function page_remove($id)
{
global $_CLASS;
$result = $_CLASS['core_db']->query('SELECT page_status, page_name, page_type FROM ' . CORE_PAGES_TABLE . ' WHERE page_id = ' . $id);
$page = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$page || $page['page_status'] != STATUS_PENDING) {
trigger_error($page ? 'MODULE_NOT_REMOVABLE' : 'MODULE_NOT_FOUND');
}
check_type($page['page_type']);
if (display_confirmation()) {
if ($page['page_type'] == PAGE_TEMPLATE) {
@unlink(SITE_FILE_ROOT . 'includes/templates/' . $page['page_location']);
}
$_CLASS['core_db']->query('DELETE from ' . CORE_PAGES_TABLE . ' WHERE page_id = ' . $id);
return true;
}
return false;
}
function block_delete($id, $return_link = false)
{
global $_CLASS;
$result = $_CLASS['core_db']->query('SELECT block_order, block_type, block_position FROM ' . CORE_BLOCKS_TABLE . ' WHERE block_id=' . $id);
$block = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$block || $block['block_type'] == BLOCKTYPE_SYSTEM) {
trigger_error($block ? 'BLOCK_NOT_DELETABLE' : 'BLOCK_NOT_FOUND');
}
check_position($block['block_position']);
if (display_confirmation()) {
$_CLASS['core_db']->query('DELETE from ' . CORE_BLOCKS_TABLE . ' where block_id = ' . $id);
$result = $_CLASS['core_db']->query('UPDATE ' . CORE_BLOCKS_TABLE . ' SET block_order = block_order-1 WHERE block_position=' . $block['block_position'] . ' AND block_order > ' . $block['block_order']);
$_CLASS['core_cache']->destroy('blocks');
if ($return_link) {
trigger_error('Block deleted<br/><a href="' . $return_link . '">Click here to return</a>');
}
}
if ($return_link) {
redirect($return_link);
}
}
function message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions)
{
global $_CLASS, $config;
$redirect_url = generate_link('Control_Panel&i=pm&mode=options');
$_CLASS['core_template']->assign_array(array('ERROR_MESSAGE' => false, 'S_RULE_DEFINED' => false, 'S_COND_DEFINED' => false, 'NONE_CONDITION' => false, 'S_ACTION_DEFINED' => false, 'NOTIFICATION_MESSAGE' => false, 'rule' => false));
// Change "full folder" setting - what to do if folder is full
if (isset($_POST['fullfolder'])) {
$full_action = request_var('full_action', 0);
$set_folder_id = 0;
switch ($full_action) {
case 1:
$set_folder_id = FULL_FOLDER_DELETE;
break;
case 2:
$set_folder_id = request_var('full_move_to', PRIVMSGS_INBOX);
break;
case 3:
$set_folder_id = FULL_FOLDER_HOLD;
break;
default:
$full_action = 0;
break;
}
if ($full_action) {
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_full_folder = ' . $set_folder_id . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
$_CLASS['core_user']->data['user_full_folder'] = $set_folder_id;
$message = $_CLASS['core_user']->lang['FULL_FOLDER_OPTION_CHANGED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
$_CLASS['core_display']->meta_refresh(3, $redirect_url);
trigger_error($message);
}
}
// Add Folder
if (isset($_POST['addfolder'])) {
$folder_name = request_var('foldername', '');
if ($folder_name) {
$sql = 'SELECT folder_name
FROM ' . FORUMS_PRIVMSGS_FOLDER_TABLE . "\n\t\t\t\tWHERE folder_name = '" . $_CLASS['core_db']->escape($folder_name) . "'\n\t\t\t\t\tAND user_id = " . $_CLASS['core_user']->data['user_id'];
$result = $_CLASS['core_db']->query_limit($sql, 1);
$row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if ($row) {
trigger_error(sprintf($_CLASS['core_user']->lang['FOLDER_NAME_EXIST'], $folder_name));
}
$sql = 'SELECT COUNT(*) as num_folder
FROM ' . FORUMS_PRIVMSGS_FOLDER_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'];
$result = $_CLASS['core_db']->query($sql);
list($count) = $_CLASS['core_db']->fetch_row_num($result);
$_CLASS['core_db']->free_result($result);
if ($count >= $config['pm_max_boxes']) {
trigger_error('MAX_FOLDER_REACHED');
}
$sql_array = array('user_id' => (int) $_CLASS['core_user']->data['user_id'], 'folder_name' => $folder_name, 'pm_count' => 0);
$_CLASS['core_db']->query('INSERT INTO ' . FORUMS_PRIVMSGS_FOLDER_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $sql_array));
$message = $_CLASS['core_user']->lang['FOLDER_ADDED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
$_CLASS['core_display']->meta_refresh(3, $redirect_url);
trigger_error($message);
}
}
// Rename folder
if (isset($_POST['rename_folder'])) {
$new_folder_name = request_var('new_folder_name', '');
$rename_folder_id = request_var('rename_folder_id', 0);
if (!$new_folder_name) {
trigger_error('NO_NEW_FOLDER_NAME');
}
// Select custom folder
$sql = 'SELECT folder_name, pm_count
FROM ' . FORUMS_PRIVMSGS_FOLDER_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\tAND folder_id = {$rename_folder_id}";
$result = $_CLASS['core_db']->query_limit($sql, 1);
$folder_row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$folder_row) {
trigger_error('CANNOT_RENAME_FOLDER');
}
$sql = 'SELECT folder_name
FROM ' . FORUMS_PRIVMSGS_FOLDER_TABLE . "\n\t\t\tWHERE folder_name = '" . $_CLASS['core_db']->escape($new_folder_name) . "'\n\t\t\t\tAND user_id = " . $_CLASS['core_user']->data['user_id'];
$result = $_CLASS['core_db']->query_limit($sql, 1);
$row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if ($row) {
trigger_error(sprintf($_CLASS['core_user']->lang['FOLDER_NAME_EXIST'], $new_folder_name));
}
$sql = 'UPDATE ' . FORUMS_PRIVMSGS_FOLDER_TABLE . " \n\t\t\tSET folder_name = '" . $_CLASS['core_db']->escape($new_folder_name) . "'\n\t\t\tWHERE folder_id = {$rename_folder_id}\n\t\t\t\tAND user_id = " . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
$message = $_CLASS['core_user']->lang['FOLDER_RENAMED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
$_CLASS['core_display']->meta_refresh(3, $redirect_url);
trigger_error($message);
}
// Remove Folder
if (isset($_POST['remove_folder'])) {
$remove_folder_id = request_var('remove_folder_id', 0);
// Default to "move all messages to inbox"
$remove_action = request_var('remove_action', 1);
$move_to = request_var('move_to', PRIVMSGS_INBOX);
// Move to same folder?
if ($remove_action == 1 && $remove_folder_id === $move_to) {
trigger_error('CANNOT_MOVE_TO_SAME_FOLDER');
}
// Select custom folder
$sql = 'SELECT folder_name, pm_count
FROM ' . FORUMS_PRIVMSGS_FOLDER_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\tAND folder_id = {$remove_folder_id}";
$result = $_CLASS['core_db']->query($sql);
$folder_row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$folder_row) {
trigger_error('CANNOT_REMOVE_FOLDER');
}
$hidden_fields = array('remove_folder_id' => $remove_folder_id, 'remove_folder' => 1, 'remove_action' => $remove_action, 'move_to' => $move_to);
// Do we need to confirm?
if (display_confirmation($_CLASS['core_user']->get_lang('REMOVE_FOLDER'), generate_hidden_fields($hidden_fields))) {
// Gather message ids
$sql = 'SELECT msg_id
FROM ' . FORUMS_PRIVMSGS_TO_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\tAND folder_id = {$remove_folder_id}";
$result = $_CLASS['core_db']->query($sql);
$msg_ids = array();
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$msg_ids[] = (int) $row['msg_id'];
}
$_CLASS['core_db']->free_result($result);
// First of all, copy all messages to another folder... or delete all messages
switch ($remove_action) {
// Move Messages
case 1:
$message_limit = $_CLASS['core_user']->data['user_message_limit'] ? $_CLASS['core_user']->data['user_message_limit'] : $config['pm_max_msgs'];
$num_moved = move_pm($_CLASS['core_user']->data['user_id'], $message_limit, $msg_ids, $move_to, $remove_folder_id);
// Something went wrong, only partially moved?
if ($num_moved != $folder_row['pm_count']) {
trigger_error(sprintf($_CLASS['core_user']->lang['MOVE_PM_ERROR'], $num_moved, $folder_row['pm_count']));
}
break;
// Remove Messages
// Remove Messages
case 2:
delete_pm($_CLASS['core_user']->data['user_id'], $msg_ids, $remove_folder_id);
break;
}
// Remove folder
$sql = 'DELETE FROM ' . FORUMS_PRIVMSGS_FOLDER_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\tAND folder_id = {$remove_folder_id}";
$_CLASS['core_db']->query($sql);
// Check full folder option. If the removed folder has been specified as destination switch back to inbox
if ($_CLASS['core_user']->data['user_full_folder'] == $remove_folder_id) {
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_full_folder = ' . PRIVMSGS_INBOX . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
$_CLASS['core_user']->data['user_full_folder'] = PRIVMSGS_INBOX;
}
$meta_info = generate_link('Control_Panel&i=pm&mode=' . $mode);
$message = $_CLASS['core_user']->lang['FOLDER_REMOVED'];
$_CLASS['core_display']->meta_refresh(3, $meta_info);
$message .= '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $meta_info . '">', '</a>');
trigger_error($message);
}
}
// Add Rule
if (isset($_POST['add_rule'])) {
$check_option = request_var('check_option', 0);
$rule_option = request_var('rule_option', 0);
$cond_option = request_var('cond_option', '');
$action_option = explode('|', request_var('action_option', ''));
$rule_string = $cond_option != 'none' ? request_var('rule_string', '') : '';
$rule_user_id = $cond_option != 'none' ? request_var('rule_user_id', 0) : 0;
$rule_group_id = $cond_option != 'none' ? request_var('rule_group_id', 0) : 0;
$action = (int) $action_option[0];
$folder_id = (int) $action_option[1];
if (!$action || !$check_option || !$rule_option || !$cond_option || $cond_option != 'none' && !$rule_string) {
trigger_error('RULE_NOT_DEFINED');
}
if ($cond_option == 'user' && !$rule_user_id || $cond_option == 'group' && !$rule_group_id) {
trigger_error('RULE_NOT_DEFINED');
}
$rule_ary = array('user_id' => $_CLASS['core_user']->data['user_id'], 'rule_check' => $check_option, 'rule_connection' => $rule_option, 'rule_string' => $rule_string, 'rule_user_id' => $rule_user_id, 'rule_group_id' => $rule_group_id, 'rule_action' => $action, 'rule_folder_id' => $folder_id);
$sql = 'SELECT rule_id
FROM ' . FORUMS_PRIVMSGS_RULES_TABLE . '
WHERE ' . $_CLASS['core_db']->sql_build_array('SELECT', $rule_ary);
$result = $_CLASS['core_db']->query($sql, 1);
$row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if ($row) {
trigger_error('RULE_ALREADY_DEFINED');
}
$sql = 'INSERT INTO ' . FORUMS_PRIVMSGS_RULES_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $rule_ary);
$_CLASS['core_db']->query($sql);
$message = $_CLASS['core_user']->lang['RULE_ADDED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
$_CLASS['core_display']->meta_refresh(3, $redirect_url);
trigger_error($message);
}
// Remove Rule
if (isset($_POST['delete_rule']) && !isset($_POST['cancel'])) {
$delete_id = array_map('intval', array_keys($_POST['delete_rule']));
$delete_id = (int) $delete_id[0];
if (!$delete_id) {
redirect(generate_link('Control_Panel&i=pm&mode=' . $mode));
}
$s_hidden_fields = '<input type="hidden" name="delete_rule[' . $delete_id . ']" value="1" />';
// Do we need to confirm ?
