function Alert($s, $t = "") { if ($t == "") { $t = __("Notice"); } RenderTemplate('messagebox', array('msgtitle' => $t, 'message' => $s)); }
$sessionID = Shake(); setcookie("logsession", $sessionID, 2147483647, URL_ROOT, "", false, true); Query("INSERT INTO {sessions} (id, user, autoexpire) VALUES ({0}, {1}, {2})", doHash($sessionID . SALT), $user['id'], $_POST['session'] ? 1 : 0); Report("[b]" . $user['name'] . "[/] logged in.", 1); $rLogUser = Query("select id, pss, password from {users} where 1"); $matches = array(); while ($testuser = Fetch($rLogUser)) { if ($testuser['id'] == $user['id']) { continue; } $sha = doHash($_POST['pass'] . SALT . $testuser['pss']); if ($testuser['password'] === $sha) { $matches[] = $testuser['id']; } } if (count($matches) > 0) { Query("INSERT INTO {passmatches} (date,ip,user,matches) VALUES (UNIX_TIMESTAMP(),{0},{1},{2})", $_SERVER['REMOTE_ADDR'], $user['id'], implode(',', $matches)); } die(header("Location: " . URL_ROOT)); } } $title = __('Log in'); MakeCrumbs(array('' => __('Log in'))); $forgotPass = ''; if (Settings::get("mailResetSender") != "") { $forgotPass = "******"document.location = '" . htmlentities(actionLink("lostpass"), ENT_QUOTES) . "'; return false;\">" . __("Forgot password?") . "</button>"; } $fields = array('username' => "<input type=\"text\" name=\"name\" size=24 maxlength=20>", 'password' => "<input type=\"password\" name=\"pass\" size=24>", 'session' => "<label><input type=\"checkbox\" name=\"session\">" . __("This session only") . "</label>", 'btnLogin' => "<input type=\"submit\" name=\"actionlogin\" value=\"" . __("Log in") . "\">", 'btnForgotPass' => $forgotPass); echo "<form name=\"loginform\" action=\"" . htmlentities(actionLink("login")) . "\" method=\"post\">"; RenderTemplate('form_login', array('fields' => $fields)); echo "</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.loginform.name.focus();\n\t</script>";
<input type="text" name="pollOption[' . $i . ']" value="' . $opttext . '" size=48 maxlength=40> Color: <input type="text" name="pollColor[' . $i . ']" value="' . $color . '" size=10 maxlength=7 class="color {hash:true,required:false,pickerFaceColor:\'black\',pickerFace:3,pickerBorder:0,pickerInsetColor:\'black\',pickerPosition:\'left\',pickerMode:\'HVS\'}"> <input type="submit" name="pollRemove[' . $i . ']" value="×" onclick="removeOption(this.parentNode);return false;"> </div>'; } } $pollSettings .= '</div>'; $pollSettings .= '<input type="submit" name="pollAdd" value="' . __('Add option') . '" onclick="addOption();return false;">'; $moodSelects = array(); if ($_POST['mood']) { $moodSelects[(int) $_POST['mood']] = "selected=\"selected\" "; } $moodOptions = "<option " . $moodSelects[0] . "value=\"0\">" . __("[Default avatar]") . "</option>\n"; $rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid); while ($mood = Fetch($rMoods)) { $moodOptions .= format("\n\t<option {0} value=\"{1}\">{2}</option>\n", $moodSelects[$mood['mid']], $mood['mid'], htmlspecialchars($mood['name'])); } $mod_lock = ''; $mod_stick = ''; if (HasPermission('mod.closethreads', $forum['id'])) { $mod_lock = "<label><input type=\"checkbox\" " . getCheck("lock") . " name=\"lock\"> " . __("Close thread", 1) . "</label>\n"; } if (HasPermission('mod.stickthreads', $forum['id'])) { $mod_stick = "<label><input type=\"checkbox\" " . getCheck("stick") . " name=\"stick\"> " . __("Sticky", 1) . "</label>\n"; } $fields = array('title' => "<input type=\"text\" name=\"title\" size=80 maxlength=\"60\" value=\"{$trefill}\">", 'icon' => $iconSettings, 'pollQuestion' => "<input type=\"text\" name=\"pollQuestion\" value=\"" . htmlspecialchars($_POST['pollQuestion']) . "\" size=80 maxlength=\"100\">", 'pollOptions' => $pollSettings, 'pollMultivote' => "<label><input type=\"checkbox\" " . ($_POST['multivote'] ? "checked=\"checked\"" : "") . " name=\"multivote\"> " . __("Multivote", 1) . "</label>", 'text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n{$prefill}</textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" " . getCheck('nopl') . " name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" " . getCheck('nosm') . " name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'lock' => $mod_lock, 'stick' => $mod_stick, 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">", 'btnAddPoll' => "<input type=\"submit\" name=\"addpoll\" value=\"" . __("Add poll") . "\" onclick=\"addPoll();return false;\">", 'btnRemovePoll' => "<input type=\"submit\" name=\"deletepoll\" value=\"" . __("Remove poll") . "\" onclick=\"removePoll();return false;\">"); echo "\n\t<script src=\"" . resourceLink("js/threadtagging.js") . "\"></script>\n\t<script src=\"" . resourceLink('js/polleditor.js') . "\"></script>\n\t<form name=\"postform\" action=\"" . htmlentities(actionLink("newthread", $fid)) . "\" method=\"post\" enctype=\"multipart/form-data\">"; RenderTemplate('form_newthread', array('fields' => $fields, 'pollMode' => (int) $_POST['poll'])); PostAttachForm($attachs); echo "\n\t\t<input type=\"hidden\" name=\"poll\" id=\"pollModeVal\" value=\"" . (int) $_POST['poll'] . "\">\n\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n"; LoadPostToolbar();
function WriteForumTableContents() { global $forumBoards; $boards = array(); $cats = array(); $forums = array(); foreach ($forumBoards as $bid => $bname) { $boards[$bid] = array('id' => $bid, 'name' => $bname, 'cats' => array()); } $rCats = Query("SELECT * FROM {categories} ORDER BY board, corder, id"); while ($cat = Fetch($rCats)) { $cats[$cat['board']][$cat['id']] = $cat; } $rForums = Query("SELECT * FROM {forums} ORDER BY l"); $cid = -1; $lastr = 0; $level = 1; while ($forum = Fetch($rForums)) { if ($forum['catid'] >= 0) { $cid = $forum['catid']; } if ($lastr) { if ($forum['r'] < $lastr) { // we went up one level $level++; } else { // we went down a few levels maybe $level -= $forum['l'] - $lastr - 1; } } $forum['level'] = $level; $lastr = $forum['r']; $forums[$cid][$forum['id']] = $forum; } $btnNewForum = empty($cats) ? '' : '<button onclick="newForum();">' . __("Add forum") . '</button>'; $btnNewCategory = '<button onclick="newCategory();">' . __("Add category") . '</button>'; RenderTemplate('editfora_list', array('boards' => $boards, 'cats' => $cats, 'forums' => $forums, 'selectedForum' => (int) $_GET['s'], 'btnNewForum' => $btnNewForum, 'btnNewCategory' => $btnNewCategory)); }
