/** * Standard modular run function for snippet hooks. Generates XHTML to insert into a page using AJAX. * * @return tempcode The snippet */ function run() { if (get_option('is_on_rating') == '0') { return do_lang_tempcode('INTERNAL_ERROR'); } // Has there actually been any rating? if (strtoupper(ocp_srv('REQUEST_METHOD')) == 'POST' || ocp_srv('HTTP_REFERER') == '') { $rating = either_param_integer('rating', NULL); } else { $rating = post_param_integer('rating'); // Will fail } $content_type = get_param('content_type'); $type = get_param('type', ''); $content_id = get_param('id'); $content_url = get_param('content_url', '', true); $content_title = get_param('content_title', '', true); require_code('feedback'); actualise_specific_rating($rating, get_page_name(), get_member(), $content_type, $type, $content_id, $content_url, $content_title); actualise_give_rating_points(); $template = get_param('template', NULL); if ($template !== '') { if (is_null($template)) { $template = 'RATING_BOX'; } return display_rating($content_url, $content_title, $content_type, $content_id, $template); } return do_lang_tempcode('THANKYOU_FOR_RATING_SHORT'); }
/** * Check a POST inputted date for validity, and get the Unix timestamp for the inputted date. * * @param ID_TEXT The stub of the parameter name (stub_year, stub_month, stub_day, stub_hour, stub_minute) * @param boolean Whether to allow over get parameters also * @return ?TIME The timestamp of the date (NULL: no input date was chosen) */ function _get_input_date($stub, $get_also = false) { $timezone = post_param('timezone', get_users_timezone()); if ($get_also) { // if (either_param_integer($stub,0)==0) return NULL; // NULL was chosen Doesn't work like this now $year = either_param_integer($stub . '_year', NULL); if (is_null($year)) { return NULL; } $month = either_param_integer($stub . '_month', NULL); if (is_null($month)) { return NULL; } $day = either_param_integer($stub . '_day', NULL); if (is_null($day)) { return NULL; } $hour = either_param_integer($stub . '_hour', NULL); $minute = either_param_integer($stub . '_minute', NULL); } else { // if (post_param_integer($stub,0)==0) return NULL; // NULL was chosen Doesn't work like this now $year = post_param_integer($stub . '_year', NULL); if (is_null($year)) { return NULL; } $month = post_param_integer($stub . '_month', NULL); if (is_null($month)) { return NULL; } $day = post_param_integer($stub . '_day', NULL); if (is_null($day)) { return NULL; } $hour = post_param_integer($stub . '_hour', NULL); $minute = post_param_integer($stub . '_minute', NULL); } if (!checkdate($month, $day, $year)) { warn_exit(do_lang_tempcode('INVALID_DATE_GIVEN')); } if (is_null($hour)) { if (strpos($stub, 'end') !== false) { $hour = 23; $minute = 59; } else { $hour = 0; $minute = 0; } } $time = mktime($hour, $minute, 0, $month, $day, $year); if ($year >= 1970 || @strftime('%Y', @mktime(0, 0, 0, 1, 1, 1963)) == '1963') { $amount_forward = tz_time($time, $timezone) - $time; $time = $time - $amount_forward; } return $time; }
/** * The UI to confirm deletion of a page. * * @return tempcode The UI */ function _delete() { $GLOBALS['HELPER_PANEL_PIC'] = 'pagepics/deletepage'; $hidden = new ocp_tempcode(); $file = new ocp_tempcode(); $zone = either_param('zone'); $pages = array(); require_code('site'); foreach ($_REQUEST as $key => $val) { if (substr($key, 0, 6) == 'page__' && $val === '1') { $page = substr($key, 6); $page_details = _request_page($page, $zone, NULL, NULL, true); if ($page_details === false) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $pages[$page] = strtolower($page_details[0]); } } foreach ($pages as $page => $type) { if (is_integer($page)) { $page = strval($page); } if (either_param_integer('page__' . $page, 0) == 1) { $hidden->attach(form_input_hidden('page__' . $page, '1')); if (!$file->is_empty()) { $file->attach(do_lang_tempcode('LIST_SEP')); } $file->attach(do_lang_tempcode('ZONE_WRITE', escape_html($zone), escape_html($page))); if (get_file_base() != get_custom_file_base() && $type != 'comcode_custom') { warn_exit(do_lang_tempcode('SHARED_INSTALL_PROHIBIT')); } } } $title = get_page_title('DELETE_PAGES'); $url = build_url(array('page' => '_SELF', 'type' => '__delete'), '_SELF'); $text = do_lang_tempcode('CONFIRM_DELETE', escape_html($file)); breadcrumb_set_self(do_lang_tempcode('CONFIRM')); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('PAGES')), array('_SELF:_SELF:delete', do_lang_tempcode('DELETE_PAGES')))); $hidden->attach(form_input_hidden('zone', $zone)); return do_template('YESNO_SCREEN', array('_GUID' => 'f732bb10942759c6ca5771d2d446c333', 'TITLE' => $title, 'HIDDEN' => $hidden, 'TEXT' => $text, 'URL' => $url)); }
/** * Get the join form. * * @param tempcode URL to direct to * @param boolean Whether to handle CAPTCHA (if enabled at all) * @param boolean Whether to ask for intro messages (if enabled at all) * @param boolean Whether to check for invites (if enabled at all) * @param boolean Whether to check email-address restrictions (if enabled at all) * @return array A tuple: Necessary Javascript code, the form */ function ocf_join_form($url, $captcha_if_enabled = true, $intro_message_if_enabled = true, $invites_if_enabled = true, $one_per_email_address_if_enabled = true) { ocf_require_all_forum_stuff(); require_css('ocf'); require_code('ocf_members_action'); require_code('ocf_members_action2'); require_code('form_templates'); $hidden = new ocp_tempcode(); $hidden->attach(build_keep_post_fields()); $groups = ocf_get_all_default_groups(true); $primary_group = either_param_integer('primary_group', NULL); if ($primary_group !== NULL && !in_array($primary_group, $groups)) { // Check security $test = $GLOBALS['FORUM_DB']->query_value('f_groups', 'g_is_presented_at_install', array('id' => $primary_group)); if ($test == 1) { $groups = ocf_get_all_default_groups(false); $hidden = form_input_hidden('primary_group', strval($primary_group)); $groups[] = $primary_group; } } list($fields, $_hidden) = ocf_get_member_fields(true, NULL, $groups); $hidden->attach($_hidden); if ($intro_message_if_enabled) { $forum_id = get_option('intro_forum_id'); if ($forum_id != '') { $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('INTRODUCE_YOURSELF')))); $fields->attach(form_input_line(do_lang_tempcode('TITLE'), '', 'intro_title', do_lang('INTRO_POST_DEFAULT', '___'), false)); $fields->attach(form_input_text_comcode(do_lang_tempcode('POST_COMMENT'), do_lang_tempcode('DESCRIPTION_INTRO_POST'), 'intro_post', '', false)); } } $text = do_lang_tempcode('ENTER_PROFILE_DETAILS'); if ($captcha_if_enabled) { if (addon_installed('captcha')) { require_code('captcha'); if (use_captcha()) { $fields->attach(form_input_captcha()); $text->attach(' '); $text->attach(do_lang_tempcode('FORM_TIME_SECURITY')); } } } $submit_name = do_lang_tempcode('PROCEED'); require_javascript('javascript_ajax'); $script = find_script('username_check'); $javascript = "\n\t\tvar form=document.getElementById('username').form;\n\t\tform.elements['username'].onchange=function()\n\t\t{\n\t\t\tif (form.elements['intro_title'])\n\t\t\t\tform.elements['intro_title'].value='" . addslashes(do_lang('INTRO_POST_DEFAULT')) . "'.replace(/\\{1\\}/g,form.elements['username'].value);\n\t\t}\n\t\tform.old_submit=form.onsubmit;\n\t\tform.onsubmit=function()\n\t\t\t{\n\t\t\t\tif ((form.elements['email_address_confirm']) && (form.elements['email_address_confirm'].value!=form.elements['email_address'].value))\n\t\t\t\t{\n\t\t\t\t\twindow.fauxmodal_alert('" . php_addslashes(do_lang('EMAIL_ADDRESS_MISMATCH')) . "');\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\t\t\t\tif ((form.elements['password_confirm']) && (form.elements['password_confirm'].value!=form.elements['password'].value))\n\t\t\t\t{\n\t\t\t\t\twindow.fauxmodal_alert('" . php_addslashes(do_lang('PASSWORD_MISMATCH')) . "');\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\t\t\t\tdocument.getElementById('submit_button').disabled=true;\n\t\t\t\tvar url='" . addslashes($script) . "?username='******'username'].value);\n\t\t\t\tif (!do_ajax_field_test(url,'password='******'password'].value)))\n\t\t\t\t{\n\t\t\t\t\tdocument.getElementById('submit_button').disabled=false;\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\t"; $script = find_script('snippet'); if ($invites_if_enabled) { if (get_option('is_on_invites') == '1') { $javascript .= "\n\t\t\t\t\turl='" . addslashes($script) . "?snippet=invite_missing&name='+window.encodeURIComponent(form.elements['email_address'].value);\n\t\t\t\t\tif (!do_ajax_field_test(url))\n\t\t\t\t\t{\n\t\t\t\t\t\tdocument.getElementById('submit_button').disabled=false;\n\t\t\t\t\t\treturn false;\n\t\t\t\t\t}\n\t\t\t"; } } if ($one_per_email_address_if_enabled) { if (get_option('one_per_email_address') == '1') { $javascript .= "\n\t\t\t\t\turl='" . addslashes($script) . "?snippet=email_exists&name='+window.encodeURIComponent(form.elements['email_address'].value);\n\t\t\t\t\tif (!do_ajax_field_test(url))\n\t\t\t\t\t{\n\t\t\t\t\t\tdocument.getElementById('submit_button').disabled=false;\n\t\t\t\t\t\treturn false;\n\t\t\t\t\t}\n\t\t\t"; } } if ($captcha_if_enabled) { if (addon_installed('captcha')) { require_code('captcha'); if (use_captcha()) { $javascript .= "\n\t\t\t\t\t\turl='" . addslashes($script) . "?snippet=captcha_wrong&name='+window.encodeURIComponent(form.elements['security_image'].value);\n\t\t\t\t\t\tif (!do_ajax_field_test(url))\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tdocument.getElementById('submit_button').disabled=false;\n\t\t\t\t\t\t\treturn false;\n\t\t\t\t\t\t}\n\t\t\t\t"; } } } $javascript .= "\n\t\t\t\tdocument.getElementById('submit_button').disabled=false;\n\t\t\t\tif (typeof form.old_submit!='undefined' && form.old_submit) return form.old_submit();\n\t\t\t\treturn true;\n\t\t\t};\n\t"; $form = do_template('FORM', array('TEXT' => '', 'HIDDEN' => $hidden, 'FIELDS' => $fields, 'SUBMIT_NAME' => $submit_name, 'URL' => $url)); return array($javascript, $form); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return ?array A quartet: The choose table, Whether re-ordering is supported from this screen, Search URL, Archive URL (NULL: nothing to select). */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'date_and_time DESC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('title' => do_lang_tempcode('TITLE'), 'date_and_time' => do_lang_tempcode('_ADDED'), 'news_views' => do_lang_tempcode('_VIEWS')); if (addon_installed('unvalidated')) { $sortables['validated'] = do_lang_tempcode('VALIDATED'); } if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $fh = array(); $fh[] = do_lang_tempcode('TITLE'); $fh[] = do_lang_tempcode('_ADDED'); $fh[] = do_lang_tempcode('_VIEWS'); if (addon_installed('unvalidated')) { $fh[] = do_lang_tempcode('VALIDATED'); } $fh[] = do_lang_tempcode('ACTIONS'); $header_row = results_field_title($fh, $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); $only_owned = has_specific_permission(get_member(), 'edit_midrange_content', 'cms_news') ? NULL : get_member(); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering, is_null($only_owned) ? NULL : array('submitter' => $only_owned), false, ' JOIN ' . get_table_prefix() . 'news_categories c ON c.id=r.news_category AND nc_owner IS NOT NULL'); if (count($rows) == 0) { return NULL; } foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $fr = array(); $fr[] = protect_from_escaping(hyperlink(build_url(array('page' => 'news', 'type' => 'view', 'id' => $row['id']), get_module_zone('news')), get_translated_text($row['title']), false, true)); $fr[] = get_timezoned_date($row['date_and_time']); $fr[] = integer_format($row['news_views']); if (addon_installed('unvalidated')) { $fr[] = $row['validated'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'); } $fr[] = protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id']))); $fields->attach(results_entry($fr, true)); } $search_url = build_url(array('page' => 'search', 'id' => 'news'), get_module_zone('search')); $archive_url = build_url(array('page' => 'news'), get_module_zone('news')); return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false, $search_url, $archive_url); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'tag_tag ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('tag_tag' => do_lang_tempcode('COMCODE_TAG'), 'tag_title' => do_lang_tempcode('TITLE'), 'tag_dangerous_tag' => do_lang_tempcode('DANGEROUS_TAG'), 'tag_block_tag' => do_lang_tempcode('BLOCK_TAG'), 'tag_textual_tag' => do_lang_tempcode('TEXTUAL_TAG'), 'tag_enabled' => do_lang_tempcode('ENABLED')); $header_row = results_field_title(array(do_lang_tempcode('COMCODE_TAG'), do_lang_tempcode('TITLE'), do_lang_tempcode('DANGEROUS_TAG'), do_lang_tempcode('BLOCK_TAG'), do_lang_tempcode('TEXTUAL_TAG'), do_lang_tempcode('ENABLED'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $fields = new ocp_tempcode(); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['tag_tag']), '_SELF'); $fields->attach(results_entry(array($row['tag_tag'], get_translated_text($row['tag_title']), $row['tag_dangerous_tag'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), $row['tag_block_tag'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), $row['tag_textual_tag'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), $row['tag_enabled'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . $row['tag_tag']))), true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A quartet: The choose table, Whether re-ordering is supported from this screen, Search URL, Archive URL. */ function nice_get_choose_table($url_map) { attach_message(do_lang_tempcode('EASIER_TO_EDIT_BOOKING_VIA_MEMBER'), 'inform'); require_code('templates_results_table'); $current_ordering = get_param('sort', 'b_year DESC,b_month DESC,b_day DESC'); list(, $sortable, $sort_order) = preg_split('#(.*) (ASC|DESC)#', $current_ordering, 2, PREG_SPLIT_DELIM_CAPTURE); $sortables = array('b_year DESC,b_month DESC,b_day' => do_lang_tempcode('DATE'), 'bookable_id' => do_lang_tempcode('BOOKABLE'), 'booked_at' => do_lang_tempcode('BOOKING_DATE')); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $fh = array(); $fh[] = do_lang_tempcode('BOOKABLE'); $fh[] = do_lang_tempcode('FROM'); $fh[] = do_lang_tempcode('TO'); $fh[] = do_lang_tempcode('NAME'); $fh[] = do_lang_tempcode('QUANTITY'); $fh[] = do_lang_tempcode('BOOKING_DATE'); $fh[] = do_lang_tempcode('ACTIONS'); // FUTURE: Show paid at, transaction IDs, and codes, and allow sorting of those $header_row = results_field_title($fh, $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['_id']), '_SELF'); $fr = array(); $fr[] = get_translated_text($GLOBALS['SITE_DB']->query_value('bookable', 'title', array('id' => $row['bookable_id']))); $fr[] = get_timezoned_date(mktime(0, 0, 0, $row['start_month'], $row['start_day'], $row['start_year']), false, true, false, true); $fr[] = get_timezoned_date(mktime(0, 0, 0, $row['end_month'], $row['end_day'], $row['end_year']), false, true, false, true); $fr[] = $GLOBALS['FORUM_DRIVER']->get_username($row['_rows'][0]['member_id']); $fr[] = number_format($row['quantity']); $fr[] = get_timezoned_date($row['_rows'][0]['booked_at']); $fr[] = protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'))); $fields->attach(results_entry($fr, true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * The actualiser for deleting a post. * * @return tempcode The UI */ function _delete_post() { $post_id = either_param_integer('id', NULL); if (is_null($post_id)) { $post_id = either_param_integer('post_id'); } $reason = post_param('reason'); require_code('ocf_posts_action'); require_code('ocf_posts_action2'); require_code('ocf_posts_action3'); if (has_specific_permission(get_member(), 'mass_delete_from_ip') && post_param_integer('post_all', 0) == 1) { $post_rows = $GLOBALS['FORUM_DB']->query_select('f_posts', array('p_ip_address', 'p_time', 'p_topic_id'), array('id' => $post_id)); if (!array_key_exists(0, $post_rows)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $ip = $post_rows[0]['p_ip_address']; $time = $post_rows[0]['p_time']; $topic_id = $post_rows[0]['p_topic_id']; $posts = $GLOBALS['FORUM_DB']->query('SELECT id,p_topic_id,p_title FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_posts WHERE p_time>' . strval($time - 60 * 60 * 24) . ' AND p_time<' . strval($time + 60 * 60 * 24) . ' AND ' . db_string_equal_to('p_ip_address', $ip)); $post_id = post_param_integer('id', NULL); if (is_null($post_id)) { $post_id = get_param_integer('id'); $post_url = build_url(array('page' => '_SELF', 'type' => get_param('type')), '_SELF', NULL, true); $hidden = new ocp_tempcode(); $hidden->attach(form_input_hidden('id', strval($post_id))); $hidden->attach(form_input_hidden('reason', post_param('reason'))); $stuff = new ocp_tempcode(); foreach ($posts as $post) { if (!