Subversion Repositories – MLAB

/Forum/admin @ 129   →   /Forum/admin @ 130

Compare Path:	Rev
With Path:	Rev

/Forum/admin/admin_board.php
0,0 → 1,356
<?php
/***************************************************************************
* admin_board.php
* -------------------
* begin : Thursday, Jul 12, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_board.php,v 1.51.2.15 2006/02/10 22:19:01 grahamje Exp $
*
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$file = basename(__FILE__);
$module['General']['Configuration'] = $file;
return;
}
//
// Let's set the root dir for phpBB
//
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
//
// Pull all config data
//
$sql = "SELECT *
FROM " . CONFIG_TABLE;
if(!$result = $db->sql_query($sql))
{
message_die(CRITICAL_ERROR, "Could not query config information in admin_board", "", __LINE__, __FILE__, $sql);
}
else
{
while( $row = $db->sql_fetchrow($result) )
{
$config_name = $row['config_name'];
$config_value = $row['config_value'];
$default_config[$config_name] = isset($HTTP_POST_VARS['submit']) ? str_replace("'", "\'", $config_value) : $config_value;
$new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name];
if ($config_name == 'cookie_name')
{
$new['cookie_name'] = str_replace('.', '_', $new['cookie_name']);
}
// Attempt to prevent a common mistake with this value,
// http:// is the protocol and not part of the server name
if ($config_name == 'server_name')
{
$new['server_name'] = str_replace('http://', '', $new['server_name']);
}
if( isset($HTTP_POST_VARS['submit']) )
{
$sql = "UPDATE " . CONFIG_TABLE . " SET
config_value = '" . str_replace("\'", "''", $new[$config_name]) . "'
WHERE config_name = '$config_name'";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Failed to update general configuration for $config_name", "", __LINE__, __FILE__, $sql);
}
}
}
if( isset($HTTP_POST_VARS['submit']) )
{
$message = $lang['Config_updated'] . "<br /><br />" . sprintf($lang['Click_return_config'], "<a href=\"" . append_sid("admin_board.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
}
$style_select = style_select($new['default_style'], 'default_style', "../templates");
$lang_select = language_select($new['default_lang'], 'default_lang', "language");
$timezone_select = tz_select($new['board_timezone'], 'board_timezone');
$disable_board_yes = ( $new['board_disable'] ) ? "checked=\"checked\"" : "";
$disable_board_no = ( !$new['board_disable'] ) ? "checked=\"checked\"" : "";
$cookie_secure_yes = ( $new['cookie_secure'] ) ? "checked=\"checked\"" : "";
$cookie_secure_no = ( !$new['cookie_secure'] ) ? "checked=\"checked\"" : "";
$html_tags = $new['allow_html_tags'];
$override_user_style_yes = ( $new['override_user_style'] ) ? "checked=\"checked\"" : "";
$override_user_style_no = ( !$new['override_user_style'] ) ? "checked=\"checked\"" : "";
$html_yes = ( $new['allow_html'] ) ? "checked=\"checked\"" : "";
$html_no = ( !$new['allow_html'] ) ? "checked=\"checked\"" : "";
$bbcode_yes = ( $new['allow_bbcode'] ) ? "checked=\"checked\"" : "";
$bbcode_no = ( !$new['allow_bbcode'] ) ? "checked=\"checked\"" : "";
$activation_none = ( $new['require_activation'] == USER_ACTIVATION_NONE ) ? "checked=\"checked\"" : "";
$activation_user = ( $new['require_activation'] == USER_ACTIVATION_SELF ) ? "checked=\"checked\"" : "";
$activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? "checked=\"checked\"" : "";
$confirm_yes = ($new['enable_confirm']) ? 'checked="checked"' : '';
$confirm_no = (!$new['enable_confirm']) ? 'checked="checked"' : '';
$allow_autologin_yes = ($new['allow_autologin']) ? 'checked="checked"' : '';
$allow_autologin_no = (!$new['allow_autologin']) ? 'checked="checked"' : '';
$board_email_form_yes = ( $new['board_email_form'] ) ? "checked=\"checked\"" : "";
$board_email_form_no = ( !$new['board_email_form'] ) ? "checked=\"checked\"" : "";
$gzip_yes = ( $new['gzip_compress'] ) ? "checked=\"checked\"" : "";
$gzip_no = ( !$new['gzip_compress'] ) ? "checked=\"checked\"" : "";
$privmsg_on = ( !$new['privmsg_disable'] ) ? "checked=\"checked\"" : "";
$privmsg_off = ( $new['privmsg_disable'] ) ? "checked=\"checked\"" : "";
$prune_yes = ( $new['prune_enable'] ) ? "checked=\"checked\"" : "";
$prune_no = ( !$new['prune_enable'] ) ? "checked=\"checked\"" : "";
$smile_yes = ( $new['allow_smilies'] ) ? "checked=\"checked\"" : "";
$smile_no = ( !$new['allow_smilies'] ) ? "checked=\"checked\"" : "";
$sig_yes = ( $new['allow_sig'] ) ? "checked=\"checked\"" : "";
$sig_no = ( !$new['allow_sig'] ) ? "checked=\"checked\"" : "";
$namechange_yes = ( $new['allow_namechange'] ) ? "checked=\"checked\"" : "";
$namechange_no = ( !$new['allow_namechange'] ) ? "checked=\"checked\"" : "";
$avatars_local_yes = ( $new['allow_avatar_local'] ) ? "checked=\"checked\"" : "";
$avatars_local_no = ( !$new['allow_avatar_local'] ) ? "checked=\"checked\"" : "";
$avatars_remote_yes = ( $new['allow_avatar_remote'] ) ? "checked=\"checked\"" : "";
$avatars_remote_no = ( !$new['allow_avatar_remote'] ) ? "checked=\"checked\"" : "";
$avatars_upload_yes = ( $new['allow_avatar_upload'] ) ? "checked=\"checked\"" : "";
$avatars_upload_no = ( !$new['allow_avatar_upload'] ) ? "checked=\"checked\"" : "";
$smtp_yes = ( $new['smtp_delivery'] ) ? "checked=\"checked\"" : "";
$smtp_no = ( !$new['smtp_delivery'] ) ? "checked=\"checked\"" : "";
$template->set_filenames(array(
"body" => "admin/board_config_body.tpl")
);
//
// Escape any quotes in the site description for proper display in the text
// box on the admin page
//
$new['site_desc'] = str_replace('"', '&quot;', $new['site_desc']);
$new['sitename'] = str_replace('"', '&quot;', strip_tags($new['sitename']));
$template->assign_vars(array(
"S_CONFIG_ACTION" => append_sid("admin_board.$phpEx"),
"L_YES" => $lang['Yes'],
"L_NO" => $lang['No'],
"L_CONFIGURATION_TITLE" => $lang['General_Config'],
"L_CONFIGURATION_EXPLAIN" => $lang['Config_explain'],
"L_GENERAL_SETTINGS" => $lang['General_settings'],
"L_SERVER_NAME" => $lang['Server_name'],
"L_SERVER_NAME_EXPLAIN" => $lang['Server_name_explain'],
"L_SERVER_PORT" => $lang['Server_port'],
"L_SERVER_PORT_EXPLAIN" => $lang['Server_port_explain'],
"L_SCRIPT_PATH" => $lang['Script_path'],
"L_SCRIPT_PATH_EXPLAIN" => $lang['Script_path_explain'],
"L_SITE_NAME" => $lang['Site_name'],
"L_SITE_DESCRIPTION" => $lang['Site_desc'],
"L_DISABLE_BOARD" => $lang['Board_disable'],
"L_DISABLE_BOARD_EXPLAIN" => $lang['Board_disable_explain'],
"L_ACCT_ACTIVATION" => $lang['Acct_activation'],
"L_NONE" => $lang['Acc_None'],
"L_USER" => $lang['Acc_User'],
"L_ADMIN" => $lang['Acc_Admin'],
"L_VISUAL_CONFIRM" => $lang['Visual_confirm'],
"L_VISUAL_CONFIRM_EXPLAIN" => $lang['Visual_confirm_explain'],
"L_ALLOW_AUTOLOGIN" => $lang['Allow_autologin'],
"L_ALLOW_AUTOLOGIN_EXPLAIN" => $lang['Allow_autologin_explain'],
"L_AUTOLOGIN_TIME" => $lang['Autologin_time'],
"L_AUTOLOGIN_TIME_EXPLAIN" => $lang['Autologin_time_explain'],
"L_COOKIE_SETTINGS" => $lang['Cookie_settings'],
"L_COOKIE_SETTINGS_EXPLAIN" => $lang['Cookie_settings_explain'],
"L_COOKIE_DOMAIN" => $lang['Cookie_domain'],
"L_COOKIE_NAME" => $lang['Cookie_name'],
"L_COOKIE_PATH" => $lang['Cookie_path'],
"L_COOKIE_SECURE" => $lang['Cookie_secure'],
"L_COOKIE_SECURE_EXPLAIN" => $lang['Cookie_secure_explain'],
"L_SESSION_LENGTH" => $lang['Session_length'],
"L_PRIVATE_MESSAGING" => $lang['Private_Messaging'],
"L_INBOX_LIMIT" => $lang['Inbox_limits'],
"L_SENTBOX_LIMIT" => $lang['Sentbox_limits'],
"L_SAVEBOX_LIMIT" => $lang['Savebox_limits'],
"L_DISABLE_PRIVATE_MESSAGING" => $lang['Disable_privmsg'],
"L_ENABLED" => $lang['Enabled'],
"L_DISABLED" => $lang['Disabled'],
"L_ABILITIES_SETTINGS" => $lang['Abilities_settings'],
"L_MAX_POLL_OPTIONS" => $lang['Max_poll_options'],
"L_FLOOD_INTERVAL" => $lang['Flood_Interval'],
"L_FLOOD_INTERVAL_EXPLAIN" => $lang['Flood_Interval_explain'],
"L_SEARCH_FLOOD_INTERVAL" => $lang['Search_Flood_Interval'],
