists(0, $fp_rows)) { unset($out[$i]); continue; } $out[$i]['firsttitle'] = $fp_rows[0]['post_subject']; if ($show_first_posts) { global $LAX_COMCODE; $temp = $LAX_COMCODE; $LAX_COMCODE = true; $out[$i]['firstpost'] = comcode_to_tempcode($this->_cleanup_post($fp_rows[0]['bbcode_uid'], $fp_rows[0]['post_text']), $fp_rows[0]['poster_id']); $LAX_COMCODE = $temp; } $i++; if ($i == $limit) { break; } } } return $out; } return NULL; }
/** * The UI for managing banned IPs. * * @return tempcode The UI */ function gui() { $title = get_page_title('IP_BANS'); $lookup_url = build_url(array('page' => 'admin_lookup'), get_module_zone('admin_lookup')); $GLOBALS['HELPER_PANEL_TEXT'] = comcode_to_tempcode(do_lang('IP_BANNING_WILDCARDS', $lookup_url->evaluate())); $bans = ''; $rows = $GLOBALS['SITE_DB']->query_select('usersubmitban_ip', array('ip', 'i_descrip')); foreach ($rows as $row) { $bans .= $row['ip'] . ' ' . str_replace("\n", ' ', $row['i_descrip']) . chr(10); } $post_url = build_url(array('page' => '_SELF', 'type' => 'actual'), '_SELF'); require_code('form_templates'); list($warning_details, $ping_url) = handle_conflict_resolution(); return do_template('IPBAN_SCREEN', array('_GUID' => '963d24852ba87e9aa84e588862bcfecb', 'PING_URL' => $ping_url, 'WARNING_DETAILS' => $warning_details, 'TITLE' => $title, 'BANS' => $bans, 'URL' => $post_url)); }
/** * Get an array of topics in the given forum. Each topic is an array with the following attributes: * - id, the topic ID * - title, the topic title * - lastusername, the username of the last poster * - lasttime, the timestamp of the last reply * - closed, a Boolean for whether the topic is currently closed or not * - firsttitle, the title of the first post * - firstpost, the first post (only set if $show_first_posts was true) * * @param mixed The forum name or an array of forum IDs * @param integer The limit * @param integer The start position * @param integer The total rows (not a parameter: returns by reference) * @param SHORT_TEXT The topic title filter * @param boolean Whether to show the first posts * @param string The date key to sort by * @set lasttime firsttime * @param boolean Whether to limit to hot topics * @param SHORT_TEXT The topic description filter * @return ?array The array of topics (NULL: error) */ function show_forum_topics($name, $limit, $start, &$max_rows, $filter_topic_title = '', $show_first_posts = false, $date_key = 'lasttime', $hot = false, $filter_topic_description = '') { if (is_integer($name)) { $id_list = 'boardid=' . strval((int) $name); } elseif (!is_array($name)) { $id = $this->forum_id_from_name($name); if (is_null($id)) { return NULL; } $id_list = 'boardid=' . strval((int) $id); } else { $id_list = ''; foreach (array_keys($name) as $id) { if ($id_list != '') { $id_list .= ' OR '; } $id_list .= 'boardid=' . strval((int) $id); } if ($id_list == '') { return NULL; } } $topic_filter = $filter_topic_title != '' ? 'AND topic LIKE \'' . db_encode_like($filter_topic_title) . '\'' : ''; $rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'threads WHERE (' . $id_list . ') ' . $topic_filter . ' ORDER BY ' . ($date_key == 'lasttime' ? 'lastposttime' : 'starttime') . ' DESC', $limit, $start); $max_rows = $this->connection->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $this->connection->get_table_prefix() . 'threads WHERE (' . $id_list . ') ' . $topic_filter); $out = array(); foreach ($rows as $i => $r) { $out[$i] = array(); $out[$i]['id'] = $r['threadid']; $out[$i]['num'] = $r['replycount'] + 1; $out[$i]['title'] = $r['topic']; $out[$i]['description'] = $r['topic']; $out[$i]['firstusername'] = $r['starter']; $out[$i]['lastusername'] = $r['lastposter']; $out[$i]['firsttime'] = $r['starttime']; $out[$i]['lasttime'] = $r['lastposttime']; $out[$i]['closed'] = $r['closed'] == 1; $fp_rows = $this->connection->query('SELECT posttopic,message,userid FROM ' . $this->connection->get_table_prefix() . 'posts WHERE message NOT LIKE \'' . db_encode_like(do_lang('SPACER_POST', '', '', '', get_site_default_lang()) . '%') . '\' AND threadid=' . strval((int) $out[$i]['id']) . ' ORDER BY posttime', 1); if (!array_key_exists(0, $fp_rows)) { unset($out[$i]); continue; } $out[$i]['firsttitle'] = $fp_rows[0]['posttopic']; if ($show_first_posts) { global $LAX_COMCODE; $temp = $LAX_COMCODE; $LAX_COMCODE = true; $out[$i]['firstpost'] = comcode_to_tempcode($fp_rows[0]['message'], $fp_rows[0]['userid']); $LAX_COMCODE = $temp; } } if (count($out) != 0) { return $out; } return NULL; }
