function mob_m_ban_user($rpcmsg)
{
global $mobdb, $context, $func, $user_info, $modSettings, $user_info, $sourcedir;
checkSession('session');
// Cannot ban an user?
if (!allowedTo('manage_bans')) {
mob_error('cannot ban users');
}
$reason = strtr($func['htmlspecialchars']($rpcmsg->getParam(2) ? $rpcmsg->getScalarValParam(2) : ''), array("\r" => '', "\n" => '', "\t" => ''));
$username = $rpcmsg->getScalarValParam(0);
require_once $sourcedir . '/Subs-Auth.php';
// If we have an user ID, use it otherwise search for the user
if (!is_null($id_user)) {
$request = $mobdb->query('
SELECT ID_MEMBER
FROM {db_prefix}members
WHERE ID_MEMBER = {int:member}', array('member' => $id_user));
if ($mobdb->num_rows($request) == 0) {
$id_user = null;
} else {
list($id_user) = $mobdb->fetch_row($request);
}
$mobdb->free_result($request);
}
// Otherwise search from the DB,
if (is_null($id_user)) {
$username = utf8ToAscii($username);
$members = findMembers($username);
if (empty($members)) {
mob_error('user not found');
}
$member_ids = array_keys($members);
$id_user = $members[$member_ids[0]]['id'];
}
$member = $id_user;
// Create the ban
$mobdb->query('
INSERT INTO {db_prefix}ban_groups
(name, ban_time, cannot_access, expire_time, reason)
VALUES
({string:name}, {int:time}, 1, NULL, {string:reason})', array('time' => time(), 'name' => 'Tapatalk ban (' . $username . ')', 'reason' => $reason));
$id_ban_group = $mobdb->insert_id();
// Insert the user into the ban
$mobdb->query('
INSERT INTO {db_prefix}ban_items
(ID_BAN_GROUP, ID_MEMBER)
VALUES
({int:group}, {int:member})', array('group' => $id_ban_group, 'member' => $member));
// Do we have to delete every post made by this user?
// !!! Optimize this
if ($rpcmsg->getScalarValParam(1) == 2) {
require_once $sourcedir . '/RemoveTopic.php';
@ignore_user_abort();
@set_time_limit(0);
$request = $mobdb->query('
SELECT m.ID_MSG AS id_msg
FROM {db_prefix}messages AS m
LEFT JOIN {db_prefix}topics AS t ON (t.ID_TOPIC = m.ID_TOPIC)
WHERE m.ID_MEMBER = {int:member}
AND (t.ID_FIRST_MSG != m.ID_MSG OR t.numReplies = 0)', array('member' => $member));
while ($row = $mobdb->fetch_assoc($request)) {
removeMessage($row['id_msg']);
}
$mobdb->free_result($request);
}
// Return a true response
return new xmlrpcresp(new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean')), 'struct'));
}
function method_report_post()
{
global $context, $mobdb, $modSettings, $scripturl, $user_info, $sourcedir, $txt;
// Get the message ID
if (!isset($context['mob_request']['params'][0])) {
outputRPCResult(false, $txt['smf272']);
}
$id_msg = (int) $context['mob_request']['params'][0][0];
$reason = utf8ToAscii(base64_decode($context['mob_request']['params'][1][0]));
require_once $sourcedir . '/Subs-Post.php';
$mobdb->query("\n SELECT m.subject, m.ID_MEMBER, m.posterName, mem.realName, m.ID_TOPIC, m.ID_BOARD\n FROM {db_prefix}messages AS m\n LEFT JOIN {db_prefix}members AS mem ON (m.ID_MEMBER = mem.ID_MEMBER)\n WHERE m.ID_MSG = {$id_msg}\n LIMIT 1", array());
if ($mobdb->num_rows() == 0) {
outputRPCResult(false, $txt['smf272']);
}
$message_info = $mobdb->fetch_assoc();
global $topic, $board;
list($subject, $member, $posterName, $realName, $topic, $board) = array($message_info['subject'], $message_info['ID_MEMBER'], $message_info['posterName'], $message_info['realName'], $message_info['ID_TOPIC'], $message_info['ID_BOARD']);
$mobdb->free_result();
loadBoard();
loadPermissions();
// You can't use this if it's off or you are not allowed to do it.
if (!allowedTo('report_any')) {
outputRPCResult(false, $txt['cannot_report_any']);
}
spamProtection('spam');
if ($member == $user_info['id']) {
outputRPCResult(false, $txt['rtm_not_own']);
}
$posterName = un_htmlspecialchars($realName) . ($realName != $posterName ? ' (' . $posterName . ')' : '');
$reporterName = un_htmlspecialchars($user_info['name']) . ($user_info['name'] != $user_info['username'] && $user_info['username'] != '' ? ' (' . $user_info['username'] . ')' : '');
$subject = un_htmlspecialchars($subject);
// Get a list of members with the moderate_board permission.
