} if ($user->data['user_id'] == ANONYMOUS && !$user->data['is_bot']) { $user->set_cookie('poll_' . $topic_id, implode(',', $voted_id), time() + 31536000); } $sql = 'UPDATE ' . TOPICS_TABLE . ' SET poll_last_vote = ' . time() . "\n\t\t\tWHERE topic_id = {$topic_id}"; //, topic_last_post_time = ' . time() . " -- for bumping topics with new votes, ignore for now $db->sql_query($sql); $redirect_url = append_sid("{$src_root_path}viewtopic.{$phpEx}", "f={$forum_id}&t={$topic_id}" . ($start == 0 ? '' : "&start={$start}")); $message = $user->lang['VOTE_SUBMITTED'] . '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $redirect_url . '">', '</a>'); if ($request->is_ajax()) { // Filter out invalid options $valid_user_votes = array_intersect(array_keys($vote_counts), $voted_id); $data = array('NO_VOTES' => $user->lang['NO_VOTES'], 'success' => true, 'user_votes' => array_flip($valid_user_votes), 'vote_counts' => $vote_counts, 'total_votes' => array_sum($vote_counts), 'can_vote' => !sizeof($valid_user_votes) || $auth->acl_get('f_votechg', $forum_id) && $topic_data['poll_vote_change']); $json_response = new \src\json_response(); $json_response->send($data); } meta_refresh(5, $redirect_url); trigger_error($message); } $poll_total = 0; $poll_most = 0; foreach ($poll_info as $poll_option) { $poll_total += $poll_option['poll_option_total']; $poll_most = $poll_option['poll_option_total'] >= $poll_most ? $poll_option['poll_option_total'] : $poll_most; } $parse_flags = ($poll_info[0]['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; for ($i = 0, $size = sizeof($poll_info); $i < $size; $i++) { $poll_info[$i]['poll_option_text'] = generate_text_for_display($poll_info[$i]['poll_option_text'], $poll_info[$i]['bbcode_uid'], $poll_option['bbcode_bitfield'], $parse_flags, true); } $topic_data['poll_title'] = generate_text_for_display($topic_data['poll_title'], $poll_info[0]['bbcode_uid'], $poll_info[0]['bbcode_bitfield'], $parse_flags, true);
function main($id, $mode) { global $db, $user, $auth, $template, $module, $request; global $config, $src_admin_path, $src_root_path, $phpEx; // Set a global define for modules we might include (the author is able to prevent execution of code by checking this constant) define('MODULE_INCLUDE', true); $user->add_lang('acp/modules'); $this->tpl_name = 'acp_modules'; // module class $this->module_class = $mode; if ($this->module_class == 'ucp') { $user->add_lang('ucp'); } else { if ($this->module_class == 'mcp') { $user->add_lang('mcp'); } } if ($module->p_class != $this->module_class) { $module->add_mod_info($this->module_class); } $this->page_title = strtoupper($this->module_class); $this->parent_id = request_var('parent_id', 0); $module_id = request_var('m', 0); $action = request_var('action', ''); $errors = array(); switch ($action) { case 'delete': if (!$module_id) { trigger_error($user->lang['NO_MODULE_ID'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } if (confirm_box(true)) { // Make sure we are not directly within a module if ($module_id == $this->parent_id) { $sql = 'SELECT parent_id FROM ' . MODULES_TABLE . ' WHERE module_id = ' . $module_id; $result = $db->sql_query($sql); $this->parent_id = (int) $db->sql_fetchfield('parent_id'); $db->sql_freeresult($result); } $errors = $this->delete_module($module_id); if (!sizeof($errors)) { $this->remove_cache_file(); trigger_error($user->lang['MODULE_DELETED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } } else { confirm_box(false, 'DELETE_MODULE', build_hidden_fields(array('i' => $id, 'mode' => $mode, 'parent_id' => $this->parent_id, 'module_id' => $module_id, 'action' => $action))); } break; case 'enable': case 'disable': if (!$module_id) { trigger_error($user->lang['NO_MODULE_ID'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $sql = 'SELECT * FROM ' . MODULES_TABLE . "\n\t\t\t\t\tWHERE module_class = '" . $db->sql_escape($this->module_class) . "'\n\t\t\t\t\t\tAND module_id = {$module_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_MODULE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $sql = 'UPDATE ' . MODULES_TABLE . ' SET module_enabled = ' . ($action == 'enable' ? 1 : 0) . "\n\t\t\t\t\tWHERE module_class = '" . $db->sql_escape($this->module_class) . "'\n\t\t\t\t\t\tAND module_id = {$module_id}"; $db->sql_query($sql); add_log('admin', 'LOG_MODULE_' . strtoupper($action), $this->lang_name($row['module_langname'])); $this->remove_cache_file(); break; case 'move_up': case 'move_down': if (!$module_id) { trigger_error($user->lang['NO_MODULE_ID'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $sql = 'SELECT * FROM ' . MODULES_TABLE . "\n\t\t\t\t\tWHERE module_class = '" . $db->sql_escape($this->module_class) . "'\n\t\t\t\t\t\tAND module_id = {$module_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_MODULE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $move_module_name = $this->move_module_by($row, $action, 1); if ($move_module_name !== false) { add_log('admin', 'LOG_MODULE_' . strtoupper($action), $this->lang_name($row['module_langname']), $move_module_name); $this->remove_cache_file(); } if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('success' => $move_module_name !== false)); } break; case 'quickadd': $quick_install = request_var('quick_install', ''); if (confirm_box(true)) { if (!$quick_install || strpos($quick_install, '::') === false) { break; } list($module_basename, $module_mode) = explode('::', $quick_install); // Check if module name and mode exist... $fileinfo = $this->get_module_infos($module_basename); $fileinfo = $fileinfo[$module_basename]; if (isset($fileinfo['modes'][$module_mode])) { $module_data = array('module_basename' => $module_basename, 'module_enabled' => 0, 'module_display' => isset($fileinfo['modes'][$module_mode]['display']) ? $fileinfo['modes'][$module_mode]['display'] : 1, 'parent_id' => $this->parent_id, 'module_class' => $this->module_class, 'module_langname' => $fileinfo['modes'][$module_mode]['title'], 'module_mode' => $module_mode, 'module_auth' => $fileinfo['modes'][$module_mode]['auth']); $errors = $this->update_module_data($module_data); if (!sizeof($errors)) { $this->remove_cache_file(); trigger_error($user->lang['MODULE_ADDED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } } } else { confirm_box(false, 'ADD_MODULE', build_hidden_fields(array('i' => $id, 'mode' => $mode, 'parent_id' => $this->parent_id, 'action' => 'quickadd', 'quick_install' => $quick_install))); } break; case 'edit': if (!$module_id) { trigger_error($user->lang['NO_MODULE_ID'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $module_row = $this->get_module_row($module_id); // no break // no break case 'add': if ($action == 'add') { $module_row = array('module_basename' => '', 'module_enabled' => 0, 'module_display' => 1, 'parent_id' => 0, 'module_langname' => utf8_normalize_nfc(request_var('module_langname', '', true)), 'module_mode' => '', 'module_auth' => ''); } $module_data = array(); $module_data['module_basename'] = request_var('module_basename', (string) $module_row['module_basename']); $module_data['module_enabled'] = request_var('module_enabled', (int) $module_row['module_enabled']); $module_data['module_display'] = request_var('module_display', (int) $module_row['module_display']); $module_data['parent_id'] = request_var('module_parent_id', (int) $module_row['parent_id']); $module_data['module_class'] = $this->module_class; $module_data['module_langname'] = utf8_normalize_nfc(request_var('module_langname', (string) $module_row['module_langname'], true)); $module_data['module_mode'] = request_var('module_mode', (string) $module_row['module_mode']); $submit = isset($_POST['submit']) ? true : false; if ($submit) { if (!$module_data['module_langname']) { trigger_error($user->lang['NO_MODULE_LANGNAME'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $module_type = request_var('module_type', 'category'); if ($module_type == 'category') { $module_data['module_basename'] = $module_data['module_mode'] = $module_data['module_auth'] = ''; $module_data['module_display'] = 1; } if ($action == 'edit') { $module_data['module_id'] = $module_id; } // Adjust auth row if ($module_data['module_basename'] && $module_data['module_mode']) { $fileinfo = $this->get_module_infos($module_data['module_basename']); $module_data['module_auth'] = $fileinfo[$module_data['module_basename']]['modes'][$module_data['module_mode']]['auth']; } $errors = $this->update_module_data($module_data); if (!sizeof($errors)) { $this->remove_cache_file(); trigger_error(($action == 'add' ? $user->lang['MODULE_ADDED'] : $user->lang['MODULE_EDITED']) . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } } // Category/not category? $is_cat = !$module_data['module_basename'] ? true : false; // Get module information $module_infos = $this->get_module_infos(); // Build name options $s_name_options = $s_mode_options = ''; foreach ($module_infos as $option => $values) { if (!$module_data['module_basename']) { $module_data['module_basename'] = $option; } // Name options $s_name_options .= '<option value="' . $option . '"' . ($option == $module_data['module_basename'] ? ' selected="selected"' : '') . '>' . $this->lang_name($values['title']) . ' [' . $option . ']</option>'; $template->assign_block_vars('m_names', array('NAME' => $option, 'A_NAME' => addslashes($option))); // Build module modes foreach ($values['modes'] as $m_mode => $m_values) { if ($option == $module_data['module_basename']) { $s_mode_options .= '<option value="' . $m_mode . '"' . ($m_mode == $module_data['module_mode'] ? ' selected="selected"' : '') . '>' . $this->lang_name($m_values['title']) . '</option>'; } $template->assign_block_vars('m_names.modes', array('OPTION' => $m_mode, 'VALUE' => $this->lang_name($m_values['title']), 'A_OPTION' => addslashes($m_mode), 'A_VALUE' => addslashes($this->lang_name($m_values['title'])))); } } $s_cat_option = '<option value="0"' . ($module_data['parent_id'] == 0 ? ' selected="selected"' : '') . '>' . $user->lang['NO_PARENT'] . '</option>'; $template->assign_vars(array_merge(array('S_EDIT_MODULE' => true, 'S_IS_CAT' => $is_cat, 'S_CAT_OPTIONS' => $s_cat_option . $this->make_module_select($module_data['parent_id'], $action == 'edit' ? $module_row['module_id'] : false, false, false, false, true), 'S_MODULE_NAMES' => $s_name_options, 'S_MODULE_MODES' => $s_mode_options, 'U_BACK' => $this->u_action . '&parent_id=' . $this->parent_id, 'U_EDIT_ACTION' => $this->u_action . '&parent_id=' . $this->parent_id, 'L_TITLE' => $user->lang[strtoupper($action) . '_MODULE'], 'MODULENAME' => $this->lang_name($module_data['module_langname']), 'ACTION' => $action, 'MODULE_ID' => $module_id), array_change_key_case($module_data, CASE_UPPER))); if (sizeof($errors)) { $template->assign_vars(array('S_ERROR' => true, 'ERROR_MSG' => implode('<br />', $errors))); } return; break; } // Default management page if (sizeof($errors)) { if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang('ERROR'), 'MESSAGE_TEXT' => implode('<br />', $errors), 'SUCCESS' => false)); } $template->assign_vars(array('S_ERROR' => true, 'ERROR_MSG' => implode('<br />', $errors))); } if (!$this->parent_id) { $navigation = strtoupper($this->module_class); } else { $navigation = '<a href="' . $this->u_action . '">' . strtoupper($this->module_class) . '</a>'; $modules_nav = $this->get_module_branch($this->parent_id, 'parents', 'descending'); foreach ($modules_nav as $row) { $langname = $this->lang_name($row['module_langname']); if ($row['module_id'] == $this->parent_id) { $navigation .= ' -> ' . $langname; } else { $navigation .= ' -> <a href="' . $this->u_action . '&parent_id=' . $row['module_id'] . '">' . $langname . '</a>'; } } } // Jumpbox $module_box = $this->make_module_select($this->parent_id, false, false, false, false); $sql = 'SELECT * FROM ' . MODULES_TABLE . "\n\t\t\tWHERE parent_id = {$this->parent_id}\n\t\t\t\tAND module_class = '" . $db->sql_escape($this->module_class) . "'\n\t\t\tORDER BY left_id"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { $langname = $this->lang_name($row['module_langname']); if (!$row['module_enabled']) { $module_image = '<img src="images/icon_folder_lock.gif" alt="' . $user->lang['DEACTIVATED_MODULE'] . '" />'; } else { $module_image = !$row['module_basename'] || $row['left_id'] + 1 != $row['right_id'] ? '<img src="images/icon_subfolder.gif" alt="' . $user->lang['CATEGORY'] . '" />' : '<img src="images/icon_folder.gif" alt="' . $user->lang['MODULE'] . '" />'; } $url = $this->u_action . '&parent_id=' . $this->parent_id . '&m=' . $row['module_id']; $template->assign_block_vars('modules', array('MODULE_IMAGE' => $module_image, 'MODULE_TITLE' => $langname, 'MODULE_ENABLED' => $row['module_enabled'] ? true : false, 'MODULE_DISPLAYED' => $row['module_display'] ? true : false, 'S_ACP_CAT_SYSTEM' => $this->module_class == 'acp' && $row['module_langname'] == 'ACP_CAT_SYSTEM' ? true : false, 'S_ACP_MODULE_MANAGEMENT' => $this->module_class == 'acp' && ($row['module_basename'] == 'modules' || $row['module_langname'] == 'ACP_MODULE_MANAGEMENT') ? true : false, 'U_MODULE' => $this->u_action . '&parent_id=' . $row['module_id'], 'U_MOVE_UP' => $url . '&action=move_up', 'U_MOVE_DOWN' => $url . '&action=move_down', 'U_EDIT' => $url . '&action=edit', 'U_DELETE' => $url . '&action=delete', 'U_ENABLE' => $url . '&action=enable', 'U_DISABLE' => $url . '&action=disable')); } while ($row = $db->sql_fetchrow($result)); } else { if ($this->parent_id) { $row = $this->get_module_row($this->parent_id); $url = $this->u_action . '&parent_id=' . $this->parent_id . '&m=' . $row['module_id']; $template->assign_vars(array('S_NO_MODULES' => true, 'MODULE_TITLE' => $langname, 'MODULE_ENABLED' => $row['module_enabled'] ? true : false, 'MODULE_DISPLAYED' => $row['module_display'] ? true : false, 'U_EDIT' => $url . '&action=edit', 'U_DELETE' => $url . '&action=delete', 'U_ENABLE' => $url . '&action=enable', 'U_DISABLE' => $url . '&action=disable')); } } $db->sql_freeresult($result); // Quick adding module $module_infos = $this->get_module_infos(); // Build quick options $s_install_options = ''; foreach ($module_infos as $option => $values) { // Name options $s_install_options .= '<optgroup label="' . $this->lang_name($values['title']) . ' [' . $option . ']">'; // Build module modes foreach ($values['modes'] as $m_mode => $m_values) { $s_install_options .= '<option value="' . $option . '::' . $m_mode . '"> ' . $this->lang_name($m_values['title']) . '</option>'; } $s_install_options .= '</optgroup>'; } $template->assign_vars(array('U_SEL_ACTION' => $this->u_action, 'U_ACTION' => $this->u_action . '&parent_id=' . $this->parent_id, 'NAVIGATION' => $navigation, 'MODULE_BOX' => $module_box, 'PARENT_ID' => $this->parent_id, 'S_INSTALL_OPTIONS' => $s_install_options)); }
public function manage_position() { global $config, $db, $template, $user, $request, $src_container; $this->tpl_name = 'acp_groups_position'; $this->page_title = 'ACP_GROUPS_POSITION'; $field = $request->variable('field', ''); $action = $request->variable('action', ''); $group_id = $request->variable('g', 0); $teampage_id = $request->variable('t', 0); $category_id = $request->variable('c', 0); if ($field && !in_array($field, array('legend', 'teampage'))) { // Invalid mode trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action), E_USER_WARNING); } else { if ($field && in_array($field, array('legend', 'teampage'))) { $group_position = $src_container->get('groupposition.' . $field); } } if ($field == 'teampage') { try { switch ($action) { case 'add': $group_position->add_group_teampage($group_id, $category_id); break; case 'add_category': $group_position->add_category_teampage($request->variable('category_name', '', true)); break; case 'delete': $group_position->delete_teampage($teampage_id); break; case 'move_up': $group_position->move_up_teampage($teampage_id); break; case 'move_down': $group_position->move_down_teampage($teampage_id); break; } } catch (\src\groupposition\exception $exception) { trigger_error($user->lang($exception->getMessage()) . adm_back_link($this->u_action), E_USER_WARNING); } } else { if ($field == 'legend') { try { switch ($action) { case 'add': $group_position->add_group($group_id); break; case 'delete': $group_position->delete_group($group_id); break; case 'move_up': $group_position->move_up($group_id); break; case 'move_down': $group_position->move_down($group_id); break; } } catch (\src\groupposition\exception $exception) { trigger_error($user->lang($exception->getMessage()) . adm_back_link($this->u_action), E_USER_WARNING); } } else { switch ($action) { case 'set_config_teampage': $config->set('teampage_forums', $request->variable('teampage_forums', 0)); $config->set('teampage_memberships', $request->variable('teampage_memberships', 0)); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); break; case 'set_config_legend': $config->set('legend_sort_groupname', $request->variable('legend_sort_groupname', 0)); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); break; } } } if (($action == 'move_up' || $action == 'move_down') && $request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('success' => true)); } $sql = 'SELECT group_id, group_name, group_colour, group_type, group_legend FROM ' . GROUPS_TABLE . ' ORDER BY group_legend ASC, group_type DESC, group_name ASC'; $result = $db->sql_query($sql); $s_group_select_legend = ''; while ($row = $db->sql_fetchrow($result)) { $group_name = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name']; if ($row['group_legend']) { $template->assign_block_vars('legend', array('GROUP_NAME' => $group_name, 'GROUP_COLOUR' => $row['group_colour'] ? '#' . $row['group_colour'] : '', 'GROUP_TYPE' => $user->lang[\src\groupposition\legend::group_type_language($row['group_type'])], 'U_MOVE_DOWN' => "{$this->u_action}&field=legend&action=move_down&g=" . $row['group_id'], 'U_MOVE_UP' => "{$this->u_action}&field=legend&action=move_up&g=" . $row['group_id'], 'U_DELETE' => "{$this->u_action}&field=legend&action=delete&g=" . $row['group_id'])); } else { $template->assign_block_vars('add_legend', array('GROUP_ID' => (int) $row['group_id'], 'GROUP_NAME' => $group_name, 'GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL)); } } $db->sql_freeresult($result); $category_url_param = $category_id ? '&c=' . $category_id : ''; $sql = 'SELECT t.*, g.group_name, g.group_colour, g.group_type FROM ' . TEAMPAGE_TABLE . ' t LEFT JOIN ' . GROUPS_TABLE . ' g ON (t.group_id = g.group_id) WHERE t.teampage_parent = ' . $category_id . ' OR t.teampage_id = ' . $category_id . ' ORDER BY t.teampage_position ASC'; $result = $db->sql_query($sql); $category_data = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['teampage_id'] == $category_id) { $template->assign_vars(array('CURRENT_CATEGORY_NAME' => $row['teampage_name'])); continue; } if ($row['group_id']) { $group_name = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name']; $group_type = $user->lang[\src\groupposition\teampage::group_type_language($row['group_type'])]; } else { $group_name = $row['teampage_name']; $group_type = ''; } $template->assign_block_vars('teampage', array('GROUP_NAME' => $group_name, 'GROUP_COLOUR' => $row['group_colour'] ? '#' . $row['group_colour'] : '', 'GROUP_TYPE' => $group_type, 'U_CATEGORY' => !$row['group_id'] ? "{$this->u_action}&c=" . $row['teampage_id'] : '', 'U_MOVE_DOWN' => "{$this->u_action}&field=teampage&action=move_down{$category_url_param}&t=" . $row['teampage_id'], 'U_MOVE_UP' => "{$this->u_action}&field=teampage&action=move_up{$category_url_param}&t=" . $row['teampage_id'], 'U_DELETE' => "{$this->u_action}&field=teampage&action=delete{$category_url_param}&t=" . $row['teampage_id'])); } $db->sql_freeresult($result); $sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_type FROM ' . GROUPS_TABLE . ' g LEFT JOIN ' . TEAMPAGE_TABLE . ' t ON (t.group_id = g.group_id) WHERE t.teampage_id IS NULL ORDER BY g.group_type DESC, g.group_name ASC'; $result = $db->sql_query($sql); $s_group_select_teampage = ''; while ($row = $db->sql_fetchrow($result)) { $group_name = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name']; $template->assign_block_vars('add_teampage', array('GROUP_ID' => (int) $row['group_id'], 'GROUP_NAME' => $group_name, 'GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL)); } $db->sql_freeresult($result); $template->assign_vars(array('U_ACTION' => $this->u_action, 'U_ACTION_LEGEND' => $this->u_action . '&field=legend', 'U_ACTION_TEAMPAGE' => $this->u_action . '&field=teampage' . $category_url_param, 'U_ACTION_TEAMPAGE_CAT' => $this->u_action . '&field=teampage_cat', 'S_TEAMPAGE_CATEGORY' => $category_id, 'DISPLAY_FORUMS' => $config['teampage_forums'] ? true : false, 'DISPLAY_MEMBERSHIPS' => $config['teampage_memberships'], 'LEGEND_SORT_GROUPNAME' => $config['legend_sort_groupname'] ? true : false)); }
public function main($id, $mode) { global $config, $template, $user, $request, $src_container; global $src_root_path, $phpEx; add_form_key('ucp_notification'); $start = $request->variable('start', 0); $form_time = $request->variable('form_time', 0); $form_time = $form_time <= 0 || $form_time > time() ? time() : $form_time; $src_notifications = $src_container->get('notification_manager'); $pagination = $src_container->get('pagination'); switch ($mode) { case 'notification_options': $subscriptions = $src_notifications->get_global_subscriptions(false); // Add/remove subscriptions if ($request->is_set_post('submit')) { if (!check_form_key('ucp_notification')) { trigger_error('FORM_INVALID'); } $notification_methods = $src_notifications->get_subscription_methods(); foreach ($src_notifications->get_subscription_types() as $group => $subscription_types) { foreach ($subscription_types as $type => $data) { foreach ($notification_methods as $method => $method_data) { if ($request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && (!isset($subscriptions[$type]) || !in_array($method_data['id'], $subscriptions[$type]))) { $src_notifications->add_subscription($type, 0, $method_data['id']); } else { if (!$request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && isset($subscriptions[$type]) && in_array($method_data['id'], $subscriptions[$type])) { $src_notifications->delete_subscription($type, 0, $method_data['id']); } } } if ($request->is_set_post(str_replace('.', '_', $type) . '_notification') && !isset($subscriptions[$type])) { $src_notifications->add_subscription($type); } else { if (!$request->is_set_post(str_replace('.', '_', $type) . '_notification') && isset($subscriptions[$type])) { $src_notifications->delete_subscription($type); } } } } meta_refresh(3, $this->u_action); $message = $user->lang['PREFERENCES_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } $this->output_notification_methods($src_notifications, $template, $user, 'notification_methods'); $this->output_notification_types($subscriptions, $src_notifications, $template, $user, 'notification_types'); $this->tpl_name = 'ucp_notifications'; $this->page_title = 'UCP_NOTIFICATION_OPTIONS'; break; case 'notification_list': default: // Mark all items read if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_notifications_read')) { $src_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); meta_refresh(3, $this->u_action); $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'success' => true)); } $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } // Mark specific notifications read if ($request->is_set_post('submit')) { if (!check_form_key('ucp_notification')) { trigger_error('FORM_INVALID'); } $mark_read = $request->variable('mark', array(0)); if (!empty($mark_read)) { $src_notifications->mark_notifications_read_by_id($mark_read, $form_time); } } $notifications = $src_notifications->load_notifications(array('start' => $start, 'limit' => $config['topics_per_page'], 'count_total' => true)); foreach ($notifications['notifications'] as $notification) { $template->assign_block_vars('notification_list', $notification->prepare_for_display()); } $base_url = append_sid("{$src_root_path}ucp.{$phpEx}", "i=ucp_notifications&mode=notification_list"); $start = $pagination->validate_start($start, $config['topics_per_page'], $notifications['total_count']); $pagination->generate_template_pagination($base_url, 'pagination', 'start', $notifications['total_count'], $config['topics_per_page'], $start); $template->assign_vars(array('TOTAL_COUNT' => $notifications['total_count'], 'U_MARK_ALL' => $base_url . '&mark=all&token=' . generate_link_hash('mark_all_notifications_read'))); $this->tpl_name = 'ucp_notifications'; $this->page_title = 'UCP_NOTIFICATION_LIST'; break; } $template->assign_vars(array('TITLE' => $user->lang($this->page_title), 'TITLE_EXPLAIN' => $user->lang($this->page_title . '_EXPLAIN'), 'MODE' => $mode, 'FORM_TIME' => time())); }