if ($entrypoints == array('!')) { $url = build_url(array('page' => $page), $zone, NULL, false, false, true); $title = ucwords(str_replace('_', ' ', $page)); if (substr($page_type, 0, 7) == 'comcode') { foreach ($comcode_page_rows as $page_row) { if ($page_row['p_validated'] == 0 && $page_row['the_page'] == $page && $page_row['the_zone'] == $zone) { continue 2; } } $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt'); $page_contents = file_get_contents($path); $matches = array(); if (preg_match('#\\[title[^\\]]*\\]#', $page_contents, $matches) != 0) { $start = strpos($page_contents, $matches[0]) + strlen($matches[0]); $end = strpos($page_contents, '[/title]', $start); $_title = comcode_to_tempcode(substr($page_contents, $start, $end - $start), NULL, true); $title = strip_tags(@html_entity_decode($_title->evaluate(), ENT_QUOTES, get_charset())); } } elseif (substr($page_type, 0, 4) == 'html') { $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.htm'); $page_contents = file_get_contents($path); $matches = array(); if (preg_match('#\\<title[^\\>]*\\>#', $page_contents, $matches) != 0) { $start = strpos($page_contents, $matches[0]) + strlen($matches[0]); $end = strpos($page_contents, '</title>', $start); $title = strip_tags(@html_entity_decode(substr($page_contents, $start, $end - $start), ENT_QUOTES, get_charset())); } } $temp = '<DT><A HREF="' . escape_html($url->evaluate()) . '">' . escape_html($title) . '</A>'; $_pages[$title] = $temp; } elseif (count($entrypoints) != 0) {
/** * Get an array of topics in the given forum. Each topic is an array with the following attributes: * - id, the topic ID * - title, the topic title * - lastusername, the username of the last poster * - lasttime, the timestamp of the last reply * - closed, a Boolean for whether the topic is currently closed or not * - firsttitle, the title of the first post * - firstpost, the first post (only set if $show_first_posts was true) * * @param mixed The forum name or an array of forum IDs * @param integer The limit * @param integer The start position * @param integer The total rows (not a parameter: returns by reference) * @param SHORT_TEXT The topic title filter * @param boolean Whether to show the first posts * @param string The date key to sort by * @set lasttime firsttime * @param boolean Whether to limit to hot topics * @param SHORT_TEXT The topic description filter * @return ?array The array of topics (NULL: error) */ function show_forum_topics($name, $limit, $start, &$max_rows, $filter_topic_title = '', $show_first_posts = false, $date_key = 'lasttime', $hot = false, $filter_topic_description = '') { require_code('xhtml'); if (is_integer($name)) { $id_list = 'forum_id=' . strval((int) $name); } elseif (!is_array($name)) { if ($name == '<announce>' || is_null($name)) { $id_list = '(forum_id IS NULL)'; } else { $id = $this->forum_id_from_name($name); if (is_null($id)) { return NULL; } $id_list = 'forum_id=' . strval((int) $id); } } else { $id_list = ''; $id_list_2 = ''; foreach (array_keys($name) as $id) { if ($id_list != '') { $id_list .= ' OR '; } if (is_null($id) || $id == '') { $id_list .= '(forum_id IS NULL)'; } else { $id_list .= 'forum_id=' . strval((int) $id); } } if ($id_list == '') { return NULL; } } $topic_filter = $filter_topic_title != '' ? 'AND title LIKE \'' . db_encode_like($this->ipb_escape($filter_topic_title)) . '\'' : ''; if ($filter_topic_description != '') { $topic_filter .