/**
* Encrypt some data using asymmetric encryption and the site's public key. This will return the original data if encryption is disabled. It will add a magic marker to the start of the returned string to show it's been encrypted.
* A fatal error will occur if the public key cannot be found, or if encryption fails for whatever reason.
* Note that this will blindly re-encrypt data which has already been encrypted. You should check data with is_data_encrypted() first.
*
* @param string Data to be encrypted
* @return string Encrypted data, with magic marker
*/
function encrypt_data($data)
{
if (!is_encryption_enabled()) {
return $data;
}
if ($data == '') {
return $data;
}
if (is_data_encrypted($data)) {
return $data;
}
if (!function_exists('openssl_pkey_get_public')) {
return $data;
}
if (!function_exists('openssl_public_encrypt')) {
return $data;
}
/* See http://uk.php.net/manual/en/function.openssl-pkey-get-public.php */
$key = openssl_pkey_get_public('file://' . get_option('encryption_key'));
if ($key === false) {
attach_message(do_lang_tempcode('ENCRYPTION_KEY_ERROR'), 'warn');
return '';
}
$maxlength = 117;
$output = '';
while (strlen($data) > 0) {
$input = substr($data, 0, $maxlength);
$data = substr($data, $maxlength);
$encrypted = '';
if (!openssl_public_encrypt($input, $encrypted, $key)) {
attach_message(do_lang_tempcode('ENCRYPTION_ERROR'), 'warn');
return '';
}
$output .= $encrypted;
}
return '(Encrypted!)' . base64_encode($output);
}
/**
* Standard aed_module edit form filler.
*
* @param ID_TEXT The entry being edited
* @return tempcode The edit form
*/
function fill_in_edit_form($id)
{
$rows = $GLOBALS['FORUM_DB']->query_select('f_custom_fields', array('*'), array('id' => intval($id)));
if (!array_key_exists(0, $rows)) {
warn_exit(do_lang_tempcode('MISSING_RESOURCE'));
}
$myrow = $rows[0];
$name = get_translated_text($myrow['cf_name'], $GLOBALS['FORUM_DB']);
$description = get_translated_text($myrow['cf_description'], $GLOBALS['FORUM_DB']);
$default = $myrow['cf_default'];
require_code('encryption');
$encrypted = $myrow['cf_encrypted'] == 1 && is_encryption_enabled();
$public_view = $myrow['cf_public_view'] == 1 && !$encrypted ? 1 : 0;
$owner_view = $myrow['cf_owner_view'];
$owner_set = $myrow['cf_owner_set'];
$type = $myrow['cf_type'];
$required = $myrow['cf_required'];
$show_in_posts = $myrow['cf_show_in_posts'];
$show_in_post_previews = $myrow['cf_show_in_post_previews'];
$order = $myrow['cf_order'];
$only_group = $myrow['cf_only_group'];
if (!array_key_exists('cf_show_on_join_form', $myrow)) {
$GLOBALS['FORUM_DB']->add_table_field('f_custom_fields', 'cf_show_on_join_form', 'BINARY', 0);
$GLOBALS['FORUM_DB']->query('UPDATE ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_custom_fields SET cf_show_on_join_form=cf_required');
$rows = $GLOBALS['FORUM_DB']->query_select('f_custom_fields', array('*'), array('id' => intval($id)));
$myrow = $rows[0];
}
$show_on_join_form = $myrow['cf_show_on_join_form'];
$fields = $this->get_form_fields($name, $description, $default, $public_view, $owner_view, $owner_set, $encrypted, $type, $required, $show_on_join_form, $show_in_posts, $show_in_post_previews, $order, $only_group, $myrow['cf_locked']);
return $fields;
}
/**
* Gets all a member's custom fields that match certain parameters.
*
* @param MEMBER The member.
* @param ?BINARY That are publicly viewable (NULL: don't care).
* @param ?BINARY That are owner viewable (NULL: don't care).
* @param ?BINARY That are owner settable (NULL: don't care).
* @param ?BINARY That are encrypted (NULL: don't care).
* @param ?BINARY That are required (NULL: don't care).
* @param ?BINARY That are to be shown in posts (NULL: don't care).
* @param ?BINARY That are to be shown in post previews (NULL: don't care).
* @param BINARY That start 'ocp_'
* @param ?boolean That are to go on the join form (NULL: don't care).
