$moddays = 2; } if (isset($_POST['onlyunapproved']) && is_numeric($_POST['onlyunapproved'])) { $showwaiting = (int) $_POST['onlyunapproved']; } elseif (isset($PHORUM['args']['onlyunapproved']) && !empty($PHORUM["args"]['onlyunapproved']) && is_numeric($PHORUM["args"]['onlyunapproved'])) { $showwaiting = (int) $PHORUM['args']['onlyunapproved']; } else { $showwaiting = phorum_api_user_get_setting('cc_messages_onlyunapproved'); } if (empty($showwaiting)) { $showwaiting = 0; } $PHORUM['DATA']['SELECTED'] = $moddays; $PHORUM['DATA']['SELECTED_2'] = $showwaiting ? true : false; // Store current selection for the user. phorum_api_user_save_settings(array("cc_messages_moddays" => $moddays, "cc_messages_onlyunapproved" => $showwaiting)); // some needed vars $numunapproved = 0; $oldforum = $PHORUM['forum_id']; $mod_forums = phorum_api_user_check_access(PHORUM_USER_ALLOW_MODERATE_MESSAGES, PHORUM_ACCESS_LIST); $gotforums = count($mod_forums) > 0; if ($gotforums && isset($_POST['deleteids']) && count($_POST['deleteids'])) { //print_var($_POST['deleteids']); $deleteids = $_POST['deleteids']; foreach ($deleteids as $did => $did_var) { $deleteids[$did] = (int) $did_var; } $delete_messages = phorum_db_get_message(array_keys($deleteids), 'message_id', true); //print_var($delete_messages); foreach ($deleteids as $msgthd_id => $doit) { // A hook to allow modules to implement extra or different
} elseif (!empty($_POST['continue'])) { if (!empty($_POST['target'])) { $url = phorum_admin_build_url($_POST['target'], TRUE); } else { $url = phorum_admin_build_url(NULL, TRUE); } phorum_api_redirect($url); } exit; } } // We have no token or our token expired. // Generate a fresh token. $admin_token_time = time(); $admin_token = phorum_api_sign($PHORUM['user']['user_id'] . microtime() . $PHORUM['user']['username'] . $PHORUM['user']['sessid_st']); phorum_api_user_save_settings(array('admin_token_time' => $admin_token_time, 'admin_token' => $admin_token)); $PHORUM['admin_token'] = $admin_token; // If there are no POST or GET variables in the request, besides // "module" and/or "phorum_admin_token", then we can safely load // the requested admin page, without bugging the admin about the // token timeout. $post = $_POST; unset($post['module']); unset($post['phorum_admin_token']); $get = $_GET; unset($get['module']); unset($get['phorum_admin_token']); if (empty($post) && empty($get)) { $module = ''; if (isset($_POST['module'])) { $module = basename($_POST['module']);
} } // the number of days to show if (isset($_POST['subdays']) && is_numeric($_POST['subdays'])) { $subdays = $_POST['subdays']; } elseif (isset($PHORUM['args']['subdays']) && !empty($PHORUM["args"]['subdays']) && is_numeric($PHORUM["args"]['subdays'])) { $subdays = $PHORUM['args']['subdays']; } else { $subdays = phorum_api_user_get_setting('cc_subscriptions_subdays'); } if ($subdays === NULL) { $subdays = 2; } $PHORUM['DATA']['SELECTED'] = $subdays; // Store current selection for the user. phorum_api_user_save_settings(array("cc_subscriptions_subdays" => $subdays)); // reading all forums for the current vroot $forums = phorum_db_get_forums(0, NULL, $PHORUM["vroot"]); // reading all subscriptions to messages in the current vroot. $forum_ids = array($PHORUM["vroot"]); foreach ($forums as $forum) { $forum_ids[] = $forum["forum_id"]; } $subscr_array = phorum_api_user_list_subscriptions($PHORUM['user']['user_id'], $subdays, $forum_ids); // storage for newflags $PHORUM['user']['newinfo'] = array(); // go through all subscriptions $subscr_array_final = array(); unset($subscr_array["forum_ids"]); foreach ($subscr_array as $id => $data) { $data['forum'] = $forums[$data['forum_id']]['name'];