if (confirm_box(true)) {
$sql = 'DELETE FROM ' . FORUMS_PRIVMSGS_RULES_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\tAND rule_id = {$delete_id}";
$_CLASS['core_db']->query($sql);
$meta_info = generate_link("Control_Panel{$SID}&i=pm&mode={$mode}");
$message = $_CLASS['core_user']->lang['RULE_DELETED'];
$_CLASS['core_display']->meta_refresh(3, $meta_info);
$message .= '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $meta_info . '">', '</a>');
trigger_error($message);
} else {
confirm_box(false, 'DELETE_RULE', $s_hidden_fields);
}
}
$folder = array();
$message_limit = $_CLASS['core_user']->data['user_message_limit'] ? $config['pm_max_msgs'] : $_CLASS['core_user']->data['user_message_limit'];
$sql = 'SELECT COUNT(*) as num_messages
FROM ' . FORUMS_PRIVMSGS_TO_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . '
AND folder_id = ' . PRIVMSGS_INBOX;
$result = $_CLASS['core_db']->query($sql);
list($num_messages) = $_CLASS['core_db']->fetch_row_num($result);
$_CLASS['core_db']->free_result($result);
$folder[PRIVMSGS_INBOX] = array('folder_name' => $_CLASS['core_user']->get_lang('PM_INBOX'), 'message_status' => sprintf($_CLASS['core_user']->lang['FOLDER_MESSAGE_STATUS'], $num_messages, $message_limit));
$sql = 'SELECT folder_id, folder_name, pm_count
FROM ' . FORUMS_PRIVMSGS_FOLDER_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'];
$result = $_CLASS['core_db']->query($sql);
$num_user_folder = 0;
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$num_user_folder++;
$folder[$row['folder_id']] = array('folder_name' => $row['folder_name'], 'message_status' => sprintf($_CLASS['core_user']->lang['FOLDER_MESSAGE_STATUS'], $row['pm_count'], $message_limit));
}
$_CLASS['core_db']->free_result($result);
$s_full_folder_options = $s_to_folder_options = $s_folder_options = '';
// temp
$_CLASS['core_user']->data['user_full_folder'] = FULL_FOLDER_NONE;
if ($_CLASS['core_user']->data['user_full_folder'] == FULL_FOLDER_NONE) {
// -3 here to let the correct folder id be selected
$to_folder_id = $config['full_folder_action'] - 3;
} else {
$to_folder_id = $_CLASS['core_user']->data['user_full_folder'];
}
foreach ($folder as $folder_id => $folder_ary) {
$s_full_folder_options .= '<option value="' . $folder_id . '"' . ($_CLASS['core_user']->data['user_full_folder'] == $folder_id ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>';
//$s_to_folder_options .= '<option value="' . $folder_id . '"' . (($to_folder_id == $folder_id) ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>';
$s_to_folder_options .= '<option value="' . $folder_id . '">' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>';
if ($folder_id != PRIVMSGS_INBOX) {
$s_folder_options .= '<option value="' . $folder_id . '">' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>';
}
}
$s_delete_checked = $_CLASS['core_user']->data['user_full_folder'] == FULL_FOLDER_DELETE ? ' checked="checked"' : '';
$s_hold_checked = $_CLASS['core_user']->data['user_full_folder'] == FULL_FOLDER_HOLD ? ' checked="checked"' : '';
$s_move_checked = $_CLASS['core_user']->data['user_full_folder'] >= 0 ? ' checked="checked"' : '';
if ($_CLASS['core_user']->data['user_full_folder'] == FULL_FOLDER_NONE) {
switch ($config['full_folder_action']) {
case 1:
$s_delete_checked = ' checked="checked"';
break;
case 2:
$s_hold_checked = ' checked="checked"';
break;
}
}
$_CLASS['core_template']->assign_array(array('S_FULL_FOLDER_OPTIONS' => $s_full_folder_options, 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, 'S_FOLDER_OPTIONS' => $s_folder_options, 'S_DELETE_CHECKED' => $s_delete_checked, 'S_HOLD_CHECKED' => $s_hold_checked, 'S_MOVE_CHECKED' => $s_move_checked, 'S_MAX_FOLDER_REACHED' => $num_user_folder >= $config['pm_max_boxes'] ? true : false, 'DEFAULT_ACTION' => $config['full_folder_action'] == 1 ? $_CLASS['core_user']->lang['DELETE_OLDEST_MESSAGES'] : $_CLASS['core_user']->lang['HOLD_NEW_MESSAGES'], 'U_FIND_USERNAME' => generate_link('Members_List&mode=searchuser&form=ucp&field=rule_string')));
$rule_lang = $action_lang = $check_lang = array();
// Build all three language arrays
preg_replace('#^((RULE|ACTION|CHECK)_([A-Z0-9_]+))$#e', "\${strtolower('\\2') . '_lang'}[constant('\\1')] = \$_CLASS['core_user']->lang['PM_\\2']['\\3']", array_keys(get_defined_constants()));
/*
Rule Ordering:
-> CHECK_* -> RULE_* [IN $global_privmsgs_rules:CHECK_*] -> [IF $rule_conditions[RULE_*] [|text|bool|user|group|own_group]] -> ACTION_*
*/
$check_option = request_var('check_option', 0);
$rule_option = request_var('rule_option', 0);
$cond_option = request_var('cond_option', '');
$action_option = request_var('action_option', '');
$back = isset($_REQUEST['back']) ? request_var('back', '') : array();
if (!empty($back)) {
if ($action_option) {
$action_option = '';
} elseif ($cond_option) {
$cond_option = '';
} elseif ($rule_option) {
$rule_option = 0;
} elseif ($check_option) {
$check_option = 0;
}
}
if (isset($back['action']) && $cond_option == 'none') {
$back['cond'] = true;
}
// Check
define_check_option($check_option && !isset($back['rule']) ? true : false, $check_option, $check_lang);
if ($check_option && !isset($back['rule'])) {
define_rule_option($rule_option && !isset($back['cond']) ? true : false, $rule_option, $rule_lang, $global_privmsgs_rules[$check_option]);
}
if ($rule_option && !isset($back['cond'])) {
if (!isset($global_rule_conditions[$rule_option])) {
$cond_option = 'none';
$_CLASS['core_template']->assign('NONE_CONDITION', true);
} else {
define_cond_option($cond_option && !isset($back['action']) ? true : false, $cond_option, $rule_option, $global_rule_conditions);
}
}
if ($cond_option && !isset($back['action'])) {
define_action_option(false, $action_option, $action_lang, $folder);
}
show_defined_rules($_CLASS['core_user']->data['user_id'], $check_lang, $rule_lang, $action_lang, $folder);
}
switch ($action) {
case 'remove':
if (!$role_id) {
trigger_error($_CLASS['core_user']->lang['NO_ROLE_SELECTED'] . adm_back_link(generate_link($u_action, array('admin' => true))), E_USER_WARNING);
}
$sql = 'SELECT *
FROM ' . FORUMS_ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$result = $_CLASS['core_db']->query($sql);
$role_row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$role_row) {
trigger_error($_CLASS['core_user']->lang['NO_ROLE_SELECTED'] . adm_back_link(generate_link($u_action, array('admin' => true))), E_USER_WARNING);
}
$hidden_fields = generate_hidden_fields(array('i' => $id, 'mode' => $mode, 'role_id' => $role_id, 'action' => $action));
if (display_confirmation('DELETE_ROLE', $hidden_fields)) {
remove_role($role_id, $permission_type);
add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_row['role_name']);
trigger_error($_CLASS['core_user']->lang['ROLE_DELETED'] . adm_back_link(generate_link($u_action, array('admin' => true))));
}
break;
case 'edit':
if (!$role_id) {
trigger_error($_CLASS['core_user']->lang['NO_ROLE_SELECTED'] . adm_back_link(generate_link($u_action, array('admin' => true))), E_USER_WARNING);
}
// Get role we edit
$sql = 'SELECT *
FROM ' . FORUMS_ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$result = $_CLASS['core_db']->query($sql);
$role_row = $_CLASS['core_db']->fetch_row_assoc($result);
function ucp_main($id, $mode)
{
global $config, $_CLASS, $site_file_root, $_CORE_CONFIG;
$_CLASS['core_template']->assign_array(array('ERROR' => false, 'topicrow' => false, 'WARNINGS' => false, 'draftrow' => false));
$_CLASS['core_user']->user_setup();
switch ($mode) {
case 'front':
$_CLASS['core_user']->add_lang(false, 'Members_List');
if ($config['load_db_lastread'] || $config['load_db_track']) {
if ($config['load_db_lastread']) {
$sql = 'SELECT mark_time
FROM ' . FORUMS_TRACK_TABLE . '
WHERE forum_id = 0
AND user_id = ' . $_CLASS['core_user']->data['user_id'];
$result = $_CLASS['core_db']->query($sql);
$track_data = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
}
$sql_from = FORUMS_TOPICS_TABLE . ' t LEFT JOIN ' . FORUMS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $_CLASS['core_user']->data['user_id'] . ')';
$sql_select = ', tt.mark_time';
} else {
$sql_from = TOPICS_TABLE . ' t ';
$sql_select = '';
}
// Has to be in while loop if we not only check forum id 0
if ($config['load_db_lastread']) {
$forum_check = $track_data['mark_time'];
} else {
$tracking_topics = isset($_COOKIE[$_CORE_CONFIG['server']['cookie_name'] . '_track']) ? unserialize(stripslashes($_COOKIE[$_CORE_CONFIG['server']['cookie_name'] . '_track'])) : array();
$forum_check = isset($tracking_topics[0][0]) ? base_convert($tracking_topics[0][0], 36, 10) + $config['board_startdate'] : 0;
}
$topic_type = $_CLASS['core_user']->lang['VIEW_TOPIC_ANNOUNCEMENT'];
$folder = 'folder_announce';
$folder_new = $folder . '_new';
$sql = "SELECT t.* {$sql_select} \n\t\t\t\t\tFROM {$sql_from}\n\t\t\t\t\tWHERE t.forum_id = 0\n\t\t\t\t\t\tAND t.topic_type = " . POST_GLOBAL . '
ORDER BY t.topic_last_post_time DESC';
$result = $_CLASS['core_db']->query($sql);
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$forum_id = $row['forum_id'];
$topic_id = $row['topic_id'];
if ($row['topic_status'] == ITEM_LOCKED) {
$topic_type = $_CLASS['core_user']->lang['VIEW_TOPIC_LOCKED'];
$folder = 'folder_locked';
$folder_new = 'folder_locked_new';
}
$unread_topic = true;
if ($config['load_db_lastread']) {
$topic_check = $row['mark_time'];
} else {
$topic_id36 = base_convert($topic_id, 10, 36);
$topic_check = isset($tracking_topics[0][$topic_id36]) ? base_convert($tracking_topics[0][$topic_id36], 36, 10) + $config['board_startdate'] : 0;
}
if ($topic_check >= $row['topic_last_post_time'] || $forum_check >= $row['topic_last_post_time']) {
$unread_topic = false;
}
$newest_post_img = $unread_topic ? '<a href="' . generate_link("Forums&file=viewtopic&t={$topic_id}&view=unread#unread") . '">' . $_CLASS['core_user']->img('icon_post_newest', 'VIEW_NEWEST_POST') . '</a> ' : '';
$folder_img = $unread_topic ? $folder_new : $folder;
$folder_alt = $unread_topic ? 'NEW_POSTS' : ($row['topic_status'] == ITEM_LOCKED ? 'TOPIC_LOCKED' : 'NO_NEW_POSTS');
// Posted image?
$view_topic_url = generate_link("Forums&file=viewtopic&&t={$topic_id}");
$last_post_img = '<a href="' . generate_link("Forums&file=viewtopic&t={$topic_id}&p=" . $row['topic_last_post_id'] . '#' . $row['topic_last_post_id']) . '">' . $_CLASS['core_user']->img('icon_post_latest', 'VIEW_LATEST_POST') . '</a>';
$_CLASS['core_template']->assign_vars_array('topicrow', array('FORUM_ID' => $forum_id, 'TOPIC_ID' => $topic_id, 'GOTO_PAGE' => '', 'LAST_POST_TIME' => $_CLASS['core_user']->format_date($row['topic_last_post_time']), 'LAST_POST_AUTHOR' => $row['topic_last_poster_name'] ? $row['topic_last_poster_name'] : $_CLASS['core_user']->lang['GUEST'], 'TOPIC_TITLE' => censor_text($row['topic_title']), 'TOPIC_TYPE' => $topic_type, 'LAST_POST_IMG' => $last_post_img, 'NEWEST_POST_IMG' => $newest_post_img, 'TOPIC_FOLDER_IMG' => $_CLASS['core_user']->img($folder_img, $folder_alt), 'ATTACH_ICON_IMG' => $_CLASS['auth']->acl_gets('f_download', 'u_download', $forum_id) && $row['topic_attachment'] ? $_CLASS['core_user']->img('icon_attach', '') : '', 'U_LAST_POST_AUTHOR' => $row['topic_last_poster_id'] != ANONYMOUS ? generate_link('Members_List&mode=viewprofile&u=' . $row['topic_last_poster_id']) : false, 'U_VIEW_TOPIC' => $view_topic_url));
}
$_CLASS['core_db']->free_result($result);
$num_real_posts = $_CLASS['core_user']->data['user_posts'];
$active_f_row = $active_t_row = array();
// Do the relevant calculations
$memberdays = max(1, round(($_CLASS['core_user']->time - $_CLASS['core_user']->data['user_reg_date']) / 86400));
$posts_per_day = $_CLASS['core_user']->data['user_posts'] / $memberdays;
$percentage = $config['num_posts'] ? min(100, $num_real_posts / $config['num_posts'] * 100) : 0;
$active_f_name = $active_f_id = $active_f_count = $active_f_pct = '';
if (!empty($active_f_row['num_posts'])) {
$active_f_name = $active_f_row['forum_name'];
$active_f_id = $active_f_row['forum_id'];
$active_f_count = $active_f_row['num_posts'];
$active_f_pct = $_CLASS['core_user']->data['user_posts'] ? $active_f_count / $_CLASS['core_user']->data['user_posts'] * 100 : 0;
}
unset($active_f_row);
$active_t_name = $active_t_id = $active_t_count = $active_t_pct = '';
if (!empty($active_t_row['num_posts'])) {
$active_t_name = $active_t_row['topic_title'];
$active_t_id = $active_t_row['topic_id'];
$active_t_count = $active_t_row['num_posts'];
$active_t_pct = $_CLASS['core_user']->data['user_posts'] ? $active_t_count / $_CLASS['core_user']->data['user_posts'] * 100 : 0;
}
unset($active_t_row);
$_CLASS['core_template']->assign_array(array('USER_COLOR' => !empty($_CLASS['core_user']->data['user_colour']) ? $_CLASS['core_user']->data['user_colour'] : '', 'JOINED' => $_CLASS['core_user']->format_date($_CLASS['core_user']->data['user_reg_date']), 'VISITED' => empty($_CLASS['core_user']->data['user_lastvisit']) ? ' - ' : $_CLASS['core_user']->format_date($_CLASS['core_user']->data['user_lastvisit']), 'POSTS' => $_CLASS['core_user']->data['user_posts'] ? $_CLASS['core_user']->data['user_posts'] : 0, 'POSTS_DAY' => sprintf($_CLASS['core_user']->lang['POST_DAY'], $posts_per_day), 'POSTS_PCT' => sprintf($_CLASS['core_user']->lang['POST_PCT'], $percentage), 'ACTIVE_FORUM' => $active_f_name, 'ACTIVE_FORUM_POSTS' => $active_f_count == 1 ? sprintf($_CLASS['core_user']->lang['USER_POST'], 1) : sprintf($_CLASS['core_user']->lang['USER_POSTS'], $active_f_count), 'ACTIVE_FORUM_PCT' => sprintf($_CLASS['core_user']->lang['POST_PCT'], $active_f_pct), 'ACTIVE_TOPIC' => $active_t_name, 'ACTIVE_TOPIC_POSTS' => $active_t_count == 1 ? sprintf($_CLASS['core_user']->lang['USER_POST'], 1) : sprintf($_CLASS['core_user']->lang['USER_POSTS'], $active_t_count), 'ACTIVE_TOPIC_PCT' => sprintf($_CLASS['core_user']->lang['POST_PCT'], $active_t_pct), 'OCCUPATION' => !empty($row['user_occ']) ? $row['user_occ'] : '', 'INTERESTS' => !empty($row['user_interests']) ? $row['user_interests'] : '', 'U_SEARCH_USER' => $_CLASS['auth']->acl_get('u_search') ? generate_link('Forums&file=search&search_author=' . urlencode($_CLASS['core_user']->data['username']) . "&show_results=posts") : '', 'U_ACTIVE_FORUM' => generate_link('Forums&file=viewforum&f=' . $active_f_id), 'U_LAST_POST_AUTHOR' => $row['topic_last_poster_id'] != ANONYMOUS ? generate_link('Members_List&mode=viewprofile&u=' . $row['topic_last_poster_id']) : false, 'U_ACTIVE_TOPIC' => generate_link('Forums&file=viewtopic&t=' . $active_t_id)));
break;
case 'subscribed':
require $site_file_root . 'includes/forums/functions_display.php';
$unwatch = isset($_POST['unwatch']);
if ($unwatch) {
$forums = array_unique(get_variable('f', 'POST', array(), 'array:int'));
$topics = array_unique(get_variable('t', 'POST', array(), 'array:int'));
if (!empty($forums) || !empty($topics)) {
$l_unwatch = '';
if (!empty($forums)) {
$sql = 'DELETE FROM ' . FORUMS_WATCH_TABLE . '
WHERE forum_id IN (' . implode(', ', $forums) . ') AND topic_id = 0
AND user_id = ' . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
$l_unwatch .= '_FORUMS';
}
if (!empty($topics)) {
$sql = 'DELETE FROM ' . FORUMS_WATCH_TABLE . '
WHERE topic_id IN (' . implode(', ', $topics) . ')
AND user_id = ' . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
$l_unwatch .= '_TOPICS';
}
$message = $_CLASS['core_user']->lang['UNWATCHED' . $l_unwatch] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . generate_link("Control_Panel&i={$id}&mode=subscribed") . '">', '</a>');
$_CLASS['core_display']->meta_refresh(3, generate_link("Control_Panel&i={$id}&mode=subscribed"));
trigger_error($message);
}
}
if ($config['load_db_lastread']) {
$sql_from = FORUMS_FORUMS_TABLE . ' f LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.user_id = ' . $_CLASS['core_user']->data['user_id'] . '
AND ft.forum_id = f.forum_id AND ft.topic_id = 0)';
$lastread_select = ', ft.mark_time ';
} else {
$sql_from = FORUMS_FORUMS_TABLE . ' f ';
$lastread_select = '';
$tracking = @unserialize(get_variable($_CORE_CONFIG['server']['cookie_name'] . '_track', 'COOKIE'));
if (!is_array($tracking)) {
$tracking = array();
}
}
$sql = "SELECT f.*{$lastread_select} \n\t\t\t\t\tFROM {$sql_from}, " . FORUMS_WATCH_TABLE . ' fw
WHERE fw.user_id = ' . $_CLASS['core_user']->data['user_id'] . '
AND fw.topic_id = 0 AND f.forum_id = fw.forum_id
ORDER BY left_id';
$result = $_CLASS['core_db']->query($sql);
//$topics_count = $_CLASS['core_db']->num_rows($result);
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$forum_id = (int) $row['forum_id'];
$unread_forum = false;
if ($config['load_db_lastread']) {
$mark_time_forum = $row['mark_time'];
} else {
$forum_id36 = base_convert($forum_id, 10, 36);
$mark_time_forum = isset($tracking[$forum_id36][0]) ? (int) base_convert($tracking[$forum_id36][0], 36, 10) : 0;
}
if ($mark_time_forum < $row['forum_last_post_time']) {
$unread_forum = true;
}
// Which folder should we display?
