function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { exit('In the 7.1 release.'); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { k4_bread_crumbs($request['template'], $request['dba'], 'L_SEARCH'); $request['template']->setFile('content', 'search.html'); if (get_map('advsearch', 'can_view', array()) > $request['user']->get('perms')) { no_perms_error($request); return TRUE; } unset($_SESSION['search']['search_queries']); return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) { k4_bread_crumbs($request['template'], $request['dba'], 'L_WELCOME'); $request['template']->setVar('adv_view', 1); $request['template']->setFile('content', 'admin_menu.html'); } else { no_perms_error($request); return TRUE; } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { global $_QUERYPARAMS, $_ALLFORUMS; k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTS'); $request['template']->setVar('posts_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/posts.html'); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { if (!$request['user']->isMember()) { no_perms_error($request); return TRUE; } if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); $action = new K4InformationAction(new K4LanguageElement('L_POLLDOESNTEXIST'), 'content', TRUE); return $action->execute($request); } if (!isset($_POST['vote']) || intval($_POST['vote']) <= 0) { k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); $action = new K4InformationAction(new K4LanguageElement('L_CHOOSEPOLLOPTION'), 'content', TRUE); return $action->execute($request); } $question = $request['dba']->getRow("SELECT * FROM " . K4POLLQUESTIONS . " WHERE id = " . intval($_REQUEST['id'])); if (!is_array($question) || empty($question)) { k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); $action = new K4InformationAction(new K4LanguageElement('L_POLLDOESNTEXIST'), 'content', TRUE); return $action->execute($request); } $answer = $request['dba']->getRow("SELECT * FROM " . K4POLLANSWERS . " WHERE id = " . intval($_POST['vote'])); if (!is_array($answer) || empty($answer)) { k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); $action = new K4InformationAction(new K4LanguageElement('L_POLLOPTIONDOESNTEXIST'), 'content', TRUE); return $action->execute($request); } $has_voted = $request['dba']->executeQuery("SELECT * FROM " . K4POLLVOTES . " WHERE question_id = " . intval($question['id']) . " AND user_id = " . intval($request['user']->get('id'))); if ($has_voted->numRows() > 0) { k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); $action = new K4InformationAction(new K4LanguageElement('L_USERHASVOTED'), 'content', TRUE); return $action->execute($request); } $insert = $request['dba']->prepareStatement("INSERT INTO " . K4POLLVOTES . " (question_id, answer_id, user_id, user_name, voted_time) VALUES (?,?,?,?,?)"); $insert->setInt(1, $question['id']); $insert->setInt(2, $answer['id']); $insert->setInt(3, $request['user']->get('id')); $insert->setString(4, $request['user']->get('name')); $insert->setInt(5, time()); $insert->executeUpdate(); $request['dba']->executeUpdate("UPDATE " . K4POLLQUESTIONS . " SET num_votes=num_votes+1 WHERE id = " . intval($question['id'])); k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); $action = new K4InformationAction(new K4LanguageElement('L_VOTEDONPOLL', $answer['answer'], $question['question']), 'content', TRUE, referer() . '#poll' . $question['id'], 3); return $action->execute($request); return TRUE; }
function execute(&$request) { global $_QUERYPARAMS; /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_BAD' . strtoupper($this->table_column)), 'content', FALSE); return $action->execute($request); } $avatar = $request['dba']->getRow("SELECT * FROM " . $this->table . " WHERE user_id = " . intval($_REQUEST['id'])); if (!is_array($avatar) || empty($avatar)) { $action = new K4InformationAction(new K4LanguageElement('L_BAD' . strtoupper($this->table_column)), 'content', FALSE); return $action->execute($request); } $user = $request['dba']->getRow("SELECT {$_QUERYPARAMS['user']}{$_QUERYPARAMS['userinfo']}{$_QUERYPARAMS['usersettings']} FROM ((" . K4USERS . " u LEFT JOIN " . K4USERINFO . " ui ON u.id=ui.user_id) LEFT JOIN " . K4USERSETTINGS . " us ON us.user_id=u.id) WHERE u.id=" . intval($_REQUEST['id'])); if (!is_array($user) || empty($user)) { $action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE); return $action->execute($request); } /* Do we have permission to view attachments in this forum? */ if (isset($user['attach' . $this->table_column]) && $user['attach' . $this->table_column] == 0) { no_perms_error($request); return TRUE; } // send our headers header("Content-Type: " . $avatar['mime_type']); header("Content-Length: " . $avatar['file_size']); $avatar_file = BB_BASE_DIR . '/tmp/upload/' . $this->table_column . 's/' . intval($user['id']) . '.' . $avatar['file_type']; if ($avatar['in_db'] == 1) { $contents = $avatar['file_contents']; } else { if (file_exists($avatar_file)) { $contents = file_get_contents($avatar_file); } else { $action = new K4InformationAction(new K4LanguageElement('L_BAD' . strtoupper($this->table_column)), 'content', FALSE); return $action->execute($request); } } echo $contents; unset($contents); exit; }
function execute(&$request) { global $_QUERYPARAMS; k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_BADATTACHMENT'), 'content', FALSE); return $action->execute($request); } $attachment = $request['dba']->getRow("SELECT * FROM " . K4ATTACHMENTS . " WHERE id = " . intval($_REQUEST['id'])); if (!is_array($attachment) || empty($attachment)) { $action = new K4InformationAction(new K4LanguageElement('L_BADATTACHMENT'), 'content', FALSE); return $action->execute($request); } if (isset($_REQUEST['post_id']) && intval($_REQUEST['post_id']) != 0) { $post = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['post_id'])); } else { //$action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE); //return $action->execute($request); $post = array('post_id' => 0, 'forum_id' => $attachment['forum_id'], 'row_type' => 0); } if (!is_array($post) || empty($post)) { $action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } /* Get the current forum */ $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($post['forum_id'])); if (!$forum || !is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); /* Do we have permission to delete attachments in this forum? */ if ($request['user']->get('perms') < get_map('attachments', 'can_del', array('forum_id' => $forum['forum_id']))) { no_perms_error($request); return TRUE; } if ($request['user']->get('id') != 0 && $request['user']->get('id') == $attachment['user_id'] || is_moderator($request['user']->getInfoArray(), $forum)) { k4_bread_crumbs($request['template'], $request['dba'], 'L_REMOVEATTACHMENT'); $request['dba']->executeUpdate("DELETE FROM " . K4ATTACHMENTS . " WHERE id = " . intval($attachment['id'])); if ($post['post_id'] > 0) { $request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET total_attachments=total_attachments-1, attachments=attachments-1 WHERE post_id=" . intval($post['row_type'] & REPLY ? $post['parent_id'] : $post['post_id'])); if ($post['row_type'] & REPLY) { $request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET attachments=attachments-1 WHERE post_id=" . intval($post['post_id'])); } } $referer = basename(referer()); if (strpos($referer, 'misc.php') === FALSE) { $action = new K4InformationAction(new K4LanguageElement('L_REMOVEDATTACHMENT', k4_htmlentities($attachment['file_name'], ENT_QUOTES)), 'content', TRUE, referer(), 3); return $action->execute($request); } else { header("Location: misc.php?act=attachments_manager&post_id=" . $post['post_id'] . "&forum_id=" . $post['forum_id'] . ""); exit; } } else { no_perms_error($request); return TRUE; } }