function main($id, $mode) { global $user, $template, $src_root_path, $auth, $phpEx, $db, $config, $request; if (!$user->data['is_registered']) { trigger_error('NO_MESSAGE'); } // Is PM disabled? if (!$config['allow_privmsg']) { trigger_error('PM_DISABLED'); } $user->add_lang('posting'); $template->assign_var('S_PRIVMSGS', true); // Folder directly specified? $folder_specified = request_var('folder', ''); if (!in_array($folder_specified, array('inbox', 'outbox', 'sentbox'))) { $folder_specified = (int) $folder_specified; } else { $folder_specified = $folder_specified == 'inbox' ? PRIVMSGS_INBOX : ($folder_specified == 'outbox' ? PRIVMSGS_OUTBOX : PRIVMSGS_SENTBOX); } if (!$folder_specified) { $mode = !$mode ? request_var('mode', 'view') : $mode; } else { $mode = 'view'; } include $src_root_path . 'includes/functions_privmsgs.' . $phpEx; switch ($mode) { // Compose message case 'compose': $action = request_var('action', 'post'); $user_folders = get_folder($user->data['user_id']); if (!$auth->acl_get('u_sendpm')) { // trigger_error('NO_AUTH_SEND_MESSAGE'); $template->assign_vars(array('S_NO_AUTH_SEND_MESSAGE' => true, 'S_COMPOSE_PM_VIEW' => true)); $tpl_file = 'ucp_pm_viewfolder'; break; } include $src_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx; compose_pm($id, $mode, $action, $user_folders); $tpl_file = 'posting_body'; break; case 'options': set_user_message_limit(); get_folder($user->data['user_id']); include $src_root_path . 'includes/ucp/ucp_pm_options.' . $phpEx; message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions); $tpl_file = 'ucp_pm_options'; break; case 'drafts': get_folder($user->data['user_id']); $this->p_name = 'pm'; // Call another module... please do not try this at home... Hoochie Coochie Man include $src_root_path . 'includes/ucp/ucp_main.' . $phpEx; $module = new ucp_main($this); $module->u_action = $this->u_action; $module->main($id, $mode); $this->tpl_name = $module->tpl_name; $this->page_title = 'UCP_PM_DRAFTS'; unset($module); return; break; case 'view': set_user_message_limit(); if ($folder_specified) { $folder_id = $folder_specified; $action = 'view_folder'; } else { $folder_id = request_var('f', PRIVMSGS_NO_BOX); $action = request_var('action', 'view_folder'); } $msg_id = request_var('p', 0); $view = request_var('view', ''); // View message if specified if ($msg_id) { $action = 'view_message'; } if (!$auth->acl_get('u_readpm')) { trigger_error('NO_AUTH_READ_MESSAGE'); } // Do not allow hold messages to be seen if ($folder_id == PRIVMSGS_HOLD_BOX) { trigger_error('NO_AUTH_READ_HOLD_MESSAGE'); } // First Handle Mark actions and moving messages $submit_mark = isset($_POST['submit_mark']) ? true : false; $move_pm = isset($_POST['move_pm']) ? true : false; $mark_option = request_var('mark_option', ''); $dest_folder = request_var('dest_folder', PRIVMSGS_NO_BOX); // Is moving PM triggered through mark options? if (!in_array($mark_option, array('mark_important', 'delete_marked')) && $submit_mark) { $move_pm = true; $dest_folder = (int) $mark_option; $submit_mark = false; } // Move PM if ($move_pm) { $move_msg_ids = isset($_POST['marked_msg_id']) ? request_var('marked_msg_id', array(0)) : array(); $cur_folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX); if (move_pm($user->data['user_id'], $user->data['message_limit'], $move_msg_ids, $dest_folder, $cur_folder_id)) { // Return to folder view if single message moved if ($action == 'view_message') { $msg_id = 0; $folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX); $action = 'view_folder'; } } } // Message Mark Options if ($submit_mark) { handle_mark_actions($user->data['user_id'], $mark_option); } // If new messages arrived, place them into the appropriate folder $num_not_moved = $num_removed = 0; $release = request_var('release', 0); if ($user->data['user_new_privmsg'] && ($action == 'view_folder' || $action == 'view_message')) { $return = place_pm_into_folder($global_privmsgs_rules, $release); $num_not_moved = $return['not_moved']; $num_removed = $return['removed']; } if (!$msg_id && $folder_id == PRIVMSGS_NO_BOX) { $folder_id = PRIVMSGS_INBOX; } else { if ($msg_id && $folder_id == PRIVMSGS_NO_BOX) { $sql = 'SELECT folder_id FROM ' . PRIVMSGS_TO_TABLE . "\n\t\t\t\t\t\tWHERE msg_id = {$msg_id}\n\t\t\t\t\t\t\tAND folder_id <> " . PRIVMSGS_NO_BOX . ' AND user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_MESSAGE'); } $folder_id = (int) $row['folder_id']; } } if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read')) { mark_folder_read($user->data['user_id'], $folder_id); meta_refresh(3, $this->u_action); $message = $user->lang['PM_MARK_ALL_READ_SUCCESS']; if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'success' => true)); } $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } $message_row = array(); if ($action == 'view_message' && $msg_id) { // Get Message user want to see if ($view == 'next' || $view == 'previous') { $sql_condition = $view == 'next' ? '>' : '<'; $sql_ordering = $view == 'next' ? 'ASC' : 'DESC'; $sql = 'SELECT t.msg_id FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TABLE . " p2\n\t\t\t\t\t\t\tWHERE p2.msg_id = {$msg_id}\n\t\t\t\t\t\t\t\tAND t.folder_id = {$folder_id}\n\t\t\t\t\t\t\t\tAND t.user_id = " . $user->data['user_id'] . "\n\t\t\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\t\t\tAND p.message_time {$sql_condition} p2.message_time\n\t\t\t\t\t\t\tORDER BY p.message_time {$sql_ordering}"; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { $message = $view == 'next' ? 'NO_NEWER_PM' : 'NO_OLDER_PM'; trigger_error($message); } else { $msg_id = $row['msg_id']; } } $sql = 'SELECT t.*, p.*, u.* FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\t\tAND t.folder_id = {$folder_id}\n\t\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\t\tAND p.msg_id = {$msg_id}"; $result = $db->sql_query($sql); $message_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$message_row) { trigger_error('NO_MESSAGE'); } // Update unread status update_unread_status($message_row['pm_unread'], $message_row['msg_id'], $user->data['user_id'], $folder_id); } $folder = get_folder($user->data['user_id'], $folder_id); $s_folder_options = $s_to_folder_options = ''; foreach ($folder as $f_id => $folder_ary) { $option = '<option' . (!in_array($f_id, array(PRIVMSGS_INBOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX)) ? ' class="sep"' : '') . ' value="' . $f_id . '"' . ($f_id == $folder_id ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ($folder_ary['unread_messages'] ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . '</option>'; $s_to_folder_options .= $f_id != PRIVMSGS_OUTBOX && $f_id != PRIVMSGS_SENTBOX ? $option : ''; $s_folder_options .= $option; } clean_sentbox($folder[PRIVMSGS_SENTBOX]['num_messages']); // Header for message view - folder and so on $folder_status = get_folder_status($folder_id, $folder); $template->assign_vars(array('CUR_FOLDER_ID' => $folder_id, 'CUR_FOLDER_NAME' => $folder_status['folder_name'], 'NUM_NOT_MOVED' => $num_not_moved, 'NUM_REMOVED' => $num_removed, 'RELEASE_MESSAGE_INFO' => sprintf($user->lang['RELEASE_MESSAGES'], '<a href="' . $this->u_action . '&folder=' . $folder_id . '&release=1">', '</a>'), 'NOT_MOVED_MESSAGES' => $user->lang('NOT_MOVED_MESSAGES', (int) $num_not_moved), 'RULE_REMOVED_MESSAGES' => $user->lang('RULE_REMOVED_MESSAGES', (int) $num_removed), 'S_FOLDER_OPTIONS' => $s_folder_options, 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, 'S_FOLDER_ACTION' => $this->u_action . '&action=view_folder', 'S_PM_ACTION' => $this->u_action . '&action=' . $action, 'U_INBOX' => $this->u_action . '&folder=inbox', 'U_OUTBOX' => $this->u_action . '&folder=outbox', 'U_SENTBOX' => $this->u_action . '&folder=sentbox', 'U_CREATE_FOLDER' => $this->u_action . '&mode=options', 'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id, 'U_MARK_ALL' => $this->u_action . '&folder=' . $folder_id . '&mark=all&token=' . generate_link_hash('mark_all_pms_read'), 'S_IN_INBOX' => $folder_id == PRIVMSGS_INBOX ? true : false, 'S_IN_OUTBOX' => $folder_id == PRIVMSGS_OUTBOX ? true : false, 'S_IN_SENTBOX' => $folder_id == PRIVMSGS_SENTBOX ? true : false, 'FOLDER_STATUS' => $folder_status['message'], 'FOLDER_MAX_MESSAGES' => $folder_status['max'], 'FOLDER_CUR_MESSAGES' => $folder_status['cur'], 'FOLDER_REMAINING_MESSAGES' => $folder_status['remaining'], 'FOLDER_PERCENT' => $folder_status['percent'])); if ($action == 'view_folder') { include $src_root_path . 'includes/ucp/ucp_pm_viewfolder.' . $phpEx; view_folder($id, $mode, $folder_id, $folder); $tpl_file = 'ucp_pm_viewfolder'; } else { if ($action == 'view_message') { $template->assign_vars(array('S_VIEW_MESSAGE' => true, 'L_RETURN_TO_FOLDER' => $user->lang('RETURN_TO', $folder_status['folder_name']), 'MSG_ID' => $msg_id)); if (!$msg_id) { trigger_error('NO_MESSAGE'); } include $src_root_path . 'includes/ucp/ucp_pm_viewmessage.' . $phpEx; view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row); $tpl_file = $view == 'print' ? 'ucp_pm_viewmessage_print' : 'ucp_pm_viewmessage'; } } break; default: trigger_error('NO_ACTION_MODE', E_USER_ERROR); break; } $template->assign_vars(array('L_TITLE' => $user->lang['UCP_PM_' . strtoupper($mode)], 'S_UCP_ACTION' => $this->u_action . (isset($action) ? "&action={$action}" : ''))); // Set desired template $this->tpl_name = $tpl_file; $this->page_title = 'UCP_PM_' . strtoupper($mode); }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $src_root_path, $phpEx, $request, $src_dispatcher; $submit = isset($_POST['submit']) || isset($_GET['add']) || isset($_GET['remove']) ? true : false; $s_hidden_fields = ''; $l_mode = strtoupper($mode); if ($submit) { $data = $error = array(); $updated = false; $var_ary = array('usernames' => array(0), 'add' => ''); foreach ($var_ary as $var => $default) { $data[$var] = request_var($var, $default, true); } if (!empty($data['add']) || sizeof($data['usernames'])) { if (confirm_box(true)) { // Remove users if (!empty($data['usernames'])) { $user_ids = $data['usernames']; /** * Remove users from friends/foes * * @event core.ucp_remove_zebra * @var string mode Zebra type: friends|foes * @var array user_ids User ids we remove */ $vars = array('mode', 'user_ids'); extract($src_dispatcher->trigger_event('core.ucp_remove_zebra', compact($vars))); $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND ' . $db->sql_in_set('zebra_id', $user_ids); $db->sql_query($sql); $updated = true; } // Add users if ($data['add']) { $data['add'] = array_map('trim', array_map('utf8_clean_string', explode("\n", $data['add']))); // Do these name/s exist on a list already? If so, ignore ... we could be // 'nice' and automatically handle names added to one list present on // the other (by removing the existing one) ... but I have a feeling this // may lead to complaints $sql = 'SELECT z.*, u.username, u.username_clean FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u WHERE z.user_id = ' . $user->data['user_id'] . ' AND u.user_id = z.zebra_id'; $result = $db->sql_query($sql); $friends = $foes = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['friend']) { $friends[] = utf8_clean_string($row['username']); } else { $foes[] = utf8_clean_string($row['username']); } } $db->sql_freeresult($result); // remove friends from the username array $n = sizeof($data['add']); $data['add'] = array_diff($data['add'], $friends); if (sizeof($data['add']) < $n && $mode == 'foes') { $error[] = $user->lang['NOT_ADDED_FOES_FRIENDS']; } // remove foes from the username array $n = sizeof($data['add']); $data['add'] = array_diff($data['add'], $foes); if (sizeof($data['add']) < $n && $mode == 'friends') { $error[] = $user->lang['NOT_ADDED_FRIENDS_FOES']; } // remove the user himself from the username array $n = sizeof($data['add']); $data['add'] = array_diff($data['add'], array(utf8_clean_string($user->data['username']))); if (sizeof($data['add']) < $n) { $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_SELF']; } unset($friends, $foes, $n); if (sizeof($data['add'])) { $sql = 'SELECT user_id, user_type FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('username_clean', $data['add']) . ' AND user_type <> ' . USER_INACTIVE; $result = $db->sql_query($sql); $user_id_ary = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['user_id'] != ANONYMOUS && $row['user_type'] != USER_IGNORE) { $user_id_ary[] = $row['user_id']; } else { if ($row['user_id'] != ANONYMOUS) { $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_BOTS']; } else { $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_ANONYMOUS']; } } } $db->sql_freeresult($result); if (sizeof($user_id_ary)) { // Remove users from foe list if they are admins or moderators if ($mode == 'foes') { $perms = array(); foreach ($auth->acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary) { foreach ($forum_ary as $auth_option => $user_ary) { $perms = array_merge($perms, $user_ary); } } $perms = array_unique($perms); if (sizeof($perms)) { $error[] = $user->lang['NOT_ADDED_FOES_MOD_ADMIN']; } // This may not be right ... it may yield true when perms equate to deny $user_id_ary = array_diff($user_id_ary, $perms); unset($perms); } if (sizeof($user_id_ary)) { $sql_mode = $mode == 'friends' ? 'friend' : 'foe'; $sql_ary = array(); foreach ($user_id_ary as $zebra_id) { $sql_ary[] = array('user_id' => (int) $user->data['user_id'], 'zebra_id' => (int) $zebra_id, $sql_mode => 1); } /** * Add users to friends/foes * * @event core.ucp_add_zebra * @var string mode Zebra type: * friends|foes * @var array sql_ary Array of * entries we add * @since 3.1.0-a1 */ $vars = array('mode', 'sql_ary'); extract($src_dispatcher->trigger_event('core.ucp_add_zebra', compact($vars))); $db->sql_multi_insert(ZEBRA_TABLE, $sql_ary); $updated = true; } unset($user_id_ary); } else { if (!sizeof($error)) { $error[] = $user->lang['USER_NOT_FOUND_OR_INACTIVE']; } } } } if ($request->is_ajax()) { $message = $updated ? $user->lang[$l_mode . '_UPDATED'] : implode('<br />', $error); $json_response = new \src\json_response(); $json_response->send(array('success' => $updated, 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'REFRESH_DATA' => array('time' => 3, 'url' => $this->u_action))); } else { if ($updated) { meta_refresh(3, $this->u_action); $message = $user->lang[$l_mode . '_UPDATED'] . '<br />' . implode('<br />', $error) . (sizeof($error) ? '<br />' : '') . '<br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } else { $template->assign_var('ERROR', implode('<br />', $error)); } } } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mode' => $mode, 'submit' => true, 'usernames' => $data['usernames'], 'add' => $data['add']))); } } } $sql_and = $mode == 'friends' ? 'z.friend = 1' : 'z.foe = 1'; $sql = 'SELECT z.*, u.username, u.username_clean FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u WHERE z.user_id = ' . $user->data['user_id'] . "\n\t\t\t\tAND {$sql_and}\n\t\t\t\tAND u.user_id = z.zebra_id\n\t\t\tORDER BY u.username_clean ASC"; $result = $db->sql_query($sql); $s_username_options = ''; while ($row = $db->sql_fetchrow($result)) { $s_username_options .= '<option value="' . $row['zebra_id'] . '">' . $row['username'] . '</option>'; } $db->sql_freeresult($result); $template->assign_vars(array('L_TITLE' => $user->lang['UCP_ZEBRA_' . $l_mode], 'U_FIND_USERNAME' => append_sid("{$src_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=ucp&field=add'), 'S_USERNAME_OPTIONS' => $s_username_options, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action)); $this->tpl_name = 'ucp_zebra_' . $mode; $this->page_title = 'UCP_ZEBRA_' . $l_mode; }
/** * Parse Attachments */ function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false) { global $config, $auth, $user, $src_root_path, $phpEx, $db, $request; $error = array(); $num_attachments = sizeof($this->attachment_data); $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); $upload = $request->file($form_name); $upload_file = !empty($upload) && $upload['name'] !== 'none' && trim($upload['name']); $add_file = isset($_POST['add_file']) ? true : false; $delete_file = isset($_POST['delete_file']) ? true : false; // First of all adjust comments if changed $actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true)); foreach ($actual_comment_list as $comment_key => $comment) { if (!isset($this->attachment_data[$comment_key])) { continue; } if ($this->attachment_data[$comment_key]['attach_comment'] != $actual_comment_list[$comment_key]) { $this->attachment_data[$comment_key]['attach_comment'] = $actual_comment_list[$comment_key]; } } $cfg = array(); $cfg['max_attachments'] = $is_message ? $config['max_attachments_pm'] : $config['max_attachments']; $forum_id = $is_message ? 0 : $forum_id; if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file) { if ($num_attachments < $cfg['max_attachments'] || $auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) { $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message); $error = $filedata['error']; if ($filedata['post_attach'] && !sizeof($error)) { $sql_ary = array('physical_filename' => $filedata['physical_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'real_filename' => $filedata['real_filename'], 'extension' => $filedata['extension'], 'mimetype' => $filedata['mimetype'], 'filesize' => $filedata['filesize'], 'filetime' => $filedata['filetime'], 'thumbnail' => $filedata['thumbnail'], 'is_orphan' => 1, 'in_message' => $is_message ? 1 : 0, 'poster_id' => $user->data['user_id']); $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $new_entry = array('attach_id' => $db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'filesize' => $filedata['filesize']); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); $this->message = preg_replace('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); $this->filename_data['filecomment'] = ''; // This Variable is set to false here, because Attachments are entered into the // Database in two modes, one if the id_list is 0 and the second one if post_attach is true // Since post_attach is automatically switched to true if an Attachment got added to the filesystem, // but we are assigning an id of 0 here, we have to reset the post_attach variable to false. // // This is very relevant, because it could happen that the post got not submitted, but we do not // know this circumstance here. We could be at the posting page or we could be redirected to the entered // post. :) $filedata['post_attach'] = false; } } else { $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']); } } if ($preview || $refresh || sizeof($error)) { if (isset($this->plupload) && $this->plupload->is_active()) { $json_response = new \src\json_response(); } // Perform actions on temporary attachments if ($delete_file) { include_once $src_root_path . 'includes/functions_admin.' . $phpEx; $index = array_keys(request_var('delete_file', array(0 => 0))); $index = !empty($index) ? $index[0] : false; if ($index !== false && !empty($this->attachment_data[$index])) { // delete selected attachment if ($this->attachment_data[$index]['is_orphan']) { $sql = 'SELECT attach_id, physical_filename, thumbnail FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { src_unlink($row['physical_filename'], 'file'); if ($row['thumbnail']) { src_unlink($row['physical_filename'], 'thumbnail'); } $db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']); } } else { delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id']))); } unset($this->attachment_data[$index]); $this->message = preg_replace('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message); // Reindex Array $this->attachment_data = array_values($this->attachment_data); if (isset($this->plupload) && $this->plupload->is_active()) { $json_response->send($this->attachment_data); } } } else { if (($add_file || $preview) && $upload_file) { if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_', $forum_id)) { $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message, false, $this->mimetype_guesser, $this->plupload); $error = array_merge($error, $filedata['error']); if (!sizeof($error)) { $sql_ary = array('physical_filename' => $filedata['physical_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'real_filename' => $filedata['real_filename'], 'extension' => $filedata['extension'], 'mimetype' => $filedata['mimetype'], 'filesize' => $filedata['filesize'], 'filetime' => $filedata['filetime'], 'thumbnail' => $filedata['thumbnail'], 'is_orphan' => 1, 'in_message' => $is_message ? 1 : 0, 'poster_id' => $user->data['user_id']); $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $new_entry = array('attach_id' => $db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'filesize' => $filedata['filesize']); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); $this->message = preg_replace('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); $this->filename_data['filecomment'] = ''; if (isset($this->plupload) && $this->plupload->is_active()) { $download_url = append_sid("{$src_root_path}download/file.{$phpEx}", 'mode=view&id=' . $new_entry['attach_id']); // Send the client the attachment data to maintain state $json_response->send(array('data' => $this->attachment_data, 'download_url' => $download_url)); } } } else { $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']); } if (!empty($error) && isset($this->plupload) && $this->plupload->is_active()) { // If this is a plupload (and thus ajax) request, give the // client the first error we have $json_response->send(array('jsonrpc' => '2.0', 'id' => 'id', 'error' => array('code' => 105, 'message' => current($error)))); } } } } foreach ($error as $error_msg) { $this->warn_msg[] = $error_msg; } }
function main($id, $mode) { global $db, $user, $auth, $template, $cache; global $config, $src_root_path, $src_admin_path, $phpEx; global $request, $src_container; $user->add_lang('acp/posting'); // Set up general vars $action = request_var('action', ''); $action = isset($_POST['add']) ? 'add' : $action; $action = isset($_POST['edit']) ? 'edit' : $action; $action = isset($_POST['import']) ? 'import' : $action; $icon_id = request_var('id', 0); $mode = $mode == 'smilies' ? 'smilies' : 'icons'; $this->tpl_name = 'acp_icons'; // What are we working on? switch ($mode) { case 'smilies': $table = SMILIES_TABLE; $lang = 'SMILIES'; $fields = 'smiley'; $img_path = $config['smilies_path']; break; case 'icons': $table = ICONS_TABLE; $lang = 'ICONS'; $fields = 'icons'; $img_path = $config['icons_path']; break; } $this->page_title = 'ACP_' . $lang; // Clear some arrays $_images = $_paks = array(); $notice = ''; // Grab file list of paks and images if ($action == 'edit' || $action == 'add' || $action == 'import') { $imglist = filelist($src_root_path . $img_path, ''); foreach ($imglist as $path => $img_ary) { if (empty($img_ary)) { continue; } asort($img_ary, SORT_STRING); foreach ($img_ary as $img) { $img_size = getimagesize($src_root_path . $img_path . '/' . $path . $img); if (!$img_size[0] || !$img_size[1] || strlen($img) > 255) { continue; } // adjust the width and height to be lower than 128px while perserving the aspect ratio (for icons) if ($mode == 'icons') { if ($img_size[0] > 127 && $img_size[0] > $img_size[1]) { $img_size[1] = (int) ($img_size[1] * (127 / $img_size[0])); $img_size[0] = 127; } else { if ($img_size[1] > 127) { $img_size[0] = (int) ($img_size[0] * (127 / $img_size[1])); $img_size[1] = 127; } } } $_images[$path . $img]['file'] = $path . $img; $_images[$path . $img]['width'] = $img_size[0]; $_images[$path . $img]['height'] = $img_size[1]; } } unset($imglist); if ($dir = @opendir($src_root_path . $img_path)) { while (($file = readdir($dir)) !== false) { if (is_file($src_root_path . $img_path . '/' . $file) && preg_match('#\\.pak$#i', $file)) { $_paks[] = $file; } } closedir($dir); if (!empty($_paks)) { asort($_paks, SORT_STRING); } } } // What shall we do today? Oops, I believe that's trademarked ... switch ($action) { case 'edit': unset($_images); $_images = array(); // no break; // no break; case 'add': $smilies = $default_row = array(); $smiley_options = $order_list = $add_order_list = ''; if ($action == 'add' && $mode == 'smilies') { $sql = 'SELECT * FROM ' . SMILIES_TABLE . ' ORDER BY smiley_order'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (empty($smilies[$row['smiley_url']])) { $smilies[$row['smiley_url']] = $row; } } $db->sql_freeresult($result); if (sizeof($smilies)) { foreach ($smilies as $row) { $selected = false; if (!$smiley_options) { $selected = true; $default_row = $row; } $smiley_options .= '<option value="' . $row['smiley_url'] . '"' . ($selected ? ' selected="selected"' : '') . '>' . $row['smiley_url'] . '</option>'; $template->assign_block_vars('smile', array('SMILEY_URL' => addslashes($row['smiley_url']), 'CODE' => addslashes($row['code']), 'EMOTION' => addslashes($row['emotion']), 'WIDTH' => $row['smiley_width'], 'HEIGHT' => $row['smiley_height'], 'ORDER' => $row['smiley_order'] + 1)); } } } $sql = "SELECT *\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tORDER BY {$fields}_order " . ($icon_id || $action == 'add' ? 'DESC' : 'ASC'); $result = $db->sql_query($sql); $data = array(); $after = false; $display = 0; $order_lists = array('', ''); $add_order_lists = array('', ''); $display_count = 0; while ($row = $db->sql_fetchrow($result)) { if ($action == 'add') { unset($_images[$row[$fields . '_url']]); } if ($row[$fields . '_id'] == $icon_id) { $after = true; $display = $row['display_on_posting']; $data[$row[$fields . '_url']] = $row; } else { if ($action == 'edit' && !$icon_id) { $data[$row[$fields . '_url']] = $row; } $selected = ''; if (!empty($after)) { $selected = ' selected="selected"'; $after = false; } if ($row['display_on_posting']) { $display_count++; } $after_txt = $mode == 'smilies' ? $row['code'] : $row['icons_url']; $order_lists[$row['display_on_posting']] = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . $selected . '>' . sprintf($user->lang['AFTER_' . $lang], ' -> ' . $after_txt) . '</option>' . $order_lists[$row['display_on_posting']]; if (!empty($default_row)) { $add_order_lists[$row['display_on_posting']] = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . ($row[$fields . '_id'] == $default_row['smiley_id'] ? ' selected="selected"' : '') . '>' . sprintf($user->lang['AFTER_' . $lang], ' -> ' . $after_txt) . '</option>' . $add_order_lists[$row['display_on_posting']]; } } } $db->sql_freeresult($result); $order_list = '<option value="1"' . (!isset($after) ? ' selected="selected"' : '') . '>' . $user->lang['FIRST'] . '</option>'; $add_order_list = '<option value="1">' . $user->lang['FIRST'] . '</option>'; if ($action == 'add') { $data = $_images; } $colspan = $mode == 'smilies' ? 7 : 5; $colspan += $icon_id ? 1 : 0; $colspan += $action == 'add' ? 