= ' AND description LIKE \'' . db_encode_like($this->ipb_escape($filter_topic_description)) . '\''; } $rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'topics WHERE (' . $id_list . ') ' . $topic_filter . ' ORDER BY ' . ($date_key == 'lasttime' ? 'last_post' : 'start_date') . ' DESC', $limit, $start); $max_rows = $this->connection->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $this->connection->get_table_prefix() . 'topics WHERE (' . $id_list . ') ' . $topic_filter); $emoticons_set_dir = $this->get_emo_dir(); $out = array(); foreach ($rows as $i => $r) { $out[$i] = array(); $out[$i]['id'] = $r['tid']; $out[$i]['num'] = $r['posts']; $out[$i]['title'] = $this->ipb_unescape($r['title']); $out[$i]['firstusername'] = $this->ipb_unescape($r['starter_name']); $out[$i]['lastusername'] = $this->ipb_unescape($r['last_poster_name']); $out[$i]['firstmemberid'] = $r['starter_id']; $out[$i]['lastmemberid'] = $r['last_poster_id']; $out[$i]['firsttime'] = $r['start_date']; $out[$i]['lasttime'] = $r['last_post']; $out[$i]['closed'] = $r['state'] == 'closed'; $fp_rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'posts WHERE post NOT LIKE \'' . db_encode_like(do_lang('SPACER_POST', '', '', '', get_site_default_lang()) . '%') . '\' AND topic_id=' . strval((int) $out[$i]['id']) . ' ORDER BY post_date', 1); if (!array_key_exists(0, $fp_rows)) { unset($out[$i]); continue; } $out[$i]['firsttitle'] = $this->ipb_unescape($fp_rows[0]['post_title']); if ($show_first_posts) { $post_id = $fp_rows[0]['pid']; $post = $fp_rows[0]['post']; if (array_key_exists('post_htmlstate', $fp_rows[0]) && $fp_rows[0]['post_htmlstate'] != 0) { if ($fp_rows[0]['post_htmlstate'] == 1) { $post = str_replace('<br />', '', $post); } $post = @html_entity_decode($post, ENT_QUOTES, get_charset()); } $post = preg_replace('#public/style_emoticons/<\\#EMO_DIR\\#>(.+?)\'#is', $emoticons_set_dir . '\\1\'', $post); $post = str_replace("class='quotetop'", "class='comcode_quote_h4'", $post); $post = str_replace("class='quotemain'", "class='comcode_quote_content'", $post); // Attachments $attachments = $this->connection->query_select('attachments', array('attach_member_id', 'attach_id', 'attach_file', 'attach_location', 'attach_thumb_location', 'attach_is_image', 'attach_filesize', 'attach_hits'), array('attach_post_key' => $fp_rows[0]['post_key'])); foreach ($attachments as $attachment) { if ($attachment['attach_thumb_location'] != '' || $attachment['attach_is_image'] == 0) { $url = get_forum_base_url() . '/index.php?act=Attach&type=post&id=' . $attachment['attach_id']; if ($attachment['attach_thumb_location'] != '') { $special = do_template('FORUM_ATTACHMENT_IMAGE_THUMB', array('_GUID' => '98a66462f270f53101c4c0a1b63f0bfc', 'FULL' => $url, 'URL' => get_forum_base_url() . '/uploads/' . $attachment['attach_thumb_location'])); } else { $special = do_template('FORUM_ATTACHMENT_LINK', array('_GUID' => '002a3220f35debbe567ce7a225aa221e', 'FULL' => $url, 'FILENAME' => $attachment['attach_file'], 'CLEAN_SIZE' => clean_file_size($attachment['attach_filesize']), 'NUM_DOWNLOADS' => integer_format($attachment['attach_hits']))); } } else { $special = do_template('FORUM_ATTACHMENT_IMAGE', array('_GUID' => '49dbf65cb5e20340a5ad4379ea6344c3', 'URL' => get_forum_base_url() . '/uploads/' . $attachment['attach_location'])); } // See if we have to place it somewhere special inside the post $old_post = $post; $post = str_replace('[attachmentid=' . $attachment['attach_id'] . ']', $special->evaluate(), $post); if ($old_post == $post) { $post .= $special->evaluate(); } } global $LAX_COMCODE; $end = 0; while (($pos = strpos($post, '[right]', $end)) !