public function submit() { $this->attention_url = titania_url::unbuild_url($this->attention_url); // Subscriptions if (!$this->attention_id) { $email_vars = array('NAME' => $this->attention_title, 'U_VIEW' => titania_url::build_url('manage/attention', array('type' => $this->attention_type, 'id' => $this->attention_object_id))); titania_subscriptions::send_notifications(TITANIA_ATTENTION, 0, 'subscribe_notify.txt', $email_vars, $this->attention_poster_id); } parent::submit(); }
/** * Post a new topic * * @param $parent_id The parent_id * @param $parent_url The url of the parent * @param int $post_type Post Type * @param string $s_post_action URL to the current page to submit to */ public function post($parent_id, $parent_url, $post_type, $s_post_action) { if (!phpbb::$auth->acl_get('u_titania_topic')) { titania::needs_auth(); } // Setup the post object we'll use $post_object = new titania_post($post_type); $post_object->topic->parent_id = $parent_id; $post_object->topic->topic_url = titania_url::unbuild_url($parent_url); // Some more complicated permissions for stickes in support $can_sticky = phpbb::$auth->acl_get('u_titania_mod_post_mod'); if ($post_type == TITANIA_SUPPORT) { if (is_object(titania::$contrib) && titania::$contrib->contrib_id == $parent_id && titania::$contrib->is_author || titania::$contrib->is_active_coauthor) { $can_sticky = true; } else { if (!is_object(titania::$contrib) || !titania::$contrib->contrib_id == $parent_id) { $contrib = new titania_contribution(); $contrib->load((int) $parent_id); if (titania::$contrib->is_author || titania::$contrib->is_active_coauthor) { $can_sticky = true; } } } } else { if ($post_type == TITANIA_QUEUE_DISCUSSION) { if (is_object(titania::$contrib) && titania::$contrib->contrib_id == $parent_id && titania::$contrib->is_author || titania::$contrib->is_active_coauthor) { $post_object->topic->topic_category = titania::$contrib->contrib_type; } else { if (!is_object(titania::$contrib) || !titania::$contrib->contrib_id == $parent_id) { $contrib = new titania_contribution(); $contrib->load((int) $parent_id); if (titania::$contrib->is_author || titania::$contrib->is_active_coauthor) { $post_object->topic->topic_category = titania::$contrib->contrib_type; } } } } } // Load the message object $message_object = new titania_message($post_object); $message_object->set_auth(array('bbcode' => phpbb::$auth->acl_get('u_titania_bbcode'), 'smilies' => phpbb::$auth->acl_get('u_titania_smilies'), 'sticky_topic' => $can_sticky, 'lock_topic' => phpbb::$auth->acl_get('u_titania_mod_post_mod') || (phpbb::$auth->acl_get('u_titania_post_mod_own') && is_object(titania::$contrib) && titania::$contrib->contrib_id == $parent_id && titania::$contrib->is_author || titania::$contrib->is_active_coauthor) ? true : false, 'attachments' => phpbb::$auth->acl_get('u_titania_post_attach'))); $message_object->set_settings(array('display_captcha' => !phpbb::$user->data['is_registered'] ? true : false)); // Call our common posting handler $this->common_post('post', $post_object, $message_object); // Common stuff phpbb::$template->assign_vars(array('S_POST_ACTION' => $s_post_action, 'L_POST_A' => phpbb::$user->lang['POST_TOPIC'])); titania::page_header('NEW_TOPIC'); }
/** * Set the URL info * * @param string $location * @param array $params */ public function set_url($location, $params = array()) { if (titania_url::is_built($location)) { $this->url_location = titania_url::unbuild_url($location); } else { $this->url_location = $location; } if (is_array($params)) { $this->url_parameters = $params; } }
public function posts($mode, $start = false, $limit = false) { switch ($mode) { case 'index': $data = array(); $post = new titania_post(); $sql = 'SELECT p.*, t.topic_id, t.topic_type, t.topic_subject_clean, t.parent_id FROM ' . TITANIA_POSTS_TABLE . ' p, ' . TITANIA_TOPICS_TABLE . ' t WHERE t.topic_id = p.topic_id ORDER BY p.post_id ASC'; if ($start === false || $limit === false) { $result = phpbb::$db->sql_query($sql); } else { $result = phpbb::$db->sql_query_limit($sql, (int) $limit, (int) $start); } while ($row = phpbb::$db->sql_fetchrow($result)) { $post->__set_array($row); $post->topic->__set_array($row); $data[] = array('object_type' => $post->post_type, 'object_id' => $post->post_id, 'parent_id' => $post->topic->parent_id, 'title' => $post->post_subject, 'text' => $post->post_text, 'text_uid' => $post->post_text_uid, 'text_bitfield' => $post->post_text_bitfield, 'text_options' => $post->post_text_options, 'author' => $post->post_user_id, 'date' => $post->post_time, 'url' => titania_url::unbuild_url($post->get_url()), 'approved' => $post->post_approved, 'access_level' => $post->post_access); } phpbb::$db->sql_freeresult($result); titania_search::mass_index($data); break; } }