$stuff->is_empty()) { $stuff->attach(do_lang_tempcode('LIST_SEP')); } $url = $GLOBALS['FORUM_DRIVER']->post_url($post['id'], $post['p_topic_id']); if ($post['p_title'] != '') { $stuff->attach(hyperlink($url, $post['p_title'], true, true)); } else { $stuff->attach(hyperlink($url, '#' . strval($post['id']), true, true)); } } return do_template('YESNO_SCREEN', array('TITLE' => get_page_title('DELETE_POSTS'), 'TEXT' => do_lang_tempcode('CONFIRM_DELETE', $stuff), 'URL' => $post_url, 'HIDDEN' => $hidden)); } foreach ($posts as $post) { require_code('fields'); if (has_tied_catalogue('post')) { delete_form_custom_fields('post', $post['id']); } ocf_delete_posts_topic($post['p_topic_id'], array($post['id']), $reason); } return $this->redirect_to('DELETE_POSTS_FROM_IP', $topic_id); } $topic_id = $GLOBALS['FORUM_DB']->query_value_null_ok('f_posts', 'p_topic_id', array('id' => $post_id)); if (is_null($topic_id)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $_topic_info = $GLOBALS['FORUM_DB']->query_select('f_topics', array('t_cache_first_title', 't_cache_first_post_id', 't_forum_id'), array('id' => $topic_id), '', 1); $current_title = $_topic_info[0]['t_cache_first_title']; $deleted_all = ocf_delete_posts_topic($topic_id, array($post_id), $reason); if ($_topic_info[0]['t_cache_first_post_id'] == $post_id) { $_topic_info2 = $GLOBALS['FORUM_DB']->query_select('f_topics', array('t_cache_first_title', 't_cache_first_post_id'), array('id' => $topic_id), '', 1); if (array_key_exists(0, $_topic_info2)) { if ($_topic_info2[0]['t_cache_first_title'] == do_lang('NO_TOPIC_TITLE', strval($topic_id))) { $GLOBALS['FORUM_DB']->query_update('f_posts', array('p_title' => $current_title), array('id' => $_topic_info2[0]['t_cache_first_post_id']), '', 1); } } } require_code('fields'); if (has_tied_catalogue('post')) { delete_form_custom_fields('post', strval($post_id)); } if ($deleted_all) { return $this->redirect_to_forum('DELETE_POST', $_topic_info[0]['t_forum_id']); } return $this->redirect_to('DELETE_POST', $topic_id); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'name ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('name' => do_lang_tempcode('CODENAME'), 'b_type' => do_lang_tempcode('_BANNER_TYPE'), 'the_type' => do_lang_tempcode('DEPLOYMENT_AGREEMENT'), 'importance_modulus' => do_lang_tempcode('IMPORTANCE_MODULUS'), 'expiry_date' => do_lang_tempcode('EXPIRY_DATE'), 'add_date' => do_lang_tempcode('_ADDED')); if (addon_installed('unvalidated')) { $sortables['validated'] = do_lang_tempcode('VALIDATED'); } if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $hr = array(do_lang_tempcode('CODENAME'), do_lang_tempcode('_BANNER_TYPE'), do_lang_tempcode('DEPLOYMENT_AGREEMENT'), do_lang_tempcode('IMPORTANCE_MODULUS'), do_lang_tempcode('EXPIRY_DATE'), do_lang_tempcode('_ADDED')); if (addon_installed('unvalidated')) { $hr[] = do_lang_tempcode('VALIDATED'); } $hr[] = do_lang_tempcode('ACTIONS'); $header_row = results_field_title($hr, $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); $only_owned = has_specific_permission(get_member(), 'edit_midrange_content', 'cms_banners') ? NULL : get_member(); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering, is_null($only_owned) ? NULL : array('submitter' => $only_owned)); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['name']), '_SELF'); $deployment_agreement = new ocp_tempcode(); switch ($row['the_type']) { case 0: $deployment_agreement = do_lang_tempcode('BANNER_PERMANENT'); break; case 1: $deployment_agreement = do_lang_tempcode('BANNER_CAMPAIGN'); break; case 2: $deployment_agreement = do_lang_tempcode('BANNER_DEFAULT'); break; } $fr = array(hyperlink(build_url(array('page' => 'banners', 'type' => 'view', 'source' => $row['name']), get_module_zone('banners')), escape_html($row['name'])), $row['b_type'] == '' ? do_lang('GENERAL') : $row['b_type'], $deployment_agreement, strval($row['importance_modulus']), is_null($row['expiry_date']) ? protect_from_escaping(do_lang_tempcode('NA_EM')) : make_string_tempcode(get_timezoned_date($row['expiry_date'])), get_timezoned_date($row['add_date'])); if (addon_installed('unvalidated')) { $fr[] = $row['validated'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'); } $fr[] = protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, $row['name'])); $fields->attach(results_entry($fr, true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'mm_name ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('mm_name' => do_lang_tempcode('NAME'), 'mm_pin_state' => do_lang_tempcode('PIN_STATE'), 'mm_open_state' => do_lang_tempcode('OPEN_STATE'), 'mm_sink_state' => do_lang_tempcode('SINK_STATE')); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $header_row = results_field_title(array(do_lang_tempcode('NAME'), do_lang_tempcode('DESTINATION'), do_lang_tempcode('PIN_STATE'), do_lang_tempcode('OPEN_STATE'), do_lang_tempcode('SINK_STATE'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); foreach ($rows as $row) { $pin_state = do_lang_tempcode('NA_EM'); if (!is_null($row['mm_pin_state'])) { switch ($row['mm_pin_state']) { case 0: $pin_state = do_lang_tempcode('UNPIN_TOPIC'); break; case 1: $pin_state = do_lang_tempcode('PIN_TOPIC'); break; } } $open_state = do_lang_tempcode('NA_EM'); if (!is_null($row['mm_open_state'])) { switch ($row['mm_open_state']) { case 0: $open_state = do_lang_tempcode('CLOSE_TOPIC'); break; case 1: $open_state = do_lang_tempcode('OPEN_TOPIC'); break; } } $sink_state = do_lang_tempcode('NA_EM'); if (!is_null($row['mm_sink_state'])) { switch ($row['mm_sink_state']) { case 0: $sink_state = do_lang_tempcode('SINK_TOPIC'); break; case 1: $sink_state = do_lang_tempcode('UNSINK_TOPIC'); break; } } $destination = is_null($row['mm_move_to']) ? NULL : $GLOBALS['FORUM_DB']->query_value_null_ok('f_forums', 'f_name', array('id' => $row['mm_move_to'])); if (is_null($destination)) { $destination = do_lang_tempcode('NA_EM'); } $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $fields->attach(results_entry(array(get_translated_text($row['mm_name'], $GLOBALS['FORUM_DB']), $destination, $pin_state, $open_state, $sink_state, protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id'])))), true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * Standard modular run function. * * @return tempcode The result of execution. */ function run() { require_code('ocworld'); require_code('ocworld_screens'); // Decide what functions to execute for this command $command = either_param('type', 'room'); $param = either_param('param', ''); $dest_member_id = either_param_integer('user', -1); $member_id = get_member(); if (is_guest($member_id)) { ocw_refresh_with_message(do_lang_tempcode('W_NOT_LOGGED_IN'), 'warn'); return new ocp_tempcode(); } $item = either_param('item', ''); // Create the member if they aren't already in the system $member_rows = $GLOBALS['SITE_DB']->query_select('w_members', array('*'), array('id' => $member_id), '', 1); if (!array_key_exists(0, $member_rows)) { $member_rows[0] = array('id' => $member_id, 'location_realm' => 0, 'location_x' => 0, 'location_y' => 0, 'banned' => 0, 'health' => 10, 'trolled' => 0, 'lastactive' => time()); $GLOBALS['SITE_DB']->query_insert('w_members', $member_rows[0]); } $member_row = $member_rows[0]; // Check for banning if ($member_row['banned'] == 1) { ocw_refresh_with_message(do_lang_tempcode('W_YOU_BANNED'), 'warn'); } // Check for death if ($member_row['health'] < 1) { take_items($member_id); $GLOBALS['SITE_DB']->query_update('w_members', array('location_realm' => 0, 'location_x' => 0, 'location_y' => 0, 'banned' => 0, 'health' => 10), array('id' => $member_id), '', 1); ocw_refresh_with_message(do_lang_tempcode('W_YOU_DIED'), 'warn'); } // Mark as active $GLOBALS['SITE_DB']->query_update('w_members', array('lastactive' => time()), array('id' => $member_id), '', 1); destick($member_id); // Check to see if the user is locked into answering a trolls questions if ($member_row['trolled'] != 0) { $realm = $member_row['location_realm']; // Get the questions that were asked $i = 0; $trolled = $member_row['trolled']; $q = array(); $a = array(); while (($trolled & 255 << $i * 8) != 0) { $q_num = $trolled >> $i * 8 & 255; $q[$i + 1] = $GLOBALS['SITE_DB']->query_value('w_realms', 'q' . strval($q_num), array('id' => $realm)); $a[$i + 1] = $GLOBALS['SITE_DB']->query_value('w_realms', 'a' . strval($q_num), array('id' => $realm)); $i++; } $num_questions = $i; // Are we marking or answering? if (post_param('a1', '!!') != '!!') { // Mark them $pass = 0; for ($i = 1; $i <= $num_questions; $i++) { $given = strtolower(post_param('a' . strval($i))); $stored = strtolower($a[$i]); if ($given == $stored) { $pass++; } elseif (strstr(':' . $stored . ':', ':' . $given . ':') !== false) { $pass++; } } // Regardless they have had their chance: no more questions $GLOBALS['SITE_DB']->query_update('w_members', array('trolled' => 0), array('id' => $member_id), '', 1); if ($pass == 0) { $pen_id = mt_rand(0, 2); if ($pen_id == 0) { $joke = mt_rand(1, 10); $penalty = do_lang_tempcode('W_JOKE_' . strval($joke)); hurt($member_id); } if ($pen_id == 1) { $penalty = do_lang('W_PENALTY_STOLEN'); steal($member_id, -$realm - 1); } if ($pen_id == 2) { $penalty = do_lang('W_PENALTY_SENT_LOBBY'); basic_enter_room($member_id, $realm, 0, 0); } ocw_refresh_with_message(do_lang_tempcode('W_TROLL_YOU', escape_html($penalty)), 'warn'); } else { ocw_refresh_with_message(do_lang_tempcode('W_TROLL_THANKYOU', integer_format($pass))); } } else { $troll_name = $GLOBALS['SITE_DB']->query_value('w_realms', 'troll_name', array('id' => $realm)); $title = get_page_title('W_TROLL_Q', true, array(escape_html($troll_name))); $questions = new ocp_tempcode(); for ($i = 1; $i <= $num_questions; $i++) { $questions->attach(do_template('W_TROLL_QUESTION', array('_GUID' => 'b09eb44e4264a9dca5bdf651ca9a48d4', 'Q' => $q[$i], 'I' => strval($i)))); } return do_template('W_TROLL', array('_GUID' => 'e108ccaebc5b1adfa9db6b5b23e93602', 'TITLE' => $title, 'TROLL' => $troll_name, 'QUESTIONS' => $questions)); } } // There is a chance the troll on this realm will pick this 'turn' to move if (mt_rand(0, 6) == 1) { $realm = $member_row['location_realm']; $troll_id = -$realm - 1; $troll_loc = get_loc_details($troll_id, true); if (!is_null($troll_loc)) { list(, $troll_x, $troll_y) = $troll_loc; $dx = -1; $dy = -1; do { $dx = mt_rand(-1, 1); $dy = mt_rand(-1, 1); } while (!room_exists($troll_x + $dx, $troll_y + $dy, $realm)); $GLOBALS['SITE_DB']->query_update('w_members', array('location_x' => $troll_x + $dx, 'location_y' => $troll_y + $dy), array('id' => $troll_id), '', 1); } } require_code('uploads'); // What command are we being asked to do? if ($command == 'confirm') { $url = build_url(array('page' => 'ocworld'), '_SELF'); $command2 = either_param('btype', ''); $item = either_param('item', ''); $user = either_param_integer('user', -1); $param = either_param('param', ''); return do_template('W_CONFIRM_SCREEN', array('_GUID' => '365870cb4c6cb4282ff6c7a11f4f8a5b', 'TITLE' => get_page_title('W_CONFIRM_TITLE'), 'URL' => $url, 'COMMAND' => $command2, 'ITEM' => $item, 'USER' => strval($user), 'PARAM' => $param)); } if ($command == 'reallocate') { if (!has_specific_permission(get_member(), 'administer_ocworld')) { ocw_refresh_with_message(do_lang_tempcode('W_ONLY_STAFF_REALLOC'), 'warn'); } $out = new ocp_tempcode(); $rows = $GLOBALS['SITE_DB']->query_select('items', array('*'), array('copy_owner' => NULL)); foreach ($rows as $myrow) { $owner = $GLOBALS['SITE_DB']->query_value('w_itemdef', 'owner', array('name' => $myrow['name'])); if (!is_null($owner)) { $GLOBALS['SITE_DB']->query_update('w_items', array('copy_owner' => $owner), array('name' => $myrow['name'], 'copy_owner' => NULL)); $out->attach(paragraph(do_lang_tempcode('W_REALLOCATING', escape_html($myrow['name']), 'tfgdfgd4rf'))); } } return do_template('W_REALLOCATE', array('_GUID' => '8fa4b9205310d6bc2fc28348a52898d5', 'TITLE' => get_page_title('W_REALLOCATE'), 'OUT' => $out)); } if ($command == 'portal') { portal($member_id, intval($param)); } if ($command == 'realms') { realms(); return new ocp_tempcode(); } if ($command == 'up') { $tpl = try_to_enter_room($member_id, 0, -1, ''); if (!is_null($tpl)) { return $tpl; } ocw_refresh_with_message(new ocp_tempcode()); } if ($command == 'down') { $tpl = try_to_enter_room($member_id, 0, 1, ''); if (!is_null($tpl)) { return $tpl; } ocw_refresh_with_message(new ocp_tempcode()); } if ($command == 'right') { $tpl = try_to_enter_room($member_id, 1, 0, ''); if (!is_null($tpl)) { return $tpl; } ocw_refresh_with_message(new ocp_tempcode()); } if ($command == 'left') { $tpl = try_to_enter_room($member_id, -1, 0, ''); if (!is_null($tpl)) { return $tpl; } ocw_refresh_with_message(new ocp_tempcode()); } if ($command == 'answered') { $tpl = try_to_enter_room($member_id, post_param_integer('dx'), post_param_integer('dy'), $param); if (!is_null($tpl)) { return $tpl; } } if ($command == 'drop') { drop_wrap($member_id, $item); } if ($command == 'give') { give($member_id, $dest_member_id, $item); } if ($command == 'pickpocket') { pickpocket($member_id, $dest_member_id); } if ($command == 'use') { useitem($member_id, $item); } if ($command == 'take') { take($member_id, $item, $dest_member_id); } if ($command == 'buy') { buy($member_id, $item, $dest_member_id); } if ($command == 'inventory') { $tpl = output_inventory_screen($dest_member_id); return $tpl; } if ($command == 'findperson') { findperson($param == '' ? strval($dest_member_id) : $param); } if ($command == 'message') { message($member_id, post_param('post'), post_param_integer('tuser')); } if ($command == 'emergency') { basic_enter_room($member_id, 0, 0, 0); } if ($command == 'delete-message-by-person') { if (!has_specific_permission($member_id, 'administer_ocworld') && $member_id != $dest_member_id) { ocw_refresh_with_message(do_lang_tempcode('ACCESS_DENIED__I_ERROR', $GLOBALS['FORUM_DRIVER']->get_username(get_member())), 'warn'); } delete_message($member_id, $dest_member_id, addslashes($param)); } // Management if ($command == 'additem') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { $tpl = do_template('W_ITEM_SCREEN', array('_GUID' => '0246f7037a360996bdfb4f1dcf96bcfc', 'PRICE' => integer_format(get_price('mud_item')), 'TEXT' => paragraph(do_lang_tempcode('W_ADD_ITEM_TEXT')), 'TITLE' => get_page_title('W_ADD_ITEM_TITLE'), 'PAGE_TYPE' => 'additem', 'ITEM' => '', 'DESCRIPTION' => '', 'BRIBABLE' => '0', 'HEALTHY' => '0', 'PICTURE_URL' => '', 'MAX_PER_PLAYER' => '10', 'REPLICATEABLE' => '1')); return $tpl; } $urls = get_url('url', 'pic', 'uploads/ocworld', 0, OCP_UPLOAD_IMAGE); add_item_wrap($member_id, $name, post_param_integer('cost', 0), post_param_integer('not_infinite', 0), post_param_integer('bribable', 0), post_param_integer('healthy', 0), $urls[0], post_param_integer('max_per_player', -1), post_param_integer('replicateable', 0), post_param('description')); } if ($command == 'additemcopy') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { $rows = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'w_itemdef WHERE replicateable=1 OR owner=' . strval((int) get_member()) . ' ORDER BY name'); $items = ''; foreach ($rows as $myrow) { $items .