function execute(&$action, &$request) { $ret = FALSE; if ($request['event'] == 'dbverify') { push_error_handler(array($this, 'verifyError')); $this->addPostFilter('bb_title', new FARequiredFilter()); $this->addPostFilter('bb_description', new FARequiredFilter()); $this->addPostFilter('dba_driver', new FARequiredFilter()); $this->addPostFilter('dba_name', new FARequiredFilter()); $this->addPostFilter('dba_server', new FARequiredFilter()); $this->addPostFilter('dba_username', new FARequiredFilter()); $this->addPostFilter('dba_password', new FARequiredFilter()); $this->addPostFilter('admin_name', new FARequiredFilter()); $this->addPostFilter('admin_email', new FARequiredFilter()); $this->addPostFilter('admin_pass', new FARequiredFilter()); if ($this->hasFailures()) { print_r($_POST); print_r($this->getFailures()); trigger_error("Missing, or incomplete POST data"); } if (!$this->_error) { // Setup the database info $db_info = array(); $db_info['driver'] = $_POST['dba_driver']; $db_info['database'] = $_POST['dba_name']; $db_info['directory'] = ''; $db_info['server'] = $_POST['dba_server']; $db_info['user'] = $_POST['dba_username']; $db_info['pass'] = $_POST['dba_password']; $ftp_info = array(); $ftp_info['use'] = $_POST['use_ftp']; $ftp_info['user'] = $_POST['ftp_name']; $ftp_info['pass'] = $_POST['ftp_pass']; $dba =& db_connect($db_info); // Check to see if the schema is available $driver = $db_info['driver']; $schema = INSTALLER_BASE_DIR . "/schema/k4.{$driver}.schema"; $request['schema'] = $schema; if (!is_readable($schema)) { trigger_error("Database schema missing for {$driver}", E_USER_ERROR); } // Encrypt the admin pass $_POST['admin_pass'] = md5($_POST['admin_pass']); } if ($this->_error) { $request['template']->setVar('dberror', $this->_error); $action = new DatabaseSetupAction(); echo $this->_error; $ret = TRUE; } else { $request['dba'] =& $dba; $request['db_info'] = $db_info; $request['ftp_info'] = $ftp_info; $action = new ConfigWriterAction(); } pop_error_handler(); } return $ret; }
function execute(&$action, &$request) { global $_CONFIG; push_error_handler('k4_fatal_error'); $dba = db_connect($_CONFIG['dba']); pop_error_handler(); if (false) { $dba =& new K4SqlDebugger($dba); } $request['dba'] =& $dba; // TODO: This should not be needed in the final version $GLOBALS['_DBA'] =& $dba; }
function execute(&$request) { if ($request['user']->isMember() && $request['user']->get('perms') >= ADMIN) { if (!isset($_REQUEST['field']) || $_REQUEST['field'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDUSERFIELD'), 'content', TRUE); return $action->execute($request); } $field = $request['dba']->getRow("SELECT * FROM " . K4PROFILEFIELDS . " WHERE name = '" . $request['dba']->quote($_REQUEST['field']) . "'"); if (!$field || !is_array($field) || empty($field)) { $action = new K4InformationAction(new K4LanguageElement('L_INVALIDUSERFIELD'), 'content', TRUE); return $action->execute($request); } push_error_handler(create_function('', 'return TRUE;')); $ret = $request['dba']->executeQuery("SELECT " . $field['name'] . " FROM " . K4USERINFO . " LIMIT 1"); pop_error_handler(); if ($ret === FALSE) { /* Delete the profile field version of this because obviously it shouldn't exist */ $request['dba']->executeUpdate("DELETE FROM " . K4PROFILEFIELDS . " WHERE name = '" . $request['dba']->quote($field['name']) . "'"); $action = new K4InformationAction(new K4LanguageElement('L_INVALIDUSERFIELD'), 'content', TRUE); return $action->execute($request); } $update = $request['dba']->prepareStatement("UPDATE " . K4PROFILEFIELDS . " SET title=?, description=?, default_value=?, inputtype=?, user_maxlength=?, inputoptions=?, min_perm=?, display_register=?, display_profile=?, display_topic=?, display_post=?, display_memberlist=?, display_image=?, display_size=?, display_rows=?, display_order=?, is_editable=?, is_private=?, is_required=?, special_pcre=? WHERE name=?"); $update->setString(1, @$_REQUEST['title']); $update->setString(2, @$_REQUEST['description']); $update->setString(3, @$_REQUEST['default_value']); $update->setString(4, @$_REQUEST['inputtype']); $update->setInt(5, intval(@$_REQUEST['user_maxlength']) > 0 ? intval(@$_REQUEST['user_maxlength']) : 255); $update->setString(6, isset($_REQUEST['inputoptions']) && @$_REQUEST['inputoptions'] != '' ? serialize(explode('\\n', preg_replace("~(\r|\n|\r\n)~is", "\n", @$_REQUEST['inputoptions']))) : ''); $update->setInt(7, @$_REQUEST['min_perm']); $update->setInt(8, isset($_REQUEST['display_register']) && @$_REQUEST['display_register'] == 'yes' ? 1 : 0); $update->setInt(9, isset($_REQUEST['display_profile']) && @$_REQUEST['display_profile'] == 'yes' ? 1 : 0); $update->setInt(10, isset($_REQUEST['display_topic']) && @$_REQUEST['display_topic'] == 'yes' ? 1 : 0); $update->setInt(11, isset($_REQUEST['display_post']) && @$_REQUEST['display_post'] == 'yes' ? 1 : 0); $update->setInt(12, isset($_REQUEST['display_memberlist']) && @$_REQUEST['display_memberlist'] == 'yes' ? 1 : 0); $update->setString(13, @$_REQUEST['display_image']); $update->setInt(14, @$_REQUEST['display_size']); $update->setInt(15, @$_REQUEST['display_rows']); $update->setInt(16, @$_REQUEST['display_order']); $update->setInt(17, @$_REQUEST['is_editable']); $update->setInt(18, @$_REQUEST['is_private']); $update->setInt(19, @$_REQUEST['is_required']); $update->setString(20, @$_REQUEST['special_pcre']); $update->setString(21, $field['name']); $update->executeUpdate(); reset_cache('profile_fields'); k4_bread_crumbs($request['template'], $request['dba'], 'L_USERPROFILEFIELDS'); $request['template']->setVar('users_on', '_on'); $request['template']->setFile('sidebar_menu', 'menus/users.html'); $action = new K4InformationAction(new K4LanguageElement('L_UPDATEDPROFILEFIELD', $_REQUEST['title']), 'content', FALSE, 'admin.php?act=userfields', 3); return $action->execute($request); } else { no_perms_error($request); } return TRUE; }
$_QUERYPARAMS['pfield'] = ", pf.name AS name, pf.title AS title, pf.description AS description, pf.default_value AS default_value, pf.inputtype AS inputtype, pf.user_maxlength AS user_maxlength, pf.inputoptions AS inputoptions, pf.min_perm AS min_perm, pf.display_register AS display_register, pf.display_profile AS display_profile, pf.display_topic AS display_topic, pf.display_post AS display_post, pf.display_image AS display_image, pf.display_memberlist AS display_memberlist, pf.display_size AS display_size, pf.display_rows AS display_rows, pf.display_order AS display_order, pf.is_editable AS is_editable, pf.is_private AS is_private, pf.is_required AS is_required, pf.special_pcre AS special_pcre "; $_QUERYPARAMS['usersettings'] = ", us.user_id AS user_id, us.language AS language, us.styleset AS styleset, us.imageset AS imageset, us.templateset AS templateset, us.topic_display AS topic_display, us.topic_threaded AS topic_threaded, us.notify_pm AS notify_pm, us.popup_pm AS popup_pm, us.viewflash AS viewflash, us.viewemoticons AS viewemoticons, us.viewsigs AS viewsigs, us.viewavatars AS viewavatars, us.viewimages AS viewimages, us.viewcensors AS viewcensors, us.attachsig AS attachsig, us.attachavatar AS attachavatar, us.topicsperpage AS topicsperpage, us.postsperpage AS postsperpage "; // Filter out all function k4_error_filter(&$error) { if (!