public function do_login($redirect, $force_retry = false)
 {
     global $config, $user;
     // If user is already logged in and granted our application, we don't need to redirect him to facebook
     $user_fb_id = $this->client->getUser();
     if (!empty($user_fb_id)) {
         return $this->retrieve_user_basic_data($user_fb_id);
     }
     $confirm = request_get_var('confirm', 0);
     if ($confirm != 1 || $force_retry) {
         // Build the social network return url
         $current_page = extract_current_page(IP_ROOT_PATH);
         $return_url = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://';
         $return_url .= extract_current_hostname() . $current_page['script_path'] . $current_page['page'];
         $return_url .= (strpos($return_url, '?') ? '&' : '?') . 'redirect=' . $redirect . '&confirm=1';
         $return_url .= !empty($_GET['admin']) ? '&admin=1' : '';
         $params = array('scope' => $this->scope, 'redirect_uri' => $return_url);
         $login_url = $this->client->getLoginUrl($params);
         header('Location: ' . $login_url);
         exit;
     } else {
         $token = '';
         $user_fb_data = array();
         try {
             $token = $this->client->getAccessToken();
             $user_fb_data = $this->client->api('/me');
         } catch (OAuthException $e) {
             // Retry on failure
             return $this->do_login(true);
         }
         return $this->retrieve_user_id($user_fb_data['id']);
     }
 }
 function setupConfig()
 {
     global $config, $db, $status_message, $lang;
     $configList = array('aprvmArchive', 'aprvmVersion', 'aprvmView', 'aprvmRows', 'aprvmIP');
     $configLangs = array('aprvmArchive' => $lang['Archive_Feature'], 'aprvmVersion' => $lang['Version'], 'aprvmView' => $lang['PM_View_Type'], 'aprvmRows' => $lang['Rows_Per_Page'], 'aprvmIP' => $lang['Show_IP']);
     $configDefaults = array('0', $this->modVersion, '0', '25', '1');
     //off, version, inline, 25, yes
     //Check for an update config command
     //Also do an array check to make sure our config is in our config list array to update
     $config_name = request_get_var('config_name', '');
     $config_value = request_get_var('config_value', '');
     if (!empty($config_name) && in_array($config_name, $configList)) {
         set_config($config_name, $config_value);
         $status_message .= sprintf($lang['Updated_Config'], $configLangs[$config_name]);
     }
     //Loop through and see if a config name is set, if not set up a default
     foreach ($configList as $num => $val) {
         if (!isset($config[$val])) {
             set_config($val, $configDefaults[$num]);
             $status_message .= sprintf($lang['Inserted_Default_Value'], $configLangs[$val]);
         }
     }
     //If archive is enabled, check to see if the archive table exists
     if ($config['aprvmArchive']) {
         $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . $this->archiveText;
         $db->sql_return_on_error(true);
         $result = $db->sql_query($sql);
         $db->sql_return_on_error(false);
         if (!$result) {
             //Cheap way for checking if the archive table exists
             $errorMessage = $db->sql_error();
             if (strpos($errorMessage['message'], 'exist') !== false) {
                 $this->doArchiveTable();
             }
         }
     }
     //Check to see if board_config has the right version we are running
     if ($config['aprvmVersion'] != $this->modVersion) {
         $sql = 'UPDATE ' . CONFIG_TABLE . "\n\t\t\t\t\tset config_value = '{$this->modVersion}'\n\t\t\t\t\tWHERE config_name = 'aprvmVersion'";
         $db->sql_query($sql);
         $config['aprvmVersion'] = $this->modVersion;
         $status_message .= sprintf($lang['Updated_Config'], $configLangs['aprvmVersion']);
     }
 }
示例#3
0
$redirect = request_var('redirect', '', true);
$redirect_url = (!empty($redirect) ? urldecode(str_replace(array('&', '?', PHP_EXT . '&'), array('&', '&', PHP_EXT . '?'), $redirect)) : CMS_LOGIN_REDIRECT_PAGE);

if (strstr($redirect_url, "\n") || strstr($redirect_url, "\r") || strstr($redirect_url, ';url'))
{
	message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}

$available_networks = array();
if ($config['enable_social_connect'])
{
	include_once(IP_ROOT_PATH . 'includes/class_social_connect.' . PHP_EXT);
	$available_networks = SocialConnect::get_available_networks();

	$login_admin = request_get_var('admin', 0);

	$social_network = request_var('social_network', '');
	$social_network_link = request_var('social_network_link', '');
	// Logging in via social network
	if (!empty($social_network) && !empty($available_networks[$social_network]))
	{
		$social_network = $available_networks[$social_network];
		$user_data = $social_network->do_login($return_url);

		if ($user_data !== null && $user_data['user_id'] > 0)
		{
			$admin = ($login_admin == 1 && $user_data['user_level'] == ADMIN) ? 1 : 0;
			$user->session_create($user_data['user_id'], $admin, 1, 1);

			$redirect_url = empty($redirect_url) ? CMS_LOGIN_REDIRECT_PAGE : $redirect_url;
function show_coppa()
{
    global $config, $user, $template, $lang;
    // Load the appropriate Rules file
    $lang_file = 'lang_rules';
    $l_title = $lang['BoardRules'];
    // Include the rules settings
    setup_extra_lang(array($lang_file));
    //
    // Pull the array data from the lang pack
    //
    $j = 0;
    $counter = 0;
    $counter_2 = 0;
    $rules_block = array();
    $rules_block_titles = array();
    for ($i = 0; $i < sizeof($rules); $i++) {
        if ($rules[$i][0] != '--') {
