$pm_subject = isset($_POST['req_subject']) ? panther_trim($_POST['req_subject']) : '';
if ($panther_config['o_censoring'] == '1') {
$censored_subject = panther_trim(censor_words($pm_subject));
}
if ($pm_subject == '') {
$errors[] = $lang_warnings['No subject'];
} else {
if ($panther_config['o_censoring'] == '1' && $censored_subject == '') {
$errors[] = $lang_post['No subject after censoring'];
} else {
if (panther_strlen($pm_subject) > 70) {
$errors[] = $lang_post['Too long subject'];
}
}
}
$pm_message = panther_linebreaks(panther_trim($_POST['req_message']));
if ($pm_message == '') {
$errors[] = $lang_post['No message'];
} else {
if (strlen($pm_message) > PANTHER_MAX_POSTSIZE) {
$errors[] = sprintf($lang_post['Too long message'], forum_number_format(PANTHER_MAX_POSTSIZE));
}
}
if ($panther_config['p_message_bbcode'] == '1') {
require PANTHER_ROOT . 'include/parser.php';
$pm_message = $parser->preparse_bbcode($pm_message, $errors);
}
if (empty($errors)) {
if ($pm_message == '') {
$errors[] = $lang_post['No message'];
} else {
} else {
if ($panther_config['o_censoring'] == '1' && $censored_subject == '') {
$errors[] = $lang_post['No subject after censoring'];
} else {
if (panther_strlen($subject) > 70) {
$errors[] = $lang_post['Too long subject'];
} else {
if ($panther_config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$panther_user['is_admmod']) {
$errors[] = $lang_post['All caps subject'];
}
}
}
}
}
// Clean up message from POST
$message = isset($_POST['req_message']) ? panther_linebreaks(panther_trim($_POST['req_message'])) : '';
// Here we use strlen() not panther_strlen() as we want to limit the post to PANTHER_MAX_POSTSIZE bytes, not characters
if (strlen($message) > PANTHER_MAX_POSTSIZE) {
$errors[] = sprintf($lang_post['Too long message'], forum_number_format(PANTHER_MAX_POSTSIZE));
} else {
if ($panther_config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$panther_user['is_admmod']) {
$errors[] = $lang_post['All caps message'];
}
}
// Validate BBCode syntax
if ($panther_config['p_message_bbcode'] == '1') {
require PANTHER_ROOT . 'include/parser.php';
$message = $parser->preparse_bbcode($message, $errors);
}
if (empty($errors)) {
if ($message == '') {
$forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower($lang_common['Member']), utf8_strtolower($lang_common['Moderator']), utf8_strtolower($lang_common['Administrator']), utf8_strtolower($lang_common['Banned']), utf8_strtolower($lang_common['Guest']));
if (in_array(utf8_strtolower($form['title']), $forbidden)) {
message($lang_profile['Forbidden title']);
}
}
}
}
break;
case 'messaging':
$form = array('facebook' => panther_trim($_POST['form']['facebook']), 'steam' => panther_trim($_POST['form']['steam']), 'skype' => panther_trim($_POST['form']['skype']), 'google' => panther_trim($_POST['form']['google']), 'twitter' => panther_trim($_POST['form']['twitter']));
break;
case 'personality':
$form = array();
// Clean up signature from POST
if ($panther_config['o_signatures'] == '1') {
$form['signature'] = isset($_POST['signature']) ? panther_linebreaks(panther_trim($_POST['signature'])) : '';
// Validate signature
if (panther_strlen($form['signature']) > $panther_config['p_sig_length']) {
message(sprintf($lang_prof_reg['Sig too long'], $panther_config['p_sig_length'], panther_strlen($form['signature']) - $panther_config['p_sig_length']));
} else {
if (substr_count($form['signature'], "\n") > $panther_config['p_sig_lines'] - 1) {
message(sprintf($lang_prof_reg['Sig too many lines'], $panther_config['p_sig_lines']));
} else {
if ($form['signature'] && $panther_config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$panther_user['is_admmod']) {
$form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
}
}
}
// Validate BBCode syntax
if ($panther_config['p_sig_bbcode'] == '1') {
require PANTHER_ROOT . 'include/parser.php';
require PANTHER_ROOT . 'footer.php';
} else {
if (isset($_GET['report'])) {
if ($panther_user['is_guest']) {
message($lang_common['No permission'], false, '403 Forbidden');
}
$post_id = intval($_GET['report']);
if ($post_id < 1) {
message($lang_common['Bad request'], false, '404 Not Found');
}
$errors = array();
if (isset($_POST['form_sent'])) {
// Make sure they got here from the site
confirm_referrer('misc.php');
// Clean up reason from POST
$reason = isset($_POST['req_reason']) ? panther_linebreaks(panther_trim($_POST['req_reason'])) : '';
if ($reason == '') {
$errors[] = $lang_misc['No reason'];
} else {
if (strlen($reason) > 65535) {
// TEXT field can only hold 65535 bytes
$errors[] = $lang_misc['Reason too long'];
}
}
if ($panther_user['last_report_sent'] != '' && time() - $panther_user['last_report_sent'] < $panther_user['g_report_flood'] && time() - $panther_user['last_report_sent'] >= 0) {
$errors[] = sprintf($lang_misc['Report flood'], $panther_user['g_report_flood'], $panther_user['g_report_flood'] - (time() - $panther_user['last_report_sent']));