= "<option value=\"" . escape_html($myrow['name']) . "\">" . escape_html($myrow['name']) . "</option>"; } if ($items == '') { ocw_refresh_with_message(do_lang_tempcode('W_NO_ITEMS_YET'), 'warn'); } if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($items); } $tpl = do_template('W_ITEMCOPY_SCREEN', array('_GUID' => '15799930bca51eafdee3c0a8e197866a', 'PRICE' => integer_format(get_price('mud_item_copy')), 'TEXT' => paragraph(do_lang_tempcode('W_ADD_ITEM_COPY_TEXT')), 'TITLE' => get_page_title('W_ADD_ITEM_COPY_TITLE'), 'PAGE_TYPE' => 'additemcopy', 'NOT_INFINITE' => '1', 'ITEMS' => $items, 'COST' => '')); return $tpl; } add_item_wrap_copy($member_id, $name, post_param_integer('cost'), post_param_integer('not_infinite', 0)); } if ($command == 'addroom') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { list($realm, $x, $y) = get_loc_details($member_id); $tpl = do_template('W_ROOM_SCREEN', array('_GUID' => '5357a6cf8648c952cf29c2b7234cfa6c', 'PRICE' => integer_format(get_price('mud_room')), 'TEXT' => paragraph(do_lang_tempcode('W_ADD_ROOM_TEXT')), 'ROOM_TEXT' => '', 'TITLE' => get_page_title('W_ADD_ROOM_TITLE'), 'PAGE_TYPE' => 'addroom', 'NAME' => '', 'PASSWORD_QUESTION' => '', 'PASSWORD_ANSWER' => '', 'PASSWORD_FAIL_MESSAGE' => '', 'REQUIRED_ITEM' => '', 'LOCKED_UP' => '0', 'LOCKED_DOWN' => '0', 'LOCKED_LEFT' => '0', 'LOCKED_RIGHT' => '0', 'ALLOW_PORTAL' => '1', 'PICTURE_URL' => '')); return $tpl; } $urls = get_url('url', 'pic', 'uploads/ocworld', 0, OCP_UPLOAD_IMAGE); add_room_wrap($member_id, post_param_integer('position'), $name, post_param('text'), post_param('password_question'), post_param('password_answer'), post_param('password_fail_message'), post_param('required_item'), post_param_integer('locked_up', 0), post_param_integer('locked_down', 0), post_param_integer('locked_right', 0), post_param_integer('locked_left', 0), $urls[0], post_param_integer('allow_portal', 0)); } if ($command == 'addrealm') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { $fortnights = (time() - $GLOBALS['FORUM_DRIVER']->get_member_join_timestamp(get_member())) / (60 * 60 * 24 * 7 * 2); $made = $GLOBALS['SITE_DB']->query_value('w_realms', 'COUNT(*)', array('owner' => get_member())); $left = round($fortnights - $made); $_qa = new ocp_tempcode(); for ($i = 1; $i <= 30; $i++) { $_qa->attach(do_template('W_REALM_SCREEN_QUESTION', array('_GUID' => '5fa7725f11b0df7e58ff83f2f1751515', 'I' => strval($i), 'Q' => '', 'A' => ''))); } $tpl = do_template('W_REALM_SCREEN', array('_GUID' => '7ae26fe1766aed02233e1be84772759b', 'PRICE' => integer_format(get_price('mud_realm')), 'TEXT' => paragraph(do_lang_tempcode('W_ADD_REALM_TEXT', integer_format($left))), 'TITLE' => get_page_title('W_ADD_REALM_TITLE'), 'PAGE_TYPE' => 'addrealm', 'QA' => $_qa, 'NAME' => '', 'TROLL_NAME' => '', 'PRIVATE' => '0')); return $tpl; } $i = 1; $qa = array(); while (strlen(post_param('question' . strval($i), '')) > 0) { $qa[$i] = array(); $qa[$i]['q'] = post_param('question' . strval($i)); $qa[$i]['a'] = post_param('answer' . strval($i)); $i++; } $urls1 = get_url('jail_pic_url', 'jail_pic', 'uploads/ocworld', 0, OCP_UPLOAD_IMAGE); $urls2 = get_url('jail_house_pic_url', 'jail_house_pic', 'uploads/ocworld', 0, OCP_UPLOAD_IMAGE); $urls3 = get_url('lobby_pic_url', 'lobby_pic', 'uploads/ocworld', 0, OCP_UPLOAD_IMAGE); add_realm_wrap($member_id, $name, post_param('troll_name'), post_param('jail_name'), post_param('jail_text'), $urls1[0], post_param('jail_house_name'), post_param('jail_house_text'), $urls2[0], post_param('lobby_name'), post_param('lobby_text'), $urls3[0], $qa, post_param_integer('private', 0)); } if ($command == 'addportal') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { $tpl = do_template('W_PORTAL_SCREEN', array('_GUID' => '69e74a964f69721d0381a920c4a25ce5', 'PRICE' => integer_format(get_price('mud_portal')), 'TEXT' => paragraph(do_lang_tempcode('W_ADD_PORTAL_TEXT')), 'TITLE' => get_page_title('W_ADD_PORTAL_TITLE'), 'PORTAL_TEXT' => '', 'PAGE_TYPE' => 'addportal', 'NAME' => '', 'END_LOCATION_REALM' => '', 'END_LOCATION_X' => '', 'END_LOCATION_Y' => '')); return $tpl; } add_portal_wrap($member_id, $name, post_param('text'), post_param_integer('end_location_realm', -1), post_param_integer('end_location_x', -1), post_param_integer('end_location_y', -1)); } if ($command == 'deleteitem') { require_code('ocworld_action'); delete_item_wrap($item); } if ($command == 'deleteroom') { require_code('ocworld_action'); delete_room_wrap($member_id); } if ($command == 'deleterealm') { require_code('ocworld_action'); delete_realm_wrap($member_id); } if ($command == 'deleteportal') { require_code('ocworld_action'); delete_portal_wrap($member_id, intval($param)); } // Admin commands if (has_specific_permission($member_id, 'administer_ocworld')) { if ($command == 'mergeitems') { merge_items($item, either_param('item2')); } if ($command == 'teleport-person') { $ast = strpos($param, ':'); $b = strpos($param, ':', $ast + 1); $realm = substr($param, 0, $ast); $x = intval(substr($param, $ast + 1, $b - $ast - 1)); $y = intval(substr($param, $b + 1)); basic_enter_room($dest_member_id, $realm, $x, $y); } if ($command == 'imprison-person') { imprison($dest_member_id); } if ($command == 'hurt-person') { hurt($dest_member_id); } if ($command == 'dehurt-person') { dehurt($dest_member_id); } if ($command == 'ban-person') { ban_member($dest_member_id); } if ($command == 'unban-person') { unban_member($dest_member_id); } if ($command == 'take-from-person') { steal($member_id, $dest_member_id); } } if ($command == 'edititem') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { $rows = $GLOBALS['SITE_DB']->query_select('w_itemdef', array('*'), array('name' => either_param('item')), '', 1); if (!array_key_exists(0, $rows)) { ocw_refresh_with_message(do_lang_tempcode('MISSING_RESOURCE'), 'warn'); } $row = $rows[0]; $tpl = do_template('W_ITEM_SCREEN', array('_GUID' => '1f581864bd2f0cbe05742e03ab6c2a53', 'TITLE' => get_page_title('W_EDIT_ITEM_TITLE'), 'PAGE_TYPE' => 'edititem', 'ITEM' => either_param('item'), 'DESCRIPTION' => $row['description'], 'BRIBABLE' => strval($row['bribable']), 'HEALTHY' => strval($row['healthy']), 'PICTURE_URL' => $row['picture_url'], 'OWNER' => is_null($row['owner']) ? '' : strval($row['owner']), 'MAX_PER_PLAYER' => strval($row['max_per_player']), 'REPLICATEABLE' => strval($row['replicateable']))); return $tpl; } $urls = get_url('url', 'pic', 'uploads/ocworld', 0, OCP_UPLOAD_IMAGE); edit_item_wrap($member_id, $item, $name, post_param_integer('bribable', 0), post_param_integer('healthy', 0), $urls[0], grab_new_owner('new_owner'), post_param_integer('max_per_player', -1), post_param_integer('replicateable', 0), post_param('description')); } if ($command == 'edititemcopy') { require_code('ocworld_action'); $cost = post_param_integer('cost', -1); if ($cost == -1) { $user = get_param_integer('user'); list($realm, $x, $y) = get_loc_details($member_id); $cost = $GLOBALS['SITE_DB']->query_value('w_items', 'cost', array('copy_owner' => $user, 'location_x' => $x, 'location_y' => $y, 'location_realm' => $realm, 'name' => get_param('item'))); $not_infinite = $GLOBALS['SITE_DB']->query_value('w_items', 'not_infinite', array('copy_owner' => $user, 'location_x' => $x, 'location_y' => $y, 'location_realm' => $realm, 'name' => get_param('item'))); $tpl = do_template('W_ITEMCOPY_SCREEN', array('_GUID' => 'a8d28f6516408dba96a8b57ddcd7cee6', 'TITLE' => get_page_title('W_EDIT_ITEM_COPY_TITLE'), 'PAGE_TYPE' => 'edititemcopy', 'NOT_INFINITE' => strval($not_infinite), 'X' => strval($x), 'Y' => strval($y), 'REALM' => strval($realm), 'ITEM' => get_param('item'), 'OWNER' => strval($user), 'COST' => strval($cost))); return $tpl; } edit_item_wrap_copy($member_id, $item, $cost, post_param_integer('not_infinite', 0), post_param_integer('new_x'), post_param_integer('new_y'), post_param_integer('new_realm'), grab_new_owner('new_owner')); } if ($command == 'editroom') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { list($location_realm, $x, $y) = get_loc_details($member_id); $rows = $GLOBALS['SITE_DB']->query_select('w_rooms', array('*'), array('location_x' => $x, 'location_y' => $y, 'location_realm' => $location_realm), '', 1); if (!array_key_exists(0, $rows)) { ocw_refresh_with_message(do_lang_tempcode('MISSING_RESOURCE'), 'warn'); } $row = $rows[0]; $tpl = do_template('W_ROOM_SCREEN', array('_GUID' => 'a4c5f8ae962cdbaa304135cf07c583a0', 'TITLE' => get_page_title('W_EDIT_ROOM_TITLE'), 'PAGE_TYPE' => 'editroom', 'X' => strval($x), 'Y' => strval($y), 'REALM' => strval($location_realm), 'NAME' => $row['name'], 'ROOM_TEXT' => $row['r_text'], 'PASSWORD_QUESTION' => $row['password_question'], 'PASSWORD_ANSWER' => $row['password_answer'], 'PASSWORD_FAIL_MESSAGE' => $row['password_fail_message'], 'REQUIRED_ITEM' => $row['required_item'], 'LOCKED_UP' => strval($row['locked_up']), 'LOCKED_DOWN' => strval($row['locked_down']), 'LOCKED_LEFT' => strval($row['locked_left']), 'LOCKED_RIGHT' => strval($row['locked_right']), 'ALLOW_PORTAL' => strval($row['allow_portal']), 'PICTURE_URL' => $row['picture_url'], 'OWNER' => is_null($row['owner']) ? '' : strval($row['owner']))); return $tpl; } $urls = get_url('url', 'pic', 'uploads/ocworld', 0, OCP_UPLOAD_IMAGE); edit_room_wrap($member_id, $name, post_param('text'), post_param('password_question'), post_param('password_answer'), post_param('password_fail_message'), post_param('required_item'), post_param_integer('locked_up', 0), post_param_integer('locked_down', 0), post_param_integer('locked_right', 0), post_param_integer('locked_left', 0), $urls[0], post_param_integer('allow_portal', 0), grab_new_owner('new_owner'), post_param_integer('new_x'), post_param_integer('new_y'), post_param_integer('new_realm')); } if ($command == 'editrealm') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { list($realm, , ) = get_loc_details($member_id); $rows = $GLOBALS['SITE_DB']->query_select('w_realms', array('*'), array('id' => $realm), '', 1); if (!array_key_exists(0, $rows)) { ocw_refresh_with_message(do_lang_tempcode('MISSING_RESOURCE'), 'warn'); } $row = $rows[0]; $qatc = new ocp_tempcode(); for ($i = 1; $i <= 30; $i++) { $qatc->attach(do_template('W_REALM_SCREEN_QUESTION', array('_GUID' => '0510427a3895969dede2bd13db7d46a6', 'I' => strval($i), 'Q' => $row['q' . strval($i)], 'A' => $row['a' . strval($i)]))); } $tpl = do_template('W_REALM_SCREEN', array('_GUID' => 'f2503e0be6e45a296baa8625cafb4d72', 'TITLE' => get_page_title('W_EDIT_REALM_TITLE'), 'PAGE_TYPE' => 'editrealm', 'OWNER' => is_null($row['owner']) ? '' : strval($row['owner']), 'QA' => $qatc, 'NAME' => $row['name'], 'TROLL_NAME' => $row['troll_name'], 'PRIVATE' => strval($row['r_private']))); return $tpl; } for ($i = 1; $i <= 30; $i++) { $qa[$i]['q'] = post_param('question' . strval($i)); $qa[$i]['a'] = post_param('answer' . strval($i)); } edit_realm_wrap($member_id, $name, post_param('troll_name'), $qa, post_param_integer('private', 0), grab_new_owner('new_owner')); } if ($command == 'editportal') { require_code('ocworld_action'); $name = post_param('name', ''); if ($name == '') { list($realm, $x, $y) = get_loc_details($member_id); $end_realm = get_param_integer('param'); $rows = $GLOBALS['SITE_DB']->query_select('w_portals', array('*'), array('start_location_x' => $x, 'start_location_y' => $y, 'start_location_realm' => $realm, 'end_location_realm' => $end_realm), '', 1); if (!array_key_exists(0, $rows)) { ocw_refresh_with_message(do_lang_tempcode('MISSING_RESOURCE'), 'warn'); } $row = $rows[0]; $tpl = do_template('W_PORTAL_SCREEN', array('_GUID' => 'cad0e01c1c4c410e67b775c3ff6eeb3a', 'TITLE' => get_page_title('W_EDIT_PORTAL_TITLE'), 'PAGE_TYPE' => 'editportal', 'X' => strval($x), 'Y' => strval($y), 'REALM' => strval($realm), 'PARAM' => $param, 'NAME' => $row['name'], 'PORTAL_TEXT' => $row['p_text'], 'END_LOCATION_REALM' => strval($end_realm), 'END_LOCATION_X' => strval($row['end_location_x']), 'END_LOCATION_Y' => strval($row['end_location_y']), 'OWNER' => is_null($row['owner']) ? '' : strval($row['owner']))); return $tpl; } edit_portal_wrap($member_id, intval($param), $name, post_param('text'), post_param_integer('end_location_realm'), post_param_integer('end_location_x'), post_param_integer('end_location_y'), grab_new_owner('new_owner'), post_param_integer('new_x'), post_param_integer('new_y'), post_param_integer('new_realm')); } if ($command == 'room') { return output_room_screen($member_id); } ocw_refresh_with_message(do_lang('SUCCESS')); return new ocp_tempcode(); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A quartet: The choose table, Whether re-ordering is supported from this screen, Search URL, Archive URL. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'cc_title ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('cc_title' => do_lang_tempcode('TITLE'), 'cc_add_date' => do_lang_tempcode('_ADDED')); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $fh = array(do_lang_tempcode('TITLE'), do_lang_tempcode('_ADDED')); $fh[] = do_lang_tempcode('ACTIONS'); $header_row = results_field_title($fh, $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); $catalogue_name = get_param('catalogue_name'); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering, array('c_name' => $catalogue_name)); $news_cat_titles = array(); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $fr = array(); $fr[] = protect_from_escaping(hyperlink(build_url(array('page' => 'catalogues', 'type' => 'category', 'id' => $row['id']), get_module_zone('catalogues')), get_translated_text($row['cc_title']), false, true)); $fr[] = get_timezoned_date($row['cc_add_date']); $fr[] = protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id']))); $fields->attach(results_entry($fr, true)); } $search_url = build_url(array('page' => 'search', 'id' => 'catalogue_categories'), get_module_zone('search')); $archive_url = build_url(array('page' => 'catalogues', 'type' => 'index', 'id' => $catalogue_name), get_module_zone('catalogues')); return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false, $search_url, $archive_url); }