* @return array A mapping of field title to a map of details: 'RAW' as the raw field value, 'RENDERED' as the rendered field value.
*/
function ocf_get_all_custom_fields_match_member($member_id, $public_view = NULL, $owner_view = NULL, $owner_set = NULL, $encrypted = NULL, $required = NULL, $show_in_posts = NULL, $show_in_post_previews = NULL, $special_start = 0, $show_on_join_form = NULL)
{
$fields_to_show = ocf_get_all_custom_fields_match($GLOBALS['FORUM_DRIVER']->get_members_groups($member_id), $public_view, $owner_view, $owner_set, $required, $show_in_posts, $show_in_post_previews, $special_start, $show_on_join_form);
$custom_fields = array();
$member_mappings = ocf_get_custom_field_mappings($member_id);
$member_value = mixed();
// Initialise type to mixed
$all_cpf_permissions = get_member() == $member_id || $GLOBALS['FORUM_DRIVER']->is_super_admin(get_member()) ? array() : list_to_map('field_id', $GLOBALS['FORUM_DB']->query_select('f_member_cpf_perms', array('*'), array('member_id' => $member_id)));
require_code('fields');
foreach ($fields_to_show as $i => $field_to_show) {
$member_value = $member_mappings['field_' . strval($field_to_show['id'])];
// Decrypt the value if appropriate
if (array_key_exists('cf_encrypted', $field_to_show) && $field_to_show['cf_encrypted'] == 1) {
require_code('encryption');
if (is_encryption_enabled() && !is_null(post_param('decrypt', NULL))) {
$member_value = decrypt_data($member_value, post_param('decrypt'));
}
}
$ob = get_fields_hook($field_to_show['cf_type']);
list(, , $storage_type) = $ob->get_field_value_row_bits($field_to_show);
if (strpos($storage_type, '_trans') !== false) {
if (is_null($member_value) || $member_value == 0) {
$member_value = '';
} else {
$member_value = get_translated_tempcode($member_value, $GLOBALS['FORUM_DB']);
}
// This is meant to be '' for blank, not new ocp_tempcode()
if (is_object($member_value) && $member_value->is_empty()) {
$member_value = '';
}
}
// get custom permissions for the current CPF
$cpf_permissions = array_key_exists($field_to_show['id'], $all_cpf_permissions) ? $all_cpf_permissions[$field_to_show['id']] : array();
$display_cpf = true;
// if there are custom permissions set and we are not showing to all
if (array_key_exists(0, $cpf_permissions) && !is_null($public_view)) {
$display_cpf = false;
// Negative ones
if ($cpf_permissions[0]['guest_view'] == 1) {
$display_cpf = true;
}
if (!is_guest()) {
if ($cpf_permissions[0]['member_view'] == 1) {
$display_cpf = true;
}
}
if (!$display_cpf) {
if ($cpf_permissions[0]['friend_view'] == 1) {
if (!is_null($GLOBALS['SITE_DB']->query_value_null_ok('chat_buddies', 'member_liked', array('member_likes' => $member_id, 'member_liked' => get_member())))) {
$display_cpf = true;
}
}
if (!is_guest()) {
if ($cpf_permissions[0]['group_view'] == 'all') {
$display_cpf = true;
} else {
if (strlen($cpf_permissions[0]['group_view']) > 0) {
require_code('ocfiltering');
$groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list(false, false, false, NULL, $member_id);
$groups_to_search = array();
foreach (array_keys($groups) as $group_id) {
$groups_to_search[$group_id] = NULL;
}
$matched_groups = ocfilter_to_idlist_using_memory($cpf_permissions[0]['group_view'], $groups_to_search);
if (count($matched_groups) > 0) {
$display_cpf = true;
}
}
}
}
}
}
if ($display_cpf) {
$rendered_value = $ob->render_field_value($field_to_show, $member_value, $i, NULL);
$custom_fields[$field_to_show['trans_name']] = array('RAW' => $member_value, 'RENDERED' => $rendered_value);
}
}
return $custom_fields;
}
/**
* Get form fields for adding/editing/finishing a member profile.
*
* @param boolean Whether we are only handling the essential details of a profile.
* @param ?MEMBER The ID of the member we are handling (NULL: new member).
* @param ?array A list of usergroups (NULL: default/current usergroups).
* @param ?array A map of custom fields values (field-id=>value) (NULL: not known).