Kill(__("Unknown user ID.")); } $title = __("Post list"); $total = FetchResult("\n\t\t\tSELECT\n\t\t\t\tcount(p.id)\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread{$extrashit}\n\t\t\tWHERE p.user={0} AND t.forum IN ({1c})", $id, ForumsWithPermission('forum.viewforum')); $ppp = $loguser['postsperpage']; if (isset($_GET['from'])) { $from = (int) $_GET['from']; } else { $from = 0; } if (!$ppp) { $ppp = 25; } $rPosts = Query("\tSELECT\n\t\t\t\tp.*,\n\t\t\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\t\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock,fulllayout),\n\t\t\t\tru.(_userfields),\n\t\t\t\tdu.(_userfields),\n\t\t\t\tt.id thread, t.title threadname,\n\t\t\t\tf.id fid\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = p.currentrevision\n\t\t\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\t\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\t\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\t\t\tLEFT JOIN {categories} c ON c.id=f.catid\n\t\t\tWHERE u.id={1} AND f.id IN ({4c}){$extrashit}\n\t\t\tORDER BY date ASC LIMIT {2u}, {3u}", $loguserid, $id, $from, $ppp, ForumsWithPermission('forum.viewforum')); $numonpage = NumRows($rPosts); $uname = $user["name"]; if ($user["displayname"]) { $uname = $user["displayname"]; } MakeCrumbs(array(actionLink("profile", $id, "", $user["name"]) => htmlspecialchars($uname), '' => __("List of posts"))); $pagelinks = PageLinks(actionLink("listposts", $id, "from=", $user['name']), $ppp, $from, $total); RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'top')); if (NumRows($rPosts)) { while ($post = Fetch($rPosts)) { MakePost($post, POST_NORMAL, array('threadlink' => 1, 'tid' => $post['thread'], 'fid' => $post['fid'], 'noreplylinks' => 1)); } } else { Alert('This user has no posts.', 'Notice'); } RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'bottom'));
if (!HasPermission('forum.viewforum', $fid)) { Kill(__('You may not access this forum.')); } $tags = ParseThreadTags($thread['title']); $isHidden = !HasPermission('forum.viewforum', $fid, true); if ($_POST['report']) { if ($_POST['key'] !== $loguser['token']) { Kill(__('No.')); } // TODO make this use actual notifications or anything better Query("INSERT INTO {pmsgs_text} (title,text) VALUES ({0},{1})", "Post report (post #{$pid})", ''); $pmid = InsertId(); Query("INSERT INTO {pmsgs} (id,userto,userfrom,date,ip,msgread,deleted,drafting)\n\t\tVALUES ({0},{1},{2},{3},{4},0,0,0)", $pmid, -1, $loguserid, time(), $_SERVER['REMOTE_ADDR']); $report = "<strong>Post report</strong>\n\n<strong>Post:</strong> " . actionLinkTag($tags[0], 'post', $pid) . " (post #{$pid})\n\n<strong>Message:</strong>\n{$_POST['message']}\n\n" . actionLinkTag('Mark issue as resolved', 'showprivate', $pmid, 'markread=1'); Query("UPDATE {pmsgs_text} SET text={0} WHERE pid={1}", $report, $pmid); SendNotification('pm', $pmid, -1); die(header('Location: ' . actionLink('post', $pid))); } MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $isHidden ? '' : $tags[0]) => $tags[0], '' => __("Report post"))); $user = Fetch(Query("SELECT * FROM {users} WHERE id={0}", $post['user'])); foreach ($user as $key => $value) { $post['u_' . $key] = $value; } MakePost($post, POST_SAMPLE); $fields = array('message' => '<textarea id="text" name="message" rows=10></textarea>', 'btnSubmit' => '<input type="submit" name="report" value="' . __('Submit report') . '">'); echo ' <form action="" method="POST">'; RenderTemplate('form_reportpost', array('fields' => $fields)); echo ' <input type="hidden" name="key" value="' . $loguser['token'] . '"> </form>';
} } RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'bottom')); if ($loguserid && HasPermission('forum.postreplies', $fid) && !$thread['closed'] && !$isold) { $ninja = FetchResult("select id from {posts} where thread={0} order by date desc limit 0, 1", $tid); $mod_lock = ''; if (HasPermission('mod.closethreads', $fid)) { if (!$thread['closed']) { $mod_lock = "<label><input type=\"checkbox\" name=\"lock\"> " . __("Close thread", 1) . "</label>\n"; } else { $mod_lock = "<label><input type=\"checkbox\" name=\"unlock\"> " . __("Open thread", 1) . "</label>\n"; } } $mod_stick = ''; if (HasPermission('mod.stickthreads', $fid)) { if (!$thread['sticky']) { $mod_stick = "<label><input type=\"checkbox\" name=\"stick\"> " . __("Sticky", 1) . "</label>\n"; } else { $mod_stick = "<label><input type=\"checkbox\" name=\"unstick\"> " . __("Unstick", 1) . "</label>\n"; } } $moodOptions = "<option selected=\"selected\" value=\"0\">" . __("[Default avatar]") . "</option>\n"; $rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid); while ($mood = Fetch($rMoods)) { $moodOptions .= format("\n\t<option value=\"{0}\">{1}</option>\n", $mood['mid'], htmlspecialchars($mood['name'])); } $fields = array('text' => "<textarea id=\"text\" name=\"text\" rows=\"8\"></textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'lock' => $mod_lock, 'stick' => $mod_stick, 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">"); echo "\n\t<form action=\"" . htmlentities(actionLink("newreply", $tid)) . "\" method=\"post\">\n\t\t<input type=\"hidden\" name=\"ninja\" value=\"{$ninja}\">"; RenderTemplate('form_quickreply', array('fields' => $fields)); echo "\n\t</form>"; }
$disabledplugins[$plugin] = $plugindata['name']; } } } } asort($enabledplugins); asort($disabledplugins); $ep = array(); $dp = array(); foreach ($enabledplugins as $plugin => $pluginname) { $ep[] = listPlugin($plugin, $pluginDatas[$plugin]); } foreach ($disabledplugins as $plugin => $pluginname) { $dp[] = listPlugin($plugin, $pluginDatas[$plugin]); } RenderTemplate('pluginlist', array('enabledPlugins' => $ep, 'disabledPlugins' => $dp)); function listPlugin($plugin, $plugindata) { global $plugins, $loguser; $pdata = $plugindata; $hasperms = false; if (!isset($plugins[$plugin]) && file_exists('plugins/' . $plugin . '/permStrings.php')) { $hasperms = true; } if ($hasperms) { $pdata['description'] .= '<br><strong>This plugin has permissions. After enabling it, make sure to configure them properly.</strong>'; } $text = __("Enable"); $act = "enable"; if (isset($plugins[$plugin])) { $text = __("Disable");