== false) { $e_pos = strpos($post, '[/right]', $pos); if ($e_pos === false) { break; } $end = $e_pos + strlen('[/right]'); $segment = substr($post, $pos, $end - $pos); $temp = $LAX_COMCODE; $LAX_COMCODE = true; $comcode = comcode_to_tempcode($segment, $r['starter_id']); $LAX_COMCODE = $temp; $post = substr($post, 0, $pos) . $comcode->evaluate() . substr($post, $end); } $temp = $LAX_COMCODE; $LAX_COMCODE = true; $out[$i]['firstpost'] = comcode_to_tempcode(xhtmlise_html($post), $r['starter_id'], false, 60, NULL, NULL, false, false, true); // Assumes HTML for posts $LAX_COMCODE = $temp; } } if (count($out) != 0) { return $out; } return NULL; }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { require_all_lang(); require_code('zones2'); $skip_pages = array_key_exists('skip', $map) ? explode(',', $map['skip']) : array(); $comcode_page_rows = $GLOBALS['SITE_DB']->query_select('comcode_pages', array('*')); $_zones = array(); $zones = find_all_zones(false, true); $GLOBALS['MEMORY_OVER_SPEED'] = true; $low_memory = ini_get('memory_limit') != '-1' && ini_get('memory_limit') != '0' && ini_get('memory_limit') != '' && intval(preg_replace('#M$#', '', ini_get('memory_limit'))) < 26 || get_option('has_low_memory_limit') === '1'; // Reorder a bit $zones2 = array(); foreach (array('', 'site') as $zone_match) { foreach ($zones as $i => $zone) { if ($zone[0] == $zone_match) { $zones2[] = $zone; unset($zones[$i]); } } } $zones2 = array_merge($zones2, $zones); foreach ($zones2 as $z) { list($zone, $zone_title, , $zone_default_page) = $z; if (has_zone_access(get_member(), $zone)) { $_pages = array(); $pages = find_all_pages_wrap($zone); if (isset($pages[$zone_default_page])) { $default = $pages[$zone_default_page]; $pages = array($zone_default_page => $default) + $pages; } foreach ($pages as $page => $page_type) { if (is_integer($page)) { $page = strval($page); } if (substr($page, 0, 6) == 'panel_') { continue; } if (substr($page, 0, 1) == '_') { continue; } if (in_array($page, $skip_pages)) { continue; } if (in_array($zone . ':' . $page, $skip_pages)) { continue; } if ($page == '404') { continue; } if (strpos($page, '_tree_made') !== false) { continue; } if ($page == 'sitemap') { continue; } if ($page == 'forums' && substr($page_type, 0, 7) == 'modules' && (get_forum_type() == 'ocf' || get_forum_type() == 'none')) { continue; } if ($page == 'join' && substr($page_type, 0, 7) == 'modules' && !is_guest()) { continue; } if (has_page_access(get_member(), $page, $zone)) { $_entrypoints = array(); $__entrypoints = $low_memory ? array(NULL) : extract_module_functions_page($zone, $page, array('get_entry_points')); if (!is_null($__entrypoints[0])) { $entrypoints = is_array($__entrypoints[0]) ? call_user_func_array($__entrypoints[0][0], $__entrypoints[0][1]) : (strpos($__entrypoints[0], '::') !== false ? NULL : eval($__entrypoints[0])); // The strpos thing is a little hack that allows it to work for base-class derived modules if (is_null($entrypoints)) { $path = zone_black_magic_filterer($zone . ($zone == '' ? '' : '/') . 'pages/' . $page_type . '/' . $page . '.php', true); if ($low_memory && !defined('HIPHOP_PHP') && strpos(file_get_contents(get_file_base() . '/' . $path), ' extends standard_aed_module') !== false) { $new_code = str_replace(',parent::get_entry_points()', '', str_replace('parent::get_entry_points(),', '', $__entrypoints[0])); if (strpos($new_code, 'parent::') !== false) { continue; } $entrypoints = eval($new_code); } else { require_code($path); if (class_exists('Mx_' . filter_naughty_harsh($page))) { $object = object_factory('Mx_' . filter_naughty_harsh($page)); } else { $object = object_factory('Module_' . filter_naughty_harsh($page)); } $entrypoints = $object->get_entry_points(); } } } else { $entrypoints = array('!'); } if (!is_array($entrypoints)) { $entrypoints = array('!'); } if ($entrypoints == array('!')) { $url = build_url(array('page' => $page), $zone, NULL, false, false, true); $title = ucwords(str_replace('_', ' ', $page)); if (substr($page_type, 0, 7) == 'comcode') { foreach ($comcode_page_rows as $page_row) { if ($page_row['p_validated'] == 0 && $page_row['the_page'] == $page && $page_row['the_zone'] == $zone) { continue 2; } } $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt'); if (!is_file($path)) { $path = zone_black_magic_filterer(get_file_base() . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt'); } $page_contents = file_get_contents($path); $matches = array(); if (preg_match('#\\[title[^\\]]*\\]#', $page_contents, $matches) != 0) { $start = strpos($page_contents, $matches[0]) + strlen($matches[0]); $end = strpos($page_contents, '[/title]', $start); $matches = array(); $title_portion = str_replace('{$SITE_NAME}', get_site_name(), substr($page_contents, $start, $end - $start)); if (preg_match('#\\{\\!([\\w:]+)\\}#', $title_portion, $matches) != 0) { $title_portion = str_replace($matches[0], do_lang($matches[1]), $title_portion); } if (preg_match('#^[^<>\\[\\{\\&]*$#', $title_portion, $matches) != 0) { $title = $matches[0]; } elseif (!$low_memory) { $_title = comcode_to_tempcode($title_portion); $title = strip_tags(@html_entity_decode($_title->evaluate(), ENT_QUOTES, get_charset())); } } } elseif (substr($page_type, 0, 4) == 'html') { $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.htm'); $page_contents = file_get_contents($path); $matches = array(); if (preg_match('#\\<title[^\\>]*\\>#', $page_contents, $matches) != 0) { $start = strpos($page_contents, $matches[0]) + strlen($matches[0]); $end = strpos($page_contents, '</title>', $start); $title = strip_tags(@html_entity_decode(substr($page_contents, $start, $end - $start), ENT_QUOTES, get_charset())); } } $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => '92e657f8b9a3642df053f54e724e66f6', 'URL' => $url, 'NAME' => $title, 'CHILDREN' => array())); $_pages[$title] = $temp->evaluate(); // FUDGEFUDGE } elseif (count($entrypoints) != 0) { foreach ($entrypoints as $entrypoint => $title) { if (($entrypoint == 'concede' || $entrypoint == 'invisible' || $entrypoint == 'logout') && is_guest()) { continue; } if ($entrypoint == '!') { $url = build_url(array('page' => $page), $zone, NULL, false, false, true); } else { $url = build_url(array('page' => $page, 'type' => $entrypoint), $zone, NULL, false, false, true); } $_entrypoints[$title] = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => 'ae2ed2549644a8e699e0938b3ab98ddb', 'URL' => $url, 'NAME' => do_lang_tempcode($title), 'CHILDREN' => array())); } //ksort($_entrypoints); $title = do_lang('MODULE_TRANS_NAME_' . $page, NULL, NULL, NULL, NULL, false); if (is_null($title)) { $title = ucwords(str_replace('_', ' ', preg_replace('#^ocf\\_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote($zone)) . '_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote(str_replace('zone', '', $zone))) . '_#', '', $page))))); } if (count($_entrypoints) == 1) { $temp_keys = array_keys($_entrypoints); $temp = $_entrypoints[$temp_keys[0]]; } else { $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => 'dfc5cc7db0301acd938d3b2e3fceaab8', 'URL' => new ocp_tempcode(), 'NAME' => $title, 'CHILDREN' => $_entrypoints)); } $_pages[$title] = $temp->evaluate(); // FUDGEFUDGE } } } $url = new ocp_tempcode(); if ($_pages != array()) { $keys = array_keys($_pages); $first = $_pages[$keys[0]]; ksort($_pages); $_pages = array($keys[0] => $first) + $_pages; } $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => '38abb0a0e5bec968b28b4791320dd0dc', 'URL' => $url, 'NAME' => $zone_title, 'CHILDREN' => $_pages)); $_zones[] = $temp->evaluate(); // FUDGEFUDGE } } // To avoid running out of memory $out = do_template('BLOCK_MAIN_SITEMAP', array('_GUID' => 'd0807b30925e47d10cdb2c36231436ab', 'CHILDREN' => $_zones)); $e = $out->evaluate(); $explode = explode('__keep__', $e); // the URLs are build without keep and the templates tack it on the end if (strpos($e, '__keep__') !== false) { $out = new ocp_tempcode(); foreach ($explode as $i => $bit) { if ($i != 0) { $out->attach(symbol_tempcode('KEEP', NULL, array(ENTITY_ESCAPED))); } if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($bit); } $out->attach($bit); } } $e = $out->evaluate(); if (strpos($e, '__keep1__') !== false) { $explode = explode('__keep1__', $e); $out = new ocp_tempcode(); foreach ($explode as $i => $bit) { if ($i != 0) { $out->attach(symbol_tempcode('KEEP', array('1'), array(ENTITY_ESCAPED))); } if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($bit); } $out->attach($bit); } } return $out; }