            $rules_block[$j][$counter]['id'] = $counter_2;
            $rules_block[$j][$counter]['question'] = $rules[$i][0];
            $rules_block[$j][$counter]['answer'] = $rules[$i][1];
            $counter++;
            $counter_2++;
        } else {
            $j = $counter != 0 ? $j + 1 : 0;
            $rules_block_titles[$j] = $rules[$i][1];
            $counter = 0;
        }
    }
    $template->set_filenames(array('body' => 'agreement.tpl'));
    if (!function_exists('language_select')) {
        @(include_once IP_ROOT_PATH . 'includes/functions_selects.' . PHP_EXT);
    }
    $available_networks = array();
    $social_connect_append = '';
    $social_network = request_get_var('social_network', '');
    if ($config['enable_social_connect']) {
        include_once IP_ROOT_PATH . 'includes/class_social_connect.' . PHP_EXT;
        $available_networks = SocialConnect::get_available_networks();
        $login_admin = request_get_var('admin', 0);
        $redirect_url = CMS_LOGIN_REDIRECT_PAGE;
        $template->assign_var('SOCIAL_CONNECT', true);
        foreach ($available_networks as $social_network_item) {
            $template->assign_block_vars('social_connect_button', array('L_SOCIAL_CONNECT' => sprintf($lang['SOCIAL_CONNECT_LOGIN'], $social_network_item->get_name()), 'U_SOCIAL_CONNECT' => append_sid(CMS_PAGE_LOGIN . '?social_network=' . $social_network_item->get_name_clean() . '&redirect=' . urlencode($redirect_url) . '&admin=' . $login_admin), 'IMG_SOCIAL_CONNECT' => '<img src="' . IP_ROOT_PATH . 'images/social_connect/' . $social_network_item->get_name_clean() . '_button_connect.png" alt="" title="" />'));
        }
        if (!empty($social_network)) {
            if (!empty($available_networks[$social_network])) {
                $social_connect_append = '&amp;social_network=' . $social_network;
            }
        }
    }
    $template->assign_vars(array('L_PAGE_TITLE' => $lang['Registration'], 'REGISTRATION' => $lang['Registration'], 'AGREEMENT' => $lang['Reg_agreement'], 'L_AGREEMENT' => $lang['Agreement'], 'L_PRIVACY_DISCLAIMER' => $lang['PrivacyDisclaimer'], 'AGREE_OVER_13' => $lang['Agree_over_13'], 'AGREE_UNDER_13' => $lang['Agree_under_13'], 'DO_NOT_AGREE' => $lang['Agree_not'], 'AGREE_CHECKBOX' => $lang['Agree_checkbox'], 'S_LANG_CHANGE_ACTION' => append_sid(CMS_PAGE_PROFILE . '?mode=register' . $social_connect_append), 'LANGUAGE_SELECT' => language_select('l', $config['default_lang']), 'L_RULES_TITLE' => $l_title, 'L_BACK_TO_TOP' => $lang['Back_to_top'], 'S_AGREE_ACTION' => append_sid(CMS_PAGE_PROFILE . '?mode=register&amp;agreed=true' . $social_connect_append), 'U_AGREE_OVER13' => append_sid(CMS_PAGE_PROFILE . '?mode=register&amp;agreed=true' . $social_connect_append), 'U_AGREE_UNDER13' => append_sid(CMS_PAGE_PROFILE . '?mode=register&amp;agreed=true&amp;coppa=true' . $social_connect_append)));
    for ($i = 0; $i < sizeof($rules_block); $i++) {
        if (sizeof($rules_block[$i])) {
            $template->assign_block_vars('rules_block', array('BLOCK_TITLE' => $rules_block_titles[$i]));
            $template->assign_block_vars('rules_block_link', array('BLOCK_TITLE' => $rules_block_titles[$i]));
            for ($j = 0; $j < sizeof($rules_block[$i]); $j++) {
                $row_class = !($j % 2) ? $theme['td_class1'] : $theme['td_class2'];
                $template->assign_block_vars('rules_block.rules_row', array('ROW_CLASS' => $row_class, 'RULES_QUESTION' => $rules_block[$i][$j]['question'], 'RULES_ANSWER' => $rules_block[$i][$j]['answer'], 'U_RULES_ID' => $rules_block[$i][$j]['id']));
                $template->assign_block_vars('rules_block_link.rules_row_link', array('ROW_CLASS' => $row_class, 'RULES_LINK' => $rules_block[$i][$j]['question'], 'U_RULES_LINK' => '#' . $rules_block[$i][$j]['id']));
            }
        }
    }
    $template->pparse('body');
}
示例#5
0
 if ($option == 'select' && isset($_POST['insert_position'])) {
     set_config('smilies_insert', $insert_position);
     $cache->destroy('_smileys');
     $db->clear_cache('smileys_');
 }
 if ($config['smilies_insert'] == TOP_LIST) {
     $pos_top_checked = ' selected="selected"';
     $pos_bot_checked = '';
 } else {
     $pos_top_checked = '';
     $pos_bot_checked = ' selected="selected"';
 }
 $position_select = '<select name="insert_position"><option value="' . TOP_LIST . '"' . $pos_top_checked . '>' . $lang['before'] . '</option><option value="' . BOTTOM_LIST . '"' . $pos_bot_checked . '>' . $lang['after'] . '</option></select>';
 $move = request_get_var('move', '');
 $send = request_get_var('send', '');
 $id = request_get_var('id', 0);
 if (isset($_GET['move']) && isset($_GET['id'])) {
     $moveit = $move == 'up' ? -15 : 15;
     $sql = "UPDATE " . SMILIES_TABLE . "\n\t\t\tSET smilies_order = smilies_order + {$moveit}\n\t\t\tWHERE smilies_id = " . $id;
     $result = $db->sql_query($sql);
     $i = 10;
     $inc = 10;
     $sql = "SELECT *\n\t\t\tFROM " . SMILIES_TABLE . "\n\t\t\tORDER BY smilies_order";
     $result = $db->sql_query($sql);
     while ($row = $db->sql_fetchrow($result)) {
         if ($row['smilies_order'] != $i) {
             $sql = "UPDATE " . SMILIES_TABLE . "\n\t\t\t\t\tSET smilies_order = {$i}\n\t\t\t\t\tWHERE smilies_id = " . $row['smilies_id'];
             $db->sql_query($sql);
         }
         $i += $inc;
     }
示例#6
0
* @version $Id$
* @copyright (c) 2008 Icy Phoenix
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
define('IN_ICYPHOENIX', true);
if (!defined('IP_ROOT_PATH')) {
    define('IP_ROOT_PATH', './');
}
if (!defined('PHP_EXT')) {