}
($hook = get_extensions('report_after_validation')) ? eval($hook) : null;
if (empty($errors)) {
// Get the topic ID
$data = array(':id' => $post_id);
}
}
if ($form['announcement_message'] != '') {
$form['announcement_message'] = panther_linebreaks($form['announcement_message']);
} else {
$form['announcement_message'] = $lang_admin_options['Enter announcement here'];
$form['announcement'] = '0';
}
if ($form['rules_message'] != '') {
$form['rules_message'] = panther_linebreaks($form['rules_message']);
} else {
$form['rules_message'] = $lang_admin_options['Enter rules here'];
$form['rules'] = '0';
}
if ($form['maintenance_message'] != '') {
$form['maintenance_message'] = panther_linebreaks($form['maintenance_message']);
} else {
$form['maintenance_message'] = $lang_admin_options['Default maintenance message'];
$form['maintenance'] = '0';
}
// Make sure the number of displayed topics and posts is between 3 and 75
if ($form['disp_topics_default'] < 3) {
$form['disp_topics_default'] = 3;
} else {
if ($form['disp_topics_default'] > 75) {
$form['disp_topics_default'] = 75;
}
}
if ($form['disp_posts_default'] < 3) {
$form['disp_posts_default'] = 3;
} else {
function send($to, $subject, $message, $reply_to_email = '', $reply_to_name = '')
{
// Use \r\n for SMTP servers, the system's line ending for local mailers
$smtp = $this->config['o_smtp_host'] != '';
$EOL = $smtp ? "\r\n" : FORUM_EOL;
// Do a little spring cleaning
$to = panther_trim(preg_replace('%[\\n\\r]+%s', '', $to));
$subject = panther_trim(preg_replace('%[\\n\\r]+%s', '', $subject));
$from_email = panther_trim(preg_replace('%[\\n\\r:]+%s', '', $this->config['o_webmaster_email']));
$from_name = panther_trim(preg_replace('%[\\n\\r:]+%s', '', str_replace('"', '', $this->config['o_email_name'])));
$reply_to_email = panther_trim(preg_replace('%[\\n\\r:]+%s', '', $reply_to_email));
$reply_to_name = panther_trim(preg_replace('%[\\n\\r:]+%s', '', str_replace('"', '', $reply_to_name)));
// Set up some headers to take advantage of UTF-8
$from = '"' . $this->encode_mail_text($from_name) . '" <' . $from_email . '>';
$subject = $this->encode_mail_text($subject);
$headers = 'From: ' . $from . $EOL . 'Date: ' . gmdate('r') . $EOL . 'MIME-Version: 1.0' . $EOL . 'Content-transfer-encoding: 8bit' . $EOL . 'Content-type: text/plain; charset=utf-8' . $EOL . 'X-Mailer: Panther Forum Software';
// If we specified a reply-to email, we deal with it here
if (!empty($reply_to_email)) {
$reply_to = '"' . $this->encode_mail_text($reply_to_name) . '" <' . $reply_to_email . '>';
$headers .= $EOL . 'Reply-To: ' . $reply_to;
}
// Make sure all linebreaks are LF in message (and strip out any NULL bytes)
$message = str_replace("", '', panther_linebreaks($message));
$message = str_replace("\n", $EOL, $message);
if ($smtp) {
$this->smtp_mail($to, $subject, $message, $headers);
} else {
mail($to, $subject, $message, $headers);
}
}
generate_forums_cache();
generate_quickjump_cache();
generate_perms_cache();
redirect(panther_link($panther_url['admin_forums']), $lang_admin_forums['Forums updated redirect']);
} else {
if (isset($_GET['edit_forum'])) {
$forum_id = intval($_GET['edit_forum']);
if ($forum_id < 1) {
message($lang_common['Bad request'], false, '404 Not Found');
}
// Update group permissions for $forum_id
if (isset($_POST['save'])) {
confirm_referrer(PANTHER_ADMIN_DIR . '/forums.php');
// Start with the forum details
$forum_name = isset($_POST['forum_name']) ? panther_trim($_POST['forum_name']) : '';
$forum_desc = isset($_POST['forum_desc']) ? panther_linebreaks(panther_trim($_POST['forum_desc'])) : '';
$cat_id = isset($_POST['cat_id']) ? intval($_POST['cat_id']) : '';
$sort_by = isset($_POST['sort_by']) ? intval($_POST['sort_by']) : '';
$redirect_url = isset($_POST['redirect_url']) ? panther_trim($_POST['redirect_url']) : null;
$use_reputation = isset($_POST['use_reputation']) && $_POST['use_reputation'] == '1' ? '1' : '0';
$force_approve = isset($_POST['moderator_approve']) ? intval($_POST['moderator_approve']) : '0';
$parent_forum = isset($_POST['parent_forum']) ? intval($_POST['parent_forum']) : '0';
$show_post_info = isset($_POST['show_post_info']) ? intval($_POST['show_post_info']) : '1';
$forum_password1 = isset($_POST['forum_password1']) ? panther_trim($_POST['forum_password1']) : '';
$forum_password2 = isset($_POST['forum_password2']) ? panther_trim($_POST['forum_password2']) : '';
$change_password = isset($_POST['change_forum_pass']) ? intval($_POST['change_forum_pass']) : '0';
$quickjump = isset($_POST['quickjump']) ? intval($_POST['quickjump']) : '1';
$protected = isset($_POST['protected']) ? intval($_POST['protected']) : '0';
$increment_posts = isset($_POST['increment_posts']) ? intval($_POST['increment_posts']) : 1;
if ($forum_name == '') {
message($lang_admin_forums['Must enter name message']);