"L_SEARCH_FLOOD_INTERVAL_EXPLAIN" => $lang['Search_Flood_Interval_explain'],
'L_MAX_LOGIN_ATTEMPTS' => $lang['Max_login_attempts'],
'L_MAX_LOGIN_ATTEMPTS_EXPLAIN' => $lang['Max_login_attempts_explain'],
'L_LOGIN_RESET_TIME' => $lang['Login_reset_time'],
'L_LOGIN_RESET_TIME_EXPLAIN' => $lang['Login_reset_time_explain'],
'MAX_LOGIN_ATTEMPTS' => $new['max_login_attempts'],
'LOGIN_RESET_TIME' => $new['login_reset_time'],
"L_BOARD_EMAIL_FORM" => $lang['Board_email_form'],
"L_BOARD_EMAIL_FORM_EXPLAIN" => $lang['Board_email_form_explain'],
"L_TOPICS_PER_PAGE" => $lang['Topics_per_page'],
"L_POSTS_PER_PAGE" => $lang['Posts_per_page'],
"L_HOT_THRESHOLD" => $lang['Hot_threshold'],
"L_DEFAULT_STYLE" => $lang['Default_style'],
"L_OVERRIDE_STYLE" => $lang['Override_style'],
"L_OVERRIDE_STYLE_EXPLAIN" => $lang['Override_style_explain'],
"L_DEFAULT_LANGUAGE" => $lang['Default_language'],
"L_DATE_FORMAT" => $lang['Date_format'],
"L_SYSTEM_TIMEZONE" => $lang['System_timezone'],
"L_ENABLE_GZIP" => $lang['Enable_gzip'],
"L_ENABLE_PRUNE" => $lang['Enable_prune'],
"L_ALLOW_HTML" => $lang['Allow_HTML'],
"L_ALLOW_BBCODE" => $lang['Allow_BBCode'],
"L_ALLOWED_TAGS" => $lang['Allowed_tags'],
"L_ALLOWED_TAGS_EXPLAIN" => $lang['Allowed_tags_explain'],
"L_ALLOW_SMILIES" => $lang['Allow_smilies'],
"L_SMILIES_PATH" => $lang['Smilies_path'],
"L_SMILIES_PATH_EXPLAIN" => $lang['Smilies_path_explain'],
"L_ALLOW_SIG" => $lang['Allow_sig'],
"L_MAX_SIG_LENGTH" => $lang['Max_sig_length'],
"L_MAX_SIG_LENGTH_EXPLAIN" => $lang['Max_sig_length_explain'],
"L_ALLOW_NAME_CHANGE" => $lang['Allow_name_change'],
"L_AVATAR_SETTINGS" => $lang['Avatar_settings'],
"L_ALLOW_LOCAL" => $lang['Allow_local'],
"L_ALLOW_REMOTE" => $lang['Allow_remote'],
"L_ALLOW_REMOTE_EXPLAIN" => $lang['Allow_remote_explain'],
"L_ALLOW_UPLOAD" => $lang['Allow_upload'],
"L_MAX_FILESIZE" => $lang['Max_filesize'],
"L_MAX_FILESIZE_EXPLAIN" => $lang['Max_filesize_explain'],
"L_MAX_AVATAR_SIZE" => $lang['Max_avatar_size'],
"L_MAX_AVATAR_SIZE_EXPLAIN" => $lang['Max_avatar_size_explain'],
"L_AVATAR_STORAGE_PATH" => $lang['Avatar_storage_path'],
"L_AVATAR_STORAGE_PATH_EXPLAIN" => $lang['Avatar_storage_path_explain'],
"L_AVATAR_GALLERY_PATH" => $lang['Avatar_gallery_path'],
"L_AVATAR_GALLERY_PATH_EXPLAIN" => $lang['Avatar_gallery_path_explain'],
"L_COPPA_SETTINGS" => $lang['COPPA_settings'],
"L_COPPA_FAX" => $lang['COPPA_fax'],
"L_COPPA_MAIL" => $lang['COPPA_mail'],
"L_COPPA_MAIL_EXPLAIN" => $lang['COPPA_mail_explain'],
"L_EMAIL_SETTINGS" => $lang['Email_settings'],
"L_ADMIN_EMAIL" => $lang['Admin_email'],
"L_EMAIL_SIG" => $lang['Email_sig'],
"L_EMAIL_SIG_EXPLAIN" => $lang['Email_sig_explain'],
"L_USE_SMTP" => $lang['Use_SMTP'],
"L_USE_SMTP_EXPLAIN" => $lang['Use_SMTP_explain'],
"L_SMTP_SERVER" => $lang['SMTP_server'],
"L_SMTP_USERNAME" => $lang['SMTP_username'],
"L_SMTP_USERNAME_EXPLAIN" => $lang['SMTP_username_explain'],
"L_SMTP_PASSWORD" => $lang['SMTP_password'],
"L_SMTP_PASSWORD_EXPLAIN" => $lang['SMTP_password_explain'],
"L_SUBMIT" => $lang['Submit'],
"L_RESET" => $lang['Reset'],
"SERVER_NAME" => $new['server_name'],
"SCRIPT_PATH" => $new['script_path'],
"SERVER_PORT" => $new['server_port'],
"SITENAME" => $new['sitename'],
"SITE_DESCRIPTION" => $new['site_desc'],
"S_DISABLE_BOARD_YES" => $disable_board_yes,
"S_DISABLE_BOARD_NO" => $disable_board_no,
"ACTIVATION_NONE" => USER_ACTIVATION_NONE,
"ACTIVATION_NONE_CHECKED" => $activation_none,
"ACTIVATION_USER" => USER_ACTIVATION_SELF,
"ACTIVATION_USER_CHECKED" => $activation_user,
"ACTIVATION_ADMIN" => USER_ACTIVATION_ADMIN,
"ACTIVATION_ADMIN_CHECKED" => $activation_admin,
"CONFIRM_ENABLE" => $confirm_yes,
"CONFIRM_DISABLE" => $confirm_no,
'ALLOW_AUTOLOGIN_YES' => $allow_autologin_yes,
'ALLOW_AUTOLOGIN_NO' => $allow_autologin_no,
'AUTOLOGIN_TIME' => (int) $new['max_autologin_time'],
"BOARD_EMAIL_FORM_ENABLE" => $board_email_form_yes,
"BOARD_EMAIL_FORM_DISABLE" => $board_email_form_no,
"MAX_POLL_OPTIONS" => $new['max_poll_options'],
"FLOOD_INTERVAL" => $new['flood_interval'],
"SEARCH_FLOOD_INTERVAL" => $new['search_flood_interval'],
"TOPICS_PER_PAGE" => $new['topics_per_page'],
"POSTS_PER_PAGE" => $new['posts_per_page'],
"HOT_TOPIC" => $new['hot_threshold'],
"STYLE_SELECT" => $style_select,
"OVERRIDE_STYLE_YES" => $override_user_style_yes,
"OVERRIDE_STYLE_NO" => $override_user_style_no,
"LANG_SELECT" => $lang_select,
"L_DATE_FORMAT_EXPLAIN" => $lang['Date_format_explain'],
"DEFAULT_DATEFORMAT" => $new['default_dateformat'],
"TIMEZONE_SELECT" => $timezone_select,
"S_PRIVMSG_ENABLED" => $privmsg_on,
"S_PRIVMSG_DISABLED" => $privmsg_off,
"INBOX_LIMIT" => $new['max_inbox_privmsgs'],
"SENTBOX_LIMIT" => $new['max_sentbox_privmsgs'],
"SAVEBOX_LIMIT" => $new['max_savebox_privmsgs'],
"COOKIE_DOMAIN" => $new['cookie_domain'],
"COOKIE_NAME" => $new['cookie_name'],
"COOKIE_PATH" => $new['cookie_path'],
"SESSION_LENGTH" => $new['session_length'],
"S_COOKIE_SECURE_ENABLED" => $cookie_secure_yes,
"S_COOKIE_SECURE_DISABLED" => $cookie_secure_no,
"GZIP_YES" => $gzip_yes,
"GZIP_NO" => $gzip_no,
"PRUNE_YES" => $prune_yes,
"PRUNE_NO" => $prune_no,
"HTML_TAGS" => $html_tags,
"HTML_YES" => $html_yes,
"HTML_NO" => $html_no,
"BBCODE_YES" => $bbcode_yes,
"BBCODE_NO" => $bbcode_no,
"SMILE_YES" => $smile_yes,
"SMILE_NO" => $smile_no,
"SIG_YES" => $sig_yes,
"SIG_NO" => $sig_no,
"SIG_SIZE" => $new['max_sig_chars'],
"NAMECHANGE_YES" => $namechange_yes,
"NAMECHANGE_NO" => $namechange_no,
"AVATARS_LOCAL_YES" => $avatars_local_yes,
"AVATARS_LOCAL_NO" => $avatars_local_no,
"AVATARS_REMOTE_YES" => $avatars_remote_yes,
"AVATARS_REMOTE_NO" => $avatars_remote_no,
"AVATARS_UPLOAD_YES" => $avatars_upload_yes,
"AVATARS_UPLOAD_NO" => $avatars_upload_no,
"AVATAR_FILESIZE" => $new['avatar_filesize'],
"AVATAR_MAX_HEIGHT" => $new['avatar_max_height'],
"AVATAR_MAX_WIDTH" => $new['avatar_max_width'],
"AVATAR_PATH" => $new['avatar_path'],
"AVATAR_GALLERY_PATH" => $new['avatar_gallery_path'],
"SMILIES_PATH" => $new['smilies_path'],
"INBOX_PRIVMSGS" => $new['max_inbox_privmsgs'],
"SENTBOX_PRIVMSGS" => $new['max_sentbox_privmsgs'],
"SAVEBOX_PRIVMSGS" => $new['max_savebox_privmsgs'],
"EMAIL_FROM" => $new['board_email'],
"EMAIL_SIG" => $new['board_email_sig'],
"SMTP_YES" => $smtp_yes,
"SMTP_NO" => $smtp_no,
"SMTP_HOST" => $new['smtp_host'],
"SMTP_USERNAME" => $new['smtp_username'],
"SMTP_PASSWORD" => $new['smtp_password'],
"COPPA_MAIL" => $new['coppa_mail'],
"COPPA_FAX" => $new['coppa_fax'])
);
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_db_utilities.php
0,0 → 1,1008
<?php
/***************************************************************************
* admin_db_utilities.php
* -------------------
* begin : Thu May 31, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_db_utilities.php,v 1.42.2.14 2006/02/10 20:35:40 grahamje Exp $
*
****************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
/***************************************************************************
* We will attempt to create a file based backup of all of the data in the
* users phpBB database. The resulting file should be able to be imported by
* the db_restore.php function, or by using the mysql command_line
*
* Some functions are adapted from the upgrade_20.php script and others
* adapted from the unoficial phpMyAdmin 2.2.0.
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['General']['Backup_DB'] = $filename . "?perform=backup";
$file_uploads = (@phpversion() >= '4.0.0') ? @ini_get('file_uploads') : @get_cfg_var('file_uploads');
if( (empty($file_uploads) || $file_uploads != 0) && (strtolower($file_uploads) != 'off') && (@phpversion() != '4.0.4pl1') )
{
$module['General']['Restore_DB'] = $filename . "?perform=restore";
}
return;
}
//
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/sql_parse.'.$phpEx);
//
// Set VERBOSE to 1 for debugging info..
//
define("VERBOSE", 0);
//
// Increase maximum execution time, but don't complain about it if it isn't
// allowed.