require_once $sourcedir . '/Subs-Members.php';
$moderators = membersAllowedTo('moderate_board', $board);
$mobdb->query("\n SELECT ID_MEMBER, emailAddress, lngfile\n FROM {db_prefix}members\n WHERE ID_MEMBER IN (" . implode(', ', $moderators) . ")\n AND notifyTypes != 4\n ORDER BY lngfile", array());
// Check that moderators do exist!
if ($mobdb->num_rows() == 0) {
outputRPCResult(false, $txt['rtm11']);
}
// Send every moderator an email.
while ($row = $mobdb->fetch_assoc()) {
loadLanguage('Post', empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'], false);
// Send it to the moderator.
sendmail($row['emailAddress'], $txt['rtm3'] . ': ' . $subject . ' ' . $txt['rtm4'] . ' ' . $posterName, sprintf($txt['rtm_email1'], $subject) . ' ' . $posterName . ' ' . $txt['rtm_email2'] . ' ' . (empty($user_info['id']) ? $txt['guest'] . ' (' . $user_info['ip'] . ')' : $reporterName) . ' ' . $txt['rtm_email3'] . ":\n\n" . $scripturl . '?topic=' . $topic . '.msg' . $id_msg . '#msg' . $id_msg . "\n\n" . $txt['rtm_email_comment'] . ":\n" . $reason . "\n\n" . $txt[130], $user_info['email']);
}
$mobdb->free_result();
outputRPCResult(true);
}
function mob_update_password($rpcmsg)
{
global $txt, $modSettings;
global $cookiename, $context;
global $sourcedir, $scripturl, $db_prefix;
global $ID_MEMBER, $user_info;
global $newpassemail, $user_profile, $validationCode;
loadLanguage('Profile');
// Start with no updates and no errors.
$profile_vars = array();
$post_errors = array();
$good_password = false;
// reset directly with tapatalk id credential
if ($rpcmsg->getParam(2)) {
$_POST['passwrd1'] = $rpcmsg->getParam(0) ? $rpcmsg->getScalarValParam(0) : '';
$_POST['passwrd1'] = utf8ToAscii($_POST['passwrd1']);
$token = $rpcmsg->getParam(1) ? $rpcmsg->getScalarValParam(1) : '';
$code = $rpcmsg->getParam(2) ? $rpcmsg->getScalarValParam(2) : '';
// verify Tapatalk Authorization
if ($token && $code) {
$ttid = TapatalkSsoVerification($token, $code);
if ($ttid && $ttid->result) {
$tapatalk_id_email = $ttid->email;
if (empty($ID_MEMBER) && ($ID_MEMBER = emailExists($tapatalk_id_email))) {
loadMemberData($ID_MEMBER, false, 'profile');
$user_info = $user_profile[$ID_MEMBER];
$user_info['is_guest'] = false;
$user_info['is_admin'] = $user_info['id_group'] == 1 || in_array(1, explode(',', $user_info['additionalGroups']));
$user_info['id'] = $ID_MEMBER;
if (empty($user_info['additionalGroups'])) {
$user_info['groups'] = array($user_info['ID_GROUP'], $user_info['ID_POST_GROUP']);
} else {
$user_info['groups'] = array_merge(array($user_info['ID_GROUP'], $user_info['ID_POST_GROUP']), explode(',', $user_info['additionalGroups']));
}
$user_info['groups'] = array_unique(array_map('intval', $user_info['groups']));
loadPermissions();
}
if (strtolower($user_info['emailAddress']) == strtolower($tapatalk_id_email) && $user_info['ID_GROUP'] != 1) {
$good_password = true;
}
}
}
if (!$good_password) {
get_error('Failed to update password');
}
} else {
$_POST['oldpasswrd'] = $rpcmsg->getParam(0) ? $rpcmsg->getScalarValParam(0) : '';
$_POST['passwrd1'] = $rpcmsg->getParam(1) ? $rpcmsg->getScalarValParam(1) : '';
$_POST['passwrd1'] = utf8ToAscii($_POST['passwrd1']);
}
// Clean up the POST variables.
$_POST = htmltrim__recursive($_POST);
$_POST = stripslashes__recursive($_POST);
$_POST = htmlspecialchars__recursive($_POST);
$_POST = addslashes__recursive($_POST);
$memberResult = loadMemberData($ID_MEMBER, false, 'profile');
if (!is_array($memberResult)) {
fatal_lang_error(453, false);
}
$memID = $ID_MEMBER;
$context['user']['is_owner'] = true;
isAllowedTo(array('manage_membergroups', 'profile_identity_any', 'profile_identity_own'));
// You didn't even enter a password!
if (trim($_POST['oldpasswrd']) == '' && !$good_password) {
fatal_error($txt['profile_error_no_password']);
}
// Since the password got modified due to all the $_POST cleaning, lets undo it so we can get the correct password
$_POST['oldpasswrd'] = addslashes(un_htmlspecialchars(stripslashes($_POST['oldpasswrd'])));
// Does the integration want to check passwords?