function execute(&$request) { /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); $rss_version = isset($_REQUEST['v']) && intval($_REQUEST['v']) == 2 ? '2.0' : '0.92'; $request['template']->setVar('xml_definition', "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"); /** * Forum */ if (isset($_REQUEST['f']) && intval($_REQUEST['f']) > 0) { $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['f'])); if (!is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } if (get_map('topics', 'can_view', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) { $action = new K4InformationAction(new K4LanguageElement('L_CANTVIEWFORUMTOPICS'), 'content_extra', FALSE); return $action->execute($request); } k4_bread_crumbs($request['template'], $request['dba'], NULL, $forum); /** * Pagination */ //$extra_topics = intval(@$_ALLFORUMS[GLBL_ANNOUNCEMENTS]['topics']); $extra_topics = 0; // TODO: need only Announcements from global announcements /* Create the Pagination */ $resultsperpage = $request['user']->get('topicsperpage') <= 0 ? $forum['topicsperpage'] : $request['user']->get('topicsperpage'); $num_results = $forum['topics'] + $extra_topics; $perpage = isset($_REQUEST['limit']) && ctype_digit($_REQUEST['limit']) && intval($_REQUEST['limit']) > 0 ? intval($_REQUEST['limit']) : $resultsperpage; $perpage = $perpage > 100 ? 100 : $perpage; $page = isset($_REQUEST['page']) && ctype_digit($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1; /* Get the topics for this forum */ $daysprune = $_daysprune = isset($_REQUEST['daysprune']) && ctype_digit($_REQUEST['daysprune']) ? $_REQUEST['daysprune'] == 0 ? 0 : intval($_REQUEST['daysprune']) : 365; $daysprune = $daysprune > 0 ? time() - @($daysprune * 86400) : 0; $sortorder = isset($_REQUEST['order']) && ($_REQUEST['order'] == 'ASC' || $_REQUEST['order'] == 'DESC') ? $_REQUEST['order'] : 'DESC'; $sortedby = isset($_REQUEST['sort']) && in_array($_REQUEST['sort'], $sort_orders) ? $_REQUEST['sort'] : 'lastpost_created'; $start = ($page - 1) * $perpage; if ($page == 1) { $announcements = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE row_type=" . TOPIC . " AND (is_draft=0 AND display=1) AND post_type = " . TOPIC_ANNOUNCE . " AND (forum_id = " . intval($forum['forum_id']) . " OR forum_id = " . GLBL_ANNOUNCEMENTS . ") ORDER BY lastpost_created DESC"); } $importants = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE row_type=" . TOPIC . " AND is_draft=0 AND display = 1 AND forum_id = " . intval($forum['forum_id']) . " AND (post_type <> " . TOPIC_ANNOUNCE . ") AND (post_type = " . TOPIC_STICKY . " OR is_feature = 1) ORDER BY lastpost_created DESC"); /* get the topics */ $result = $request['dba']->prepareStatement("SELECT * FROM " . K4POSTS . " WHERE row_type=" . TOPIC . " AND created>=? AND is_draft=0 AND display = 1 AND forum_id = " . intval($forum['forum_id']) . " AND (post_type <> " . TOPIC_ANNOUNCE . " AND post_type <> " . TOPIC_STICKY . " AND is_feature = 0) ORDER BY {$sortedby} {$sortorder} LIMIT ?,?"); /* Set the query values */ $result->setInt(1, $daysprune); $result->setInt(2, $start); $result->setInt(3, $perpage); /* Execute the query */ $topics = $result->executeQuery(); if (isset($announcements)) { $it = new FAChainedIterator($announcements); $it->addIterator($importants); } else { $it = new FAChainedIterator($importants); } $it->addIterator($topics); $request['template']->setList('topics', new RSSPostIterator($it)); $request['template']->setVarArray($forum); $xml = $request['template']->render(BB_BASE_DIR . '/templates/RSS/rss-' . $rss_version . '/forum.xml'); header("Content-Type: text/xml"); echo $xml; exit; /** * Topic */ } else { if (isset($_REQUEST['t']) && intval($_REQUEST['t']) > 0) { $result = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE post_id=" . intval($_REQUEST['t']) . " LIMIT 1"); $topic = $result->next(); $result->reset(); // reset the pointer of the iterator if (!is_array($topic) || empty($topic)) { $action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } if (get_map('topics', 'can_view', array('forum_id' => $topic['forum_id'])) > $request['user']->get('perms')) { $action = new K4InformationAction(new K4LanguageElement('L_CANTVIEWFORUMTOPICS'), 'content_extra', FALSE); return $action->execute($request); } $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($topic['forum_id'])); if (!is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } $it = new FAChainedIterator($result); if (get_map('replies', 'can_view', array('forum_id' => $topic['forum_id'])) <= $request['user']->get('perms')) { if ($topic['num_replies'] > 0) { $resultsperpage = $request['user']->get('postsperpage') <= 0 ? $forum['postsperpage'] : $request['user']->get('postsperpage'); $num_results = $topic['num_replies']; $perpage = isset($_REQUEST['limit']) && ctype_digit($_REQUEST['limit']) && intval($_REQUEST['limit']) > 0 ? intval($_REQUEST['limit']) : $resultsperpage; $num_pages = @ceil($num_results / $perpage); $page = isset($_REQUEST['page']) && ctype_digit($_REQUEST['page']) && intval($_REQUEST['page']) > 0 ? intval($_REQUEST['page']) : 1; $daysprune = isset($_REQUEST['daysprune']) && ctype_digit($_REQUEST['daysprune']) ? iif($_REQUEST['daysprune'] == -1, 0, intval($_REQUEST['daysprune'])) : 0; $sortorder = isset($_REQUEST['order']) && ($_REQUEST['order'] == 'ASC' || $_REQUEST['order'] == 'DESC') ? $_REQUEST['order'] : 'ASC'; $sortedby = isset($_REQUEST['sort']) && in_array($_REQUEST['sort'], $sort_orders) ? $_REQUEST['sort'] : 'created'; $start = ($page - 1) * $perpage; $replies = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE parent_id=" . intval($topic['post_id']) . " AND row_level>1 AND created>=" . 3600 * 24 * intval($daysprune) . " ORDER BY " . $sortedby . " " . $sortorder . " LIMIT " . intval($start) . "," . intval($perpage)); $it->addIterator($replies); } } $request['template']->setList('posts', new RSSPostIterator($it)); $xml = $request['template']->render(BB_BASE_DIR . '/templates/RSS/rss-' . $rss_version . '/topic.xml'); header("Content-Type: text/xml"); echo $xml; exit; /** * Error */ } else { no_perms_error($request); } } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { global $_FILTERS; k4_bread_crumbs($request['template'], $request['dba'], 'L_EDITFORUMFILTERS'); $request['template']->setVar('forums_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/forums.html'); $request['template']->setFile('content', 'filters_selectforum.html'); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { global $_QUERYPARAMS, $_DATASTORE, $_SETTINGS; /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); /* Check the request ID */ if (!isset($_REQUEST['id']) || !$_REQUEST['id'] || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_TOPICDOESNTEXIST'); } /* Get our topic */ $topic = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['id'])); if (!$topic || !is_array($topic) || empty($topic)) { $action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_TOPICDOESNTEXIST'); } $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($topic['forum_id'])); if (!