//
@set_time_limit(1200);
// -----------------------
// The following functions are adapted from phpMyAdmin and upgrade_20.php
//
function gzip_PrintFourChars($Val)
{
for ($i = 0; $i < 4; $i ++)
{
$return .= chr($Val % 256);
$Val = floor($Val / 256);
}
return $return;
}
//
// This function is used for grabbing the sequences for postgres...
//
function pg_get_sequences($crlf, $backup_type)
{
global $db;
$get_seq_sql = "SELECT relname FROM pg_class WHERE NOT relname ~ 'pg_.*'
AND relkind = 'S' ORDER BY relname";
$seq = $db->sql_query($get_seq_sql);
if( !$num_seq = $db->sql_numrows($seq) )
{
$return_val = "# No Sequences Found $crlf";
}
else
{
$return_val = "# Sequences $crlf";
$i_seq = 0;
while($i_seq < $num_seq)
{
$row = $db->sql_fetchrow($seq);
$sequence = $row['relname'];
$get_props_sql = "SELECT * FROM $sequence";
$seq_props = $db->sql_query($get_props_sql);
if($db->sql_numrows($seq_props) > 0)
{
$row1 = $db->sql_fetchrow($seq_props);
if($backup_type == 'structure')
{
$row['last_value'] = 1;
}
$return_val .= "CREATE SEQUENCE $sequence start " . $row['last_value'] . ' increment ' . $row['increment_by'] . ' maxvalue ' . $row['max_value'] . ' minvalue ' . $row['min_value'] . ' cache ' . $row['cache_value'] . "; $crlf";
} // End if numrows > 0
if(($row['last_value'] > 1) && ($backup_type != 'structure'))
{
$return_val .= "SELECT NEXTVALE('$sequence'); $crlf";
unset($row['last_value']);
}
$i_seq++;
} // End while..
} // End else...
return $returnval;
} // End function...
//
// The following functions will return the "CREATE TABLE syntax for the
// varying DBMS's
//
// This function returns, will return the table def's for postgres...
//
function get_table_def_postgresql($table, $crlf)
{
global $drop, $db;
$schema_create = "";
//
// Get a listing of the fields, with their associated types, etc.
//
$field_query = "SELECT a.attnum, a.attname AS field, t.typname as type, a.attlen AS length, a.atttypmod as lengthvar, a.attnotnull as notnull
FROM pg_class c, pg_attribute a, pg_type t
WHERE c.relname = '$table'
AND a.attnum > 0
AND a.attrelid = c.oid
AND a.atttypid = t.oid
ORDER BY a.attnum";
$result = $db->sql_query($field_query);
if(!$result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query);
} // end if..
if ($drop == 1)
{
$schema_create .= "DROP TABLE $table;$crlf";
} // end if
//
// Ok now we actually start building the SQL statements to restore the tables
//
$schema_create .= "CREATE TABLE $table($crlf";
while ($row = $db->sql_fetchrow($result))
{
//
// Get the data from the table
//
$sql_get_default = "SELECT d.adsrc AS rowdefault
FROM pg_attrdef d, pg_class c
WHERE (c.relname = '$table')
AND (c.oid = d.adrelid)
AND d.adnum = " . $row['attnum'];
$def_res = $db->sql_query($sql_get_default);
if (!$def_res)
{
unset($row['rowdefault']);
}
else
{
$row['rowdefault'] = @pg_result($def_res, 0, 'rowdefault');
}
if ($row['type'] == 'bpchar')
{
// Internally stored as bpchar, but isn't accepted in a CREATE TABLE statement.
$row['type'] = 'char';
}
$schema_create .= ' ' . $row['field'] . ' ' . $row['type'];
if (eregi('char', $row['type']))
{
if ($row['lengthvar'] > 0)
{
$schema_create .= '(' . ($row['lengthvar'] -4) . ')';
}
}
if (eregi('numeric', $row['type']))
{
$schema_create .= '(';
$schema_create .= sprintf("%s,%s", (($row['lengthvar'] >> 16) & 0xffff), (($row['lengthvar'] - 4) & 0xffff));
$schema_create .= ')';
}
if (!empty($row['rowdefault']))
{
$schema_create .= ' DEFAULT ' . $row['rowdefault'];
}
if ($row['notnull'] == 't')
{
$schema_create .= ' NOT NULL';
}
$schema_create .= ",$crlf";
}
//
// Get the listing of primary keys.
//
$sql_pri_keys = "SELECT ic.relname AS index_name, bc.relname AS tab_name, ta.attname AS column_name, i.indisunique AS unique_key, i.indisprimary AS primary_key
FROM pg_class bc, pg_class ic, pg_index i, pg_attribute ta, pg_attribute ia
WHERE (bc.oid = i.indrelid)
AND (ic.oid = i.indexrelid)
AND (ia.attrelid = i.indexrelid)
AND (ta.attrelid = bc.oid)
AND (bc.relname = '$table')
AND (ta.attrelid = i.indrelid)
AND (ta.attnum = i.indkey[ia.attnum-1])
ORDER BY index_name, tab_name, column_name ";
$result = $db->sql_query($sql_pri_keys);
if(!$result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_pri_keys);
}
while ( $row = $db->sql_fetchrow($result))
{
if ($row['primary_key'] == 't')
{
if (!empty($primary_key))
{
$primary_key .= ', ';
}
$primary_key .= $row['column_name'];
$primary_key_name = $row['index_name'];
}
else
{
//
// We have to store this all this info because it is possible to have a multi-column key...
// we can loop through it again and build the statement
//
$index_rows[$row['index_name']]['table'] = $table;
$index_rows[$row['index_name']]['unique'] = ($row['unique_key'] == 't') ? ' UNIQUE ' : '';
$index_rows[$row['index_name']]['column_names'] .= $row['column_name'] . ', ';
}
}
if (!empty($index_rows))
{
while(list($idx_name, $props) = each($index_rows))
{
$props['column_names'] = ereg_replace(", $", "" , $props['column_names']);
$index_create .= 'CREATE ' . $props['unique'] . " INDEX $idx_name ON $table (" . $props['column_names'] . ");$crlf";
}
}
if (!empty($primary_key))
{
$schema_create .= " CONSTRAINT $primary_key_name PRIMARY KEY ($primary_key),$crlf";
}
//
// Generate constraint clauses for CHECK constraints
//
$sql_checks = "SELECT rcname as index_name, rcsrc
FROM pg_relcheck, pg_class bc
WHERE rcrelid = bc.oid
AND bc.relname = '$table'
AND NOT EXISTS (
SELECT *
FROM pg_relcheck as c, pg_inherits as i
WHERE i.inhrelid = pg_relcheck.rcrelid
AND c.rcname = pg_relcheck.rcname
AND c.rcsrc = pg_relcheck.rcsrc
AND c.rcrelid = i.inhparent
)";
$result = $db->sql_query($sql_checks);
if (!$result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_checks);
}
//
// Add the constraints to the sql file.
//
while ($row = $db->sql_fetchrow($result))
{
$schema_create .= ' CONSTRAINT ' . $row['index_name'] . ' CHECK ' . $row['rcsrc'] . ",$crlf";
}
$schema_create = ereg_replace(',' . $crlf . '$', '', $schema_create);
$index_create = ereg_replace(',' . $crlf . '$', '', $index_create);
$schema_create .= "$crlf);$crlf";
if (!empty($index_create))
{
$schema_create .= $index_create;
}
//
// Ok now we've built all the sql return it to the calling function.
//
return (stripslashes($schema_create));
}
//
// This function returns the "CREATE TABLE" syntax for mysql dbms...
//
function get_table_def_mysql($table, $crlf)
{
global $drop, $db;
$schema_create = "";
$field_query = "SHOW FIELDS FROM $table";
$key_query = "SHOW KEYS FROM $table";
//
// If the user has selected to drop existing tables when doing a restore.
// Then we add the statement to drop the tables....
//
if ($drop == 1)
{
$schema_create .= "DROP TABLE IF EXISTS $table;$crlf";
}
$schema_create .= "CREATE TABLE $table($crlf";
//
// Ok lets grab the fields...
//
$result = $db->sql_query($field_query);
if(!$result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query);
}
while ($row = $db->sql_fetchrow($result))
{
$schema_create .= ' ' . $row['Field'] . ' ' . $row['Type'];
if(!empty($row['Default']))
{
$schema_create .= ' DEFAULT \'' . $row['Default'] . '\'';
}
if($row['Null'] != "YES")
{
$schema_create .= ' NOT NULL';
}
if($row['Extra'] != "")
{
$schema_create .= ' ' . $row['Extra'];
}
$schema_create .= ",$crlf";
}
//
// Drop the last ',$crlf' off ;)
//
$schema_create = ereg_replace(',' . $crlf . '$', "", $schema_create);
//
// Get any Indexed fields from the database...
//
$result = $db->sql_query($key_query);
if(!$result)
{
message_die(GENERAL_ERROR, "FAILED IN get_table_def (show keys)", "", __LINE__, __FILE__, $key_query);
}
while($row = $db->sql_fetchrow($result))
{
$kname = $row['Key_name'];
if(($kname != 'PRIMARY') && ($row['Non_unique'] == 0))
{
$kname = "UNIQUE|$kname";
}
if(!is_array($index[$kname]))
{
$index[$kname] = array();
}
$index[$kname][] = $row['Column_name'];
}
while(list($x, $columns) = @each($index))
{
$schema_create .= ", $crlf";
if($x == 'PRIMARY')
{
$schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')';
}
elseif (substr($x,0,6) == 'UNIQUE')
{
$schema_create .= ' UNIQUE ' . substr($x,7) . ' (' . implode($columns, ', ') . ')';
}
else
{
$schema_create .= " KEY $x (" . implode($columns, ', ') . ')';
}
}
$schema_create .= "$crlf);";
if(get_magic_quotes_runtime())
{
return(stripslashes($schema_create));
}
else
{
return($schema_create);
}
} // End get_table_def_mysql
//
// This fuction will return a tables create definition to be used as an sql
// statement.
//
//
// The following functions Get the data from the tables and format it as a
// series of INSERT statements, for each different DBMS...
// After every row a custom callback function $handler gets called.
// $handler must accept one parameter ($sql_insert);
//
//
// Here is the function for postgres...
//
function get_table_content_postgresql($table, $handler)
{
global $db;
//
// Grab all of the data from current table.
//
$result = $db->sql_query("SELECT * FROM $table");
if (!$result)
{
message_die(GENERAL_ERROR, "Failed in get_table_content (select *)", "", __LINE__, __FILE__, "SELECT * FROM $table");
}
$i_num_fields = $db->sql_numfields($result);
for ($i = 0; $i < $i_num_fields; $i++)
{
$aryType[] = $db->sql_fieldtype($i, $result);
$aryName[] = $db->sql_fieldname($i, $result);
}
$iRec = 0;
while($row = $db->sql_fetchrow($result))
{
$schema_vals = '';
$schema_fields = '';
$schema_insert = '';
//
// Build the SQL statement to recreate the data.