    define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
}
include IP_ROOT_PATH . 'common.' . PHP_EXT;
include IP_ROOT_PATH . 'includes/functions_validate.' . PHP_EXT;
$mode = request_get_var('mode', '');
$verify = request_get_var('verify', '', true);
if ($mode == 'username') {
    $result_validation = validate_username($verify);
    if ($result_validation['error']) {
        echo '1';
    } else {
        echo '2';
    }
} elseif ($mode == 'password') {
    $result_validation = validate_password($verify);
    if ($result_validation['error']) {
        echo '1';
    } else {
        echo '2';
    }
} elseif ($mode == 'email') {
示例#7
0
 $cms_page_id_tmp = 'ajax_chat_archive';
 $cms_page['page_nav'] = isset($cms_page['page_nav']) ? $cms_page['page_nav'] : true;
 $cms_page['global_blocks'] = isset($cms_page['global_blocks']) ? $cms_page['global_blocks'] : false;
 $cms_auth_level_tmp = isset($cms_config_layouts[$cms_page_id_tmp]['view']) ? $cms_config_layouts[$cms_page_id_tmp]['view'] : AUTH_ALL;
 check_page_auth($cms_page_id_tmp, $cms_auth_level_tmp);
 $breadcrumbs['bottom_right_links'] = ($ajax_chat_link == true ? '<a href="' . append_sid('ajax_chat.' . PHP_EXT) . '">' . $lang['Ajax_Chat'] . '</a>&nbsp;' . MENU_SEP_CHAR . '&nbsp;' : '') . '<a href="' . append_sid('ajax_chat.' . PHP_EXT . '?mode=archive') . '">' . $lang['Ajax_Archive'] . '</a>';
 $template_to_parse = 'ajax_chat_archive.tpl';
 include_once IP_ROOT_PATH . 'includes/functions_ajax_chat.' . PHP_EXT;
 // Include Post functions and BBCodes
 include_once IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT;
 include_once IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT;
 // Make Pagination and collect some extra data
 $sql = "SELECT COUNT(s.shout_id) as stored_shouts, MAX(s.shout_id) as total_shouts\n\t\t\t\t\tFROM " . AJAX_SHOUTBOX_TABLE . " s " . (!empty($chat_room_all) ? "" : " WHERE " . $chat_room_sql);
 $result = $db->sql_query($sql);
 $num_items = $db->sql_fetchrow($result);
 $start = request_get_var('start', 0);
 $start = $start < 0 ? 0 : $start;
 $template->assign_vars(array('PAGINATION' => generate_pagination('ajax_chat.' . PHP_EXT . '?mode=archive&amp;chat_room=' . $chat_room, $num_items['stored_shouts'], $config['posts_per_page'], $start)));
 // Get my shouts
 $sql = "SELECT COUNT(s.shout_id) as count\n\t\t\tFROM " . AJAX_SHOUTBOX_TABLE . " s\n\t\t\tWHERE s.user_id = " . $user->data['user_id'] . (!empty($chat_room_all) ? "" : " AND " . $chat_room_sql);
 $result = $db->sql_query($sql);
 $myshouts = $db->sql_fetchrow($result);
 // Get the shouts count for the last 24 hours
 $yesterday = time() - 24 * 60 * 60;
 $sql = "SELECT COUNT(s.shout_id) as count\n\t\t\tFROM " . AJAX_SHOUTBOX_TABLE . " s\n\t\t\tWHERE s.shout_time >= " . $yesterday . (!empty($chat_room_all) ? "" : " AND " . $chat_room_sql);
 $result = $db->sql_query($sql);
 $today = $db->sql_fetchrow($result);
 $template->assign_vars(array('L_PAGE_TITLE' => $lang['Ajax_Archive'], 'L_AUTHOR' => $lang['Author'], 'L_SHOUTS' => $lang['Shouts'], 'L_STATS' => $lang['Statistics'], 'L_ARCHIVE' => $lang['Ajax_Archive'], 'L_CONFIRM' => $lang['Confirm_delete_pm'], 'L_UNABLE' => $lang['Shoutbox_unable'], 'L_TIMEOUT' => $lang['Shoutbox_timeout'], 'TOTAL_SHOUTS' => $num_items['total_shouts'], 'L_TOTAL_SHOUTS' => $lang['Total_shouts'], 'STORED_SHOUTS' => $num_items['stored_shouts'], 'L_STORED_SHOUTS' => $lang['Stored_shouts'], 'MY_SHOUTS' => $myshouts['count'], 'L_MY_SHOUTS' => $lang['My_shouts'], 'TODAY_SHOUTS' => $today['count'], 'L_TODAY_SHOUTS' => $lang['Today_shouts'], 'L_POSTED' => $lang['Posted'], 'L_WIO' => $lang['Who_is_Chatting'], 'L_GUESTS' => $lang['Online_guests'], 'L_TOTAL' => $lang['Online_total'], 'L_USERS' => $lang['Online_registered'], 'L_TOP_SHOUTERS' => $lang['Top_Ten_Shouters'], 'L_SHOUTBOX_ONLINE_EXPLAIN' => $lang['Shoutbox_online_explain'], 'L_SHOUT_PREFIX' => 'shout_', 'L_USER_PREFIX' => 'user_', 'L_ROOM_PREFIX' => 'room_', 'PRIVATE_USERS' => '{ }'));
 $template->assign_block_vars('view_shoutbox', array('REFRESH_TIME' => (int) $config['ajax_chat_msgs_refresh'] * 1000, 'RESPONSE_TYPE' => $response_type, 'CHAT_ROOM' => $chat_room, 'UPDATE_MODE' => 'archive', 'U_ACTION' => append_sid(IP_ROOT_PATH . CMS_PAGE_AJAX_SHOUTBOX)));
 $admin_mode = false;
 if ($user->data['user_level'] == ADMIN) {
示例#8
0
include IP_ROOT_PATH . 'common.' . PHP_EXT;
$config['jquery_ui'] = true;
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();
// End session management
// FORM CLASS - BEGIN
include IP_ROOT_PATH . 'includes/class_form.' . PHP_EXT;
$class_form = new class_form();
// FORM CLASS - END
include_once IP_ROOT_PATH . 'includes/functions_jr_admin.' . PHP_EXT;
if (!$user->data['session_logged_in']) {
    $redirect_append = '?redirect=' . urlencode(ADM . '/' . 'index.' . PHP_EXT) . '&admin=1';
    redirect(append_sid(IP_ROOT_PATH . CMS_PAGE_LOGIN . $redirect_append, true));
} elseif (!jr_admin_secure(basename($_SERVER['REQUEST_URI']))) {
    message_die(GENERAL_ERROR, $lang['Error_Module_ID'], '', __LINE__, __FILE__);
}
$session_id = request_get_var('sid', '');
if ($session_id != $user->data['session_id']) {
    redirect('index.' . PHP_EXT . '?sid=' . $user->data['session_id']);
}
if (empty($user->data['session_admin'])) {
    $redirect_append = '?redirect=' . urlencode(ADM . '/' . 'index.' . PHP_EXT) . '&admin=1';
    redirect(append_sid(IP_ROOT_PATH . CMS_PAGE_LOGIN . $redirect_append, true));
}
include_once IP_ROOT_PATH . 'includes/functions_admin_phpbb3.' . PHP_EXT;
if (empty($no_page_header)) {
    // Not including the pageheader can be neccesarry if META tags are needed in the calling script.