$forum || !is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_FORUMDOESNTEXIST'); } if (!isset($_REQUEST['name']) || $_REQUEST['name'] == '') { $name = $topic['name']; } else { $name = strip_tags($_REQUEST['name']); } $name = $name == '' ? $topic['name'] : $name; if (strlen($name) < intval($_SETTINGS['topicminchars']) || strlen($name) > intval($_SETTINGS['topicmaxchars'])) { $action = new K4InformationAction(new K4LanguageElement('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars'])), 'content', TRUE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message(sprintf('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars']))); } if ($name != $topic['name']) { $name = k4_htmlentities($name, ENT_QUOTES); if (!is_moderator($request['user']->getInfoArray(), $forum)) { no_perms_error($request); return !USE_XMLHTTP ? TRUE : xmlhttp_message('L_NEEDPERMS'); } if ($topic['poster_id'] == $request['user']->get('id')) { if ($request['user']->get('perms') < get_map('topics', 'can_edit', array('forum_id' => $topic['forum_id']))) { no_perms_error($request); return !USE_XMLHTTP ? TRUE : xmlhttp_message('L_NEEDPERMS'); } } else { if ($request['user']->get('perms') < get_map('other_topics', 'can_edit', array('forum_id' => $topic['forum_id']))) { no_perms_error($request); return !USE_XMLHTTP ? TRUE : xmlhttp_message('L_NEEDPERMS'); } } /* If this topic is a redirect/ connects to one, update the original */ if ($topic['moved_new_post_id'] > 0 || $topic['moved_old_post_id'] > 0) { $redirect = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET name=?,edited_time=?,edited_username=?,edited_userid=? WHERE post_id=?"); $redirect->setString(1, $name); $redirect->setInt(2, time()); $redirect->setString(3, $request['user']->get('name')); $redirect->setInt(4, $request['user']->get('id')); $redirect->setInt(5, $topic['moved_new_post_id'] > 0 ? $topic['moved_new_post_id'] : $topic['moved_old_post_id']); $redirect->executeUpdate(); } $update_a = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET name=?,edited_time=?,edited_username=?,edited_userid=? WHERE post_id=?"); $update_a->setString(1, $name); $update_a->setInt(2, time()); $update_a->setString(3, $request['user']->get('name')); $update_a->setInt(4, $request['user']->get('id')); $update_a->setInt(5, $topic['post_id']); $update_a->executeUpdate(); if ($forum['post_id'] == $topic['post_id']) { $update_c = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET post_name=? WHERE forum_id=?"); $update_c->setString(1, $name); $update_c->setInt(2, $forum['forum_id']); $update_c->executeUpdate(); } // id this is the last post in a forum if ($forum['post_id'] == $topic['post_id'] && $forum['post_created'] == $topic['created']) { $update_d = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET post_name=? WHERE forum_id=?"); $update_d->setString(1, $name); $update_d->setInt(2, $forum['forum_id']); $update_d->executeUpdate(); } } if (!USE_XMLHTTP) { k4_bread_crumbs($request['template'], $request['dba'], 'L_EDITTOPIC', $forum); $action = new K4InformationAction(new K4LanguageElement('L_UPDATEDTOPIC', $topic['name']), 'content', FALSE, referer(), 3); return $action->execute($request); } else { xmlhttp_header(); echo '<a href="viewtopic.php?id=' . $topic['post_id'] . '" title="' . $name . '" style="font-size: 13px;">' . (strlen($name) > 40 ? substr($name, 0, 40) . '...' : $name) . '</a>'; xmlhttp_footer(); } }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { global $_DATASTORE; k4_bread_crumbs($request['template'], $request['dba'], 'L_EMAILUSERS'); $request['template']->setVar('misc_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/misc.html'); if (isset($_DATASTORE['massmail'])) { $action = new K4InformationAction(new K4LanguageElement('L_EMAILINPROGRESS'), 'content', FALSE); return $action->execute($request); } if (!isset($_REQUEST['subject']) || $_REQUEST['subject'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTMAILSUBJECT'), 'content', TRUE); return $action->execute($request); } if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTMAILMESSAGE'), 'content', TRUE); return $action->execute($request); } $from = isset($_REQUEST['from']) && $_REQUEST['from'] != '' ? $_REQUEST['from'] : 'noreply'; $subject = $_REQUEST['subject']; $message = preg_replace("~(\r\n|\r|\n)~i", "\n", $_REQUEST['message']); // set where to start the userids to email in the datastore $update = $request['dba']->prepareStatement("INSERT INTO " . K4DATASTORE . " (varname, data) VALUES (?,?)"); $update->setString(1, 'massmail'); $update->setString(2, serialize(array('startid' => 0, 'from' => $from, 'subject' => $subject, 'message' => $message))); $update->executeUpdate(); reset_cache('email_queue'); // success $action = new K4InformationAction(new K4LanguageElement('L_EMAILSSENTTOUSERS'), 'content', FALSE); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { global $_QUERYPARAMS; if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDCATEGORY'), 'content', FALSE); return $action->execute($request); } $category = $request['dba']->getRow("SELECT * FROM " . K4CATEGORIES . " WHERE category_id = " . intval($_REQUEST['id'])); if (!is_array($category) || empty($category)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDCATEGORY'), 'content', FALSE); return $action->execute($request); } foreach ($category as $key => $val) { $request['template']->setVar('category_' . $key, $val); } $category_map = $request['dba']->getRow("SELECT * FROM " . K4MAPS . " WHERE varname = 'category" . $category['category_id'] . "' AND category_id = " . intval($category['category_id'])); $category_maps = $request['dba']->executeQuery("SELECT * FROM " . K4MAPS . " WHERE category_id = " . intval($category['category_id']) . " AND forum_id = 0"); while ($category_maps->next()) { $c = $category_maps->current(); if (isset($_REQUEST[$c['varname'] . '_can_view']) && isset($_REQUEST[$c['varname'] . '_can_add']) && isset($_REQUEST[$c['varname'] . '_can_edit']) && isset($_REQUEST[$c['varname'] . '_can_del'])) { if ($_REQUEST[$c['varname'] . '_can_view'] != $c['can_view'] || $_REQUEST[$c['varname'] . '_can_add'] != $c['can_add'] || $_REQUEST[$c['varname'] . '_can_edit'] != $c['can_edit'] || $_REQUEST[$c['varname'] . '_can_del'] != $c['can_del']) { $update = $request['dba']->prepareStatement("UPDATE " . K4MAPS . " SET can_view=?,can_add=?,can_edit=?,can_del=? WHERE varname=? AND category_id=?"); $update->setInt(1, $_REQUEST[$c['varname'] . '_can_view']); $update->setInt(2, $_REQUEST[$c['varname'] . '_can_add']); $update->setInt(3, $_REQUEST[$c['varname'] . '_can_edit']); $update->setInt(4, $_REQUEST[$c['varname'] . '_can_del']); $update->setString(5, $c['varname']); $update->setInt(6, $category['category_id']); $update->executeUpdate(); unset($update); } } } reset_cache('all_forums'); k4_bread_crumbs($request['template'], $request['dba'], 'L_CATEGORIES'); $request['template']->setVar('forums_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/forums.html'); $action = new K4InformationAction(new K4LanguageElement('L_UPDATEDCATEGORYPERMS', $category['name']), 'content', FALSE, 'admin.php?act=categories', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) { $fields = $request['dba']->executeQuery("SELECT * FROM " . K4PROFILEFIELDS . " ORDER BY name ASC"); while ($fields->next()) { $field = $fields->current(); if (isset($_REQUEST['display_order_' . $field['name']]) && intval($_REQUEST['display_order_' . $field['name']]) >= 0) { $update = $request['dba']->prepareStatement("UPDATE " . K4PROFILEFIELDS . " SET display_order=? WHERE name=?"); $update->setInt(1, $_REQUEST['display_order_' . $field['name']]); $update->setString(2, $field['name']); $update->executeUpdate(); unset($update); } } k4_bread_crumbs($request['template'], $request['dba'], 'L_USERPROFILEFIELDS'); $request['template']->setVar('users_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/users.html'); $action = new K4InformationAction(new K4LanguageElement('L_UPDATEDPROFILEFIELDS'), 'content', FALSE, 'admin.php?act=userfields', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { global $_QUERYPARAMS, $_USERGROUPS, $_URL; /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); /** * Error Checking */ if (!isset($_REQUEST['post_id']) || intval($_REQUEST['post_id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } /* Get our topic */ $post = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['post_id'])); if (!$post || !is_array($post) || empty($post)) { $action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } /* Should we redirect this user? */ if ($post['moved_new_post_id'] > 0) { header("Location: viewpost.php?post_id=" . intval($post['moved_new_post_id'])); } /* Get the current forum */ $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($post['forum_id'])); if (!