/** * The upgrader.php script handler. */ function upgrade_script() { @ini_set('ocproducts.xss_detect', '0'); require_lang('upgrade'); require_code('database_action'); require_code('config2'); if (function_exists('set_time_limit')) { @set_time_limit(180); } if (array_key_exists('given_password', $_POST)) { $given_password = post_param('given_password'); if (check_master_password($given_password)) { $type = get_param('type', 'misc'); require_code('abstract_file_manager'); up_do_header(); if (post_param('ftp_username', '') != '') { $_POST['uses_ftp'] = '1'; _ftp_info(true); // To give early error if there's a problem } // Handle shared site upgrading with no per-site UI global $SITE_INFO; if (isset($SITE_INFO['custom_file_base_stub'])) { require_code('shared_installs'); $u = current_share_user(); if (!is_null($u)) { upgrade_sharedinstall_sites(); echo '<p>Now regenerate <kbd>template.sql</kbd>, using something like <kbd>mysqldump -uroot -p myocp_site_shareddemo > ~/public_html/template.sql</kbd></p>'; up_do_footer(); return; } } $show_more_link = true; switch ($type) { case 'misc': clear_caches_1(); $l_choices = do_lang('FU_CHOICES'); $oc = get_option('site_closed') == '0' ? do_lang('SITE_OPEN') : do_lang('SITE_CLOSED'); $a = float_to_raw_string(ocp_version_number()); $b = get_value('version'); if (is_null($b)) { $b = '2.5'; } $l_up_info = do_lang('FU_UP_INFO' . ($a == $b ? '_1' : '_2'), $a, $b); $l_fu_closedness = do_lang('FU_CLOSENESS', $oc); $l_maintenance = do_lang('FU_MAINTENANCE'); $l_upgrading = do_lang('FU_UPGRADING'); $l_take_backup = do_lang('FU_TAKE_BACKUP'); $l_clear_caches = fu_link('upgrader.php?type=decache', do_lang('FU_CLEAR_CACHES')); $l_check_permissions = fu_link('upgrader.php?type=check_perms', do_lang('FU_CHECK_PERMISSIONS')); $l_fix_permissions = fu_link('upgrader.php?type=fix_perms', do_lang('FU_FIX_PERMISSIONS')); $l_close_site = fu_link('upgrader.php?type=close_site', do_lang('FU_CLOSE_SITE'), get_option('site_closed') == '1'); $l_integrity_scan = fu_link('upgrader.php?type=integrity_scan&allow_merging=1', do_lang('FU_INTEGRITY_SCAN'), false, do_lang('FU_WILL_MERGE')); $l_integrity_scan_no_merging = fu_link('upgrader.php?type=integrity_scan', do_lang('FU_INTEGRITY_SCAN_NO_CSS_MERGE')); $l_database_upgrade = fu_link('upgrader.php?type=db_upgrade', do_lang('FU_DATABASE_UPGRADE')); $l_theme_upgrade = fu_link('upgrader.php?type=theme_upgrade', do_lang('FU_THEME_UPGRADE')); $l_open_site = fu_link('upgrader.php?type=open_site', do_lang('FU_OPEN_SITE'), get_option('site_closed') == '0'); $l_error_correction = do_lang('FU_ERROR_CORRECTION'); $l_not_for_patch = do_lang('FU_NOT_FOR_PATCH'); $l_tutorial = fu_link('http://ocportal.com/docs/tut_upgrade.htm', do_lang('FU_TUTORIAL')); $l_release_notes = do_lang('FU_RELEASE_NOTES'); $l_refer_release_notes = do_lang('FU_REFER_RELEASE_NOTES'); $news_id = post_param_integer('news_id', NULL); $tar_url = ''; if (!is_null($news_id)) { require_code('files'); $fetch_url = 'http://ocportal.com/uploads/website_specific/ocportal.com/scripts/fetch_release_details.php?news_id=' . strval($news_id) . '&from_version=' . urlencode(strval(ocp_version()) . '.' . ocp_version_minor()); $news = http_download_file($fetch_url, NULL, true, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 30.0); $details = unserialize($news); if ($details[0] != '') { $l_refer_release_notes = $details[0] . '<div style="overflow: auto; height: 150px">' . $details[2] . '</div>'; } $tar_url = $details[1]; } $l_download = fu_link('upgrader.php?type=file_upgrade&tar_url=' . urlencode(base64_encode($tar_url)), do_lang('FU_DOWNLOAD')); $l_important = do_lang('IMPORTANT'); $l_bugs = do_lang('FU_BUGS'); $l_upgrade_steps = do_lang('FU_UPGRADE_STEPS'); $l_action = do_lang('ACTION'); $l_step = do_lang('FU_STEP'); $l_estimated_time = do_lang('FU_ESTIMATED_TIME'); $l_safe_mode = fu_link('index.php?keep_safe_mode=1', do_lang('FU_SAFE_MODE')); $num_addons = $GLOBALS['SITE_DB']->query_value('addons', 'COUNT(*)'); $l_addon_management = fu_link('adminzone/index.php?page=admin_addons&keep_safe_mode=1', do_lang('FU_ADDON_MANAGEMENT', integer_format($num_addons)), $num_addons == 0); $l_customisations = do_lang('FU_CUSTOMISATIONS'); $closed = comcode_to_tempcode(get_option('closed'), NULL, true); $closed_url = build_url(array('page' => 'admin_config', 'type' => 'category', 'id' => 'SITE'), get_module_zone('admin_config'), NULL, false, false, false, 'group_CLOSED_SITE'); echo "\n<p>{$l_choices}</p>\n\n<div style=\"margin: 0 50px\">\n\t<h2>{$l_maintenance}…</h2><ul>\n\t\t<li>{$l_clear_caches}</li>\n\t\t<li>{$l_check_permissions}</li>\n\t\t<li>{$l_fix_permissions}</li>\n\t</ul>\n\n\t<h2 style=\"margin-top: 40px\">{$l_upgrading}…</h2>\n\n\t<h3>{$l_important}</h3>\n\n\t<p>{$l_bugs}</p>\n\n\t<h3>{$l_release_notes}</h3>\n\n\t<p>{$l_refer_release_notes}</p>\n\n\t<h3>{$l_upgrade_steps}</h3>\n\n\t<div class=\"wide_table_wrap\"><table style=\"margin-top: 5px\" class=\"solidborder wide_table spaced_table\">\n\t\t<tr>\n\t\t\t<th>{$l_step}</th>\n\t\t\t<th>{$l_action}</th>\n\t\t\t<th>{$l_estimated_time}</th>\n\t\t</tr>\n\t\t<tr><th>X</th><td>{$l_not_for_patch} {$l_tutorial}</td><td>" . escape_html(display_time_period(60 * 120)) . "</td></tr>\n\t\t<tr><th>1</th><td>{$l_take_backup}</td><td>" . escape_html(display_time_period(60 * 120)) . "</td></tr>\n\t\t<tr><th>2</th><td>{$l_close_site} {$l_fu_closedness}<br /><q style=\"font-style: italic\">" . $closed->evaluate() . "</q> <span class=\"associated_link_to_small\">[<a href=\"" . escape_html($closed_url->evaluate()) . "\" title=\"(this link will open in a new window)\" target=\"_blank\">" . do_lang('CHANGE') . "</a>]</span></td><td>" . escape_html(display_time_period(60)) . "</td></tr>\n\t\t<tr><th>3</th><td>{$l_download}</td><td>" . escape_html(display_time_period(60 * 5)) . "</td></tr>\n\t\t<tr><th>4</th><td>{$l_not_for_patch} {$l_integrity_scan_no_merging}<!-- " . do_lang('OR') . " {$l_integrity_scan}--></td><td>" . str_replace(' ', ' ', escape_html(display_time_period(60 * 10))) . " †</td></tr>\n\t\t<tr><th>5</th><td>{$l_not_for_patch} {$l_database_upgrade}<br />{$l_up_info}</td><td>" . escape_html(display_time_period(60 * 5)) . "</td></tr>\n\t\t<tr><th>6</th><td>{$l_not_for_patch} {$l_theme_upgrade}</td><td>" . escape_html(display_time_period(60 * 5)) . "</td></tr>\n\t\t<tr><th>7</th><td>{$l_clear_caches}</td><td>1 minute</td></tr>\n\t\t<tr><th>8</th><td>{$l_open_site} {$l_fu_closedness}</td><td>1 minute</td></tr>\n\t</table></div>\n\n\t<p>† {$l_customisations}</p>\n\n\t<h2 style=\"margin-top: 40px\">{$l_error_correction}…</h2><ul style=\"margin-top: 5px\">\n\t\t<li>{$l_safe_mode}</li>\n\t\t<li>{$l_addon_management}</li>\n\t</ul>\n</div>\n"; $show_more_link = false; break; case 'decache': clear_caches_2(); echo '<p>' . do_lang('SUCCESS') . '</p>'; break; case 'check_perms': echo check_perms(); break; case 'fix_perms': echo fix_perms(); break; case 'open_site': set_option('site_closed', '0'); echo '<p>' . do_lang('SUCCESS') . '</p>'; break; case 'close_site': set_option('closed', do_lang('FU_CLOSED_FOR_UPGRADES', get_site_name())); set_option('site_closed', '1'); echo '<p>' . do_lang('SUCCESS') . '</p>'; break; case 'file_upgrade': if (get_param('tar_url', '') == '') { echo do_lang('FU_FILE_UPGRADE_INFO'); } echo do_lang('FU_FILE_UPGRADE_INFO_MANUAL'); echo '<form title="' . do_lang('PROCEED') . '" enctype="multipart/form-data" action="upgrader.php?type=_file_upgrade" method="post">' . post_fields_relay(); echo '<label for="url">' . do_lang('URL') . '</label> <input type="text" id="url" name="url" value="' . escape_html(base64_decode(get_param('tar_url', ''))) . '" /> '; if (ocp_srv('HTTP_HOST') == 'ocportal.com' || $GLOBALS['DEBUG_MODE']) { echo '<br /><label for="upload">' . do_lang('UPLOAD') . '</label> <input type="file" id="upload" name="upload" />'; } echo '<input type="submit" value="' . do_lang('PROCEED') . '" />'; echo '</form>'; $show_more_link = false; break; case '_file_upgrade': require_code('tar'); if (function_exists('set_time_limit')) { @set_time_limit(0); } if (post_param('url', '') == '' && (ocp_srv('HTTP_HOST') == 'ocportal.com' || $GLOBALS['DEBUG_MODE'])) { $temp_path = $_FILES['upload']['tmp_name']; } else { if (post_param('url', '') == '') { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN')); } $temp_path = ocp_tempnam('ocpfu'); $myfile = fopen($temp_path, 'wb'); http_download_file(post_param('url'), NULL, true, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $myfile); fclose($myfile); } $upgrade_resource = tar_open($temp_path, 'rb'); //tar_extract_to_folder($upgrade_resource,'',true); disable_php_memory_limit(); $directory = tar_get_directory($upgrade_resource); // Uses up to around 5MB $data = array('todo' => array()); $popup_simple_extract = _ftp_info() === false; if (!$popup_simple_extract) { echo '<p>' . do_lang('EXTRACTING_MESSAGE') . '</p>'; } $addon_contents = array(); // Find addons foreach ($directory as $upgrade_file2) { // See if we can find an addon registry file in our upgrade TAR if (strpos($upgrade_file2['path'], '/addon_registry/') !== false && substr($upgrade_file2['path'], -4) == '.php') { $file_data = tar_get_file($upgrade_resource, $upgrade_file2['path']); $addon_contents[basename($upgrade_file2['path'], '.php')] = $file_data['data']; } } // Process files foreach ($directory as $offset => $upgrade_file) { // skip over these, from manually installer package (which may be used for an upgrade) if ($upgrade_file['path'] == 'info.php') { continue; } if ($upgrade_file['path'] == 'install.php') { continue; } if ($upgrade_file['path'] == 'install.sql') { continue; } if ($upgrade_file['path'] == 'info.php.template') { continue; } if (!$popup_simple_extract) { // See if we can skip the file, if the on-disk version is identical? if (file_exists(get_file_base() . '/' . $upgrade_file['path']) && filesize(get_file_base() . '/' . $upgrade_file['path']) == $upgrade_file['size']) { $tar_data = tar_get_file($upgrade_resource, $upgrade_file['path']); if (file_get_contents(get_file_base() . '/' . $upgrade_file['path']) == $tar_data['data']) { echo do_lang('U_SKIPPING_MESSAGE', escape_html($upgrade_file['path'])) . '<br />'; continue; } } } // Addon registry file, for installed addon if (strpos($upgrade_file['path'], '/addon_registry/') !== false && file_exists(get_file_base() . '/' . $upgrade_file['path'])) { if (substr($upgrade_file['path'], -1) != '/') { if ($popup_simple_extract) { $data['todo'][] = array($upgrade_file['path'], $upgrade_file['mtime'], $offset + 512, $upgrade_file['size'], ($upgrade_file['mode'] & 02) != 0); } else { $file_data = tar_get_file($upgrade_resource, $upgrade_file['path']); afm_make_file($upgrade_file['path'], $file_data['data'], ($file_data['mode'] & 02) != 0); echo do_lang('U_EXTRACTING_MESSAGE', escape_html($upgrade_file['path'])) . '<br />'; } } } else { // Some other file $found = NULL; if (substr($upgrade_file['path'], -1) != '/') { foreach ($addon_contents as $addon_name => $addon_data) { // See if this is the addon for the file $shortened_path = $upgrade_file['path']; $shortened_path = preg_replace('#^themes/default/(templates|css)/#', '', $shortened_path); if (strpos($addon_data, '\'' . addslashes($shortened_path) . '\'') !== false) { $found = $addon_name; break; } } } // Install if either of the following is true: // - it's some file not in an addon (shouldn't actually happen) // - it's a new addon (addon that is not installed or uninstalled i.e. does not have an exported mod file) // - it's a file in an addon we have installed // - we're upgrading from an ocPortal version that doesn't support addons yet if (is_null($found) || !file_exists(get_file_base() . '/imports/mods/' . $found . '.tar') || file_exists(get_file_base() . '/sources/hooks/systems/addon_registry/' . $found . '.php') || !file_exists(get_file_base() . '/sources/hooks/systems/addon_registry')) { if (substr($upgrade_file['path'], -1) == '/') { afm_make_directory($upgrade_file['path'], false, true); } else { if ($popup_simple_extract) { $data['todo'][] = array($upgrade_file['path'], $upgrade_file['mtime'], $offset + 512, $upgrade_file['size'], ($upgrade_file['mode'] & 02) != 0); } else { $file_data = tar_get_file($upgrade_resource, $upgrade_file['path']); if (!file_exists(get_file_base() . '/' . dirname($upgrade_file['path']))) { afm_make_directory(dirname($upgrade_file['path']), false, true); } afm_make_file($upgrade_file['path'], $file_data['data'], ($file_data['mode'] & 02) != 0); echo do_lang('U_EXTRACTING_MESSAGE', escape_html($upgrade_file['path'])) . '<br />'; } } } if (substr($upgrade_file['path'], -1) != '/') { // If true: We need to copy it into our archived addon so that addon is kept up-to-date if (!is_null($found) && file_exists(get_file_base() . '/imports/mods/' . $found . '.tar')) { $old_mod_file = tar_open(get_file_base() . '/imports/mods/' . $found . '.tar', 'rb'); $new_mod_file = tar_open(get_file_base() . '/imports/mods/' . $found . '.new.tar', 'wb'); $directory2 = tar_get_directory($old_mod_file, true); if (!is_null($directory2)) { foreach ($directory2 as $d) { if ($d['path'] == $upgrade_file['path']) { continue; } $file_data = tar_get_file($old_mod_file, $d['path']); if ($d['path'] == 'mod.inf') { $file_data['data'] = preg_replace('#^version=.*#m', 'version=(version-synched)', $file_data['data']); } tar_add_file($new_mod_file, $d['path'], $file_data['data'], $d['mode'], $d['mtime']); } $file_data = tar_get_file($upgrade_resource, $upgrade_file['path']); tar_add_file($new_mod_file, $upgrade_file['path'], $file_data['data'], $upgrade_file['mode'], $upgrade_file['mtime']); tar_close($new_mod_file); tar_close($old_mod_file); unlink(get_file_base() . '/imports/mods/' . $found . '.tar'); rename(get_file_base() . '/imports/mods/' . $found . '.new.tar', get_file_base() . '/imports/mods/' . $found . '.tar'); echo do_lang('U_PACKING_MESSAGE', escape_html($upgrade_file['path'])) . '<br />'; } } } } } tar_close($upgrade_resource); if ($popup_simple_extract) { copy($temp_path, get_custom_file_base() . '/data_custom/upgrader.tar.tmp'); @unlink($temp_path); $temp_path = get_custom_file_base() . '/data_custom/upgrader.tar.tmp'; $tmp_data_path = get_custom_file_base() . '/data_custom/upgrader.tmp'; $tmp_data_file = fopen($tmp_data_path, 'wb'); fwrite($tmp_data_file, serialize($data)); fclose($tmp_data_file); global $SITE_INFO; $extract_url = get_base_url() . '/data/upgrader2.php?hashed_password='******'admin_password']) . '&tmp_path=' . urlencode($temp_path) . '&file_offset=0&tmp_data_path=' . urlencode($tmp_data_path) . '&done=' . urlencode(do_lang('DONE')); echo '<p>' . do_lang('FU_EXTRACTING_WINDOW', integer_format(count($data['todo']))) . '</p>'; echo '<iframe frameBorder="0" title="" style="width: 100%; height: 400px" src="' . escape_html($extract_url) . '"></iframe>'; } else { echo '<p>' . do_lang('SUCCESS') . '</p>'; @unlink($temp_path); } unset($_POST['news_id']); break; case 'integrity_scan': $allow_merging = either_param_integer('allow_merging', 0); echo run_integrity_check(false, $allow_merging == 1); break; case '_integrity_scan': _integrity_scan(); echo '<p>' . do_lang('SUCCESS') . '</p>'; break; case 'db_upgrade': $something_done = false; clear_caches_2(); if (version_specific()) { echo do_lang('FU_UPGRADED_CORE_TABLES'); $something_done = true; } $done = upgrade_modules(); if ($done != '') { echo do_lang('FU_UPGRADE_MODULES', $done); $something_done = true; } if (!