/** * Edit a post */ public function edit() { if (empty($this->sql_data)) { throw new exception('Submitting an edited post requires you load it through the load() function (we require the original information).'); } if (!$this->post_id) { return false; } // Make sure we have a topic here if (!$this->topic->topic_id) { $this->topic->topic_id = $this->topic_id; $this->topic->load(); } if ($this->post_id == $this->topic->topic_first_post_id) { if ($this->post_user_id == phpbb::$user->data['user_id']) { $post_username = phpbb::$user->data['username']; $post_user_colour = phpbb::$user->data['user_colour']; } else { $post_username = users_overlord::get_user($this->post_user_id, 'username', true); $post_user_colour = users_overlord::get_user($this->post_user_id, 'user_colour', true); } $this->topic->__set_array(array('topic_access' => $this->post_access, 'topic_subject' => $this->post_subject, 'topic_first_post_user_id' => $this->post_user_id, 'topic_first_post_username' => $post_username, 'topic_first_post_user_colour' => $post_user_colour, 'topic_first_post_time' => $this->post_time)); } // Update the postcount for the topic and submit it $this->update_topic_postcount(); $this->topic->submit(); $this->topic_id = $this->topic->topic_id; $this->post_url = titania_url::unbuild_url($this->topic->get_url()); $this->index(); parent::submit(); // Hooks titania::$hook->call_hook_ref(array(__CLASS__, __FUNCTION__), $this); }
/** * Generate login box or verify password */ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) { self::_include('captcha/captcha_factory', 'phpbb_captcha_factory'); self::$user->add_lang('ucp'); $err = ''; // Make sure user->setup() has been called if (empty(self::$user->lang)) { self::$user->setup(); } // Print out error if user tries to authenticate as an administrator without having the privileges... if ($admin && !self::$auth->acl_get('a_')) { // Not authd // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } trigger_error('NO_AUTH_ADMIN'); } if (isset($_POST['login'])) { // Get credential if ($admin) { $credential = request_var('credential', ''); if (strspn($credential, 'abcdef0123456789') !== strlen($credential) || strlen($credential) != 32) { if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } trigger_error('NO_AUTH_ADMIN'); } $password = request_var('password_' . $credential, '', true); } else { $password = request_var('password', '', true); } $username = request_var('username', '', true); $autologin = !empty($_POST['autologin']) ? true : false; $viewonline = !empty($_POST['viewonline']) ? 0 : 1; $admin = $admin ? 1 : 0; $viewonline = $admin ? self::$user->data['session_viewonline'] : $viewonline; // Check if the supplied username is equal to the one stored within the database if re-authenticating if ($admin && utf8_clean_string(self::$username) != utf8_clean_string(self::$user->data['username'])) { // We log the attempt to use a different username... add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); trigger_error('NO_AUTH_ADMIN_USER_DIFFER'); } // If authentication is successful we redirect user to previous page $result = self::$auth->login($username, $password, $autologin, $viewonline, $admin); // If admin authentication and login, we will log if it was a success or not... // We also break the operation on the first non-success login - it could be argued that the user already knows if ($admin) { if ($result['status'] == LOGIN_SUCCESS) { add_log('admin', 'LOG_ADMIN_AUTH_SUCCESS'); } else { // Only log the failed attempt if a real user tried to. // anonymous/inactive users are never able to go to the ACP even if they have the relevant permissions if (self::$user->data['is_registered']) { add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); } } } // The result parameter is always an array, holding the relevant information... if ($result['status'] == LOGIN_SUCCESS) { $redirect = request_var('redirect', ''); if ($redirect) { $redirect = titania_url::unbuild_url($redirect); $base = $append = false; titania_url::split_base_params($base, $append, $redirect); redirect(titania_url::build_url($base, $append)); } else { redirect(titania_url::build_url(titania_url::$current_page, titania_url::$params)); } } // Something failed, determine what... if ($result['status'] == LOGIN_BREAK) { trigger_error($result['error_msg']); } // Special cases... determine switch ($result['status']) { case LOGIN_ERROR_ATTEMPTS: $captcha = phpbb_captcha_factory::get_instance(self::$config['captcha_plugin']); $captcha->init(CONFIRM_LOGIN); // $captcha->reset(); // Parse the captcha template