2 : 0; $template->assign_vars(array('S_EDIT' => true, 'S_SMILIES' => $mode == 'smilies' ? true : false, 'S_ADD' => $action == 'add' ? true : false, 'S_ORDER_LIST_DISPLAY' => $order_list . $order_lists[1], 'S_ORDER_LIST_UNDISPLAY' => $order_list . $order_lists[0], 'S_ORDER_LIST_DISPLAY_COUNT' => $display_count + 1, 'L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_CONFIG' => $user->lang[$lang . '_CONFIG'], 'L_URL' => $user->lang[$lang . '_URL'], 'L_LOCATION' => $user->lang[$lang . '_LOCATION'], 'L_WIDTH' => $user->lang[$lang . '_WIDTH'], 'L_HEIGHT' => $user->lang[$lang . '_HEIGHT'], 'L_ORDER' => $user->lang[$lang . '_ORDER'], 'L_NO_ICONS' => $user->lang['NO_' . $lang . '_' . strtoupper($action)], 'COLSPAN' => $colspan, 'ID' => $icon_id, 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=' . ($action == 'add' ? 'create' : 'modify'))); foreach ($data as $img => $img_row) { $template->assign_block_vars('items', array('IMG' => $img, 'A_IMG' => addslashes($img), 'IMG_SRC' => $src_root_path . $img_path . '/' . $img, 'CODE' => $mode == 'smilies' && isset($img_row['code']) ? $img_row['code'] : '', 'EMOTION' => $mode == 'smilies' && isset($img_row['emotion']) ? $img_row['emotion'] : '', 'S_ID' => isset($img_row[$fields . '_id']) ? true : false, 'ID' => isset($img_row[$fields . '_id']) ? $img_row[$fields . '_id'] : 0, 'WIDTH' => !empty($img_row[$fields . '_width']) ? $img_row[$fields . '_width'] : $img_row['width'], 'HEIGHT' => !empty($img_row[$fields . '_height']) ? $img_row[$fields . '_height'] : $img_row['height'], 'POSTING_CHECKED' => !empty($img_row['display_on_posting']) || $action == 'add' ? ' checked="checked"' : '')); } // Ok, another row for adding an addition code for a pre-existing image... if ($action == 'add' && $mode == 'smilies' && sizeof($smilies)) { $template->assign_vars(array('S_ADD_CODE' => true, 'S_IMG_OPTIONS' => $smiley_options, 'S_ADD_ORDER_LIST_DISPLAY' => $add_order_list . $add_order_lists[1], 'S_ADD_ORDER_LIST_UNDISPLAY' => $add_order_list . $add_order_lists[0], 'IMG_SRC' => $src_root_path . $img_path . '/' . $default_row['smiley_url'], 'IMG_PATH' => $img_path, 'CODE' => $default_row['code'], 'EMOTION' => $default_row['emotion'], 'WIDTH' => $default_row['smiley_width'], 'HEIGHT' => $default_row['smiley_height'])); } return; break; case 'create': case 'modify': // Get items to create/modify $images = isset($_POST['image']) ? array_keys(request_var('image', array('' => 0))) : array(); // Now really get the items $image_id = isset($_POST['id']) ? request_var('id', array('' => 0)) : array(); $image_order = isset($_POST['order']) ? request_var('order', array('' => 0)) : array(); $image_width = isset($_POST['width']) ? request_var('width', array('' => 0)) : array(); $image_height = isset($_POST['height']) ? request_var('height', array('' => 0)) : array(); $image_add = isset($_POST['add_img']) ? request_var('add_img', array('' => 0)) : array(); $image_emotion = utf8_normalize_nfc(request_var('emotion', array('' => ''), true)); $image_code = utf8_normalize_nfc(request_var('code', array('' => ''), true)); $image_display_on_posting = isset($_POST['display_on_posting']) ? request_var('display_on_posting', array('' => 0)) : array(); // Ok, add the relevant bits if we are adding new codes to existing emoticons... if ($request->variable('add_additional_code', false, false, \src\request\request_interface::POST)) { $add_image = request_var('add_image', ''); $add_code = utf8_normalize_nfc(request_var('add_code', '', true)); $add_emotion = utf8_normalize_nfc(request_var('add_emotion', '', true)); if ($add_image && $add_emotion && $add_code) { $images[] = $add_image; $image_add[$add_image] = true; $image_code[$add_image] = $add_code; $image_emotion[$add_image] = $add_emotion; $image_width[$add_image] = request_var('add_width', 0); $image_height[$add_image] = request_var('add_height', 0); if ($request->variable('add_display_on_posting', false, false, \src\request\request_interface::POST)) { $image_display_on_posting[$add_image] = 1; } $image_order[$add_image] = request_var('add_order', 0); } } if ($mode == 'smilies' && $action == 'create') { $smiley_count = $this->item_count($table); $addable_smileys_count = sizeof($images); foreach ($images as $image) { if (!isset($image_add[$image])) { --$addable_smileys_count; } } if ($smiley_count + $addable_smileys_count > SMILEY_LIMIT) { trigger_error($user->lang('TOO_MANY_SMILIES', SMILEY_LIMIT) . adm_back_link($this->u_action), E_USER_WARNING); } } $icons_updated = 0; $errors = array(); foreach ($images as $image) { if ($mode == 'smilies' && ($image_emotion[$image] == '' || $image_code[$image] == '')) { $errors[$image] = 'SMILIE_NO_' . ($image_emotion[$image] == '' ? 'EMOTION' : 'CODE'); } else { if ($action == 'create' && !isset($image_add[$image])) { // skip images where add wasn't checked } else { if (!file_exists($src_root_path . $img_path . '/' . $image)) { $errors[$image] = 'SMILIE_NO_FILE'; } else { if ($image_width[$image] == 0 || $image_height[$image] == 0) { $img_size = getimagesize($src_root_path . $img_path . '/' . $image); $image_width[$image] = $img_size[0]; $image_height[$image] = $img_size[1]; } // Adjust image width/height for icons if ($mode == 'icons') { if ($image_width[$image] > 127 && $image_width[$image] > $image_height[$image]) { $image_height[$image] = (int) ($image_height[$image] * (127 / $image_width[$image])); $image_width[$image] = 127; } else { if ($image_height[$image] > 127) { $image_width[$image] = (int) ($image_width[$image] * (127 / $image_height[$image])); $image_height[$image] = 127; } } } $img_sql = array($fields . '_url' => $image, $fields . '_width' => $image_width[$image], $fields . '_height' => $image_height[$image], 'display_on_posting' => isset($image_display_on_posting[$image]) ? 1 : 0); if ($mode == 'smilies') { $img_sql = array_merge($img_sql, array('emotion' => $image_emotion[$image], 'code' => $image_code[$image])); } // Image_order holds the 'new' order value if (!empty($image_order[$image])) { $img_sql = array_merge($img_sql, array($fields . '_order' => $image_order[$image])); // Since we always add 'after' an item, we just need to increase all following + the current by one $sql = "UPDATE {$table}\n\t\t\t\t\t\t\t\tSET {$fields}_order = {$fields}_order + 1\n\t\t\t\t\t\t\t\tWHERE {$fields}_order >= {$image_order[$image]}"; $db->sql_query($sql); // If we adjust the order, we need to adjust all other orders too - they became inaccurate... foreach ($image_order as $_image => $_order) { if ($_image == $image) { continue; } if ($_order >= $image_order[$image]) { $image_order[$_image]++; } } } if ($action == 'modify' && !empty($image_id[$image])) { $sql = "UPDATE {$table}\n\t\t\t\t\t\t\t\tSET " . $db->sql_build_array('UPDATE', $img_sql) . "\n\t\t\t\t\t\t\t\tWHERE {$fields}_id = " . $image_id[$image]; $db->sql_query($sql); $icons_updated++; } else { if ($action !== 'modify') { $sql = "INSERT INTO {$table} " . $db->sql_build_array('INSERT', $img_sql); $db->sql_query($sql); $icons_updated++; } } } } } } $cache->destroy('_icons'); $cache->destroy('sql', $table); $level = $icons_updated ? E_USER_NOTICE : E_USER_WARNING; $errormsgs = ''; foreach ($errors as $img => $error) { $errormsgs .= '<br />' . sprintf($user->lang[$error], $img); } if ($action == 'modify') { trigger_error($user->lang($lang . '_EDITED', $icons_updated) . $errormsgs . adm_back_link($this->u_action), $level); } else { trigger_error($user->lang($lang . '_ADDED', $icons_updated) . $errormsgs . adm_back_link($this->u_action), $level); } break; case 'import': $pak = request_var('pak', ''); $current = request_var('current', ''); if ($pak != '') { $order = 0; if (!($pak_ary = @file($src_root_path . $img_path . '/' . $pak))) { trigger_error($user->lang['PAK_FILE_NOT_READABLE'] . adm_back_link($this->u_action), E_USER_WARNING); } // Make sure the pak_ary is valid foreach ($pak_ary as $pak_entry) { if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data)) { if (sizeof($data[1]) != 4 && $mode == 'icons' || (sizeof($data[1]) != 6 || (empty($data[1][4]) || empty($data[1][5]))) && $mode == 'smilies') { trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } } else { trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } } // The user has already selected a smilies_pak file if ($current == 'delete') { switch ($db->get_sql_layer()) { case 'sqlite': case 'sqlite3': $db->sql_query('DELETE FROM ' . $table); break; default: $db->sql_query('TRUNCATE TABLE ' . $table); break; } switch ($mode) { case 'smilies': break; case 'icons': // Reset all icon_ids $db->sql_query('UPDATE ' . TOPICS_TABLE . ' SET icon_id = 0'); $db->sql_query('UPDATE ' . POSTS_TABLE . ' SET icon_id = 0'); break; } } else { $cur_img = array(); $field_sql = $mode == 'smilies' ? 'code' : 'icons_url'; $sql = "SELECT {$field_sql}\n\t\t\t\t\t\t\tFROM {$table}"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { ++$order; $cur_img[$row[$field_sql]] = 1; } $db->sql_freeresult($result); } if ($mode == 'smilies') { $smiley_count = $this->item_count($table); if ($smiley_count + sizeof($pak_ary) > SMILEY_LIMIT) { trigger_error($user->lang('TOO_MANY_SMILIES', SMILEY_LIMIT) . adm_back_link($this->u_action), E_USER_WARNING); } } foreach ($pak_ary as $pak_entry) { $data = array(); if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data)) { if (sizeof($data[1]) != 4 && $mode == 'icons' || sizeof($data[1]) != 6 && $mode == 'smilies') { trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } // Stripslash here because it got addslashed before... (on export) $img = stripslashes($data[1][0]); $width = stripslashes($data[1][1]); $height = stripslashes($data[1][2]); $display_on_posting = stripslashes($data[1][3]); if (isset($data[1][4]) && isset($data[1][5])) { $emotion = stripslashes($data[1][4]); $code = stripslashes($data[1][5]); } if ($current == 'replace' && ($mode == 'smilies' && !empty($cur_img[$code]) || $mode == 'icons' && !empty($cur_img[$img]))) { $replace_sql = $mode == 'smilies' ? $code : $img; $sql = array($fields . '_url' => $img, $fields . '_height' => (int) $height, $fields . '_width' => (int) $width, 'display_on_posting' => (int) $display_on_posting); if ($mode == 'smilies') { $sql = array_merge($sql, array('emotion' => $emotion)); } $sql = "UPDATE {$table} SET " . $db->sql_build_array('UPDATE', $sql) . "\n\t\t\t\t\t\t\t\t\tWHERE {$field_sql} = '" . $db->sql_escape($replace_sql) . "'"; $db->sql_query($sql); } else { ++$order; $sql = array($fields . '_url' => $img, $fields . '_height' => (int) $height, $fields . '_width' => (int) $width, $fields . '_order' => (int) $order, 'display_on_posting' => (int) $display_on_posting); if ($mode == 'smilies') { $sql = array_merge($sql, array('code' => $code, 'emotion' => $emotion)); } $db->sql_query("INSERT INTO {$table} " . $db->sql_build_array('INSERT', $sql)); } } } $cache->destroy('_icons'); $cache->destroy('sql', $table); trigger_error($user->lang[$lang . '_IMPORT_SUCCESS'] . adm_back_link($this->u_action)); } else { $pak_options = ''; foreach ($_paks as $pak) { $pak_options .= '<option value="' . $pak . '">' . htmlspecialchars($pak) . '</option>'; } $template->assign_vars(array('S_CHOOSE_PAK' => true, 'S_PAK_OPTIONS' => $pak_options, 'L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_NO_PAK_OPTIONS' => $user->lang['NO_' . $lang . '_PAK'], 'L_CURRENT' => $user->lang['CURRENT_' . $lang], 'L_CURRENT_EXPLAIN' => $user->lang['CURRENT_' . $lang . '_EXPLAIN'], 'L_IMPORT_SUBMIT' => $user->lang['IMPORT_' . $lang], 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=import')); } break; case 'export': $this->page_title = 'EXPORT_' . $lang; $this->tpl_name = 'message_body'; $template->assign_vars(array('MESSAGE_TITLE' => $user->lang['EXPORT_' . $lang], 'MESSAGE_TEXT' => sprintf($user->lang['EXPORT_' . $lang . '_EXPLAIN'], '<a href="' . $this->u_action . '&action=send">', '</a>'), 'S_USER_NOTICE' => true)); return; break; case 'send': $sql = "SELECT *\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tORDER BY {$fields}_order"; $result = $db->sql_query($sql); $pak = ''; while ($row = $db->sql_fetchrow($result)) { $pak .= "'" . addslashes($row[$fields . '_url']) . "', "; $pak .= "'" . addslashes($row[$fields . '_width']) . "', "; $pak .= "'" . addslashes($row[$fields . '_height']) . "', "; $pak .= "'" . addslashes($row['display_on_posting']) . "', "; if ($mode == 'smilies') { $pak .= "'" . addslashes($row['emotion']) . "', "; $pak .= "'" . addslashes($row['code']) . "', "; } $pak .= "\n"; } $db->sql_freeresult($result); if ($pak != '') { garbage_collection(); header('Cache-Control: public'); // Send out the Headers header('Content-Type: text/x-delimtext; name="' . $mode . '.pak"'); header('Content-Disposition: inline; filename="' . $mode . '.pak"'); echo $pak; flush(); exit; } else { trigger_error($user->lang['NO_' . strtoupper($fields) . '_EXPORT'] . adm_back_link($this->u_action), E_USER_WARNING); } break; case 'delete': if (confirm_box(true)) { $sql = "DELETE FROM {$table}\n\t\t\t\t\t\tWHERE {$fields}_id = {$icon_id}"; $db->sql_query($sql); switch ($mode) { case 'smilies': break; case 'icons': // Reset appropriate icon_ids $db->sql_query('UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\t\t\t\tSET icon_id = 0\n\t\t\t\t\t\t\t\tWHERE icon_id = {$icon_id}"); $db->sql_query('UPDATE ' . POSTS_TABLE . "\n\t\t\t\t\t\t\t\tSET icon_id = 0\n\t\t\t\t\t\t\t\tWHERE icon_id = {$icon_id}"); break; } $notice = $user->lang[$lang . '_DELETED']; $cache->destroy('_icons'); $cache->destroy('sql', $table); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $notice, 'REFRESH_DATA' => array('time' => 3))); } } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'id' => $icon_id, 'action' => 'delete'))); } break; case 'move_up': case 'move_down': // Get current order id... $sql = "SELECT {$fields}_order as current_order\n\t\t\t\t\tFROM {$table}\n\t\t\t\t\tWHERE {$fields}_id = {$icon_id}"; $result = $db->sql_query($sql); $current_order = (int) $db->sql_fetchfield('current_order'); $db->sql_freeresult($result); if ($current_order == 0 && $action == 'move_up') { break; } // on move_down, switch position with next order_id... // on move_up, switch position with previous order_id... $switch_order_id = $action == 'move_down' ? $current_order + 1 : $current_order - 1; // $sql = "UPDATE {$table}\n\t\t\t\t\tSET {$fields}_order = {$current_order}\n\t\t\t\t\tWHERE {$fields}_order = {$switch_order_id}\n\t\t\t\t\t\tAND {$fields}_id <> {$icon_id}"; $db->sql_query($sql); $move_executed = (bool) $db->sql_affectedrows(); // Only update the other entry too if the previous entry got updated if ($move_executed) { $sql = "UPDATE {$table}\n\t\t\t\t\t\tSET {$fields}_order = {$switch_order_id}\n\t\t\t\t\t\tWHERE {$fields}_order = {$current_order}\n\t\t\t\t\t\t\tAND {$fields}_id = {$icon_id}"; $db->sql_query($sql); } $cache->destroy('_icons'); $cache->destroy('sql', $table); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('success' => $move_executed)); } break; } // By default, check that image_order is valid and fix it if necessary $sql = "SELECT {$fields}_id AS order_id, {$fields}_order AS fields_order\n\t\t\tFROM {$table}\n\t\t\tORDER BY display_on_posting DESC, {$fields}_order"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $order = 0; do { ++$order; if ($row['fields_order'] != $order) { $db->sql_query("UPDATE {$table}\n\t\t\t\t\t\tSET {$fields}_order = {$order}\n\t\t\t\t\t\tWHERE {$fields}_id = " . $row['order_id']); } } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); $template->assign_vars(array('L_TITLE' => $user->lang['ACP_' . $lang], 'L_EXPLAIN' => $user->lang['ACP_' . $lang . '_EXPLAIN'], 'L_IMPORT' => $user->lang['IMPORT_' . $lang], 'L_EXPORT' => $user->lang['EXPORT_' . $lang], 'L_NOT_DISPLAYED' => $user->lang[$lang . '_NOT_DISPLAYED'], 'L_ICON_ADD' => $user->lang['ADD_' . $lang], 'L_ICON_EDIT' => $user->lang['EDIT_' . $lang], 'NOTICE' => $notice, 'COLSPAN' => $mode == 'smilies' ? 5 : 3, 'S_SMILIES' => $mode == 'smilies' ? true : false, 'U_ACTION' => $this->u_action, 'U_IMPORT' => $this->u_action . '&action=import', 'U_EXPORT' => $this->u_action . '&action=export')); $spacer = false; $pagination = $src_container->get('pagination'); $pagination_start = request_var('start', 0); $item_count = $this->item_count($table); $sql = "SELECT *\n\t\t\tFROM {$table}\n\t\t\tORDER BY {$fields}_order ASC"; $result = $db->sql_query_limit($sql, $config['smilies_per_page'], $pagination_start); while ($row = $db->sql_fetchrow($result)) { $alt_text = $mode == 'smilies' ? $row['code'] : ''; $template->assign_block_vars('items', array('S_SPACER' => !$spacer && !$row['display_on_posting'] ? true : false, 'ALT_TEXT' => $alt_text, 'IMG_SRC' => $src_root_path . $img_path . '/' . $row[$fields . '_url'], 'WIDTH' => $row[$fields . '_width'], 'HEIGHT' => $row[$fields . '_height'], 'CODE' => isset($row['code']) ? $row['code'] : '', 'EMOTION' => isset($row['emotion']) ? $row['emotion'] : '', 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row[$fields . '_id'], 'U_DELETE' => $this->u_action . '&action=delete&id=' . $row[$fields . '_id'], 'U_MOVE_UP' => $this->u_action . '&action=move_up&id=' . $row[$fields . '_id'] . '&start=' . $pagination_start, 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&id=' . $row[$fields . '_id'] . '&start=' . $pagination_start)); if (!$spacer && !$row['display_on_posting']) { $spacer = true; } } $db->sql_freeresult($result); $pagination->generate_template_pagination($this->u_action, 'pagination', 'start', $item_count, $config['smilies_per_page'], $pagination_start); }
/** * Disapprove Post * * @param $post_id_list array IDs of the posts to disapprove/delete * @param $id mixed Category of the current active module * @param $mode string Active module * @return null */ public static function disapprove_posts($post_id_list, $id, $mode) { global $db, $template, $user, $config, $src_container, $src_dispatcher; global $phpEx, $src_root_path, $request; if (!src_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve'))) { trigger_error('NOT_AUTHORISED'); } $redirect = $request->variable('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode={$mode}"); $redirect = reapply_sid($redirect); $reason = $request->variable('reason', '', true); $reason_id = $request->variable('reason_id', 0); $success_msg = $additional_msg = ''; $s_hidden_fields = build_hidden_fields(array('i' => $id, 'mode' => $mode, 'post_id_list' => $post_id_list, 'action' => 'disapprove', 'redirect' => $redirect)); $notify_poster = $request->is_set('notify_poster'); $disapprove_reason = ''; if ($reason_id) { $sql = 'SELECT reason_title, reason_description FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\tWHERE reason_id = {$reason_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row || !$reason && strtolower($row['reason_title']) == 'other') { $additional_msg = $user->lang['NO_REASON_DISAPPROVAL']; $request->overwrite('confirm', null, \src\request\request_interface::POST); $request->overwrite('confirm_key', null, \src\request\request_interface::POST); $request->overwrite('confirm_key', null, \src\request\request_interface::REQUEST); } else { // If the reason is defined within the language file, we will use the localized version, else just use the database entry... $disapprove_reason = strtolower($row['reason_title']) != 'other' ? isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description'] : ''; $disapprove_reason .= $reason ? "\n\n" . $reason : ''; if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) { $disapprove_reason_lang = strtoupper($row['reason_title']); } } } $post_info = src_get_post_data($post_id_list, 'm_approve'); $is_disapproving = false; foreach ($post_info as $post_id => $post_data) { if ($post_data['post_visibility'] == ITEM_DELETED) { continue; } $is_disapproving = true; } if (confirm_box(true)) { $disapprove_log = $disapprove_log_topics = $disapprove_log_posts = array(); $topic_posts_unapproved = $post_disapprove_list = $topic_information = array(); // Build a list of posts to be disapproved and get the related topics real replies count foreach ($post_info as $post_id => $post_data) { $post_disapprove_list[$post_id] = $post_data['topic_id']; if (!isset($topic_posts_unapproved[$post_data['topic_id']])) { $topic_information[$post_data['topic_id']] = $post_data; $topic_posts_unapproved[$post_data['topic_id']] = 0; } $topic_posts_unapproved[$post_data['topic_id']]++; } // Now we build the log array foreach ($post_disapprove_list as $post_id => $topic_id) { // If the count of disapproved posts for the topic is equal // to the number of unapproved posts in the topic, and there are no different // posts, we disapprove the hole topic if ($topic_information[$topic_id]['topic_posts_approved'] == 0 && $topic_information[$topic_id]['topic_posts_softdeleted'] == 0 && $topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id]) { // Don't write the log more than once for every topic if (!isset($disapprove_log_topics[$topic_id])) { // Build disapproved topics log $disapprove_log_topics[$topic_id] = array('type' => 'topic', 'post_subject' => $post_info[$post_id]['topic_title'], 'forum_id' => $post_info[$post_id]['forum_id'], 'topic_id' => 0, 'post_username' => $post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username']) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username']); } } else { // Build disapproved posts log $disapprove_log_posts[] = array('type' => 'post', 'post_subject' => $post_info[$post_id]['post_subject'], 'forum_id' => $post_info[$post_id]['forum_id'], 'topic_id' => $post_info[$post_id]['topic_id'], 'post_username' => $post_info[$post_id]['poster_id'] == ANONYMOUS && !empty($post_info[$post_id]['post_username']) ? $post_info[$post_id]['post_username'] : $post_info[$post_id]['username']); } } // Get disapproved posts/topics counts separately $num_disapproved_topics = sizeof($disapprove_log_topics); $num_disapproved_posts = sizeof($disapprove_log_posts); // Build the whole log $disapprove_log = array_merge($disapprove_log_topics, $disapprove_log_posts); // Unset unneeded arrays unset($post_data, $disapprove_log_topics, $disapprove_log_posts); // Let's do the job - delete disapproved posts if (sizeof($post_disapprove_list)) { if (!function_exists('delete_posts')) { include $src_root_path . 'includes/functions_admin.' . $phpEx; } // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts // Note: function delete_posts triggers related forums/topics sync, // so we don't need to call update_post_information later and to adjust real topic replies or forum topics count manually delete_posts('post_id', array_keys($post_disapprove_list)); foreach ($disapprove_log as $log_data) { if ($is_disapproving) { $l_log_message = $log_data['type'] == 'topic' ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED'; add_log('mod', $log_data['forum_id'], $log_data['topic_id'], $l_log_message, $log_data['post_subject'], $disapprove_reason, $log_data['post_username']); } else { $l_log_message = $log_data['type'] == 'topic' ? 'LOG_DELETE_TOPIC' : 'LOG_DELETE_POST'; add_log('mod', $log_data['forum_id'], $log_data['topic_id'], $l_log_message, $log_data['post_subject'], $log_data['post_username']); } } } $src_notifications = $src_container->get('notification_manager'); $lang_reasons = array(); foreach ($post_info as $post_id => $post_data) { $disapprove_all_posts_in_topic = $topic_information[$topic_id]['topic_posts_approved'] == 0 && $topic_information[$topic_id]['topic_posts_softdeleted'] == 0 && $topic_information[$topic_id]['topic_posts_unapproved'] == $topic_posts_unapproved[$topic_id]; $src_notifications->delete_notifications('notification.type.post_in_queue', $post_id); // Do we disapprove the whole topic? Remove potential notifications if ($disapprove_all_posts_in_topic) { $src_notifications->delete_notifications('notification.type.topic_in_queue', $post_data['topic_id']); } // Notify Poster? if ($notify_poster) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } $post_data['disapprove_reason'] = ''; if (isset($disapprove_reason_lang)) { // Okay we need to get the reason from the posters language if (!isset($lang_reasons[$post_data['user_lang']])) { // Assign the current users translation as the default, this is not ideal but getting the srcrd default adds another layer of complexity. $lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]; // Only load up the language pack if the language is different to the current one if ($post_data['user_lang'] != $user->lang_name && file_exists($src_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx)) { // Load up the language pack $lang = array(); @(include $src_root_path . '/language/' . basename($post_data['user_lang']) . '/mcp.' . $phpEx); // If we find the reason in this language pack use it if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang])) { $lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]; } unset($lang); // Free memory } } $post_data['disapprove_reason'] = $lang_reasons[$post_data['user_lang']]; $post_data['disapprove_reason'] .= $reason ? "\n\n" . $reason : ''; } if ($disapprove_all_posts_in_topic && $topic_information[$topic_id]['topic_posts_unapproved'] == 1) { // If there is only 1 post when disapproving the topic, // we send the user a "disapprove topic" notification... $src_notifications->add_notifications('notification.type.disapprove_topic', $post_data); } else { // ... otherwise there are multiple unapproved posts and // all of them are disapproved as posts. $src_notifications->add_notifications('notification.type.disapprove_post', $post_data); } } } if ($num_disapproved_topics) { $success_msg = $num_disapproved_topics == 1 ? 'TOPIC' : 'TOPICS'; } else { $success_msg = $num_disapproved_posts == 1 ? 'POST' : 'POSTS'; } if ($is_disapproving) { $success_msg .= '_DISAPPROVED_SUCCESS'; } else { $success_msg .= '_DELETED_SUCCESS'; } // If we came from viewtopic, we try to go back to it. if (strpos($redirect, $src_root_path . 'viewtopic.' . $phpEx) === 0) { if ($num_disapproved_topics == 0) { // So we need to remove the post id part from the Url $redirect = str_replace("&p={$post_id_list[0]}#p{$post_id_list[0]}", '', $redirect); } else { // However this is only possible if the topic still exists, // Otherwise we go back to the viewforum page $redirect = append_sid($src_root_path . 'viewforum.' . $phpEx, 'f=' . $request->variable('f', 0)); } } /** * Perform additional actions during post(s) disapproval * * @event core.disapprove_posts_after * @var array post_info Array containing info for all posts being disapproved * @var array topic_information Array containing information for the topics * @var array topic_posts_unapproved Array containing list of topic ids and the count of disapproved posts in them * @var array post_disapprove_list Array containing list of posts and their topic id * @var int num_disapproved_topics Variable containing the number of disapproved topics * @var int num_disapproved_posts Variable containing the number of disapproved posts * @var array lang_reasons Array containing the language keys for reasons * @var string disapprove_reason Variable containing the language key for the success message * @var string disapprove_reason_lang Variable containing the language key for the success message * @var bool is_disapproving Variable telling if anything is going to be disapproved * @var bool notify_poster Variable telling if the post should be notified or not * @var string success_msg Variable containing the language key for the success message * @var string redirect Variable containing the redirect url * @since 3.1.4-RC1 */ $vars = array('post_info', 'topic_information', 'topic_posts_unapproved', 'post_disapprove_list', 'num_disapproved_topics', 'num_disapproved_posts', 'lang_reasons', 'disapprove_reason', 'disapprove_reason_lang', 'is_disapproving', 'notify_poster', 'success_msg', 'redirect'); extract($src_dispatcher->trigger_event('core.disapprove_posts_after', compact($vars))); unset($lang_reasons, $post_info, $disapprove_reason, $disapprove_reason_lang); meta_refresh(3, $redirect); $message = $user->lang[$success_msg]; if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $message, 'REFRESH_DATA' => null, 'visible' => false)); } $message .= '<br /><br />' . $user->lang('RETURN_PAGE', '<a href="' . $redirect . '">', '</a>'); trigger_error($message); } else { if (!function_exists('display_reasons')) { include $src_root_path . 'includes/functions_display.' . $phpEx; } $show_notify = false; foreach ($post_info as $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } else { $show_notify = true; break; } } $l_confirm_msg = 'DISAPPROVE_POST'; $confirm_template = 'mcp_approve.html'; if ($is_disapproving) { display_reasons($reason_id); } else { $user->add_lang('posting'); $l_confirm_msg = 'DELETE_POST_PERMANENTLY'; $confirm_template = 'confirm_delete_body.html'; } $l_confirm_msg .= sizeof($post_id_list) == 1 ? '' : 'S'; $template->assign_vars(array('S_NOTIFY_POSTER' => $show_notify, 'S_APPROVE' => false, 'REASON' => $is_disapproving ? $reason : '', 'ADDITIONAL_MSG' => $additional_msg)); confirm_box(false, $l_confirm_msg, $s_hidden_fields, $confirm_template); } redirect($redirect); }