function PostAttachForm($files) { if (!Settings::get('postAttach')) { return; } $fdata = array(); asort($files); foreach ($files as $_fileid => $filename) { $fileid = htmlspecialchars($_fileid); $fdata[] = htmlspecialchars($filename) . ' <label><input type="checkbox" name="deletefile[' . $fileid . ']" value="1"> Delete</label> <input type="hidden" name="files[' . $fileid . ']" value="blarg">'; } $fields = array('newFile' => '<input type="file" name="newfile">', 'btnSave' => '<input type="submit" name="saveuploads" value="' . __('Save') . '">'); RenderTemplate('form_attachfiles', array('files' => $fdata, 'fields' => $fields, 'fileCap' => BytesToSize(POST_ATTACHMENT_CAP))); }
if ($iconid == $i) { $check = "checked=\"checked\" "; } $icons .= "\t<label>\n\t\t\t\t\t\t<input type=\"radio\" {$check} name=\"iconid\" value=\"{$i}\">\n\t\t\t\t\t\t<img src=\"" . resourceLink("img/icons/icon{$i}.png") . "\" alt=\"Icon {$i}\" onclick=\"javascript:void()\">\n\t\t\t\t\t</label>"; $i++; } $check[0] = ""; $check[1] = ""; if ($iconid == 0) { $check[0] = "checked=\"checked\" "; } if ($iconid == 255) { $check[1] = "checked=\"checked\" "; } $iconSettings = "\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"radio\" {$check[0]} name=\"iconid\" value=\"0\">\n\t\t\t\t\t\t<span>" . __("None") . "</span>\n\t\t\t\t\t</label>\n\t\t\t\t\t{$icons}\n\t\t\t\t\t<br/>\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"radio\" {$check[1]} name=\"iconid\" value=\"255\">\n\t\t\t\t\t\t<span>" . __("Custom") . "</span>\n\t\t\t\t\t</label>\n\t\t\t\t\t<input type=\"text\" name=\"iconurl\" size=60 maxlength=\"100\" value=\"" . htmlspecialchars($iconurl) . "\">"; $fields['title'] = "<input type=\"text\" id=\"tit\" name=\"title\" size=80 maxlength=\"60\" value=\"" . htmlspecialchars($thread['title']) . "\">"; $fields['icon'] = $iconSettings; } if ($canClose) { $fields['closed'] = "<label><input type=\"checkbox\" name=\"isClosed\" " . ($thread['closed'] ? " checked=\"checked\"" : "") . "> " . __('Closed') . "</label>"; } if ($canStick) { $fields['sticky'] = "<label><input type=\"checkbox\" name=\"isSticky\" " . ($thread['sticky'] ? " checked=\"checked\"" : "") . "> " . __('Sticky') . "</label>"; } if ($canMove) { $fields['forum'] = makeForumList('moveTo', $thread['forum']); } $fields['btnEditThread'] = "<input type=\"submit\" name=\"actionedit\" value=\"" . __("Edit") . "\">"; echo "\n\t<script src=\"" . resourceLink("js/threadtagging.js") . "\"></script>\n\t<form action=\"" . htmlentities(actionLink("editthread")) . "\" method=\"post\">"; RenderTemplate('form_editthread', array('fields' => $fields, 'canRename' => $canRename, 'canClose' => $canClose, 'canStick' => $canStick, 'canMove' => $canMove)); echo "\n\t\t<input type=\"hidden\" name=\"id\" value=\"{$tid}\">\n\t\t<input type=\"hidden\" name=\"key\" value=\"" . $loguser['token'] . "\">\n\t\t<input type=\"hidden\" name=\"ref\" value=\"" . htmlspecialchars($_SERVER['HTTP_REFERER']) . "\">\n\t</form>";
$pic = str_replace('$root/', DATA_URL, $user['picture']); $udata['avatar'] = "<img src=\"" . htmlspecialchars($pic) . "\" alt=\"\" style=\"max-width: 60px;max-height:60px;\">"; } else { $udata['avatar'] = ''; } $udata['num'] = $i; $udata['link'] = UserLink($user); $udata['posts'] = $user['posts']; $udata['birthday'] = $user['birthday'] ? cdate('M jS', $user['birthday']) : ''; $udata['regdate'] = cdate('M jS Y', $user['regdate']); $users[] = $udata; $i++; } $getArgs[] = 'from='; $pagelinks = PageLinks(actionLink('memberlist', '', implode('&', $getArgs)), $tpp, $from, $numUsers); RenderTemplate('memberlist', array('pagelinks' => $pagelinks, 'numUsers' => $numUsers, 'users' => $users)); function makeSelect($name, $options) { $result = "<select name=\"" . $name . "\" id=\"" . $name . "\">"; $i = 0; $hasgroups = false; foreach ($options as $key => $value) { if ($value == null) { if ($hasgroups) { $result .= "\n\t</optgroup>"; } $result .= "\n\t<optgroup label=\"" . $key . "\">"; $hasgroups = true; continue; } $result .= "\n\t<option" . ($key === $_GET[$name] ? " selected=\"selected\"" : "") . " value=\"" . $key . "\">" . $value . "</option>";
function ForumJump() { global $fid, $loguserid, $loguser, $forum; $viewableforums = ForumsWithPermission('forum.viewforum'); $viewhidden = HasPermission('user.viewhiddenforums'); $rCats = Query("SELECT id, name FROM {categories} WHERE board={0} ORDER BY corder, id", $forum['board']); $cats = array(); while ($cat = Fetch($rCats)) { $cats[$cat['id']] = $cat['name']; } $rFora = Query("\tSELECT\n\t\t\t\t\t\t\tf.id, f.title, f.catid, f.redirect\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t{forums} f\n\t\t\t\t\t\tWHERE f.id IN ({0c})" . (!$viewhidden ? " AND f.hidden=0" : '') . "\n\t\t\t\t\t\tORDER BY f.forder, f.id", $viewableforums); $fora = array(); while ($forum = Fetch($rFora)) { $fora[$forum['catid']][] = $forum; } $theList = ''; foreach ($cats as $cid => $cname) { if (empty($fora[$cid])) { continue; } $theList .= ' <optgroup label="' . htmlspecialchars($cname) . '"> ' . fj_forumBlock($fora, $cid, $fid, 0) . ' </optgroup> '; } $theList = '<select onchange="document.location=this.options[this.selectedIndex].value;">' . ($forum['board'] ? '<option value="' . actionLink('board') . '">Back to main forums</option>' : '') . $theList . '</select>'; RenderTemplate('forumjump', array('forumlist' => $theList)); }