if ($row['forum_status'] == ITEM_LOCKED) {
$folder_image = $unread_forum ? 'folder_locked_new' : 'folder_locked';
$folder_alt = 'FORUM_LOCKED';
} else {
$folder_image = $unread_forum ? 'folder_new' : 'folder';
$folder_alt = $unread_forum ? 'NEW_POSTS' : 'NO_NEW_POSTS';
}
// Create last post link information, if appropriate
if ($row['forum_last_post_id']) {
$last_post_time = $_CLASS['core_user']->format_date($row['forum_last_post_time']);
$last_poster = $row['forum_last_poster_name'] != '' ? $row['forum_last_poster_name'] : $_CLASS['core_user']->lang['GUEST'];
$last_poster_url = $row['forum_last_poster_id'] == ANONYMOUS ? '' : generate_link('Members_List&mode=viewprofile&u=' . $row['forum_last_poster_id']);
$last_post_url = generate_link("Forums&file=viewtopic&f={$forum_id}&p=" . $row['forum_last_post_id'] . '#' . $row['forum_last_post_id']);
} else {
$last_post_time = $last_poster = $last_poster_url = $last_post_url = '';
}
$_CLASS['core_template']->assign_vars_array('forumrow', array('FORUM_ID' => $forum_id, 'FORUM_FOLDER_IMG' => $_CLASS['core_user']->img($folder_image, $folder_alt), 'FORUM_NAME' => $row['forum_name'], 'LAST_POST_IMG' => $_CLASS['core_user']->img('icon_post_latest', 'VIEW_LATEST_POST'), 'LAST_POST_TIME' => $last_post_time, 'LAST_POST_AUTHOR' => $last_poster, 'U_LAST_POST_AUTHOR' => $last_poster_url, 'U_LAST_POST' => $last_post_url, 'U_VIEWFORUM' => generate_link('Forums&file=viewforum&f=' . $row['forum_id'])));
}
$_CLASS['core_db']->free_result($result);
// Subscribed Topics
$start = get_variable('start', 'REQUEST', 0, 'int');
if ($config['load_db_lastread']) {
$sql_from = FORUMS_TOPICS_TABLE . ' t LEFT JOIN ' . FORUMS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $_CLASS['core_user']->data['user_id'] . ')';
$sql_t_select = ', tt.mark_time';
} else {
$sql_from = FORUMS_TOPICS_TABLE . ' t';
$sql_t_select = '';
}
$sql = "SELECT t.* {$sql_t_select} \n\t\t\t\t\tFROM " . FORUMS_WATCH_TABLE . " tw, {$sql_from} \n\t\t\t\t\tWHERE tw.user_id = " . $_CLASS['core_user']->data['user_id'] . '
AND t.topic_id = tw.topic_id
ORDER BY t.topic_last_post_time DESC';
$result = $_CLASS['core_db']->query_limit($sql, $config['topics_per_page'], $start);
$topics_count = $_CLASS['core_db']->num_rows($result);
if ($topics_count) {
$pagination = generate_pagination("Control_Panel&i={$id}&mode={$mode}", $topics_count, $config['topics_per_page'], $start);
$_CLASS['core_template']->assign_array(array('PAGINATION' => $pagination['formated'], 'PAGINATION_ARRAY' => $pagination['array'], 'PAGE_NUMBER' => on_page($topics_count, $config['topics_per_page'], $start), 'TOTAL_TOPICS' => $topics_count === 1 ? $_CLASS['core_user']->lang['VIEW_FORUM_TOPIC'] : sprintf($_CLASS['core_user']->lang['VIEW_FORUM_TOPICS'], $topics_count)));
} else {
$_CLASS['core_template']->assign('TOTAL_TOPICS', false);
}
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$topic_id = $row['topic_id'];
$forum_id = $row['forum_id'];
if (!$config['load_db_lastread']) {
$topic_id36 = base_convert($topic_id, 10, 36);
$forum_id36 = $row['topic_type'] == POST_GLOBAL ? 0 : base_convert($forum_id, 10, 36);
$mark_time_topic = isset($tracking[$forum_id36][$topic_id36]) ? (int) base_convert($tracking[$forum_id36][$topic_id36], 36, 10) : 0;
$mark_time_forum = isset($tracking[$forum_id36][0]) ? (int) base_convert($tracking[$forum_id36][0], 36, 10) : 0;
$row['mark_time'] = max($mark_time_topic, $mark_time_forum);
}
// Replies
$replies = $_CLASS['auth']->acl_get('m_approve', $forum_id) ? $row['topic_replies_real'] : $row['topic_replies'];
if ($row['topic_status'] == ITEM_MOVED) {
$topic_id = $row['topic_moved_id'];
}
// Get folder img, topic status/type related informations
$folder_img = $folder_alt = $topic_type = '';
topic_status($row, $replies, $row['mark_time'], $unread_topic, $folder_img, $folder_alt, $topic_type);
$newest_post_img = $unread_topic ? '<a href="' . generate_link("Forums&file=viewtopic&f={$forum_id}&t={$topic_id}&view=unread#unread") . '">' . $_CLASS['core_user']->img('icon_post_newest', 'VIEW_NEWEST_POST') . '</a> ' : '';
$view_topic_url = 'Forums&file=viewtopic&t=' . $topic_id;
$pagination = generate_pagination($view_topic_url, $replies, $config['topics_per_page'], 0);
$_CLASS['core_template']->assign_vars_array('topicrow', array('FORUM_ID' => $forum_id, 'TOPIC_ID' => $topic_id, 'TOPIC_AUTHOR' => $row['topic_poster'] == ANONYMOUS ? $row['topic_first_poster_name'] ? $row['topic_first_poster_name'] : $_CLASS['core_user']->get_lang('GUEST') : $row['topic_first_poster_name'], 'LINK_AUTHOR' => $row['topic_poster'] == ANONYMOUS ? '' : generate_link('Members_List&mode=viewprofile&u=' . $row['topic_poster']), 'FIRST_POST_TIME' => $_CLASS['core_user']->format_date($row['topic_time']), 'LAST_POST_TIME' => $_CLASS['core_user']->format_date($row['topic_last_post_time']), 'LAST_VIEW_TIME' => $_CLASS['core_user']->format_date($row['topic_last_view_time']), 'LAST_POST_AUTHOR' => $row['topic_last_poster_name'] ? $row['topic_last_poster_name'] : $_CLASS['core_user']->lang['GUEST'], 'PAGINATION' => $pagination['formated'], 'PAGINATION_ARRAY' => $pagination['array'], 'REPLIES' => $replies, 'VIEWS' => $row['topic_views'], 'TOPIC_TITLE' => censor_text($row['topic_title']), 'TOPIC_TYPE' => $topic_type, 'LAST_POST_IMG' => $_CLASS['core_user']->img('icon_post_latest', 'VIEW_LATEST_POST'), 'NEWEST_POST_IMG' => $newest_post_img, 'TOPIC_FOLDER_IMG' => $_CLASS['core_user']->img($folder_img, $folder_alt), 'TOPIC_ICON_IMG' => empty($icons[$row['icon_id']]) ? '' : '<img src="' . $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] . '" width="' . $icons[$row['icon_id']]['width'] . '" height="' . $icons[$row['icon_id']]['height'] . '" alt="" title="" />', 'ATTACH_ICON_IMG' => $_CLASS['auth']->acl_gets('f_download', 'u_download', $forum_id) && $row['topic_attachment'] ? $_CLASS['core_user']->img('icon_attach', sprintf($_CLASS['core_user']->lang['TOTAL_ATTACHMENTS'], $row['topic_attachment'])) : '', 'S_TOPIC_TYPE' => $row['topic_type'], 'S_UNREAD_TOPIC' => $unread_topic, 'U_LAST_POST' => generate_link($view_topic_url . '&p=' . $row['topic_last_post_id'] . '#' . $row['topic_last_post_id']), 'U_LAST_POST_AUTHOR' => $row['topic_last_poster_id'] && $row['topic_last_poster_id'] != ANONYMOUS ? generate_link('Members_List&mode=viewprofile&u=' . $row['topic_last_poster_id']) : '', 'U_VIEW_TOPIC' => generate_link($view_topic_url)));
}
$_CLASS['core_db']->free_result($result);
break;
case 'bookmarks':
require $site_file_root . 'includes/forums/functions_display.php';
$move_up = request_var('move_up', 0);
$move_down = request_var('move_down', 0);
$sql = 'SELECT MAX(order_id) as max_order_id FROM ' . FORUMS_BOOKMARKS_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'];
$result = $_CLASS['core_db']->query($sql);
list($max_order_id) = $_CLASS['core_db']->fetch_row_num($result);
$_CLASS['core_db']->free_result($result);
if ($move_up || $move_down) {
if ($move_up && $move_up != 1 || $move_down && $move_down != $max_order_id) {
$order = $move_up ? $move_up : $move_down;
$order_total = $order * 2 + ($move_up ? -1 : 1);
$sql = 'UPDATE ' . FORUMS_BOOKMARKS_TABLE . "\n\t\t\t\t\t\t\tSET order_id = {$order_total} - order_id\n\t\t\t\t\t\t\tWHERE order_id IN ({$order}, " . ($move_up ? $order - 1 : $order + 1) . ')
AND user_id = ' . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
}
}
if (isset($_POST['unbookmark'])) {
$topics = array_unique(get_variable('t', 'POST', array(), 'array:int'));
if (empty($topics)) {
trigger_error('NO_BOOKMARKS_SELECTED');
}
$hidden_fields = array('unbookmark' => 1, 't' => $topics);
if (display_confirmation($_CLASS['core_user']->get_lang('REMOVE_SELECTED_BOOKMARKS'), generate_hidden_fields($hidden_fields))) {
$sql = 'DELETE FROM ' . FORUMS_BOOKMARKS_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . '
AND topic_id IN (' . implode(', ', $topics) . ')';
$_CLASS['core_db']->query($sql);
$sql = 'SELECT topic_id FROM ' . FORUMS_BOOKMARKS_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . '
ORDER BY order_id ASC';
$result = $_CLASS['core_db']->query($sql);
$i = 1;
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$_CLASS['core_db']->query('UPDATE ' . FORUMS_BOOKMARKS_TABLE . "\n\t\t\t\t\t\t\t\tSET order_id = '{$i}'\n\t\t\t\t\t\t\t\tWHERE topic_id = '{$row['topic_id']}'\n\t\t\t\t\t\t\t\t\tAND user_id = '{$_CLASS['core_user']->data['user_id']}'");
$i++;
}
$_CLASS['core_db']->free_result($result);
$url = generate_link('Control_Panel&i=main&mode=bookmarks');
$_CLASS['core_display']->meta_refresh(3, $url);
$message = $_CLASS['core_user']->lang['BOOKMARKS_REMOVED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $url . '">', '</a>');
trigger_error($message);
}
}
// We grab deleted topics here too...
// NOTE: At the moment bookmarks are not removed with topics, might be useful later (not really sure how though. :D)
// But since bookmarks are sensible to the user, they should not be deleted without notice.
$sql = 'SELECT b.order_id, b.topic_id as b_topic_id, t.*, f.forum_name
FROM ' . FORUMS_BOOKMARKS_TABLE . ' b
LEFT JOIN ' . FORUMS_TOPICS_TABLE . ' t ON b.topic_id = t.topic_id
LEFT JOIN ' . FORUMS_FORUMS_TABLE . ' f ON t.forum_id = f.forum_id
WHERE b.user_id = ' . $_CLASS['core_user']->data['user_id'] . '
ORDER BY b.order_id ASC';
$result = $_CLASS['core_db']->query($sql);
if (!($row = $_CLASS['core_db']->fetch_row_assoc($result))) {
$_CLASS['core_db']->free_result($result);
$_CLASS['core_template']->assign_array(array('S_BOOKMARKS' => false, 'S_BOOKMARKS_DISABLED' => false));
break;
}
$bookmarks = true;
do {
$forum_id = $row['forum_id'];
$topic_id = $row['b_topic_id'];
$bookmarks = true;
$replies = $_CLASS['auth']->acl_get('m_approve', $forum_id) ? $row['topic_replies_real'] : $row['topic_replies'];
// Get folder img, topic status/type related informations
$folder_img = $folder_alt = $topic_type = '';
topic_status($row, $replies, $_CLASS['core_user']->time, $unread_topic, $folder_img, $folder_alt, $topic_type);
$view_topic_url = "Forums&file=viewtopic&t={$topic_id}";
// $last_post_img = '<a href="'.generate_link("Forums&file=viewtopic&f=$forum_id&p=" . $row['topic_last_post_id'] . '#' . $row['topic_last_post_id']) . '">' . $_CLASS['core_user']->img('icon_post_latest', 'VIEW_LATEST_POST') . '</a>';
$pagination = generate_pagination('Forums&file=viewtopic&t=' . $topic_id, $replies, $config['posts_per_page'], 0);
$_CLASS['core_template']->assign_vars_array('forummarks', array('FORUM_ID' => $forum_id, 'TOPIC_ID' => $topic_id, 'S_DELETED_TOPIC' => !$row['topic_id'] ? true : false, 'TOPIC_TITLE' => censor_text($row['topic_title']), 'TOPIC_TYPE' => $topic_type, 'FORUM_NAME' => $row['forum_name'], 'TOPIC_AUTHOR' => $row['topic_poster'] == ANONYMOUS ? $row['topic_first_poster_name'] ? $row['topic_first_poster_name'] : $_CLASS['core_user']->get_lang('GUEST') : $row['topic_first_poster_name'], 'LINK_AUTHOR' => $row['topic_poster'] == ANONYMOUS ? '' : generate_link('Members_List&mode=viewprofile&u=' . $row['topic_poster']), 'FIRST_POST_TIME' => $_CLASS['core_user']->format_date($row['topic_time']), 'LAST_POST_TIME' => $_CLASS['core_user']->format_date($row['topic_last_post_time']), 'LAST_VIEW_TIME' => $_CLASS['core_user']->format_date($row['topic_last_view_time']), 'LAST_POST_AUTHOR' => $row['topic_last_poster_name'] != '' ? $row['topic_last_poster_name'] : $_CLASS['core_user']->lang['GUEST'], 'LAST_POST_IMG' => $_CLASS['core_user']->img('icon_post_latest', 'VIEW_LATEST_POST'), 'PAGINATION' => $pagination['formated'], 'PAGINATION_ARRAY' => $pagination['array'], 'POSTED_AT' => $_CLASS['core_user']->format_date($row['topic_time']), 'TOPIC_FOLDER_IMG' => $_CLASS['core_user']->img($folder_img, $folder_alt), 'ATTACH_ICON_IMG' => $_CLASS['auth']->acl_gets('f_download', 'u_download', $forum_id) && $row['topic_attachment'] ? $_CLASS['core_user']->img('icon_attach', '') : '', 'U_VIEW_TOPIC' => generate_link($view_topic_url), 'U_VIEW_FORUM' => generate_link('Forums&file=viewforum&f=' . $forum_id), 'U_LAST_POST' => generate_link($view_topic_url . '&p=' . $row['topic_last_post_id'] . '#' . $row['topic_last_post_id']), 'U_LAST_POST_AUTHOR' => $row['topic_last_poster_id'] != ANONYMOUS ? generate_link('Members_List&mode=viewprofile&u=' . $row['topic_last_poster_id']) : '', 'U_MOVE_UP' => $row['order_id'] != 1 ? generate_link("Control_Panel&i=main&mode=bookmarks&move_up={$row['order_id']}") : '', 'U_MOVE_DOWN' => $row['order_id'] != $max_order_id ? generate_link("Control_Panel&i=main&mode=bookmarks&move_down={$row['order_id']}") : ''));
} while ($row = $_CLASS['core_db']->fetch_row_assoc($result));
$_CLASS['core_db']->free_result($result);
$_CLASS['core_template']->assign_array(array('S_BOOKMARKS' => $bookmarks, 'S_BOOKMARKS_DISABLED' => false));
break;
case 'drafts':
global $ucp;
$pm_drafts = $ucp->name == 'pm' ? true : false;
$_CLASS['core_user']->add_lang('posting', 'Forums');
$edit = isset($_REQUEST['edit']) ? true : false;
$submit = isset($_POST['submit']) ? true : false;
$draft_id = $edit ? intval($_REQUEST['edit']) : 0;
$delete = isset($_POST['delete']) ? true : false;
$s_hidden_fields = $edit ? '<input type="hidden" name="edit" value="' . $draft_id . '" />' : '';
$draft_subject = $draft_message = '';
if ($delete) {
$drafts = isset($_POST['d']) ? implode(', ', array_map('intval', array_keys($_POST['d']))) : '';
if ($drafts) {
$sql = 'DELETE FROM ' . FORUMS_DRAFTS_TABLE . "\n\t\t\t\t\t\t\tWHERE draft_id IN ({$drafts}) \n\t\t\t\t\t\t\t\tAND user_id = " . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
$message = $_CLASS['core_user']->lang['DRAFTS_DELETED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . generate_link("Control_Panel&i={$id}&mode={$mode}") . '">', '</a>');
$_CLASS['core_display']->meta_refresh(3, generate_link("Control_Panel&i={$id}&mode={$mode}"));
trigger_error($message);
}
}
if ($submit && $edit) {
$draft_subject = preg_replace('#&(\\#[0-9]+;)#', '&\\1', request_var('subject', ''));
$draft_message = isset($_POST['message']) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\\0', '\\'), $_POST['message']))) : '';
$draft_message = preg_replace('#&(\\#[0-9]+;)#', '&\\1', $draft_message);
if ($draft_message && $draft_subject) {
$draft_row = array('draft_subject' => $draft_subject, 'draft_message' => $draft_message);
$sql = 'UPDATE ' . FORUMS_DRAFTS_TABLE . '
SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $draft_row) . " \n\t\t\t\t\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\t\t\t\t\tAND user_id = " . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
$message = $_CLASS['core_user']->lang['DRAFT_UPDATED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . generate_link("Control_Panel&i={$id}&mode={$mode}") . '">', '</a>');
$_CLASS['core_display']->meta_refresh(3, generate_link("Control_Panel&i={$id}&mode={$mode}"));
trigger_error($message);
} else {
$_CLASS['core_template']->assign('ERROR', $draft_message == '' ? $_CLASS['core_user']->lang['EMPTY_DRAFT'] : ($draft_subject == '' ? $_CLASS['core_user']->lang['EMPTY_DRAFT_TITLE'] : ''));