if ($mark_notification = $request->variable('mark_notification', 0)) { if ($user->data['user_id'] == ANONYMOUS) { if ($request->is_ajax()) { trigger_error('LOGIN_REQUIRED'); } login_box('', $user->lang['LOGIN_REQUIRED']); } if (check_link_hash($request->variable('hash', ''), 'mark_notification_read')) { $src_notifications = $src_container->get('notification_manager'); $notification = $src_notifications->load_notifications(array('notification_id' => $mark_notification)); if (isset($notification['notifications'][$mark_notification])) { $notification = $notification['notifications'][$mark_notification]; $notification->mark_read(); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('success' => true)); } if ($redirect = $request->variable('redirect', '')) { redirect(append_sid($src_root_path . $redirect)); } redirect($notification->get_redirect_url()); } } } display_forums('', $config['load_moderators']); $order_legend = $config['legend_sort_groupname'] ? 'group_name' : 'group_legend'; // Grab group details for legend display if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) { $sql = 'SELECT group_id, group_name, group_colour, group_type, group_legend FROM ' . GROUPS_TABLE . ' WHERE group_legend > 0
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache, $request; global $src_root_path, $src_admin_path, $phpEx, $table_prefix; $action = request_var('action', ''); $submit = isset($_POST['submit']) ? true : false; $mark = request_var('mark', array(0)); $bot_id = request_var('id', 0); if (isset($_POST['add'])) { $action = 'add'; } $error = array(); $user->add_lang('acp/bots'); $this->tpl_name = 'acp_bots'; $this->page_title = 'ACP_BOTS'; $form_key = 'acp_bots'; add_form_key($form_key); if ($submit && !check_form_key($form_key)) { $error[] = $user->lang['FORM_INVALID']; } // User wants to do something, how inconsiderate of them! switch ($action) { case 'activate': if ($bot_id || sizeof($mark)) { $sql_id = $bot_id ? " = {$bot_id}" : ' IN (' . implode(', ', $mark) . ')'; $sql = 'UPDATE ' . BOTS_TABLE . "\n\t\t\t\t\t\tSET bot_active = 1\n\t\t\t\t\t\tWHERE bot_id {$sql_id}"; $db->sql_query($sql); } $cache->destroy('_bots'); break; case 'deactivate': if ($bot_id || sizeof($mark)) { $sql_id = $bot_id ? " = {$bot_id}" : ' IN (' . implode(', ', $mark) . ')'; $sql = 'UPDATE ' . BOTS_TABLE . "\n\t\t\t\t\t\tSET bot_active = 0\n\t\t\t\t\t\tWHERE bot_id {$sql_id}"; $db->sql_query($sql); } $cache->destroy('_bots'); break; case 'delete': if ($bot_id || sizeof($mark)) { if (confirm_box(true)) { // We need to delete the relevant user, usergroup and bot entries ... $sql_id = $bot_id ? " = {$bot_id}" : ' IN (' . implode(', ', $mark) . ')'; $sql = 'SELECT bot_name, user_id FROM ' . BOTS_TABLE . "\n\t\t\t\t\t\t\tWHERE bot_id {$sql_id}"; $result = $db->sql_query($sql); $user_id_ary = $bot_name_ary = array(); while ($row = $db->sql_fetchrow($result)) { $user_id_ary[] = (int) $row['user_id']; $bot_name_ary[] = $row['bot_name']; } $db->sql_freeresult($result); $db->sql_transaction('begin'); $sql = 'DELETE FROM ' . BOTS_TABLE . "\n\t\t\t\t\t\t\tWHERE bot_id {$sql_id}"; $db->sql_query($sql); if (sizeof($user_id_ary)) { $_tables = array(USERS_TABLE, USER_GROUP_TABLE); foreach ($_tables as $table) { $sql = "DELETE FROM {$table}\n\t\t\t\t\t\t\t\t\tWHERE " . $db->sql_in_set('user_id', $user_id_ary); $db->sql_query($sql); } } $db->sql_transaction('commit'); $cache->destroy('_bots'); add_log('admin', 'LOG_BOT_DELETE', implode(', ', $bot_name_ary)); trigger_error($user->lang['BOT_DELETED'] . adm_back_link($this->u_action)); } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark, 'id' => $bot_id, 'mode' => $mode, 'action' => $action))); } } break; case 'edit': case 'add': include_once $src_root_path . 'includes/functions_user.' . $phpEx; $bot_row = array('bot_name' => utf8_normalize_nfc(request_var('bot_name', '', true)), 'bot_agent' => request_var('bot_agent', ''), 'bot_ip' => request_var('bot_ip', ''), 'bot_active' => request_var('bot_active', true), 'bot_lang' => request_var('bot_lang', $config['default_lang']), 'bot_style' => request_var('bot_style', $config['default_style'])); if ($submit) { if (!$bot_row['bot_agent'] && !$bot_row['bot_ip']) { $error[] = $user->lang['ERR_BOT_NO_MATCHES']; } if ($bot_row['bot_ip'] && !preg_match('#^[\\d\\.,:]+$#', $bot_row['bot_ip'])) { if (!($ip_list = gethostbynamel($bot_row['bot_ip']))) { $error[] = $user->lang['ERR_BOT_NO_IP']; } else { $bot_row['bot_ip'] = implode(',', $ip_list); } } $bot_row['bot_ip'] = str_replace(' ', '', $bot_row['bot_ip']); // Make sure the admin is not adding a bot with an user agent similar to his one if ($bot_row['bot_agent'] && substr($user->data['session_browser'], 0, 149) === substr($bot_row['bot_agent'], 0, 149)) { $error[] = $user->lang['ERR_BOT_AGENT_MATCHES_UA']; } $bot_name = false; if ($bot_id) { $sql = 'SELECT u.username_clean FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u\n\t\t\t\t\t\t\tWHERE b.bot_id = {$bot_id}\n\t\t\t\t\t\t\t\tAND u.user_id = b.user_id"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$bot_row) { $error[] = $user->lang['NO_BOT']; } else { $bot_name = $row['username_clean']; } } if (!$this->validate_botname($bot_row['bot_name'], $bot_name)) { $error[] = $user->lang['BOT_NAME_TAKEN']; } if (!sizeof($error)) { // New bot? Create a new user and group entry if ($action == 'add') { $sql = 'SELECT group_id, group_colour FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\t\t\tWHERE group_name = 'BOTS'\n\t\t\t\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $group_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$group_row) { trigger_error($user->lang['NO_BOT_GROUP'] . adm_back_link($this->u_action . "&id={$bot_id}&action={$action}"), E_USER_WARNING); } $user_id = user_add(array('user_type' => (int) USER_IGNORE, 'group_id' => (int) $group_row['group_id'], 'username' => (string) $bot_row['bot_name'], 'user_regdate' => time(), 'user_password' => '', 'user_colour' => (string) $group_row['group_colour'], 'user_email' => '', 'user_lang' => (string) $bot_row['bot_lang'], 'user_style' => (int) $bot_row['bot_style'], 'user_allow_massemail' => 0)); $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('user_id' => (int) $user_id, 'bot_name' => (string) $bot_row['bot_name'], 'bot_active' => (int) $bot_row['bot_active'], 'bot_agent' => (string) $bot_row['bot_agent'], 'bot_ip' => (string) $bot_row['bot_ip'])); $db->sql_query($sql); $log = 'ADDED'; } else { if ($bot_id) { $sql = 'SELECT user_id, bot_name FROM ' . BOTS_TABLE . "\n\t\t\t\t\t\t\t\tWHERE bot_id = {$bot_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&id={$bot_id}&action={$action}"), E_USER_WARNING); } $sql_ary = array('user_style' => (int) $bot_row['bot_style'], 'user_lang' => (string) $bot_row['bot_lang']); if ($bot_row['bot_name'] !== $row['bot_name']) { $sql_ary['username'] = (string) $bot_row['bot_name']; $sql_ary['username_clean'] = (string) utf8_clean_string($bot_row['bot_name']); } $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE user_id = {$row['user_id']}"; $db->sql_query($sql); $sql = 'UPDATE ' . BOTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array('bot_name' => (string) $bot_row['bot_name'], 'bot_active' => (int) $bot_row['bot_active'], 'bot_agent' => (string) $bot_row['bot_agent'], 'bot_ip' => (string) $bot_row['bot_ip'])) . " WHERE bot_id = {$bot_id}"; $db->sql_query($sql); // Updated username? if ($bot_row['bot_name'] !== $row['bot_name']) { user_update_name($row['bot_name'], $bot_row['bot_name']); } $log = 'UPDATED'; } } $cache->destroy('_bots'); add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']); trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action)); } } else { if ($bot_id) { $sql = 'SELECT b.*, u.user_lang, u.user_style FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u\n\t\t\t\t\t\tWHERE b.bot_id = {$bot_id}\n\t\t\t\t\t\t\tAND u.user_id = b.user_id"; $result = $db->sql_query($sql); $bot_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$bot_row) { trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&id={$bot_id}&action={$action}"), E_USER_WARNING); } $bot_row['bot_lang'] = $bot_row['user_lang']; $bot_row['bot_style'] = $bot_row['user_style']; unset($bot_row['user_lang'], $bot_row['user_style']); } } $s_active_options = ''; $_options = array('0' => 'NO', '1' => 'YES'); foreach ($_options as $value => $lang) { $selected = $bot_row['bot_active'] == $value ? ' selected="selected"' : ''; $s_active_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$lang] . '</option>'; } $style_select = style_select($bot_row['bot_style'], true); $lang_select = language_select($bot_row['bot_lang']); $l_title = $action == 'edit' ? 'EDIT' : 'ADD'; $template->assign_vars(array('L_TITLE' => $user->lang['BOT_' . $l_title], 'U_ACTION' => $this->u_action . "&id={$bot_id}&action={$action}", 'U_BACK' => $this->u_action, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'BOT_NAME' => $bot_row['bot_name'], 'BOT_IP' => $bot_row['bot_ip'], 'BOT_AGENT' => $bot_row['bot_agent'], 'S_EDIT_BOT' => true, 'S_ACTIVE_OPTIONS' => $s_active_options, 'S_STYLE_OPTIONS' => $style_select, 'S_LANG_OPTIONS' => $lang_select, 'S_ERROR' => sizeof($error) ? true : false)); return; break; } if ($request->is_ajax() && ($action == 'activate' || $action == 'deactivate')) { $json_response = new \src\json_response(); $json_response->send(array('text' => $user->lang['BOT_' . ($action == 'activate' ? 'DE' : '') . 'ACTIVATE'])); } $s_options = ''; $_options = array('activate' => 'BOT_ACTIVATE', 'deactivate' => 'BOT_DEACTIVATE', 'delete' => 'DELETE'); foreach ($_options as $value => $lang) { $s_options .= '<option value="' . $value . '">' . $user->lang[$lang] . '</option>'; } $template->assign_vars(array('U_ACTION' => $this->u_action, 'S_BOT_OPTIONS' => $s_options)); $sql = 'SELECT b.bot_id, b.bot_name, b.bot_active, u.user_lastvisit FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . ' u WHERE u.user_id = b.user_id ORDER BY u.user_lastvisit DESC, b.bot_name ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $active_lang = !$row['bot_active'] ? 'BOT_ACTIVATE' : 'BOT_DEACTIVATE'; $active_value = !$row['bot_active'] ? 'activate' : 'deactivate'; $template->assign_block_vars('bots', array('BOT_NAME' => $row['bot_name'], 'BOT_ID' => $row['bot_id'], 'LAST_VISIT' => $row['user_lastvisit'] ? $user->format_date($row['user_lastvisit']) : $user->lang['BOT_NEVER'], 'U_ACTIVATE_DEACTIVATE' => $this->u_action . "&id={$row['bot_id']}&action={$active_value}", 'L_ACTIVATE_DEACTIVATE' => $user->lang[$active_lang], 'U_EDIT' => $this->u_action . "&id={$row['bot_id']}&action=edit", 'U_DELETE' => $this->u_action . "&id={$row['bot_id']}&action=delete")); } $db->sql_freeresult($result); }
function main($id, $mode) { global $db, $user, $auth, $template, $cache; global $config, $src_root_path, $src_admin_path, $phpEx; global $request; $user->add_lang(array('mcp', 'acp/posting')); // Set up general vars $action = request_var('action', ''); $submit = isset($_POST['submit']) ? true : false; $reason_id = request_var('id', 0); $this->tpl_name = 'acp_reasons'; $this->page_title = 'ACP_REASONS'; $form_name = 'acp_reason'; add_form_key('acp_reason'); $error = array(); switch ($action) { case 'add': case 'edit': $reason_row = array('reason_title' => utf8_normalize_nfc(request_var('reason_title', '', true)), 'reason_description' => utf8_normalize_nfc(request_var('reason_description', '', true))); if ($submit) { if (!check_form_key($form_name)) { $error[] = $user->lang['FORM_INVALID']; } // Reason specified? if (!$reason_row['reason_title'] || !$reason_row['reason_description']) { $error[] = $user->lang['NO_REASON_INFO']; } $check_double = $action == 'add' ? true : false; if ($action == 'edit') { $sql = 'SELECT reason_title FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (strtolower($row['reason_title']) == 'other' || strtolower($reason_row['reason_title']) == 'other') { $reason_row['reason_title'] = 'other'; } if ($row['reason_title'] != $reason_row['reason_title']) { $check_double = true; } } // Check for same reason if adding it... if ($check_double) { $sql = 'SELECT reason_id FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\t\tWHERE reason_title = '" . $db->sql_escape($reason_row['reason_title']) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row || $action == 'add' && strtolower($reason_row['reason_title']) == 'other') { $error[] = $user->lang['REASON_ALREADY_EXIST']; } } if (!sizeof($error)) { // New reason? if ($action == 'add') { // Get new order... $sql = 'SELECT MAX(reason_order) as max_reason_order FROM ' . REPORTS_REASONS_TABLE; $result = $db->sql_query($sql); $max_order = (int) $db->sql_fetchfield('max_reason_order'); $db->sql_freeresult($result); $sql_ary = array('reason_title' => (string) $reason_row['reason_title'], 'reason_description' => (string) $reason_row['reason_description'], 'reason_order' => $max_order + 1); $db->sql_query('INSERT INTO ' . REPORTS_REASONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $log = 'ADDED'; } else { if ($reason_id) { $sql_ary = array('reason_title' => (string) $reason_row['reason_title'], 'reason_description' => (string) $reason_row['reason_description']); $db->sql_query('UPDATE ' . REPORTS_REASONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE reason_id = ' . $reason_id); $log = 'UPDATED'; } } add_log('admin', 'LOG_REASON_' . $log, $reason_row['reason_title']); trigger_error($user->lang['REASON_' . $log] . adm_back_link($this->u_action)); } } else { if ($reason_id) { $sql = 'SELECT * FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id; $result = $db->sql_query($sql); $reason_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$reason_row) { trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING); } } } $l_title = $action == 'edit' ? 'EDIT' : 'ADD'; $translated = false; // If the reason is defined within the language file, we will use the localized version, else just use the database entry... if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])])) { $translated = true; } $template->assign_vars(array('L_TITLE' => $user->lang['REASON_' . $l_title], 'U_ACTION' => $this->u_action . "&id={$reason_id}&action={$action}", 'U_BACK' => $this->u_action, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'REASON_TITLE' => $reason_row['reason_title'], 'REASON_DESCRIPTION' => $reason_row['reason_description'], 'TRANSLATED_TITLE' => $translated ? $user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])] : '', 'TRANSLATED_DESCRIPTION' => $translated ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])] : '', 'S_AVAILABLE_TITLES' => implode($user->lang['COMMA_SEPARATOR'], array_map('htmlspecialchars', array_keys($user->lang['report_reasons']['TITLE']))), 'S_EDIT_REASON' => true, 'S_TRANSLATED' => $translated, 'S_ERROR' => sizeof($error) ? true : false)); return; break; case 'delete': $sql = 'SELECT * FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id; $result = $db->sql_query($sql); $reason_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$reason_row) { trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action), E_USER_WARNING); } if (strtolower($reason_row['reason_title']) == 'other') { trigger_error($user->lang['NO_REMOVE_DEFAULT_REASON'] . adm_back_link($this->u_action), E_USER_WARNING); } // Let the deletion be confirmed... if (confirm_box(true)) { $sql = 'SELECT reason_id FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\tWHERE LOWER(reason_title) = 'other'"; $result = $db->sql_query($sql); $other_reason_id = (int) $db->sql_fetchfield('reason_id'); $db->sql_freeresult($result); switch ($db->get_sql_layer()) { // The ugly one! case 'mysqli': case 'mysql4': case 'mysql': // Change the reports using this reason to 'other' $sql = 'UPDATE ' . REPORTS_TABLE . ' SET reason_id = ' . $other_reason_id . ", report_text = CONCAT('" . $db->sql_escape($reason_row['reason_description']) . "\n\n', report_text)\n\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}"; break; // Standard? What's that? // Standard? What's that? case 'mssql': case 'mssql_odbc': case 'mssqlnative': // Change the reports using this reason to 'other' $sql = "DECLARE @ptrval binary(16)\n\n\t\t\t\t\t\t\t\t\tSELECT @ptrval = TEXTPTR(report_text)\n\t\t\t\t\t\t\t\t\t\tFROM " . REPORTS_TABLE . "\n\t\t\t\t\t\t\t\t\tWHERE reason_id = " . $reason_id . "\n\n\t\t\t\t\t\t\t\t\tUPDATETEXT " . REPORTS_TABLE . ".report_text @ptrval 0 0 '" . $db->sql_escape($reason_row['reason_description']) . "\n\n'\n\n\t\t\t\t\t\t\t\t\tUPDATE " . REPORTS_TABLE . ' SET reason_id = ' . $other_reason_id . "\n\t\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}"; break; // Teh standard // Teh standard case 'postgres': case 'oracle': case 'sqlite': case 'sqlite3': // Change the reports using this reason to 'other' $sql = 'UPDATE ' . REPORTS_TABLE . ' SET reason_id = ' . $other_reason_id . ", report_text = '" . $db->sql_escape($reason_row['reason_description']) . "\n\n' || report_text\n\t\t\t\t\t\t\t\tWHERE reason_id = {$reason_id}"; break; } $db->sql_query($sql); $db->sql_query('DELETE FROM ' . REPORTS_REASONS_TABLE . ' WHERE reason_id = ' . $reason_id); add_log('admin', 'LOG_REASON_REMOVED', $reason_row['reason_title']); trigger_error($user->lang['REASON_REMOVED'] . adm_back_link($this->u_action)); } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'id' => $reason_id))); } break; case 'move_up': case 'move_down': $sql = 'SELECT reason_order FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\tWHERE reason_id = {$reason_id}"; $result = $db->sql_query($sql); $order = $db->sql_fetchfield('reason_order'); $db->sql_freeresult($result); if ($order === false || $order == 0 && $action == 'move_up') { break; } $order = (int) $order; $order_total = $order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . REPORTS_REASONS_TABLE . ' SET reason_order = ' . $order_total . ' - reason_order WHERE reason_order IN (' . $order . ', ' . ($action == 'move_up' ? $order - 1 : $order + 1) . ')'; $db->sql_query($sql); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('success' => (bool) $db->sql_affectedrows())); } break; } // By default, check that order is valid and fix it if necessary $sql = 'SELECT reason_id, reason_order FROM ' . REPORTS_REASONS_TABLE . ' ORDER BY reason_order'; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $order = 0; do { ++$order; if ($row['reason_order'] != $order) { $sql = 'UPDATE ' . REPORTS_REASONS_TABLE . "\n\t\t\t\t\t\tSET reason_order = {$order}\n\t\t\t\t\t\tWHERE reason_id = {$row['reason_id']}"; $db->sql_query($sql); } } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); $template->assign_vars(array('U_ACTION' => $this->u_action)); // Reason count $sql = 'SELECT reason_id, COUNT(reason_id) AS reason_count FROM ' . REPORTS_TABLE . ' GROUP BY reason_id'; $result = $db->sql_query($sql); $reason_count = array(); while ($row = $db->sql_fetchrow($result)) { $reason_count[$row['reason_id']] = $row['reason_count']; } $db->sql_freeresult($result); $sql = 'SELECT * FROM ' . REPORTS_REASONS_TABLE . ' ORDER BY reason_order ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $translated = false; $other_reason = $row['reason_title'] == 'other' ? true : false; // If the reason is defined within the language file, we will use the localized version, else just use the database entry... if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) { $row['reason_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]; $row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]; $translated = true; } $template->assign_block_vars('reasons', array('REASON_TITLE' => $row['reason_title'], 'REASON_DESCRIPTION' => $row['reason_description'], 'REASON_COUNT' => isset($reason_count[$row['reason_id']]) ? $reason_count[$row['reason_id']] : 0, 'S_TRANSLATED' => $translated, 'S_OTHER_REASON' => $other_reason, 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row['reason_id'], 'U_DELETE' => !$other_reason ? $this->u_action . '&action=delete&id=' . $row['reason_id'] : '', 'U_MOVE_UP' => $this->u_action . '&action=move_up&id=' . $row['reason_id'], 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&id=' . $row['reason_id'])); } $db->sql_freeresult($result); }