//
for($i = 0; $i < $i_num_fields; $i++)
{
$strVal = $row[$aryName[$i]];
if (eregi("char|text|bool", $aryType[$i]))
{
$strQuote = "'";
$strEmpty = "";
$strVal = addslashes($strVal);
}
elseif (eregi("date|timestamp", $aryType[$i]))
{
if (empty($strVal))
{
$strQuote = "";
}
else
{
$strQuote = "'";
}
}
else
{
$strQuote = "";
$strEmpty = "NULL";
}
if (empty($strVal) && $strVal != "0")
{
$strVal = $strEmpty;
}
$schema_vals .= " $strQuote$strVal$strQuote,";
$schema_fields .= " $aryName[$i],";
}
$schema_vals = ereg_replace(",$", "", $schema_vals);
$schema_vals = ereg_replace("^ ", "", $schema_vals);
$schema_fields = ereg_replace(",$", "", $schema_fields);
$schema_fields = ereg_replace("^ ", "", $schema_fields);
//
// Take the ordered fields and their associated data and build it
// into a valid sql statement to recreate that field in the data.
//
$schema_insert = "INSERT INTO $table ($schema_fields) VALUES($schema_vals);";
$handler(trim($schema_insert));
}
return(true);
}// end function get_table_content_postgres...
//
// This function is for getting the data from a mysql table.
//
function get_table_content_mysql($table, $handler)
{
global $db;
// Grab the data from the table.
if (!($result = $db->sql_query("SELECT * FROM $table")))
{
message_die(GENERAL_ERROR, "Failed in get_table_content (select *)", "", __LINE__, __FILE__, "SELECT * FROM $table");
}
// Loop through the resulting rows and build the sql statement.
if ($row = $db->sql_fetchrow($result))
{
$handler("\n#\n# Table Data for $table\n#\n");
$field_names = array();
// Grab the list of field names.
$num_fields = $db->sql_numfields($result);
$table_list = '(';
for ($j = 0; $j < $num_fields; $j++)
{
$field_names[$j] = $db->sql_fieldname($j, $result);
$table_list .= (($j > 0) ? ', ' : '') . $field_names[$j];
}
$table_list .= ')';
do
{
// Start building the SQL statement.
$schema_insert = "INSERT INTO $table $table_list VALUES(";
// Loop through the rows and fill in data for each column
for ($j = 0; $j < $num_fields; $j++)
{
$schema_insert .= ($j > 0) ? ', ' : '';
if(!isset($row[$field_names[$j]]))
{
//
// If there is no data for the column set it to null.
// There was a problem here with an extra space causing the
// sql file not to reimport if the last column was null in
// any table. Should be fixed now :) JLH
//
$schema_insert .= 'NULL';
}
elseif ($row[$field_names[$j]] != '')
{
$schema_insert .= '\'' . addslashes($row[$field_names[$j]]) . '\'';
}
else
{
$schema_insert .= '\'\'';
}
}
$schema_insert .= ');';
// Go ahead and send the insert statement to the handler function.
$handler(trim($schema_insert));
}
while ($row = $db->sql_fetchrow($result));
}
return(true);
}
function output_table_content($content)
{
global $tempfile;
//fwrite($tempfile, $content . "\n");
//$backup_sql .= $content . "\n";
echo $content ."\n";
return;
}
//
// End Functions
// -------------
//
// Begin program proper
//
if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
{
$perform = (isset($HTTP_POST_VARS['perform'])) ? $HTTP_POST_VARS['perform'] : $HTTP_GET_VARS['perform'];
switch($perform)
{
case 'backup':
$error = false;
switch(SQL_LAYER)
{
case 'oracle':
$error = true;
break;
case 'db2':
$error = true;
break;
case 'msaccess':
$error = true;
break;
case 'mssql':
case 'mssql-odbc':
$error = true;
break;
}
if ($error)
{
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
$template->assign_vars(array(
"MESSAGE_TITLE" => $lang['Information'],
"MESSAGE_TEXT" => $lang['Backups_not_supported'])
);
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
}
$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm', 'sessions_keys');
$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
$backup_type = (isset($HTTP_POST_VARS['backup_type'])) ? $HTTP_POST_VARS['backup_type'] : ( (isset($HTTP_GET_VARS['backup_type'])) ? $HTTP_GET_VARS['backup_type'] : "" );
$gzipcompress = (!empty($HTTP_POST_VARS['gzipcompress'])) ? $HTTP_POST_VARS['gzipcompress'] : ( (!empty($HTTP_GET_VARS['gzipcompress'])) ? $HTTP_GET_VARS['gzipcompress'] : 0 );
$drop = (!empty($HTTP_POST_VARS['drop'])) ? intval($HTTP_POST_VARS['drop']) : ( (!empty($HTTP_GET_VARS['drop'])) ? intval($HTTP_GET_VARS['drop']) : 0 );
if(!empty($additional_tables))
{
if(ereg(",", $additional_tables))
{
$additional_tables = split(",", $additional_tables);
for($i = 0; $i < count($additional_tables); $i++)
{
$tables[] = trim($additional_tables[$i]);
}
}
else
{
$tables[] = trim($additional_tables);
}
}
if( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']))
{
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/db_utils_backup_body.tpl")
);
$s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"backup\" /><input type=\"hidden\" name=\"drop\" value=\"1\" /><input type=\"hidden\" name=\"perform\" value=\"$perform\" />";
$template->assign_vars(array(
"L_DATABASE_BACKUP" => $lang['Database_Utilities'] . " : " . $lang['Backup'],
"L_BACKUP_EXPLAIN" => $lang['Backup_explain'],
"L_FULL_BACKUP" => $lang['Full_backup'],
"L_STRUCTURE_BACKUP" => $lang['Structure_backup'],
"L_DATA_BACKUP" => $lang['Data_backup'],
"L_ADDITIONAL_TABLES" => $lang['Additional_tables'],
"L_START_BACKUP" => $lang['Start_backup'],
"L_BACKUP_OPTIONS" => $lang['Backup_options'],
"L_GZIP_COMPRESS" => $lang['Gzip_compress'],
"L_NO" => $lang['No'],
"L_YES" => $lang['Yes'],
"S_HIDDEN_FIELDS" => $s_hidden_fields,
"S_DBUTILS_ACTION" => append_sid("admin_db_utilities.$phpEx"))
);
$template->pparse("body");
break;
}
else if( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) )
{
if(is_array($additional_tables))
{
$additional_tables = implode(',', $additional_tables);
}
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
$template->assign_vars(array(
"META" => '<meta http-equiv="refresh" content="2;url=' . append_sid("admin_db_utilities.$phpEx?perform=backup&additional_tables=" . quotemeta($additional_tables) . "&backup_type=$backup_type&drop=1&amp;backupstart=1&gzipcompress=$gzipcompress&startdownload=1") . '">',
"MESSAGE_TITLE" => $lang['Database_Utilities'] . " : " . $lang['Backup'],
"MESSAGE_TEXT" => $lang['Backup_download'])
);
include('./page_header_admin.'.$phpEx);
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
}
header("Pragma: no-cache");
$do_gzip_compress = FALSE;
if( $gzipcompress )
{
$phpver = phpversion();
if($phpver >= "4.0")
{
if(extension_loaded("zlib"))
{
$do_gzip_compress = TRUE;
}
}
}
if($do_gzip_compress)
{
@ob_start();
@ob_implicit_flush(0);
header("Content-Type: application/x-gzip; name=\"phpbb_db_backup.sql.gz\"");
header("Content-disposition: attachment; filename=phpbb_db_backup.sql.gz");
}
else
{
header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.sql\"");
header("Content-disposition: attachment; filename=phpbb_db_backup.sql");
}
//
// Build the sql script file...
//
echo "#\n";
echo "# phpBB Backup Script\n";
echo "# Dump of tables for $dbname\n";
echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n";
echo "#\n";
if(SQL_LAYER == 'postgresql')
{
echo "\n" . pg_get_sequences("\n", $backup_type);
}
for($i = 0; $i < count($tables); $i++)
{
$table_name = $tables[$i];
switch (SQL_LAYER)
{
case 'postgresql':
$table_def_function = "get_table_def_postgresql";
$table_content_function = "get_table_content_postgresql";
break;
case 'mysql':
case 'mysql4':
$table_def_function = "get_table_def_mysql";
$table_content_function = "get_table_content_mysql";
break;
}
if($backup_type != 'data')
{
echo "#\n# TABLE: " . $table_prefix . $table_name . "\n#\n";
echo $table_def_function($table_prefix . $table_name, "\n") . "\n";
}
if($backup_type != 'structure')
{
$table_content_function($table_prefix . $table_name, "output_table_content");
}
}
if($do_gzip_compress)
{
$Size = ob_get_length();
$Crc = crc32(ob_get_contents());
$contents = gzcompress(ob_get_contents());
ob_end_clean();
echo "\x1f\x8b\x08\x00\x00\x00\x00\x00".substr($contents, 0, strlen($contents) - 4).gzip_PrintFourChars($Crc).gzip_PrintFourChars($Size);
}
exit;
break;
case 'restore':
if(!isset($HTTP_POST_VARS['restore_start']))
{
//
// Define Template files...
//
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/db_utils_restore_body.tpl")
);
$s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"restore\" /><input type=\"hidden\" name=\"perform\" value=\"$perform\" />";
$template->assign_vars(array(
"L_DATABASE_RESTORE" => $lang['Database_Utilities'] . " : " . $lang['Restore'],
"L_RESTORE_EXPLAIN" => $lang['Restore_explain'],
"L_SELECT_FILE" => $lang['Select_file'],
"L_START_RESTORE" => $lang['Start_Restore'],
"S_DBUTILS_ACTION" => append_sid("admin_db_utilities.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields)
);
$template->pparse("body");
break;
}
else
{
//
// Handle the file upload ....
// If no file was uploaded report an error...
//
$backup_file_name = (!empty($HTTP_POST_FILES['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : "";
$backup_file_tmpname = ($HTTP_POST_FILES['backup_file']['tmp_name'] != "none") ? $HTTP_POST_FILES['backup_file']['tmp_name'] : "";
$backup_file_type = (!empty($HTTP_POST_FILES['backup_file']['type'])) ? $HTTP_POST_FILES['backup_file']['type'] : "";
if($backup_file_tmpname == "" || $backup_file_name == "")
{
message_die(GENERAL_MESSAGE, $lang['Restore_Error_no_file']);
}
//
// If I file was actually uploaded, check to make sure that we
// are actually passed the name of an uploaded file, and not
// a hackers attempt at getting us to process a local system
// file.