}
}
if (!$pm_drafts) {
$sql = 'SELECT d.*, f.forum_name
FROM ' . FORUMS_DRAFTS_TABLE . ' d, ' . FORUMS_FORUMS_TABLE . ' f
WHERE d.user_id = ' . $_CLASS['core_user']->data['user_id'] . ' ' . ($edit ? "AND d.draft_id = {$draft_id}" : '') . '
AND f.forum_id = d.forum_id
ORDER BY d.save_time DESC';
} else {
$sql = 'SELECT * FROM ' . FORUMS_DRAFTS_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . ' ' . ($edit ? "AND draft_id = {$draft_id}" : '') . '
AND forum_id = 0
AND topic_id = 0
ORDER BY save_time DESC';
}
$result = $_CLASS['core_db']->query($sql);
$draftrows = $topic_ids = array();
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
if ($row['topic_id']) {
$topic_ids[] = (int) $row['topic_id'];
}
$draftrows[] = $row;
}
$_CLASS['core_db']->free_result($result);
if (sizeof($topic_ids)) {
$sql = 'SELECT topic_id, forum_id, topic_title
FROM ' . FORUMS_TOPICS_TABLE . '
WHERE topic_id IN (' . implode(',', array_unique($topic_ids)) . ')';
$result = $_CLASS['core_db']->query($sql);
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$topic_rows[$row['topic_id']] = $row;
}
$_CLASS['core_db']->free_result($result);
}
unset($topic_ids);
$_CLASS['core_template']->assign('S_EDIT_DRAFT', $edit);
foreach ($draftrows as $draft) {
$link_topic = $link_forum = $link_pm = false;
$insert_url = $view_url = $title = '';
if ($pm_drafts) {
$link_pm = true;
$insert_url = generate_link("Control_Panel&i={$id}&mode=compose&d=" . $draft['draft_id']);
} else {
if (isset($topic_rows[$draft['topic_id']]) && $_CLASS['auth']->acl_get('f_read', $topic_rows[$draft['topic_id']]['forum_id'])) {
$link_topic = true;
$view_url = generate_link('Forums&file=viewtopic&f=' . $topic_rows[$draft['topic_id']]['forum_id'] . "&t=" . $draft['topic_id']);
$title = $topic_rows[$draft['topic_id']]['topic_title'];
$insert_url = generate_link('Forums&file=posting&f=' . $topic_rows[$draft['topic_id']]['forum_id'] . '&t=' . $draft['topic_id'] . '&mode=reply&d=' . $draft['draft_id']);
} else {
if ($_CLASS['auth']->acl_get('f_read', $draft['forum_id'])) {
$link_forum = true;
$view_url = generate_link('Forums&file=viewforum&f=' . $draft['forum_id']);
$title = $draft['forum_name'];
$insert_url = generate_link('Forums&file=posting&f=' . $draft['forum_id'] . '&mode=post&d=' . $draft['draft_id']);
}
}
}
$template_row = array('DATE' => $_CLASS['core_user']->format_date($draft['save_time']), 'DRAFT_MESSAGE' => $submit ? $draft_message : $draft['draft_message'], 'DRAFT_SUBJECT' => $submit ? $draft_subject : $draft['draft_subject'], 'TITLE' => $title, 'DRAFT_ID' => $draft['draft_id'], 'FORUM_ID' => $draft['forum_id'], 'TOPIC_ID' => $draft['topic_id'], 'U_VIEW' => $view_url, 'U_VIEW_EDIT' => generate_link("Control_Panel&i={$id}&mode={$mode}&edit=" . $draft['draft_id']), 'U_INSERT' => $insert_url, 'S_LINK_TOPIC' => $link_topic, 'S_LINK_FORUM' => $link_forum, 'S_LINK_PM' => $link_pm, 'S_HIDDEN_FIELDS' => $s_hidden_fields);
$edit ? $_CLASS['core_template']->assign_array($template_row) : $_CLASS['core_template']->assign_vars_array('draftrow', $template_row);
}
break;
}
$_CLASS['core_template']->assign_array(array('L_TITLE' => $_CLASS['core_user']->lang['UCP_MAIN_' . strtoupper($mode)], 'S_DISPLAY_MARK_ALL' => $mode == 'watched' || $mode == 'drafts' && !isset($_GET['edit']) ? true : false, 'S_HIDDEN_FIELDS' => isset($s_hidden_fields) ? $s_hidden_fields : '', 'S_DISPLAY_FORM' => true, 'S_UCP_ACTION' => generate_link("Control_Panel&i={$id}&mode={$mode}")));
$this->display($_CLASS['core_user']->lang['UCP_MAIN'], 'ucp_main_' . $mode . '.html');
}
/**
* Disapprove Post/Topic
*/
function disapprove_post($post_id_list, $mode)
{
global $_CLASS, $_CORE_CONFIG, $config;
$forum_id = request_var('f', 0);
if (!check_ids($post_id_list, FORUMS_POSTS_TABLE, 'post_id', 'm_approve')) {
trigger_error('NOT_AUTHORIZED');
}
$redirect = request_var('redirect', $_CLASS['core_user']->data['session_page']);
$reason = request_var('reason', '', true);
$reason_id = request_var('reason_id', 0);
$success_msg = $additional_msg = '';
$s_hidden_fields = build_hidden_fields(array('i' => 'queue', 'f' => $forum_id, 'mode' => $mode, 'post_id_list' => $post_id_list, 'mode' => 'disapprove', 'redirect' => $redirect));
$notify_poster = isset($_REQUEST['notify_poster']);
$disapprove_reason = '';
if ($reason_id) {
$sql = 'SELECT reason_title, reason_description
FROM ' . FORUMS_REPORTS_REASONS_TABLE . " \n\t\t\tWHERE reason_id = {$reason_id}";
$result = $_CLASS['core_db']->query($sql);
$row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$row || !$reason && $row['reason_name'] === 'other') {
$additional_msg = $_CLASS['core_user']->lang['NO_REASON_DISAPPROVAL'];
unset($_POST['confirm']);
} else {
$disapprove_reason = $row['reason_title'] != 'other' ? isset($_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]) ? $_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description'] : '';
$disapprove_reason .= $reason ? "\n\n" . $reason : '';
unset($reason);
}
}
require_once SITE_FILE_ROOT . 'includes/forums/functions_display.php';
$reason = display_reasons($reason_id);
$_CLASS['core_template']->assign_array(array('S_NOTIFY_POSTER' => true, 'S_APPROVE' => false, 'REASON' => $reason, 'ADDITIONAL_MSG' => $additional_msg));
if (display_confirmation($_CLASS['core_user']->get_lang('DISAPPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S')), $s_hidden_fields, 'modules/forums/mcp_approve.html')) {
$post_info = get_post_data($post_id_list, 'm_approve');
// If Topic -> forum_topics_real -= 1
// If Post -> topic_replies_real -= 1
$forum_topics_real = 0;
$topic_replies_real_sql = $post_disapprove_sql = $topic_id_list = array();
foreach ($post_info as $post_id => $post_data) {
$topic_id_list[$post_data['topic_id']] = 1;
// Topic or Post. ;)
if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_last_post_id'] == $post_id) {
if ($post_data['forum_id']) {
$forum_topics_real++;
}
} else {
if (!isset($topic_replies_real_sql[$post_data['topic_id']])) {
$topic_replies_real_sql[$post_data['topic_id']] = 1;
} else {
$topic_replies_real_sql[$post_data['topic_id']]++;
}
}
$post_disapprove_sql[] = $post_id;
}
if ($forum_topics_real) {
$sql = 'UPDATE ' . FORUMS_FORUMS_TABLE . "\n\t\t\t\tSET forum_topics_real = forum_topics_real - {$forum_topics_real}\n\t\t\t\tWHERE forum_id = {$forum_id}";
$_CLASS['core_db']->query($sql);
}
if (!empty($topic_replies_real_sql)) {
foreach ($topic_replies_real_sql as $topic_id => $num_replies) {
$sql = 'UPDATE ' . FORUMS_TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies_real = topic_replies_real - {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}";
$_CLASS['core_db']->query($sql);
}
}
if (sizeof($post_disapprove_sql)) {
if (!function_exists('delete_posts')) {
require_once SITE_FILE_ROOT . 'includes/forums/functions_admin.php';
}
// We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts
delete_posts('post_id', $post_disapprove_sql);
}
unset($post_disapprove_sql, $topic_replies_real_sql);
update_post_information('topic', array_keys($topic_id_list));
update_post_information('forum', $forum_id);
unset($topic_id_list);
// Notify Poster?
if ($notify_poster) {
require_once SITE_FILE_ROOT . 'includes/mailer.php';
$mailer = new core_mailer();
foreach ($post_info as $post_id => $post_data) {
if ($post_data['poster_id'] == ANONYMOUS) {
continue;
}
$post_data['post_subject'] = censor_text($post_data['post_subject'], true);
$post_data['topic_title'] = censor_text($post_data['topic_title'], true);
if ($post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id']) {
$email_template = 'topic_disapproved.txt';
$subject = 'Topic Disapproved - ' . $post_data['topic_title'];
} else {
$email_template = 'post_disapproved.txt';
$subject = 'Post Disapproved - ' . $post_data['post_subject'];
}
$mailer->to($post_data['user_email'], $post_data['username']);
//$mailer->reply_to($_CORE_CONFIG['email']['site_email']);
$mailer->subject($subject);
//$messenger->im($post_data['user_jabber'], $post_data['username']);
$_CLASS['core_template']->assign_array(array('SITENAME' => $_CORE_CONFIG['global']['site_name'], 'USERNAME' => $post_data['username'], 'REASON' => stripslashes($disapprove_reason), 'POST_SUBJECT' => $post_data['post_subject'], 'TOPIC_TITLE' => $post_data['topic_title']));
$mailer->message = trim($_CLASS['core_template']->display('email/forums/' . $email_template, true));
$mailer->send();
}
}
unset($post_info, $disapprove_reason);
if ($forum_topics_real) {
$success_msg = $forum_topics_real == 1 ? 'TOPIC_DISAPPROVED_SUCCESS' : 'TOPICS_DISAPPROVED_SUCCESS';
} else {
$success_msg = sizeof($post_id_list) == 1 ? 'POST_DISAPPROVED_SUCCESS' : 'POSTS_DISAPPROVED_SUCCESS';
}
}
$redirect = request_var('redirect', generate_link('forums'));
if (!$success_msg) {
redirect($redirect);
} else {
$_CLASS['core_display']->meta_refresh(3, generate_link("forums&file=viewforum&f={$forum_id}"));
trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FORUM'], '<a href="' . generate_link('forums&file=viewforum&f=' . $forum_id) . '">', '</a>'));
}
}
|| Site: http://www.viperal.com ||
|| ||
||**************************************************************||
|| LICENSE: ( http://www.gnu.org/licenses/gpl.txt ) ||
||**************************************************************||
|| Viperal CMS is released under the terms and conditions ||
|| of the GNU General Public License version 2 ||
|| ||
||**************************************************************||
$Id$
*/
if (VIPERAL !== 'Admin') {
die;
}
if (isset($_REQUEST['user_mode']) && $_CLASS['core_auth']->admin_power('users') && display_confirmation()) {
require_once SITE_FILE_ROOT . 'includes/functions_user.php';
$user_id = get_variable('id', 'REQUEST', false, 'integer');
if ($user_id) {
switch ($_REQUEST['user_mode']) {
case 'remove':
user_delete($user_id);
break;
case 'activate':
user_activate($user_id);
break;
}
}
}
if (is_null($cms_news = $_CLASS['core_cache']->get('cms_news'))) {
$cms_news = array();
break;
}
switch ($_REQUEST['option']) {
case 'activate':
if ($row['user_status'] != STATUS_ACTIVE) {
echo 'test';
user_activate($id);
}
break;
case 'deactivate':
if ($row['user_id'] != $_CLASS['core_user']->data['user_id'] && $row['user_status'] == STATUS_ACTIVE) {
user_disable($id);
}
break;
case 'delete':
if ($row['user_id'] != $_CLASS['core_user']->data['user_id'] && display_confirmation()) {
user_delete($id);
trigger_error('BOT_DELETED');
}
break;
}
}
$start = get_variable('start', 'GET', 0, 'integer');
$limit = 20;
$sql = 'SELECT user_id, username, user_status, user_last_visit
FROM ' . CORE_USERS_TABLE . '
WHERE user_type = ' . USER_NORMAL . ' ORDER BY username DESC';
$result = $_CLASS['core_db']->query_limit($sql, $limit, $start);
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$_CLASS['core_template']->assign_vars_array('admin_bots', array('ACTIVE' => $row['user_status'] == STATUS_ACTIVE, 'NAME' => $row['username'], 'LINK_DELETE' => $row['user_id'] != $_CLASS['core_user']->data['user_id'] ? generate_link('users&mode=user&option=delete&id=' . $row['user_id'], array('admin' => true)) : false, 'LINK_STATUS' => $row['user_id'] != $_CLASS['core_user']->data['user_id'] ? generate_link('users&mode=user&option=' . ($row['user_status'] == STATUS_ACTIVE ? 'deactivate' : 'activate') . '&id=' . $row['user_id'], array('admin' => true)) : false, 'LINK_EDIT' => generate_link('users&mode=user&options=edit&id=' . $row['user_id'], array('admin' => true)), 'LAST_VISIT' => $row['user_last_visit'] ? $_CLASS['core_user']->format_date($row['user_last_visit']) : $_CLASS['core_user']->lang['BOT_NEVER'], 'L_STATUS' => $row['user_status'] == STATUS_ACTIVE ? $_CLASS['core_user']->lang['DEACTIVATE'] : $_CLASS['core_user']->lang['ACTIVATE']));
}
function handle_mark_actions($user_id, $mark_action, $msg_ids, $cur_folder_id)
{
global $_CLASS;
if (empty($msg_ids)) {
return;
}
switch ($mark_action) {
case 'mark_important':
$mark_list = array();
$sql = 'SELECT msg_id, marked FROM ' . FORUMS_PRIVMSGS_TO_TABLE . "\n\t\t\t\tWHERE folder_id = {$cur_folder_id}\n\t\t\t\t\tAND user_id = {$user_id}\n\t\t\t\t\tAND msg_id IN (" . implode(', ', $msg_ids) . ')';
$result = $_CLASS['core_db']->query($sql);
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$row['marked'] = $row['marked'] ? 0 : 1;
$mark_list[$row['marked']][] = $row['msg_id'];
}
$_CLASS['core_db']->free_result($result);
if (empty($mark_list)) {
break;
}
$_CLASS['core_db']->transaction();
foreach ($mark_list as $mark => $ids) {
$sql = 'UPDATE ' . FORUMS_PRIVMSGS_TO_TABLE . "\n\t\t\t\t\tSET marked = {$mark}\n\t\t\t\t\tWHERE msg_id IN (" . implode(', ', $ids) . ')';
$_CLASS['core_db']->query($sql);
}
$_CLASS['core_db']->transaction('commit');
break;
case 'delete_marked':
$hidden_fields = array('marked_msg_id' => $msg_ids, 'cur_folder_id' => $cur_folder_id, 'mark_option' => 'delete_marked', 'submit_mark' => true);
if (display_confirmation($_CLASS['core_user']->get_lang('DELETE_MARKED_PM'), generate_hidden_fields($hidden_fields))) {
$_CLASS['core_db']->transaction();
delete_pm($user_id, $msg_ids, $cur_folder_id);
$_CLASS['core_db']->transaction('commit');
$success_msg = count($msg_ids) === 1 ? 'MESSAGE_DELETED' : 'MESSAGES_DELETED';
$redirect = generate_link('Control_Panel&i=pm&folder=' . $cur_folder_id);
$_CLASS['core_display']->meta_refresh(3, $redirect);
trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FOLDER'], '<a href="' . $redirect . '">', '</a>'));
}
break;
/*
case 'export_as_xml':
case 'export_as_csv':
case 'export_as_txt':
$export_as = str_replace('export_as_', '', $mark_action);
break;
*/
/*
case 'export_as_xml':
case 'export_as_csv':
case 'export_as_txt':
$export_as = str_replace('export_as_', '', $mark_action);
break;
*/
default:
return false;
break;
}
return true;
}
function mcp_fork_topic($topic_ids)
{
global $_CLASS, $config;
if (!check_ids($topic_ids, FORUMS_TOPICS_TABLE, 'topic_id', 'm_')) {
return;
}
$redirect = get_variable('redirect', 'POST', $_CLASS['core_user']->data['session_url']);
$to_forum_id = get_variable('to_forum_id', 'POST', 0, 'int');
$additional_msg = $success_msg = '';
if ($to_forum_id) {
$forum_data = get_forum_data($to_forum_id, 'm_');
if (empty($forum_data[$to_forum_id])) {
$additional_msg = $_CLASS['core_user']->lang['FORUM_NOT_EXIST'];
} else {
$forum_data = $forum_data[$to_forum_id];
if ($forum_data['forum_type'] != FORUM_POST) {
$additional_msg = $_CLASS['core_user']->lang['FORUM_NOT_POSTABLE'];
} elseif (!$_CLASS['auth']->acl_get('f_post', $to_forum_id)) {
$additional_msg = $_CLASS['core_user']->lang['USER_CANNOT_POST'];
}
}
}
if (!$to_forum_id || $additional_msg) {
unset($_POST['confirm']);
}
$hidden_fields = generate_hidden_fields(array('topic_id_list' => $topic_ids, 'mode' => 'fork', 'redirect' => $redirect));
$_CLASS['core_template']->assign_array(array('S_FORUM_SELECT' => make_forum_select($to_forum_id, false, false, true, true), 'S_CAN_LEAVE_SHADOW' => false, 'ADDITIONAL_MSG' => $additional_msg));
$message = $_CLASS['core_user']->get_lang('FORK_TOPIC' . (count($topic_ids) === 1 ? '' : 'S'));