    include 'page_header_admin.' . PHP_EXT;
}
示例#9
0
     $xs_news_dateformat_select .= '</select>';
     $xs_news_dateformat_select = str_replace("value=\"" . $new['xs_news_dateformat'] . "\">", "value=\"" . $new['xs_news_dateformat'] . "\" selected=\"selected\">&raquo;", $xs_news_dateformat_select);
     $template->set_filenames(array('body' => XS_TPL_PATH . 'news_config_body.tpl'));
     $s_hidden_fields = '<input type="hidden" name="mode" value="' . $newmode . '" />';
     $template->assign_vars(array('S_FORUM_ACTION' => append_sid('admin_xs_news.' . PHP_EXT), 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_SUBMIT_VALUE' => $buttonvalue, 'L_PAGE_TITLE' => $lang['n_config_title'], 'L_PAGE_TITLE_EXPLAIN' => $lang['n_config_title_explain'], 'L_NEWS_SETTINGS' => $l_title, 'L_XS_NEWS_SETTINGS' => $lang['xs_news_settings'], 'L_XS_SHOW_NEWS' => $lang['xs_news_show'], 'L_XS_NEWS_DATEFORMAT' => $lang['xs_news_dateformat'], 'L_XS_SHOW_TICKER' => $lang['xs_news_show_ticker'], 'L_XS_SHOW_TICKER_EXPLAIN' => $lang['xs_news_show_ticker_explain'], 'L_XS_SHOW_TICKER_SUBTITLE' => $lang['xs_news_show_ticker_subtitle'], 'L_XS_SHOW_TICKER_SUBTITLE_EXPLAIN' => $lang['xs_news_show_ticker_subtitle_explain'], 'L_XS_SHOW_NEWS_SUBTITLE' => $lang['xs_news_show_news_subtitle'], 'L_XS_SHOW_NEWS_SUBTITLE_EXPLAIN' => $lang['xs_news_show_news_subtitle_explain'], 'XS_NEWS_DATEFORMAT' => $xs_news_dateformat_select, 'XS_SHOWNEWS_YES' => $show_xs_news_yes, 'XS_SHOWNEWS_NO' => $show_xs_news_no, 'XS_SHOWTICKER_YES' => $show_xs_ticker_yes, 'XS_SHOWTICKER_NO' => $show_xs_ticker_no, 'XS_SHOWTICKER_SUBT_YES' => $show_xs_ticker_subtitle_yes, 'XS_SHOWTICKER_SUBT_NO' => $show_xs_ticker_subtitle_no, 'XS_SHOWNEWS_SUBT_YES' => $show_xs_news_subtitle_yes, 'XS_SHOWNEWS_SUBT_NO' => $show_xs_news_subtitle_no));
     $template->pparse('body');
     break;
 case 'addnews':
 case 'editnews':
     // Show form to create/modify a news item
     if ($mode == 'editnews') {
         // $newmode determines if we are going to INSERT or UPDATE after posting?
         $l_title = $lang['n_edit_header'];
         $newmode = 'modnews';
         $buttonvalue = $lang['Update'];
         $news_id = request_get_var('id', 0);
         $row = xsm_get_info('news', $news_id);
         $news_id = $row['news_id'];
         $news_date = create_date($date_format_ae, $row['news_date'], $config['board_timezone']);
         $news_item = xsm_unprepare_message($row['news_text']);
         $news_display_yes = $row['news_display'] ? 'checked="checked"' : '';
         $news_display_no = !$row['news_display'] ? 'checked="checked"' : '';
         $news_smilies_yes = $row['news_smilies'] ? 'checked="checked"' : '';
         $news_smilies_no = !$row['news_smilies'] ? 'checked="checked"' : '';
     } else {
         $l_title = $lang['n_add_header'];
         $newmode = 'createnews';
         $buttonvalue = $lang['n_create_item'];
         $news_date = create_date($date_format_ae, time(), $config['board_timezone']);
         $news_item = '';
         $news_display_yes = 'checked="checked"';
示例#10
0
     $menu_item_id_list = build_menu_item_id_list($m_id);
     $m_count = sizeof($menu_item_id_list);
     for ($i = 0; $i < $m_count; $i++) {
         $m_active = empty($menu_upd) ? 0 : (in_array($menu_item_id_list[$i], $menu_upd) ? 1 : 0);
         $sql = "UPDATE " . CMS_NAV_MENU_TABLE . "\n\t\t\t\t\t\t\t\tSET menu_status = '" . $m_active . "'\n\t\t\t\t\t\t\t\tWHERE menu_item_id = '" . $menu_item_id_list[$i] . "'";
         $result = $db->sql_query($sql);
     }
     $message = '<br /><br />' . $lang['Menu_updated'] . '<br /><br />' . sprintf($lang['Click_Return_CMS_Menu'], '<a href="' . append_sid('cms_menu.' . PHP_EXT . '?mode=menu_block&amp;m_id=' . $m_id) . '">', '</a>') . '<br />';
     message_die(GENERAL_MESSAGE, $message);
 }
 $move = isset($_GET['move']) ? $_GET['move'] : -1;
 if ($move == '0' || $move == '1') {
     if ($item_type == 'category_item') {
         change_cat_order($mi_id, $m_id, $move);
     } else {
         $cat_parent_id = request_get_var('cat_parent_id', 0);
         if ($cat_parent_id != 0) {
             change_item_order($mi_id, $cat_parent_id, $m_id, $move);
         }
     }
 }
 $sql = "SELECT * FROM " . CMS_NAV_MENU_TABLE . "\n\t\t\t\t\t\tWHERE menu_parent_id = '" . $m_id . "'\n\t\t\t\t\t\tORDER BY cat_parent_id ASC, menu_order ASC";
 $result = $db->sql_query($sql);
 $template_to_parse = CMS_TPL . 'cms_menu_block_list_body.tpl';
 $template->assign_var('CMS_PAGE_TITLE', $lang['CMS_MENU_PAGE']);
 $menu_cat = array();
 $cat_item = array();
 $menu_item = array();
 $cat_item_parsed = false;
 $menu_item_parsed = false;
 while ($menu_item = $db->sql_fetchrow($result)) {
$mode = check_var_value($mode, array('pack', 'key'), '');
$level = request_var('level', 'normal');
$level = check_var_value($level, array('normal', 'admin'));
// pack file
$pack_file = request_post_var('pack_file', '');