if (!defined('BLARG')) { die; } $board = $_GET['id']; if (!$board) { $board = ''; } if (!isset($forumBoards[$board])) { $board = ''; } if ($loguserid && isset($_GET['action']) && $_GET['action'] == "markallread") { Query("REPLACE INTO {threadsread} (id,thread,date) SELECT {0}, t.id, {1} FROM {threads} t" . ($board != '' ? ' LEFT JOIN {forums} f ON f.id=t.forum WHERE f.board={2}' : ''), $loguserid, time(), $board); die(header("Location: " . actionLink("board", $board))); } $links = array(); if ($loguserid) { $links[] = actionLinkTag(__("Mark all forums read"), "board", $board, "action=markallread"); } MakeCrumbs(forumCrumbs(array('board' => $board)), $links); if ($board == '') { $statData = Fetch(Query("SELECT\n\t\t(SELECT COUNT(*) FROM {threads}) AS numThreads,\n\t\t(SELECT COUNT(*) FROM {posts}) AS numPosts,\n\t\t(SELECT COUNT(*) FROM {users}) AS numUsers,\n\t\t(select count(*) from {posts} where date > {0}) AS newToday,\n\t\t(select count(*) from {posts} where date > {1}) AS newLastHour,\n\t\t(select count(*) from {users} where lastposttime > {2}) AS numActive", time() - 86400, time() - 3600, time() - 2592000)); $statData['pctActive'] = $statData['numUsers'] ? ceil(100 / $statData['numUsers'] * $statData['numActive']) : 0; $lastUser = Query("select u.(_userfields) from {users} u order by u.regdate desc limit 1"); if (numRows($lastUser)) { $lastUser = getDataPrefix(Fetch($lastUser), "u_"); $statData['lastUserLink'] = UserLink($lastUser); } RenderTemplate('boardstats', array('stats' => $statData)); } makeAnncBar(); makeForumListing(0, $board);
//Make a RANDOM reset key. $resetKey = Shake(); $hashedResetKey = doHash($resetKey . SALT . $user['pss']); $from = Settings::get("mailResetSender"); $to = $user['email']; $subject = format(__("Password reset for {0}"), $user['name']); $message = format(__("A password reset was requested for your user account on {0}."), Settings::get("boardname")) . "\n" . __("If you did not submit this request, this message can be ignored.") . "\n\n" . __("To reset your password, visit the following URL:") . "\n\n" . absoluteActionLink("lostpass", $user['id'], "key={$resetKey}") . "\n\n" . __("This link can be used once."); $headers = "From: " . $from . "\r\n" . "Reply-To: " . $from . "\r\n" . "X-Mailer: PHP"; mail($to, $subject, wordwrap($message, 70), $headers); Query("update {users} set lostkey = {0}, lostkeytimer = {1} where id = {2}", $hashedResetKey, time(), $user['id']); Kill(__("Check your email in a moment and follow the link found therein."), __("Reset email sent")); } Kill(__('Invalid user name or email address.')); } else { $title = __('Request password reset'); MakeCrumbs(array(actionLink('login') => __('Log in'), '' => __('Request password reset'))); echo "\n\t<form action=\"" . htmlentities(actionLink("lostpass")) . "\" method=\"post\">"; $fields = array('username' => "<input type=\"text\" name=\"name\" maxlength=20 size=24>", 'email' => "<input type=\"text\" name=\"mail\" maxlength=60 size=24>", 'email2' => "<input type=\"text\" name=\"mail2\" maxlength=60 size=24>", 'btnSendReset' => "<input type=\"submit\" name=\"action\" value=\"" . __("Send reset email") . "\">"); RenderTemplate('form_lostpass', array('fields' => $fields)); echo "\n\t</form>\n"; } } function randomString($len, $chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789") { $s = ""; for ($i = 0; $i < $len; $i++) { $p = rand(0, strlen($chars) - 1); $s .= $chars[$p]; } return $s; }
} $item['caption'] = ''; break; case 'themeselector': $output .= $themeList; break; } if (isset($item['extra'])) { $output .= " " . $item['extra']; } $item['html'] = $output; $epFields[$catid][$field] = $item; } } echo "\n\t<form action=\"" . htmlentities(actionLink("editprofile")) . "\" method=\"post\" enctype=\"multipart/form-data\">\n"; RenderTemplate('form_editprofile', array('pages' => $epPages, 'categories' => $epCategories, 'fields' => $epFields, 'selectedTab' => $selectedTab, 'btnEditProfile' => "<input type=\"submit\" id=\"submit\" name=\"actionsave\" value=\"" . __("Save") . "\">")); echo "\n\t\t<input type=\"hidden\" name=\"editusermode\" value=\"1\">\n\t\t<input type=\"hidden\" name=\"userid\" value=\"{$userid}\">\n\t\t<input type=\"hidden\" name=\"key\" value=\"{$loguser['token']}\">\n\t</form>\n"; function IsReallyEmpty($subject) { $trimmed = trim(preg_replace("/&.*;/", "", $subject)); return strlen($trimmed) == 0; } function AddPage($page, $name) { global $epPages, $epCategories; $epPages[$page] = $name; $epCategories[$page] = array(); } function AddCategory($page, $cat, $name) { global $epCategories, $epFields;
$udata['link'] = UserLink($user); $udata['lastPost'] = $user['lastposttime'] ? cdate("d-m-y G:i:s", $user['lastposttime']) : __("Never"); $udata['lastView'] = cdate("d-m-y G:i:s", $user['lastactivity']); if ($user['lasturl']) { $udata['lastURL'] = "<a href=\"" . FilterURL($user['lasturl']) . "\">" . FilterURL($user['lasturl']) . "</a>"; } else { $udata['lastURL'] = __("None"); } if ($showIPs) { $udata['ip'] = formatIP($user['lastip']); } $userList[] = $udata; } $guestList = listGuests($rGuests); $botList = listGuests($rBots); RenderTemplate('onlinelist', array('timelinks' => $spanList, 'showIPs' => $showIPs, 'users' => $userList, 'guests' => $guestList, 'bots' => $botList)); function FilterURL($url) { //$url = str_replace('_', ' ', urldecode($url)); // what? $url = htmlspecialchars($url); $url = preg_replace("@(&)?(key|token)=[0-9a-f]{40,64}@i", '', $url); return $url; } function listGuests($rGuests) { global $showIPs; $guestList = array(); $i = 1; while ($guest = Fetch($rGuests)) { $gdata = array(); $gdata['num'] = $i++;
} } else { Alert(__("Enter a title and try again."), __("Your PM is untitled.")); } } if ($_POST['text']) { $prefill = $_POST['text']; } if ($_POST['title']) { $trefill = $_POST['title']; } if ($_POST['actionpreview'] || $draftID) { if ($prefill) { $previewPost['text'] = $prefill; $previewPost['num'] = 0; $previewPost['posts'] = $loguser['posts']; $previewPost['id'] = 0; $previewPost['options'] = 0; foreach ($loguser as $key => $value) { $previewPost['u_' . $key] = $value; } MakePost($previewPost, POST_SAMPLE); } } $fields = array('to' => "<input type=\"text\" name=\"to\" size=40 maxlength=\"128\" value=\"" . htmlspecialchars($_POST['to']) . "\">", 'title' => "<input type=\"text\" name=\"title\" size=80 maxlength=\"60\" value=\"" . htmlspecialchars($trefill) . "\">", 'text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n" . htmlspecialchars($prefill) . "</textarea>", 'btnSend' => "<input type=\"submit\" name=\"actionsend\" value=\"" . __("Send") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">", 'btnSaveDraft' => "<input type=\"submit\" name=\"actionsave\" value=\"" . __("Save draft") . "\">", 'btnDeleteDraft' => "<input type=\"submit\" name=\"actiondelete\" value=\"" . __("Delete draft") . "\" onclick=\"if(!confirm('Really delete this draft?'))return false;\">"); if (!$draftID) { unset($fields['btnDeleteDraft']); } echo "\n\t<form name=\"postform\" action=\"\" method=\"post\">"; RenderTemplate('form_sendprivate', array('fields' => $fields, 'draftMode' => $draftID ? true : false, 'maxRecipients' => 5)); echo "\n\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n";