page_header();
if (display_confirmation($message, $hidden_fields, 'modules/Forums/mcp_move.html')) {
$topic_data = get_topic_data($topic_ids);
$total_posts = 0;
$new_topic_id_list = $new_topic_forum_name_list = $insert_array = array();
$_CLASS['core_db']->transaction();
foreach ($topic_data as $topic_id => $topic_row) {
// just change $row values for forum_id, topic_reported;
// get_topic_data gets some unneeded stuff, remove it so we can just use $row
$sql_ary = array('forum_id' => (int) $to_forum_id, 'icon_id' => (int) $topic_row['icon_id'], 'topic_attachment' => (int) $topic_row['topic_attachment'], 'topic_approved' => 1, 'topic_reported' => 0, 'topic_title' => (string) $topic_row['topic_title'], 'topic_poster' => (int) $topic_row['topic_poster'], 'topic_time' => (int) $topic_row['topic_time'], 'topic_replies' => (int) $topic_row['topic_replies_real'], 'topic_replies_real' => (int) $topic_row['topic_replies_real'], 'topic_status' => (int) $topic_row['topic_status'], 'topic_type' => (int) $topic_row['topic_type'], 'topic_first_poster_name' => (string) $topic_row['topic_first_poster_name'], 'topic_last_poster_id' => (int) $topic_row['topic_last_poster_id'], 'topic_last_poster_name' => (string) $topic_row['topic_last_poster_name'], 'topic_last_post_time' => (int) $topic_row['topic_last_post_time'], 'topic_last_view_time' => (int) $topic_row['topic_last_view_time'], 'topic_bumped' => (int) $topic_row['topic_bumped'], 'topic_bumper' => (int) $topic_row['topic_bumper'], 'topic_views' => 0, 'poll_title' => (string) $topic_row['poll_title'], 'poll_start' => (int) $topic_row['poll_start'], 'poll_length' => (int) $topic_row['poll_length']);
$_CLASS['core_db']->sql_query_build('INSERT', $sql_ary, FORUMS_TOPICS_TABLE);
unset($sql_ary);
$new_topic_id = $_CLASS['core_db']->insert_id(FORUMS_TOPICS_TABLE, 'topic_id');
$new_topic_id_list[$topic_id] = $new_topic_id;
$new_topic_forum_name_list[$topic_id] = $topic_row['forum_name'];
if ($topic_row['poll_start']) {
$poll_rows = array();
$sql = 'SELECT *
FROM ' . FORUMS_POLL_OPTIONS_TABLE . " \n\t\t\t\t\tWHERE topic_id = {$topic_id}";
$result = $_CLASS['core_db']->query($sql);
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$insert_array[FORUMS_POLL_OPTIONS_TABLE][] = array('poll_option_id' => (int) $row['poll_option_id'], 'topic_id' => (int) $new_topic_id, 'poll_option_text' => (string) $row['poll_option_text'], 'poll_option_total' => 0);
}
$_CLASS['core_db']->free_result($result);
}
unset($topic_data[$topic_id]);
$sql = 'SELECT *
FROM ' . FORUMS_POSTS_TABLE . "\n\t\t\t\tWHERE topic_id = {$topic_id}\n\t\t\t\tORDER BY post_id ASC";
$result = $_CLASS['core_db']->query($sql);
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$total_posts++;
$insert_array[FORUMS_POSTS_TABLE][] = array('topic_id' => (int) $new_topic_id, 'forum_id' => (int) $to_forum_id, 'poster_id' => (int) $row['poster_id'], 'icon_id' => (int) $row['icon_id'], 'poster_ip' => (string) $row['poster_ip'], 'post_time' => (int) $row['post_time'], 'post_approved' => 1, 'post_reported' => 0, 'enable_bbcode' => (int) $row['enable_bbcode'], 'enable_html' => (int) $row['enable_html'], 'enable_smilies' => (int) $row['enable_smilies'], 'enable_magic_url' => (int) $row['enable_magic_url'], 'enable_sig' => (int) $row['enable_sig'], 'post_username' => (string) $row['post_username'], 'post_subject' => (string) $row['post_subject'], 'post_text' => (string) $row['post_text'], 'post_edit_reason' => (string) $row['post_edit_reason'], 'post_edit_user' => (int) $row['post_edit_user'], 'post_checksum' => (string) $row['post_checksum'], 'post_attachment' => (int) $row['post_attachment'], 'bbcode_bitfield' => (int) $row['bbcode_bitfield'], 'bbcode_uid' => (string) $row['bbcode_uid'], 'post_edit_time' => (int) $row['post_edit_time'], 'post_edit_count' => (int) $row['post_edit_count'], 'post_edit_locked' => (int) $row['post_edit_locked']);
// Copy Attachments
if ($row['post_attachment']) {
$_CLASS['core_db']->query('INSERT INTO ' . FORUMS_POSTS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', array_pop($insert_array[FORUMS_POSTS_TABLE])));
$new_post_id = $_CLASS['core_db']->insert_id(FORUMS_POSTS_TABLE, 'post_id');
$sql = 'SELECT * FROM ' . FORUMS_ATTACHMENTS_TABLE . "\n\t\t\t\t\t\tWHERE post_msg_id = {$row['post_id']}\n\t\t\t\t\t\t\tAND topic_id = {$topic_id}\n\t\t\t\t\t\t\tAND in_message = 0";
$result = $_CLASS['core_db']->query($sql);
while ($attach_row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$insert_array[FORUMS_ATTACHMENTS_TABLE][] = array('post_msg_id' => (int) $new_post_id, 'topic_id' => (int) $new_topic_id, 'in_message' => 0, 'poster_id' => (int) $attach_row['poster_id'], 'physical_filename' => (string) basename($attach_row['physical_filename']), 'real_filename' => (string) basename($attach_row['real_filename']), 'download_count' => (int) $attach_row['download_count'], 'attach_comment' => (string) $attach_row['attach_comment'], 'extension' => (string) $attach_row['extension'], 'mimetype' => (string) $attach_row['mimetype'], 'filesize' => (int) $attach_row['filesize'], 'filetime' => (int) $attach_row['filetime'], 'thumbnail' => (int) $attach_row['thumbnail']);
}
$_CLASS['core_db']->free_result($result);
}
}
$_CLASS['core_db']->free_result($result);
}
unset($topic_data);
$_CLASS['core_db']->transaction('commit');
if (!empty($new_topic_id_list)) {
if (!empty($insert_array[FORUMS_POLL_OPTIONS_TABLE])) {
$_CLASS['core_db']->sql_query_build('MULTI_INSERT', $insert_array[FORUMS_POLL_OPTIONS_TABLE], FORUMS_POLL_OPTIONS_TABLE);
}
if (!empty($insert_array[FORUMS_POSTS_TABLE])) {
$_CLASS['core_db']->sql_query_build('MULTI_INSERT', $insert_array[FORUMS_POSTS_TABLE], FORUMS_POSTS_TABLE);
}
if (!empty($insert_array[FORUMS_ATTACHMENTS_TABLE])) {
$_CLASS['core_db']->sql_query_build('MULTI_INSERT', $insert_array[FORUMS_ATTACHMENTS_TABLE], FORUMS_ATTACHMENTS_TABLE);
}
unset($insert_array);
// Sync new topics, parent forums and board stats
sync('topic', 'topic_id', $new_topic_id_list, true);
sync('forum', 'forum_id', $to_forum_id, true);
set_config('num_topics', $config['num_topics'] + count($new_topic_id_list));
set_config('num_posts', $config['num_posts'] + $total_posts);
foreach ($new_topic_id_list as $topic_id => $new_topic_id) {
add_log('mod', $to_forum_id, $new_topic_id, 'LOG_FORK', $new_topic_forum_name_list[$topic_id]['forum_name']);
}
$success_msg = count($topic_ids) === 1 ? 'TOPIC_FORKED_SUCCESS' : 'TOPICS_FORKED_SUCCESS';
}
}
$redirect = generate_link($redirect);
if (!$success_msg) {
redirect($redirect);
} else {
$_CLASS['core_display']->meta_refresh(3, generate_link('forums&file=viewforum&f=' . $to_forum_id));
$return_link = sprintf($_CLASS['core_user']->lang['RETURN_NEW_FORUM'], '<a href="' . $redirect . '">', '</a>');
trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . $return_link);
}
}
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
//
// * Use this for ACP integration - changeable user id
//
global $_CLASS, $config, $site_file_root;
$start = get_variable('start', 'REQUEST', 0, 'int');
$delete = isset($_POST['delete']);
$confirm = isset($_POST['confirm']);
// change this
$delete_ids = array_unique(get_variable('attachment', 'POST', array(), 'array:int'));
if (!empty($delete_ids)) {
$hidden_fields['delete'] = 1;
$hidden_fields['attachment'] = $delete_ids;
if (display_confirmation($_CLASS['core_user']->get_lang(count($delete_ids) == 1 ? 'DELETE_ATTACHMENT' : 'DELETE_ATTACHMENTS'), generate_hidden_fields($hidden_fields))) {
require_once $site_file_root . 'includes/forums/functions_admin.php';
require_once $site_file_root . 'includes/forums/functions.php';
$_CLASS['core_db']->transaction();
delete_attachments('attach', $delete_ids);
$_CLASS['core_db']->transaction('commit');
$return_link = generate_link($this->link_parent);
$_CLASS['core_display']->meta_refresh(3, $return_link);
$message = (count($delete_ids) === 1 ? $_CLASS['core_user']->lang['ATTACHMENT_DELETED'] : $_CLASS['core_user']->lang['ATTACHMENTS_DELETED']) . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $return_link . '">', '</a>');
trigger_error($message);
}
}
$sort_key = get_variable('sk', 'REQUEST', 'a');
$sort_dir = get_variable('sd', 'REQUEST', 'a');
// Select box eventually
$sort_key_text = array('a' => $_CLASS['core_user']->lang['SORT_FILENAME'], 'b' => $_CLASS['core_user']->lang['SORT_COMMENT'], 'c' => $_CLASS['core_user']->lang['SORT_EXTENSION'], 'd' => $_CLASS['core_user']->lang['SORT_SIZE'], 'e' => $_CLASS['core_user']->lang['SORT_DOWNLOADS'], 'f' => $_CLASS['core_user']->lang['SORT_POST_TIME'], 'g' => $_CLASS['core_user']->lang['SORT_TOPIC_TITLE']);
function split_topic($action, $post_id_list, $topic_id, $to_forum_id, $subject)
{
global $_CLASS;
$start = get_variable('start', 'REQUEST', false, 'int');
if (empty($post_id_list) || !check_ids($post_id_list, FORUMS_POSTS_TABLE, 'post_id', 'm_split')) {
return 'NO_POST_SELECTED';
}
$post_id = $post_id_list[0];
$post_info = get_post_data(array($post_id));
if (empty($post_info)) {
return 'NO_POST_SELECTED';
}
$post_info = $post_info[$post_id];
$subject = trim($subject);
if (!$subject) {
return 'EMPTY_SUBJECT';
}
if ($to_forum_id <= 0) {
return 'NO_DESTINATION_FORUM';
}
$forum_info = get_forum_data(array($to_forum_id), 'm_split');
if (empty($forum_info[$to_forum_id])) {
return 'NOT_MODERATOR_DESTINATION';
}
$forum_info = $forum_info[$to_forum_id];
if ($forum_info['forum_type'] != FORUM_POST) {
return 'DESTINATION_FORUM_NOT_POSTABLE';
}
$redirect = get_variable('redirect', 'POST', $_CLASS['core_user']->data['session_url']);
$hidden_fields = build_hidden_fields(array('post_id_list' => $post_id_list, 'mode' => 'topic_view', 'start' => $start, 'action' => $action, 't' => $topic_id, 'redirect' => $redirect, 'subject' => $subject, 'to_forum_id' => $to_forum_id, 'icon' => get_variable('icon', 'REQUEST', false, 'int')));
$message = $action === 'split_all' ? 'SPLIT_TOPIC_ALL' : 'SPLIT_TOPIC_BEYOND';
if (display_confirmation($_CLASS['core_user']->get_lang($message), $hidden_fields)) {
if ($action === 'split_beyond') {
mcp_sorting('viewtopic', $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $post_info['forum_id'], $topic_id);
$limit_time_sql = $sort_days ? 'AND t.topic_last_post_time >= ' . ($_CLASS['core_user']->time - $sort_days * 86400) : '';
if ($sort_order_sql[0] == 'u') {
$sql = 'SELECT p.post_id
FROM ' . FORUMS_POSTS_TABLE . ' p, ' . CORE_USERS_TABLE . " u\n\t\t\t\t\tWHERE p.topic_id = {$topic_id}\n\t\t\t\t\t\tAND p.poster_id = u.user_id\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
} else {
$sql = 'SELECT p.post_id
FROM ' . FORUMS_POSTS_TABLE . " p\n\t\t\t\t\tWHERE p.topic_id = {$topic_id}\n\t\t\t\t\t\t{$limit_time_sql}\n\t\t\t\t\tORDER BY {$sort_order_sql}";
}
$result = $_CLASS['core_db']->query_limit($sql, 0, $start);
$store = false;
$post_id_list = array();
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
// Start to store post_ids as soon as we see the first post that was selected
if ($row['post_id'] === $post_id) {
$store = true;
}
if ($store) {
$post_id_list[] = $row['post_id'];
}
}
$_CLASS['core_db']->free_result($result);
}
if (empty($post_id_list)) {
trigger_error('NO_POST_SELECTED');
}
$icon_id = get_variable('icon', 'REQUEST', 0, 'int');
$_CLASS['core_db']->transaction();
$sql_ary = array('forum_id' => $to_forum_id, 'topic_title' => $subject, 'icon_id' => $icon_id, 'topic_approved' => 1, 'topic_poster' => $post_info['poster_id'], 'topic_first_poster_name' => $post_info['post_username'], 'topic_time' => $_CLASS['core_user']->time, 'topic_status' => ITEM_UNLOCKED, 'topic_type' => POST_NORMAL, 'topic_attachment' => 0, 'topic_replies_real' => 0, 'topic_replies' => 0, 'topic_views' => 0, 'topic_moved_id' => 0);
$_CLASS['core_db']->query('INSERT INTO ' . FORUMS_TOPICS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $sql_ary));
$to_topic_id = $_CLASS['core_db']->insert_id(FORUMS_TOPICS_TABLE, 'topic_id');
move_posts($post_id_list, $to_topic_id);
// Change topic title of first post
$sql = 'UPDATE ' . FORUMS_POSTS_TABLE . " \n\t\t\tSET post_subject = '" . $_CLASS['core_db']->escape($subject) . "'\n\t\t\tWHERE post_id = {$post_id_list[0]}";
$_CLASS['core_db']->query($sql);
$_CLASS['core_db']->transaction('commit');
$success_msg = 'TOPIC_SPLIT_SUCCESS';
// Link back to both topics
$return_link = sprintf($_CLASS['core_user']->lang['RETURN_TOPIC'], '<a href="' . generate_link('Forums&file=viewtopic&f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']) . '">', '</a>') . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_NEW_TOPIC'], '<a href="' . generate_link('Forums&file=viewtopic&f=' . $to_forum_id . '&t=' . $to_topic_id) . '">', '</a>');
}
$redirect = generate_link($redirect);
if (!$success_msg) {
return;
} else {
$_CLASS['core_display']->meta_refresh(3, generate_link("Forums&file=viewtopic&f={$to_forum_id}&t={$to_topic_id}"));
trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . $return_link);
}
}
function compose_pm($id, $mode, $action)
{
global $_CLASS, $config;
if (!$action) {
$action = 'post';
}
$_CLASS['core_template']->assign_array(array('S_DISPLAY_FORM' => false, 'S_DRAFT_LOADED' => false, 'S_SHOW_DRAFTS' => false, 'S_POST_REVIEW' => false, 'S_INLINE_ATTACHMENT_OPTIONS' => false, 'S_EDIT_REASON' => false, 'S_HAS_ATTACHMENTS' => false, 'to_recipient' => false, 'bcc_recipient' => false, 'S_DISPLAY_HISTORY' => false, 'S_DISPLAY_PREVIEW' => false, 'S_DELETE_ALLOWED' => false, 'S_SHOW_TOPIC_ICONS' => false));
// Grab only parameters needed here
$to_user_id = get_variable('u', 'REQUEST', 0);
$to_group_id = get_variable('g', 'REQUEST', 0);
$msg_id = get_variable('p', 'REQUEST', 0);
$draft_id = get_variable('d', 'REQUEST', 0);
$lastclick = get_variable('lastclick', 'REQUEST', 0);
$message_text = $subject = '';
// Do NOT use request_var or specialchars here
$address_list = isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array();
$submit = isset($_POST['post']);
$preview = isset($_POST['preview']);
$save = isset($_POST['save']);
$load = isset($_POST['load']);
$cancel = isset($_POST['cancel']) && !isset($_POST['save']);
$delete = isset($_POST['delete']);
$remove_u = isset($_REQUEST['remove_u']);
$remove_g = isset($_REQUEST['remove_g']);
$add_to = isset($_REQUEST['add_to']);
$add_bcc = isset($_REQUEST['add_bcc']);
$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc;
$action = $delete && !$preview && !$refresh && $submit ? 'delete' : $action;
$error = array();
// Was cancel pressed? If so then redirect to the appropriate page
if ($cancel || $_CLASS['core_user']->time - $lastclick < 2 && $submit) {
$redirect = generate_link("control_panel&i={$id}&mode=view&action=view_message" . ($msg_id ? "&p={$msg_id}" : ''));
redirect($redirect);
}
if ($action == 'edit' && !$_CLASS['forums_auth']->acl_get('u_pm_edit')) {
trigger_error('NO_AUTH_EDIT_MESSAGE');
}
$sql = '';
// What is all this following SQL for? Well, we need to know
// some basic information in all cases before we do anything.