self::reset_template(); self::$template->set_filenames(array('captcha' => $captcha->get_template())); // Correct confirm image link self::$template->assign_var('CONFIRM_IMAGE_LINK', self::append_sid('ucp', 'mode=confirm&confirm_id=' . $captcha->confirm_id . '&type=' . $captcha->type)); self::$template->assign_display('captcha', 'CAPTCHA', false); titania::set_custom_template(); $err = self::$user->lang[$result['error_msg']]; break; case LOGIN_ERROR_PASSWORD_CONVERT: $err = sprintf(self::$user->lang[$result['error_msg']], self::$config['email_enable'] ? '<a href="' . self::append_sid('ucp', 'mode=sendpassword') . '">' : '', self::$config['email_enable'] ? '</a>' : '', self::$config['board_contact'] ? '<a href="mailto:' . htmlspecialchars(self::$config['board_contact']) . '">' : '', self::$config['board_contact'] ? '</a>' : ''); break; // Username, password, etc... // Username, password, etc... default: $err = self::$user->lang[$result['error_msg']]; // Assign admin contact to some error messages if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') { $err = !self::$config['board_contact'] ? sprintf(self::$user->lang[$result['error_msg']], '', '') : sprintf(self::$user->lang[$result['error_msg']], '<a href="mailto:' . htmlspecialchars(self::$config['board_contact']) . '">', '</a>'); } break; } } // Assign credential for username/password pair $credential = $admin ? md5(unique_id()) : false; $s_hidden_fields = array('sid' => self::$user->session_id); if ($redirect) { $s_hidden_fields['redirect'] = $redirect; } if ($admin) { $s_hidden_fields['credential'] = $credential; } $s_hidden_fields = build_hidden_fields($s_hidden_fields); titania::page_header('LOGIN'); self::$template->assign_vars(array('LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, 'U_SEND_PASSWORD' => self::$config['email_enable'] ? self::append_sid('ucp', 'mode=sendpassword') : '', 'U_RESEND_ACTIVATION' => self::$config['require_activation'] == USER_ACTIVATION_SELF && self::$config['email_enable'] ? self::append_sid('ucp', 'mode=resend_act') : '', 'U_TERMS_USE' => self::append_sid('ucp', 'mode=terms'), 'U_PRIVACY' => self::append_sid('ucp', 'mode=privacy'), 'S_DISPLAY_FULL_LOGIN' => $s_display ? true : false, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_ADMIN_AUTH' => $admin, 'USERNAME' => $admin ? self::$user->data['username'] : '', 'USERNAME_CREDENTIAL' => 'username', 'PASSWORD_CREDENTIAL' => $admin ? 'password_' . $credential : 'password')); titania::page_footer(true, 'login_body.html'); }
/** * Update data or submit new faq * * @return void */ public function submit() { // Get the FAQ count to update it $sql = 'SELECT contrib_faq_count FROM ' . TITANIA_CONTRIBS_TABLE . ' WHERE contrib_id = ' . $this->contrib_id; phpbb::$db->sql_query($sql); $contrib_faq_count = phpbb::$db->sql_fetchfield('contrib_faq_count'); phpbb::$db->sql_freeresult(); // If already submitted we need to decrement first if ($this->faq_id) { if (empty($this->sql_data)) { throw new exception('Modifying a FAQ entry requires you load it through the load() function (we require the original information).'); } $original_flags = titania_count::update_flags($this->sql_data['faq_access']); $contrib_faq_count = titania_count::decrement($contrib_faq_count, $original_flags); } // Update the FAQ count $flags = titania_count::update_flags($this->faq_access); $sql = 'UPDATE ' . TITANIA_CONTRIBS_TABLE . ' SET contrib_faq_count = \'' . phpbb::$db->sql_escape(titania_count::increment($contrib_faq_count, $flags)) . '\' WHERE contrib_id = ' . $this->contrib_id; phpbb::$db->sql_query($sql); // Submit this FAQ item parent::submit(); // Index titania_search::index(TITANIA_FAQ, $this->faq_id, array('title' => $this->faq_subject, 'text' => $this->faq_text, 'text_uid' => $this->faq_text_uid, 'text_bitfield' => $this->faq_text_bitfield, 'text_options' => $this->faq_text_options, 'author' => 0, 'date' => 0, 'url' => titania_url::unbuild_url($this->get_url()), 'access_level' => $this->faq_access)); }
/** * Index the contribution */ public function index() { $data = array('title' => $this->contrib_name, 'text' => $this->contrib_desc, 'text_uid' => $this->contrib_desc_uid, 'text_bitfield' => $this->contrib_desc_bitfield, 'text_options' => $this->contrib_desc_options, 'author' => $this->contrib_user_id, 'date' => $this->contrib_last_update, 'url' => titania_url::unbuild_url($this->get_url()), 'approved' => !titania::$config->require_validation || !titania_types::$types[$this->contrib_type]->require_validation || in_array($this->contrib_status, array(TITANIA_CONTRIB_APPROVED, TITANIA_CONTRIB_DOWNLOAD_DISABLED)) ? true : false); titania_search::index(TITANIA_CONTRIB, $this->contrib_id, $data); }