$cmt = array(); $deleteLink = ''; if ($canDeleteComments || $comment['cid'] == $loguserid && HasPermission('user.deleteownusercomments')) { $deleteLink = "<small style=\"float: right; margin: 0px 4px;\">" . actionLinkTag("✘", "profile", $id, "action=delete&cid=" . $comment['id'] . "&token={$loguser['token']}") . "</small>"; } $cmt['deleteLink'] = $deleteLink; $cmt['userlink'] = UserLink(getDataPrefix($comment, 'u_')); $cmt['formattedDate'] = relativedate($comment['date']); $cmt['text'] = CleanUpPost($comment['text']); $comments[] = $cmt; } $commentField = ''; if ($canComment) { $commentField = "\n\t\t<form name=\"commentform\" method=\"post\" action=\"" . htmlentities(actionLink("profile")) . "\">\n\t\t\t<input type=\"hidden\" name=\"id\" value=\"{$id}\">\n\t\t\t<input type=\"text\" name=\"text\" style=\"width: 80%;\" maxlength=\"255\">\n\t\t\t<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">\n\t\t\t<input type=\"hidden\" name=\"token\" value=\"{$loguser['token']}\">\n\t\t</form>"; } RenderTemplate('profile', array('username' => htmlspecialchars($uname), 'userlink' => UserLink($user), 'profileParts' => $profileParts, 'comments' => $comments, 'commentField' => $commentField, 'pagelinks' => $pagelinks)); if (!$mobileLayout) { $previewPost['text'] = Settings::get("profilePreviewText"); $previewPost['num'] = 0; $previewPost['id'] = 0; foreach ($user as $key => $value) { $previewPost['u_' . $key] = $value; } MakePost($previewPost, POST_SAMPLE); } $links = array(); if (HasPermission('admin.banusers') && $loguserid != $id) { if ($user['primarygroup'] != Settings::get('bannedGroup')) { $links[] = actionLinkTag('Ban user', 'banhammer', $id); } else { $links[] = actionLinkTag('Unban user', 'banhammer', $id, 'unban=1');
</style> <?php } ?> <?php } ?> </head> <body style="width:100%; font-size: <?php echo $loguser['fontsize']; ?> %;"> <form action="<?php echo htmlentities(actionLink('login')); ?> " method="post" id="logout" style="display:none;"><input type="hidden" name="action" value="logout"></form> <?php if (Settings::get('maintenance')) { echo '<div style="font-size:30px; font-weight:bold; color:red; background:black; padding:5px; border:2px solid red; position:absolute; top:30px; left:30px;">MAINTENANCE MODE</div>'; } RenderTemplate('pagelayout', array('layout_contents' => $layout_contents, 'layout_crumbs' => $layout_crumbs, 'layout_actionlinks' => $layout_actionlinks, 'headerlinks' => $headerlinks, 'sidelinks' => $sidelinks, 'layout_userpanel' => $layout_userpanel, 'notifications' => $notifications, 'boardname' => Settings::get('boardname'), 'poratitle' => Settings::get('PoRATitle'), 'poratext' => Settings::get('PoRAText'), 'layout_logopic' => $layout_logopic, 'layout_time' => $layout_time, 'layout_views' => $layout_views, 'layout_onlineusers' => $layout_onlineusers, 'layout_birthdays' => $layout_birthdays, 'layout_credits' => $layout_credits, 'mobileswitch' => $mobileswitch, 'perfdata' => $perfdata)); ?> </body> </html> <?php $bucket = "finish"; include 'lib/pluginloader.php'; ?>
function makeAnncBar() { global $loguserid; $anncforum = Settings::get('anncForum'); if ($anncforum > 0) { $annc = Query("\tSELECT \n\t\t\t\t\t\t\tt.id, t.title, t.icon, t.poll, t.forum,\n\t\t\t\t\t\t\tt.date anncdate,\n\t\t\t\t\t\t\t" . ($loguserid ? "tr.date readdate," : '') . "\n\t\t\t\t\t\t\tu.(_userfields)\n\t\t\t\t\t\tFROM \n\t\t\t\t\t\t\t{threads} t \n\t\t\t\t\t\t\t" . ($loguserid ? "LEFT JOIN {threadsread} tr ON tr.thread=t.id AND tr.id={1}" : '') . "\n\t\t\t\t\t\t\tLEFT JOIN {users} u ON u.id=t.user\n\t\t\t\t\t\tWHERE forum={0}\n\t\t\t\t\t\tORDER BY anncdate DESC LIMIT 1", $anncforum, $loguserid); if ($annc && NumRows($annc)) { $annc = Fetch($annc); $adata = array(); $adata['new'] = ''; if (!$loguserid && $annc['anncdate'] > time() - 900 || $loguserid && $annc['anncdate'] > $annc['readdate']) { $adata['new'] = "<div class=\"statusIcon new\"></div>"; } $adata['poll'] = $annc['poll'] ? "<img src=\"" . resourceLink('img/poll.png') . "\" alt=\"Poll\"/> " : ''; $adata['link'] = MakeThreadLink($annc); $user = getDataPrefix($annc, 'u_'); $adata['user'] = UserLink($user); $adata['date'] = formatdate($annc['anncdate']); RenderTemplate('anncbar', array('annc' => $adata)); } } }
imagecopyresampled($img2, $img1, 0, 0, 0, 0, $dimx, $dimy / $r, imagesx($img1), imagesy($img1)); } else { $img2 = imagecreatetruecolor(floor($dimx * $r), $dimy); imagecopyresampled($img2, $img1, 0, 0, 0, 0, $dimx * $r, $dimy, imagesx($img1), imagesy($img1)); } imagepng($img2, $file); } else { $error .= "<li>Invalid format.</li>"; } } if (!$error) { die(header('Location: ' . actionLink('editavatars'))); } else { Kill(__("Could not update your avatar for the following reason(s):") . "<ul>" . $error . "</ul>"); } } } } } } $moodRows = array(); $rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid); while ($mood = Fetch($rMoods)) { $row = array(); $row['avatar'] = "<img src=\"" . DATA_URL . "avatars/{$loguserid}_{$mood['mid']}\" alt=\"\">"; $row['field'] = "\n\t\t\t\t<form method=\"post\" action=\"" . htmlentities(actionLink("editavatars")) . "\">\n\t\t\t\t\t<input type=\"hidden\" name=\"mid\" value=\"{$mood['mid']}\">\n\t\t\t\t\t<input type=\"text\" id=\"name{$mood['mid']}\" name=\"name\" size=80 maxlength=60 value=\"" . htmlspecialchars($mood['name']) . "\"><br>\n\t\t\t\t\t<input type=\"submit\" name=\"actionrename\" value=\"" . __("Rename") . "\">\n\t\t\t\t\t<input type=\"submit\" name=\"actiondelete\" value=\"" . __("Delete") . "\" \n\t\t\t\t\t\tonclick=\"if(!confirm('" . __('Really delete this avatar? All posts using it will be changed to use your default avatar.') . "'))return false;\">\n\t\t\t\t</form>"; $moodRows[] = $row; } $newField = "\n\t\t\t\t<form method=\"post\" action=\"" . htmlentities(actionLink("editavatars")) . "\" enctype=\"multipart/form-data\">\n\t\t\t\t\t" . __("Name:") . " <input type=\"text\" id=\"newName\" name=\"name\" size=80 maxlength=60><br>\n\t\t\t\t\t" . __("Image:") . " <input type=\"file\" id=\"pic\" name=\"picture\"><br>\n\t\t\t\t\t<input type=\"submit\" name=\"actionadd\" value=\"" . __("Add") . "\">\n\t\t\t\t</form>"; RenderTemplate('moodavatars', array('avatars' => $moodRows, 'newField' => $newField));