$error->type & E_USER_ERROR) { return TRUE; } } // return no error function k4_error_none(&$error) { return TRUE; } /** * Set our error handler */ // This is a stack. The first handler pushed onto the stack // will be the last handler called. There is also no guarantee // that it will even be called because handlers are allowed // to 'handle' the error and thus prevent it from perpetuating // up the stack. push_error_handler('k4_fatal_error'); push_error_handler('k4_error_filter'); /** * Set some super-globals */ $_URL = new FAUrl(current_url()); $_URL->args['nojs'] = isset($_COOKIE['k4_canjs']) && intval($_COOKIE['k4_canjs']) == 1 ? 0 : (isset($_COOKIE['k4_canjs']) ? 1 : 0); $GLOBALS['_URL'] =& $_URL; $GLOBALS['_MAPITEMS'] =& $_MAPITEMS;
function write() { global $_URL, $_SPIDERAGENTS, $_SPIDERS; Logger::write('Writing session...'); if (isset($_SESSION['user'])) { if ($_SESSION['user']->isMember()) { $this->_update_user_stmt->setInt(1, $_SESSION['user']->get('seen')); $this->_update_user_stmt->setInt(2, time()); $this->_update_user_stmt->setString(3, USER_IP); $this->_update_user_stmt->setInt(4, $_SESSION['user']->get('id')); $this->_update_user_stmt->executeUpdate(); Logger::write("\tUpdated [Member] object."); } else { $_SESSION['user']->set('last_seen', $_SESSION['user']->get('seen')); $_SESSION['user']->set('seen', time()); Logger::write("\tUpdated [Guest] object."); } } if ($this->isNew()) { Logger::write("\tThis session is new, writing new session..."); $this->_write_stmt->setString(1, session_id()); $this->_write_stmt->setInt(2, time()); $this->_write_stmt->setString(3, $_SESSION['user']->get('name')); $this->_write_stmt->setInt(4, $_SESSION['user']->get('id')); $this->_write_stmt->setString(5, $_SESSION['user']->get('usergroups')); $this->_write_stmt->setInt(6, $_SESSION['user']->get('invisible')); $this->_write_stmt->setString(7, USER_AGENT); $this->_write_stmt->setString(8, session_encode()); $this->_write_stmt->setString(9, $_URL->file); $this->_write_stmt->setString(10, isset($_REQUEST['act']) ? $_REQUEST['act'] : ''); $this->_write_stmt->setInt(11, isset($_REQUEST['id']) ? $_REQUEST['id'] : 0); $this->_write_stmt->setString(12, USER_IP); push_error_handler('k4_error_none'); if (!@$this->_write_stmt->executeUpdate()) { $this->destroy(); $this->_write_stmt->executeUpdate(); } pop_error_handler('k4_error_none'); Logger::write("\t\tWrote new session."); } else { Logger::write("\tThis session is not new, updating session..."); $this->_update_stmt->setString(1, $_SESSION['user']->get('name')); $this->_update_stmt->setInt(2, $_SESSION['user']->get('id')); $this->_update_stmt->setString(3, $_SESSION['user']->get('usergroups')); $this->_update_stmt->setInt(4, $_SESSION['user']->get('invisible')); $this->_update_stmt->setString(5, session_encode()); $this->_update_stmt->setInt(6, time()); $this->_update_stmt->setString(7, USER_AGENT); $this->_update_stmt->setString(8, $_URL->file); $this->_update_stmt->setString(9, @$_URL->args['act']); $this->_update_stmt->setInt(10, @$_URL->args['id']); $this->_update_stmt->setString(11, session_id()); $this->_update_stmt->setString(12, USER_IP); $this->_update_stmt->executeUpdate(); Logger::write("\t\tUpdated session."); } Logger::write("[Finished page session management]\n\n"); return TRUE; }