$pack_file = empty($pack_file) ? request_get_var('pack', '') : $pack_file;
$pack_file = urldecode($pack_file);
if (!isset($packs[$pack_file])) {
    $pack_file = '';
    $mode = '';
}
// keys
$key_main = request_post_var('key_main', '');
$key_main = empty($key_main) ? request_get_var('key', '') : $key_main;
$key_sub = request_post_var('key_sub', '');
$key_sub = empty($key_sub) ? request_get_var('sub', '') : $key_sub;
if (empty($key_main)) {
    $key_sub = '';
}
if (!isset($entries['admin'][$key_main][$key_sub])) {
    $key_main = '';
    $key_sub = '';
}
// buttons
$submit = isset($_POST['submit']);
$delete = isset($_POST['delete']);
$cancel = isset($_POST['cancel']);
$add = isset($_POST['add']);
if ($add || $delete) {
    $mode = 'key';
}
示例#12
0
{
	$kb_mode = true;
	$kb_mode_append = '&amp;kb=on';
	$kb_mode_append_red = '&kb=on';
}

$download = request_get_var('download', '');

if (empty($topic_id) && empty($post_id))
{
	if (!defined('STATUS_404')) define('STATUS_404', true);
	message_die(GENERAL_MESSAGE, 'NO_TOPIC');
}

// Find topic id if user requested a newer or older topic
$view = request_get_var('view', '');
if (!empty($view) && empty($post_id))
{
	if ($view == 'newest')
	{
		if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || !empty($sid))
		{
			$session_id = isset($_COOKIE[$config['cookie_name'] . '_sid']) ? $_COOKIE[$config['cookie_name'] . '_sid'] : $sid;
			if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
			{
				$session_id = '';
			}

			if ($session_id)
			{
				$sql = "SELECT p.post_id
示例#13
0
    $batchwait = request_post_var('batchwait', $def_wait);
    $mass_pm = request_var('mass_pm', 0);
    $email_format = request_var('email_format', 0);
    $group_id = request_var(POST_GROUPS_URL, 0);
    $mail_session_id = md5(uniqid(''));
    $sql = "INSERT INTO " . MEGAMAIL_TABLE . " (mailsession_id, mass_pm, user_id, group_id, email_subject, email_body, email_format, batch_start, batch_size, batch_wait, status)\n\t\t\tVALUES ('" . $mail_session_id . "', " . $mass_pm . ", " . $user->data['user_id'] . ", " . $group_id . ", '" . $db->sql_escape($subject) . "', '" . $db->sql_escape($message) . "', " . $email_format . ", 0, " . $batchsize . "," . $batchwait . ", 0)";
    $result = $db->sql_query($sql);
    $mail_id = $db->sql_nextid();
    $url = append_sid('admin_megamail.' . PHP_EXT . '?mail_id=' . $mail_id . '&amp;mail_session_id=' . $mail_session_id);
    $redirect_url = ADM . '/' . $url;
    meta_refresh($batchwait, $redirect_url);
    $message = sprintf($lang['megamail_created_message'], '<a href="' . $url . '">', '</a>');
    message_die(GENERAL_MESSAGE, $message);
}
$mail_id = request_get_var('mail_id', 0);
$mail_session_id = request_get_var('mail_session_id', '');
if (!empty($mail_id) && !empty($mail_session_id)) {
    @ignore_user_abort(true);
    // Let's see if that session exists
    $sql = "SELECT *\n\t\t\tFROM " . MEGAMAIL_TABLE . "\n\t\t\tWHERE mail_id = '" . $mail_id . "'\n\t\t\t\tAND mailsession_id LIKE '" . $db->sql_escape($mail_session_id) . "'";
    $result = $db->sql_query($sql);
    $mail_data = $db->sql_fetchrow($result);
    if (!$mail_data) {
        message_die(GENERAL_MESSAGE, 'Mail ID and Mail Session ID do not match.', '', __LINE__, __FILE__, $sql);
    }
    //Ok, the session exists
    $subject = $mail_data['email_subject'];
    $message = $mail_data['email_body'];
    // Store the clean version of the message for PM
    $pm_message = $message;
    $group_id = $mail_data['group_id'];
示例#14
0
if (!defined('IN_ICYPHOENIX')) {
    die('Hacking attempt');
}
$var_menu = request_get_var('menu', 0);
$var_menu_id = request_post_var('menu_id', 0);
$menu_id = 0;
if (!empty($var_menu) || !empty($var_menu_id)) {
    $menu_id = !empty($var_menu_id) ? $var_menu_id : $var_menu;
}
$var_mod = request_get_var('mod', 0);
$var_mod_id = request_post_var('mod_id', 0);
$mod_id = 0;
if (!empty($var_mod) || !empty($var_mod_id)) {
    $mod_id = !empty($var_mod_id) ? $var_mod_id : $var_mod;
}
$var_sub = request_get_var('msub', 0);
$var_sub_id = request_post_var('sub_id', 0);
$sub_id = 0;
if (!empty($var_sub) || !empty($var_sub_id)) {
    $sub_id = !empty($var_sub_id) ? $var_sub_id : $var_sub;
}
$settings_modules_array = $class_settings->process_settings_modules($acp_modules, true, false);
// fix menu id
if ($menu_id > sizeof($settings_modules_array['menu_keys'])) {
    $menu_id = 0;
}
// fix mod id
if ($mod_id > sizeof($settings_modules_array['mod_keys'][$menu_id])) {
    $mod_id = 0;
}
// fix sub id
示例#15
0
* @copyright (c) 2008 Icy Phoenix
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
/**
*
* @Extra credits for this file
* AmigaLink
*
*/
if (!defined('IN_ICYPHOENIX')) {
    die('Hacking attempt');
    exit;
}
// Do we have an id? No, then just exit
$confirm_id = request_get_var('confirm_id', '');
if (empty($confirm_id)) {
    exit;
}
// Define available charset