$forum || !is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } /** * This sets the last time that we've seen this forum */ $cookieinfo = get_forum_cookies(); $cookieinfo[$forum['forum_id']] = time(); $cookiestr = ''; foreach ($cookieinfo as $key => $val) { $cookiestr .= ',' . $key . ',' . intval($val); } $domain = get_domain(); setcookie(K4FORUMINFO, trim($cookiestr, ','), time() + 2592000, $domain); unset($cookieinfo, $cookiestr); $cookieinfo = get_topic_cookies(); /** * Set the new breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], $post['name'], $forum); /** * Now tell the cookies that we've read this topic */ $cookieinfo[$post['post_id']] = time(); $cookiestr = ''; foreach ($cookieinfo as $key => $val) { // make sure to weed out 30-day old topic views if ((time() - intval($val)) / 30 <= 2592000) { $cookiestr .= ',' . $key . ',' . intval($val); } } setcookie(K4TOPICINFO, trim($cookiestr, ','), time() + 2592000, $domain); unset($cookieinfo, $cookiestr); /** * More error checking */ if ($post['is_draft'] == 1 || $post['display'] == 0 || $post['queue'] == 1 && !$moderator) { no_perms_error($request); return TRUE; } if (get_map('forums', 'can_view', array()) > $request['user']->get('perms') || get_map($post['row_type'] & TOPIC ? 'topics' : 'replies', 'can_view', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) { $action = new K4InformationAction(new K4LanguageElement('L_PERMCANTVIEWTOPIC'), 'content', FALSE); return $action->execute($request); } /** * Is this topic expired? */ $extra = ''; if ($post['post_type'] > TOPIC_NORMAL && $post['post_expire'] > 0) { if ($post['created'] + 3600 * 24 * $post['post_expire'] > time()) { $extra = ",post_expire=0,post_type=" . TOPIC_NORMAL; } } /* Add the topic info to the template */ foreach ($post as $key => $val) { $request['template']->setVar('post_' . $key, $val); } /* Add the forum info to the template */ foreach ($forum as $key => $val) { $request['template']->setVar('forum_' . $key, $val); } /* Update the number of views for this topic */ $request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET views=views+1 {$extra} WHERE post_id=" . intval($post['post_id'])); /* set the topic iterator */ if ($post['row_type'] & TOPIC) { $request['template']->setVar('next_oldest', intval($request['dba']->getValue("SELECT post_id FROM " . K4POSTS . " WHERE post_id < " . $post['post_id'] . " LIMIT 1"))); $request['template']->setVar('next_newest', intval($request['dba']->getValue("SELECT post_id FROM " . K4POSTS . " WHERE post_id > " . $post['post_id'] . " LIMIT 1"))); /** * Topic subscription stuff */ if ($request['user']->isMember()) { $subscribed = $request['dba']->executeQuery("SELECT * FROM " . K4SUBSCRIPTIONS . " WHERE post_id = " . intval($post['post_id']) . " AND user_id = " . $request['user']->get('id')); $request['template']->setVar('is_subscribed', iif($subscribed->numRows() > 0, 1, 0)); } } $request['template']->setVar('header_text', $use_reply ? $reply['name'] : $post['name']); $request['template']->setVar('show_close_button', 1); $request['template']->setFile('content', 'post_preview.html'); return TRUE; }
function execute(&$request) { global $_SETTINGS; if ($request['user']->get('perms') < get_map('warnuser', 'can_add', array())) { no_perms_error($request); return TRUE; } if (isset($_REQUEST['id'])) { $user = $request['dba']->getRow("SELECT * FROM " . K4USERS . " WHERE id = " . intval($_REQUEST['id'])); k4_bread_crumbs($request['template'], $request['dba'], 'L_WARNUSER'); if (!isset($_REQUEST['warning']) || $_REQUEST['warning'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_PASTPAGELIMIT'), 'content', FALSE, 'mod.php?act=findusers&username='******'&limit=' . $perpage . '&page=' . $num_pages, 3); return $action->execute($request); } if (!is_array($user) || empty($user)) { k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); $action = new K4InformationAction(new K4LanguageElement('L_INSERTWARNING'), 'content', TRUE); return $action->execute($request); } $request['dba']->executeUpdate("UPDATE " . K4USERS . " SET warn_level=warn_level+1 WHERE id = " . intval($user['id'])); email_user($user['email'], $request['template']->getVar('L_WARNING'), $_REQUEST['warning']); $action = new K4InformationAction(new K4LanguageElement('L_SENTWARNING', $user['name']), 'content', TRUE, 'index.php', 3); return $action->execute($request); } else { k4_bread_crumbs($request['template'], $request['dba'], 'L_WARNUSER'); $request['template']->setFile('content', 'finduser.html'); } }
function execute(&$request) { global $_QUERYPARAMS; k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); /** * Error checking on this member */ if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE); return $action->execute($request); } $member = $request['dba']->getRow("SELECT " . $_QUERYPARAMS['user'] . $_QUERYPARAMS['userinfo'] . " FROM " . K4USERS . " u LEFT JOIN " . K4USERINFO . " ui ON u.id = ui.user_id WHERE u.id = " . intval($_REQUEST['id'])); if (!$member || !is_array($member) || empty($member)) { $action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE); return $action->execute($request); } if (!$request['user']->isMember()) { no_perms_error($request); return TRUE; } if (!isset($_REQUEST['subject']) || $_REQUEST['subject'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTMAILSUBJECT'), 'content', TRUE); return $action->execute($request); } if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTMAILMESSAGE'), 'content', TRUE); return $action->execute($request); } k4_bread_crumbs($request['template'], $request['dba'], 'L_EMAILUSER'); $message_header = "From: " . $request['user']->get('name') . "\n"; $message_header .= "User ID: " . $request['user']->get('id') . "\n"; $message_header .= "Email: " . $request['user']->get('email') . "\n\n"; if (!email_user($member['email'], k4_htmlentities(stripslashes($_REQUEST['subject']), ENT_NOQUOTES), $message_header . k4_htmlentities(stripslashes($_REQUEST['message']), ENT_NOQUOTES))) { $action = new K4InformationAction(new K4LanguageElement('L_ERROREMAILING', $member['name']), 'content', FALSE); return $action->execute($request); } else { $action = new K4InformationAction(new K4LanguageElement('L_EMAILSENT', $member['name']), 'content', FALSE, 'member.php?id=' . $member['id'], 3); return $action->execute($request); } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { k4_bread_crumbs($request['template'], $request['dba'], 'L_PERMISSIONMASKS'); if (!isset($_REQUEST['f']) || intval($_REQUEST['f']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDFORUM'), 'content', FALSE); return $action->execute($request); } $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['f'])); if (!is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDFORUM'), 'content', FALSE); return $action->execute($request); } if (!isset($_REQUEST['g']) || intval($_REQUEST['g']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDUSERGROUP'), 'content', TRUE); return $action->execute($request); } $group = $request['dba']->getRow("SELECT * FROM " . K4USERGROUPS . " WHERE id = " . intval($_REQUEST['g'])); if (!is_array($group) || empty($group)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDUSERGROUP'), 'content', TRUE); return $action->execute($request); } $maps = $request['dba']->executeQuery("SELECT * FROM " . K4MAPS . " WHERE group_id = 0 AND forum_id = " . intval($forum['forum_id'])); // delete all of the perms because we are going to readd them // by doing this, we are guranteed to store the minimum number // of changed permissions $request['dba']->executeUpdate("DELETE FROM " . K4MAPS . " WHERE group_id = " . intval($group['id']) . " AND forum_id = " . intval($forum['forum_id'])); $insert = $request['dba']->prepareStatement("INSERT INTO " . K4MAPS . " (row_level,name,varname,category_id,forum_id,user_id,group_id,can_view,can_add,can_edit,can_del,value,parent_id) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)"); while ($maps->next()) { $temp = $maps->current(); $add = FALSE; if (isset($_REQUEST[$temp['varname'] . '_can_view']) && $_REQUEST[$temp['varname'] . '_can_view'] != $temp['can_view']) { $add = TRUE; } if (isset($_REQUEST[$temp['varname'] . '_can_add']) && $_REQUEST[$temp['varname'] . '_can_add'] != $temp['can_add']) { $add = TRUE; } if (isset($_REQUEST[$temp['varname'] . '_can_edit']) && $_REQUEST[$temp['varname'] . '_can_edit'] != $temp['can_edit']) { $add = TRUE; } if (isset($_REQUEST[$temp['varname'] . '_can_del']) && $_REQUEST[$temp['varname'] . '_can_del'] != $temp['can_del']) { $add = TRUE; } if ($add) { $insert->setInt(1, $temp['row_level']); $insert->setString(2, $temp['name']); $insert->setString(3, $temp['varname']); $insert->setInt(4, $temp['category_id']); $insert->setInt(5, $temp['forum_id']); $insert->setInt(6, $temp['user_id']); $insert->setInt(7, $group['id']); $insert->setInt(8, $_REQUEST[$temp['varname'] . '_can_view']); $insert->setInt(9, $_REQUEST[$temp['varname'] . '_can_add']); $insert->setInt(10, $_REQUEST[$temp['varname'] . '_can_edit']); $insert->setInt(11, $_REQUEST[$temp['varname'] . '_can_del']); $insert->setString(12, $temp['value']); $insert->setInt(13, $temp['parent_id']); $insert->executeUpdate(); } } reset_cache('maps'); // usermasks are part of the maps $action = new K4InformationAction(new K4LanguageElement('L_UPDATEDPERMMASK', $group['name'], $forum['name']), 'content', TRUE, 'admin.php?act=masks', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) { /** * Error checking on all _three_ fields :P */ if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_POSTICONDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } $icon = $request['dba']->getRow("SELECT * FROM " . K4POSTICONS . " WHERE id = " . intval($_REQUEST['id'])); if (!is_array($icon) || empty($icon)) { $action = new K4InformationAction(new K4LanguageElement('L_POSTICONDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } if (!isset($_REQUEST['description']) || $_REQUEST['description'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTICONDESC'), 'content', TRUE); return $action->execute($request); } if (!isset($_REQUEST['image_browse']) && !isset($_FILES['image_upload'])) { $action = new K4InformationAction(new K4LanguageElement('L_NEEDCHOOSEICONIMG'), 'content', TRUE); return $action->execute($request); } if (isset($_FILES['image_upload']) && is_array($_FILES['image_upload'])) { $filename = $_FILES['image_upload']['tmp_name']; } if (isset($_REQUEST['image_browse']) && $_REQUEST['image_browse'] != '') { $filename = $_REQUEST['image_browse']; } else { $action = new K4InformationAction(new K4LanguageElement('L_NEEDCHOOSEICONIMG'), 'content', TRUE); return $action->execute($request); } $file_ext = explode(".", $filename); $exts = array('gif', 'jpg', 'jpeg', 'bmp', 'png', 'tiff'); if (count($file_ext) >= 2) { $file_ext = $file_ext[count($file_ext) - 1]; if (!in_array(strtolower($file_ext), $exts)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDICONEXT'), 'content', TRUE); return $action->execute($request); } } else { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDICONEXT'), 'content', TRUE); return $action->execute($request); } /** * Update the icon finally */ $query = $request['dba']->prepareStatement("UPDATE " . K4POSTICONS . " SET description=?,image=? WHERE id=?"); $query->setString(1, $_REQUEST['description']); $query->setString(2, $filename); $query->setInt(3, $icon['id']); $query->executeUpdate(); if (isset($_FILES['image_upload']) && is_array($_FILES['image_upload'])) { $dir = BB_BASE_DIR . '/tmp/upload/posticons'; @chmod($dir, 0777); @move_uploaded_file($_FILES['image_upload']['tmp_name'], $dir . '/' . $filename); } /* Change all of the topics to have no icon */ $request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET posticon = '" . $request['dba']->quote($filename) . "' WHERE posticon = '" . $request['dba']->quote($icon['image']) . "'"); k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTICONS'); $request['template']->setVar('posts_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/posts.html'); $action = new K4InformationAction(new K4LanguageElement('L_UPDATEDPOSTICON'), 'content', TRUE, 'admin.php?act=posticons', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { global $_QUERYPARAMS; if (!$request['user']->isMember()) { no_perms_error($request); return TRUE; } /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); if (!isset($_REQUEST['id']) || !$_REQUEST['id'] || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } /* Get our topic */ $topic = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['id'])); if (!$topic || !is_array($topic) || empty($topic)) { $action = new K4InformationAction(new K4LanguageElement('L_TOPICDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } if ($topic['poster_id'] > 0 && $topic['poster_id'] == $request['user']->get('id')) { $action = new K4InformationAction(new K4LanguageElement('L_CANNOTRATEOWNPOSTS'), 'content', TRUE, referer(), 2); return $action->execute($request); } $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($topic['forum_id'])); if (!isset($_REQUEST['rating']) || $_REQUEST['rating'] < 0 || $_REQUEST['rating'] > 5) { $action = new K4InformationAction(new K4LanguageElement('L_SUPPLIEDBADRATING'), 'content', FALSE); return $action->execute($request); } /* Check the forum data given */ if (!$forum || !is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } $has_rated = $request['dba']->executeQuery("SELECT * FROM " . K4RATINGS . " WHERE post_id = " . intval($topic['post_id']) . " AND user_id = " . intval($request['user']->get('id'))); if ($has_rated->numRows() > 0) { $action = new K4InformationAction(new K4LanguageElement('L_ALREADYRATED', $topic['name']), 'content', FALSE); return $action->execute($request); } $add_rate = $request['dba']->prepareStatement("INSERT INTO " . K4RATINGS . " (post_id,user_id,user_name) VALUES (?,?,?)"); $add_rate->setInt(1, $topic['post_id']); $add_rate->setInt(2, $request['user']->get('id')); $add_rate->setString(3, $request['user']->get('name')); $rating = round(($topic['ratings_sum'] + $_REQUEST['rating']) / ($topic['ratings_num'] + 1), 0); $rate = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET ratings_sum=ratings_sum+?, ratings_num=ratings_num+1, rating=? WHERE post_id=?"); $rate->setInt(1, $_REQUEST['rating']); $rate->setInt(2, $rating); $rate->setInt(3, $topic['post_id']); $add_rate->executeUpdate(); $rate->executeUpdate(); /* Redirect the user */ k4_bread_crumbs($request['template'], $request['dba'], 'L_RATETOPIC', $topic, $forum); $action = new K4InformationAction(new K4LanguageElement('L_RATEDTOPIC', $topic['name']), 'content', FALSE, referer(), 3); return $action->execute($request); return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { setcookie('k4_cssedit', isset($_COOKIE['k4_cssedit']) ? '' : 1, isset($_COOKIE['k4_cssedit']) ? time() - 3600 : time() + 3600); header("Location: index.php"); } else { no_perms_error($request); } }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { /* Error check */ if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDMAPID'), 'content', FALSE); return $action->execute($request); } $map = $request['dba']->getRow("SELECT * FROM " . K4MAPS . " WHERE id = " . intval($_REQUEST['id'])); /* Error check */ if (!is_array($map) || empty($map)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDMAPID'), 'content', FALSE); return $action->execute($request); } /* Update this map's parent */ if ($map['parent_id'] > 0) { $num_children = intval($map['num_children']) + 1; $request['dba']->executeUpdate("UPDATE " . K4MAPS . " SET num_children=num_children-" . $num_children . " WHERE id = " . intval($map['parent_id'])); } /* Remove this mapp node */ $request['dba']->executeUpdate("DELETE FROM " . K4MAPS . " WHERE id = " . intval($map['id'])); /* Recursively remove all of its