//
if( file_exists(phpbb_realpath($backup_file_tmpname)) )
{
if( preg_match("/^(text\/[a-zA-Z]+)|(application\/(x\-)?gzip(\-compressed)?)|(application\/octet-stream)$/is", $backup_file_type) )
{
if( preg_match("/\.gz$/is",$backup_file_name) )
{
$do_gzip_compress = FALSE;
$phpver = phpversion();
if($phpver >= "4.0")
{
if(extension_loaded("zlib"))
{
$do_gzip_compress = TRUE;
}
}
if($do_gzip_compress)
{
$gz_ptr = gzopen($backup_file_tmpname, 'rb');
$sql_query = "";
while( !gzeof($gz_ptr) )
{
$sql_query .= gzgets($gz_ptr, 100000);
}
}
else
{
message_die(GENERAL_ERROR, $lang['Restore_Error_decompress']);
}
}
else
{
$sql_query = fread(fopen($backup_file_tmpname, 'r'), filesize($backup_file_tmpname));
}
//
// Comment this line out to see if this fixes the stuff...
//
//$sql_query = stripslashes($sql_query);
}
else
{
message_die(GENERAL_ERROR, $lang['Restore_Error_filename'] ." $backup_file_type $backup_file_name");
}
}
else
{
message_die(GENERAL_ERROR, $lang['Restore_Error_uploading']);
}
if($sql_query != "")
{
// Strip out sql comments...
$sql_query = remove_remarks($sql_query);
$pieces = split_sql_file($sql_query, ";");
$sql_count = count($pieces);
for($i = 0; $i < $sql_count; $i++)
{
$sql = trim($pieces[$i]);
if(!empty($sql) and $sql[0] != "#")
{
if(VERBOSE == 1)
{
echo "Executing: $sql\n<br>";
flush();
}
$result = $db->sql_query($sql);
if(!$result && ( !(SQL_LAYER == 'postgresql' && eregi("drop table", $sql) ) ) )
{
message_die(GENERAL_ERROR, "Error importing backup file", "", __LINE__, __FILE__, $sql);
}
}
}
}
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
$message = $lang['Restore_success'];
$template->assign_vars(array(
"MESSAGE_TITLE" => $lang['Database_Utilities'] . " : " . $lang['Restore'],
"MESSAGE_TEXT" => $message)
);
$template->pparse("body");
break;
}
break;
}
}
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_disallow.php
0,0 → 1,146
<?php
/***************************************************************************
* admin_disallow.php
* -------------------
* begin : Tuesday, Oct 05, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_disallow.php,v 1.9.2.4 2005/12/18 13:57:50 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Users']['Disallow'] = $filename;
return;
}
//
// Include required files, get $phpEx and check permissions
//
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
if( isset($HTTP_POST_VARS['add_name']) )
{
include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
$disallowed_user = ( isset($HTTP_POST_VARS['disallowed_user']) ) ? trim($HTTP_POST_VARS['disallowed_user']) : trim($HTTP_GET_VARS['disallowed_user']);
if ($disallowed_user == '')
{
message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
}
if( !validate_username($disallowed_user) )
{
$message = $lang['Disallowed_already'];
}
else
{
$sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username)
VALUES('" . str_replace("\'", "''", $disallowed_user) . "')";
$result = $db->sql_query( $sql );
if ( !$result )
{
message_die(GENERAL_ERROR, "Could not add disallowed user.", "",__LINE__, __FILE__, $sql);
}
$message = $lang['Disallow_successful'];
}
$message .= "<br /><br />" . sprintf($lang['Click_return_disallowadmin'], "<a href=\"" . append_sid("admin_disallow.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else if( isset($HTTP_POST_VARS['delete_name']) )
{
$disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] );
$sql = "DELETE FROM " . DISALLOW_TABLE . "
WHERE disallow_id = $disallowed_id";
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, "Couldn't removed disallowed user.", "",__LINE__, __FILE__, $sql);
}
$message .= $lang['Disallowed_deleted'] . "<br /><br />" . sprintf($lang['Click_return_disallowadmin'], "<a href=\"" . append_sid("admin_disallow.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
//
// Grab the current list of disallowed usernames...
//
$sql = "SELECT *
FROM " . DISALLOW_TABLE;
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, "Couldn't get disallowed users.", "", __LINE__, __FILE__, $sql );
}
$disallowed = $db->sql_fetchrowset($result);
//
// Ok now generate the info for the template, which will be put out no matter
// what mode we are in.
//
$disallow_select = '<select name="disallowed_id">';
if( trim($disallowed) == "" )
{
$disallow_select .= '<option value="">' . $lang['no_disallowed'] . '</option>';
}
else
{
$user = array();
for( $i = 0; $i < count($disallowed); $i++ )
{
$disallow_select .= '<option value="' . $disallowed[$i]['disallow_id'] . '">' . $disallowed[$i]['disallow_username'] . '</option>';
}
}
$disallow_select .= '</select>';
$template->set_filenames(array(
"body" => "admin/disallow_body.tpl")
);
$template->assign_vars(array(
"S_DISALLOW_SELECT" => $disallow_select,
"S_FORM_ACTION" => append_sid("admin_disallow.$phpEx"),
"L_INFO" => $output_info,
"L_DISALLOW_TITLE" => $lang['Disallow_control'],
"L_DISALLOW_EXPLAIN" => $lang['Disallow_explain'],
"L_DELETE" => $lang['Delete_disallow'],
"L_DELETE_DISALLOW" => $lang['Delete_disallow_title'],
"L_DELETE_EXPLAIN" => $lang['Delete_disallow_explain'],
"L_ADD" => $lang['Add_disallow'],
"L_ADD_DISALLOW" => $lang['Add_disallow_title'],
"L_ADD_EXPLAIN" => $lang['Add_disallow_explain'],
"L_USERNAME" => $lang['Username'])
);
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_forum_prune.php
0,0 → 1,199
<?php
/***************************************************************************
* admin_forum_prune.php
* -------------------
* begin : Mon Jul 31, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_forum_prune.php,v 1.22.2.3 2002/12/18 14:14:07 psotfx Exp $
*
****************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', true);
if ( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Forums']['Prune'] = $filename;
return;
}
//
// Load default header
//
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/prune.'.$phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Get the forum ID for pruning
//
if( isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]) )
{
$forum_id = ( isset($HTTP_POST_VARS[POST_FORUM_URL]) ) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];
if( $forum_id == -1 )
{
$forum_sql = '';
}
else
{
$forum_id = intval($forum_id);
$forum_sql = "AND forum_id = $forum_id";
}
}
else
{
$forum_id = '';
$forum_sql = '';
}
//
// Get a list of forum's or the data for the forum that we are pruning.
//
$sql = "SELECT f.*
FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
WHERE c.cat_id = f.cat_id
$forum_sql
ORDER BY c.cat_order ASC, f.forum_order ASC";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain list of forums for pruning', '', __LINE__, __FILE__, $sql);
}
$forum_rows = array();
while( $row = $db->sql_fetchrow($result) )
{
$forum_rows[] = $row;
}
//
// Check for submit to be equal to Prune. If so then proceed with the pruning.
//
if( isset($HTTP_POST_VARS['doprune']) )
{
$prunedays = ( isset($HTTP_POST_VARS['prunedays']) ) ? intval($HTTP_POST_VARS['prunedays']) : 0;
// Convert days to seconds for timestamp functions...
$prunedate = time() - ( $prunedays * 86400 );
$template->set_filenames(array(
'body' => 'admin/forum_prune_result_body.tpl')
);
for($i = 0; $i < count($forum_rows); $i++)
{
$p_result = prune($forum_rows[$i]['forum_id'], $prunedate);
sync('forum', $forum_rows[$i]['forum_id']);
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('prune_results', array(
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'FORUM_NAME' => $forum_rows[$i]['forum_name'],
'FORUM_TOPICS' => $p_result['topics'],
'FORUM_POSTS' => $p_result['posts'])
);
}
$template->assign_vars(array(
'L_FORUM_PRUNE' => $lang['Forum_Prune'],
'L_FORUM' => $lang['Forum'],
'L_TOPICS_PRUNED' => $lang['Topics_pruned'],
'L_POSTS_PRUNED' => $lang['Posts_pruned'],
'L_PRUNE_RESULT' => $lang['Prune_success'])
);
}
else
{
//
// If they haven't selected a forum for pruning yet then
// display a select box to use for pruning.
//
if( empty($HTTP_POST_VARS[POST_FORUM_URL]) )
{
//
// Output a selection table if no forum id has been specified.
//
$template->set_filenames(array(
'body' => 'admin/forum_prune_select_body.tpl')
);
$select_list = '<select name="' . POST_FORUM_URL . '">';
$select_list .= '<option value="-1">' . $lang['All_Forums'] . '</option>';
for($i = 0; $i < count($forum_rows); $i++)
{
$select_list .= '<option value="' . $forum_rows[$i]['forum_id'] . '">' . $forum_rows[$i]['forum_name'] . '</option>';
}
$select_list .= '</select>';
//
// Assign the template variables.
//
$template->assign_vars(array(
'L_FORUM_PRUNE' => $lang['Forum_Prune'],
'L_SELECT_FORUM' => $lang['Select_a_Forum'],
'L_LOOK_UP' => $lang['Look_up_Forum'],
'S_FORUMPRUNE_ACTION' => append_sid("admin_forum_prune.$phpEx"),
'S_FORUMS_SELECT' => $select_list)
);
}
else
{
$forum_id = intval($HTTP_POST_VARS[POST_FORUM_URL]);
//
// Output the form to retrieve Prune information.
//
$template->set_filenames(array(
'body' => 'admin/forum_prune_body.tpl')
);
$forum_name = ( $forum_id == -1 ) ? $lang['All_Forums'] : $forum_rows[0]['forum_name'];
$prune_data = $lang['Prune_topics_not_posted'] . " ";
$prune_data .= '<input class="post" type="text" name="prunedays" size="4"> ' . $lang['Days'];
$hidden_input = '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
//
// Assign the template variables.
//
$template->assign_vars(array(
'FORUM_NAME' => $forum_name,
'L_FORUM' => $lang['Forum'],
'L_FORUM_PRUNE' => $lang['Forum_Prune'],
'L_FORUM_PRUNE_EXPLAIN' => $lang['Forum_Prune_explain'],
'L_DO_PRUNE' => $lang['Do_Prune'],
'S_FORUMPRUNE_ACTION' => append_sid("admin_forum_prune.$phpEx"),
'S_PRUNE_DATA' => $prune_data,
'S_HIDDEN_VARS' => $hidden_input)
);
}
}
//
// Actually output the page here.