$something_done) { echo do_lang('NO_UPGRADE_DONE'); } $version_files = ocp_version_number(); $_version_database = get_value('ocf_version'); $version_database = floatval($_version_database); if (is_null($_version_database)) { $version_database = 2.1; } // Either 2.0 or 2.1, and they are equivalent in terms of what we need to do if ($version_database < $version_files) { echo do_lang('FU_MUST_UPGRADE_OCF', fu_link('upgrader.php?type=ocf', do_lang('FU_UPGRADE_OCF'))); } break; case 'theme_upgrade': echo upgrade_themes(); break; case 'ocf': // Only to be launched as a consequent of db_upgrade if (ocf_upgrade()) { echo '<p>' . do_lang('SUCCESS') . '</p>'; } else { echo do_lang('FU_NO_OCF_UPGRADE'); } break; } if ($show_more_link) { echo '<hr /><div>' . fu_link('upgrader.php?type=misc', do_lang('MORE_OPTIONS')) . '</div>'; } } else { up_do_header(); up_do_login(do_lang('USER_BAD_PASSWORD')); } } else { up_do_header(); up_do_login(); } up_do_footer(); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 's_title ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('s_title' => do_lang_tempcode('TITLE'), 's_cost' => do_lang_tempcode('COST'), 's_length' => do_lang_tempcode('SUBSCRIPTION_LENGTH'), 's_group_id' => do_lang_tempcode('GROUP'), 's_enabled' => do_lang('ENABLED')); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $header_row = results_field_title(array(do_lang_tempcode('TITLE'), do_lang_tempcode('COST'), do_lang_tempcode('SUBSCRIPTION_LENGTH'), do_lang_tempcode('GROUP'), do_lang('ENABLED'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_lang('ecommerce'); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering, NULL, get_forum_type() != 'ocf'); foreach ($rows as $r) { $edit_link = build_url($url_map + array('id' => $r['id']), '_SELF'); $fields->attach(results_entry(array(get_translated_text($r['s_title'], $GLOBALS[get_forum_type() == 'ocf' ? 'FORUM_DB' : 'SITE_DB']), $r['s_cost'], do_lang('_LENGTH_UNIT_' . $r['s_length_units'], integer_format($r['s_length'])), ocf_get_group_name($r['s_group_id']), $r['s_enabled'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($r['id'])))), true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * Get the products details * * @param ?AUTO_LINK Product ID (NULL: read from environment, product_id) * @return array A map of product name to list of product details. */ function get_product_details($pid = NULL) { require_code('catalogues'); $product_det = array(); if (is_null($pid)) { $pid = either_param_integer('product_id'); } $qty = post_param_integer('quantity', 1); $catalogue_name = $GLOBALS['SITE_DB']->query_value_null_ok('catalogue_entries', 'c_name', array('id' => $pid)); if (is_null($catalogue_name)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $product_det = get_catalogue_entry_field_values($catalogue_name, $pid, NULL, NULL, true); foreach ($product_det as $key => $value) { $product_det[$key] = array_key_exists('effective_value_pure', $value) ? $value['effective_value_pure'] : $value['effective_value']; } for ($i = 0; $i <= 9; $i++) { if (!isset($product_det[$i])) { $product_det[$i] = ''; } } $product = array('product_id' => $pid, 'product_name' => $product_det[0], 'product_code' => $product_det[1], 'price' => $product_det[2], 'tax' => preg_replace('#[^\\d\\.]#', '', $product_det[6]), 'description' => $product_det[9], 'quantity' => $qty, 'product_type' => 'catalogue_items', 'product_weight' => floatval($product_det[8])); return $product; }
/** * AJAX script for HTML<>Comcode conversion (and Comcode-Text>Comcode-XML). */ function comcode_convert_script() { header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past global $EXTRA_HEAD; if (!isset($EXTRA_HEAD)) { $EXTRA_HEAD = new ocp_tempcode(); } $EXTRA_HEAD->attach('<meta name="robots" content="noindex" />'); // XHTMLXHTML require_lang('comcode'); convert_data_encodings(true); $data = post_param('data', NULL, false, false); if (is_null($data)) { $title = get_page_title('_COMCODE'); $fields = new ocp_tempcode(); require_code('form_templates'); $fields->attach(form_input_huge(do_lang_tempcode('TEXT'), '', 'data', '', true)); $fields->attach(form_input_tick('Convert HTML to Comcode', '', 'from_html', false)); $fields->attach(form_input_tick('Convert to semihtml', '', 'semihtml', false)); $fields->attach(form_input_tick('Lax mode (less parse rules)', '', 'lax', false)); $hidden = new ocp_tempcode(); $hidden->attach(form_input_hidden('to_comcode_xml', strval(either_param_integer('to_comcode_xml', 0)))); $out2 = globalise(do_template('FORM_SCREEN', array('_GUID' => 'dd82970fa1196132e07049871c51aab7', 'TITLE' => $title, 'SUBMIT_NAME' => do_lang_tempcode('VIEW'), 'TEXT' => '', 'HIDDEN' => $hidden, 'URL' => find_script('comcode_convert', true), 'FIELDS' => $fields)), NULL, '', true); $out2->evaluate_echo(); return; } $panel = either_param_integer('panel', NULL); if (!is_null($panel)) { global $TEMPCODE_SETGET; if ($panel == 0) { $TEMPCODE_SETGET['in_panel'] = '0'; } else { $TEMPCODE_SETGET['in_panel'] = '1'; } } if (either_param_integer('to_comcode_xml', 0) == 1) { require_code('comcode_conversion'); $out = comcode_text__to__comcode_xml($data); } elseif (either_param_integer('from_html', 0) == 1) { require_code('comcode_from_html'); $out = trim(semihtml_to_comcode($data)); } else { if (either_param_integer('lax', 0) == 1) { $GLOBALS['LAX_COMCODE'] = true; } if (either_param_integer('is_semihtml', 0) == 1) { require_code('comcode_from_html'); $data = semihtml_to_comcode($data); } $db = $GLOBALS['SITE_DB']; if (get_param_integer('forum_db', 0) == 1) { $db = $GLOBALS['FORUM_DB']; } $tpl = comcode_to_tempcode($data, get_member(), false, 60, NULL, $db, either_param_integer('semihtml', 0) == 1, false, false, false); $evaluated = $tpl->evaluate(); $out = ''; if ($evaluated != '') { if (get_param_integer('css', 0) == 1) { global $CSSS; unset($CSSS['global']); unset($CSSS['no_cache']); $out .= static_evaluate_tempcode(css_tempcode()); } if (get_param_integer('javascript', 0) == 1) { global $JAVASCRIPTS; unset($JAVASCRIPTS['javascript']); unset($JAVASCRIPTS['javascript_staff']); $out .= static_evaluate_tempcode(javascript_tempcode()); } } $out .= trim(trim($evaluated)); } if (either_param_integer('fix_bad_html', 0) == 1) { require_code('xhtml'); $new = xhtmlise_html($out, true); if (preg_replace('#<!--.*-->#Us', '', preg_replace('#\\s+#', '', $new)) != preg_replace('#<!--.*-->#Us', '', preg_replace('#\\s+#', '', $out))) { /*$myfile=fopen(get_file_base().'/a','wb'); fwrite($myfile,preg_replace('#<!--.*-->#Us','',preg_replace('#\s+#',chr(10),$new))); fclose($myfile); $myfile=fopen(get_file_base().'/b','wb'); fwrite($myfile,preg_replace('#<!--.*-->#Us','',preg_replace('#\s+#',chr(10),$out))); fclose($myfile);*/ $out = $new . do_lang('BROKEN_XHTML_FIXED'); } } if (either_param_integer('keep_skip_rubbish', 0) == 0) { @ini_set('ocproducts.xss_detect', '0'); $box_title = get_param('box_title', ''); if (is_object($out)) { $out = $out->evaluate(); } if ($box_title != '' && $out != '') { $out = static_evaluate_tempcode(put_in_standard_box(make_string_tempcode($out), $box_title)); } header('Content-Type: text/xml'); echo '<?xml version="1.0" encoding="' . get_charset() . '"?' . '>'; echo '<request><result>'; echo xmlentities($out); echo '</result></request>'; } else { header('Content-type: text/plain; charset=' . get_charset()); echo $out; } }
/** * The actualiser to do an import. * * @return tempcode The UI */ function do_import() { $refresh_url = get_self_url(true, false, array('type' => 'import'), true); $refresh_time = either_param_integer('refresh_time', 15); // Shouldn't default, but reported on some systems to do so if (function_exists('set_time_limit')) { @set_time_limit($refresh_time); } header('Content-type: text/html; charset=' . get_charset()); @ini_set('log_errors', '0'); global $I_REFRESH_URL; $I_REFRESH_URL = $refresh_url; require_code('database_action'); $title = get_page_title('IMPORT'); $importer = get_param('importer'); require_code('hooks/modules/admin_import/' . filter_naughty_harsh($importer)); $object = object_factory('Hook_' . filter_naughty_harsh($importer)); // Get data $old_base_dir = either_param('old_base_dir'); if (method_exists($object, 'verify_base_path') && !$object->verify_base_path($old_base_dir)) { warn_exit(do_lang_tempcode('BAD_IMPORT_PATH', escape_html($old_base_dir))); } if (method_exists($object, 'probe_db_access')) { list($db_name, $db_user, $db_password, $db_table_prefix) = $object->probe_db_access(either_param('old_base_dir')); } else { $db_name = either_param('db_name'); $db_user = either_param('db_user'); $db_password = either_param('db_password'); $db_table_prefix = either_param('db_table_prefix'); } if ($db_name == get_db_site() && $importer == 'ocp_merge' && $db_table_prefix == $GLOBALS['SITE_DB']->get_table_prefix()) { warn_exit(do_lang_tempcode('IMPORT_SELF_NO')); } $import_source = is_null($db_name) ? NULL : new database_driver($db_name, get_db_site_host(), $db_user, $db_password, $db_table_prefix); // Some preliminary tests $happy = get_param_integer('happy', 0); if (method_exists($object, 'pre_import_tests') && $happy == 0) { $ui = $object->pre_import_tests($import_source, $db_table_prefix, $old_base_dir); if (!is_null($ui)) { return $ui; } } // Save data $GLOBALS['SITE_DB']->query_delete('import_session', array('imp_session' => get_session_id()), '', 1); $GLOBALS['SITE_DB']->query_insert('import_session', array('imp_hook' => '', 'imp_old_base_dir' => $old_base_dir, 'imp_db_name' => is_null($db_name) ? '' : $db_name, 'imp_db_user' => is_null($db_user) ? '' : $db_user, 'imp_db_table_prefix' => is_null($db_table_prefix) ? '' : $db_table_prefix, 'imp_refresh_time' => $refresh_time, 'imp_session' => get_session_id())); $info = $object->info(); $_import_list = $info['import']; $out = new ocp_tempcode(); $parts_done = collapse_2d_complexity('imp_id', 'imp_session', $GLOBALS['SITE_DB']->query_select('import_parts_done', array('imp_id', 'imp_session'), array('imp_session' => get_session_id()))); $import_last = '-1'; if (get_forum_type() != 'ocf') { require_code('forum/ocf'); $GLOBALS['OCF_DRIVER'] = new forum_driver_ocf(); $GLOBALS['OCF_DRIVER']->connection = $GLOBALS['SITE_DB']; $GLOBALS['OCF_DRIVER']->MEMBER_ROWS_CACHED = array(); } $_import_list[] = 'ocf_switch'; $all_skipped = true; $lang_array = array(); $hooks = find_all_hooks('modules', 'admin_import_types'); foreach (array_keys($hooks) as $hook) { require_code('hooks/modules/admin_import_types/' . filter_naughty_harsh($hook)); $_hook = object_factory('Hook_admin_import_types_' . filter_naughty_harsh($hook)); $lang_array += $_hook->run(); } foreach ($_import_list as $import) { $import_this = either_param_integer('import_' . $import, 0); if ($import_this == 1) { $dependency = NULL; if (array_key_exists('dependencies', $info) && array_key_exists($import, $info['dependencies'])) { foreach ($info['dependencies'][$import] as $_dependency) { if (!array_key_exists($_dependency, $parts_done) && isset($lang_array[$_dependency])) { $dependency = $_dependency; } } } if (is_null($dependency)) { if ($import == 'ocf_switch') { $out->attach($this->ocf_switch()); } else { $function_name = 'import_' . $import; ocf_over_local(); $func_output = call_user_func_array(array($object, $function_name), array($import_source, $db_table_prefix, $old_base_dir)); if (!is_null($func_output)) { $out->attach($func_output); } ocf_over_msn(); } $parts_done[$import] = get_session_id(); $import_last = $import; $all_skipped = false; $GLOBALS['SITE_DB']->query_delete('import_parts_done', array('imp_id' => $import, 'imp_session' => get_session_id()), '', 1); $GLOBALS['SITE_DB']->query_insert('import_parts_done', array('imp_id' => $import, 'imp_session' => get_session_id())); } else { $out->attach(do_template('IMPORT_MESSAGE', array('_GUID' => 'b2a853f5fb93beada51a3eb8fbd1575f', 'MESSAGE' => do_lang_tempcode('IMPORT_OF_SKIPPED', escape_html($import), escape_html($dependency))))); } } } if (!$all_skipped) { $lang_code = 'SUCCESS'; if (count($GLOBALS['ATTACHED_MESSAGES_RAW']) != 0) { $lang_code = 'SOME_ERRORS_OCCURRED'; } $out->attach(do_template('IMPORT_MESSAGE', array('_GUID' => '4c4860d021814ffd1df6e21e712c7b44', 'MESSAGE' => do_lang_tempcode($lang_code)))); } log_it('IMPORT'); // Quick and simple decacheing. No need to be smart about this. delete_value('ocf_member_count'); delete_value('ocf_topic_count'); delete_value('ocf_post_count'); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('IMPORT')), array('_SELF:_SELF:session', do_lang_tempcode('IMPORT_SESSION')), array('_SELF:_SELF:hook:importer=' . $importer . ':session=' . get_param('session'), do_lang_tempcode('IMPORT')))); breadcrumb_set_self(do_lang_tempcode('START')); $back_url = build_url(array('page' => '_SELF', 'type' => 'hook', 'importer' => get_param('importer'), 'just' => $import_last), '_SELF'); $_GET['just'] = $import_last; return $this->choose_actions($out); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A quartet: The choose table, Whether re-ordering is supported from this screen, Search URL, Archive URL. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $default_order = 'g_name ASC'; $current_ordering = get_param('sort', $default_order, true); $sortables = array('g_name' => do_lang_tempcode('NAME')); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $header_row = results_field_title(array(do_lang_tempcode('NAME'), do_lang_tempcode('OPEN_MEMBERSHIP'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); $count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)', array('g_is_private_club' => 1)); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering, $count > 300 || !has_specific_permission(get_member(), 'control_usergroups') ? array('g_group_leader' => get_member(), 'g_is_private_club' => 1) : array('g_is_private_club' => 1)); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $fr = array(protect_from_escaping(ocf_get_group_link($row['id'])), $row['g_open_membership'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO')); $fr[] = protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id']))); $fields->attach(results_entry($fr, true)); } $search_url = build_url(array('page' => 'search', 'id' => 'ocf_clubs'), get_module_zone('search')); $archive_url = build_url(array('page' => 'groups'), get_module_zone('groups')); return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order, 'sort'), false, $search_url, $archive_url); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'w_name ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('w_name' => do_lang_tempcode('NAME'), 'w_subject' => do_lang_tempcode('SUBJECT'), 'w_send_time' => do_lang_tempcode('SEND_TIME')); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $header_row = results_field_title(array(do_lang_tempcode('NAME'), do_lang_tempcode('SUBJECT'), do_lang_tempcode('SEND_TIME'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $fields->attach(results_entry(array($row['w_name'], get_translated_text($row['w_subject']), do_lang_tempcode('HOURS', escape_html(strval($row['w_send_time']))), protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id'])))), true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * Standard import function. * * @param object The DB connection to import from * @param string The table prefix the target prefix is using * @param PATH The base directory we are importing from */ function import_pages($db, $table_prefix, $file_base) { unset($db); unset($table_prefix); require_code('files2'); $files = @get_directory_contents($file_base); $theme = either_param('theme'); $convert_to_comcode = either_param_integer('convert_to_comcode', 0); $fix_html = either_param_integer('fix_html', 0); $base_url = either_param('base_url'); if (substr($base_url, -1) == '/') { $base_url = substr($base_url, 0, strlen($base_url) - 1); } // Find all htm/html/php files $content_files = array(); foreach ($files as $i => $file) { if (substr(strtolower($file), -4) == '.htm' || substr(strtolower($file), -5) == '.html' || substr(strtolower($file), -4) == '.php') { $content_files[] = $file; unset($files[$i]); } } if (count($content_files) == 0) { warn_exit(do_lang_tempcode('NO_PAGES_FOUND')); } // Discern new zones needed // Note: files in directories in a deep path will be considered in a zone name changed so underscores replace slashes $new_zones = array(); $current_zones = find_all_zones(); foreach ($content_files as $file) { $zone = str_replace('/', '_', dirname($file)); if ($zone == '.') { $zone = ''; } if (!in_array($zone, $current_zones)) { $new_zones[] = $zone; } } $new_zones = array_unique($new_zones); // (Maybe AFM needed here - if zones have to be created, and possibly .htaccess changed to incorporate zone names in the redirects) if (count($new_zones) != 0) { require_code('abstract_file_manager'); force_have_afm_details(); $change_htaccess = get_option('htm_short_urls') == '1'; $htaccess_path = get_file_base() . '/.htaccess'; if ($change_htaccess && file_exists($htaccess_path) && is_writable_wrap($htaccess_path)) { $htaccess = file_get_contents($htaccess_path); $htaccess = preg_replace('#\\(site\\|forum\\|adminzone\\|cms\\|collaboration[^\\)]*#', '${0}|' . implode('|', $new_zones), $htaccess); $myfile = fopen($htaccess_path, 'wt'); fwrite($myfile, $htaccess); fclose($myfile); fix_permissions($htaccess_path); sync_file($htaccess_path); } // Create new zones as needed (and set them to our chosen theme too) require_code('zones2'); foreach ($new_zones as $zone) { actual_add_zone($zone, ucwords(str_replace('_', ' ', $zone)), 'start', '', $theme, 0, 0); } } // Discern cruft in htm/html via looking for best levenshtein to length ratio over a few pages; scan by tag, not by byte $compare_file_contents = array(); shuffle($content_files); for ($i = 0; $i < min(2, count($content_files)); $i++) { $file_contents = file_get_contents($file_base . '/' . $content_files[$i]); $compare_file_contents[$content_files[$i]] = $this->_html_filter($file_contents, $fix_html, $base_url, $files, $file_base); } $cruft = array(); if (count($compare_file_contents) > 1) { $to_find = array(); if (file_exists($file_base . '/header.txt')) { $cruft['HEADER'] = $this->_html_filter(file_get_contents($file_base . '/header.txt'), $fix_html, $base_url, $files, $file_base); } else { $to_find[] = 'HEADER'; } if (file_exists($file_base . '/footer.txt')) { $cruft['FOOTER'] = $this->_html_filter(file_get_contents($file_base . '/footer.txt'), $fix_html, $base_url, $files, $file_base); } else { $to_find[] = 'FOOTER'; } foreach ($to_find as $template_wanted) { $best_ratios = array(); foreach ($compare_file_contents as $i => $reference_file) { if ($template_wanted == 'HEADER') { $last_pos = strpos($reference_file, '<body'); if ($last_pos === false) { $last_pos = 0; } else { $last_pos += 5; } } else { $last_pos = strlen($reference_file) - 1; } $best_av_ratios = mixed(); $ratios = array(); while ($last_pos !== false) { //@print('!'.(strlen($reference_file)-$last_pos).' '.$lv.' '.$ratio.'<br />'.chr(10));flush();if (@$dd++==180) @exit('fini'); // Useful for debugging if ($template_wanted == 'HEADER') { $next_pos = strpos($reference_file, '<', $last_pos); } else { $next_pos = strrpos(substr($reference_file, 0, $last_pos), '<'); } if ($next_pos !== false) { if ($template_wanted == 'HEADER') { $up_to = substr($reference_file, 0, $next_pos); } else { $up_to = substr($reference_file, $next_pos); } $all_ratios_for_pos = array(); foreach ($compare_file_contents as $j => $other_file) { if ($i != $j) { if ($template_wanted == 'HEADER') { $up_to_other_file = substr($other_file, 0, $next_pos); } else { $up_to_other_file = substr($other_file, $next_pos - (strlen($reference_file) - strlen($other_file))); } $lv = fake_levenshtein($up_to, $up_to_other_file); if ($template_wanted == 'HEADER') { $ratio = floatval($lv) * 3 - floatval($next_pos + 1); // We want this number to be as small as possible. We have multiplied the levenshtein distance because we care about that more than length (this number reached by experimentation); HTML has a low entropy which this number is fighting against. } else { $ratio = floatval($lv) * 3 - floatval(strlen($reference_file) - $next_pos); // We want this number to be as small as possible. We have multiplied the levenshtein distance because we care about that more than length (this number reached by experimentation); HTML has a low entropy which this number is fighting against. } $all_ratios_for_pos[] = $ratio; } } $av_ratios = array_sum($all_ratios_for_pos) / floatval(count($all_ratios_for_pos)); if (is_null($best_av_ratios) || $av_ratios < $best_av_ratios) { $best_av_ratios = $av_ratios; } elseif ($av_ratios > $best_av_ratios + 300) { break; } $ratios[$next_pos] = $av_ratios; if ($template_wanted == 'HEADER') { $next_pos++; } else { $next_pos--; } } $last_pos = $next_pos; } asort($ratios); $best_by_pos = array_keys($ratios); $best_ratios[] = array($best_by_pos[0], $ratios[$best_by_pos[0]], $reference_file); } $best = mixed(); $best_pos = NULL; $best_reference_file = NULL; foreach ($best_ratios as $bits) { list($pos, $ratio, $reference_file) = $bits; if (is_null($best) || $ratio < $best) { $best = $ratio; $best_pos = $pos; $best_reference_file = $reference_file; } } if ($template_wanted == 'HEADER') { $cruft[$template_wanted] = substr($best_reference_file, 0, $best_pos); } else { $cruft[$template_wanted] = substr($best_reference_file, $best_pos); } } } else { // We can't find any common consistency when we only have one, so we mark all cruft and then later we will actually assume GLOBAL.tpl does not change and the only header/footer bit is the logical one $cruft['HEADER'] = array_key_exists(0, $compare_file_contents) ? $compare_file_contents[0] : ''; $cruft['FOOTER'] = array_key_exists(1, $compare_file_contents) ? $compare_file_contents[0] : ''; } // Extract header from cruft (<body> and before); SAVE $header = $cruft['HEADER']; // special cases of something with ID or class of header/top going through too $header_cases = array('<div id="header"', '<div id="page_header"', '<div class="header"', '<div class="page_header"'); foreach ($header_cases as $header_case) { $header_start_pos = strpos($header, $header_case); if ($header_start_pos !== false) { $header_start_pos = strpos($header, '>', $header_start_pos) + 1; break; } } if ($header_start_pos !== false) { $div_count = 1; do { $next_start = strpos($header, '<div ', $header_start_pos); $next_end = strpos($header, '</div>', $header_start_pos); $header_start_pos = $next_start !== false && $next_start < $next_end ? $next_start : $next_end; if ($header_start_pos !== false) { $header_start_pos = strpos($header, '>', $header_start_pos) + 1; } $div_count += $next_start !== false && $next_start < $next_end ? 1 : -1; } while ($div_count > 0 && $header_start_pos !== false); } $body_start_pos = strpos($header, '<body'); $head_end_pos = strpos($header, '<link'); if ($head_end_pos === false) { $head_end_pos = strpos($header, '</head'); } if ($header_start_pos === false) { $header_start_pos = strpos($header, '>', $body_start_pos) + 1; } if ($header_start_pos !== false) { $header = substr($header, 0, $header_start_pos); } $path = get_custom_file_base() . '/themes/' . filter_naughty($theme) . '/templates_custom/HEADER.tpl'; $myfile = fopen($path, 'wt'); $header_to_write = substr($header, 0, $head_end_pos) . ' <script type="text/javascript">// <![CDATA[ {+START,IF,{$AND,{$EQ,,{$_GET,keep_has_js}},{$NOT,{$JS_ON}}}} if ((window.location.href.indexOf(\'upgrader.php\')==-1) && (window.location.search.indexOf(\'keep_has_js\')==-1)) {$,Redirect with JS on, and then hopefully we can remove keep_has_js after one click. This code only happens if JS is marked off, no infinite loops can happen.} window.location=window.location.href+((window.location.search==\'\')?(((window.location.href.indexOf(\'.htm\')==-1)&&(window.location.href.indexOf(\'.php\')==-1))?(((window.location.href.substr(window.location.href.length-1)!=\'/\')?\'/\':\'\')+\'index.php?\'):\'?\'):\'&\')+\'keep_has_js=1{+START,IF,{$DEV_MODE}}&keep_devtest=1{+END}\'; {+END} {+START,IF,{$NOT,{$BROWSER_MATCHES,ie}}}{+START,IF,{$HAS_SPECIFIC_PERMISSION,sees_javascript_error_alerts}}window.take_errors=true;{+END}{+END} var {+START,IF,{$CONFIG_OPTION,is_on_timezone_detection}}server_timestamp={$FROM_TIMESTAMP%},{+END}ocp_lang=\'{$LANG;}\',ocp_theme=\'{$THEME;}\'; //]]></script> <meta name="description" content="{+START,IF,{$NEQ,{DESCRIPTION},{!NA}}}{DESCRIPTION*}{+END}" /> <meta name="keywords" content="{KEYWORDS*}" /> {$CSS_TEMPCODE} {+START,IF_PASSED,EXTRA_HEAD} {EXTRA_HEAD} {+END} {$JS_TEMPCODE,header} {REFRESH}' . substr($header, $head_end_pos); $header_to_write = preg_replace('#<title>[^<>]*</title>#', '<title>{+START,IF_NON_EMPTY,{HEADER_TEXT}}{HEADER_TEXT*} - {+END}{$SITE_NAME*}</title>', $header_to_write); $header_to_write = preg_replace('#<meta name="keywords" content="([^"]*)"[^>]*>#', '', $header_to_write); $header_to_write = preg_replace('#<meta name="description" content="([^"]*)"[^>]*>#', '', $header_to_write); fwrite($myfile, $header_to_write); fclose($myfile); fix_permissions($path); sync_file($path); // Extract footer from cruft (</body> and below); SAVE $footer = $cruft['FOOTER']; // special cases of something with ID or class of footer/bottom going through too $footer_cases = array('<div id="footer"', '<div id="page_footer"', '<div class="footer"', '<div class="page_footer"'); foreach ($footer_cases as $footer_case) { $footer_start_pos = strpos($footer, $footer_case); if ($footer_start_pos !== false) { break; } } if ($footer_start_pos === false) { $footer_start_pos = strpos($footer, '</body'); } if ($footer_start_pos !== false) { $footer = substr($footer, $footer_start_pos); } $path = get_custom_file_base() . '/themes/' . filter_naughty($theme) . '/templates_custom/FOOTER.tpl'; $myfile = fopen($path, 'wt'); $footer_to_write = $footer; fwrite($myfile, $footer_to_write); fclose($myfile); fix_permissions($path); sync_file($path); // What remains is saved to GLOBAL (note that we don't try and be clever about panels - this is up to the user, and they don't really need them anyway) if (count($compare_file_contents) > 1) { $global_to_write = substr($cruft['HEADER'], strlen($header)) . "\n{MIDDLE}\n" . substr($cruft['FOOTER'], 0, strlen($cruft['FOOTER']) - strlen($footer)); } else { $cruft['HEADER'] = $header_to_write; $cruft['FOOTER'] = $footer_to_write; $global_to_write = '{MIDDLE}'; } $path = get_custom_file_base() . '/themes/' . filter_naughty($theme) . '/templates_custom/GLOBAL.tpl'; $myfile = fopen($path, 'wt'); fwrite($myfile, $global_to_write); fclose($myfile); fix_permissions($path); sync_file($path); // Extract site name from <title> tag, based on common consistency (largest common substring) $site_name = get_site_name(); if (count($compare_file_contents) > 1) { $titles_in_reference_files = array(); foreach ($compare_file_contents as $reference_file) { $matches = array(); if (preg_match('#<title>(.*)</title>#', $reference_file, $matches) != 0) { $titles_in_reference_files[] = $matches[1]; } } // Find largest common substring $lcs = ''; foreach ($titles_in_reference_files as $title_a) { for ($start = 0; $start < strlen($title_a); $start++) { for ($end = $start + 1; $end < strlen($title_a); $end++) { $current = substr($title_a, $start, $end - $start + 1); foreach ($titles_in_reference_files as $title_b) { if ($title_a != $title_b) { if (strpos(strtolower($title_b), strtolower($current)) === false) { continue 2; } } } if (strpos(strtolower($title_b), strtolower($current)) !== false) { if (strlen($current) > strlen($lcs)) { $lcs = $current; } } } } } // Strip bits $site_name = trim(preg_replace('#^[\\|\\-�,]#', '', preg_replace('#[\\|\\-�,]$#', '', trim($lcs)))); // Save as site name set_option('site_name', $site_name); } // Go and save our pages disable_php_memory_limit(); foreach ($content_files as $content_file) { $file_contents = file_get_contents($file_base . '/' . $content_file); // Find page-link for page $slash_count = substr_count($content_file, '/'); if ($slash_count == 0) { $content_file = '/' . $content_file; } elseif ($slash_count > 1) { $last_slash_pos = strrpos($content_file, '/'); $content_file = str_replace('/', '_', substr($content_file, 0, $last_slash_pos)) . substr($content_file, 0, $last_slash_pos); } list($zone, $page) = explode('/', preg_replace('#\\..*$#', '', $content_file), 2); if ($page == 'index') { $page = 'start'; } if (substr($content_file, -4) == '.php') { $file_path = zone_black_magic_filterer(get_custom_file_base() . '/' . $zone . '/pages/minimodules_custom/' . $page . '.php'); $myfile = fopen($file_path, 'wt'); fwrite($myfile, $file_contents); fclose($myfile); fix_permissions($file_path); sync_file($file_path); } else { $filtered = $this->_html_filter($file_contents, $fix_html, $base_url, $files, $file_base); // Try and work out page title from <title> tag $matches = array(); $page_title = NULL; if (preg_match('#<title>(.*)</title>#', $filtered, $matches) != 0) { $page_title = preg_replace('#( [\\|\\-�] )?' . preg_quote($site_name) . '( [\\|\\-�] )?#', '', $matches[1]); } $page_keywords = NULL; if (preg_match('#<meta name="keywords" content="([^"]*)"#', $filtered, $matches) != 0) { $page_keywords = $matches[1]; } $page_description = NULL; if (preg_match('#<meta name="description" content="([^"]*)"#', $filtered, $matches) != 0) { $page_description = $matches[1]; } require_code('seo2'); seo_meta_set_for_explicit('comcode_page', $zone . ':' . $page, $page_keywords, $page_description); // Strip cruft off for htm/html files $i = strpos($filtered, '</head>'); if ($i === false) { $i = 0; } else { $i += 7; } $filtered = $this->levenshtein_strip_search($cruft['HEADER'], $filtered, false, $i); $filtered = $this->levenshtein_strip_search($cruft['FOOTER'], $filtered, true, 0); // Copy htm/html/php files to correct zone page directories (html_custom/<lang>, or minimodules_custom) if ($convert_to_comcode == 0) { // Insert an <h1> if the h1 is not there if (strpos($filtered, '<h1') === false && !is_null($page_title)) { $filtered = "<h1>" . $page_title . "</h1>\n\n" . $filtered; } $file_path = zone_black_magic_filterer(get_custom_file_base() . '/' . $zone . '/pages/comcode_custom/' . get_site_default_lang() . '/' . $page . '.txt'); $myfile = fopen($file_path, 'wt'); fwrite($myfile, '[semihtml]' . $filtered . '[/semihtml]'); fclose($myfile); fix_permissions($file_path); sync_file($file_path); } else { // Insert an <h1> if the h1 is not there if (strpos($filtered, '[title') === false && !is_null($page_title)) { $filtered = "[title]" . $page_title . "[/title]\n\n" . $filtered; } require_code('comcode_from_html'); $comcode = semihtml_to_comcode($filtered); $file_path = zone_black_magic_filterer(get_custom_file_base() . '/' . $zone . '/pages/comcode_custom/' . get_site_default_lang() . '/' . $page . '.txt'); $myfile = fopen($file_path, 'wt'); fwrite($myfile, $comcode); fclose($myfile); fix_permissions($file_path); sync_file($file_path); } } } // Copy all remaining files to under uploads/website_specific foreach ($files as $file) { if (!file_exists($file_base . '/' . $file)) { continue; } $path = get_custom_file_base() . '/uploads/website_specific/' . $file; $create_path = $path; do { @mkdir(dirname($create_path), 0777); $create_path = dirname($create_path); } while (strlen($create_path) > 1); copy($file_base . '/' . $file, $path); fix_permissions($path); sync_file($path); } // Set the panels to be blank foreach (array('site/', '') as $zone) { $panels = array('panel_left', 'panel_right'); foreach ($panels as $panel) { $path = zone_black_magic_filterer(get_custom_file_base() . '/' . $zone . 