/** * Display Forums */ function display_forums($root_data = '', $display_moderators = true, $return_moderators = false) { global $db, $auth, $user, $template; global $src_root_path, $phpEx, $config; global $request, $src_dispatcher, $src_container; $forum_rows = $subforums = $forum_ids = $forum_ids_moderator = $forum_moderators = $active_forum_ary = array(); $parent_id = $visible_forums = 0; $sql_from = ''; // Mark forums read? $mark_read = request_var('mark', ''); if ($mark_read == 'all') { $mark_read = ''; } if (!$root_data) { if ($mark_read == 'forums') { $mark_read = 'all'; } $root_data = array('forum_id' => 0); $sql_where = ''; } else { $sql_where = 'left_id > ' . $root_data['left_id'] . ' AND left_id < ' . $root_data['right_id']; } // Handle marking everything read if ($mark_read == 'all') { $redirect = build_url(array('mark', 'hash', 'mark_time')); meta_refresh(3, $redirect); if (check_link_hash(request_var('hash', ''), 'global')) { markread('all', false, false, request_var('mark_time', 0)); if ($request->is_ajax()) { // Tell the ajax script what language vars and URL need to be replaced $data = array('NO_UNREAD_POSTS' => $user->lang['NO_UNREAD_POSTS'], 'UNREAD_POSTS' => $user->lang['UNREAD_POSTS'], 'U_MARK_FORUMS' => $user->data['is_registered'] || $config['load_anon_lastread'] ? append_sid("{$src_root_path}index.{$phpEx}", 'hash=' . generate_link_hash('global') . '&mark=forums&mark_time=' . time()) : '', 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['FORUMS_MARKED']); $json_response = new \src\json_response(); $json_response->send($data); } trigger_error($user->lang['FORUMS_MARKED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . $redirect . '">', '</a>')); } else { trigger_error(sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>')); } } // Display list of active topics for this category? $show_active = isset($root_data['forum_flags']) && $root_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS ? true : false; $sql_array = array('SELECT' => 'f.*', 'FROM' => array(FORUMS_TABLE => 'f'), 'LEFT_JOIN' => array()); if ($config['load_db_lastread'] && $user->data['is_registered']) { $sql_array['LEFT_JOIN'][] = array('FROM' => array(FORUMS_TRACK_TABLE => 'ft'), 'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id'); $sql_array['SELECT'] .= ', ft.mark_time'; } else { if ($config['load_anon_lastread'] || $user->data['is_registered']) { $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, \src\request\request_interface::COOKIE); $tracking_topics = $tracking_topics ? tracking_unserialize($tracking_topics) : array(); if (!$user->data['is_registered']) { $user->data['user_lastmark'] = isset($tracking_topics['l']) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['srcrd_startdate']) : 0; } } } if ($show_active) { $sql_array['LEFT_JOIN'][] = array('FROM' => array(FORUMS_ACCESS_TABLE => 'fa'), 'ON' => "fa.forum_id = f.forum_id AND fa.session_id = '" . $db->sql_escape($user->session_id) . "'"); $sql_array['SELECT'] .= ', fa.user_id'; } $sql_ary = array('SELECT' => $sql_array['SELECT'], 'FROM' => $sql_array['FROM'], 'LEFT_JOIN' => $sql_array['LEFT_JOIN'], 'WHERE' => $sql_where, 'ORDER_BY' => 'f.left_id'); /** * Event to modify the SQL query before the forum data is queried * * @event core.display_forums_modify_sql * @var array sql_ary The SQL array to get the data of the forums * @since 3.1.0-a1 */ $vars = array('sql_ary'); extract($src_dispatcher->trigger_event('core.display_forums_modify_sql', compact($vars))); $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); $forum_tracking_info = $valid_categories = array(); $branch_root_id = $root_data['forum_id']; $src_content_visibility = $src_container->get('content.visibility'); while ($row = $db->sql_fetchrow($result)) { /** * Event to modify the data set of a forum * * This event is triggered once per forum * * @event core.display_forums_modify_row * @var int branch_root_id Last top-level forum * @var array row The data of the forum * @since 3.1.0-a1 */ $vars = array('branch_root_id', 'row'); extract($src_dispatcher->trigger_event('core.display_forums_modify_row', compact($vars))); $forum_id = $row['forum_id']; // Mark forums read? if ($mark_read == 'forums') { if ($auth->acl_get('f_list', $forum_id)) { $forum_ids[] = $forum_id; } continue; } // Category with no members if ($row['forum_type'] == FORUM_CAT && $row['left_id'] + 1 == $row['right_id']) { continue; } // Skip branch if (isset($right_id)) { if ($row['left_id'] < $right_id) { continue; } unset($right_id); } if (!$auth->acl_get('f_list', $forum_id)) { // if the user does not have permissions to list this forum, skip everything until next branch $right_id = $row['right_id']; continue; } if ($config['load_db_lastread'] && $user->data['is_registered']) { $forum_tracking_info[$forum_id] = !empty($row['mark_time']) ? $row['mark_time'] : $user->data['user_lastmark']; } else { if ($config['load_anon_lastread'] || $user->data['is_registered']) { if (!$user->data['is_registered']) { $user->data['user_lastmark'] = isset($tracking_topics['l']) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['srcrd_startdate']) : 0; } $forum_tracking_info[$forum_id] = isset($tracking_topics['f'][$forum_id]) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['srcrd_startdate']) : $user->data['user_lastmark']; } } // Lets check whether there are unapproved topics/posts, so we can display an information to moderators $row['forum_id_unapproved_topics'] = $auth->acl_get('m_approve', $forum_id) && $row['forum_topics_unapproved'] ? $forum_id : 0; $row['forum_id_unapproved_posts'] = $auth->acl_get('m_approve', $forum_id) && $row['forum_posts_unapproved'] ? $forum_id : 0; $row['forum_posts'] = $src_content_visibility->get_count('forum_posts', $row, $forum_id); $row['forum_topics'] = $src_content_visibility->get_count('forum_topics', $row, $forum_id); // Display active topics from this forum? if ($show_active && $row['forum_type'] == FORUM_POST && $auth->acl_get('f_read', $forum_id) && $row['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) { if (!isset($active_forum_ary['forum_topics'])) { $active_forum_ary['forum_topics'] = 0; } if (!isset($active_forum_ary['forum_posts'])) { $active_forum_ary['forum_posts'] = 0; } $active_forum_ary['forum_id'][] = $forum_id; $active_forum_ary['enable_icons'][] = $row['enable_icons']; $active_forum_ary['forum_topics'] += $row['forum_topics']; $active_forum_ary['forum_posts'] += $row['forum_posts']; // If this is a passworded forum we do not show active topics from it if the user is not authorised to view it... if ($row['forum_password'] && $row['user_id'] != $user->data['user_id']) { $active_forum_ary['exclude_forum_id'][] = $forum_id; } } // Fill list of categories with forums if (isset($forum_rows[$row['parent_id']])) { $valid_categories[$row['parent_id']] = true; } // if ($row['parent_id'] == $root_data['forum_id'] || $row['parent_id'] == $branch_root_id) { if ($row['forum_type'] != FORUM_CAT) { $forum_ids_moderator[] = (int) $forum_id; } // Direct child of current branch $parent_id = $forum_id; $forum_rows[$forum_id] = $row; if ($row['forum_type'] == FORUM_CAT && $row['parent_id'] == $root_data['forum_id']) { $branch_root_id = $forum_id; } $forum_rows[$parent_id]['forum_id_last_post'] = $row['forum_id']; $forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password']; $forum_rows[$parent_id]['orig_forum_last_post_time'] = $row['forum_last_post_time']; } else { if ($row['forum_type'] != FORUM_CAT) { $subforums[$parent_id][$forum_id]['display'] = $row['display_on_index'] ? true : false; $subforums[$parent_id][$forum_id]['name'] = $row['forum_name']; $subforums[$parent_id][$forum_id]['orig_forum_last_post_time'] = $row['forum_last_post_time']; $subforums[$parent_id][$forum_id]['children'] = array(); if (isset($subforums[$parent_id][$row['parent_id']]) && !$row['display_on_index']) { $subforums[$parent_id][$row['parent_id']]['children'][] = $forum_id; } if (!$forum_rows[$parent_id]['forum_id_unapproved_topics'] && $row['forum_id_unapproved_topics']) { $forum_rows[$parent_id]['forum_id_unapproved_topics'] = $forum_id; } if (!$forum_rows[$parent_id]['forum_id_unapproved_posts'] && $row['forum_id_unapproved_posts']) { $forum_rows[$parent_id]['forum_id_unapproved_posts'] = $forum_id; } $forum_rows[$parent_id]['forum_topics'] += $row['forum_topics']; // Do not list redirects in LINK Forums as Posts. if ($row['forum_type'] != FORUM_LINK) { $forum_rows[$parent_id]['forum_posts'] += $row['forum_posts']; } if ($row['forum_last_post_time'] > $forum_rows[$parent_id]['forum_last_post_time']) { $forum_rows[$parent_id]['forum_last_post_id'] = $row['forum_last_post_id']; $forum_rows[$parent_id]['forum_last_post_subject'] = $row['forum_last_post_subject']; $forum_rows[$parent_id]['forum_last_post_time'] = $row['forum_last_post_time']; $forum_rows[$parent_id]['forum_last_poster_id'] = $row['forum_last_poster_id']; $forum_rows[$parent_id]['forum_last_poster_name'] = $row['forum_last_poster_name']; $forum_rows[$parent_id]['forum_last_poster_colour'] = $row['forum_last_poster_colour']; $forum_rows[$parent_id]['forum_id_last_post'] = $forum_id; $forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password']; } } } /** * Event to modify the forum rows data set * * This event is triggered once per forum * * @event core.display_forums_modify_forum_rows * @var array forum_rows Data array of all forums we display * @var array subforums Data array of all subforums we display * @var int branch_root_id Current top-level forum * @var int parent_id Current parent forum * @var array row The data of the forum * @since 3.1.0-a1 */ $vars = array('forum_rows', 'subforums', 'branch_root_id', 'parent_id', 'row'); extract($src_dispatcher->trigger_event('core.display_forums_modify_forum_rows', compact($vars))); } $db->sql_freeresult($result); // Handle marking posts if ($mark_read == 'forums') { $redirect = build_url(array('mark', 'hash', 'mark_time')); $token = request_var('hash', ''); if (check_link_hash($token, 'global')) { markread('topics', $forum_ids, false, request_var('mark_time', 0)); $message = sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect . '">', '</a>'); meta_refresh(3, $redirect); if ($request->is_ajax()) { // Tell the ajax script what language vars and URL need to be replaced $data = array('NO_UNREAD_POSTS' => $user->lang['NO_UNREAD_POSTS'], 'UNREAD_POSTS' => $user->lang['UNREAD_POSTS'], 'U_MARK_FORUMS' => $user->data['is_registered'] || $config['load_anon_lastread'] ? append_sid("{$src_root_path}viewforum.{$phpEx}", 'hash=' . generate_link_hash('global') . '&f=' . $root_data['forum_id'] . '&mark=forums&mark_time=' . time()) : '', 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['FORUMS_MARKED']); $json_response = new \src\json_response(); $json_response->send($data); } trigger_error($user->lang['FORUMS_MARKED'] . '<br /><br />' . $message); } else { $message = sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'); meta_refresh(3, $redirect); trigger_error($message); } } // Grab moderators ... if necessary if ($display_moderators) { if ($return_moderators) { $forum_ids_moderator[] = $root_data['forum_id']; } get_moderators($forum_moderators, $forum_ids_moderator); } /** * Event to perform additional actions before the forum list is being generated * * @event core.display_forums_before * @var array active_forum_ary Array with forum data to display active topics * @var bool display_moderators Flag indicating if we display forum moderators * @var array forum_moderators Array with forum moderators list * @var array forum_rows Data array of all forums we display * @var bool return_moderators Flag indicating if moderators list should be returned * @var array root_data Array with the root forum data * @since 3.1.4-RC1 */ $vars = array('active_forum_ary', 'display_moderators', 'forum_moderators', 'forum_rows', 'return_moderators', 'root_data'); extract($src_dispatcher->trigger_event('core.display_forums_before', compact($vars))); // Used to tell whatever we have to create a dummy category or not. $last_catless = true; foreach ($forum_rows as $row) { // Category if ($row['parent_id'] == $root_data['forum_id'] && $row['forum_type'] == FORUM_CAT) { // Do not display categories without any forums to display if (!isset($valid_categories[$row['forum_id']])) { continue; } $cat_row = array('S_IS_CAT' => true, 'FORUM_ID' => $row['forum_id'], 'FORUM_NAME' => $row['forum_name'], 'FORUM_DESC' => generate_text_for_display($row['forum_desc'], $row['forum_desc_uid'], $row['forum_desc_bitfield'], $row['forum_desc_options']), 'FORUM_FOLDER_IMG' => '', 'FORUM_FOLDER_IMG_SRC' => '', 'FORUM_IMAGE' => $row['forum_image'] ? '<img src="' . $src_root_path . $row['forum_image'] . '" alt="' . $user->lang['FORUM_CAT'] . '" />' : '', 'FORUM_IMAGE_SRC' => $row['forum_image'] ? $src_root_path . $row['forum_image'] : '', 'U_VIEWFORUM' => append_sid("{$src_root_path}viewforum.{$phpEx}", 'f=' . $row['forum_id'])); /** * Modify the template data block of the 'category' * * This event is triggered once per 'category' * * @event core.display_forums_modify_category_template_vars * @var array cat_row Template data of the 'category' * @var bool catless The flag indicating whether the 'category' has a parent category * @var bool last_catless The flag indicating whether the last forum had a parent category * @var array root_data Array with the root forum data * @var array row The data of the 'category' * @since 3.1.0-RC4 */ $vars = array('cat_row', 'catless', 'last_catless', 'root_data', 'row'); extract($src_dispatcher->trigger_event('core.display_forums_modify_category_template_vars', compact($vars))); $template->assign_block_vars('forumrow', $cat_row); continue; } $visible_forums++; $forum_id = $row['forum_id']; $forum_unread = isset($forum_tracking_info[$forum_id]) && $row['orig_forum_last_post_time'] > $forum_tracking_info[$forum_id] ? true : false; $folder_image = $folder_alt = $l_subforums = ''; $subforums_list = array(); // Generate list of subforums if we need to if (isset($subforums[$forum_id])) { foreach ($subforums[$forum_id] as $subforum_id => $subforum_row) { $subforum_unread = isset($forum_tracking_info[$subforum_id]) && $subforum_row['orig_forum_last_post_time'] > $forum_tracking_info[$subforum_id] ? true : false; if (!$subforum_unread && !empty($subforum_row['children'])) { foreach ($subforum_row['children'] as $child_id) { if (isset($forum_tracking_info[$child_id]) && $subforums[$forum_id][$child_id]['orig_forum_last_post_time'] > $forum_tracking_info[$child_id]) { // Once we found an unread child forum, we can drop out of this loop $subforum_unread = true; break; } } } if ($subforum_row['display'] && $subforum_row['name']) { $subforums_list[] = array('link' => append_sid("{$src_root_path}viewforum.{$phpEx}", 'f=' . $subforum_id), 'name' => $subforum_row['name'], 'unread' => $subforum_unread); } else { unset($subforums[$forum_id][$subforum_id]); } // If one subforum is unread the forum gets unread too... if ($subforum_unread) { $forum_unread = true; } } $l_subforums = sizeof($subforums[$forum_id]) == 1 ? $user->lang['SUBFORUM'] : $user->lang['SUBFORUMS']; $folder_image = $forum_unread ? 'forum_unread_subforum' : 'forum_read_subforum'; } else { switch ($row['forum_type']) { case FORUM_POST: $folder_image = $forum_unread ? 'forum_unread' : 'forum_read'; break; case FORUM_LINK: $folder_image = 'forum_link'; break; } } // Which folder should we display? if ($row['forum_status'] == ITEM_LOCKED) { $folder_image = $forum_unread ? 'forum_unread_locked' : 'forum_read_locked'; $folder_alt = 'FORUM_LOCKED'; } else { $folder_alt = $forum_unread ? 'UNREAD_POSTS' : 'NO_UNREAD_POSTS'; } // Create last post link information, if appropriate if ($row['forum_last_post_id']) { if ($row['forum_password_last_post'] === '' && $auth->acl_get('f_read', $row['forum_id_last_post'])) { $last_post_subject = censor_text($row['forum_last_post_subject']); $last_post_subject_truncated = truncate_string($last_post_subject, 30, 255, false, $user->lang['ELLIPSIS']); } else { $last_post_subject = $last_post_subject_truncated = ''; } $last_post_time = $user->format_date($row['forum_last_post_time']); $last_post_url = append_sid("{$src_root_path}viewtopic.{$phpEx}", 'f=' . $row['forum_id_last_post'] . '&p=' . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id']; } else { $last_post_subject = $last_post_time = $last_post_url = $last_post_subject_truncated = ''; } // Output moderator listing ... if applicable $l_moderator = $moderators_list = ''; if ($display_moderators && !empty($forum_moderators[$forum_id])) { $l_moderator = sizeof($forum_moderators[$forum_id]) == 1 ? $user->lang['MODERATOR'] : $user->lang['MODERATORS']; $moderators_list = implode($user->lang['COMMA_SEPARATOR'], $forum_moderators[$forum_id]); } $l_post_click_count = $row['forum_type'] == FORUM_LINK ? 'CLICKS' : 'POSTS'; $post_click_count = $row['forum_type'] != FORUM_LINK || $row['forum_flags'] & FORUM_FLAG_LINK_TRACK ? $row['forum_posts'] : ''; $s_subforums_list = $subforums_row = array(); foreach ($subforums_list as $subforum) { $s_subforums_list[] = '<a href="' . $subforum['link'] . '" class="subforum ' . ($subforum['unread'] ? 'unread' : 'read') . '" title="' . ($subforum['unread'] ? $user->lang['UNREAD_POSTS'] : $user->lang['NO_UNREAD_POSTS']) . '">' . $subforum['name'] . '</a>'; $subforums_row[] = array('U_SUBFORUM' => $subforum['link'], 'SUBFORUM_NAME' => $subforum['name'], 'S_UNREAD' => $subforum['unread']); } $s_subforums_list = (string) implode($user->lang['COMMA_SEPARATOR'], $s_subforums_list); $catless = $row['parent_id'] == $root_data['forum_id'] ? true : false; if ($row['forum_type'] != FORUM_LINK) { $u_viewforum = append_sid("{$src_root_path}viewforum.{$phpEx}", 'f=' . $row['forum_id']); } else { // If the forum is a link and we count redirects we need to visit it // If the forum is having a password or no read access we do not expose the link, but instead handle it in viewforum if ($row['forum_flags'] & FORUM_FLAG_LINK_TRACK || $row['forum_password'] || !$auth->acl_get('f_read', $forum_id)) { $u_viewforum = append_sid("{$src_root_path}viewforum.{$phpEx}", 'f=' . $row['forum_id']); } else { $u_viewforum = $row['forum_link']; } } $forum_row = array('S_IS_CAT' => false, 'S_NO_CAT' => $catless && !$last_catless, 'S_IS_LINK' => $row['forum_type'] == FORUM_LINK ? true : false, 'S_UNREAD_FORUM' => $forum_unread, 'S_AUTH_READ' => $auth->acl_get('f_read', $row['forum_id']), 'S_LOCKED_FORUM' => $row['forum_status'] == ITEM_LOCKED ? true : false, 'S_LIST_SUBFORUMS' => $row['display_subforum_list'] ? true : false, 'S_SUBFORUMS' => sizeof($subforums_list) ? true : false, 'S_DISPLAY_SUBJECT' => $last_post_subject !== '' && $config['display_last_subject'] ? true : false, 'S_FEED_ENABLED' => $config['feed_forum'] && !src_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options']) && $row['forum_type'] == FORUM_POST ? true : false, 'FORUM_ID' => $row['forum_id'], 'FORUM_NAME' => $row['forum_name'], 'FORUM_DESC' => generate_text_for_display($row['forum_desc'], $row['forum_desc_uid'], $row['forum_desc_bitfield'], $row['forum_desc_options']), 'TOPICS' => $row['forum_topics'], $l_post_click_count => $post_click_count, 'FORUM_IMG_STYLE' => $folder_image, 'FORUM_FOLDER_IMG' => $user->img($folder_image, $folder_alt), 'FORUM_FOLDER_IMG_ALT' => isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '', 'FORUM_IMAGE' => $row['forum_image'] ? '<img src="' . $src_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '', 'FORUM_IMAGE_SRC' => $row['forum_image'] ? $src_root_path . $row['forum_image'] : '', 'LAST_POST_SUBJECT' => $last_post_subject, 'LAST_POST_SUBJECT_TRUNCATED' => $last_post_subject_truncated, 'LAST_POST_TIME' => $last_post_time, 'LAST_POSTER' => get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POSTER_COLOUR' => get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POSTER_FULL' => get_username_string('full', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'MODERATORS' => $moderators_list, 'SUBFORUMS' => $s_subforums_list, 'L_SUBFORUM_STR' => $l_subforums, 'L_MODERATOR_STR' => $l_moderator, 'U_UNAPPROVED_TOPICS' => $row['forum_id_unapproved_topics'] ? append_sid("{$src_root_path}mcp.{$phpEx}", 'i=queue&mode=unapproved_topics&f=' . $row['forum_id_unapproved_topics']) : '', 'U_UNAPPROVED_POSTS' => $row['forum_id_unapproved_posts'] ? append_sid("{$src_root_path}mcp.{$phpEx}", 'i=queue&mode=unapproved_posts&f=' . $row['forum_id_unapproved_posts']) : '', 'U_VIEWFORUM' => $u_viewforum, 'U_LAST_POSTER' => get_username_string('profile', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'U_LAST_POST' => $last_post_url); /** * Modify the template data block of the forum * * This event is triggered once per forum * * @event core.display_forums_modify_template_vars * @var array forum_row Template data of the forum * @var array row The data of the forum * @var array subforums_row Template data of subforums * @since 3.1.0-a1 * @change 3.1.0-b5 Added var subforums_row */ $vars = array('forum_row', 'row', 'subforums_row'); extract($src_dispatcher->trigger_event('core.display_forums_modify_template_vars', compact($vars))); $template->assign_block_vars('forumrow', $forum_row); // Assign subforums loop for style authors $template->assign_block_vars_array('forumrow.subforum', $subforums_row); /** * Modify and/or assign additional template data for the forum * after forumrow loop has been assigned. This can be used * to create additional forumrow subloops in extensions. * * This event is triggered once per forum * * @event core.display_forums_add_template_data * @var array forum_row Template data of the forum * @var array row The data of the forum * @var array subforums_list The data of subforums * @var array subforums_row Template data of subforums * @var bool catless The flag indicating whether a forum has a parent category * @since 3.1.0-b5 */ $vars = array('forum_row', 'row', 'subforums_list', 'subforums_row', 'catless'); extract($src_dispatcher->trigger_event('core.display_forums_add_template_data', compact($vars))); $last_catless = $catless; } $template->assign_vars(array('U_MARK_FORUMS' => $user->data['is_registered'] || $config['load_anon_lastread'] ? append_sid("{$src_root_path}viewforum.{$phpEx}", 'hash=' . generate_link_hash('global') . '&f=' . $root_data['forum_id'] . '&mark=forums&mark_time=' . time()) : '', 'S_HAS_SUBFORUM' => $visible_forums ? true : false, 'L_SUBFORUM' => $visible_forums == 1 ? $user->lang['SUBFORUM'] : $user->lang['SUBFORUMS'], 'LAST_POST_IMG' => $user->img('icon_topic_latest', 'VIEW_LATEST_POST'), 'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', 'TOPICS_UNAPPROVED'), 'UNAPPROVED_POST_IMG' => $user->img('icon_topic_unapproved', 'POSTS_UNAPPROVED_FORUM'))); /** * Event to perform additional actions after the forum list has been generated * * @event core.display_forums_after * @var array active_forum_ary Array with forum data to display active topics * @var bool display_moderators Flag indicating if we display forum moderators * @var array forum_moderators Array with forum moderators list * @var array forum_rows Data array of all forums we display * @var bool return_moderators Flag indicating if moderators list should be returned * @var array root_data Array with the root forum data * @since 3.1.0-RC5 */ $vars = array('active_forum_ary', 'display_moderators', 'forum_moderators', 'forum_rows', 'return_moderators', 'root_data'); extract($src_dispatcher->trigger_event('core.display_forums_after', compact($vars))); if ($return_moderators) { return array($active_forum_ary, $forum_moderators); } return array($active_forum_ary, array()); }
$form->render($template); break; case 'livesearch': $username_chars = $request->variable('username', '', true); $sql = 'SELECT username, user_id, user_colour FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_type', array(USER_NORMAL, USER_FOUNDER)) . ' AND username_clean ' . $db->sql_like_expression(utf8_clean_string($username_chars) . $db->get_any_char()); $result = $db->sql_query_limit($sql, 10); $user_list = array(); while ($row = $db->sql_fetchrow($result)) { $user_list[] = array('user_id' => (int) $row['user_id'], 'result' => $row['username'], 'username_full' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'display' => get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour'])); } $db->sql_freeresult($result); $json_response = new \src\json_response(); $json_response->send(array('keyword' => $username_chars, 'results' => $user_list)); break; case 'group': default: // The basic memberlist $page_title = $user->lang['MEMBERLIST']; $template_html = 'memberlist_body.html'; $pagination = $src_container->get('pagination'); // Sorting $sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT']); $sort_key_sql = array('a' => 'u.username_clean', 'c' => 'u.user_regdate', 'd' => 'u.user_posts'); if ($config['jab_enable']) { $sort_key_text['k'] = $user->lang['JABBER']; $sort_key_sql['k'] = 'u.user_jabber'; } if ($auth->acl_get('a_user')) {