switch ($action) {
case 'post':
if (!$_CLASS['forums_auth']->acl_get('u_sendpm')) {
trigger_error('NO_AUTH_SEND_MESSAGE');
}
break;
case 'reply':
case 'quote':
case 'forward':
case 'quotepost':
if (!$msg_id) {
trigger_error('NO_MESSAGE');
}
if (!$_CLASS['forums_auth']->acl_get('u_sendpm')) {
trigger_error('NO_AUTH_SEND_MESSAGE');
}
if ($action == 'quotepost') {
$sql = 'SELECT p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_html, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username
FROM ' . FORUMS_POSTS_TABLE . ' p, ' . FORUMS_TOPICS_TABLE . ' t, ' . CORE_USERS_TABLE . " u\n\t\t\t\t\tWHERE p.post_id = {$msg_id}\n\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\tAND u.user_id = p.poster_id";
} else {
$sql = 'SELECT t.*, p.*, u.username as quote_username
FROM ' . FORUMS_PRIVMSGS_TO_TABLE . ' t, ' . FORUMS_PRIVMSGS_TABLE . ' p, ' . CORE_USERS_TABLE . ' u
WHERE t.user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\tAND p.msg_id = {$msg_id}";
}
break;
case 'edit':
if (!$msg_id) {
trigger_error('NO_MESSAGE');
}
// check for outbox (not read) status, we do not allow editing if one user already having the message
$sql = 'SELECT p.*, t.*
FROM ' . FORUMS_PRIVMSGS_TO_TABLE . ' t, ' . FORUMS_PRIVMSGS_TABLE . ' p
WHERE t.user_id = ' . $_CLASS['core_user']->data['user_id'] . '
AND t.folder_id = ' . PRIVMSGS_OUTBOX . "\n\t\t\t\t\tAND t.msg_id = {$msg_id}\n\t\t\t\t\tAND t.msg_id = p.msg_id";
break;
case 'delete':
if (!$_CLASS['forums_auth']->acl_get('u_pm_delete')) {
trigger_error('NO_AUTH_DELETE_MESSAGE');
}
if (!$msg_id) {
trigger_error('NO_MESSAGE');
}
$sql = 'SELECT msg_id, pm_unread, pm_new, author_id, folder_id
FROM ' . FORUMS_PRIVMSGS_TO_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\tAND msg_id = {$msg_id}";
break;
case 'smilies':
require_once SITE_FILE_ROOT . 'includes/forums/functions_posting.php';
generate_smilies('window', 0);
script_close(false);
break;
default:
trigger_error('NO_ACTION_MODE');
break;
}
if ($sql) {
$result = $_CLASS['core_db']->query_limit($sql, 1);
$post = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$post) {
trigger_error('NO_MESSAGE');
}
$msg_id = (int) $post['msg_id'];
$folder_id = isset($post['folder_id']) ? $post['folder_id'] : 0;
$message_text = isset($post['message_text']) ? $post['message_text'] : '';
if ((!$post['author_id'] || $post['author_id'] == ANONYMOUS && $action !== 'delete') && $msg_id) {
trigger_error('NO_AUTHOR');
}
if ($action === 'quotepost') {
// Decode text for message display
decode_message($message_text, $post['bbcode_uid']);
}
if ($action !== 'delete') {
$enable_urls = $post['enable_magic_url'];
$enable_sig = isset($post['enable_sig']) ? $post['enable_sig'] : 0;
$message_attachment = isset($post['message_attachement']) ? $post['message_attachement'] : 0;
$message_subject = $post['message_subject'];
$message_time = $post['message_time'];
$bbcode_uid = $post['bbcode_uid'];
$quote_username = isset($post['quote_username']) ? $post['quote_username'] : '';
$icon_id = isset($post['icon_id']) ? $post['icon_id'] : 0;
if (($action === 'reply' || $action === 'quote' || $action === 'quotepost') && empty($address_list) && !$refresh && !$submit && !$preview) {
$address_list = array('u' => array($post['author_id'] => 'to'));
} elseif ($action === 'edit' && empty($address_list) && !$refresh && !$submit && !$preview) {
// Rebuild TO and BCC Header
$address_list = rebuild_header(array('to' => $post['to_address'], 'bcc' => $post['bcc_address']));
}
if ($action == 'quotepost') {
$check_value = 0;
} else {
$check_value = ($post['enable_bbcode'] + 1 << 8) + ($post['enable_smilies'] + 1 << 4) + ($enable_urls + 1 << 2) + ($post['enable_sig'] + 1 << 1);
}
}
} else {
$message_attachment = 0;
$message_text = $message_subject = '';
if ($to_user_id && $action === 'post') {
$address_list['u'][$to_user_id] = 'to';
} else {
if ($to_group_id && $action === 'post') {
$address_list['g'][$to_group_id] = 'to';
}
}
$check_value = 0;
}
if (($to_group_id || isset($address_list['g'])) && !$config['allow_mass_pm']) {
trigger_error('NO_AUTH_GROUP_MESSAGE');
}
if ($action === 'edit' && !$refresh && !$preview && !$submit) {
if (!($message_time > $_CLASS['core_user']->time - $config['pm_edit_time'] * 60 || !$config['pm_edit_time'])) {
trigger_error('CANNOT_EDIT_MESSAGE_TIME');
}
}
if (!isset($icon_id)) {
$icon_id = 0;
}
require_once SITE_FILE_ROOT . 'includes/forums/functions_admin.php';
require_once SITE_FILE_ROOT . 'includes/forums/functions_posting.php';
require_once SITE_FILE_ROOT . 'includes/forums/message_parser.php';
$message_parser = new parse_message();
$message_parser->message = $action == 'reply' ? '' : $message_text;
unset($message_text);
$s_action = "control_panel&i={$id}&mode={$mode}&action={$action}";
$s_action .= $msg_id ? "&p={$msg_id}" : '';
// Delete triggered ?
if ($action === 'delete') {
// Folder id has been determined by the SQL Statement
// $folder_id = request_var('f', PRIVMSGS_NO_BOX);
$s_hidden_fields = array('p' => $msg_id, 'f' => $folder_id, 'action' => 'delete');
if (display_confirmation('DELETE_MESSAGE', $s_hidden_fields)) {
delete_pm($_CLASS['core_user']->data['user_id'], $msg_id, $folder_id);
// TODO - jump to next message in "history"?
$meta_info = generate_link('control_panel&i=pm&folder=' . $folder_id);
$message = $_CLASS['core_user']->lang['MESSAGE_DELETED'];
$_CLASS['core_display']->meta_refresh(3, $meta_info);
$message .= '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
trigger_error($message);
}
}
// Handle User/Group adding/removing
handle_message_list_actions($address_list, $remove_u, $remove_g, $add_to, $add_bcc);
// Check for too many recipients
if (!$config['allow_mass_pm'] && num_recipients($address_list) > 1) {
$address_list = get_recipient_pos($address_list, 1);
$error[] = $_CLASS['core_user']->lang['TOO_MANY_RECIPIENTS'];
}
// Always check if the submitted attachment data is valid and belongs to the user.
// Further down (especially in submit_post()) we do not check this again.
$message_parser->get_submitted_attachment_data();
if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit') {
// Do not change to SELECT *
$sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename
FROM ' . FORUMS_ATTACHMENTS_TABLE . "\n\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\tAND in_message = 1\n\t\t\t\tAND is_orphan = 0\n\t\t\t\tORDER BY filetime " . (!$config['display_order'] ? 'DESC' : 'ASC');
$result = $_CLASS['core_db']->query($sql);
$message_parser->attachment_data = array_merge($message_parser->attachment_data, $_CLASS['core_db']->fetch_row_assocset($result));
$_CLASS['core_db']->free_result($result);
}
if (!in_array($action, array('quote', 'edit', 'delete', 'forward'))) {
$enable_sig = $config['allow_sig'] && $_CLASS['forums_auth']->acl_get('u_sig') && $_CLASS['core_user']->user_data_get('attachsig');
$enable_smilies = $config['allow_smilies'] && $_CLASS['forums_auth']->acl_get('u_pm_smilies') && $_CLASS['core_user']->user_data_get('smilies');
$enable_bbcode = $config['allow_bbcode'] && $_CLASS['forums_auth']->acl_get('u_pm_bbcode') && $_CLASS['core_user']->user_data_get('bbcode');
$enable_urls = true;
}
$enable_magic_url = $drafts = false;
// User own some drafts?