//
$template->pparse('body');
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_forumauth.php
0,0 → 1,328
<?php
/***************************************************************************
* admin_forumauth.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_forumauth.php,v 1.23.2.5 2004/03/25 15:57:19 acydburn Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Forums']['Permissions'] = $filename;
return;
}
//
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
//
// Start program - define vars
//
// View Read Post Reply Edit Delete Sticky Announce Vote Poll
$simple_auth_ary = array(
0 => array(AUTH_ALL, AUTH_ALL, AUTH_ALL, AUTH_ALL, AUTH_REG, AUTH_REG, AUTH_MOD, AUTH_MOD, AUTH_REG, AUTH_REG),
1 => array(AUTH_ALL, AUTH_ALL, AUTH_REG, AUTH_REG, AUTH_REG, AUTH_REG, AUTH_MOD, AUTH_MOD, AUTH_REG, AUTH_REG),
2 => array(AUTH_REG, AUTH_REG, AUTH_REG, AUTH_REG, AUTH_REG, AUTH_REG, AUTH_MOD, AUTH_MOD, AUTH_REG, AUTH_REG),
3 => array(AUTH_ALL, AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_MOD, AUTH_ACL, AUTH_ACL),
4 => array(AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_ACL, AUTH_MOD, AUTH_ACL, AUTH_ACL),
5 => array(AUTH_ALL, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD),
6 => array(AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD),
);
$simple_auth_types = array($lang['Public'], $lang['Registered'], $lang['Registered'] . ' [' . $lang['Hidden'] . ']', $lang['Private'], $lang['Private'] . ' [' . $lang['Hidden'] . ']', $lang['Moderators'], $lang['Moderators'] . ' [' . $lang['Hidden'] . ']');
$forum_auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate');
$field_names = array(
'auth_view' => $lang['View'],
'auth_read' => $lang['Read'],
'auth_post' => $lang['Post'],
'auth_reply' => $lang['Reply'],
'auth_edit' => $lang['Edit'],
'auth_delete' => $lang['Delete'],
'auth_sticky' => $lang['Sticky'],
'auth_announce' => $lang['Announce'],
'auth_vote' => $lang['Vote'],
'auth_pollcreate' => $lang['Pollcreate']);
$forum_auth_levels = array('ALL', 'REG', 'PRIVATE', 'MOD', 'ADMIN');
$forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN);
if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]))
{
$forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? intval($HTTP_POST_VARS[POST_FORUM_URL]) : intval($HTTP_GET_VARS[POST_FORUM_URL]);
$forum_sql = "AND forum_id = $forum_id";
}
else
{
unset($forum_id);
$forum_sql = '';
}
if( isset($HTTP_GET_VARS['adv']) )
{
$adv = intval($HTTP_GET_VARS['adv']);
}
else
{
unset($adv);
}
//
// Start program proper
//
if( isset($HTTP_POST_VARS['submit']) )
{
$sql = '';
if(!empty($forum_id))
{
if(isset($HTTP_POST_VARS['simpleauth']))
{
$simple_ary = $simple_auth_ary[intval($HTTP_POST_VARS['simpleauth'])];
for($i = 0; $i < count($simple_ary); $i++)
{
$sql .= ( ( $sql != '' ) ? ', ' : '' ) . $forum_auth_fields[$i] . ' = ' . $simple_ary[$i];
}
if (is_array($simple_ary))
{
$sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
}
}
else
{
for($i = 0; $i < count($forum_auth_fields); $i++)
{
$value = intval($HTTP_POST_VARS[$forum_auth_fields[$i]]);
if ( $forum_auth_fields[$i] == 'auth_vote' )
{
if ( $HTTP_POST_VARS['auth_vote'] == AUTH_ALL )
{
$value = AUTH_REG;
}
}
$sql .= ( ( $sql != '' ) ? ', ' : '' ) .$forum_auth_fields[$i] . ' = ' . $value;
}
$sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
}
if ( $sql != '' )
{
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update auth table', '', __LINE__, __FILE__, $sql);
}
}
$forum_sql = '';
$adv = 0;
}
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">')
);
$message = $lang['Forum_auth_updated'] . '<br /><br />' . sprintf($lang['Click_return_forumauth'], '<a href="' . append_sid("admin_forumauth.$phpEx") . '">', "</a>");
message_die(GENERAL_MESSAGE, $message);
} // End of submit
//
// Get required information, either all forums if
// no id was specified or just the requsted if it
// was
//
$sql = "SELECT f.*
FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
WHERE c.cat_id = f.cat_id
$forum_sql
ORDER BY c.cat_order ASC, f.forum_order ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum list", "", __LINE__, __FILE__, $sql);
}
$forum_rows = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
if( empty($forum_id) )
{
//
// Output the selection table if no forum id was
// specified
//
$template->set_filenames(array(
'body' => 'admin/auth_select_body.tpl')
);
$select_list = '<select name="' . POST_FORUM_URL . '">';
for($i = 0; $i < count($forum_rows); $i++)
{
$select_list .= '<option value="' . $forum_rows[$i]['forum_id'] . '">' . $forum_rows[$i]['forum_name'] . '</option>';
}
$select_list .= '</select>';
$template->assign_vars(array(
'L_AUTH_TITLE' => $lang['Auth_Control_Forum'],
'L_AUTH_EXPLAIN' => $lang['Forum_auth_explain'],
'L_AUTH_SELECT' => $lang['Select_a_Forum'],
'L_LOOK_UP' => $lang['Look_up_Forum'],
'S_AUTH_ACTION' => append_sid("admin_forumauth.$phpEx"),
'S_AUTH_SELECT' => $select_list)
);
}
else
{
//
// Output the authorisation details if an id was
// specified
//
$template->set_filenames(array(
'body' => 'admin/auth_forum_body.tpl')
);
$forum_name = $forum_rows[0]['forum_name'];
@reset($simple_auth_ary);
while( list($key, $auth_levels) = each($simple_auth_ary))
{
$matched = 1;
for($k = 0; $k < count($auth_levels); $k++)
{
$matched_type = $key;
if ( $forum_rows[0][$forum_auth_fields[$k]] != $auth_levels[$k] )
{
$matched = 0;
}
}
if ( $matched )
{
break;
}
}
//
// If we didn't get a match above then we
// automatically switch into 'advanced' mode
//
if ( !isset($adv) && !$matched )
{
$adv = 1;
}
$s_column_span == 0;
if ( empty($adv) )
{
$simple_auth = '<select name="simpleauth">';
for($j = 0; $j < count($simple_auth_types); $j++)
{
$selected = ( $matched_type == $j ) ? ' selected="selected"' : '';
$simple_auth .= '<option value="' . $j . '"' . $selected . '>' . $simple_auth_types[$j] . '</option>';
}
$simple_auth .= '</select>';
$template->assign_block_vars('forum_auth_titles', array(
'CELL_TITLE' => $lang['Simple_mode'])
);
$template->assign_block_vars('forum_auth_data', array(
'S_AUTH_LEVELS_SELECT' => $simple_auth)
);
$s_column_span++;
}
else
{
//
// Output values of individual
// fields
//
for($j = 0; $j < count($forum_auth_fields); $j++)
{
$custom_auth[$j] = '&nbsp;<select name="' . $forum_auth_fields[$j] . '">';
for($k = 0; $k < count($forum_auth_levels); $k++)
{
$selected = ( $forum_rows[0][$forum_auth_fields[$j]] == $forum_auth_const[$k] ) ? ' selected="selected"' : '';
$custom_auth[$j] .= '<option value="' . $forum_auth_const[$k] . '"' . $selected . '>' . $lang['Forum_' . $forum_auth_levels[$k]] . '</option>';
}
$custom_auth[$j] .= '</select>&nbsp;';
$cell_title = $field_names[$forum_auth_fields[$j]];
$template->assign_block_vars('forum_auth_titles', array(
'CELL_TITLE' => $cell_title)
);
$template->assign_block_vars('forum_auth_data', array(
'S_AUTH_LEVELS_SELECT' => $custom_auth[$j])
);
$s_column_span++;
}
}
$adv_mode = ( empty($adv) ) ? '1' : '0';
$switch_mode = append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=" . $forum_id . "&adv=". $adv_mode);
$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
$s_hidden_fields = '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '">';
$template->assign_vars(array(
'FORUM_NAME' => $forum_name,
'L_FORUM' => $lang['Forum'],
'L_AUTH_TITLE' => $lang['Auth_Control_Forum'],
'L_AUTH_EXPLAIN' => $lang['Forum_auth_explain'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'U_SWITCH_MODE' => $u_switch_mode,
'S_FORUMAUTH_ACTION' => append_sid("admin_forumauth.$phpEx"),
'S_COLUMN_SPAN' => $s_column_span,
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
}
include('./page_header_admin.'.$phpEx);
$template->pparse('body');
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_forums.php
0,0 → 1,1028
<?php
/***************************************************************************
* admin_forums.php
* -------------------
* begin : Thursday, Jul 12, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_forums.php,v 1.40.2.13 2006/03/09 21:55:09 grahamje Exp $
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$file = basename(__FILE__);
$module['Forums']['Manage'] = $file;
return;
}
//
// Load default header
//
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
$forum_auth_ary = array(
"auth_view" => AUTH_ALL,
"auth_read" => AUTH_ALL,
"auth_post" => AUTH_REG,
"auth_reply" => AUTH_REG,
"auth_edit" => AUTH_REG,
"auth_delete" => AUTH_REG,
"auth_sticky" => AUTH_MOD,
"auth_announce" => AUTH_MOD,
"auth_vote" => AUTH_REG,
"auth_pollcreate" => AUTH_REG
);
//
// Mode setting
//
if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
$mode = "";
}
// ------------------
// Begin function block
//
function get_info($mode, $id)
{
global $db;
switch($mode)
{
case 'category':
$table = CATEGORIES_TABLE;
$idfield = 'cat_id';
$namefield = 'cat_title';
break;
case 'forum':
$table = FORUMS_TABLE;
$idfield = 'forum_id';
$namefield = 'forum_name';
break;
default:
message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);
break;
}
$sql = "SELECT count(*) as total
FROM $table";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get Forum/Category information", "", __LINE__, __FILE__, $sql);
}
$count = $db->sql_fetchrow($result);
$count = $count['total'];
$sql = "SELECT *
FROM $table
WHERE $idfield = $id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get Forum/Category information", "", __LINE__, __FILE__, $sql);
}
if( $db->sql_numrows($result) != 1 )
{
message_die(GENERAL_ERROR, "Forum/Category doesn't exist or multiple forums/categories with ID $id", "", __LINE__, __FILE__);
}
$return = $db->sql_fetchrow($result);
$return['number'] = $count;
return $return;
}
function get_list($mode, $id, $select)
{
global $db;
switch($mode)
{
case 'category':
$table = CATEGORIES_TABLE;
$idfield = 'cat_id';
$namefield = 'cat_title';
break;
case 'forum':
$table = FORUMS_TABLE;
$idfield = 'forum_id';
$namefield = 'forum_name';
break;
default:
message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);
break;
}
$sql = "SELECT *
FROM $table";
if( $select == 0 )
{
$sql .= " WHERE $idfield <> $id";
}
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get list of Categories/Forums", "", __LINE__, __FILE__, $sql);
}
$cat_list = "";
while( $row = $db->sql_fetchrow($result) )
{
$s = "";
if ($row[$idfield] == $id)
{
$s = " selected=\"selected\"";
}
$catlist .= "<option value=\"$row[$idfield]\"$s>" . $row[$namefield] . "</option>\n";
}
return($catlist);
}
function renumber_order($mode, $cat = 0)
{
global $db;
switch($mode)
{
case 'category':
$table = CATEGORIES_TABLE;
$idfield = 'cat_id';
$orderfield = 'cat_order';
$cat = 0;
break;
case 'forum':
$table = FORUMS_TABLE;
$idfield = 'forum_id';
$orderfield = 'forum_order';
$catfield = 'cat_id';
break;
default:
message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);
break;
}
$sql = "SELECT * FROM $table";
if( $cat != 0)
{
$sql .= " WHERE $catfield = $cat";
}
$sql .= " ORDER BY $orderfield ASC";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get list of Categories", "", __LINE__, __FILE__, $sql);
}
$i = 10;
$inc = 10;
while( $row = $db->sql_fetchrow($result) )
{
$sql = "UPDATE $table
SET $orderfield = $i
WHERE $idfield = " . $row[$idfield];
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update order fields", "", __LINE__, __FILE__, $sql);
}
$i += 10;
}
}
//
// End function block
// ------------------
//
// Begin program proper
//
if( isset($HTTP_POST_VARS['addforum']) || isset($HTTP_POST_VARS['addcategory']) )
{
$mode = ( isset($HTTP_POST_VARS['addforum']) ) ? "addforum" : "addcat";
if( $mode == "addforum" )
{
list($cat_id) = each($HTTP_POST_VARS['addforum']);
$cat_id = intval($cat_id);
//
// stripslashes needs to be run on this because slashes are added when the forum name is posted
//
$forumname = stripslashes($HTTP_POST_VARS['forumname'][$cat_id]);
}
}
if( !empty($mode) )
{
switch($mode)
{
case 'addforum':
case 'editforum':
//
// Show form to create/modify a forum
//
if ($mode == 'editforum')
{
// $newmode determines if we are going to INSERT or UPDATE after posting?