/** * Sends an error message back to the client via JSON response * * @param int $code The error code * @param string $msg The translation string of the message to be sent * * @return null */ public function emit_error($code, $msg) { $json_response = new \src\json_response(); $json_response->send(array('jsonrpc' => '2.0', 'id' => 'id', 'error' => array('code' => $code, 'message' => $this->user->lang($msg)))); }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $request, $src_dispatcher; global $config, $src_root_path, $src_admin_path, $phpEx; $user->add_lang('acp/posting'); // Set up general vars $action = request_var('action', ''); $bbcode_id = request_var('bbcode', 0); $this->tpl_name = 'acp_bbcodes'; $this->page_title = 'ACP_BBCODES'; $form_key = 'acp_bbcodes'; add_form_key($form_key); // Set up mode-specific vars switch ($action) { case 'add': $bbcode_match = $bbcode_tpl = $bbcode_helpline = ''; $display_on_posting = 0; break; case 'edit': $sql = 'SELECT bbcode_match, bbcode_tpl, display_on_posting, bbcode_helpline FROM ' . BBCODES_TABLE . ' WHERE bbcode_id = ' . $bbcode_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); } $bbcode_match = $row['bbcode_match']; $bbcode_tpl = htmlspecialchars($row['bbcode_tpl']); $display_on_posting = $row['display_on_posting']; $bbcode_helpline = $row['bbcode_helpline']; break; case 'modify': $sql = 'SELECT bbcode_id, bbcode_tag FROM ' . BBCODES_TABLE . ' WHERE bbcode_id = ' . $bbcode_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); } // No break here // No break here case 'create': $display_on_posting = request_var('display_on_posting', 0); $bbcode_match = request_var('bbcode_match', ''); $bbcode_tpl = htmlspecialchars_decode(utf8_normalize_nfc(request_var('bbcode_tpl', '', true))); $bbcode_helpline = utf8_normalize_nfc(request_var('bbcode_helpline', '', true)); break; } // Do major work switch ($action) { case 'edit': case 'add': $tpl_ary = array('S_EDIT_BBCODE' => true, 'U_BACK' => $this->u_action, 'U_ACTION' => $this->u_action . '&action=' . ($action == 'add' ? 'create' : 'modify') . ($bbcode_id ? "&bbcode={$bbcode_id}" : ''), 'L_BBCODE_USAGE_EXPLAIN' => sprintf($user->lang['BBCODE_USAGE_EXPLAIN'], '<a href="#down">', '</a>'), 'BBCODE_MATCH' => $bbcode_match, 'BBCODE_TPL' => $bbcode_tpl, 'BBCODE_HELPLINE' => $bbcode_helpline, 'DISPLAY_ON_POSTING' => $display_on_posting); $bbcode_tokens = array('TEXT', 'SIMPLETEXT', 'INTTEXT', 'IDENTIFIER', 'NUMBER', 'EMAIL', 'URL', 'LOCAL_URL', 'RELATIVE_URL', 'COLOR'); /** * Modify custom bbcode template data before we display the add/edit form * * @event core.acp_bbcodes_edit_add * @var string action Type of the action: add|edit * @var array tpl_ary Array with custom bbcode add/edit data * @var int bbcode_id When editing: the bbcode id, * when creating: 0 * @var array bbcode_tokens Array of bbcode tokens * @since 3.1.0-a3 */ $vars = array('action', 'tpl_ary', 'bbcode_id', 'bbcode_tokens'); extract($src_dispatcher->trigger_event('core.acp_bbcodes_edit_add', compact($vars))); $template->assign_vars($tpl_ary); foreach ($bbcode_tokens as $token) { $template->assign_block_vars('token', array('TOKEN' => '{' . $token . '}', 'EXPLAIN' => $token === 'LOCAL_URL' ? $user->lang(array('tokens', $token), generate_srcrd_url() . '/') : $user->lang(array('tokens', $token)))); } return; break; case 'modify': case 'create': $sql_ary = $hidden_fields = array(); /** * Modify custom bbcode data before the modify/create action * * @event core.acp_bbcodes_modify_create * @var string action Type of the action: modify|create * @var array sql_ary Array with new bbcode data * @var int bbcode_id When editing: the bbcode id, * when creating: 0 * @var bool display_on_posting Display bbcode on posting form * @var string bbcode_match The bbcode usage string to match * @var string bbcode_tpl The bbcode HTML replacement string * @var string bbcode_helpline The bbcode help line string * @var array hidden_fields Array of hidden fields for use when * submitting form when $warn_text is true * @since 3.1.0-a3 */ $vars = array('action', 'sql_ary', 'bbcode_id', 'display_on_posting', 'bbcode_match', 'bbcode_tpl', 'bbcode_helpline', 'hidden_fields'); extract($src_dispatcher->trigger_event('core.acp_bbcodes_modify_create', compact($vars))); $warn_text = preg_match('%<[^>]*\\{text[\\d]*\\}[^>]*>%i', $bbcode_tpl); if (!$warn_text || confirm_box(true)) { $data = $this->build_regexp($bbcode_match, $bbcode_tpl); // Make sure the user didn't pick a "bad" name for the BBCode tag. $hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash='); if ($action == 'modify' && strtolower($data['bbcode_tag']) !== strtolower($row['bbcode_tag']) || $action == 'create') { $sql = 'SELECT 1 as test FROM ' . BBCODES_TABLE . "\n\t\t\t\t\t\t\tWHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'"; $result = $db->sql_query($sql); $info = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Grab the end, interrogate the last closing tag if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded) || preg_match('#\\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded)) { trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING); } } if (substr($data['bbcode_tag'], -1) === '=') { $test = substr($data['bbcode_tag'], 0, -1); } else { $test = $data['bbcode_tag']; } if (!preg_match('%\\[' . $test . '[^]]*].*?\\[/' . $test . ']%s', $bbcode_match)) { trigger_error($user->lang['BBCODE_OPEN_ENDED_TAG'] . adm_back_link($this->u_action), E_USER_WARNING); } if (strlen($data['bbcode_tag']) > 16) { trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); } if (strlen($bbcode_match) > 4000) { trigger_error($user->lang['BBCODE_TAG_DEF_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); } if (strlen($bbcode_helpline) > 255) { trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql_ary = array_merge($sql_ary, array('bbcode_tag' => $data['bbcode_tag'], 'bbcode_match' => $bbcode_match, 'bbcode_tpl' => $bbcode_tpl, 'display_on_posting' => $display_on_posting, 'bbcode_helpline' => $bbcode_helpline, 'first_pass_match' => $data['first_pass_match'], 'first_pass_replace' => $data['first_pass_replace'], 'second_pass_match' => $data['second_pass_match'], 'second_pass_replace' => $data['second_pass_replace'])); if ($action == 'create') { $sql = 'SELECT MAX(bbcode_id) as max_bbcode_id FROM ' . BBCODES_TABLE; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { $bbcode_id = $row['max_bbcode_id'] + 1; // Make sure it is greater than the core bbcode ids... if ($bbcode_id <= NUM_CORE_BBCODES) { $bbcode_id = NUM_CORE_BBCODES + 1; } } else { $bbcode_id = NUM_CORE_BBCODES + 1; } if ($bbcode_id > BBCODE_LIMIT) { trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql_ary['bbcode_id'] = (int) $bbcode_id; $db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary)); $cache->destroy('sql', BBCODES_TABLE); $lang = 'BBCODE_ADDED'; $log_action = 'LOG_BBCODE_ADD'; } else { $sql = 'UPDATE ' . BBCODES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE bbcode_id = ' . $bbcode_id; $db->sql_query($sql); $cache->destroy('sql', BBCODES_TABLE); $lang = 'BBCODE_EDITED'; $log_action = 'LOG_BBCODE_EDIT'; } add_log('admin', $log_action, $data['bbcode_tag']); trigger_error($user->lang[$lang] . adm_back_link($this->u_action)); } else { confirm_box(false, $user->lang['BBCODE_DANGER'], build_hidden_fields(array_merge($hidden_fields, array('action' => $action, 'bbcode' => $bbcode_id, 'bbcode_match' => $bbcode_match, 'bbcode_tpl' => htmlspecialchars($bbcode_tpl), 'bbcode_helpline' => $bbcode_helpline, 'display_on_posting' => $display_on_posting))), 'confirm_bbcode.html'); } break; case 'delete': $sql = 'SELECT bbcode_tag FROM ' . BBCODES_TABLE . "\n\t\t\t\t\tWHERE bbcode_id = {$bbcode_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { if (confirm_box(true)) { $db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = {$bbcode_id}"); $cache->destroy('sql', BBCODES_TABLE); add_log('admin', 'LOG_BBCODE_DELETE', $row['bbcode_tag']); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['BBCODE_DELETED'], 'REFRESH_DATA' => array('time' => 3))); } } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('bbcode' => $bbcode_id, 'i' => $id, 'mode' => $mode, 'action' => $action))); } } break; } $u_action = $this->u_action; $template_data = array('U_ACTION' => $this->u_action . '&action=add'); $sql_ary = array('SELECT' => 'b.*', 'FROM' => array(BBCODES_TABLE => 'b'), 'ORDER_BY' => 'b.bbcode_tag'); /** * Modify custom bbcode template data before we display the form * * @event core.acp_bbcodes_display_form * @var string action Type of the action: modify|create * @var string sql_ary The SQL array to get custom bbcode data * @var array template_data Array with form template data * @var string u_action The u_action link * @since 3.1.0-a3 */ $vars = array('action', 'sql_ary', 'template_data', 'u_action'); extract($src_dispatcher->trigger_event('core.acp_bbcodes_display_form', compact($vars))); $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary)); $template->assign_vars($template_data); while ($row = $db->sql_fetchrow($result)) { $bbcodes_array = array('BBCODE_TAG' => $row['bbcode_tag'], 'U_EDIT' => $u_action . '&action=edit&bbcode=' . $row['bbcode_id'], 'U_DELETE' => $u_action . '&action=delete&bbcode=' . $row['bbcode_id']); /** * Modify display of custom bbcodes in the form * * @event core.acp_bbcodes_display_bbcodes * @var array row Array with current bbcode data * @var array bbcodes_array Array of bbcodes template data * @var string u_action The u_action link * @since 3.1.0-a3 */ $vars = array('bbcodes_array', 'row', 'u_action'); extract($src_dispatcher->trigger_event('core.acp_bbcodes_display_bbcodes', compact($vars))); $template->assign_block_vars('bbcodes', $bbcodes_array); } $db->sql_freeresult($result); }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $request, $src_dispatcher; global $config, $src_root_path, $src_admin_path, $phpEx; $user->add_lang('acp/posting'); // Set up general vars $action = request_var('action', ''); $action = isset($_POST['add']) ? 'add' : $action; $action = isset($_POST['save']) ? 'save' : $action; $rank_id = request_var('id', 0); $this->tpl_name = 'acp_ranks'; $this->page_title = 'ACP_MANAGE_RANKS'; $form_name = 'acp_ranks'; add_form_key($form_name); switch ($action) { case 'save': if (!check_form_key($form_name)) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } $rank_title = utf8_normalize_nfc(request_var('title', '', true)); $special_rank = request_var('special_rank', 0); $min_posts = $special_rank ? 0 : max(0, request_var('min_posts', 0)); $rank_image = request_var('rank_image', ''); // The rank image has to be a jpg, gif or png if ($rank_image != '' && !preg_match('#(\\.gif|\\.png|\\.jpg|\\.jpeg)$#i', $rank_image)) { $rank_image = ''; } if (!$rank_title) { trigger_error($user->lang['NO_RANK_TITLE'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql_ary = array('rank_title' => $rank_title, 'rank_special' => $special_rank, 'rank_min' => $min_posts, 'rank_image' => htmlspecialchars_decode($rank_image)); /** * Modify the SQL array when saving a rank * * @event core.acp_ranks_save_modify_sql_ary * @var int rank_id The ID of the rank (if available) * @var array sql_ary Array with the rank's data * @since 3.1.0-RC3 */ $vars = array('rank_id', 'sql_ary'); extract($src_dispatcher->trigger_event('core.acp_ranks_save_modify_sql_ary', compact($vars))); if ($rank_id) { $sql = 'UPDATE ' . RANKS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE rank_id = {$rank_id}"; $message = $user->lang['RANK_UPDATED']; add_log('admin', 'LOG_RANK_UPDATED', $rank_title); } else { $sql = 'INSERT INTO ' . RANKS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $message = $user->lang['RANK_ADDED']; add_log('admin', 'LOG_RANK_ADDED', $rank_title); } $db->sql_query($sql); $cache->destroy('_ranks'); trigger_error($message . adm_back_link($this->u_action)); break; case 'delete': if (!$rank_id) { trigger_error($user->lang['MUST_SELECT_RANK'] . adm_back_link($this->u_action), E_USER_WARNING); } if (confirm_box(true)) { $sql = 'SELECT rank_title FROM ' . RANKS_TABLE . ' WHERE rank_id = ' . $rank_id; $result = $db->sql_query($sql); $rank_title = (string) $db->sql_fetchfield('rank_title'); $db->sql_freeresult($result); $sql = 'DELETE FROM ' . RANKS_TABLE . "\n\t\t\t\t\t\tWHERE rank_id = {$rank_id}"; $db->sql_query($sql); $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\t\t\tSET user_rank = 0\n\t\t\t\t\t\tWHERE user_rank = {$rank_id}"; $db->sql_query($sql); $cache->destroy('_ranks'); add_log('admin', 'LOG_RANK_REMOVED', $rank_title); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('MESSAGE_TITLE' => $user->lang['INFORMATION'], 'MESSAGE_TEXT' => $user->lang['RANK_REMOVED'], 'REFRESH_DATA' => array('time' => 3))); } } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'rank_id' => $rank_id, 'action' => 'delete'))); } break; case 'edit': case 'add': $data = $ranks = $existing_imgs = array(); $sql = 'SELECT * FROM ' . RANKS_TABLE . ' ORDER BY rank_min ASC, rank_special ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $existing_imgs[] = $row['rank_image']; if ($action == 'edit' && $rank_id == $row['rank_id']) { $ranks = $row; } } $db->sql_freeresult($result); $imglist = filelist($src_root_path . $config['ranks_path'], ''); $edit_img = $filename_list = ''; foreach ($imglist as $path => $img_ary) { sort($img_ary); foreach ($img_ary as $img) { $img = $path . $img; if ($ranks && $img == $ranks['rank_image']) { $selected = ' selected="selected"'; $edit_img = $img; } else { $selected = ''; } if (strlen($img) > 255) { continue; } $filename_list .= '<option value="' . htmlspecialchars($img) . '"' . $selected . '>' . $img . (in_array($img, $existing_imgs) ? ' ' . $user->lang['RANK_IMAGE_IN_USE'] : '') . '</option>'; } } $filename_list = '<option value=""' . ($edit_img == '' ? ' selected="selected"' : '') . '>----------</option>' . $filename_list; unset($existing_imgs, $imglist); $tpl_ary = array('S_EDIT' => true, 'U_BACK' => $this->u_action, 'RANKS_PATH' => $src_root_path . $config['ranks_path'], 'U_ACTION' => $this->u_action . '&id=' . $rank_id, 'RANK_TITLE' => isset($ranks['rank_title']) ? $ranks['rank_title'] : '', 'S_FILENAME_LIST' => $filename_list, 'RANK_IMAGE' => $edit_img ? $src_root_path . $config['ranks_path'] . '/' . $edit_img : htmlspecialchars($src_admin_path) . 'images/spacer.gif', 'S_SPECIAL_RANK' => isset($ranks['rank_special']) && $ranks['rank_special'] ? true : false, 'MIN_POSTS' => isset($ranks['rank_min']) && !$ranks['rank_special'] ? $ranks['rank_min'] : 0); /** * Modify the template output array for editing/adding ranks * * @event core.acp_ranks_edit_modify_tpl_ary * @var array ranks Array with the rank's data * @var array tpl_ary Array with the rank's template data * @since 3.1.0-RC3 */ $vars = array('ranks', 'tpl_ary'); extract($src_dispatcher->trigger_event('core.acp_ranks_edit_modify_tpl_ary', compact($vars))); $template->assign_vars($tpl_ary); return; break; } $template->assign_vars(array('U_ACTION' => $this->u_action)); $sql = 'SELECT * FROM ' . RANKS_TABLE . ' ORDER BY rank_special DESC, rank_min ASC, rank_title ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $rank_row = array('S_RANK_IMAGE' => $row['rank_image'] ? true : false, 'S_SPECIAL_RANK' => $row['rank_special'] ? true : false, 'RANK_IMAGE' => $src_root_path . $config['ranks_path'] . '/' . $row['rank_image'], 'RANK_TITLE' => $row['rank_title'], 'MIN_POSTS' => $row['rank_min'], 'U_EDIT' => $this->u_action . '&action=edit&id=' . $row['rank_id'], 'U_DELETE' => $this->u_action . '&action=delete&id=' . $row['rank_id']); /** * Modify the template output array for each listed rank * * @event core.acp_ranks_list_modify_rank_row * @var array row Array with the rank's data * @var array rank_row Array with the rank's template data * @since 3.1.0-RC3 */ $vars = array('row', 'rank_row'); extract($src_dispatcher->trigger_event('core.acp_ranks_list_modify_rank_row', compact($vars))); $template->assign_block_vars('ranks', $rank_row); } $db->sql_freeresult($result); }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache; global $src_root_path, $src_admin_path, $phpEx, $table_prefix; global $request, $src_container; include $src_root_path . 'includes/functions_posting.' . $phpEx; include $src_root_path . 'includes/functions_user.' . $phpEx; $user->add_lang(array('ucp', 'acp/profile')); $this->tpl_name = 'acp_profile'; $this->page_title = 'ACP_CUSTOM_PROFILE_FIELDS'; $field_id = $request->variable('field_id', 0); $action = isset($_POST['create']) ? 'create' : request_var('action', ''); $error = array(); $s_hidden_fields = ''; if (!$field_id && in_array($action, array('delete', 'activate', 'deactivate', 'move_up', 'move_down', 'edit'))) { trigger_error($user->lang['NO_FIELD_ID'] . adm_back_link($this->u_action), E_USER_WARNING); } $cp = $src_container->get('profilefields.manager'); $this->type_collection = $src_container->get('profilefields.type_collection'); // Build Language array // Based on this, we decide which elements need to be edited later and which language items are missing $this->lang_defs = array(); $sql = 'SELECT lang_id, lang_iso FROM ' . LANG_TABLE . ' ORDER BY lang_english_name'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { // Make some arrays with all available languages $this->lang_defs['id'][$row['lang_id']] = $row['lang_iso']; $this->lang_defs['iso'][$row['lang_iso']] = $row['lang_id']; } $db->sql_freeresult($result); $sql = 'SELECT field_id, lang_id FROM ' . PROFILE_LANG_TABLE . ' ORDER BY lang_id'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { // Which languages are available for each item $this->lang_defs['entry'][$row['field_id']][] = $row['lang_id']; } $db->sql_freeresult($result); // Have some fields been defined? if (isset($this->lang_defs['entry'])) { foreach ($this->lang_defs['entry'] as $field_ident => $field_ary) { // Fill an array with the languages that are missing for each field $this->lang_defs['diff'][$field_ident] = array_diff(array_values($this->lang_defs['iso']), $field_ary); } } switch ($action) { case 'delete': if (confirm_box(true)) { $sql = 'SELECT field_ident FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\tWHERE field_id = {$field_id}"; $result = $db->sql_query($sql); $field_ident = (string) $db->sql_fetchfield('field_ident'); $db->sql_freeresult($result); $db->sql_transaction('begin'); $db->sql_query('DELETE FROM ' . PROFILE_FIELDS_TABLE . " WHERE field_id = {$field_id}"); $db->sql_query('DELETE FROM ' . PROFILE_FIELDS_LANG_TABLE . " WHERE field_id = {$field_id}"); $db->sql_query('DELETE FROM ' . PROFILE_LANG_TABLE . " WHERE field_id = {$field_id}"); $db_tools = $src_container->get('dbal.tools'); $db_tools->sql_column_remove(PROFILE_FIELDS_DATA_TABLE, 'pf_' . $field_ident); $order = 0; $sql = 'SELECT * FROM ' . PROFILE_FIELDS_TABLE . ' ORDER BY field_order'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $order++; if ($row['field_order'] != $order) { $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\t\t\tSET field_order = {$order}\n\t\t\t\t\t\t\t\tWHERE field_id = {$row['field_id']}"; $db->sql_query($sql); } } $db->sql_freeresult($result); $db->sql_transaction('commit'); add_log('admin', 'LOG_PROFILE_FIELD_REMOVED', $field_ident); trigger_error($user->lang['REMOVED_PROFILE_FIELD'] . adm_back_link($this->u_action)); } else { confirm_box(false, 'DELETE_PROFILE_FIELD', build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => $action, 'field_id' => $field_id))); } break; case 'activate': $sql = 'SELECT lang_id FROM ' . LANG_TABLE . "\n\t\t\t\t\tWHERE lang_iso = '" . $db->sql_escape($config['default_lang']) . "'"; $result = $db->sql_query($sql); $default_lang_id = (int) $db->sql_fetchfield('lang_id'); $db->sql_freeresult($result); if (!in_array($default_lang_id, $this->lang_defs['entry'][$field_id])) { trigger_error($user->lang['DEFAULT_LANGUAGE_NOT_FILLED'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_active = 1\n\t\t\t\t\tWHERE field_id = {$field_id}"; $db->sql_query($sql); $sql = 'SELECT field_ident FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}"; $result = $db->sql_query($sql); $field_ident = (string) $db->sql_fetchfield('field_ident'); $db->sql_freeresult($result); add_log('admin', 'LOG_PROFILE_FIELD_ACTIVATE', $field_ident); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('text' => $user->lang('DEACTIVATE'))); } trigger_error($user->lang['PROFILE_FIELD_ACTIVATED'] . adm_back_link($this->u_action)); break; case 'deactivate': $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_active = 0\n\t\t\t\t\tWHERE field_id = {$field_id}"; $db->sql_query($sql); $sql = 'SELECT field_ident FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}"; $result = $db->sql_query($sql); $field_ident = (string) $db->sql_fetchfield('field_ident'); $db->sql_freeresult($result); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('text' => $user->lang('ACTIVATE'))); } add_log('admin', 'LOG_PROFILE_FIELD_DEACTIVATE', $field_ident); trigger_error($user->lang['PROFILE_FIELD_DEACTIVATED'] . adm_back_link($this->u_action)); break; case 'move_up': case 'move_down': $sql = 'SELECT field_order FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tWHERE field_id = {$field_id}"; $result = $db->sql_query($sql); $field_order = $db->sql_fetchfield('field_order'); $db->sql_freeresult($result); if ($field_order === false || $field_order == 0 && $action == 'move_up') { break; } $field_order = (int) $field_order; $order_total = $field_order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\tSET field_order = {$order_total} - field_order\n\t\t\t\t\tWHERE field_order IN ({$field_order}, " . ($action == 'move_up' ? $field_order - 1 : $field_order + 1) . ')'; $db->sql_query($sql); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('success' => (bool) $db->sql_affectedrows())); } break; case 'create': case 'edit': $step = request_var('step', 1); $submit = isset($_REQUEST['next']) || isset($_REQUEST['prev']) ? true : false; $save = isset($_REQUEST['save']) ? true : false; // The language id of default language $this->edit_lang_id = $this->lang_defs['iso'][$config['default_lang']]; // We are editing... we need to grab basic things if ($action == 'edit') { $sql = 'SELECT l.*, f.* FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f WHERE l.lang_id = ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND f.field_id = {$field_id}\n\t\t\t\t\t\t\tAND l.field_id = f.field_id"; $result = $db->sql_query($sql); $field_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$field_row) { // Some admin changed the default language? $sql = 'SELECT l.*, f.* FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f WHERE l.lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND f.field_id = {$field_id}\n\t\t\t\t\t\t\tAND l.field_id = f.field_id"; $result = $db->sql_query($sql); $field_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$field_row) { trigger_error($user->lang['FIELD_NOT_FOUND'] . adm_back_link($this->u_action), E_USER_WARNING); } $this->edit_lang_id = $field_row['lang_id']; } $field_type = $field_row['field_type']; $profile_field = $this->type_collection[$field_type]; // Get language entries $sql = 'SELECT * FROM ' . PROFILE_FIELDS_LANG_TABLE . ' WHERE lang_id = ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY option_id ASC"; $result = $db->sql_query($sql); $lang_options = array(); while ($row = $db->sql_fetchrow($result)) { $lang_options[$row['option_id']] = $row['lang_value']; } $db->sql_freeresult($result); $s_hidden_fields = '<input type="hidden" name="field_id" value="' . $field_id . '" />'; } else { // We are adding a new field, define basic params $lang_options = $field_row = array(); $field_type = request_var('field_type', ''); if (!isset($this->type_collection[$field_type])) { trigger_error($user->lang['NO_FIELD_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } $profile_field = $this->type_collection[$field_type]; $field_row = array_merge($profile_field->get_default_option_values(), array('field_ident' => str_replace(' ', '_', utf8_clean_string(request_var('field_ident', '', true))), 'field_required' => 0, 'field_show_novalue' => 0, 'field_hide' => 0, 'field_show_profile' => 0, 'field_no_view' => 0, 'field_show_on_reg' => 0, 'field_show_on_pm' => 0, 'field_show_on_vt' => 0, 'field_show_on_ml' => 0, 'field_is_contact' => 0, 'field_contact_desc' => '', 'field_contact_url' => '', 'lang_name' => utf8_normalize_nfc(request_var('field_ident', '', true)), 'lang_explain' => '', 'lang_default_value' => '')); $s_hidden_fields = '<input type="hidden" name="field_type" value="' . $field_type . '" />'; } // $exclude contains the data we gather in each step $exclude = array(1 => array('field_ident', 'lang_name', 'lang_explain', 'field_option_none', 'field_show_on_reg', 'field_show_on_pm', 'field_show_on_vt', 'field_show_on_ml', 'field_required', 'field_show_novalue', 'field_hide', 'field_show_profile', 'field_no_view', 'field_is_contact', 'field_contact_desc', 'field_contact_url'), 2 => array('field_length', 'field_maxlen', 'field_minlen', 'field_validation', 'field_novalue', 'field_default_value'), 3 => array('l_lang_name', 'l_lang_explain', 'l_lang_default_value', 'l_lang_options')); // Visibility Options... $visibility_ary = array('field_required', 'field_show_novalue', 'field_show_on_reg', 'field_show_on_pm', 'field_show_on_vt', 'field_show_on_ml', 'field_show_profile', 'field_hide', 'field_is_contact'); $options = $profile_field->prepare_options_form($exclude, $visibility_ary); $cp->vars['field_ident'] = $action == 'create' && $step == 1 ? utf8_clean_string(request_var('field_ident', $field_row['field_ident'], true)) : request_var('field_ident', $field_row['field_ident']); $cp->vars['lang_name'] = $request->variable('lang_name', $field_row['lang_name'], true); $cp->vars['lang_explain'] = $request->variable('lang_explain', $field_row['lang_explain'], true); $cp->vars['lang_default_value'] = $request->variable('lang_default_value', $field_row['lang_default_value'], true); $cp->vars['field_contact_desc'] = $request->variable('field_contact_desc', $field_row['field_contact_desc'], true); $cp->vars['field_contact_url'] = $request->variable('field_contact_url', $field_row['field_contact_url'], true); foreach ($visibility_ary as $val) { $cp->vars[$val] = $submit || $save ? $request->variable($val, 0) : $field_row[$val]; } $cp->vars['field_no_view'] = $request->variable('field_no_view', (int) $field_row['field_no_view']); // If the user has submitted a form with options (i.e. dropdown field) if ($options) { $exploded_options = is_array($options) ? $options : explode("\n", $options); if (sizeof($exploded_options) == sizeof($lang_options) || $action == 'create') { // The number of options in the field is equal to the number of options already in the database // Or we are creating a new dropdown list. $cp->vars['lang_options'] = $exploded_options; } else { if ($action == 'edit') { // Changing the number of options? (We remove and re-create the option fields) $cp->vars['lang_options'] = $exploded_options; } } } else { $cp->vars['lang_options'] = $lang_options; } // step 2 foreach ($exclude[2] as $key) { $var = utf8_normalize_nfc(request_var($key, $field_row[$key], true)); $field_data = $cp->vars; $var = $profile_field->get_excluded_options($key, $action, $var, $field_data, 2); $cp->vars = $field_data; $cp->vars[$key] = $var; } // step 3 - all arrays if ($action == 'edit') { // Get language entries $sql = 'SELECT * FROM ' . PROFILE_FIELDS_LANG_TABLE . ' WHERE lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY option_id ASC"; $result = $db->sql_query($sql); $l_lang_options = array(); while ($row = $db->sql_fetchrow($result)) { $l_lang_options[$row['lang_id']][$row['option_id']] = $row['lang_value']; } $db->sql_freeresult($result); $sql = 'SELECT lang_id, lang_name, lang_explain, lang_default_value FROM ' . PROFILE_LANG_TABLE . ' WHERE lang_id <> ' . $this->edit_lang_id . "\n\t\t\t\t\t\t\tAND field_id = {$field_id}\n\t\t\t\t\t\tORDER BY lang_id ASC"; $result = $db->sql_query($sql); $l_lang_name = $l_lang_explain = $l_lang_default_value = array(); while ($row = $db->sql_fetchrow($result)) { $l_lang_name[$row['lang_id']] = $row['lang_name']; $l_lang_explain[$row['lang_id']] = $row['lang_explain']; $l_lang_default_value[$row['lang_id']] = $row['lang_default_value']; } $db->sql_freeresult($result); } foreach ($exclude[3] as $key) { $cp->vars[$key] = utf8_normalize_nfc(request_var($key, array(0 => ''), true)); if (!