'pages/comcode_custom/' . filter_naughty(fallback_lang()) . '/' . filter_naughty($panel) . '.txt'); $myfile = fopen($path, 'wt'); fclose($myfile); fix_permissions($path); sync_file($path); } } }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'the_message ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('the_message' => do_lang_tempcode('MESSAGE'), 'days' => do_lang_tempcode('NUMBER_DAYS'), 'order_time' => do_lang_tempcode('ORDER_DATE'), 'user_id' => do_lang_tempcode('OWNER')); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $header_row = results_field_title(array(do_lang_tempcode('MESSAGE'), do_lang_tempcode('NUMBER_DAYS'), do_lang_tempcode('ORDER_DATE'), do_lang_tempcode('_UP_FOR'), do_lang_tempcode('OWNER'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $username = protect_from_escaping($GLOBALS['FORUM_DRIVER']->member_profile_hyperlink($row['user_id'])); $activation_time = $row['activation_time']; $days = is_null($activation_time) ? '' : float_format(round((time() - $activation_time) / 60 / 60 / 24, 3)); $fields->attach(results_entry(array(protect_from_escaping(get_translated_tempcode($row['the_message'])), integer_format($row['days']), get_timezoned_date($row['order_time']), $row['active_now'] == 1 ? $days : do_lang_tempcode('NA_EM'), $username, protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id'])))), true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'title ASC', true); list($sortable, $sort_order) = array(substr($current_ordering, 0, strrpos($current_ordering, ' ')), substr($current_ordering, strrpos($current_ordering, ' ') + 1)); $sortables = array('title' => do_lang_tempcode('TITLE')); if (db_has_subqueries($GLOBALS['SITE_DB']->connection_read)) { $sortables['(SELECT COUNT(*) FROM ' . get_table_prefix() . 'newsletter n JOIN ' . get_table_prefix() . 'newsletter_subscribe s ON n.id=s.newsletter_id WHERE code_confirm=0)'] = do_lang_tempcode('COUNT_MEMBERS'); } if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $header_row = results_field_title(array(do_lang_tempcode('TITLE'), do_lang_tempcode('COUNT_MEMBERS'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $num_readers = $GLOBALS['SITE_DB']->query_value('newsletter n JOIN ' . get_table_prefix() . 'newsletter_subscribe s ON n.id=s.newsletter_id', 'COUNT(*)', array('code_confirm' => 0)); $fields->attach(results_entry(array(get_translated_text($row['title']), integer_format($num_readers), protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id'])))), true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * The UI to choose a zone to edit. * * @param string The follow-on type * @param ?tempcode The title to use (NULL: the EDIT_ZONE title) * @return tempcode The UI */ function edit_zone($type = '_edit', $title = NULL) { $GLOBALS['HELPER_PANEL_PIC'] = 'pagepics/zones'; $GLOBALS['HELPER_PANEL_TUTORIAL'] = 'tut_structure'; if (is_null($title)) { $title = get_page_title('EDIT_ZONE'); } $start = get_param_integer('start', 0); $max = get_param_integer('max', 50); $_zones = find_all_zones(false, true, false, $start, $max); $url_map = array('page' => '_SELF', 'type' => $type); if ($type == '_editor') { $url_map['wide'] = 1; } require_code('templates_results_table'); $current_ordering = 'name ASC'; if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array(); $header_row = results_field_title(array(do_lang_tempcode('NAME'), do_lang_tempcode('TITLE'), do_lang_tempcode('DEFAULT_PAGE'), do_lang_tempcode('THEME'), do_lang_tempcode('DISPLAYED_IN_MENU'), do_lang_tempcode('WIDE'), do_lang_tempcode('REQUIRE_SESSION'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); $max_rows = $GLOBALS['SITE_DB']->query_value('zones', 'COUNT(*)'); foreach ($_zones as $_zone_details) { list($zone_name, $zone_title, $zone_show_in_menu, $zone_default_page, $remaining_row) = $_zone_details; $edit_link = build_url($url_map + array('id' => $zone_name), '_SELF'); $fields->attach(results_entry(array(hyperlink(build_url(array('page' => ''), $zone_name), $zone_name == '' ? do_lang_tempcode('NA_EM') : make_string_tempcode(escape_html($zone_name))), $zone_title, $zone_default_page, $remaining_row['zone_theme'] == '-1' ? do_lang_tempcode('NA_EM') : hyperlink(build_url(array('page' => 'admin_themes'), 'adminzone'), escape_html($remaining_row['zone_theme'])), $zone_show_in_menu == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), $remaining_row['zone_wide'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), $remaining_row['zone_require_session'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, $zone_name))), true)); } $table = results_table(do_lang('ZONES'), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('ZONES')))); breadcrumb_set_self(do_lang_tempcode('CHOOSE')); $text = do_lang_tempcode('CHOOSE_EDIT_LIST'); return do_template('TABLE_TABLE_SCREEN', array('TITLE' => $title, 'TEXT' => $text, 'TABLE' => $table, 'SUBMIT_NAME' => NULL, 'POST_URL' => get_self_url())); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A quartet: The choose table, Whether re-ordering is supported from this screen, Search URL, Archive URL. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'c_title ASC', true); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('c_title' => do_lang_tempcode('TITLE')); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $header_row = results_field_title(array(do_lang_tempcode('TITLE'), do_lang_tempcode('EXPANDED_BY_DEFAULT'), do_lang_tempcode('ACTIONS')), $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $fields->attach(results_entry(array($row['c_title'], $row['c_expanded_by_default'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id'])))), true)); } $search_url = NULL; $archive_url = NULL; return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false, $search_url, $archive_url); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $hr = array(); $hr[] = do_lang_tempcode('TITLE'); if (addon_installed('points')) { $hr[] = do_lang_tempcode('POINTS'); } $hr[] = do_lang_tempcode('CONTENT_TYPE'); $hr[] = do_lang_tempcode('USED_PREVIOUSLY'); $hr[] = do_lang_tempcode('ACTIONS'); $current_ordering = get_param('sort', 'a_title ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('a_title' => do_lang_tempcode('TITLE'), 'a_content_type' => do_lang_tempcode('CONTENT_TYPE')); if (addon_installed('points')) { $sortables['a_points'] = do_lang_tempcode('POINTS'); } if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $header_row = results_field_title($hr, $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $fr = array(); $fr[] = protect_from_escaping(hyperlink(build_url(array('page' => 'awards', 'type' => 'award', 'id' => $row['id']), get_module_zone('awards')), get_translated_text($row['a_title']), false, true)); if (addon_installed('points')) { $fr[] = integer_format($row['a_points']); } $hooks = find_all_hooks('systems', 'awards'); $hook_title = do_lang('UNKNOWN'); foreach (array_keys($hooks) as $hook) { if ($hook == $row['a_content_type']) { require_code('hooks/systems/awards/' . $hook); $hook_object = object_factory('Hook_awards_' . $hook, true); if (is_null($hook_object)) { continue; } $hook_info = $hook_object->info(); if (!is_null($hook_info)) { $hook_title = $hook_info['title']->evaluate(); } } } $fr[] = $hook_title; $fr[] = integer_format($GLOBALS['SITE_DB']->query_value('award_archive', 'COUNT(*)', array('a_type_id' => $row['id']))); $fr[] = protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id']))); $fields->attach(results_entry($fr, true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order), false); }
/** * Handle an AJAX message posting request. * * @param AUTO_LINK Room ID * @param string The message * @param string Font name * @param string Font colour * @param BINARY Whether this is the first message sent out to this room, since some change */ function _chat_post_message_ajax($room_id, $message, $font, $colour, $first_message) { $room_check = $GLOBALS['SITE_DB']->query_select('chat_rooms', array('*'), array('id' => $room_id), '', 1); if (!array_key_exists(0, $room_check)) { // This room doesn't exist warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } if (!check_chatroom_access($room_check[0], true)) { require_lang('chat'); $the_message = do_lang('BANNED_FROM_CHAT'); $_message = array('system_message' => 1, 'ip_address' => get_ip_address(), 'room_id' => $room_id, 'user_id' => get_member(), 'date_and_time' => time(), 'member_id' => get_member(), 'text_colour' => get_option('chat_default_post_colour'), 'font_name' => get_option('chat_default_post_font')); $template = do_template('CHAT_MESSAGE', array('SYSTEM_MESSAGE' => strval($_message['system_message']), 'STAFF' => false, 'OLD_MESSAGES' => false, 'AVATAR_URL' => '', 'STAFF_ACTIONS' => '', 'USER' => strval($_message['member_id']), 'MESSAGE' => $the_message, 'TIME' => get_timezoned_date($_message['date_and_time']), 'RAW_TIME' => strval($_message['date_and_time']), 'FONT_COLOUR' => $_message['text_colour'], 'FONT_FACE' => $_message['font_name'])); $messages_output = '<div xmlns="http://www.w3.org/1999/xhtml" sender_id="' . strval($_message['member_id']) . '" room_id="' . strval($_message['room_id']) . '" id="123456789" timestamp="' . strval($_message['date_and_time']) . '">' . $template->evaluate() . '</div>'; header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header('Content-Type: application/xml'); $output = '<' . '?xml version="1.0" encoding="' . get_charset() . '" ?' . '> <!DOCTYPE xc:content [ <!ENTITY euro "€"> <!ENTITY ldquo "“"> <!ENTITY rdquo "”"> <!ENTITY lsquo "‘"> <!ENTITY rsquo "’"> <!ENTITY dagger "†"> <!ENTITY Dagger "‡"> <!ENTITY permil "‰"> <!ENTITY Scaron "Š"> <!ENTITY scaron "š"> <!ENTITY Yuml "Ÿ"> <!ENTITY ndash "–"> <!ENTITY mdash "—"> <!ENTITY hellip "…"> <!ENTITY copy "©"> <!ENTITY nbsp " "> <!ENTITY fnof "ƒ"> <!ENTITY reg "®"> <!ENTITY trade "™"> <!ENTITY raquo "»"> <!ENTITY frac14 "¼"> <!ENTITY frac12 "½"> <!ENTITY frac34 "¾"> ]> <response> <result> ' . $messages_output . ' </result> </response>'; echo $output; return; } if ($message == '') { $return = '0'; } else { //$prefs=@$_COOKIE['ocp_chat_prefs']; //$prefs=@explode(';',$prefs); //$font=isset($prefs[1])?$prefs[1]:get_option('chat_default_post_font'); //$colour=isset($prefs[0])?$prefs[0]:get_option('chat_default_post_colour'); if (chat_post_message($room_id, $message, $font, $colour, 60)) { $return = '1'; } else { $return = '0'; } } if ($room_check[0]['is_im'] == 1) { $invited_already = NULL; $active_members = NULL; $allow_list = explode(',', $room_check[0]['allow_list']); foreach ($allow_list as $_allow) { $_allow = trim($_allow); $allow = intval($_allow); if ($allow != $room_check[0]['room_owner'] && $allow != get_member()) { if (is_null($invited_already)) { $invited_already = collapse_1d_complexity('e_member_id', $GLOBALS['SITE_DB']->query_select('chat_events', array('e_member_id'), array('e_room_id' => $room_id, 'e_type_code' => 'INVITED_TO_IM'))); } if (!in_array($allow, $invited_already)) { // Send out invitation if they're not active if (is_null($active_members)) { $active_members = get_chatters_in_room($room_id); } if (!array_key_exists($allow, $active_members)) { $event_id = $GLOBALS['SITE_DB']->query_insert('chat_events', array('e_type_code' => 'INVITED_TO_IM', 'e_member_id' => $allow, 'e_room_id' => $room_id, 'e_date_and_time' => time()), true); $myfile = @fopen(get_custom_file_base() . '/data_custom/modules/chat/chat_last_event.dat', 'wb') or intelligent_write_error(get_custom_file_base() . '/data_custom/modules/chat/chat_last_event.dat'); fwrite($myfile, strval($event_id)); fclose($myfile); sync_file(get_custom_file_base() . '/data_custom/modules/chat/chat_last_event.dat'); require_lang('chat'); $zone = get_module_zone('chat'); $_lobby_url = build_url(array('page' => 'chat'), $zone, NULL, false, false, true); $lobby_url = $_lobby_url->evaluate(); $subject = do_lang('IM_INVITED_SUBJECT', NULL, NULL, NULL, get_lang($allow)); $username = $GLOBALS['FORUM_DRIVER']->get_username(get_member()); $username2 = $GLOBALS['FORUM_DRIVER']->get_username($allow); $message = do_lang('IM_INVITED_MESSAGE', get_timezoned_date(time(), true), $username, array($lobby_url, $username2, $message), get_lang($allow)); require_code('notifications'); dispatch_notification('im_invited', NULL, $subject, $message, array($allow), $room_check[0]['room_owner'], 1); } } } } } /*if ($return=='0') Flood control creates error, but we'd rather see it shown inline { header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header('Content-Type: application/xml'); $output='<'.'?xml version="1.0" encoding="'.get_charset().'" ?'.'> <!DOCTYPE xc:content [ <!ENTITY euro "€"> <!ENTITY ldquo "“"> <!ENTITY rdquo "”"> <!ENTITY lsquo "‘"> <!ENTITY rsquo "’"> <!ENTITY dagger "†"> <!ENTITY Dagger "‡"> <!ENTITY permil "‰"> <!ENTITY Scaron "Š"> <!ENTITY scaron "š"> <!ENTITY Yuml "Ÿ"> <!ENTITY ndash "–"> <!ENTITY mdash "—"> <!ENTITY hellip "…"> <!ENTITY copy "©"> <!ENTITY nbsp " "> <!ENTITY fnof "ƒ"> <!ENTITY reg "®"> <!ENTITY trade "™"> <!ENTITY raquo "»"> <!ENTITY frac14 "¼"> <!ENTITY frac12 "½"> <!ENTITY frac34 "¾"> ]> <error />'; echo $output; return; }*/ // Send response of new messages, so we get instant result _chat_messages_script_ajax($room_check[0]['is_im'] == 1 ? -1 : $room_id, false, either_param_integer('message_id'), either_param_integer('event_id')); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A pair: The choose table, Whether re-ordering is supported from this screen. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $current_ordering = get_param('sort', 'cf_order ASC'); if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); $sortables = array('cf_name' => do_lang_tempcode('NAME'), 'cf_owner_view' => do_lang_tempcode('OWNER_VIEW'), 'cf_owner_set' => do_lang_tempcode('OWNER_SET'), 'cf_public_view' => do_lang_tempcode('PUBLIC_VIEW'), 'cf_required' => do_lang_tempcode('REQUIRED'), 'cf_order' => do_lang_tempcode('ORDER')); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $fh = array(do_lang_tempcode('NAME'), do_lang_tempcode('OWNER_VIEW'), do_lang_tempcode('OWNER_SET'), do_lang_tempcode('PUBLIC_VIEW'), do_lang_tempcode('REQUIRED')); $fh[] = do_lang_tempcode('SHOW_ON_JOIN_FORM'); //$fh[]=do_lang_tempcode('SHOW_IN_POSTS'); //$fh[]=do_lang_tempcode('SHOW_IN_POST_PREVIEWS'); $fh[] = do_lang_tempcode('ORDER'); $fh[] = do_lang_tempcode('ACTIONS'); $header_row = results_field_title($fh, $sortables, 'sort', $sortable . ' ' . $sort_order); // Load up filters $hooks = find_all_hooks('systems', 'ocf_cpf_filter'); $to_keep = array(); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/ocf_cpf_filter/' . $hook); $_hook = object_factory('Hook_ocf_cpf_filter_' . $hook, true); if (is_null($_hook)) { continue; } $to_keep += $_hook->to_enable(); } $fields = new ocp_tempcode(); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering, NULL); $changed = false; foreach ($rows as $row) { $order = post_param_integer('order_' . strval($row['id']), NULL); if (!is_null($order)) { $GLOBALS['FORUM_DB']->query_update('f_custom_fields', array('cf_order' => $order), array('id' => $row['id']), '', 1); $changed = true; } } if ($changed) { list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering); } require_code('form_templates'); foreach ($rows as $row) { $trans = get_translated_text($row['cf_name'], $GLOBALS['FORUM_DB']); $used = true; if (substr($trans, 0, 4) == 'ocp_') { // See if it gets filtered if (!array_key_exists(substr($trans, 4), $to_keep)) { $used = false; } $test = do_lang('SPECIAL_CPF__' . $trans, NULL, NULL, NULL, NULL, false); if (!is_null($test)) { $trans = $test; } } $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); $orderlist = new ocp_tempcode(); $num_cpfs = $GLOBALS['FORUM_DB']->query_value('f_custom_fields', 'COUNT(*)'); $selected_one = false; $order = $row['cf_order']; for ($i = 0; $i < max($num_cpfs, $order); $i++) { $selected = $i === $order; if ($selected) { $selected_one = true; } $orderlist->attach(form_input_list_entry(strval($i), $selected, integer_format($i + 1))); } if (!$selected_one) { $orderlist->attach(form_input_list_entry(strval($order), true, integer_format($order + 1))); } $orderer = do_template('TABLE_TABLE_ROW_CELL_SELECT', array('LABEL' => do_lang_tempcode('ORDER'), 'NAME' => 'order_' . strval($row['id']), 'LIST' => $orderlist)); $fr = array(); $fr[] = $trans; $fr[] = $row['cf_owner_view'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'); $fr[] = $row['cf_owner_set'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'); $fr[] = $row['cf_public_view'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'); $fr[] = $row['cf_required'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'); $fr[] = $row['cf_show_on_join_form'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'); //$fr[]=($row['cf_show_in_posts']==1)?do_lang_tempcode('YES'):do_lang_tempcode('NO'); //$fr[]=($row['cf_show_in_post_previews']==1)?do_lang_tempcode('YES'):do_lang_tempcode('NO'); $fr[] = protect_from_escaping($orderer); if ($used) { $edit_link = hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id'])); } else { $edit_link = do_lang_tempcode('UNUSED_CPF'); } $fr[] = protect_from_escaping($edit_link); $fields->attach(results_entry($fr, true)); } return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order, 'sort', NULL, NULL, NULL, 8, 'gdfg43tfdgdfgdrfgd', true), true); }
/** * Standard modular run function for search results. * * @param string Search string * @param boolean Whether to only do a META (tags) search * @param ID_TEXT Order direction * @param integer Start position in total results * @param integer Maximum results to return in total * @param boolean Whether only to search titles (as opposed to both titles and content) * @param string Where clause that selects the content according to the main search string (SQL query fragment) (blank: full-text search) * @param SHORT_TEXT Username/Author to match for * @param ?MEMBER Member-ID to match for (NULL: unknown) * @param TIME Cutoff date * @param string The sort type (gets remapped to a field in this function) * @set title add_date * @param integer Limit to this number of results * @param string What kind of boolean search to do * @set or and * @param string Where constraints known by the main search code (SQL query fragment) * @param string Comma-separated list of categories to search under * @param boolean Whether it is a boolean search * @return array List of maps (template, orderer) */ function run($content, $only_search_meta, $direction, $max, $start, $only_titles, $content_where, $author, $author_id, $cutoff, $sort, $limit_to, $boolean_operator, $where_clause, $search_under, $boolean_search) { unset($limit_to); if (get_forum_type() != 'ocf') { return array(); } require_code('ocf_members'); $remapped_orderer = ''; switch ($sort) { case 'title': $remapped_orderer = 'm_username'; break; case 'add_date': $remapped_orderer = 'm_join_time'; break; case 'relevance': case 'rating': break; default: $remapped_orderer = preg_replace('#[^\\w]#', '', $sort); break; } require_lang('ocf'); // Calculate our where clause (search) if ($author != '') { $where_clause .= ' AND '; $where_clause .= db_string_equal_to('m_username', $author); } if (!is_null($cutoff)) { $where_clause .= ' AND '; $where_clause .= 'm_join_time>' . strval($cutoff); } $raw_fields = array('m_username'); $trans_fields = array(); $rows = ocf_get_all_custom_fields_match(NULL, 1, 1); $table = ''; require_code('fields'); $non_trans_fields = 0; foreach ($rows as $i => $row) { $ob = get_fields_hook($row['cf_type']); list(, , $storage_type) = $ob->get_field_value_row_bits($row); if (strpos($storage_type, '_trans') === false) { $non_trans_fields++; } } $index_issue = $non_trans_fields > 16; foreach ($rows as $i => $row) { $ob = get_fields_hook($row['cf_type']); list(, , $storage_type) = $ob->get_field_value_row_bits($row); $param = get_param('option_' . strval($row['id']), ''); if ($param != '') { $where_clause .= ' AND '; if (db_has_full_text($GLOBALS['SITE_DB']->connection_read) && method_exists($GLOBALS['SITE_DB']->static_ob, 'db_has_full_text_boolean') && $GLOBALS['SITE_DB']->static_ob->db_has_full_text_boolean() && !is_under_radar($param)) { $temp = db_full_text_assemble('"' . $param . '"', true); } else { $temp = db_like_assemble($param); } if ($row['cf_type'] == 'short_trans' || $row['cf_type'] == 'long_trans') { $where_clause .= preg_replace('#\\?#', 't' . strval(count($trans_fields) + 1) . '.text_original', $temp); } else { $where_clause .= preg_replace('#\\?#', 'field_' . strval($row['id']), $temp); } } if (strpos($storage_type, '_trans') === false) { $raw_fields[] = 'field_' . strval($row['id']); } else { $trans_fields[] = 'field_' . strval($row['id']); } } $age_range = get_param('option__age_range', get_param('option__age_range_from', '') . '-' . get_param('option__age_range_to', '')); if ($age_range != '' && $age_range != '-') { $bits = explode('-', $age_range); if (count($bits) == 2) { $lower = strval(intval(date('Y', utctime_to_usertime())) - intval($bits[0])); $upper = strval(intval(date('Y', utctime_to_usertime())) - intval($bits[1])); $where_clause .= ' AND '; $where_clause .= '(m_dob_year<' . $lower . ' OR m_dob_year=' . $lower . ' AND (m_dob_month<' . date('m') . ' OR m_dob_month=' . date('m') . ' AND m_dob_day<=' . date('d') . '))'; $where_clause .= ' AND '; $where_clause .= '(m_dob_year>' . $upper . ' OR m_dob_year=' . $upper . ' AND (m_dob_month>' . date('m') . ' OR m_dob_month=' . date('m') . ' AND m_dob_day>=' . date('d') . '))'; } if (either_param_integer('option__photo_thumb_url', 0) == 1) { $where_clause .= ' AND '; $where_clause .= db_string_not_equal_to('m_photo_thumb_url', ''); } } $user_group = get_param('option__user_group', ''); if ($user_group != '') { $bits = explode(',', $user_group); $where_clause .= ' AND '; $group_where_clause = ''; foreach ($bits as $i => $bit) { $group = intval($bit); $table .= ' LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_group_members g' . strval($i) . ' ON (g' . strval($i) . '.gm_group_id=' . strval($group) . ' AND g' . strval($i) . '.gm_member_id=r.id)'; if ($group_where_clause != '') { $group_where_clause .= ' OR '; } $group_where_clause .= 'g' . strval($i) . '.gm_validated=1 OR m_primary_group=' . strval($group); } $where_clause .= '(' . $group_where_clause . ')'; } if (!has_specific_permission(get_member(), 'see_unvalidated')) { $where_clause .= ' AND '; $where_clause .= 'm_validated=1'; } // Calculate and perform query $rows = get_search_rows(NULL, NULL, $content, $boolean_search, $boolean_operator, $only_search_meta, $direction, $max, $start, $only_titles, 'f_members r JOIN ' . get_table_prefix() . 'f_member_custom_fields a ON r.id=a.mf_member_id' . $table, array('!', 'm_signature') + $trans_fields, $where_clause, $content_where, $remapped_orderer, 'r.*,a.*,r.id AS id', $raw_fields); $out = array(); foreach ($rows as $i => $row) { /*if ($user_group!='') { $bits=explode(',',$user_group); $ok=false; $groups=$GLOBALS['FORUM_DRIVER']->get_members_groups($row['id']); foreach ($bits as $bit) { if (in_array($user_group,$groups)) $ok=true; } if (!$ok) continue; }*/ if (!is_guest($row['id'])) { $out[$i]['data'] = $row; if ($remapped_orderer != '' && array_key_exists($remapped_orderer, $row)) { $out[$i]['orderer'] = $row[$remapped_orderer]; } elseif (substr($remapped_orderer, 0, 7) == '_rating') { $out[$i]['orderer'] = $row['compound_rating']; } } else { $out[$i]['data'] = NULL; } unset($rows[$i]); } return $out; }
/** * Remove a buddy. * * @return tempcode The UI */ function buddy_remove() { if (is_guest()) { access_denied('NOT_AS_GUEST'); } $title = get_page_title('DUMP_BUDDY'); $member_id = either_param_integer('member_id', NULL); if (is_null($member_id)) { $members = array(); foreach ($_POST as $key => $val) { if (substr($key, 0, 7) == 'select_' && $val == '1') { $members[] = intval(substr($key, 7)); } } $username = do_lang('_MULTIPLE'); } else { $members = array($member_id); $username = $GLOBALS['FORUM_DRIVER']->get_username($member_id); if (is_null($GLOBALS['SITE_DB']->query_value_null_ok('chat_buddies', 'date_and_time', array('member_likes' => get_member(), 'member_liked' => $member_id)))) { warn_exit(do_lang('NOT_CURRENTLY_FRIENDS', escape_html($username))); } } $test = $this->handle_repost('DUMP_BUDDY', $username); if (!is_null($test)) { return $test; } require_code('chat2'); foreach ($members as $member_id) { buddy_remove(get_member(), $member_id); } breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('CHAT_LOBBY')))); $url = get_param('redirect', ''); if ($url == '') { return inform_screen($title, do_lang_tempcode('SUCCESS')); } return redirect_screen($title, $url, do_lang_tempcode('SUCCESS')); }
/** * Standard aed_module table function. * * @param array Details to go to build_url for link to the next screen. * @return array A quartet: The choose table, Whether re-ordering is supported from this screen, Search URL, Archive URL. */ function nice_get_choose_table($url_map) { require_code('templates_results_table'); $default_order = 'g_promotion_threshold ASC,id ASC'; $current_ordering = get_param('sort', $default_order, true); $sortables = array('g_name' => do_lang_tempcode('NAME'), 'g_is_presented_at_install' => do_lang_tempcode('IS_PRESENTED_AT_INSTALL'), 'g_is_default' => do_lang_tempcode('DEFAULT_GROUP'), 'g_open_membership' => do_lang_tempcode('OPEN_MEMBERSHIP')); if (addon_installed('points')) { $sortables = array_merge($sortables, array('g_promotion_threshold ASC,id' => do_lang_tempcode('PROMOTION_TARGET'))); } $sortables = array_merge($sortables, array('g_is_super_admin' => do_lang_tempcode('SUPER_ADMIN'), 'g_order' => do_lang_tempcode('ORDER'))); if ($current_ordering == 'g_promotion_threshold ASC,id ASC') { list($sortable, $sort_order) = array('g_promotion_threshold ASC,id', 'ASC'); } elseif ($current_ordering == 'g_promotion_threshold DESC,id DESC' || $current_ordering == 'g_promotion_threshold ASC,id DESC') { list($sortable, $sort_order) = array('g_promotion_threshold DESC,id', 'DESC'); } else { if (strpos($current_ordering, ' ') === false) { warn_exit(do_lang_tempcode('INTERNAL_ERROR')); } list($sortable, $sort_order) = explode(' ', $current_ordering, 2); if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; } $_header_row = array(do_lang_tempcode('NAME'), do_lang_tempcode('IS_PRESENTED_AT_INSTALL'), do_lang_tempcode('DEFAULT_GROUP'), do_lang_tempcode('OPEN_MEMBERSHIP')); if (addon_installed('points')) { $_header_row = array_merge($_header_row, array(do_lang_tempcode('PROMOTION_TARGET'))); } $_header_row = array_merge($_header_row, array(do_lang_tempcode('SUPER_ADMIN'), do_lang_tempcode('ORDER'), do_lang_tempcode('ACTIONS'))); $header_row = results_field_title($_header_row, $sortables, 'sort', $sortable . ' ' . $sort_order); $fields = new ocp_tempcode(); $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)'); require_code('form_templates'); list($rows, $max_rows) = $this->get_entry_rows(false, $current_ordering, $group_count > 300 ? array('g_is_private_club' => 0) : NULL); $changed = false; foreach ($rows as $row) { $new_order = post_param_integer('order_' . strval($row['id']), NULL); if (!is_null($new_order)) { $GLOBALS['FORUM_DB']->query_update('f_groups', array('g_order' => $new_order), array('id' => $row['id']), '', 1); $changed = true; } } if ($changed) { list($rows, $max_rows) = $this->get_entry_rows(true, $current_ordering, $group_count > 300 ? array('g_is_private_club' => 0) : NULL); } foreach ($rows as $row) { $edit_link = build_url($url_map + array('id' => $row['id']), '_SELF'); if ($row['id'] == db_get_first_id() + 8 && $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)', array('g_is_presented_at_install' => '1')) == 0) { $row['g_is_presented_at_install'] = 1; } $fr = array(protect_from_escaping(ocf_get_group_link($row['id'])), $row['g_is_presented_at_install'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), $row['g_is_default'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'), $row['g_open_membership'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO')); if (addon_installed('points')) { $fr = array_merge($fr, array(is_null($row['g_promotion_target']) ? do_lang_tempcode('NA_EM') : make_string_tempcode(ocf_get_group_name($row['g_promotion_target']) . ' (' . strval($row['g_promotion_threshold']) . ')'))); } $fr = array_merge($fr, array($row['g_is_super_admin'] == 1 ? do_lang_tempcode('YES') : do_lang_tempcode('NO'))); $orderlist = new ocp_tempcode(); $selected_one = false; $order = $row['g_order']; for ($i = 0; $i < max(count($rows), $order); $i++) { $selected = $i === $order; if ($selected) { $selected_one = true; } $orderlist->attach(form_input_list_entry(strval($i), $selected, integer_format($i + 1))); } if (!$selected_one) { $orderlist->attach(form_input_list_entry(strval($order), true, integer_format($order + 1))); } $ordererx = protect_from_escaping(do_template('TABLE_TABLE_ROW_CELL_SELECT', array('LABEL' => do_lang_tempcode('ORDER'), 'NAME' => 'order_' . strval($row['id']), 'LIST' => $orderlist))); $fr[] = $ordererx; $fr[] = protect_from_escaping(hyperlink($edit_link, do_lang_tempcode('EDIT'), false, true, '#' . strval($row['id']))); $fields->attach(results_entry($fr, true)); } $search_url = build_url(array('page' => 'search', 'id' => 'ocf_clubs'), get_module_zone('search')); $archive_url = build_url(array('page' => 'groups'), get_module_zone('groups')); return array(results_table(do_lang($this->menu_label), get_param_integer('start', 0), 'start', either_param_integer('max', 20), 'max', $max_rows, $header_row, $fields, $sortables, $sortable, $sort_order, 'sort', NULL, NULL, NULL, 8, 'gdfg43tfdgdfgdrfgd', true), true, $search_url, $archive_url); }