children */ if ($map['num_children'] > 0) { $this->recursive_remove($map['id']); } reset_cache('maps'); k4_bread_crumbs($request['template'], $request['dba'], 'L_PERMISSIONS'); $request['template']->setVar('options_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/options.html'); /* Redirect the user */ $action = new K4InformationAction(new K4LanguageElement('L_REMOVEDMAPSITEM'), 'content', FALSE, 'admin.php?act=permissions_gui', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) { k4_bread_crumbs($request['template'], $request['dba'], 'L_FAQ'); $request['template']->setVar('faq_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/faq.html'); if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_BADFAQANSER'), 'content', FALSE); return $action->execute($request); } $faq = $request['dba']->getRow("SELECT * FROM " . K4FAQANSWERS . " WHERE answer_id = " . intval($_REQUEST['id'])); if (!is_array($faq) || empty($faq)) { $action = new K4InformationAction(new K4LanguageElement('L_BADFAQANSER'), 'content', FALSE); return $action->execute($request); } $request['dba']->executeUpdate("DELETE FROM " . K4FAQANSWERS . " WHERE answer_id = " . intval($faq['answer_id'])); $request['dba']->executeUpdate("UPDATE " . K4FAQCATEGORIES . " SET num_answers=num_answers-1 WHERE category_id = " . intval($faq['category_id'])); $action = new K4InformationAction(new K4LanguageElement('L_DELETEDFAQANSWER', $faq['question']), 'content', FALSE, 'admin.php?act=faq_answers', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= SUPERADMIN) { // // DEMO VERSION // if(K4DEMOMODE) { // no_perms_error($request, 'content'); // return TRUE; // } global $_QUERYPARAMS; if (isset($_REQUEST['settinggroupid']) && intval($_REQUEST['settinggroupid']) > 0) { $settings = $request['dba']->executeQuery("SELECT * FROM " . K4SETTINGS . " WHERE settinggroupid = " . intval($_REQUEST['settinggroupid'])); while ($settings->next()) { $setting = $settings->current(); $new_val = ctype_digit($_REQUEST[$setting['varname']]) && $_REQUEST[$setting['varname']] != '' ? intval($_REQUEST[$setting['varname']]) : $request['dba']->quote($_REQUEST[$setting['varname']]); $request['dba']->executeUpdate("UPDATE " . K4SETTINGS . " SET value = '{$new_val}' WHERE varname = '" . $request['dba']->quote($setting['varname']) . "'"); } } k4_bread_crumbs($request['template'], $request['dba'], 'L_OPTIONS'); reset_cache('settings'); $request['template']->setVar('options_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/options.html'); $action = new K4InformationAction(new K4LanguageElement('L_UPDATEDOPTIONS'), 'content', FALSE, 'admin.php?act=options', 3); return $action->execute($request); } else { no_perms_error($request, 'content'); } return TRUE; }
function execute(&$request) { global $_QUERYPARAMS, $_DATASTORE, $_USERGROUPS; /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); if (!isset($_REQUEST['id']) || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } /* Get our topic */ $post = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['id'])); if (!$post || !is_array($post) || empty($post)) { $action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($post['forum_id'])); /* Check the forum data given */ if (!$forum || !is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } $delete_topic = FALSE; if ($forum['forum_id'] == GARBAGE_BIN && $this->row_type & TOPIC) { $delete_topic = TRUE; } /* Make sure the we are trying to delete from a forum */ if (!($forum['row_type'] & FORUM)) { $action = new K4InformationAction(new K4LanguageElement('L_CANTDELFROMNONFORUM'), 'content', FALSE); return $action->execute($request); } /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], $this->row_type & REPLY ? 'L_DELETEREPLY' : 'L_DELETETOPIC', $post, $forum); $maps_var = $this->row_type & TOPIC ? 'topics' : 'replies'; /* Does this person have permission to remove this post? */ if ($post['poster_id'] == $request['user']->get('id')) { if (get_map($maps_var, 'can_del', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) { no_perms_error($request); return TRUE; } } else { if (get_map('other_' . $maps_var, 'can_del', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) { no_perms_error($request); return TRUE; } } $user_usergroups = $request['user']->get('usergroups') != '' ? explode('|', $request['user']->get('usergroups')) : array(); $forum_usergroups = $forum['moderating_groups'] != '' ? explode('|', $forum['moderating_groups']) : array(); if (!is_moderator($request['user']->getInfoArray(), $forum)) { no_perms_error($request); return TRUE; } /* Begin the SQL transaction */ $request['dba']->beginTransaction(); /** * Should we update the topic? */ if ($this->row_type & REPLY) { $topic_last_reply = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id <> " . intval($post['post_id']) . " AND parent_id=" . intval($post['parent_id']) . " ORDER BY created DESC LIMIT 1"); $topic_update = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET lastpost_created=?,lastpost_uname=?,lastpost_uid=?,lastpost_id=?,num_replies=? WHERE post_id=?"); $topic_update->setInt(1, $topic_last_reply['created']); $topic_update->setString(2, $topic_last_reply['poster_name']); $topic_update->setInt(3, $topic_last_reply['poster_id']); $topic_update->setInt(4, $topic_last_reply['post_id']); $topic_update->setInt(5, intval($request['dba']->getValue("SELECT COUNT(*) FROM " . K4POSTS . " WHERE parent_id=" . intval($post['parent_id'])) - 1)); // use this to make sure we get the right count $topic_update->setInt(6, $post['parent_id']); $topic_update->executeUpdate(); } /** * Remove any bad post reports, get a count of replies, change * user post counts and remove attachments! WOAH! */ $num_replies_to_remove = 1; if ($this->row_type & REPLY) { $request['dba']->executeUpdate("DELETE FROM " . K4BADPOSTREPORTS . " WHERE post_id = " . intval($post['post_id'])); } else { $posts = $request['dba']->executeQuery("SELECT post_id,poster_id,attachments FROM " . K4POSTS . " WHERE ( (parent_id=" . intval($post['post_id']) . " AND row_type=" . REPLY . ") OR (post_id=" . intval($post['post_id']) . " AND row_type=" . TOPIC . ") )"); $num_replies_to_remove = intval($posts->numrows() - 1); while ($posts->next()) { $p = $posts->current(); // remove bad post report $request['dba']->executeUpdate("DELETE FROM " . K4BADPOSTREPORTS . " WHERE post_id = " . intval($p['post_id'])); // change user post count if ($delete_topic || $this->row_type & REPLY) { $request['dba']->executeUpdate("UPDATE " . K4USERINFO . " SET num_posts=num_posts-1 WHERE user_id=" . intval($p['poster_id'])); } if ($p['attachments'] > 0) { remove_attachments($request, $p, FALSE); } } } /** * Delete/Move the post */ if ($delete_topic || $this->row_type & REPLY) { $request['dba']->executeUpdate("DELETE FROM " . K4POSTS . " WHERE post_id = " . intval($post['post_id'])); // change or remove replies if ($this->row_type & REPLY) { $request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET row_order=row_order-1 WHERE row_order>" . intval($post['row_order']) . " AND post_id=" . intval($post['forum_id'])); } else { $request['dba']->executeUpdate("DELETE FROM " . K4POSTS . " WHERE parent_id=" . intval($post['post_id'])); $request['dba']->executeUpdate("DELETE FROM " . K4RATINGS . " WHERE post_id = " . intval($post['post_id'])); } } else { /* Move this topic and its replies to the garbage bin */ if ($this->row_type & TOPIC) { // parent_id is left as the current forum id $request['dba']->executeUpdate("UPDATE " . K4POSTS . " SET forum_id=" . GARBAGE_BIN . " WHERE ( (parent_id=" . intval($post['post_id']) . " AND row_type=" . REPLY . ") OR post_id=" . intval($post['post_id']) . ")"); // update the garbage bin $newpost_created = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE forum_id=" . GARBAGE_BIN . " ORDER BY created DESC LIMIT 1"); $forum_update = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET posts=posts+?,replies=replies+?,topics=topics+?,post_created=?,post_name=?,post_uname=?,post_id=?,post_uid=?,post_posticon=? WHERE forum_id=?"); $forum_update->setInt(1, $this->row_type & REPLY ? $num_replies_to_remove : $num_replies_to_remove + 1); $forum_update->setInt(2, $num_replies_to_remove); $forum_update->setInt(3, $this->row_type & REPLY ? 