$cp->vars[$key] && $action == 'edit') { $cp->vars[$key] = ${$key}; } $field_data = $cp->vars; $var = $profile_field->get_excluded_options($key, $action, $var, $field_data, 3); $cp->vars = $field_data; } // Check for general issues in every step if ($submit) { // Check values for step 1 if ($cp->vars['field_ident'] == '') { $error[] = $user->lang['EMPTY_FIELD_IDENT']; } if (!preg_match('/^[a-z_]+$/', $cp->vars['field_ident'])) { $error[] = $user->lang['INVALID_CHARS_FIELD_IDENT']; } if (strlen($cp->vars['field_ident']) > 17) { $error[] = $user->lang['INVALID_FIELD_IDENT_LEN']; } if ($cp->vars['lang_name'] == '') { $error[] = $user->lang['EMPTY_USER_FIELD_NAME']; } $error = $profile_field->validate_options_on_submit($error, $cp->vars); // Check for already existing field ident if ($action != 'edit') { $sql = 'SELECT field_ident FROM ' . PROFILE_FIELDS_TABLE . "\n\t\t\t\t\t\t\tWHERE field_ident = '" . $db->sql_escape($cp->vars['field_ident']) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { $error[] = $user->lang['FIELD_IDENT_ALREADY_EXIST']; } } } $step = isset($_REQUEST['next']) ? $step + 1 : (isset($_REQUEST['prev']) ? $step - 1 : $step); if (sizeof($error)) { $step--; $submit = false; } // Build up the specific hidden fields foreach ($exclude as $num => $key_ary) { if ($num == $step) { continue; } $_new_key_ary = array(); $field_data = $cp->vars; foreach ($key_ary as $key) { $var = $profile_field->prepare_hidden_fields($step, $key, $action, $field_data); if ($var !== null) { $_new_key_ary[$key] = $profile_field->prepare_hidden_fields($step, $key, $action, $field_data); } } $cp->vars = $field_data; $s_hidden_fields .= build_hidden_fields($_new_key_ary); } if (!sizeof($error)) { if ($step == 3 && (sizeof($this->lang_defs['iso']) == 1 || $save)) { $this->save_profile_field($cp, $field_type, $action); } else { if ($action == 'edit' && $save) { $this->save_profile_field($cp, $field_type, $action); } } } $template->assign_vars(array('S_EDIT' => true, 'S_EDIT_MODE' => $action == 'edit' ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'L_TITLE' => $user->lang['STEP_' . $step . '_TITLE_' . strtoupper($action)], 'L_EXPLAIN' => $user->lang['STEP_' . $step . '_EXPLAIN_' . strtoupper($action)], 'U_ACTION' => $this->u_action . "&action={$action}&step={$step}", 'U_BACK' => $this->u_action)); // Now go through the steps switch ($step) { // Create basic options - only small differences between field types case 1: $template_vars = array('S_STEP_ONE' => true, 'S_FIELD_REQUIRED' => $cp->vars['field_required'] ? true : false, 'S_FIELD_SHOW_NOVALUE' => $cp->vars['field_show_novalue'] ? true : false, 'S_SHOW_ON_REG' => $cp->vars['field_show_on_reg'] ? true : false, 'S_SHOW_ON_PM' => $cp->vars['field_show_on_pm'] ? true : false, 'S_SHOW_ON_VT' => $cp->vars['field_show_on_vt'] ? true : false, 'S_SHOW_ON_MEMBERLIST' => $cp->vars['field_show_on_ml'] ? true : false, 'S_FIELD_HIDE' => $cp->vars['field_hide'] ? true : false, 'S_SHOW_PROFILE' => $cp->vars['field_show_profile'] ? true : false, 'S_FIELD_NO_VIEW' => $cp->vars['field_no_view'] ? true : false, 'S_FIELD_CONTACT' => $cp->vars['field_is_contact'], 'FIELD_CONTACT_DESC' => $cp->vars['field_contact_desc'], 'FIELD_CONTACT_URL' => $cp->vars['field_contact_url'], 'L_LANG_SPECIFIC' => sprintf($user->lang['LANG_SPECIFIC_OPTIONS'], $config['default_lang']), 'FIELD_TYPE' => $profile_field->get_name(), 'FIELD_IDENT' => $cp->vars['field_ident'], 'LANG_NAME' => $cp->vars['lang_name'], 'LANG_EXPLAIN' => $cp->vars['lang_explain']); $field_data = $cp->vars; $profile_field->display_options($template_vars, $field_data); $cp->vars = $field_data; // Build common create options $template->assign_vars($template_vars); break; case 2: $template->assign_vars(array('S_STEP_TWO' => true, 'L_NEXT_STEP' => sizeof($this->lang_defs['iso']) == 1 ? $user->lang['SAVE'] : $user->lang['PROFILE_LANG_OPTIONS'])); // Build options based on profile type $options = $profile_field->get_options($this->lang_defs['iso'][$config['default_lang']], $cp->vars); foreach ($options as $num => $option_ary) { $template->assign_block_vars('option', $option_ary); } break; // Define remaining language variables // Define remaining language variables case 3: $template->assign_var('S_STEP_THREE', true); $options = $this->build_language_options($cp, $field_type, $action); foreach ($options as $lang_id => $lang_ary) { $template->assign_block_vars('options', array('LANGUAGE' => sprintf($user->lang[($lang_id == $this->edit_lang_id ? 'DEFAULT_' : '') . 'ISO_LANGUAGE'], $lang_ary['lang_iso']))); foreach ($lang_ary['fields'] as $field_ident => $field_ary) { $template->assign_block_vars('options.field', array('L_TITLE' => $field_ary['TITLE'], 'L_EXPLAIN' => isset($field_ary['EXPLAIN']) ? $field_ary['EXPLAIN'] : '', 'FIELD' => $field_ary['FIELD'])); } } break; } $template->assign_vars(array('S_HIDDEN_FIELDS' => $s_hidden_fields)); return; break; } $sql = 'SELECT * FROM ' . PROFILE_FIELDS_TABLE . ' ORDER BY field_order'; $result = $db->sql_query($sql); $s_one_need_edit = false; while ($row = $db->sql_fetchrow($result)) { $active_lang = !$row['field_active'] ? 'ACTIVATE' : 'DEACTIVATE'; $active_value = !$row['field_active'] ? 'activate' : 'deactivate'; $id = $row['field_id']; $s_need_edit = sizeof($this->lang_defs['diff'][$row['field_id']]) ? true : false; if ($s_need_edit) { $s_one_need_edit = true; } $profile_field = $this->type_collection[$row['field_type']]; $template->assign_block_vars('fields', array('FIELD_IDENT' => $row['field_ident'], 'FIELD_TYPE' => $profile_field->get_name(), 'L_ACTIVATE_DEACTIVATE' => $user->lang[$active_lang], 'U_ACTIVATE_DEACTIVATE' => $this->u_action . "&action={$active_value}&field_id={$id}", 'U_EDIT' => $this->u_action . "&action=edit&field_id={$id}", 'U_TRANSLATE' => $this->u_action . "&action=edit&field_id={$id}&step=3", 'U_DELETE' => $this->u_action . "&action=delete&field_id={$id}", 'U_MOVE_UP' => $this->u_action . "&action=move_up&field_id={$id}", 'U_MOVE_DOWN' => $this->u_action . "&action=move_down&field_id={$id}", 'S_NEED_EDIT' => $s_need_edit)); } $db->sql_freeresult($result); // At least one option field needs editing? if ($s_one_need_edit) { $template->assign_var('S_NEED_EDIT', true); } $s_select_type = ''; foreach ($this->type_collection as $key => $profile_field) { $s_select_type .= '<option value="' . $key . '">' . $profile_field->get_name() . '</option>'; } $template->assign_vars(array('U_ACTION' => $this->u_action, 'S_TYPE_OPTIONS' => $s_select_type)); }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $request, $src_dispatcher; global $config, $src_admin_path, $src_root_path, $phpEx; $user->add_lang('acp/forums'); $this->tpl_name = 'acp_forums'; $this->page_title = 'ACP_MANAGE_FORUMS'; $form_key = 'acp_forums'; add_form_key($form_key); $action = request_var('action', ''); $update = isset($_POST['update']) ? true : false; $forum_id = request_var('f', 0); $this->parent_id = request_var('parent_id', 0); $forum_data = $errors = array(); if ($update && !check_form_key($form_key)) { $update = false; $errors[] = $user->lang['FORM_INVALID']; } // Check additional permissions switch ($action) { case 'progress_bar': $start = request_var('start', 0); $total = request_var('total', 0); $this->display_progress_bar($start, $total); break; case 'delete': if (!$auth->acl_get('a_forumdel')) { trigger_error($user->lang['NO_PERMISSION_FORUM_DELETE'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } break; case 'add': if (!$auth->acl_get('a_forumadd')) { trigger_error($user->lang['NO_PERMISSION_FORUM_ADD'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } break; } // Major routines if ($update) { switch ($action) { case 'delete': $action_subforums = request_var('action_subforums', ''); $subforums_to_id = request_var('subforums_to_id', 0); $action_posts = request_var('action_posts', ''); $posts_to_id = request_var('posts_to_id', 0); $errors = $this->delete_forum($forum_id, $action_posts, $action_subforums, $posts_to_id, $subforums_to_id); if (sizeof($errors)) { break; } $auth->acl_clear_prefetch(); $cache->destroy('sql', FORUMS_TABLE); trigger_error($user->lang['FORUM_DELETED'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); break; case 'edit': $forum_data = array('forum_id' => $forum_id); // No break here // No break here case 'add': $forum_data += array('parent_id' => request_var('forum_parent_id', $this->parent_id), 'forum_type' => request_var('forum_type', FORUM_POST), 'type_action' => request_var('type_action', ''), 'forum_status' => request_var('forum_status', ITEM_UNLOCKED), 'forum_parents' => '', 'forum_name' => utf8_normalize_nfc(request_var('forum_name', '', true)), 'forum_link' => request_var('forum_link', ''), 'forum_link_track' => request_var('forum_link_track', false), 'forum_desc' => utf8_normalize_nfc(request_var('forum_desc', '', true)), 'forum_desc_uid' => '', 'forum_desc_options' => 7, 'forum_desc_bitfield' => '', 'forum_rules' => utf8_normalize_nfc(request_var('forum_rules', '', true)), 'forum_rules_uid' => '', 'forum_rules_options' => 7, 'forum_rules_bitfield' => '', 'forum_rules_link' => request_var('forum_rules_link', ''), 'forum_image' => request_var('forum_image', ''), 'forum_style' => request_var('forum_style', 0), 'display_subforum_list' => request_var('display_subforum_list', false), 'display_on_index' => request_var('display_on_index', false), 'forum_topics_per_page' => request_var('topics_per_page', 0), 'enable_indexing' => request_var('enable_indexing', true), 'enable_icons' => request_var('enable_icons', false), 'enable_prune' => request_var('enable_prune', false), 'enable_post_review' => request_var('enable_post_review', true), 'enable_quick_reply' => request_var('enable_quick_reply', false), 'enable_shadow_prune' => request_var('enable_shadow_prune', false), 'prune_days' => request_var('prune_days', 7), 'prune_viewed' => request_var('prune_viewed', 7), 'prune_freq' => request_var('prune_freq', 1), 'prune_old_polls' => request_var('prune_old_polls', false), 'prune_announce' => request_var('prune_announce', false), 'prune_sticky' => request_var('prune_sticky', false), 'prune_shadow_days' => request_var('prune_shadow_days', 7), 'prune_shadow_freq' => request_var('prune_shadow_freq', 1), 'forum_password' => request_var('forum_password', '', true), 'forum_password_confirm' => request_var('forum_password_confirm', '', true), 'forum_password_unset' => request_var('forum_password_unset', false)); /** * Request forum data and operate on it (parse texts, etc.) * * @event core.acp_manage_forums_request_data * @var string action Type of the action: add|edit * @var array forum_data Array with new forum data * @since 3.1.0-a1 */ $vars = array('action', 'forum_data'); extract($src_dispatcher->trigger_event('core.acp_manage_forums_request_data', compact($vars))); // On add, add empty forum_options... else do not consider it (not updating it) if ($action == 'add') { $forum_data['forum_options'] = 0; } // Use link_display_on_index setting if forum type is link if ($forum_data['forum_type'] == FORUM_LINK) { $forum_data['display_on_index'] = request_var('link_display_on_index', false); } // Linked forums and categories are not able to be locked... if ($forum_data['forum_type'] == FORUM_LINK || $forum_data['forum_type'] == FORUM_CAT) { $forum_data['forum_status'] = ITEM_UNLOCKED; } $forum_data['show_active'] = $forum_data['forum_type'] == FORUM_POST ? request_var('display_recent', true) : request_var('display_active', false); // Get data for forum rules if specified... if ($forum_data['forum_rules']) { generate_text_for_storage($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options'], request_var('rules_parse_bbcode', false), request_var('rules_parse_urls', false), request_var('rules_parse_smilies', false)); } // Get data for forum description if specified if ($forum_data['forum_desc']) { generate_text_for_storage($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options'], request_var('desc_parse_bbcode', false), request_var('desc_parse_urls', false), request_var('desc_parse_smilies', false)); } $errors = $this->update_forum_data($forum_data); if (!sizeof($errors)) { $forum_perm_from = request_var('forum_perm_from', 0); $cache->destroy('sql', FORUMS_TABLE); $copied_permissions = false; // Copy permissions? if ($forum_perm_from && $forum_perm_from != $forum_data['forum_id'] && ($action != 'edit' || empty($forum_id) || $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth'))) { copy_forum_permissions($forum_perm_from, $forum_data['forum_id'], $action == 'edit' ? true : false); src_cache_moderators($db, $cache, $auth); $copied_permissions = true; } /* Commented out because of questionable UI workflow - re-visit for 3.0.7 else if (!$this->parent_id && $action != 'edit' && $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')) { $this->copy_permission_page($forum_data); return; } */ $auth->acl_clear_prefetch(); $acl_url = '&mode=setting_forum_local&forum_id[]=' . $forum_data['forum_id']; $message = $action == 'add' ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED']; // redirect directly to permission settings screen if authed if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth')) { $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$src_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url) . '">', '</a>'); meta_refresh(4, append_sid("{$src_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url)); } trigger_error($message . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } break; } } switch ($action) { case 'move_up': case 'move_down': if (!$forum_id) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $sql = 'SELECT * FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $move_forum_name = $this->move_forum_by($row, $action, 1); if ($move_forum_name !== false) { add_log('admin', 'LOG_FORUM_' . strtoupper($action), $row['forum_name'], $move_forum_name); $cache->destroy('sql', FORUMS_TABLE); } if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('success' => $move_forum_name !== false)); } break; case 'sync': if (!$forum_id) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } @set_time_limit(0); $sql = 'SELECT forum_name, (forum_topics_approved + forum_topics_unapproved + forum_topics_softdeleted) AS total_topics FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } if ($row['total_topics']) { $sql = 'SELECT MIN(topic_id) as min_topic_id, MAX(topic_id) as max_topic_id FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . $forum_id; $result = $db->sql_query($sql); $row2 = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Typecast to int if there is no data available $row2['min_topic_id'] = (int) $row2['min_topic_id']; $row2['max_topic_id'] = (int) $row2['max_topic_id']; $start = request_var('start', $row2['min_topic_id']); $batch_size = 2000; $end = $start + $batch_size; // Sync all topics in batch mode... sync('topic', 'range', 'topic_id BETWEEN ' . $start . ' AND ' . $end, true, true); if ($end < $row2['max_topic_id']) { // We really need to find a way of showing statistics... no progress here $sql = 'SELECT COUNT(topic_id) as num_topics FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . $forum_id . ' AND topic_id BETWEEN ' . $start . ' AND ' . $end; $result = $db->sql_query($sql); $topics_done = request_var('topics_done', 0) + (int) $db->sql_fetchfield('num_topics'); $db->sql_freeresult($result); $start += $batch_size; $url = $this->u_action . "&parent_id={$this->parent_id}&f={$forum_id}&action=sync&start={$start}&topics_done={$topics_done}&total={$row['total_topics']}"; meta_refresh(0, $url); $template->assign_vars(array('U_PROGRESS_BAR' => $this->u_action . "&action=progress_bar&start={$topics_done}&total={$row['total_topics']}", 'UA_PROGRESS_BAR' => addslashes($this->u_action . "&action=progress_bar&start={$topics_done}&total={$row['total_topics']}"), 'S_CONTINUE_SYNC' => true, 'L_PROGRESS_EXPLAIN' => sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], $topics_done, $row['total_topics']))); return; } } $url = $this->u_action . "&parent_id={$this->parent_id}&f={$forum_id}&action=sync_forum"; meta_refresh(0, $url); $template->assign_vars(array('U_PROGRESS_BAR' => $this->u_action . '&action=progress_bar', 'UA_PROGRESS_BAR' => addslashes($this->u_action . '&action=progress_bar'), 'S_CONTINUE_SYNC' => true, 'L_PROGRESS_EXPLAIN' => sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], 0, $row['total_topics']))); return; break; case 'sync_forum': $sql = 'SELECT forum_name, forum_type FROM ' . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_id = {$forum_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } sync('forum', 'forum_id', $forum_id, false, true); add_log('admin', 'LOG_FORUM_SYNC', $row['forum_name']); $cache->destroy('sql', FORUMS_TABLE); $template->assign_var('L_FORUM_RESYNCED', sprintf($user->lang['FORUM_RESYNCED'], $row['forum_name'])); break; case 'add': case 'edit': if ($update) { $forum_data['forum_flags'] = 0; $forum_data['forum_flags'] += request_var('forum_link_track', false) ? FORUM_FLAG_LINK_TRACK : 0; $forum_data['forum_flags'] += request_var('prune_old_polls', false) ? FORUM_FLAG_PRUNE_POLL : 0; $forum_data['forum_flags'] += request_var('prune_announce', false) ? FORUM_FLAG_PRUNE_ANNOUNCE : 0; $forum_data['forum_flags'] += request_var('prune_sticky', false) ? FORUM_FLAG_PRUNE_STICKY : 0; $forum_data['forum_flags'] += $forum_data['show_active'] ? FORUM_FLAG_ACTIVE_TOPICS : 0; $forum_data['forum_flags'] += request_var('enable_post_review', true) ? FORUM_FLAG_POST_REVIEW : 0; $forum_data['forum_flags'] += request_var('enable_quick_reply', false) ? FORUM_FLAG_QUICK_REPLY : 0; } // Initialise $row, so we always have it in the event $row = array(); // Show form to create/modify a forum if ($action == 'edit') { $this->page_title = 'EDIT_FORUM'; $row = $this->get_forum_info($forum_id); $old_forum_type = $row['forum_type']; if (!$update) { $forum_data = $row; } else { $forum_data['left_id'] = $row['left_id']; $forum_data['right_id'] = $row['right_id']; } // Make sure no direct child forums are able to be selected as parents. $exclude_forums = array(); foreach (get_forum_branch($forum_id, 'children') as $row) { $exclude_forums[] = $row['forum_id']; } $parents_list = make_forum_select($forum_data['parent_id'], $exclude_forums, false, false, false); $forum_data['forum_password_confirm'] = $forum_data['forum_password']; } else { $this->page_title = 'CREATE_FORUM'; $forum_id = $this->parent_id; $parents_list = make_forum_select($this->parent_id, false, false, false, false); // Fill forum data with default values if (!$update) { $forum_data = array('parent_id' => $this->parent_id, 'forum_type' => FORUM_POST, 'forum_status' => ITEM_UNLOCKED, 'forum_name' => utf8_normalize_nfc(request_var('forum_name', '', true)), 'forum_link' => '', 'forum_link_track' => false, 'forum_desc' => '', 'forum_rules' => '', 'forum_rules_link' => '', 'forum_image' => '', 'forum_style' => 0, 'display_subforum_list' => true, 'display_on_index' => false, 'forum_topics_per_page' => 0, 'enable_indexing' => true, 'enable_icons' => false, 'enable_prune' => false, 'prune_days' => 7, 'prune_viewed' => 7, 'prune_freq' => 1, 'enable_shadow_prune' => false, 'prune_shadow_days' => 7, 'prune_shadow_freq' => 1, 'forum_flags' => FORUM_FLAG_POST_REVIEW + FORUM_FLAG_ACTIVE_TOPICS, 'forum_options' => 0, 'forum_password' => '', 'forum_password_confirm' => ''); } } /** * Initialise data before we display the add/edit form * * @event core.acp_manage_forums_initialise_data * @var string action Type of the action: add|edit * @var bool update Do we display the form only * or did the user press submit * @var int forum_id When editing: the forum id, * when creating: the parent forum id * @var array row Array with current forum data * empty when creating new forum * @var array forum_data Array with new forum data * @var string parents_list List of parent options * @since 3.1.0-a1 */ $vars = array('action', 'update', 'forum_id', 'row', 'forum_data', 'parents_list'); extract($src_dispatcher->trigger_event('core.acp_manage_forums_initialise_data', compact($vars))); $forum_rules_data = array('text' => $forum_data['forum_rules'], 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true); $forum_desc_data = array('text' => $forum_data['forum_desc'], 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true); $forum_rules_preview = ''; // Parse rules if specified if ($forum_data['forum_rules']) { if (!isset($forum_data['forum_rules_uid'])) { // Before we are able to display the preview and plane text, we need to parse our request_var()'d value... $forum_data['forum_rules_uid'] = ''; $forum_data['forum_rules_bitfield'] = ''; $forum_data['forum_rules_options'] = 0; generate_text_for_storage($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options'], request_var('rules_allow_bbcode', false), request_var('rules_allow_urls', false), request_var('rules_allow_smilies', false)); } // Generate preview content $forum_rules_preview = generate_text_for_display($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_bitfield'], $forum_data['forum_rules_options']); // decode... $forum_rules_data = generate_text_for_edit($forum_data['forum_rules'], $forum_data['forum_rules_uid'], $forum_data['forum_rules_options']); } // Parse desciption if specified if ($forum_data['forum_desc']) { if (!isset($forum_data['forum_desc_uid'])) { // Before we are able to display the preview and plane text, we need to parse our request_var()'d value... $forum_data['forum_desc_uid'] = ''; $forum_data['forum_desc_bitfield'] = ''; $forum_data['forum_desc_options'] = 0; generate_text_for_storage($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options'], request_var('desc_allow_bbcode', false), request_var('desc_allow_urls', false), request_var('desc_allow_smilies', false)); } // decode... $forum_desc_data = generate_text_for_edit($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_options']); } $forum_type_options = ''; $forum_type_ary = array(FORUM_CAT => 'CAT', FORUM_POST => 'FORUM', FORUM_LINK => 'LINK'); foreach ($forum_type_ary as $value => $lang) { $forum_type_options .= '<option value="' . $value . '"' . ($value == $forum_data['forum_type'] ? ' selected="selected"' : '') . '>' . $user->lang['TYPE_' . $lang] . '</option>'; } $styles_list = style_select($forum_data['forum_style'], true); $statuslist = '<option value="' . ITEM_UNLOCKED . '"' . ($forum_data['forum_status'] == ITEM_UNLOCKED ? ' selected="selected"' : '') . '>' . $user->lang['UNLOCKED'] . '</option><option value="' . ITEM_LOCKED . '"' . ($forum_data['forum_status'] == ITEM_LOCKED ? ' selected="selected"' : '') . '>' . $user->lang['LOCKED'] . '</option>'; $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type = ' . FORUM_POST . "\n\t\t\t\t\t\tAND forum_id <> {$forum_id}"; $result = $db->sql_query_limit($sql, 1); $postable_forum_exists = false; if ($db->sql_fetchrow($result)) { $postable_forum_exists = true; } $db->sql_freeresult($result); // Subforum move options if ($action == 'edit' && $forum_data['forum_type'] == FORUM_CAT) { $subforums_id = array(); $subforums = get_forum_branch($forum_id, 'children'); foreach ($subforums as $row) { $subforums_id[] = $row['forum_id']; } $forums_list = make_forum_select($forum_data['parent_id'], $subforums_id); if ($postable_forum_exists) { $template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $subforums_id))); } $template->assign_vars(array('S_HAS_SUBFORUMS' => $forum_data['right_id'] - $forum_data['left_id'] > 1 ? true : false, 'S_FORUMS_LIST' => $forums_list)); } else { if ($postable_forum_exists) { $template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $forum_id, false, true, false))); } } $s_show_display_on_index = false; if ($forum_data['parent_id'] > 0) { // if this forum is a subforum put the "display on index" checkbox if ($parent_info = $this->get_forum_info($forum_data['parent_id'])) { if ($parent_info['parent_id'] > 0 || $parent_info['forum_type'] == FORUM_CAT) { $s_show_display_on_index = true; } } } if (strlen($forum_data['forum_password']) == 32) { $errors[] = $user->lang['FORUM_PASSWORD_OLD']; } $template_data = array('S_EDIT_FORUM' => true, 'S_ERROR' => sizeof($errors) ? true : false, 'S_PARENT_ID' => $this->parent_id, 'S_FORUM_PARENT_ID' => $forum_data['parent_id'], 'S_ADD_ACTION' => $action == 'add' ? true : false, 'U_BACK' => $this->u_action . '&parent_id=' . $this->parent_id, 'U_EDIT_ACTION' => $this->u_action . "&parent_id={$this->parent_id}&action={$action}&f={$forum_id}", 'L_COPY_PERMISSIONS_EXPLAIN' => $user->lang['COPY_PERMISSIONS_' . strtoupper($action) . '_EXPLAIN'], 'L_TITLE' => $user->lang[$this->page_title], 'ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '', 'FORUM_NAME' => $forum_data['forum_name'], 'FORUM_DATA_LINK' => $forum_data['forum_link'], 'FORUM_IMAGE' => $forum_data['forum_image'], 'FORUM_IMAGE_SRC' => $forum_data['forum_image'] ? $src_root_path . $forum_data['forum_image'] : '', 'FORUM_POST' => FORUM_POST, 'FORUM_LINK' => FORUM_LINK, 'FORUM_CAT' => FORUM_CAT, 'PRUNE_FREQ' => $forum_data['prune_freq'], 'PRUNE_DAYS' => $forum_data['prune_days'], 'PRUNE_VIEWED' => $forum_data['prune_viewed'], 'PRUNE_SHADOW_FREQ' => $forum_data['prune_shadow_freq'], 'PRUNE_SHADOW_DAYS' => $forum_data['prune_shadow_days'], 'TOPICS_PER_PAGE' => $forum_data['forum_topics_per_page'], 'FORUM_RULES_LINK' => $forum_data['forum_rules_link'], 'FORUM_RULES' => $forum_data['forum_rules'], 'FORUM_RULES_PREVIEW' => $forum_rules_preview, 'FORUM_RULES_PLAIN' => $forum_rules_data['text'], 'S_BBCODE_CHECKED' => $forum_rules_data['allow_bbcode'] ? true : false, 'S_SMILIES_CHECKED' => $forum_rules_data['allow_smilies'] ? true : false, 'S_URLS_CHECKED' => $forum_rules_data['allow_urls'] ? true : false, 'S_FORUM_PASSWORD_SET' => empty($forum_data['forum_password']) ? false : true, 'FORUM_DESC' => $forum_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => $forum_desc_data['allow_bbcode'] ? true : false, 'S_DESC_SMILIES_CHECKED' => $forum_desc_data['allow_smilies'] ? true : false, 'S_DESC_URLS_CHECKED' => $forum_desc_data['allow_urls'] ? true : false, 'S_FORUM_TYPE_OPTIONS' => $forum_type_options, 'S_STATUS_OPTIONS' => $statuslist, 'S_PARENT_OPTIONS' => $parents_list, 'S_STYLES_OPTIONS' => $styles_list, 'S_FORUM_OPTIONS' => make_forum_select($action == 'add' ? $forum_data['parent_id'] : false, $action == 'edit' ? $forum_data['forum_id'] : false, false, false, false), 'S_SHOW_DISPLAY_ON_INDEX' => $s_show_display_on_index, 'S_FORUM_POST' => $forum_data['forum_type'] == FORUM_POST ? true : false, 'S_FORUM_ORIG_POST' => isset($old_forum_type) && $old_forum_type == FORUM_POST ? true : false, 'S_FORUM_ORIG_CAT' => isset($old_forum_type) && $old_forum_type == FORUM_CAT ? true : false, 'S_FORUM_ORIG_LINK' => isset($old_forum_type) && $old_forum_type == FORUM_LINK ? true : false, 'S_FORUM_LINK' => $forum_data['forum_type'] == FORUM_LINK ? true : false, 'S_FORUM_CAT' => $forum_data['forum_type'] == FORUM_CAT ? true : false, 'S_ENABLE_INDEXING' => $forum_data['enable_indexing'] ? true : false, 'S_TOPIC_ICONS' => $forum_data['enable_icons'] ? true : false, 'S_DISPLAY_SUBFORUM_LIST' => $forum_data['display_subforum_list'] ? true : false, 'S_DISPLAY_ON_INDEX' => $forum_data['display_on_index'] ? true : false, 'S_PRUNE_ENABLE' => $forum_data['enable_prune'] ? true : false, 'S_PRUNE_SHADOW_ENABLE' => $forum_data['enable_shadow_prune'] ? true : false, 'S_FORUM_LINK_TRACK' => $forum_data['forum_flags'] & FORUM_FLAG_LINK_TRACK ? true : false, 'S_PRUNE_OLD_POLLS' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_POLL ? true : false, 'S_PRUNE_ANNOUNCE' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_ANNOUNCE ? true : false, 'S_PRUNE_STICKY' => $forum_data['forum_flags'] & FORUM_FLAG_PRUNE_STICKY ? true : false, 'S_DISPLAY_ACTIVE_TOPICS' => $forum_data['forum_type'] == FORUM_POST ? $forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS : true, 'S_ENABLE_ACTIVE_TOPICS' => $forum_data['forum_type'] == FORUM_CAT ? $forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS : false, 'S_ENABLE_POST_REVIEW' => $forum_data['forum_flags'] & FORUM_FLAG_POST_REVIEW ? true : false, 'S_ENABLE_QUICK_REPLY' => $forum_data['forum_flags'] & FORUM_FLAG_QUICK_REPLY ? true : false, 'S_CAN_COPY_PERMISSIONS' => $action != 'edit' || empty($forum_id) || $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth') ? true : false); /** * Modify forum template data before we display the form * * @event core.acp_manage_forums_display_form * @var string action Type of the action: add|edit * @var bool update Do we display the form only * or did the user press submit * @var int forum_id When editing: the forum id, * when creating: the parent forum id * @var array row Array with current forum data * empty when creating new forum * @var array forum_data Array with new forum data * @var string parents_list List of parent options * @var array errors Array of errors, if you add errors * ensure to update the template variables * S_ERROR and ERROR_MSG to display it * @var array template_data Array with new forum data * @since 3.1.0-a1 */ $vars = array('action', 'update', 'forum_id', 'row', 'forum_data', 'parents_list', 'errors', 'template_data'); extract($src_dispatcher->trigger_event('core.acp_manage_forums_display_form', compact($vars))); $template->assign_vars($template_data); return; break; case 'delete': if (!