if ($_CLASS['forums_auth']->acl_get('u_savedrafts') && $action !== 'delete') {
$sql = 'SELECT draft_id
FROM ' . FORUMS_DRAFTS_TABLE . '
WHERE forum_id = 0
AND topic_id = 0
AND user_id = ' . $_CLASS['core_user']->data['user_id'] . ($draft_id ? " AND draft_id <> {$draft_id}" : '');
$result = $_CLASS['core_db']->query_limit($sql, 1);
if ($_CLASS['core_db']->fetch_row_assoc($result)) {
$drafts = true;
}
$_CLASS['core_db']->free_result($result);
}
if ($action == 'edit') {
$message_parser->bbcode_uid = $bbcode_uid;
}
$config['auth_bbcode_pm'] = true;
/*
$html_status = ($config['allow_html'] && $config['auth_html_pm'] && $_CLASS['forums_auth']->acl_get('u_pm_html'));
$bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $_CLASS['forums_auth']->acl_get('u_pm_bbcode'));
$smilies_status = ($config['allow_smilies'] && $config['auth_smilies_pm'] && $_CLASS['forums_auth']->acl_get('u_pm_smilies'));
$img_status = ($config['auth_img_pm'] && $_CLASS['forums_auth']->acl_get('u_pm_img'));
$flash_status = ($config['auth_flash_pm'] && $_CLASS['forums_auth']->acl_get('u_pm_flash'));
*/
$html_status = $config['allow_html'] && $config['auth_html_pm'] ? true : false;
$bbcode_status = $config['allow_bbcode'] && $config['auth_bbcode_pm'] ? true : false;
$smilies_status = $config['allow_smilies'] && $config['auth_smilies_pm'] ? true : false;
$img_status = $config['auth_img_pm'] ? true : false;
$flash_status = $config['auth_flash_pm'] ? true : false;
$url_status = $config['allow_post_links'] ? true : false;
// Save Draft
if ($save && $_CLASS['forums_auth']->acl_get('u_savedrafts')) {
$subject = request_var('subject', '', true);
$subject = !$subject && $action !== 'post' ? $_CLASS['core_user']->lang['NEW_MESSAGE'] : $subject;
$message = request_var('message', '', true);
if ($subject && $message) {
$s_hidden_fields = array('mode' => $mode, 'action' => $action, 'save' => true, 'subject' => $subject, 'message' => $message, 'u' => $to_user_id, 'g' => $to_group_id, 'p' => $msg_id);
if (display_confirmation('SAVE_DRAFT', $s_hidden_fields)) {
$sql = 'INSERT INTO ' . FORUMS_DRAFTS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', array('user_id' => $_CLASS['core_user']->data['user_id'], 'topic_id' => 0, 'forum_id' => 0, 'save_time' => $_CLASS['core_user']->time, 'draft_subject' => $subject, 'draft_message' => $message));
$_CLASS['core_db']->query($sql);
$_CLASS['core_display']->meta_refresh(3, generate_link('control_panel&i=pm&mode=' . $mode));
$message = $_CLASS['core_user']->lang['DRAFT_SAVED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . generate_link('control_panel&i=pm&mode=' . $mode) . '">', '</a>');
trigger_error($message);
}
}
unset($subject, $message);
}
// Load Draft
if ($draft_id && $_CLASS['forums_auth']->acl_get('u_savedrafts')) {
$sql = 'SELECT draft_subject, draft_message
FROM ' . FORUMS_DRAFTS_TABLE . " \n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND topic_id = 0\n\t\t\t\tAND forum_id = 0\n\t\t\t\tAND user_id = " . $_CLASS['core_user']->data['user_id'];
$result = $_CLASS['core_db']->query_limit($sql, 1);
$row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if ($row) {
$message_parser->message = $row['draft_message'];
$message_subject = $row['draft_subject'];
$_CLASS['core_template']->assign('S_DRAFT_LOADED', true);
} else {
$draft_id = 0;
}
}
// Load Drafts
if ($load && $drafts) {
load_drafts(0, 0, $id);
}
if ($submit || $preview || $refresh) {
$subject = mb_strtolower(get_variable('subject', 'POST', ''));
$message_parser->message = request_var('message', '', true);
$icon_id = request_var('icon', 0);
$enable_html = !$html_status || isset($_POST['disable_html']) ? false : true;
$enable_bbcode = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true;
$enable_smilies = !$smilies_status || isset($_POST['disable_smilies']) ? false : true;
$enable_urls = isset($_POST['disable_magic_url']) ? 0 : 1;
$enable_sig = !$config['allow_sig'] ? false : (isset($_POST['attach_sig']) ? true : false);
if ($submit) {
$status_switch = ($enable_bbcode + 1 << 8) + ($enable_smilies + 1 << 4) + ($enable_urls + 1 << 2) + ($enable_sig + 1 << 1);
$status_switch = $status_switch != $check_value;
} else {
$status_switch = 1;
}
// Parse Attachments - before checksum is calculated
$message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true);
// Parse message
$message_parser->parse(false, $enable_bbcode, $config['allow_post_links'] ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_sig_links']);
if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$_CLASS['forums_auth']->acl_get('u_ignoreflood')) {
// Flood check
$last_post_time = $_CLASS['core_user']->data['user_last_post_time'];
if ($last_post_time) {
if ($last_post_time && $_CLASS['core_user']->time - $last_post_time < intval($config['flood_interval'])) {
$error[] = $_CLASS['core_user']->lang['FLOOD_ERROR'];
}
}
}
// Subject defined
if (!$subject && !($remove_u || $remove_g || $add_to || $add_bcc)) {
$error[] = $_CLASS['core_user']->lang['EMPTY_SUBJECT'];
}
if (empty($address_list)) {
$error[] = $_CLASS['core_user']->lang['NO_RECIPIENT'];
}
if (!empty($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc)) {
$error[] = implode('<br />', $message_parser->warn_msg);
}
// Store message, sync counters
if (empty($error) && $submit) {
$pm_data = array('msg_id' => (int) $msg_id, 'from_user_id' => $_CLASS['core_user']->data['user_id'], 'from_user_ip' => $_CLASS['core_user']->data['user_ip'], 'from_username' => $_CLASS['core_user']->data['username'], 'reply_from_root_level' => isset($root_level) ? (int) $root_level : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_html' => (bool) $enable_html, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list);
unset($message_parser);
// ((!$message_subject) ? $subject : $message_subject)
$msg_id = submit_pm($action, $subject, $pm_data, true);
$return_message_url = generate_link('control_panel&i=pm&mode=view&p=' . $msg_id);
$return_folder_url = generate_link('control_panel&i=pm&folder=outbox');
$_CLASS['core_display']->meta_refresh(3, $return_message_url);
$message = $_CLASS['core_user']->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['VIEW_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>') . '<br /><br />' . sprintf($_CLASS['core_user']->lang['CLICK_RETURN_FOLDER'], '<a href="' . $return_folder_url . '">', '</a>', $_CLASS['core_user']->lang['PM_OUTBOX']);
trigger_error($message);
}
$message_subject = $subject;
}
if (empty($error) && $preview) {
$post_time = $action === 'edit' ? $post_time : $_CLASS['core_user']->time;
$preview_message = $message_parser->format_display($enable_html, $enable_bbcode, $enable_urls, $enable_smilies, false);
$preview_signature = $_CLASS['core_user']->data['user_sig'];
$preview_signature_uid = $_CLASS['core_user']->data['user_sig_bbcode_uid'];
$preview_signature_bitfield = $_CLASS['core_user']->data['user_sig_bbcode_bitfield'];
// Signature
if ($enable_sig && $config['allow_sig'] && $preview_signature) {
$parse_sig = new parse_message($preview_signature);
$parse_sig->bbcode_uid = $preview_signature_uid;
$parse_sig->bbcode_bitfield = $preview_signature_bitfield;
$parse_sig->format_display($enable_html, $enable_bbcode, $enable_urls, $enable_smilies);
$preview_signature = $parse_sig->message;
unset($parse_sig);
} else {
$preview_signature = '';
}
// Attachment Preview
if (!empty($message_parser->attachment_data)) {
require_once SITE_FILE_ROOT . 'includes/forums/functions_display.php';
$null = array();
$attachment_data = $message_parser->attachment_data;
$unset_attachments = parse_inline_attachments($preview_message, $attachment_data, $null, 0, true);
// Needed to let not display the inlined attachments at the end of the post again
foreach ($unset_attachments as $index) {
unset($attachment_data[$index]);
}
unset($unset_attachments);
if (!empty($attachment_data)) {
$_CLASS['core_template']->assign('S_HAS_ATTACHMENTS', true);
$_CLASS['core_template']->assign('attachment', display_attachments(0, $attachment_data, $null, true));
}
unset($attachment_data, $null);
}
$preview_subject = censor_text($subject);
$_CLASS['core_template']->assign_array(array('POST_DATE' => $_CLASS['core_user']->format_date($post_time), 'PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true));
unset($message_text, $preview_message, $preview_subject, $preview_signature, $preview_signature);
}
// Decode text for message display
$bbcode_uid = ($action === 'quote' || $action === 'forward') && !$preview && !$refresh && empty($error) ? $bbcode_uid : $message_parser->bbcode_uid;
$message_parser->decode_message($bbcode_uid);
if (($action === 'quote' || $action === 'quotepost') && !$preview && !$refresh) {
if ($action === 'quotepost') {
$post_id = request_var('p', 0);
if ($config['allow_post_links']) {
$message_link = "[url=" . generate_link("forums&file=viewtopic&p={$post_id}#p{$post_id}") . "]{$message_subject}[/url]\n\n";
} else {
$message_link = $_CLASS['core_user']->lang['SUBJECT'] . ': ' . $message_subject . " (" . generate_link("forums&file=viewtopic&p={$post_id}#p{$post_id}") . ")\n\n";
}
} else {
$message_link = '';
}
$message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
}
if (($action === 'reply' || $action === 'quote' || $action === 'quotepost') && !$preview && !$refresh) {
$message_subject = (!preg_match('/^Re:/', $message_subject) ? 'Re: ' : '') . censor_text($message_subject);
}
if ($action === 'forward' && !$preview && !$refresh) {
$fwd_to_field = write_pm_addresses(array('to' => $post['to_address']), 0, true);
if ($config['allow_post_links']) {
$quote_username_text = '[url=' . generate_link("members_list&mode=viewprofile&u={$post['author_id']}") . "]{$quote_username}[/url]";
} else {
$quote_username_text = $quote_username . ' (' . generate_link("members_list&mode=viewprofile&u={$post['author_id']}") . ")";
}
$forward_text = array();
$forward_text[] = $_CLASS['core_user']->lang['FWD_ORIGINAL_MESSAGE'];
$forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_SUBJECT'], censor_text($message_subject));
$forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_DATE'], $_CLASS['core_user']->format_date($message_time));
$forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_FROM'], $quote_username_text);
$forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_TO'], implode(', ', $fwd_to_field['to']));
$message_parser->message = implode("\n", $forward_text) . "\n\n[quote=\"{$quote_username}\"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]";
$message_subject = (!preg_match('/^Fwd:/', $message_subject) ? 'Fwd: ' : '') . censor_text($message_subject);
}
$attachment_data = $message_parser->attachment_data;
$filename_data = $message_parser->filename_data;
$message_text = $message_parser->message;
unset($message_parser);
// MAIN PM PAGE BEGINS HERE
// Generate smiley listing
generate_smilies('inline', 0);
// Generate PM Icons
$s_pm_icons = false;
if ($config['enable_pm_icons']) {
$s_pm_icons = posting_gen_topic_icons($action, $icon_id);
}
// Generate inline attachment select box
posting_gen_inline_attachments($attachment_data);
// Build address list for display
// array('u' => array($author_id => 'to'));
if (!empty($address_list)) {
// Get Usernames and Group Names
$result = array();
if (!empty($address_list['u'])) {
$result['u'] = $_CLASS['core_db']->query('SELECT user_id as id, username as name, user_colour as colour
FROM ' . CORE_USERS_TABLE . '
WHERE user_id IN (' . implode(', ', array_map('intval', array_keys($address_list['u']))) . ')');
}
if (!empty($address_list['g'])) {
$result['g'] = $_CLASS['core_db']->query('SELECT group_id as id, group_name as name, group_colour as colour
FROM ' . CORE_GROUPS_TABLE . '
WHERE group_receive_pm = 1 AND group_id IN (' . implode(', ', array_map('intval', array_keys($address_list['g']))) . ')');
}
$u = $g = array();
$_types = array('u', 'g');
foreach ($_types as $type) {
if (isset($result[$type]) && $result[$type]) {
while ($row = $_CLASS['core_db']->fetch_row_assoc($result[$type])) {
${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']);
}
$_CLASS['core_db']->free_result($result[$type]);
}
}
// Now Build the address list
$plain_address_field = '';
foreach ($address_list as $type => $adr_ary) {
foreach ($adr_ary as $id => $field) {
if (!isset(${$type}[$id])) {
unset($address_list[$type][$id]);
continue;
}
$field = $field == 'to' ? 'to' : 'bcc';
$type = $type == 'u' ? 'u' : 'g';
$id = (int) $id;
$_CLASS['core_template']->assign_vars_array($field . '_recipient', array('NAME' => ${$type}[$id]['name'], 'IS_GROUP' => $type === 'g', 'IS_USER' => $type === 'u', 'COLOUR' => ${$type}[$id]['colour'] ? ${$type}[$id]['colour'] : '', 'UG_ID' => $id, 'U_VIEW' => $type == 'u' ? generate_link('members_list&mode=viewprofile&u=' . $id) : generate_link('members_list&mode=group&g=' . $id), 'TYPE' => $type));
}
}
}
// Build hidden address list
$s_hidden_address_field = '';
foreach ($address_list as $type => $adr_ary) {
foreach ($adr_ary as $id => $field) {
$s_hidden_address_field .= '<input type="hidden" name="address_list[' . ($type == 'u' ? 'u' : 'g') . '][' . (int) $id . ']" value="' . ($field == 'to' ? 'to' : 'bcc') . '" />';
}
}
$html_checked = isset($enable_html) ? !$enable_html : ($config['allow_html'] ? !$_CLASS['core_user']->user_data_get('html') : 1);
$bbcode_checked = isset($enable_bbcode) ? !$enable_bbcode : ($config['allow_bbcode'] ? !$_CLASS['core_user']->user_data_get('bbcode') : 1);
$smilies_checked = isset($enable_smilies) ? !$enable_smilies : ($config['allow_smilies'] ? !$_CLASS['core_user']->user_data_get('smilies') : 1);
$urls_checked = isset($enable_urls) ? !$enable_urls : 0;
$sig_checked = $enable_sig;
switch ($action) {
case 'post':
$page_title = $_CLASS['core_user']->lang['POST_NEW_PM'];
break;
case 'quote':
$page_title = $_CLASS['core_user']->lang['POST_QUOTE_PM'];
break;
case 'quotepost':
$page_title = $_CLASS['core_user']->lang['POST_PM_POST'];
break;
case 'reply':
$page_title = $_CLASS['core_user']->lang['POST_REPLY_PM'];
break;
case 'edit':
$page_title = $_CLASS['core_user']->lang['POST_EDIT_PM'];
break;
case 'forward':
$page_title = $_CLASS['core_user']->lang['POST_FORWARD_PM'];
break;
default:
trigger_error('NO_ACTION_MODE');
break;
}
$s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $_CLASS['core_user']->time . '" />';
$s_hidden_fields .= isset($check_value) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : '';
$s_hidden_fields .= $draft_id || isset($_REQUEST['draft_loaded']) ? '<input type="hidden" name="draft_loaded" value="' . (isset($_REQUEST['draft_loaded']) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : '';
$form_enctype = @ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_pm_attach'] || !$_CLASS['forums_auth']->acl_get('u_pm_attach') ? '' : ' enctype="multipart/form-data"';
// Start assigning vars for main posting page ...
$_CLASS['core_template']->assign_array(array('L_POST_A' => $page_title, 'L_ICON' => $_CLASS['core_user']->lang['PM_ICON'], 'L_MESSAGE_BODY_EXPLAIN' => intval($config['max_post_chars']) ? sprintf($_CLASS['core_user']->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', 'SUBJECT' => isset($message_subject) ? $message_subject : '', 'MESSAGE' => $message_text, 'HTML_STATUS' => $html_status ? $_CLASS['core_user']->lang['HTML_IS_ON'] : $_CLASS['core_user']->lang['HTML_IS_OFF'], 'BBCODE_STATUS' => $bbcode_status ? sprintf($_CLASS['core_user']->lang['BBCODE_IS_ON'], '<a href="' . generate_link('Forums&file=faq&mode=bbcode') . '" target="_phpbbcode">', '</a>') : sprintf($_CLASS['core_user']->lang['BBCODE_IS_OFF'], '<a href="' . generate_link('Forums&file=faq&mode=bbcode') . '" target="_phpbbcode">', '</a>'), 'IMG_STATUS' => $img_status ? $_CLASS['core_user']->lang['IMAGES_ARE_ON'] : $_CLASS['core_user']->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => $flash_status ? $_CLASS['core_user']->lang['FLASH_IS_ON'] : $_CLASS['core_user']->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => $smilies_status ? $_CLASS['core_user']->lang['SMILIES_ARE_ON'] : $_CLASS['core_user']->lang['SMILIES_ARE_OFF'], 'URL_STATUS' => $url_status ? $_CLASS['core_user']->lang['URL_IS_ON'] : $_CLASS['core_user']->lang['URL_IS_OFF'], 'MINI_POST_IMG' => $_CLASS['core_user']->img('icon_post', $_CLASS['core_user']->lang['PM']), 'ERROR' => empty($error) ? '' : implode('<br />', $error), 'T_SMILIES_PATH' => "{$config['smilies_path']}/", 'S_EDIT_POST' => $action == 'edit', 'S_SHOW_PM_ICONS' => $s_pm_icons, 'S_HTML_ALLOWED' => $html_status, 'S_HTML_CHECKED' => $html_checked ? ' checked="checked"' : '', 'S_BBCODE_ALLOWED' => $bbcode_status, 'S_BBCODE_CHECKED' => $bbcode_checked ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => $smilies_checked ? ' checked="checked"' : '', 'S_SIG_ALLOWED' => $config['allow_sig'] && $_CLASS['forums_auth']->acl_get('u_sig'), 'S_SIGNATURE_CHECKED' => $sig_checked ? ' checked="checked"' : '', 'S_LINKS_ALLOWED' => $url_status, 'S_MAGIC_URL_CHECKED' => $urls_checked ? ' checked="checked"' : '', 'S_SAVE_ALLOWED' => $_CLASS['forums_auth']->acl_get('u_savedrafts'), 'S_HAS_DRAFTS' => $_CLASS['forums_auth']->acl_get('u_savedrafts') && $drafts, 'S_FORM_ENCTYPE' => $form_enctype, 'S_BBCODE_IMG' => $img_status, 'S_BBCODE_FLASH' => $flash_status, 'S_BBCODE_QUOTE' => true, 'S_BBCODE_URL' => $url_status, 'S_POST_ACTION' => generate_link($s_action), 'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field, 'S_HIDDEN_FIELDS' => $s_hidden_fields));
// Attachment entry
if ($_CLASS['forums_auth']->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype) {
posting_gen_attachment_entry($attachment_data, $filename_data);
}
}
function page_control_panel()
{
global $_CLASS, $_CORE_CONFIG;
/* Assign some basic template varibles */
$_CLASS['core_template']->assign_array(array('S_DISPLAY_FORM' => false, 'S_SHOW_PM_BOX' => false, 'S_SHOW_COLOUR_LEGEND' => false, 'USERNAME' => '', 'friends_online' => false, 'friends_offline' => false));
$_CLASS['core_user']->user_setup();
$_CLASS['core_user']->add_lang();
if (!$this->module && $this->mode) {
switch ($this->mode) {
case 'register':
if ($_CLASS['core_user']->is_user || $_CLASS['core_user']->is_bot) {
redirect();
}
require SITE_FILE_ROOT . 'modules/control_panel/modules/ucp_register.php';
break;
case 'login':
if ($_CLASS['core_user']->is_user || $_CLASS['core_user']->is_bot) {
redirect();
}
$_CLASS['core_auth']->auth_login();
break;
case 'logout':
if ($_CLASS['core_user']->is_user) {
$_CLASS['core_user']->logout();
}
$_CLASS['core_display']->meta_refresh(3);
$message = $_CLASS['core_user']->lang['LOGOUT_REDIRECT'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_PAGE'], '<a href="' . generate_link() . '">', '</a> ');
trigger_error($message);
break;
case 'delete_cookies':
if (display_confirmation($_CLASS['core_user']->get_lang('DELETE_COOKIES'))) {
global $_CORE_CONFIG;
$set_time = gmtime() - 31536000;
foreach ($_COOKIE as $cookie_name => $cookie_data) {
$cookie_name = str_replace($_CORE_CONFIG['server']['cookie_name'] . '_', '', $cookie_name);
if (strpos($cookie_name, '_poll') === false) {
$_CLASS['core_user']->set_cookie($cookie_name, '', $set_time);
}
}
$_CLASS['core_user']->logout();
$_CLASS['core_display']->meta_refresh(3);
$message = $_CLASS['core_user']->lang['COOKIES_DELETED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_INDEX'], '<a href="' . generate_link() . '">', '</a>');
trigger_error($message);
}
redirect();
break;
}
}
/* Only registered users can go beyond this point*/
if (!$_CLASS['core_user']->is_user) {
if ($_CLASS['core_user']->is_bot) {
redirect();
}
login_box(array('explain' => $_CLASS['core_user']->get_lang('LOGIN_EXPLAIN_UCP')));
}
$this->process_module('page');
$this->generate_panel_block('page');
require SITE_FILE_ROOT . 'modules/control_panel/modules/ucp_' . $this->module . '.php';
}
// Do we want to edit our post ?
if ($mode == 'edit') {
$message_parser->bbcode_uid = $bbcode_uid;
}
// should we alow ip no user deletion ?