0 : 1); $forum_update->setInt(4, $newpost_created['created']); $forum_update->setString(5, $newpost_created['name']); $forum_update->setString(6, $newpost_created['poster_name']); $forum_update->setInt(7, $newpost_created['post_id']); $forum_update->setInt(8, $newpost_created['poster_id']); $forum_update->setString(9, $newpost_created['posticon']); $forum_update->setInt(10, GARBAGE_BIN); $forum_update->executeUpdate(); } } /* Get that last post in this forum that's not part of/from this topic */ $lastpost_created = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE forum_id=" . intval($post['forum_id']) . " ORDER BY created DESC LIMIT 1"); if (!is_array($lastpost_created) || empty($lastpost_created)) { $lastpost_created = array('created' => 0, 'name' => '', 'poster_name' => '', 'post_id' => 0, 'poster_id' => 0, 'posticon' => ''); } /** * Update the forum and the datastore */ $forum_update = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET posts=posts-?,replies=replies-?,topics=topics-?,post_created=?,post_name=?,post_uname=?,post_id=?,post_uid=?,post_posticon=? WHERE forum_id=?"); /* Set the forum values */ $forum_update->setInt(1, $this->row_type & REPLY ? $num_replies_to_remove : $num_replies_to_remove + 1); $forum_update->setInt(2, $num_replies_to_remove); $forum_update->setInt(3, $this->row_type & REPLY ? 0 : 1); $forum_update->setInt(4, $lastpost_created['created']); $forum_update->setString(5, $lastpost_created['name']); $forum_update->setString(6, $lastpost_created['poster_name']); $forum_update->setInt(7, $lastpost_created['post_id']); $forum_update->setInt(8, $lastpost_created['poster_id']); $forum_update->setString(9, $lastpost_created['posticon']); $forum_update->setInt(10, $forum['forum_id']); $forum_update->executeUpdate(); /* Set the datastore values */ if ($delete_topic || $this->row_type & REPLY) { $datastore_update = $request['dba']->prepareStatement("UPDATE " . K4DATASTORE . " SET data=? WHERE varname=?"); $datastore = $_DATASTORE['forumstats']; $datastore['num_replies'] = $request['dba']->getValue("SELECT COUNT(*) FROM " . K4POSTS . " WHERE row_type=" . REPLY); $datastore['num_topics'] = $request['dba']->getValue("SELECT COUNT(*) FROM " . K4POSTS . " WHERE row_type=" . TOPIC); $datastore_update->setString(1, serialize($datastore)); $datastore_update->setString(2, 'forumstats'); /* Execute datastore update query */ $datastore_update->executeUpdate(); // Update the datastore cache reset_cache('datastore'); } $request['dba']->commitTransaction(); /* Redirect the user */ $action = new K4InformationAction(new K4LanguageElement($this->row_type & REPLY ? 'L_DELETEDREPLY' : 'L_DELETEDTOPIC', $post['name']), 'content', FALSE, $this->row_type & REPLY ? 'viewtopic.php?id=' . $post['parent_id'] : 'viewforum.php?f=' . $post['forum_id'], 3); return $action->execute($request); }
function execute(&$request) { global $_QUERYPARAMS; /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); /* Check the request ID */ if (!isset($_REQUEST['id']) || !$_REQUEST['id'] || intval($_REQUEST['id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['id'])); /* Check the forum data given */ if (!$forum || !is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } /* Make sure the we are trying to post into a forum */ if (!($forum['row_type'] & FORUM) || $forum['forum_id'] == GARBAGE_BIN) { no_perms_error($request); return TRUE; } $is_poll = isset($_REQUEST['poll']) && intval($_REQUEST['poll']) == 1 ? TRUE : FALSE; $perm = $is_poll ? 'polls' : 'topics'; /* Do we have permission to post to this forum? */ if ($request['user']->get('perms') < get_map($perm, 'can_add', array('forum_id' => $forum['forum_id']))) { no_perms_error($request); return TRUE; } /* Prevent post flooding */ $last_topic = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE poster_ip = '" . USER_IP . "' ORDER BY created DESC LIMIT 1"); $last_reply = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE poster_ip = '" . USER_IP . "' ORDER BY created DESC LIMIT 1"); if (is_array($last_topic) && !empty($last_topic)) { if (intval($last_topic['created']) + POST_IMPULSE_LIMIT > time() && $request['user']->get('perms') < MODERATOR) { $action = new K4InformationAction(new K4LanguageElement('L_MUSTWAITSECSTOPOST'), 'content', TRUE); return $action->execute($request); } } if (is_array($last_reply) && !empty($last_reply)) { if (intval($last_reply['created']) + POST_IMPULSE_LIMIT > time() && $request['user']->get('perms') < MODERATOR) { $action = new K4InformationAction(new K4LanguageElement('L_MUSTWAITSECSTOPOST'), 'content', TRUE); return $action->execute($request); } } /** * Start setting useful template information */ if ($is_poll) { $request['template']->setVar('poll', 1); } /* Get and set the emoticons and post icons to the template */ $emoticons = $request['dba']->executeQuery("SELECT * FROM " . K4EMOTICONS . " WHERE clickable = 1"); $posticons = $request['dba']->executeQuery("SELECT * FROM " . K4POSTICONS); $request['template']->setList('emoticons', $emoticons); $request['template']->setList('posticons', $posticons); $request['template']->setVar('emoticons_per_row', $request['template']->getVar('smcolumns')); $request['template']->setVar('emoticons_per_row_remainder', $request['template']->getVar('smcolumns') - 1); topic_post_options($request['template'], $request['user'], $forum); /* Set the forum info to the template */ foreach ($forum as $key => $val) { $request['template']->setVar('forum_' . $key, $val); } $request['template']->setVar('newtopic_action', 'newtopic.php?act=posttopic'); // set the default number of available attachments to 0 // if a draft is loaded, we might subtract from that ;) $num_attachments = 0; /** * Get topic drafts for this forum */ $body_text = ''; $drafts = $request['dba']->executeQuery("SELECT * FROM " . K4POSTS . " WHERE forum_id = " . intval($forum['forum_id']) . " AND is_draft = 1 AND poster_id = " . intval($request['user']->get('id'))); if ($drafts->numrows() > 0) { $request['template']->setVisibility('load_button', TRUE); if (isset($_REQUEST['load_drafts']) && $_REQUEST['load_drafts'] == 1) { $request['template']->setVisibility('load_button', FALSE); $request['template']->setFile('drafts', 'post_drafts.html'); $request['template']->setList('drafts', $drafts); } if (isset($_REQUEST['draft']) && intval($_REQUEST['draft']) != 0) { /* Get our topic */ $draft = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id=" . intval($_REQUEST['draft']) . " AND is_draft=1 AND poster_id=" . intval($request['user']->get('id'))); if (!$draft || !is_array($draft) || empty($draft)) { k4_bread_crumbs($request['template'], $request['dba'], 'L_INVALIDDRAFT'); $action = new K4InformationAction(new K4LanguageElement('L_DRAFTDOESNTEXIST'), 'content', FALSE); return $action->execute($request); } $request['template']->setVar('attach_post_id', $draft['post_id']); $request['template']->setVar('newtopic_action', 'newtopic.php?act=postdraft'); //$action = new K4InformationAction(new K4LanguageElement('L_DRAFTLOADED'), 'drafts', FALSE); /* Turn the draft text back into bbcode */ $parser =& new BBParser(); $draft['body_text'] = $parser->revert($draft['body_text']); $body_text = $draft['body_text']; $request['template']->setVisibility('save_draft', FALSE); $request['template']->setVisibility('load_button', FALSE); $request['template']->setVisibility('edit_topic', TRUE); $request['template']->setVisibility('post_id', TRUE); $request['template']->setVisibility('br', TRUE); $num_attachments = $draft['attachments']; /* Assign the draft information to the template */ foreach ($draft as $key => $val) { $request['template']->setVar('post_' . $key, $val); } if ($request['template']->getVar('nojs') == 0) { post_attachment_options($request, $forum, $draft); } //$action->execute($request); } } /** * Deal with file attachments */ if ($request['template']->getVar('nojs') == 0) { if ($request['template']->getVar('attach_inputs') == '') { if ($request['user']->get('perms') >= get_map('attachments', 'can_add', array('forum_id' => $forum['forum_id']))) { $num_attachments = $request['template']->getVar('nummaxattaches') - $num_attachments; $attach_inputs = ''; for ($i = 1; $i <= $num_attachments; $i++) { $attach_inputs .