$forum_id) { trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } $forum_data = $this->get_forum_info($forum_id); $subforums_id = array(); $subforums = get_forum_branch($forum_id, 'children'); foreach ($subforums as $row) { $subforums_id[] = $row['forum_id']; } $forums_list = make_forum_select($forum_data['parent_id'], $subforums_id); $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type = ' . FORUM_POST . "\n\t\t\t\t\t\tAND forum_id <> {$forum_id}"; $result = $db->sql_query_limit($sql, 1); if ($db->sql_fetchrow($result)) { $template->assign_vars(array('S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $subforums_id, false, true))); } $db->sql_freeresult($result); $parent_id = $this->parent_id == $forum_id ? 0 : $this->parent_id; $template->assign_vars(array('S_DELETE_FORUM' => true, 'U_ACTION' => $this->u_action . "&parent_id={$parent_id}&action=delete&f={$forum_id}", 'U_BACK' => $this->u_action . '&parent_id=' . $this->parent_id, 'FORUM_NAME' => $forum_data['forum_name'], 'S_FORUM_POST' => $forum_data['forum_type'] == FORUM_POST ? true : false, 'S_FORUM_LINK' => $forum_data['forum_type'] == FORUM_LINK ? true : false, 'S_HAS_SUBFORUMS' => $forum_data['right_id'] - $forum_data['left_id'] > 1 ? true : false, 'S_FORUMS_LIST' => $forums_list, 'S_ERROR' => sizeof($errors) ? true : false, 'ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '')); return; break; case 'copy_perm': $forum_perm_from = request_var('forum_perm_from', 0); // Copy permissions? if (!empty($forum_perm_from) && $forum_perm_from != $forum_id) { copy_forum_permissions($forum_perm_from, $forum_id, true); src_cache_moderators($db, $cache, $auth); $auth->acl_clear_prefetch(); $cache->destroy('sql', FORUMS_TABLE); $acl_url = '&mode=setting_forum_local&forum_id[]=' . $forum_id; $message = $user->lang['FORUM_UPDATED']; // Redirect to permissions if ($auth->acl_get('a_fauth')) { $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$src_admin_path}index.{$phpEx}", 'i=permissions' . $acl_url) . '">', '</a>'); } trigger_error($message . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } break; } // Default management page if (!$this->parent_id) { $navigation = $user->lang['FORUM_INDEX']; } else { $navigation = '<a href="' . $this->u_action . '">' . $user->lang['FORUM_INDEX'] . '</a>'; $forums_nav = get_forum_branch($this->parent_id, 'parents', 'descending'); foreach ($forums_nav as $row) { if ($row['forum_id'] == $this->parent_id) { $navigation .= ' -> ' . $row['forum_name']; } else { $navigation .= ' -> <a href="' . $this->u_action . '&parent_id=' . $row['forum_id'] . '">' . $row['forum_name'] . '</a>'; } } } // Jumpbox $forum_box = make_forum_select($this->parent_id, false, false, false, false); //make_forum_select($this->parent_id); if ($action == 'sync' || $action == 'sync_forum') { $template->assign_var('S_RESYNCED', true); } $sql = 'SELECT * FROM ' . FORUMS_TABLE . "\n\t\t\tWHERE parent_id = {$this->parent_id}\n\t\t\tORDER BY left_id"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { $forum_type = $row['forum_type']; if ($row['forum_status'] == ITEM_LOCKED) { $folder_image = '<img src="images/icon_folder_lock.gif" alt="' . $user->lang['LOCKED'] . '" />'; } else { switch ($forum_type) { case FORUM_LINK: $folder_image = '<img src="images/icon_folder_link.gif" alt="' . $user->lang['LINK'] . '" />'; break; default: $folder_image = $row['left_id'] + 1 != $row['right_id'] ? '<img src="images/icon_subfolder.gif" alt="' . $user->lang['SUBFORUM'] . '" />' : '<img src="images/icon_folder.gif" alt="' . $user->lang['FOLDER'] . '" />'; break; } } $url = $this->u_action . "&parent_id={$this->parent_id}&f={$row['forum_id']}"; $template->assign_block_vars('forums', array('FOLDER_IMAGE' => $folder_image, 'FORUM_IMAGE' => $row['forum_image'] ? '<img src="' . $src_root_path . $row['forum_image'] . '" alt="" />' : '', 'FORUM_IMAGE_SRC' => $row['forum_image'] ? $src_root_path . $row['forum_image'] : '', 'FORUM_NAME' => $row['forum_name'], 'FORUM_DESCRIPTION' => generate_text_for_display($row['forum_desc'], $row['forum_desc_uid'], $row['forum_desc_bitfield'], $row['forum_desc_options']), 'FORUM_TOPICS' => $row['forum_topics_approved'], 'FORUM_POSTS' => $row['forum_posts_approved'], 'S_FORUM_LINK' => $forum_type == FORUM_LINK ? true : false, 'S_FORUM_POST' => $forum_type == FORUM_POST ? true : false, 'U_FORUM' => $this->u_action . '&parent_id=' . $row['forum_id'], 'U_MOVE_UP' => $url . '&action=move_up', 'U_MOVE_DOWN' => $url . '&action=move_down', 'U_EDIT' => $url . '&action=edit', 'U_DELETE' => $url . '&action=delete', 'U_SYNC' => $url . '&action=sync')); } while ($row = $db->sql_fetchrow($result)); } else { if ($this->parent_id) { $row = $this->get_forum_info($this->parent_id); $url = $this->u_action . '&parent_id=' . $this->parent_id . '&f=' . $row['forum_id']; $template->assign_vars(array('S_NO_FORUMS' => true, 'U_EDIT' => $url . '&action=edit', 'U_DELETE' => $url . '&action=delete', 'U_SYNC' => $url . '&action=sync')); } } $db->sql_freeresult($result); $template->assign_vars(array('ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '', 'NAVIGATION' => $navigation, 'FORUM_BOX' => $forum_box, 'U_SEL_ACTION' => $this->u_action, 'U_ACTION' => $this->u_action . '&parent_id=' . $this->parent_id, 'U_PROGRESS_BAR' => $this->u_action . '&action=progress_bar', 'UA_PROGRESS_BAR' => addslashes($this->u_action . '&action=progress_bar'))); }
* NOTE: Should be actual language strings, NOT * language keys. * @var bool is_authed Does the user have the required permissions? * @since 3.1.3-RC1 */ $vars = array('post_id', 'topic_id', 'forum_id', 'draft_id', 'lastclick', 'submit', 'preview', 'save', 'load', 'refresh', 'mode', 'error', 'is_authed'); extract($src_dispatcher->trigger_event('core.modify_posting_auth', compact($vars))); if (!$is_authed) { $check_auth = $mode == 'quote' ? 'reply' : $mode; if ($user->data['is_registered']) { trigger_error('USER_CANNOT_' . strtoupper($check_auth)); } $message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]; if ($request->is_ajax()) { $json = new src\json_response(); $json->send(array('title' => $user->lang['INFORMATION'], 'message' => $message)); } login_box('', $message); } // Is the user able to post within this forum? if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) { trigger_error('USER_CANNOT_FORUM_POST'); } // Forum/Topic locked? if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) { trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); } // Can we edit this post ... if we're a moderator with rights then always yes // else it depends on editing times, lock status and if we're the correct user if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) { $force_edit_allowed = false;
/** * Error and message handler, call with trigger_error if read */ function msg_handler($errno, $msg_text, $errfile, $errline) { global $cache, $db, $auth, $template, $config, $user, $request; global $phpEx, $src_root_path, $msg_title, $msg_long_text; // Do not display notices if we suppress them via @ if (error_reporting() == 0 && $errno != E_USER_ERROR && $errno != E_USER_WARNING && $errno != E_USER_NOTICE) { return; } // Message handler is stripping text. In case we need it, we are possible to define long text... if (isset($msg_long_text) && $msg_long_text && !$msg_text) { $msg_text = $msg_long_text; } if (!defined('E_DEPRECATED')) { define('E_DEPRECATED', 8192); } switch ($errno) { case E_NOTICE: case E_WARNING: // Check the error reporting level and return if the error level does not match // If DEBUG is defined the default level is E_ALL if (($errno & (defined('DEBUG') ? E_ALL : error_reporting())) == 0) { return; } if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false) { $errfile = src_filter_root_path($errfile); $msg_text = src_filter_root_path($msg_text); $error_name = $errno === E_WARNING ? 'PHP Warning' : 'PHP Notice'; echo '<b>[src Debug] ' . $error_name . '</b>: in file <b>' . $errfile . '</b> on line <b>' . $errline . '</b>: <b>' . $msg_text . '</b><br />' . "\n"; // we are writing an image - the user won't see the debug, so let's place it in the log if (defined('IMAGE_OUTPUT') || defined('IN_CRON')) { add_log('critical', 'LOG_IMAGE_GENERATION_ERROR', $errfile, $errline, $msg_text); } // echo '<br /><br />BACKTRACE<br />' . get_backtrace() . '<br />' . "\n"; } return; break; case E_USER_ERROR: if (!empty($user) && !empty($user->lang)) { $msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text; $msg_title = !isset($msg_title) ? $user->lang['GENERAL_ERROR'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title); $l_return_index = sprintf($user->lang['RETURN_INDEX'], '<a href="' . $src_root_path . '">', '</a>'); $l_notify = ''; if (!empty($config['srcrd_contact'])) { $l_notify = '<p>' . sprintf($user->lang['NOTIFY_ADMIN_EMAIL'], $config['srcrd_contact']) . '</p>'; } } else { $msg_title = 'General Error'; $l_return_index = '<a href="' . $src_root_path . '">Return to index page</a>'; $l_notify = ''; if (!empty($config['srcrd_contact'])) { $l_notify = '<p>Please notify the administrator or webmaster: <a href="mailto:' . $config['srcrd_contact'] . '">' . $config['srcrd_contact'] . '</a></p>'; } } $log_text = $msg_text; $backtrace = get_backtrace(); if ($backtrace) { $log_text .= '<br /><br />BACKTRACE<br />' . $backtrace; } if (defined('IN_INSTALL') || defined('DEBUG') || isset($auth) && $auth->acl_get('a_')) { $msg_text = $log_text; // If this is defined there already was some output // So let's not break it if (defined('IN_DB_UPDATE')) { echo '<div class="errorbox">' . $msg_text . '</div>'; $db->sql_return_on_error(true); src_end_update($cache, $config); } } if ((defined('IN_CRON') || defined('IMAGE_OUTPUT')) && isset($db)) { // let's avoid loops $db->sql_return_on_error(true); add_log('critical', 'LOG_GENERAL_ERROR', $msg_title, $log_text); $db->sql_return_on_error(false); } // Do not send 200 OK, but service unavailable on errors send_status_line(503, 'Service Unavailable'); garbage_collection(); // Try to not call the adm page data... echo '<!DOCTYPE html>'; echo '<html dir="ltr">'; echo '<head>'; echo '<meta charset="utf-8">'; echo '<title>' . $msg_title . '</title>'; echo '<style type="text/css">' . "\n" . '/* <![CDATA[ */' . "\n"; echo '* { margin: 0; padding: 0; } html { font-size: 100%; height: 100%; margin-bottom: 1px; background-color: #E4EDF0; } body { font-family: "Lucida Grande", Verdana, Helvetica, Arial, sans-serif; color: #536482; background: #E4EDF0; font-size: 62.5%; margin: 0; } '; echo 'a:link, a:active, a:visited { color: #006699; text-decoration: none; } a:hover { color: #DD6900; text-decoration: underline; } '; echo '#wrap { padding: 0 20px 15px 20px; min-width: 615px; } #page-header { text-align: right; height: 40px; } #page-footer { clear: both; font-size: 1em; text-align: center; } '; echo '.panel { margin: 4px 0; background-color: #FFFFFF; border: solid 1px #A9B8C2; } '; echo '#errorpage #page-header a { font-weight: bold; line-height: 6em; } #errorpage #content { padding: 10px; } #errorpage #content h1 { line-height: 1.2em; margin-bottom: 0; color: #DF075C; } '; echo '#errorpage #content div { margin-top: 20px; margin-bottom: 5px; border-bottom: 1px solid #CCCCCC; padding-bottom: 5px; color: #333333; font: bold 1.2em "Lucida Grande", Arial, Helvetica, sans-serif; text-decoration: none; line-height: 120%; text-align: left; } '; echo "\n" . '/* ]]> */' . "\n"; echo '</style>'; echo '</head>'; echo '<body id="errorpage">'; echo '<div id="wrap">'; echo ' <div id="page-header">'; echo ' ' . $l_return_index; echo ' </div>'; echo ' <div id="acp">'; echo ' <div class="panel">'; echo ' <div id="content">'; echo ' <h1>' . $msg_title . '</h1>'; echo ' <div>' . $msg_text . '</div>'; echo $l_notify; echo ' </div>'; echo ' </div>'; echo ' </div>'; echo ' <div id="page-footer">'; echo ' Powered by SourceFlan'; echo ' </div>'; echo '</div>'; echo '</body>'; echo '</html>'; exit_handler(); // On a fatal error (and E_USER_ERROR *is* fatal) we never want other scripts to continue and force an exit here. exit; break; case E_USER_WARNING: case E_USER_NOTICE: define('IN_ERROR_HANDLER', true); if (empty($user->data)) { $user->session_begin(); } // We re-init the auth array to get correct results on login/logout $auth->acl($user->data); if (empty($user->lang)) { $user->setup(); } if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') { send_status_line(404, 'Not Found'); } $msg_text = !empty($user->lang[$msg_text]) ? $user->lang[$msg_text] : $msg_text; $msg_title = !isset($msg_title) ? $user->lang['INFORMATION'] : (!empty($user->lang[$msg_title]) ? $user->lang[$msg_title] : $msg_title); if (!defined('HEADER_INC')) { if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) { adm_page_header($msg_title); } else { page_header($msg_title); } } $template->set_filenames(array('body' => 'message_body.html')); $template->assign_vars(array('MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text, 'S_USER_WARNING' => $errno == E_USER_WARNING ? true : false, 'S_USER_NOTICE' => $errno == E_USER_NOTICE ? true : false)); if ($request->is_ajax()) { global $refresh_data; $json_response = new \src\json_response(); $json_response->send(array('MESSAGE_TITLE' => $msg_title, 'MESSAGE_TEXT' => $msg_text, 'S_USER_WARNING' => $errno == E_USER_WARNING ? true : false, 'S_USER_NOTICE' => $errno == E_USER_NOTICE ? true : false, 'REFRESH_DATA' => !empty($refresh_data) ? $refresh_data : null)); } // We do not want the cron script to be called on error messages define('IN_CRON', true); if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) { adm_page_footer(); } else { page_footer(); } exit_handler(); break; // PHP4 compatibility // PHP4 compatibility case E_DEPRECATED: return true; break; } // If we notice an error not handled here we pass this back to PHP by returning false // This may not work for all php versions return false; }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $src_container; global $config, $src_root_path, $src_admin_path, $phpEx; global $request; include_once $src_root_path . 'includes/functions_user.' . $phpEx; include_once $src_root_path . 'includes/acp/auth.' . $phpEx; $this->auth_admin = new auth_admin(); $user->add_lang('acp/permissions'); add_permission_language(); $this->tpl_name = 'acp_permission_roles'; $submit = isset($_POST['submit']) ? true : false; $role_id = request_var('role_id', 0); $action = request_var('action', ''); $action = isset($_POST['add']) ? 'add' : $action; $form_name = 'acp_permissions'; add_form_key($form_name); if (!$role_id && in_array($action, array('remove', 'edit', 'move_up', 'move_down'))) { trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } switch ($mode) { case 'admin_roles': $permission_type = 'a_'; $this->page_title = 'ACP_ADMIN_ROLES'; break; case 'user_roles': $permission_type = 'u_'; $this->page_title = 'ACP_USER_ROLES'; break; case 'mod_roles': $permission_type = 'm_'; $this->page_title = 'ACP_MOD_ROLES'; break; case 'forum_roles': $permission_type = 'f_'; $this->page_title = 'ACP_FORUM_ROLES'; break; default: trigger_error('NO_MODE', E_USER_ERROR); break; } $template->assign_vars(array('L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'])); // Take action... admin submitted something if ($submit || $action == 'remove') { switch ($action) { case 'remove': $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } if (confirm_box(true)) { $this->remove_role($role_id, $permission_type); $role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name); trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action)); } else { confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array('i' => $id, 'mode' => $mode, 'role_id' => $role_id, 'action' => $action))); } break; case 'edit': // Get role we edit $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } // no break; // no break; case 'add': if (!check_form_key($form_name)) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } $role_name = utf8_normalize_nfc(request_var('role_name', '', true)); $role_description = utf8_normalize_nfc(request_var('role_description', '', true)); $auth_settings = request_var('setting', array('' => 0)); if (!$role_name) { trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); } if (utf8_strlen($role_description) > 4000) { trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); } // if we add/edit a role we check the name to be unique among the settings... $sql = 'SELECT role_id FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\t\tAND role_name = '" . $db->sql_escape($role_name) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Make sure we only print out the error if we add the role or change it's name if ($row && ($mode == 'add' || $mode == 'edit' && $role_row['role_name'] != $role_name)) { trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING); } $sql_ary = array('role_name' => (string) $role_name, 'role_description' => (string) $role_description, 'role_type' => (string) $permission_type); if ($action == 'edit') { $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE role_id = ' . $role_id; $db->sql_query($sql); } else { // Get maximum role order for inserting a new role... $sql = 'SELECT MAX(role_order) as max_order FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'"; $result = $db->sql_query($sql); $max_order = (int) $db->sql_fetchfield('max_order'); $db->sql_freeresult($result); $sql_ary['role_order'] = $max_order + 1; $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql); $role_id = $db->sql_nextid(); } // Now add the auth settings $this->auth_admin->acl_set_role($role_id, $auth_settings); $role_name = !empty($user->lang[$role_name]) ? $user->lang[$role_name] : $role_name; add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name); trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action)); break; } } // Display screens switch ($action) { case 'add': $options_from = request_var('options_from', 0); $role_row = array('role_name' => utf8_normalize_nfc(request_var('role_name', '', true)), 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)), 'role_type' => $permission_type); if ($options_from) { $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o WHERE o.auth_option_id = p.auth_option_id AND p.role_id = ' . $options_from . ' ORDER BY p.auth_option_id'; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = $row['auth_setting']; } $db->sql_freeresult($result); } else { $sql = 'SELECT auth_option_id, auth_option FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "\n\t\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\t\tORDER BY auth_option_id"; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = ACL_NO; } $db->sql_freeresult($result); } // no break; // no break; case 'edit': if ($action == 'edit') { $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; $result = $db->sql_query($sql); $role_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o WHERE o.auth_option_id = p.auth_option_id AND p.role_id = ' . $role_id . ' ORDER BY p.auth_option_id'; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[$row['auth_option']] = $row['auth_setting']; } $db->sql_freeresult($result); } if (!$role_row) { trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); } $src_permissions = $src_container->get('acl.permissions'); $template->assign_vars(array('S_EDIT' => true, 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}", 'U_BACK' => $this->u_action, 'ROLE_NAME' => $role_row['role_name'], 'ROLE_DESCRIPTION' => $role_row['role_description'], 'L_ACL_TYPE' => $src_permissions->get_type_lang($permission_type))); // We need to fill the auth options array with ACL_NO options ;) $sql = 'SELECT auth_option_id, auth_option FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "\n\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\tORDER BY auth_option_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!isset($auth_options[$row['auth_option']])) { $auth_options[$row['auth_option']] = ACL_NO; } } $db->sql_freeresult($result); // Unset global permission option unset($auth_options[$permission_type]); // Display auth options $this->display_auth_options($auth_options); // Get users/groups/forums using this preset... if ($action == 'edit') { $hold_ary = $this->auth_admin->get_role_mask($role_id); if (sizeof($hold_ary)) { $role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; $template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true, 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))); $this->auth_admin->display_role_mask($hold_ary); } } return; break; case 'move_up': case 'move_down': $sql = 'SELECT role_order FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\tWHERE role_id = {$role_id}"; $result = $db->sql_query($sql); $order = $db->sql_fetchfield('role_order'); $db->sql_freeresult($result); if ($order === false || $order == 0 && $action == 'move_up') { break; } $order = (int) $order; $order_total = $order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' SET role_order = ' . $order_total . " - role_order\n\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\tAND role_order IN ({$order}, " . ($action == 'move_up' ? $order - 1 : $order + 1) . ')'; $db->sql_query($sql); if ($request->is_ajax()) { $json_response = new \src\json_response(); $json_response->send(array('success' => (bool) $db->sql_affectedrows())); } break; } // By default, check that role_order is valid and fix it if necessary $sql = 'SELECT role_id, role_order FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $order = 0; do { $order++; if ($row['role_order'] != $order) { $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = {$order} WHERE role_id = {$row['role_id']}"); } } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); // Display assigned items? $display_item = request_var('display_item', 0); // Select existing roles $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC"; $result = $db->sql_query($sql); $s_role_options = ''; while ($row = $db->sql_fetchrow($result)) { $role_name = !empty($user->lang[$row['role_name']]) ? $user->lang[$row['role_name']] : $row['role_name']; $template->assign_block_vars('roles', array('ROLE_NAME' => $role_name, 'ROLE_DESCRIPTION' => !empty($user->lang[$row['role_description']]) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'], 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'], 'U_MOVE_UP' => $this->u_action . '&action=move_up&role_id=' . $row['role_id'], 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&role_id=' . $row['role_id'], 'U_DISPLAY_ITEMS' => $row['role_id'] == $display_item ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to')); $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>'; if ($display_item == $row['role_id']) { $template->assign_vars(array('L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))); } } $db->sql_freeresult($result); $template->assign_vars(array('S_ROLE_OPTIONS' => $s_role_options)); if ($display_item) { $template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true)); $hold_ary = $this->auth_admin->get_role_mask($display_item); $this->auth_admin->display_role_mask($hold_ary); } }