示例#1
0
     $temp = serialize(array('search_ids' => serialize($search_ids), 'num_hits' => $num_hits, 'sort_by' => $sort_by, 'sort_dir' => $sort_dir, 'show_as' => $show_as, 'search_type' => $search_type));
     $search_id = mt_rand(1, 2147483647);
     $ident = $pun_user['is_guest'] ? get_remote_address() : $pun_user['username'];
     $db->query('INSERT INTO ' . $db->prefix . 'search_cache (id, ident, search_data) VALUES(' . $search_id . ', \'' . $db->escape($ident) . '\', \'' . $db->escape($temp) . '\')') or error('Unable to insert search results', __FILE__, __LINE__, $db->error());
     if ($search_type[0] != 'action') {
         $db->end_transaction();
         $db->close();
         // Redirect the user to the cached result page
         header('Location: search.php?search_id=' . $search_id);
         exit;
     }
 }
 $forum_actions = array();
 // If we're on the new posts search, display a "mark all as read" link
 if (!$pun_user['is_guest'] && $search_type[0] == 'action' && $search_type[1] == 'show_new') {
     $forum_actions[] = '<a href="misc.php?action=markread&amp;csrf_token=' . pun_csrf_token() . '">' . $lang_common['Mark all as read'] . '</a>';
 }
 // Fetch results to display
 if (!empty($search_ids)) {
     switch ($sort_by) {
         case 1:
             $sort_by_sql = $show_as == 'topics' ? 't.poster' : 'p.poster';
             break;
         case 2:
             $sort_by_sql = 't.subject';
             break;
         case 3:
             $sort_by_sql = 't.forum_id';
             break;
         default:
             $sort_by_sql = $show_as == 'topics' ? 't.last_post' : 'p.posted';
示例#2
0
                echo $lang_profile['Instructions'];
                ?>
</p>
			</form>
		</div>
	</div>
<?php 
            } else {
                if ($section == 'personality') {
                    if ($pun_config['o_avatars'] == '0' && $pun_config['o_signatures'] == '0') {
                        message($lang_common['Bad request'], false, '404 Not Found');
                    }
                    $avatar_field = '<span><a href="profile.php?action=upload_avatar&amp;id=' . $id . '">' . $lang_profile['Change avatar'] . '</a></span>';
                    $user_avatar = generate_avatar_markup($id);
                    if ($user_avatar) {
                        $avatar_field .= ' <span><a href="profile.php?action=delete_avatar&amp;id=' . $id . '&amp;csrf_token=' . pun_csrf_token() . '">' . $lang_profile['Delete avatar'] . '</a></span>';
                    } else {
                        $avatar_field = '<span><a href="profile.php?action=upload_avatar&amp;id=' . $id . '">' . $lang_profile['Upload avatar'] . '</a></span>';
                    }
                    if ($user['signature'] != '') {
                        $signature_preview = '<p>' . $lang_profile['Sig preview'] . '</p>' . "\n\t\t\t\t\t\t\t" . '<div class="postsignature postmsg">' . "\n\t\t\t\t\t\t\t\t" . '<hr />' . "\n\t\t\t\t\t\t\t\t" . $parsed_signature . "\n\t\t\t\t\t\t\t" . '</div>' . "\n";
                    } else {
                        $signature_preview = '<p>' . $lang_profile['No sig'] . '</p>' . "\n";
                    }
                    $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section personality']);
                    define('PUN_ACTIVE_PAGE', 'profile');
                    require PUN_ROOT . 'header.php';
                    generate_profile_menu('personality');
                    ?>
	<div class="blockform">
		<h2><span><?php 
示例#3
0
}
$quickpost = false;
if ($pun_config['o_quickpost'] == '1' && ($cur_topic['post_replies'] == '1' || $cur_topic['post_replies'] == '' && $pun_user['g_post_replies'] == '1') && ($cur_topic['closed'] == '0' || $is_admmod)) {
    // Load the post.php language file
    require PUN_ROOT . 'lang/' . $pun_user['language'] . '/post.php';
    $required_fields = array('req_message' => $lang_common['Message']);
    if ($pun_user['is_guest']) {
        $required_fields['req_username'] = $lang_post['Guest name'];