} } if (isset($_GET['unban'])) { $title = __('Unban user'); MakeCrumbs(array(actionLink("profile", $id, '', $user['u_name']) => htmlspecialchars($user['u_displayname'] ? $user['u_displayname'] : $user['u_name']), actionLink('banhammer', $id, 'unban=1') => __('Unban user'))); $userlink = userLink(getDataPrefix($user, 'u_')); $fields = array('target' => $userlink, 'btnUnbanUser' => '<input type="submit" name="unban" value="Unban user">'); $template = 'form_unbanuser'; } else { $title = __('Ban user'); MakeCrumbs(array(actionLink("profile", $id, '', $user['u_name']) => htmlspecialchars($user['u_displayname'] ? $user['u_displayname'] : $user['u_name']), actionLink('banhammer', $id) => __('Ban user'))); $duration = ' <label><input type="radio" name="permanent" value="0"> For: </label> <input type="text" name="time" size="4" maxlength="2"> <select name="timemult"> <option value="3600">hours</option> <option value="86400">days</option> <option value="604800">weeks</option> </select> <br> <label><input type="radio" name="permanent" value="1" checked="checked"> Permanent</label>'; $userlink = userLink(getDataPrefix($user, 'u_')); $fields = array('target' => $userlink, 'duration' => $duration, 'reason' => '<input type="text" name="reason" size=80 maxlength=200>', 'btnBanUser' => '<input type="submit" name="ban" value="Ban user">'); $template = 'form_banuser'; } echo ' <form action="" method="POST">'; RenderTemplate($template, array('fields' => $fields)); echo ' <input type="hidden" name="token" value="' . $loguser['token'] . '"> </form>';
$_POST['sex'] = 2; $_POST['autologin'] = 0; } $kuriseed = crc32(KURIKEY . microtime()); srand($kuriseed); $check = time(); $kurichallenge = "{$kuriseed}|{$check}|" . rand(3, 12); $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $kurichallenge = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY . $check, true), $kurichallenge, MCRYPT_MODE_ECB, $iv); $kurichallenge = base64_encode($kurichallenge); $kuridata = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY, true), "{$kuriseed}|{$check}|{$kurichallenge}", MCRYPT_MODE_ECB, $iv); $kuridata = base64_encode($kuridata); $fields = array('username' => "<input type=\"text\" name=\"name\" maxlength=20 size=24 value=\"" . htmlspecialchars($_POST['name']) . "\" class=\"required\">", 'password' => "<input type=\"password\" name=\"pass\" size=24 class=\"required\">", 'password2' => "<input type=\"password\" name=\"pass2\" size=24 class=\"required\">", 'email' => "<input type=\"email\" name=\"email\" value=\"" . htmlspecialchars($_POST['email']) . "\" maxlength=\"60\" size=24>", 'sex' => MakeOptions("sex", $_POST['sex'], $sexes), 'readfaq' => "<label><input type=\"checkbox\" name=\"readFaq\">" . format(__("I have read the {0}FAQ{1}"), "<a href=\"" . actionLink("faq") . "\">", "</a>") . "</label>", 'kurichallenge' => "<img src=\"" . resourceLink("kurichallenge.php?data=" . urlencode($kuridata)) . "\" alt=\"[reload the page if the image fails to load]\"><br>\n\t\t<input type=\"text\" name=\"kurichallenge\" size=\"10\" maxlength=\"6\" class=\"required\">\n\t\t<input type=\"hidden\" name=\"kuridata\" value=\"" . htmlspecialchars($kuridata) . "\">", 'autologin' => "<label><input type=\"checkbox\" checked=\"checked\" name=\"autologin\"" . ($_POST['autologin'] ? ' checked="checked"' : '') . ">" . __("Log in afterwards") . "</label>", 'btnRegister' => "<input type=\"submit\" name=\"register\" value=\"" . __("Register") . "\">"); echo "<form action=\"" . htmlentities(actionLink("register")) . "\" method=\"post\">"; RenderTemplate('form_register', array('fields' => $fields)); echo "<span style=\"display : none;\"><input type=\"checkbox\" name=\"likesCake\"> I am a robot</span></form>"; function MakeOptions($fieldName, $checkedIndex, $choicesList) { $checks[$checkedIndex] = " checked=\"checked\""; foreach ($choicesList as $key => $val) { $result .= format("\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"radio\" name=\"{1}\" value=\"{0}\"{2}>\n\t\t\t\t\t\t{3}\n\t\t\t\t\t</label>", $key, $fieldName, $checks[$key], $val); } return $result; } function IsProxy() { if ($_SERVER['HTTP_X_FORWARDED_FOR'] && $_SERVER['HTTP_X_FORWARDED_FOR'] != $_SERVER['REMOTE_ADDR']) { return true; } $result = QueryURL('http://www.stopforumspam.com/api?ip=' . urlencode($_SERVER['REMOTE_ADDR']));
if ($_POST['nopl']) { $nopl = "checked=\"checked\""; } if ($_POST['nosm']) { $nosm = "checked=\"checked\""; } } else { $prefill = $post['text']; if ($post['options'] & 1) { $nopl = "checked=\"checked\""; } if ($post['options'] & 2) { $nosm = "checked=\"checked\""; } $_POST['mood'] = $post['mood']; } $moodSelects = array(); if ($_POST['mood']) { $moodSelects[(int) $_POST['mood']] = "selected=\"selected\" "; } $moodOptions = Format("<option {0}value=\"0\">" . __("[Default avatar]") . "</option>\n", $moodSelects[0]); $rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $post['user']); while ($mood = Fetch($rMoods)) { $moodOptions .= Format("<option {0}value=\"{1}\">{2}</option>\n", $moodSelects[$mood['mid']], $mood['mid'], htmlspecialchars($mood['name'])); } $fields = array('text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n" . htmlspecialchars($prefill) . "</textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" {$nopl} name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" {$nosm} name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Save") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">"); echo "\n\t<form name=\"postform\" action=\"" . htmlentities(actionLink("editpost", $pid)) . "\" method=\"post\" enctype=\"multipart/form-data\">"; RenderTemplate('form_editpost', array('fields' => $fields)); PostAttachForm($attachs); echo "\n\t\t<input type=\"hidden\" name=\"key\" value=\"{$loguser['token']}\">\n\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n"; doThreadPreview($tid, $post['date']);