$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
if (!defined('CAPTCHA_FONTS_PATH')) {
    define('CAPTCHA_FONTS_PATH', 'images/fonts/');
}
if (!defined('CAPTCHA_PICS_PATH')) {
    define('CAPTCHA_PICS_PATH', 'images/pics/');
}
//if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id))
if (!preg_match('/^[[:alnum:]]+$/', $confirm_id)) {
    $confirm_id = '';
}
示例#16
0
        }
        if ($link_id) {
            $sql = "UPDATE " . AUTOLINKS . "\n\t\t\t\tSET link_keyword = '" . $db->sql_escape($keyword) . "', link_title = '" . $db->sql_escape($title) . "', link_url = '" . $db->sql_escape($url) . "', link_comment = '" . $db->sql_escape($comment) . "', link_style = '" . $db->sql_escape($style) . "', link_forum = '" . $forum . "', link_int = '" . $internal . "'\n\t\t\t\tWHERE link_id = " . $link_id;
            $message = $lang['Autolink_updated'];
        } else {
            $sql = "INSERT INTO " . AUTOLINKS . " (link_keyword, link_title, link_url, link_comment, link_style, link_forum, link_int)\n\t\t\t\tVALUES ('" . $db->sql_escape($keyword) . "', '" . $db->sql_escape($title) . "', '" . $db->sql_escape($url) . "', '" . $db->sql_escape($comment) . "', '" . $db->sql_escape($style) . "', {$forum}, {$internal})";
            $message = $lang['Autolink_added'];
        }
        $result = $db->sql_query($sql);
        $db->clear_cache('autolinks_', TOPICS_CACHE_FOLDER);
        $message .= '<br /><br />' . sprintf($lang['Click_return_autolinkadmin'], '<a href="' . append_sid('admin_autolinks.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
        message_die(GENERAL_MESSAGE, $message);
    }
} else {
    $link_id_edit = request_get_var('id', 0);
    $forum_id = request_get_var('forum_id', 0);
    $template->set_filenames(array('body' => ADM_TPL . 'autolinks_body.tpl'));
    $sql = "SELECT forum_id, forum_name\n\t\tFROM " . FORUMS_TABLE . "\n\t\tWHERE forum_type = " . FORUM_POST . "\n\t\tORDER BY parent_id, forum_order ASC";
    $result = $db->sql_query($sql);
    $forum_ids = array();
    $forum_names = array();
    $forum_ids[0] = '0';
    $forum_names[0] = $lang['Select_all_forums'];
    while ($row = $db->sql_fetchrow($result)) {
        $forum_ids[] = $row['forum_id'];
        $forum_names[] = $row['forum_name'];
    }
    $forum_list = '<select name="link_forum"><option value="0">' . $lang['Select_a_Forum'] . '</option>';
    $forum_list .= '<option value="0">&nbsp;</option>';
    if ($link_id_edit) {
        $sql = "SELECT *\n\t\t\tFROM " . AUTOLINKS . "\n\t\t\tWHERE link_id = " . $link_id_edit;
示例#17
0
function jr_admin_secure($file)
{
    global $db, $user, $lang;
    /* Debugging in this function causes changes to the way ADMIN users are interpreted. You are warned */
    $debug = false;
    // We need this for regular expressions... to avoid errors!!!
    $phpEx = PHP_EXT;
    $jr_admin_userdata = jr_admin_get_user_info($user->data['user_id']);
    $selected_module = request_get_var('module', '');
    $sid = request_var('sid', '');
    if ($debug) {
        if (!preg_match("/^index.{$phpEx}/", $file)) {
            print '<pre><span class="gen"><span class="text_red">DEBUG - File Accessed - ';
            print $file;
            print '</pre></span></span><br />';
        }
    }
    if ($user->data['user_level'] == ADMIN && !$debug) {
        //Admin always has access
        return true;
    } elseif (empty($jr_admin_userdata['user_jr_admin'])) {
        //This user has no modules and no business being here
        return false;
    } elseif (preg_match("/^index.{$phpEx}/", $file)) {
        //We are at the index file, which is already secure pretty much
        return true;
    } elseif (!empty($selected_module) && in_array($selected_module, explode(EXPLODE_SEPARATOR_CHAR, $jr_admin_userdata['user_jr_admin']))) {
        //The user has access for sure by module_id security from GET vars only
        return true;
    } elseif (!!empty($selected_module) && sizeof($_POST)) {
        //This user likely entered a post form, so let's use some checking logic
        //to make sure they are doing it from where they should be!
        //Get the filename without any arguments
        $file = preg_replace("/\\?.+=.*\$/", '', $file);
        //Return the check to make sure the user has access to what they are submitting
        return jr_admin_check_file_hashes($file);
    } elseif (!!empty($selected_module) && !empty($sid)) {
        //This user has clicked on a url that specified items
        if ($sid != $user->data['session_id']) {
            return false;
        } else {
            //Get the filename without any arguments
            $file = preg_replace("/\\?.+=.*\$/", '', $file);
            //Return the check to make sure the user has access to what they are submitting
            return jr_admin_check_file_hashes($file);
        }
    } else {
        //Something came up that shouldn't have!