// Delete triggered ?
if ($mode == 'delete') {
if ($_CLASS['auth']->acl_get('f_delete', $forum_id) && $post_id == $topic_last_post_id && (!$_CLASS['core_user']->is_user && $posting_data['poster_id'] == ANONYMOUS && $poster_ip && $poster_ip == $_CLASS['core_user']->ip || $_CLASS['core_user']->is_user && $posting_data['poster_id'] == $_CLASS['core_user']->data['user_id'])) {
$user_deletable = true;
} else {
$user_deletable = false;
}
}
if ($mode == 'delete' && ($user_deletable || $_CLASS['auth']->acl_get('m_delete', $forum_id))) {
$s_hidden_fields = '<input type="hidden" name="p" value="' . $post_id . '" /><input type="hidden" name="f" value="' . $forum_id . '" /><input type="hidden" name="mode" value="delete" />';
if (display_confirmation(false, $s_hidden_fields)) {
$data = array('topic_first_post_id' => $topic_first_post_id, 'topic_last_post_id' => $topic_last_post_id, 'topic_approved' => $topic_approved, 'topic_type' => $posting_data['topic_type'], 'post_approved' => $post_approved, 'post_time' => $posting_data['post_time'], 'poster_id' => $posting_data['poster_id']);
$next_post_id = delete_post($mode, $post_id, $topic_id, $forum_id, $data);
if ($topic_first_post_id == $topic_last_post_id) {
if (!$user_deletable) {
add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_TOPIC', $posting_data['topic_title']);
}
$meta_info = generate_link('Forums&file=viewforum&f=' . $forum_id);
$message = $_CLASS['core_user']->lang['POST_DELETED'];
} else {
if (!$user_deletable) {
add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_POST', $post_subject);
}
$meta_info = generate_link("Forums&file=viewtopic&f={$forum_id}&t={$topic_id}&p={$next_post_id}#{$next_post_id}");
$message = $_CLASS['core_user']->lang['POST_DELETED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_TOPIC'], '<a href="' . generate_link("Forums&file=viewtopic&f={$forum_id}&t={$topic_id}&p={$next_post_id}#{$next_post_id}") . '">', '</a>');
}
ob_end_flush();
cc_core_rebill($vars['paysys_id'], $vars['date'], $from_cron = false);
/// next
$vars['date'] = date('Y-m-d', strtotime($vars['date']) + 3600 * 24);
if ($vars['date'] > $vars['date2']) {
print "<font size=3>Rebilling Finished! <a href='rebill.php'>Back to the form</a></font>";
$t->display('admin/footer.inc.html');
return;
}
$d = strftime($config['date_format'], strtotime($vars['date']));
print <<<CUT
\t<form method=post>
\t<input type=submit name=confirm value="Process next date[{$d}]" />
\t<input type=hidden name=date value='{$vars['date']}' />
\t<input type=hidden name=date1 value='{$vars['date1']}' />
\t<input type=hidden name=date2 value='{$vars['date2']}' />
\t<input type=hidden name=paysys_id value='{$vars['paysys_id']}' />
\t</form>
CUT;
$t->display('admin/footer.inc.html');
}
$vars = get_input_vars();
if ($vars['date1'] && $vars['date2'] && $vars['paysys_id']) {
if ($vars['confirm']) {
do_rebill($vars);
} else {
display_confirmation($vars);
}
} else {
display_form();
}
if ($move_up || $move_down) {
if ($move_up && $move_up != 1 || $move_down && $move_down != $max_order_id) {
$order = $move_up ? $move_up : $move_down;
$order_total = $order * 2 + ($move_up ? -1 : 1);
$sql = 'UPDATE ' . FORUMS_BOOKMARKS_TABLE . "\n\t\t\t\t\tSET order_id = {$order_total} - order_id\n\t\t\t\t\tWHERE order_id IN ({$order}, " . ($move_up ? $order - 1 : $order + 1) . ')
AND user_id = ' . $_CLASS['core_user']->data['user_id'];
$_CLASS['core_db']->query($sql);
}
}
if (isset($_POST['unbookmark'])) {
$topics = array_unique(get_variable('t', 'POST', array(), 'array:int'));
if (empty($topics)) {
trigger_error('NO_BOOKMARKS_SELECTED');
}
$hidden_fields = array('unbookmark' => 1, 't' => $topics);
if (display_confirmation($_CLASS['core_user']->get_lang('REMOVE_SELECTED_BOOKMARKS'), generate_hidden_fields($hidden_fields))) {
$sql = 'DELETE FROM ' . FORUMS_BOOKMARKS_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . '
AND topic_id IN (' . implode(', ', $topics) . ')';
$_CLASS['core_db']->query($sql);
$sql = 'SELECT topic_id FROM ' . FORUMS_BOOKMARKS_TABLE . '
WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . '
ORDER BY order_id ASC';
$result = $_CLASS['core_db']->query($sql);
$i = 1;
while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$_CLASS['core_db']->query('UPDATE ' . FORUMS_BOOKMARKS_TABLE . "\n\t\t\t\t\t\tSET order_id = '{$i}'\n\t\t\t\t\t\tWHERE topic_id = '{$row['topic_id']}'\n\t\t\t\t\t\t\tAND user_id = '{$_CLASS['core_user']->data['user_id']}'");
$i++;
}
$_CLASS['core_db']->free_result($result);
$url = generate_link('control_panel&i=main&mode=bookmarks');
}
}
}
}
$_CLASS['core_db']->query('UPDATE ' . CORE_MODULES_TABLE . ' set module_status = ' . STATUS_PENDING . ' WHERE module_id = ' . $id);
}
break;
case 'remove':
$result = $_CLASS['core_db']->query('SELECT module_status, module_name, module_type FROM ' . CORE_MODULES_TABLE . ' WHERE module_id = ' . $id);
$module = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$module || $module['module_status'] != STATUS_PENDING) {
trigger_error($module ? 'MODULE_NOT_REMOVABLE' : 'MODULE_NOT_FOUND');
}
check_type($module['module_type']);
if (display_confirmation()) {
$_CLASS['core_db']->query('DELETE from ' . CORE_MODULES_TABLE . ' WHERE module_id = ' . $id);
}
break;
case 'auth':
$result = $_CLASS['core_db']->query('SELECT module_type, module_auth FROM ' . CORE_MODULES_TABLE . ' WHERE module_id = ' . $id);
$module = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$module) {
trigger_error('MODULE_NOT_FOUND');
}
$module['module_auth'] = $module['module_auth'] ? unserialize($module['module_auth']) : '';
check_type($module['module_type']);
$_CLASS['core_display']->display_header();
$auth = $_CLASS['core_auth']->generate_auth_options($module['module_auth']);
if ($auth !== false) {
function ucp_attachments($id, $mode)
{
global $_CLASS, $config, $site_file_root;
$start = request_var('start', 0);
$delete = isset($_POST['delete']) ? true : false;
$confirm = isset($_POST['confirm']) ? true : false;
$delete_ids = isset($_REQUEST['attachment']) ? array_keys(array_map('intval', $_REQUEST['attachment'])) : array();
if ($delete && sizeof($delete_ids)) {
$s_hidden_fields = '<input type="hidden" name="delete" value="1" />';
foreach ($delete_ids as $attachment_id) {
$s_hidden_fields .= '<input type="hidden" name="attachment[' . $attachment_id . ']" value="1" />';
}
if (display_confirmation($_CLASS['core_user']->get_lang(count($delete_ids) == 1 ? 'DELETE_ATTACHMENT' : 'DELETE_ATTACHMENTS'), $s_hidden_fields)) {
require $site_file_root . 'includes/forums/functions_admin.php';
delete_attachments('attach', $delete_ids);
$refresh_url = generate_link('Control_Panel&i=' . $id);
$_CLASS['core_display']->meta_refresh(3, $refresh_url);
$message = (sizeof($delete_ids) == 1 ? $_CLASS['core_user']->lang['ATTACHMENT_DELETED'] : $_CLASS['core_user']->lang['ATTACHMENTS_DELETED']) . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . $refresh_url . '">', '</a>');
trigger_error($message);
}
}
$sort_key = request_var('sk', 'a');
$sort_dir = request_var('sd', 'a');
// Select box eventually
$sort_key_text = array('a' => $_CLASS['core_user']->lang['SORT_FILENAME'], 'b' => $_CLASS['core_user']->lang['SORT_COMMENT'], 'c' => $_CLASS['core_user']->lang['SORT_EXTENSION'], 'd' => $_CLASS['core_user']->lang['SORT_SIZE'], 'e' => $_CLASS['core_user']->lang['SORT_DOWNLOADS'], 'f' => $_CLASS['core_user']->lang['SORT_POST_TIME'], 'g' => $_CLASS['core_user']->lang['SORT_TOPIC_TITLE']);
$sort_key_sql = array('a' => 'a.real_filename', 'b' => 'a.comment', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title');
$sort_dir_text = array('a' => $_CLASS['core_user']->lang['ASCENDING'], 'd' => $_CLASS['core_user']->lang['DESCENDING']);
$s_sort_key = '';
foreach ($sort_key_text as $key => $value) {
$selected = $sort_key == $key ? ' selected="selected"' : '';
$s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$s_sort_dir = '';
foreach ($sort_dir_text as $key => $value) {
$selected = $sort_dir == $key ? ' selected="selected"' : '';
$s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$order_by = $sort_key_sql[$sort_key] . ' ' . ($sort_dir == 'a' ? 'ASC' : 'DESC');
$sql = 'SELECT COUNT(*) as num_attachments
FROM ' . FORUMS_ATTACHMENTS_TABLE . '
WHERE poster_id = ' . $_CLASS['core_user']->data['user_id'];
$result = $_CLASS['core_db']->query_limit($sql, 1);
list($num_attachments) = $_CLASS['core_db']->fetch_row_num($result);
$_CLASS['core_db']->free_result($result);
$sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title
FROM ' . FORUMS_ATTACHMENTS_TABLE . ' a
LEFT JOIN ' . FORUMS_TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id
AND a.in_message = 0)
LEFT JOIN ' . FORUMS_PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id
AND a.in_message = 1)
WHERE a.poster_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\tORDER BY {$order_by}";
$result = $_CLASS['core_db']->query_limit($sql, $config['posts_per_page'], $start);
$row_count = 0;
if ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
$_CLASS['core_template']->assign('S_ATTACHMENT_ROWS', true);
do {
if ($row['in_message']) {
$view_topic = generate_link('Control_Panel&i=pm&p=' . $row['post_msg_id']);
} else {
$view_topic = generate_link("Forums&file=viewtopic&t={$row['topic_id']}&p={$row['post_msg_id']}#{$row['post_msg_id']}");
}
$_CLASS['core_template']->assign_vars_array('attachrow', array('ROW_NUMBER' => $row_count + ($start + 1), 'FILENAME' => $row['real_filename'], 'COMMENT' => str_replace("\n", '<br />', $row['comment']), 'EXTENSION' => $row['extension'], 'SIZE' => $row['filesize'] >= 1048576 ? ($row['filesize'] >> 20) . ' ' . $_CLASS['core_user']->lang['MB'] : ($row['filesize'] >= 1024 ? ($row['filesize'] >> 10) . ' ' . $_CLASS['core_user']->lang['KB'] : $row['filesize'] . ' ' . $_CLASS['core_user']->lang['BYTES']), 'DOWNLOAD_COUNT' => $row['download_count'], 'POST_TIME' => $_CLASS['core_user']->format_date($row['filetime'], $_CLASS['core_user']->lang['DATE_FORMAT']), 'TOPIC_TITLE' => $row['in_message'] ? $row['message_title'] : $row['topic_title'], 'ATTACH_ID' => $row['attach_id'], 'POST_ID' => $row['post_msg_id'], 'TOPIC_ID' => $row['topic_id'], 'S_IN_MESSAGE' => $row['in_message'], 'U_VIEW_ATTACHMENT' => generate_link('Forums&file=download&id=' . $row['attach_id']), 'U_VIEW_TOPIC' => $view_topic));
$row_count++;
} while ($row = $_CLASS['core_db']->fetch_row_assoc($result));
}
$_CLASS['core_db']->free_result($result);
$_CLASS['core_template']->assign(array('PAGE_NUMBER' => on_page($num_attachments, $config['posts_per_page'], $start), 'PAGINATION' => generate_pagination("Control_Panel&i={$id}&sk={$sort_key}&sd={$sort_dir}", $num_attachments, $config['posts_per_page'], $start), 'TOTAL_ATTACHMENTS' => $num_attachments, 'U_SORT_FILENAME' => generate_link("Control_Panel&i={$id}&sk=a&sd=" . ($sort_key == 'a' && $sort_dir == 'a' ? 'd' : 'a')), 'U_SORT_FILE_COMMENT' => generate_link("Control_Panel&i={$id}&sk=b&sd=" . ($sort_key == 'b' && $sort_dir == 'a' ? 'd' : 'a')), 'U_SORT_EXTENSION' => generate_link("Control_Panel&i={$id}&sk=c&sd=" . ($sort_key == 'c' && $sort_dir == 'a' ? 'd' : 'a')), 'U_SORT_FILESIZE' => generate_link("Control_Panel&i={$id}&sk=d&sd=" . ($sort_key == 'd' && $sort_dir == 'a' ? 'd' : 'a')), 'U_SORT_DOWNLOADS' => generate_link("Control_Panel&i={$id}&sk=e&sd=" . ($sort_key == 'e' && $sort_dir == 'a' ? 'd' : 'a')), 'U_SORT_POST_TIME' => generate_link("Control_Panel&i={$id}&sk=f&sd=" . ($sort_key == 'f' && $sort_dir == 'a' ? 'd' : 'a')), 'U_SORT_TOPIC_TITLE' => generate_link("Control_Panel&i={$id}&sk=g&sd=" . ($sort_key == 'f' && $sort_dir == 'a' ? 'd' : 'a')), 'S_DISPLAY_MARK_ALL' => $num_attachments ? true : false, 'S_DISPLAY_PAGINATION' => $num_attachments ? true : false, 'S_UCP_ACTION' => generate_link('Control_Panel&i=' . $id), 'S_SORT_OPTIONS' => $s_sort_key, 'S_ORDER_SELECT' => $s_sort_dir));
$this->display($_CLASS['core_user']->lang['UCP_ATTACHMENTS'], 'ucp_attachments.html');
}