$r['formattedDate'] = formatdate($result['date']); $rdata[] = $r; } } } if ($nres == 0) { $restext = __('No results found'); } else { if ($nres == 1) { $restext = __('1 result found'); } else { $restext = $nres . __(' results found'); } } $pagelinks = PageLinks(actionLink('search', '', 'q=' . urlencode($searchQuery) . '&inposts=' . $_GET['inposts'] . '&from='), $tpp, $from, $nres); RenderTemplate('searchresults', array('results' => $rdata, 'nresults' => $nres, 'resultstext' => $restext, 'pagelinks' => $pagelinks)); } function MakeSnippet($text, $terms, $title = false) { $text = strip_tags($text); if (!$title) { $text = preg_replace("/(\\[\\/?)(\\w+)([^\\]]*\\])/i", "", $text); } $lines = explode("\n", $text); $terms = implode("|", $terms); $contextlines = 3; $max = 50; $pat1 = "/(.*)(" . $terms . ")(.{0," . $max . "})/i"; $lineno = 0; $extract = ""; foreach ($lines as $line) {
} } $sdata['field'] = $input; if ($invalidsettings[$name]) { $sdata['name'] = "<span style=\"color: #f44;\">{$sdata['name']} (invalid)</span>"; } if ($help) { $sdata['name'] .= "<br><small>{$help}</small>"; } $settingfields[$data['category']][] = $sdata; } if (!$settingfields['']) { unset($settingfields['']); } $fields = array('btnSaveExit' => "<input type=\"submit\" name=\"_exit\" value=\"" . __("Save and Exit") . "\">", 'btnSave' => "<input type=\"submit\" name=\"_action\" value=\"" . __("Save") . "\">"); RenderTemplate('form_settings', array('settingfields' => $settingfields, 'htmlfield' => $htmlfield, 'fields' => $fields)); echo "\n\t</form>"; function makeSelect($fieldName, $checkedIndex, $choicesList, $extras = "") { $checks[$checkedIndex] = " selected=\"selected\""; foreach ($choicesList as $key => $val) { $options .= format("\n\t\t\t\t\t\t<option value=\"{0}\"{1}>{2}</option>", $key, $checks[$key], $val); } $result = format("\n\t\t\t\t\t<select id=\"{0}\" name=\"{0}\" size=\"1\" {1} >{2}\n\t\t\t\t\t</select>", $fieldName, $extras, $options); return $result; } function makeThemeList($fieldname, $value) { $themes = array(); $dir = @opendir("themes"); while ($file = readdir($dir)) {
function makePost($post, $type, $params = array()) { global $loguser, $loguserid, $usergroups, $isBot, $blocklayouts; $poster = getDataPrefix($post, 'u_'); $post['userlink'] = UserLink($poster); LoadBlockLayouts(); $pltype = Settings::get('postLayoutType'); $isBlocked = $poster['globalblock'] || $loguser['blocklayouts'] || $post['options'] & 1 || isset($blocklayouts[$poster['id']]); $post['type'] = $type; $post['formattedDate'] = formatdate($post['date']); if (!HasPermission('admin.viewips')) { $post['ip'] = ''; } else { $post['ip'] = htmlspecialchars($post['ip']); } // TODO IP formatting? if ($post['deleted'] && $type == POST_NORMAL) { $post['deluserlink'] = UserLink(getDataPrefix($post, 'du_')); $post['delreason'] = htmlspecialchars($post['reason']); $links = array(); if (HasPermission('mod.deleteposts', $params['fid'])) { $links['undelete'] = actionLinkTag(__("Undelete"), "editpost", $post['id'], "delete=2&key=" . $loguser['token']); $links['view'] = "<a href=\"#\" onclick=\"replacePost(" . $post['id'] . ",true); return false;\">" . __("View") . "</a>"; } $post['links'] = $links; RenderTemplate('postbox_deleted', array('post' => $post)); return; } $links = array(); if ($type != POST_SAMPLE) { $forum = $params['fid']; $thread = $params['tid']; $notclosed = !$post['closed'] || HasPermission('mod.closethreads', $forum); $extraLinks = array(); if (!$isBot) { if ($type == POST_DELETED_SNOOP) { if ($notclosed && HasPermission('mod.deleteposts', $forum)) { $links['undelete'] = actionLinkTag(__("Undelete"), "editpost", $post['id'], "delete=2&key=" . $loguser['token']); } $links['close'] = "<a href=\"#\" onclick=\"replacePost(" . $post['id'] . ",false); return false;\">" . __("Close") . "</a>"; } else { if ($type == POST_NORMAL) { if ($notclosed) { if ($loguserid && HasPermission('forum.postreplies', $forum) && !$params['noreplylinks']) { $links['quote'] = actionLinkTag(__("Quote"), "newreply", $thread, "quote=" . $post['id']); } $editrights = 0; if ($poster['id'] == $loguserid && HasPermission('user.editownposts') || HasPermission('mod.editposts', $forum)) { $links['edit'] = actionLinkTag(__("Edit"), "editpost", $post['id']); $editrights++; } if ($poster['id'] == $loguserid && HasPermission('user.deleteownposts') || HasPermission('mod.deleteposts', $forum)) { if ($post['id'] != $post['firstpostid']) { $link = htmlspecialchars(actionLink('editpost', $post['id'], 'delete=1&key=' . $loguser['token'])); $onclick = HasPermission('mod.deleteposts', $forum) ? " onclick=\"deletePost(this);return false;\"" : ' onclick="if(!confirm(\'Really delete this post?\'))return false;"'; $links['delete'] = "<a href=\"{$link}\"{$onclick}>" . __('Delete') . "</a>"; } $editrights++; } if ($editrights < 2 && HasPermission('user.reportposts')) { $links['report'] = actionLinkTag(__('Report'), 'reportpost', $post['id']); } } // plugins should add to $extraLinks $bucket = "topbar"; include __DIR__ . "/pluginloader.php"; } } $links['extra'] = $extraLinks; } //Threadlinks for listpost.php if ($params['threadlink']) { $thread = array(); $thread['id'] = $post['thread']; $thread['title'] = $post['threadname']; $thread['forum'] = $post['fid']; $post['threadlink'] = makeThreadLink($thread); } else { $post['threadlink'] = ''; } //Revisions if ($post['revision']) { $ru_link = UserLink(getDataPrefix($post, "ru_")); $revdetail = ' ' . format(__('by {0} on {1}'), $ru_link, formatdate($post['revdate'])); if (HasPermission('mod.editposts', $forum)) { $post['revdetail'] = "<a href=\"javascript:void(0);\" onclick=\"showRevisions(" . $post['id'] . ")\">" . Format(__('rev. {0}'), $post['revision']) . "</a>" . $revdetail; } else { $post['revdetail'] = Format(__('rev. {0}'), $post['revision']) . $revdetail; } } //</revisions> } $post['links'] = $links; // POST SIDEBAR $sidebar = array(); // quit abusing custom syndromes you unoriginal fuckers $poster['title'] = preg_replace('@Affected by \'?.*?Syndrome\'?