if (isset($modSettings['integrate_verify_password']) && function_exists($modSettings['integrate_verify_password'])) {
if (call_user_func($modSettings['integrate_verify_password'], $user_profile[$memID]['memberName'], $_POST['oldpasswrd'], false) === true) {
$good_password = true;
}
}
// Bad password!!!
if (!$good_password && $user_info['passwd'] != sha1(strtolower($user_profile[$memID]['memberName']) . $_POST['oldpasswrd'])) {
fatal_error($txt['profile_error_bad_password']);
}
// Let's get the validation function into play...
require_once $sourcedir . '/Subs-Auth.php';
$passwordErrors = validatePassword($_POST['passwrd1'], $user_info['username'], array($user_info['name'], $user_info['email']));
// Were there errors?
if ($passwordErrors != null) {
fatal_error($txt['profile_error_password_' . $passwordErrors]);
}
// Set up the new password variable... ready for storage.
$profile_vars['passwd'] = '\'' . sha1(strtolower($user_profile[$memID]['memberName']) . un_htmlspecialchars(stripslashes($_POST['passwrd1']))) . '\'';
// If we've changed the password, notify any integration that may be listening in.
if (isset($modSettings['integrate_reset_pass']) && function_exists($modSettings['integrate_reset_pass'])) {
call_user_func($modSettings['integrate_reset_pass'], $user_profile[$memID]['memberName'], $user_profile[$memID]['memberName'], $_POST['passwrd1']);
}
updateMemberData($memID, $profile_vars);
require_once $sourcedir . '/Subs-Auth.php';
setLoginCookie(60 * $modSettings['cookieTime'], $memID, sha1(sha1(strtolower($user_profile[$memID]['memberName']) . un_htmlspecialchars(stripslashes($_POST['passwrd1']))) . $user_profile[$memID]['passwordSalt']));
$response = array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'));
return new xmlrpcresp(new xmlrpcval($response, 'struct'));
}
function mob_get_participated_topic($rpcmsg)
{
global $mobdb, $scripturl, $user_info, $settings, $modSettings, $sourcedir;
require_once $sourcedir . '/Subs-Auth.php';
// Load the parameters, username must always be there
$username = $rpcmsg->getScalarValParam(0);
$start = $rpcmsg->getParam(1) ? $rpcmsg->getScalarValParam(1) : 0;
$end = $rpcmsg->getParam(2) ? $rpcmsg->getScalarValParam(2) : $start + 9;
$id_user = $rpcmsg->getParam(3) ? (int) $rpcmsg->getScalarValParam(3) : null;
$count = $end - $start + 1;
// If we have an user ID, use it otherwise search for the user
if (!is_null($id_user)) {
$request = $mobdb->query('
SELECT ID_MEMBER
FROM {db_prefix}members
WHERE ID_MEMBER = {int:member}', array('member' => $id_user));
if ($mobdb->num_rows($request) == 0) {
$id_user = null;
} else {
list($id_user) = $mobdb->fetch_row($request);
}
$mobdb->free_result($request);
}
// Otherwise search from the DB,
if (is_null($id_user)) {
$username = utf8ToAscii($username);
$members = findMembers($username);
if (empty($members)) {
mob_error('user not found');
}
$member_ids = array_keys($members);
$id_user = $members[$member_ids[0]]['id'];
}
// Get the topic's count
$request = $mobdb->query('
SELECT COUNT(*)
FROM {db_prefix}messages AS m
INNER JOIN {db_prefix}topics AS t ON (m.ID_TOPIC = t.ID_TOPIC)
WHERE m.ID_MEMBER = {int:member}
GROUP BY m.ID_TOPIC', array('member' => $id_user));
list($topic_count) = $mobdb->fetch_row($request);
$mobdb->free_result($request);
// Get the topics themselves
$request = $mobdb->query('
SELECT t.ID_TOPIC AS id_topic
FROM {db_prefix}messages AS m
INNER JOIN {db_prefix}topics AS t ON (m.ID_TOPIC = t.ID_TOPIC)
INNER JOIN {db_prefix}boards AS b ON (b.ID_BOARD = m.ID_BOARD)
INNER JOIN {db_prefix}messages AS lm ON (t.ID_LAST_MSG = lm.ID_MSG)
WHERE m.ID_MEMBER = {int:member}
AND {query_see_board}
GROUP BY m.ID_TOPIC
ORDER BY lm.posterTime DESC
LIMIT {int:start}, {int:limit}', array('member' => $id_user, 'start' => $start, 'limit' => $count));
$topics = array();
while ($row = $mobdb->fetch_assoc($request)) {
$topics[] = $row['id_topic'];
}
$mobdb->free_result($request);
// Return the topics
return new xmlrpcresp(new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'total_topic_num' => new xmlrpcval($topic_count, 'int'), 'topics' => new xmlrpcval(!empty($topics) ? get_topics('t.ID_TOPIC IN ({array_int:topics})', array('topics' => $topics), $start, $count, false) : array(), 'array')), 'struct'));
}