$l_title = $lang['Edit_forum'];
$newmode = 'modforum';
$buttonvalue = $lang['Update'];
$forum_id = intval($HTTP_GET_VARS[POST_FORUM_URL]);
$row = get_info('forum', $forum_id);
$cat_id = $row['cat_id'];
$forumname = $row['forum_name'];
$forumdesc = $row['forum_desc'];
$forumstatus = $row['forum_status'];
//
// start forum prune stuff.
//
if( $row['prune_enable'] )
{
$prune_enabled = "checked=\"checked\"";
$sql = "SELECT *
FROM " . PRUNE_TABLE . "
WHERE forum_id = $forum_id";
if(!$pr_result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Auto-Prune: Couldn't read auto_prune table.", __LINE__, __FILE__);
}
$pr_row = $db->sql_fetchrow($pr_result);
}
else
{
$prune_enabled = '';
}
}
else
{
$l_title = $lang['Create_forum'];
$newmode = 'createforum';
$buttonvalue = $lang['Create_forum'];
$forumdesc = '';
$forumstatus = FORUM_UNLOCKED;
$forum_id = '';
$prune_enabled = '';
}
$catlist = get_list('category', $cat_id, TRUE);
$forumstatus == ( FORUM_LOCKED ) ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\"";
// These two options ($lang['Status_unlocked'] and $lang['Status_locked']) seem to be missing from
// the language files.
$lang['Status_unlocked'] = isset($lang['Status_unlocked']) ? $lang['Status_unlocked'] : 'Unlocked';
$lang['Status_locked'] = isset($lang['Status_locked']) ? $lang['Status_locked'] : 'Locked';
$statuslist = "<option value=\"" . FORUM_UNLOCKED . "\" $forumunlocked>" . $lang['Status_unlocked'] . "</option>\n";
$statuslist .= "<option value=\"" . FORUM_LOCKED . "\" $forumlocked>" . $lang['Status_locked'] . "</option>\n";
$template->set_filenames(array(
"body" => "admin/forum_edit_body.tpl")
);
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $newmode .'" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
$template->assign_vars(array(
'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"),
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_SUBMIT_VALUE' => $buttonvalue,
'S_CAT_LIST' => $catlist,
'S_STATUS_LIST' => $statuslist,
'S_PRUNE_ENABLED' => $prune_enabled,
'L_FORUM_TITLE' => $l_title,
'L_FORUM_EXPLAIN' => $lang['Forum_edit_delete_explain'],
'L_FORUM_SETTINGS' => $lang['Forum_settings'],
'L_FORUM_NAME' => $lang['Forum_name'],
'L_CATEGORY' => $lang['Category'],
'L_FORUM_DESCRIPTION' => $lang['Forum_desc'],
'L_FORUM_STATUS' => $lang['Forum_status'],
'L_AUTO_PRUNE' => $lang['Forum_pruning'],
'L_ENABLED' => $lang['Enabled'],
'L_PRUNE_DAYS' => $lang['prune_days'],
'L_PRUNE_FREQ' => $lang['prune_freq'],
'L_DAYS' => $lang['Days'],
'PRUNE_DAYS' => ( isset($pr_row['prune_days']) ) ? $pr_row['prune_days'] : 7,
'PRUNE_FREQ' => ( isset($pr_row['prune_freq']) ) ? $pr_row['prune_freq'] : 1,
'FORUM_NAME' => $forumname,
'DESCRIPTION' => $forumdesc)
);
$template->pparse("body");
break;
case 'createforum':
//
// Create a forum in the DB
//
if( trim($HTTP_POST_VARS['forumname']) == "" )
{
message_die(GENERAL_ERROR, "Can't create a forum without a name");
}
$sql = "SELECT MAX(forum_order) AS max_order
FROM " . FORUMS_TABLE . "
WHERE cat_id = " . intval($HTTP_POST_VARS[POST_CAT_URL]);
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get order number from forums table", "", __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$max_order = $row['max_order'];
$next_order = $max_order + 10;
$sql = "SELECT MAX(forum_id) AS max_id
FROM " . FORUMS_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get order number from forums table", "", __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$max_id = $row['max_id'];
$next_id = $max_id + 1;
//
// Default permissions of public ::
//
$field_sql = "";
$value_sql = "";
while( list($field, $value) = each($forum_auth_ary) )
{
$field_sql .= ", $field";
$value_sql .= ", $value";
}
// There is no problem having duplicate forum names so we won't check for it.
$sql = "INSERT INTO " . FORUMS_TABLE . " (forum_id, forum_name, cat_id, forum_desc, forum_order, forum_status, prune_enable" . $field_sql . ")
VALUES ('" . $next_id . "', '" . str_replace("\'", "''", $HTTP_POST_VARS['forumname']) . "', " . intval($HTTP_POST_VARS[POST_CAT_URL]) . ", '" . str_replace("\'", "''", $HTTP_POST_VARS['forumdesc']) . "', $next_order, " . intval($HTTP_POST_VARS['forumstatus']) . ", " . intval($HTTP_POST_VARS['prune_enable']) . $value_sql . ")";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert row in forums table", "", __LINE__, __FILE__, $sql);
}
if( $HTTP_POST_VARS['prune_enable'] )
{
if( $HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "")
{
message_die(GENERAL_MESSAGE, $lang['Set_prune_data']);
}
$sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq)
VALUES('" . $next_id . "', " . intval($HTTP_POST_VARS['prune_days']) . ", " . intval($HTTP_POST_VARS['prune_freq']) . ")";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert row in prune table", "", __LINE__, __FILE__, $sql);
}
}
$message = $lang['Forums_updated'] . "<br /><br />" . sprintf($lang['Click_return_forumadmin'], "<a href=\"" . append_sid("admin_forums.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
break;
case 'modforum':
// Modify a forum in the DB
if( isset($HTTP_POST_VARS['prune_enable']))
{
if( $HTTP_POST_VARS['prune_enable'] != 1 )
{
$HTTP_POST_VARS['prune_enable'] = 0;
}
}
$sql = "UPDATE " . FORUMS_TABLE . "
SET forum_name = '" . str_replace("\'", "''", $HTTP_POST_VARS['forumname']) . "', cat_id = " . intval($HTTP_POST_VARS[POST_CAT_URL]) . ", forum_desc = '" . str_replace("\'", "''", $HTTP_POST_VARS['forumdesc']) . "', forum_status = " . intval($HTTP_POST_VARS['forumstatus']) . ", prune_enable = " . intval($HTTP_POST_VARS['prune_enable']) . "
WHERE forum_id = " . intval($HTTP_POST_VARS[POST_FORUM_URL]);
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql);
}
if( $HTTP_POST_VARS['prune_enable'] == 1 )
{
if( $HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "" )
{
message_die(GENERAL_MESSAGE, $lang['Set_prune_data']);
}
$sql = "SELECT *
FROM " . PRUNE_TABLE . "
WHERE forum_id = " . intval($HTTP_POST_VARS[POST_FORUM_URL]);
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get forum Prune Information","",__LINE__, __FILE__, $sql);
}
if( $db->sql_numrows($result) > 0 )
{
$sql = "UPDATE " . PRUNE_TABLE . "
SET prune_days = " . intval($HTTP_POST_VARS['prune_days']) . ", prune_freq = " . intval($HTTP_POST_VARS['prune_freq']) . "
WHERE forum_id = " . intval($HTTP_POST_VARS[POST_FORUM_URL]);
}
else
{
$sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq)
VALUES(" . intval($HTTP_POST_VARS[POST_FORUM_URL]) . ", " . intval($HTTP_POST_VARS['prune_days']) . ", " . intval($HTTP_POST_VARS['prune_freq']) . ")";
}
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't Update Forum Prune Information","",__LINE__, __FILE__, $sql);
}
}
$message = $lang['Forums_updated'] . "<br /><br />" . sprintf($lang['Click_return_forumadmin'], "<a href=\"" . append_sid("admin_forums.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
break;
case 'addcat':
// Create a category in the DB
if( trim($HTTP_POST_VARS['categoryname']) == '')
{
message_die(GENERAL_ERROR, "Can't create a category without a name");
}
$sql = "SELECT MAX(cat_order) AS max_order
FROM " . CATEGORIES_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get order number from categories table", "", __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$max_order = $row['max_order'];
$next_order = $max_order + 10;
//
// There is no problem having duplicate forum names so we won't check for it.