        return false;
    }
}
示例#18
0
             while ($file = @readdir($dir)) {
                 if (!is_file(@phpbb_realpath(IP_ROOT_PATH . 'templates/' . $file)) && !is_link(phpbb_realpath(IP_ROOT_PATH . 'templates/' . $file)) && $file != '.' && $file != '..' && $file != 'common' && $file != 'default') {
                     $s_template_select .= '<option value="' . $file . '">' . $file . '</option>' . "\n";
                 }
             }
             $s_template_select .= '</select>';
         } else {
             message_die(GENERAL_MESSAGE, $lang['No_template_dir']);
         }
         @closedir($dir);
         $template->assign_vars(array('L_STYLE_EXPORTER' => $lang['Export_themes'], 'L_EXPORTER_EXPLAIN' => $lang['Export_explain'], 'L_TEMPLATE_SELECT' => $lang['Select_template'], 'L_SUBMIT' => $lang['Submit'], 'S_EXPORTER_ACTION' => append_sid('admin_styles.' . PHP_EXT . '?mode=export'), 'S_TEMPLATE_SELECT' => $s_template_select));
         $template->pparse('body');
     }
     break;
 case 'delete':
     $style_id = request_get_var('style_id', 0);
     if (!$confirm) {
         if ($style_id == $config['default_style']) {
             message_die(GENERAL_MESSAGE, $lang['Cannot_remove_style']);
         }
         $hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="style_id" value="' . $style_id . '" />';
         // Set template files
         $template->set_filenames(array('confirm' => ADM_TPL . 'confirm_body.tpl'));
         $template->assign_vars(array('MESSAGE_TITLE' => $lang['Confirm'], 'MESSAGE_TEXT' => $lang['Confirm_delete_style'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'S_CONFIRM_ACTION' => append_sid('admin_styles.' . PHP_EXT), 'S_HIDDEN_FIELDS' => $hidden_fields));
         $template->pparse('confirm');
     } else {
         //
         // The user has confirmed the delete. Remove the style, the style element
         // names and update any users who might be using this style
         //
         $sql = "DELETE FROM " . THEMES_TABLE . " WHERE themes_id = " . $style_id;
示例#19
0
                @rmdir($str);
            } else {
                @unlink($str);
            }
        }
    }
    closedir($res);
}
$template->assign_block_vars('nav_left', array('ITEM' => '&raquo; <a href="' . append_sid('xs_uninstall.' . PHP_EXT) . '">' . $lang['xs_uninstall_styles'] . '</a>'));
$lang['xs_uninstall_back'] = str_replace('{URL}', append_sid('xs_uninstall.' . PHP_EXT), $lang['xs_uninstall_back']);
$lang['xs_goto_default'] = str_replace('{URL}', append_sid('xs_styles.' . PHP_EXT), $lang['xs_goto_default']);
// uninstall style
$remove_id = request_var('remove', 0);
$remove_dir = request_get_var('dir', '');
$remove_tpl = request_post_var('remove', '');
$nocfg = request_get_var('nocfg', '');
if (!empty($remove_id) && !defined('DEMO_MODE')) {
    if ($config['default_style'] == $remove_id) {
        xs_error(str_replace('{URL}', append_sid('xs_styles.' . PHP_EXT), $lang['xs_uninstall_default']) . '<br /><br />' . $lang['xs_uninstall_back']);
    }
    $sql = "SELECT themes_id, template_name, style_name FROM " . THEMES_TABLE . " WHERE themes_id='{$remove_id}'";
    $db->sql_return_on_error(true);
    $result = $db->sql_query($sql);
    $db->sql_return_on_error(false);
    if (!$result) {
        xs_error($lang['xs_no_style_info'] . '<br /><br />' . $lang['xs_uninstall_back'], __LINE__, __FILE__);
    }
    $row = $db->sql_fetchrow($result);
    if (empty($row['themes_id'])) {
        xs_error($lang['xs_no_style_info'] . '<br /><br />' . $lang['xs_uninstall_back'], __LINE__, __FILE__);
    }
示例#20
0
*/
$fid = request_var(POST_FORUM_URL, '');
if (!empty($fid)) {
    $f_type = substr($fid, 0, 1);
    if ($f_type == POST_FORUM_URL) {
        $forum_id = intval(substr($fid, 1));
        $forum_sql = " WHERE forum_id = '" . $forum_id . "'";
    } else {
        unset($forum_id);
        $forum_sql = '';
    }
} else {
    unset($forum_id);
    $forum_sql = '';
}
$adv = request_get_var('adv', 0);
// Start program proper
if (isset($_POST['submit'])) {
    $sql = '';
    if (!empty($forum_id)) {
        if (isset($_POST['simpleauth'])) {
            $simple_ary = $simple_auth_ary[intval($_POST['simpleauth'])];
            for ($i = 0; $i < sizeof($simple_ary); $i++) {
                $sql .= ($sql != '' ? ', ' : '') . $forum_auth_fields[$i] . ' = ' . $simple_ary[$i];
            }
            if (is_array($simple_ary)) {
                $sql = "UPDATE " . FORUMS_TABLE . " SET {$sql} WHERE forum_id = {$forum_id}";
            }
        } else {
            for ($i = 0; $i < sizeof($forum_auth_fields); $i++) {
                $value = intval($_POST[$forum_auth_fields[$i]]);
示例#21
0
        if (!$num && !$num_error) {
            if (!empty($clear)) {
                $data .= str_replace('{TPL}', $clear, $lang['xs_cache_log_nothing']) . "<br />\n";
            } else {
                $data .= $lang['xs_cache_log_nothing2'] . "<br />\n";
            }
        } else {
            $data .= str_replace('{NUM}', $num, $lang['xs_cache_log_count']) . "<br />\n";
            if ($num_error) {
                $data .= str_replace('{NUM}', $num_error, $lang['xs_cache_log_count2']) . "<br />\n";
            }
        }
    }
}
// compile cache
$tpl = request_get_var('compile', '');
if (isset($_GET['compile']) && !defined('DEMO_MODE')) {
    @set_time_limit(XS_MAX_TIMEOUT);
    $num_errors = 0;
    $num_compiled = 0;
    if (!empty($tpl)) {
        $dir = $template->tpldir . $tpl . '/';
        compile_cache($dir, '', $tpl);
    } else {
        $res = opendir('../templates');
        while (($file = readdir($res)) !== false) {
            if ($file !== '.' && $file !== '..' && is_dir('../templates/' . $file) && @file_exists('../templates/' . $file . '/overall_header.tpl')) {
                compile_cache('../templates/' . $file . '/', '', $file);
            }
        }
        closedir($res);
示例#22
0
}
if (!defined('PHP_EXT')) {
    define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
}
$no_page_header = true;
require 'pagestart.' . PHP_EXT;
define('IN_XS', true);
include_once 'xs_include.' . PHP_EXT;
$template->assign_block_vars('nav_left', array('ITEM' => '&raquo; <a href="' . append_sid('xs_install.' . PHP_EXT) . '">' . $lang['xs_install_styles'] . '</a>'));
$lang['xs_install_back'] = str_replace('{URL}', append_sid('xs_install.' . PHP_EXT), $lang['xs_install_back']);
$lang['xs_goto_default'] = str_replace('{URL}', append_sid('xs_styles.' . PHP_EXT), $lang['xs_goto_default']);
// remove timeout. useful for forum with 100+ styles
@set_time_limit(XS_MAX_TIMEOUT);
// install style
$style = request_get_var('style', '', true);
$num = request_get_var('num', 0);
if (!empty($style) && !defined('DEMO_MODE')) {
    $res = xs_install_style($style, $num);
    if (defined('REFRESH_NAVBAR')) {
        $template->assign_block_vars('left_refresh', array('ACTION' => append_sid('index.' . PHP_EXT . '?pane=left')));
    }
    if ($res) {
        $db->clear_cache('styles_');
        xs_message($lang['Information'], $lang['xs_install_installed'] . '<br /><br />' . $lang['xs_install_back'] . '<br /><br />' . $lang['xs_goto_default']);
    }
    xs_error($lang['xs_install_error'] . '<br /><br />' . $lang['xs_install_back']);
}
// install styles
$total = request_var('total', 0);
if (!empty($total) && !defined('DEMO_MODE')) {
    $tpl = array();
示例#23
0
* @copyright (c) 2008 Icy Phoenix
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
/**
*
* @Icy Phoenix is based on phpBB
* @copyright (c) 2008 phpBB Group
*
*/
if (!defined('IN_ICYPHOENIX')) {
    die('Hacking attempt');
    exit;
}
$show_extra_stats = request_get_var('stats', 0);
$target_user_id = request_get_var(POST_USERS_URL, ANONYMOUS);
if (empty($target_user_id) || $target_user_id == ANONYMOUS) {
    if (!defined('STATUS_404')) {
        define('STATUS_404', true);
    }
    message_die(GENERAL_MESSAGE, 'NO_USER');
}
$profiledata = get_userdata($target_user_id);
if (empty($profiledata) || empty($profiledata['user_id'])) {
    if (!defined('STATUS_404')) {
        define('STATUS_404', true);
    }
    message_die(GENERAL_MESSAGE, 'NO_USER');
}
// We force the user to be active to show its profile... or we require the viewer to be admin!