@si', '', $poster['title']); $sidebar['rank'] = GetRank($poster['rankset'], $poster['posts']); if ($poster['title']) { $sidebar['title'] = strip_tags(CleanUpPost($poster['title'], '', true), '<b><strong><i><em><span><s><del><img><a><br/><br><small>'); } else { $sidebar['title'] = htmlspecialchars($usergroups[$poster['primarygroup']]['title']); } $sidebar['syndrome'] = GetSyndrome(getActivity($poster['id'])); if ($post['mood'] > 0) { if (file_exists(DATA_DIR . "avatars/" . $poster['id'] . "_" . $post['mood'])) { $sidebar['avatar'] = "<img src=\"" . DATA_URL . "avatars/" . $poster['id'] . "_" . $post['mood'] . "\" alt=\"\">"; } } else { if ($poster['picture']) { $pic = str_replace('$root/', DATA_URL, $poster['picture']); $sidebar['avatar'] = "<img src=\"" . htmlspecialchars($pic) . "\" alt=\"\">"; } } $lastpost = $poster['lastposttime'] ? timeunits(time() - $poster['lastposttime']) : "none"; $lastview = timeunits(time() - $poster['lastactivity']); if (!$post['num']) { $sidebar['posts'] = $poster['posts']; } else { $sidebar['posts'] = $post['num'] . '/' . $poster['posts']; } $sidebar['since'] = cdate($loguser['dateformat'], $poster['regdate']); $sidebar['lastpost'] = $lastpost; $sidebar['lastview'] = $lastview; if ($poster['lastactivity'] > time() - 300) { $sidebar['isonline'] = __("User is <strong>online</strong>"); } $sidebarExtra = array(); $bucket = "sidebar"; include __DIR__ . "/pluginloader.php"; $sidebar['extra'] = $sidebarExtra; $post['sidebar'] = $sidebar; // OTHER STUFF $post['haslayout'] = false; $post['fulllayout'] = false; if (!$isBlocked) { $poster['postheader'] = $pltype ? trim($poster['postheader']) : ''; $poster['signature'] = trim($poster['signature']); $post['haslayout'] = $poster['postheader'] ? 1 : 0; $post['fulllayout'] = $poster['fulllayout'] && $post['haslayout'] && $pltype == 2; if (!$post['haslayout'] && $poster['signature']) { $poster['signature'] = '<div class="signature">' . $poster['signature'] . '</div>'; } } else { $poster['postheader'] = ''; $poster['signature'] = ''; } $post['contents'] = makePostText($post, $poster); //PRINT THE POST! RenderTemplate('postbox', array('post' => $post)); }
foreach ($users as $user) { if ($user['posts'] >= $rank['num'] && $user['posts'] < $nextRank['num']) { $total++; if ($user['lastposttime'] > time() - 2592000) { $members[] = UserLink($user); } else { $inactive++; } } } if ($inactive) { $members[] = $inactive . ' inactive'; } $showRank = HasPermission('admin.viewallranks') || $loguser['posts'] >= $rank['num'] || count($members) > 0; if ($showRank) { $rdata['rank'] = getRankHtml($rankset, $rank); } else { $rdata['rank'] = '???'; } if (count($members) == 0) { $members = ' '; } else { $members = join(', ', $members); } $rdata['posts'] = $showRank ? $rank['num'] : '???'; $rdata['numUsers'] = $total; $rdata['users'] = $members; $ranklist[] = $rdata; } RenderTemplate('ranks', array('ranksets' => $ranksets, 'ranks' => $ranklist));
if ($_POST['mood']) { $moodSelects[(int) $_POST['mood']] = "selected=\"selected\" "; } $moodOptions = "<option " . $moodSelects[0] . "value=\"0\">" . __("[Default avatar]") . "</option>\n"; $rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid); while ($mood = Fetch($rMoods)) { $moodOptions .= format("\n\t<option {0} value=\"{1}\">{2}</option>\n", $moodSelects[$mood['mid']], $mood['mid'], htmlspecialchars($mood['name'])); } $ninja = FetchResult("select id from {posts} where thread={0} order by date desc limit 0, 1", $tid); $mod_lock = ''; if (HasPermission('mod.closethreads', $fid)) { if (!$thread['closed']) { $mod_lock = "<label><input type=\"checkbox\" " . getCheck("lock") . " name=\"lock\"> " . __("Close thread", 1) . "</label>\n"; } else { $mod_lock = "<label><input type=\"checkbox\" " . getCheck("unlock") . " name=\"unlock\"> " . __("Open thread", 1) . "</label>\n"; } } $mod_stick = ''; if (HasPermission('mod.stickthreads', $fid)) { if (!$thread['sticky']) { $mod_stick = "<label><input type=\"checkbox\" " . getCheck("stick") . " name=\"stick\"> " . __("Sticky", 1) . "</label>\n"; } else { $mod_stick = "<label><input type=\"checkbox\" " . getCheck("unstick") . " name=\"unstick\"> " . __("Unstick", 1) . "</label>\n"; } } $fields = array('text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n{$prefill}</textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" " . getCheck('nopl') . " name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" " . getCheck('nosm') . " name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'lock' => $mod_lock, 'stick' => $mod_stick, 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">"); echo "\n\t<form name=\"postform\" action=\"" . htmlentities(actionLink("newreply", $tid)) . "\" method=\"post\" enctype=\"multipart/form-data\">\n\t\t<input type=\"hidden\" name=\"ninja\" value=\"{$ninja}\">"; RenderTemplate('form_newreply', array('fields' => $fields)); PostAttachForm($attachs); echo "\n\t\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n"; doThreadPreview($tid);
CheckPermission('admin.editgroups'); $title = __('Edit groups'); MakeCrumbs(array(actionLink('admin') => __('Admin'), '' => __('Edit groups'))); $gtypes = array(0 => __('Primary'), 1 => __('Secondary')); $gdisplays = array(-1 => __('Hidden'), 0 => __('Regular'), 1 => __('Staff')); if (!$_POST['saveaction']) { $groups = Query("SELECT * FROM {usergroups} WHERE rank<={0} ORDER BY type, rank", $loguserGroup['rank']); $gdata = array(); while ($group = Fetch($groups)) { $gtitle = htmlspecialchars($group['title']); if (!$group['type']) { $gtitle = '<span class="userlink" style="color:' . htmlspecialchars($group['color_unspec']) . ';">' . $gtitle . '</span>'; } $gdata[] = actionLinkTag($gtitle, 'editgroups', $group['id']); } RenderTemplate('grouplist', array('groups' => $gdata)); } if (isset($_GET['id'])) { $gid = (int) $_GET['id']; $group = Fetch(Query("SELECT * FROM {usergroups} WHERE id={0}", $gid)); if (!$group) { Kill(__('Invalid group ID.')); } if ($group['rank'] > $loguserGroup['rank']) { Kill(__('You may not edit this group.')); } MakeCrumbs(array(actionLink('admin') => __('Admin'), actionLink('editgroups') => __('Edit groups'), '' => htmlspecialchars($group['title']))); $canPromoteHigher = $loguser['root'] && $gid == $loguserGroup['id']; } else { MakeCrumbs(array(actionLink('admin') => __('Admin'), actionLink('editgroups') => __('Edit groups'))); Alert(__('Select a group above to edit it.'), __('Notice'));