function testUserApiSettings() { // now handling user-settings $user_id = phorum_api_user_search('username', 'testuser' . $this->sharedFixture, '='); $ret = phorum_api_user_save_settings(array()); $this->assertNull($ret, 'Saving user-settings (no user_id).'); $GLOBALS['PHORUM']['user']['user_id'] = $user_id; $ret = phorum_api_user_save_settings(array()); $this->assertTrue($ret, 'Saving user-settings (empty settings).'); $ret = phorum_api_user_save_settings(array('foo' => 'bar')); $this->assertTrue($ret, 'Saving user-settings.'); // getting settings $ret = phorum_api_user_get_setting('foo'); $this->assertEquals($ret, 'bar', 'Getting user-settings.'); $ret = phorum_api_user_get_setting('bar'); $this->assertNull($ret, 'Getting user-settings (unknown key).'); }
} elseif (isset($_GET["module"]) && is_scalar($_GET["module"])) { $module = @basename($_GET["module"]); } if (empty($module) || !file_exists("./include/admin/{$module}.php")) { $module = "default"; } // check the admin token if (!empty($GLOBALS["PHORUM"]["user"]['settings_data']['admin_token']) && $PHORUM['admin_token'] != $GLOBALS["PHORUM"]["user"]['settings_data']['admin_token'] || $GLOBALS["PHORUM"]["user"]['settings_data']['admin_token_time'] <= time() - PHORUM_ADMIN_TOKEN_TIMEOUT) { // 900 = timeout after 15 minutes of inactivity // echo "invalid token or timeout ..."; // var_dump($PHORUM['admin_token'],$GLOBALS["PHORUM"]["user"]['settings_data']['admin_token'],$GLOBALS["PHORUM"]["user"]['settings_data']['admin_token_time'],(time()-PHORUM_ADMIN_TOKEN_TIMEOUT)); $PHORUM['admin_token'] = ""; } if (empty($PHORUM['admin_token'])) { $module = "tokenmissing"; } else { // update the token time phorum_api_user_save_settings(array('admin_token_time' => time())); } } } $module = phorum_hook("admin_pre", $module); ob_start(); if ($module != "help") { include_once "./include/admin/header.php"; } include_once "./include/admin/{$module}.php"; if ($module != "help") { include_once "./include/admin/footer.php"; } ob_end_flush();
/** * This function can be used to delete a user setting that was stored by * the {@link phorum_api_user_save_settings()} function for the active * Phorum user. * * @param string $name * The name of the setting to delete. */ function phorum_api_user_delete_setting($name) { phorum_api_user_save_settings(array($name => NULL)); }
<?php if (!defined('PHORUM') || phorum_page !== 'moderation') { return; } $template = "merge_form"; $PHORUM['DATA']['HEADING'] = $PHORUM['DATA']['LANG']['Moderate'] . ': ' . $PHORUM['DATA']['LANG']['MergeThread']; $PHORUM['DATA']['BREADCRUMBS'][] = array('URL' => NULL, 'TEXT' => $PHORUM['DATA']['HEADING'], 'TYPE' => 'merge'); $PHORUM['DATA']["FORM"]["forum_id"] = $PHORUM["forum_id"]; $PHORUM['DATA']["FORM"]["thread_id"] = $msgthd_id; $PHORUM['DATA']["FORM"]["mod_step"] = PHORUM_DO_THREAD_MERGE; $PHORUM['DATA']['URL']["ACTION"] = phorum_api_url(PHORUM_MODERATION_ACTION_URL); // The moderator selects the target thread to merge to. $merge_t1 = phorum_api_user_get_setting('merge_t1'); $merge_time = phorum_api_user_get_setting('merge_t1_time'); if (!$merge_t1 || !$merge_time || $merge_t1 == $msgthd_id || $merge_time < time() - PHORUM_MODERATE_MERGE_TIME) { // Save moderation info temporarily in the user's settings data. phorum_api_user_save_settings(array('merge_t1' => $msgthd_id, 'merge_t1_time' => time())); $PHORUM['DATA']['FORM']['merge_none'] = TRUE; $message = $PHORUM['DB']->get_message($msgthd_id, 'message_id', TRUE); $PHORUM['DATA']['FORM']['merge_subject1'] = htmlspecialchars($message['subject'], ENT_COMPAT, $PHORUM['DATA']['HCHARSET']); } else { $PHORUM['DATA']['FORM']['merge_t1'] = $merge_t1; $message = $PHORUM['DB']->get_message($merge_t1, 'message_id', true); $PHORUM['DATA']['FORM']['merge_subject1'] = htmlspecialchars($message['subject'], ENT_COMPAT, $PHORUM['DATA']['HCHARSET']); $message = $PHORUM['DB']->get_message($msgthd_id); $PHORUM['DATA']['FORM']['thread_subject'] = htmlspecialchars($message['subject'], ENT_COMPAT, $PHORUM['DATA']['HCHARSET']); }