if (empty($profiledata['user_active']) && $user->data['user_level'] != ADMIN) {
示例#24
0
$result = $db->sql_query($sql);
$db->sql_return_on_error(false);
if (!$result) {
    $total_users = 0;
} else {
    $total = $db->sql_fetchrow($result);
    $total_users = $total['total'];
}
$template->assign_vars(array('U_SCRIPT' => 'xs_styles.' . PHP_EXT, 'NUM_DEFAULT' => $num_default));
if ($total_users > $num_users) {
    // fix problem
    $sql = 'UPDATE ' . USERS_TABLE . ' SET user_style = NULL WHERE user_style NOT IN (' . implode(', ', $style_ids) . ')';
    $db->sql_query($sql);
}
// get list of users
$user_style_id = request_get_var('list', 0);
if (!empty($user_style_id)) {
    $template->assign_block_vars('list_users', array());
    $sql = "SELECT user_id, username FROM " . USERS_TABLE . " WHERE user_style = '{$user_style_id}' ORDER BY username ASC";
    $db->sql_return_on_error(true);
    $result = $db->sql_query($sql);
    $db->sql_return_on_error(false);
    if (!$result) {
        xs_error('Could not get users list!', __LINE__, __FILE__);
    }
    $rowset = $db->sql_fetchrowset($result);
    for ($i = 0; $i < sizeof($rowset); $i++) {
        $template->assign_block_vars('list_users.user', array('NUM' => $i + 1, 'ID' => $rowset[$i]['user_id'], 'NAME' => htmlspecialchars($rowset[$i]['username'])));
    }
}
$template->set_filenames(array('body' => XS_TPL_PATH . 'styles.tpl'));
示例#25
0
     $cms_admin->b_id = 0;
 }
 if ($cms_admin->action == 'add' || $cms_admin->action == 'edit') {
     $template_to_parse = CMS_TPL . 'cms_block_content_body.tpl';
     $cms_admin->manage_block();
 } elseif ($cms_admin->action == 'save') {
     $cms_admin->save_block();
 } elseif ($cms_admin->action == 'delete') {
     $cms_admin->delete_block();
 } elseif ($cms_admin->id_var_value != 0 || $cms_admin->action == 'editglobal') {
     if (isset($_POST['action_update'])) {
         $cms_admin->update_blocks();
     }
     $template_to_parse = CMS_TPL . 'cms_blocks_list_body.tpl';
     $template->assign_var('CMS_PAGE_TITLE', $lang['BLOCKS_TITLE']);
     $move = request_get_var('move', -1);
     if ($cms_admin->mode == 'blocks' && ($move == '0' || $move == '1')) {
         $cms_admin->move_block($move);
     }
     $template->assign_vars(array('S_BLOCKS_ACTION' => append_sid($cms_admin->root), 'S_HIDDEN_FIELDS' => $cms_admin->s_hidden_fields));
     // Old Version...
     /*
     if ($cms_admin->mode_layout_name == 'layouts_special')
     {
     	$cms_admin->show_blocks_list();
     }
     else
     {
     */
     $result = $cms_admin->show_blocks_list_ajax();
     if (is_array($result)) {
示例#26
0
				$location['url'] = CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id;
			}
			else
			{
				$location = get_online_page($row['session_page']);
			}
		}

		$location['url'] = append_sid(IP_ROOT_PATH . $location['url']);

		$row_class = ($$which_counter % 2) ? $theme['td_class1'] : $theme['td_class2'];

		// Start Advanced IP Tools Pack MOD
		$mode = htmlspecialchars($_GET['mode']);

		$test_ip = request_get_var('ip', '');
		if ((($user->data['user_level'] == ADMIN) || ($user->data['user_level'] == MOD)) && ($mode == 'lookup') && isset($_GET['ip']) && ($row['session_ip'] == $test_ip))
		{
			$ip = gethostbyaddr($row['session_ip']);
		}
		else
		{
			$ip = $row['session_ip'];
			$mode = 'ip';
		}
		// End Advanced IP Tools Pack MOD
		$template->assign_block_vars("$which_row", array(
			// Start Advanced IP Tools Pack MOD
			'IP' => htmlspecialchars($ip),
			'USER_AGENT' => htmlspecialchars($row['session_browser']) . '<br />' . htmlspecialchars($row['session_page']),
			'U_HOSTNAME_LOOKUP' => ($mode != 'lookup') ? append_sid(CMS_PAGE_VIEWONLINE . '?mode=lookup&amp;ip=' . htmlspecialchars(urlencode($row['session_ip']))) : append_sid(CMS_PAGE_VIEWONLINE . '?mode=ip&amp;ip=' . htmlspecialchars(urlencode($row['session_ip']))),