        if ($pun_config['p_force_guest_email'] == '1') {
            $required_fields['req_email'] = $lang_common['Email'];
        }
    }
    $quickpost = true;
}
if (!$pun_user['is_guest'] && $pun_config['o_topic_subscriptions'] == '1') {
    $token_url = '&amp;csrf_token=' . pun_csrf_token();
    if ($cur_topic['is_subscribed']) {
        // I apologize for the variable naming here. It's a mix of subscription and action I guess :-)
        $subscraction = "\t\t" . '<p class="subscribelink clearb"><span>' . $lang_topic['Is subscribed'] . ' - </span><a href="misc.php?action=unsubscribe&amp;tid=' . $id . $token_url . '">' . $lang_topic['Unsubscribe'] . '</a></p>' . "\n";
    } else {
        $subscraction = "\t\t" . '<p class="subscribelink clearb"><a href="misc.php?action=subscribe&amp;tid=' . $id . $token_url . '">' . $lang_topic['Subscribe'] . '</a></p>' . "\n";
    }
} else {
    $subscraction = '';
}
// Add relationship meta tags
$page_head = array();
$page_head['canonical'] = '<link rel="canonical" href="viewtopic.php?id=' . $id . ($p == 1 ? '' : '&amp;p=' . $p) . '" title="' . sprintf($lang_common['Page'], $p) . '" />';
if ($num_pages > 1) {
    if ($p > 1) {
        $page_head['prev'] = '<link rel="prev" href="viewtopic.php?id=' . $id . ($p == 2 ? '' : '&amp;p=' . ($p - 1)) . '" title="' . sprintf($lang_common['Page'], $p - 1) . '" />';
function check_csrf($token)
{
    global $lang_common;
    $is_hash_authorized = pun_hash_equals($token, pun_csrf_token());
    if (!isset($token) || !$is_hash_authorized) {
        message($lang_common['Bad csrf hash'], false, '404 Not Found');
    }
}
示例#5
0
}
if ($pun_config['o_rules'] == '1' && (!$pun_user['is_guest'] || $pun_user['g_read_board'] == '1' || $pun_config['o_regs_allow'] == '1')) {
    $links[] = '<li id="navrules"' . (PUN_ACTIVE_PAGE == 'rules' ? ' class="isactive"' : '') . '><a href="misc.php?action=rules">' . $lang_common['Rules'] . '</a></li>';
}
if ($pun_user['g_read_board'] == '1' && $pun_user['g_search'] == '1') {
    $links[] = '<li id="navsearch"' . (PUN_ACTIVE_PAGE == 'search' ? ' class="isactive"' : '') . '><a href="search.php">' . $lang_common['Search'] . '</a></li>';
}
if ($pun_user['is_guest']) {
    $links[] = '<li id="navregister"' . (PUN_ACTIVE_PAGE == 'register' ? ' class="isactive"' : '') . '><a href="register.php">' . $lang_common['Register'] . '</a></li>';
    $links[] = '<li id="navlogin"' . (PUN_ACTIVE_PAGE == 'login' ? ' class="isactive"' : '') . '><a href="login.php">' . $lang_common['Login'] . '</a></li>';
} else {
    $links[] = '<li id="navprofile"' . (PUN_ACTIVE_PAGE == 'profile' ? ' class="isactive"' : '') . '><a href="profile.php?id=' . $pun_user['id'] . '">' . $lang_common['Profile'] . '</a></li>';
    if ($pun_user['is_admmod']) {
        $links[] = '<li id="navadmin"' . (PUN_ACTIVE_PAGE == 'admin' ? ' class="isactive"' : '') . '><a href="admin_index.php">' . $lang_common['Admin'] . '</a></li>';
    }
    $links[] = '<li id="navlogout"><a href="login.php?action=out&amp;id=' . $pun_user['id'] . '&amp;csrf_token=' . pun_csrf_token() . '">' . $lang_common['Logout'] . '</a></li>';
}
// Are there any additional navlinks we should insert into the array before imploding it?
if ($pun_user['g_read_board'] == '1' && $pun_config['o_additional_navlinks'] != '') {
    if (preg_match_all('%([0-9]+)\\s*=\\s*(.*?)\\n%s', $pun_config['o_additional_navlinks'] . "\n", $extra_links)) {
        // Insert any additional links into the $links array (at the correct index)
        $num_links = count($extra_links[1]);
        for ($i = 0; $i < $num_links; ++$i) {
            array_splice($links, $extra_links[1][$i], 0, array('<li id="navextra' . ($i + 1) . '">' . $extra_links[2][$i] . '</li>'));
        }
    }
}
$tpl_temp = '<div id="brdmenu" class="inbox">' . "\n\t\t\t" . '<ul>' . "\n\t\t\t\t" . implode("\n\t\t\t\t", $links) . "\n\t\t\t" . '</ul>' . "\n\t\t" . '</div>';
$tpl_main = str_replace('<pun_navlinks>', $tpl_temp, $tpl_main);
// END SUBST - <pun_navlinks>
// START SUBST - <pun_status>