= '<br /><input type="file" class="inputbox" name="attach' . $i . '" id="attach' . $i . '" value="" size="55" />'; } $request['template']->setVar('attach_inputs', $attach_inputs); } } } /* Create our editor */ create_editor($request, $body_text, 'post', $forum); /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTTOPIC', $forum); /* Set the post topic form */ $request['template']->setVar('is_topic', 1); $request['template']->setFile('content', 'newtopic.html'); $request['template']->setVar('forum_forum_id', $forum['forum_id']); $request['template']->setVisibility('post_topic', TRUE); $request['template']->setVar('L_TITLETOOSHORT', sprintf($request['template']->getVar('L_TITLETOOSHORT'), $request['template']->getVar('topicminchars'), $request['template']->getVar('topicmaxchars'))); return TRUE; }
function execute(&$request) { global $_QUERYPARAMS; if (!$request['user']->isMember()) { no_perms_error($request); return TRUE; } if (!isset($_REQUEST['id']) || !$_REQUEST['id'] || intval($_REQUEST['id']) == 0) { /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INVALIDFORUM'); $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); return TRUE; } /* Get our forum */ $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['id'])); if (!$forum || !is_array($forum) || empty($forum)) { /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INVALIDFORUM'); $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return $action->execute($request); return TRUE; } $subscribe = $request['dba']->prepareStatement("DELETE FROM " . K4SUBSCRIPTIONS . " WHERE user_id=? AND post_id=0 AND forum_id=?"); $subscribe->setInt(1, $request['user']->get('id')); $subscribe->setInt(2, $forum['forum_id']); $subscribe->executeUpdate(); /* Redirect the user */ k4_bread_crumbs($request['template'], $request['dba'], 'L_SUBSCRIPTIONS', $forum); $action = new K4InformationAction(new K4LanguageElement('L_UNSUBSCRIBEDFORUM', $forum['name']), 'content', FALSE, referer(), 3); // 'viewforum.php?f='. $forum['forum_id'] return $action->execute($request); }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) { $request['template']->setVar('current_location', $request['template']->getVar('L_FILEBROWSER')); $request['template']->setVar('opener_input', @$_REQUEST['input']); $request['template']->setVar('selected', @$_REQUEST['selected']); $directory = BB_BASE_DIR . DIRECTORY_SEPARATOR . @$_REQUEST['dir']; if (!isset($_REQUEST['dir']) || $_REQUEST['dir'] == '' || !file_exists($directory) || !is_dir($directory)) { $action = new K4InformationAction(new K4LanguageElement('L_DIRECTORYDOESNTEXIST', BB_BASE_DIR . DIRECTORY_SEPARATOR . $dir), 'content', FALSE); return $action->execute($request); } $filetypes = array('html' => array('HTM', 'HTML', 'JS'), 'php' => array('PHP'), 'img' => array('GIF', 'PNG', 'TIFF', 'JPG', 'JPEG', 'BMP', 'ICO')); $filetype = (!isset($_REQUEST['filetype']) || $_REQUEST['filetype'] == '') && !array_key_exists(@$_REQUEST['filetype'], $filetypes) ? FALSE : $_REQUEST['filetype']; $dir = dir($directory); $files = array(); while (false !== ($file = $dir->read())) { if ($file != '.' && $file != '..' && $file != 'Thumbs.db') { if (!is_dir($directory . DIRECTORY_SEPARATOR . $file)) { $temp = array(); /* Get File extension */ $exts = explode(".", $file); $temp['fileext'] = count($exts) < 2 ? '' : strtoupper($exts[count($exts) - 1]); $temp['shortname'] = $file; $temp['filename'] = $_REQUEST['dir'] . '/' . $file; $temp['file'] = $exts[0]; if (in_array($temp['fileext'], $filetypes['html'])) { $temp['filetype'] = 'html'; } else { if (in_array($temp['fileext'], $filetypes['php'])) { $temp['filetype'] = 'php'; } else { if (in_array($temp['fileext'], $filetypes['img'])) { $temp['filetype'] = 'img'; $dimensions = $this->resize_image($temp['filename']); $temp['width'] = $dimensions[0]; $temp['height'] = $dimensions[1]; } else { $temp['filetype'] = ''; } } } if (!$filetype) { $files[] = $temp; } else { if ($temp['filetype'] == $filetype) { $files[] = $temp; } } } } } $files =& new FAArrayIterator($files); $request['template']->setVar('img', 'img'); $request['template']->setList('files_list', $files); $request['template']->setFile('content', 'file_browser.html'); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) { k4_bread_crumbs($request['template'], $request['dba'], 'L_USERTITLES'); $request['template']->setVar('users_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/users.html'); if (!isset($_REQUEST['user_id']) || intval($_REQUEST['user_id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE); return $action->execute($request); } $user = $request['dba']->getRow("SELECT * FROM " . K4USERS . " WHERE id = " . intval($_REQUEST['user_id'])); if (!is_array($user) || empty($user)) { $action = new K4InformationAction(new K4LanguageElement('L_USERDOESNTEXIST'), 'content', TRUE); return $action->execute($request); } $title = isset($_REQUEST['user_title']) ? $_REQUEST['user_title'] : ''; $request['dba']->executeUpdate("UPDATE " . K4USERINFO . " SET user_title = '" . $request['dba']->quote($title) . "' WHERE user_id = " . intval($_REQUEST['user_id'])); $action = new K4InformationAction(new K4LanguageElement('L_UPDATEDUSERTITLE', $user['name']), 'content', TRUE, 'admin.php?act=usertitles', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
function execute(&$request) { /* Create the ancestors bar */ k4_bread_crumbs($request['template'], $request['dba'], 'L_RESENDVALIDATIONEMAIL'); /* Check if the user is logged in or not */ if ($request['user']->isMember()) { no_perms_error($request); return TRUE; } if (!$this->runPostFilter('email', new FARequiredFilter())) { $action = new K4InformationAction(new K4LanguageElement('L_SUPPLYEMAIL'), 'content', TRUE); return $action->execute($request); } if (!$this->runPostFilter('email', new FARegexFilter('~^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$~'))) { $action = new K4InformationAction(new K4LanguageElement('L_NEEDVALIDEMAIL'), 'content', TRUE); return $action->execute($request); } $user = $request['dba']->getRow("SELECT * FROM " . K4USERS . " WHERE email = '" . $request['dba']->quote($_REQUEST['email']) . "'"); if (!is_array($user) || empty($user)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDEMAILRVE', $_REQUEST['email']), 'content', TRUE); return $action->execute($request); } if ($user['reg_key'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_USERREGGEDRVE'), 'content', TRUE); return $action->execute($request); } // .'/member.php?act=activate_accnt&key='. $user['reg_key'] $url = new FAUrl(K4_URL); $url->file = 'member.php'; $url->args = array('act' => 'activate_accnt', 'key' => $user['reg_key']); $email = sprintf($request['template']->getVar('L_REGISTEREMAILRMSG'), $user['name'], $request['template']->getVar('bbtitle'), str_replace('&', '&', $url->__toString()), $request['template']->getVar('bbtitle')); email_user($user['email'], $request['template']->getVar('bbtitle') . ' - ' . $request['template']->getVar('L_RESENDVALIDATIONEMAIL'), $email); $action = new K4InformationAction(new K4LanguageElement('L_RESENTREGEMAIL', $_REQUEST['email']), 'content', TRUE); return $action->execute($request); }
function execute(&$request) { no_perms_error($request); return TRUE; }