* @return array A pair: The form fields, Hidden fields (both Tempcode).
*/
function ocf_get_member_fields_profile($mini_mode = true, $member_id = NULL, $groups = NULL, $custom_fields = NULL)
{
$fields = new ocp_tempcode();
$hidden = new ocp_tempcode();
if (is_null($groups)) {
$groups = is_null($member_id) ? ocf_get_all_default_groups(true) : $GLOBALS['OCF_DRIVER']->get_members_groups($member_id);
}
$_custom_fields = ocf_get_all_custom_fields_match($groups, $mini_mode || is_null($member_id) || $member_id == get_member() || has_specific_permission(get_member(), 'view_any_profile_field') ? NULL : 1, $mini_mode || is_null($member_id) || $member_id != get_member() ? NULL : 1, $mini_mode || is_null($member_id) || $member_id != get_member() ? NULL : 1, NULL, NULL, NULL, 0, $mini_mode ? true : NULL);
$GLOBALS['NO_DEBUG_MODE_FULLSTOP_CHECK'] = true;
$field_groups = array();
require_code('fields');
foreach ($_custom_fields as $custom_field) {
// if (($custom_field['cf_locked']==0) || (!is_null($member_id)))
// {
$ob = get_fields_hook($custom_field['cf_type']);
list(, , $storage_type) = $ob->get_field_value_row_bits($custom_field);
$existing_field = !is_null($custom_fields) && array_key_exists($custom_field['id'], $custom_fields);
if ($existing_field) {
$value = mixed();
$value = $custom_fields[$custom_field['id']];
if (is_float($value)) {
$value = float_to_raw_string($value, 10, true);
} elseif (is_integer($value)) {
$value = strval($value);
}
if (strpos($storage_type, '_trans') !== false) {
$value = is_null($value) || $value == 0 ? '' : get_translated_text($value, $GLOBALS['FORUM_DB']);
}
if ($custom_field['cf_encrypted'] == 1 && is_encryption_enabled()) {
$value = remove_magic_encryption_marker($value);
}
} else {
$value = $custom_field['cf_default'];
}
$result = new ocp_tempcode();
$_description = escape_html(get_translated_text($custom_field['cf_description'], $GLOBALS['FORUM_DB']));
$field_cat = '';
$matches = array();
if (strpos($custom_field['trans_name'], ': ') !== false) {
$field_cat = substr($custom_field['trans_name'], 0, strpos($custom_field['trans_name'], ': '));
if ($field_cat . ': ' == $custom_field['trans_name']) {
$custom_field['trans_name'] = $field_cat;
// Just been pulled out as heading, nothing after ": "
} else {
$custom_field['trans_name'] = substr($custom_field['trans_name'], strpos($custom_field['trans_name'], ': ') + 2);
}
} elseif (preg_match('#(^\\([A-Z][^\\)]*\\) )|( \\([A-Z][^\\)]*\\)$)#', $custom_field['trans_name'], $matches) != 0) {
$field_cat = trim($matches[0], '() ');
$custom_field['trans_name'] = str_replace($matches[0], '', $custom_field['trans_name']);
}
$result = $ob->get_field_inputter($custom_field['trans_name'], $_description, $custom_field, $value, !$existing_field);
if (!array_key_exists($field_cat, $field_groups)) {
$field_groups[$field_cat] = new ocp_tempcode();
}
if (is_array($result)) {
$field_groups[$field_cat]->attach($result[0]);
$hidden->attach($result[1]);
} else {
$field_groups[$field_cat]->attach($result);
}
$hidden->attach(form_input_hidden('label_for__custom_' . strval($custom_field['id']) . '_value', $custom_field['trans_name']));
// }
}
if (array_key_exists('', $field_groups)) {
$field_groups_blank = $field_groups[''];
unset($field_groups['']);
$field_groups = array_merge(array($field_groups_blank), $field_groups);
}
foreach ($field_groups as $field_group_title => $extra_fields) {
if (is_integer($field_group_title)) {
$field_group_title = $field_group_title == 0 ? '' : strval($field_group_title);
}
if ($field_group_title != '') {
$fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => $field_group_title)));
}
$fields->attach($extra_fields);
}
$GLOBALS['NO_DEBUG_MODE_FULLSTOP_CHECK'] = false;
return array($fields, $hidden);
}