//
$sql = "INSERT INTO " . CATEGORIES_TABLE . " (cat_title, cat_order)
VALUES ('" . str_replace("\'", "''", $HTTP_POST_VARS['categoryname']) . "', $next_order)";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Forums_updated'] . "<br /><br />" . sprintf($lang['Click_return_forumadmin'], "<a href=\"" . append_sid("admin_forums.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
break;
case 'editcat':
//
// Show form to edit a category
//
$newmode = 'modcat';
$buttonvalue = $lang['Update'];
$cat_id = intval($HTTP_GET_VARS[POST_CAT_URL]);
$row = get_info('category', $cat_id);
$cat_title = $row['cat_title'];
$template->set_filenames(array(
"body" => "admin/category_edit_body.tpl")
);
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $newmode . '" /><input type="hidden" name="' . POST_CAT_URL . '" value="' . $cat_id . '" />';
$template->assign_vars(array(
'CAT_TITLE' => $cat_title,
'L_EDIT_CATEGORY' => $lang['Edit_Category'],
'L_EDIT_CATEGORY_EXPLAIN' => $lang['Edit_Category_explain'],
'L_CATEGORY' => $lang['Category'],
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_SUBMIT_VALUE' => $buttonvalue,
'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"))
);
$template->pparse("body");
break;
case 'modcat':
// Modify a category in the DB
$sql = "UPDATE " . CATEGORIES_TABLE . "
SET cat_title = '" . str_replace("\'", "''", $HTTP_POST_VARS['cat_title']) . "'
WHERE cat_id = " . intval($HTTP_POST_VARS[POST_CAT_URL]);
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Forums_updated'] . "<br /><br />" . sprintf($lang['Click_return_forumadmin'], "<a href=\"" . append_sid("admin_forums.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
break;
case 'deleteforum':
// Show form to delete a forum
$forum_id = intval($HTTP_GET_VARS[POST_FORUM_URL]);
$select_to = '<select name="to_id">';
$select_to .= "<option value=\"-1\"$s>" . $lang['Delete_all_posts'] . "</option>\n";
$select_to .= get_list('forum', $forum_id, 0);
$select_to .= '</select>';
$buttonvalue = $lang['Move_and_Delete'];
$newmode = 'movedelforum';
$foruminfo = get_info('forum', $forum_id);
$name = $foruminfo['forum_name'];
$template->set_filenames(array(
"body" => "admin/forum_delete_body.tpl")
);
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $newmode . '" /><input type="hidden" name="from_id" value="' . $forum_id . '" />';
$template->assign_vars(array(
'NAME' => $name,
'L_FORUM_DELETE' => $lang['Forum_delete'],
'L_FORUM_DELETE_EXPLAIN' => $lang['Forum_delete_explain'],
'L_MOVE_CONTENTS' => $lang['Move_contents'],
'L_FORUM_NAME' => $lang['Forum_name'],
"S_HIDDEN_FIELDS" => $s_hidden_fields,
'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"),
'S_SELECT_TO' => $select_to,
'S_SUBMIT_VALUE' => $buttonvalue)
);
$template->pparse("body");
break;
case 'movedelforum':
//
// Move or delete a forum in the DB
//
$from_id = intval($HTTP_POST_VARS['from_id']);
$to_id = intval($HTTP_POST_VARS['to_id']);
$delete_old = intval($HTTP_POST_VARS['delete_old']);
// Either delete or move all posts in a forum
if($to_id == -1)
{
// Delete polls in this forum
$sql = "SELECT v.vote_id
FROM " . VOTE_DESC_TABLE . " v, " . TOPICS_TABLE . " t
WHERE t.forum_id = $from_id
AND v.topic_id = t.topic_id";
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, "Couldn't obtain list of vote ids", "", __LINE__, __FILE__, $sql);
}
if ($row = $db->sql_fetchrow($result))
{
$vote_ids = '';
do
{
$vote_ids = (($vote_ids != '') ? ', ' : '') . $row['vote_id'];
}
while ($row = $db->sql_fetchrow($result));
$sql = "DELETE FROM " . VOTE_DESC_TABLE . "
WHERE vote_id IN ($vote_ids)";
$db->sql_query($sql);
$sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "
WHERE vote_id IN ($vote_ids)";
$db->sql_query($sql);
$sql = "DELETE FROM " . VOTE_USERS_TABLE . "
WHERE vote_id IN ($vote_ids)";
$db->sql_query($sql);
}
$db->sql_freeresult($result);
include($phpbb_root_path . "includes/prune.$phpEx");
prune($from_id, 0, true); // Delete everything from forum
}
else
{
$sql = "SELECT *
FROM " . FORUMS_TABLE . "
WHERE forum_id IN ($from_id, $to_id)";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't verify existence of forums", "", __LINE__, __FILE__, $sql);
}
if($db->sql_numrows($result) != 2)
{
message_die(GENERAL_ERROR, "Ambiguous forum ID's", "", __LINE__, __FILE__);
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET forum_id = $to_id
WHERE forum_id = $from_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't move topics to other forum", "", __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . POSTS_TABLE . "
SET forum_id = $to_id
WHERE forum_id = $from_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't move posts to other forum", "", __LINE__, __FILE__, $sql);
}
sync('forum', $to_id);
}
// Alter Mod level if appropriate - 2.0.4
$sql = "SELECT ug.user_id
FROM " . AUTH_ACCESS_TABLE . " a, " . USER_GROUP_TABLE . " ug
WHERE a.forum_id <> $from_id
AND a.auth_mod = 1
AND ug.group_id = a.group_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain moderator list", "", __LINE__, __FILE__, $sql);
}
if ($row = $db->sql_fetchrow($result))
{
$user_ids = '';
do
{
$user_ids .= (($user_ids != '') ? ', ' : '' ) . $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));
$sql = "SELECT ug.user_id
FROM " . AUTH_ACCESS_TABLE . " a, " . USER_GROUP_TABLE . " ug
WHERE a.forum_id = $from_id
AND a.auth_mod = 1
AND ug.group_id = a.group_id
AND ug.user_id NOT IN ($user_ids)";
if( !$result2 = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain moderator list", "", __LINE__, __FILE__, $sql);
}
if ($row = $db->sql_fetchrow($result2))
{
$user_ids = '';
do
{
$user_ids .= (($user_ids != '') ? ', ' : '' ) . $row['user_id'];
}
while ($row = $db->sql_fetchrow($result2));
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
WHERE user_id IN ($user_ids)
AND user_level <> " . ADMIN;
$db->sql_query($sql);
}
$db->sql_freeresult($result);
}
$db->sql_freeresult($result2);
$sql = "DELETE FROM " . FORUMS_TABLE . "
WHERE forum_id = $from_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete forum", "", __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE forum_id = $from_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete forum", "", __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . PRUNE_TABLE . "
WHERE forum_id = $from_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete forum prune information!", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Forums_updated'] . "<br /><br />" . sprintf($lang['Click_return_forumadmin'], "<a href=\"" . append_sid("admin_forums.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
break;
case 'deletecat':
//
// Show form to delete a category
//
$cat_id = intval($HTTP_GET_VARS[POST_CAT_URL]);
$buttonvalue = $lang['Move_and_Delete'];
$newmode = 'movedelcat';
$catinfo = get_info('category', $cat_id);
$name = $catinfo['cat_title'];
if ($catinfo['number'] == 1)
{
$sql = "SELECT count(*) as total
FROM ". FORUMS_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get Forum count", "", __LINE__, __FILE__, $sql);
}
$count = $db->sql_fetchrow($result);
$count = $count['total'];
if ($count > 0)
{
message_die(GENERAL_ERROR, $lang['Must_delete_forums']);
}
else
{
$select_to = $lang['Nowhere_to_move'];
}
}
else
{
$select_to = '<select name="to_id">';
$select_to .= get_list('category', $cat_id, 0);
$select_to .= '</select>';
}
$template->set_filenames(array(
"body" => "admin/forum_delete_body.tpl")
);
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $newmode . '" /><input type="hidden" name="from_id" value="' . $cat_id . '" />';
$template->assign_vars(array(
'NAME' => $name,
'L_FORUM_DELETE' => $lang['Forum_delete'],
'L_FORUM_DELETE_EXPLAIN' => $lang['Forum_delete_explain'],
'L_MOVE_CONTENTS' => $lang['Move_contents'],
'L_FORUM_NAME' => $lang['Forum_name'],
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"),
'S_SELECT_TO' => $select_to,
'S_SUBMIT_VALUE' => $buttonvalue)
);
$template->pparse("body");
break;
case 'movedelcat':
//
// Move or delete a category in the DB
//
$from_id = intval($HTTP_POST_VARS['from_id']);
$to_id = intval($HTTP_POST_VARS['to_id']);
if (!empty($to_id))
{
$sql = "SELECT *
FROM " . CATEGORIES_TABLE . "
WHERE cat_id IN ($from_id, $to_id)";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't verify existence of categories", "", __LINE__, __FILE__, $sql);
}
if($db->sql_numrows($result) != 2)
{
message_die(GENERAL_ERROR, "Ambiguous category ID's", "", __LINE__, __FILE__);
}
$sql = "UPDATE " . FORUMS_TABLE . "
SET cat_id = $to_id
WHERE cat_id = $from_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't move forums to other category", "", __LINE__, __FILE__, $sql);
}
}
$sql = "DELETE FROM " . CATEGORIES_TABLE ."
WHERE cat_id = $from_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete category", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Forums_updated'] . "<br /><br />" . sprintf($lang['Click_return_forumadmin'], "<a href=\"" . append_sid("admin_forums.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
break;
case 'forum_order':
//
// Change order of forums in the DB
//
$move = intval($HTTP_GET_VARS['move']);
$forum_id = intval($HTTP_GET_VARS[POST_FORUM_URL]);
$forum_info = get_info('forum', $forum_id);
$cat_id = $forum_info['cat_id'];
$sql = "UPDATE " . FORUMS_TABLE . "
SET forum_order = forum_order + $move
WHERE forum_id = $forum_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);
}
renumber_order('forum', $forum_info['cat_id']);
$show_index = TRUE;
break;
case 'cat_order':
//
// Change order of categories in the DB
//
$move = intval($HTTP_GET_VARS['move']);
$cat_id = intval($HTTP_GET_VARS[POST_CAT_URL]);
$sql = "UPDATE " . CATEGORIES_TABLE . "
SET cat_order = cat_order + $move
WHERE cat_id = $cat_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);
}
renumber_order('category');
$show_index = TRUE;
break;
case 'forum_sync':
sync('forum', intval($HTTP_GET_VARS[POST_FORUM_URL]));
$show_index = TRUE;
break;
default:
message_die(GENERAL_MESSAGE, $lang['No_mode']);
break;
}
if ($show_index != TRUE)
{
include('./page_footer_admin.'.$phpEx);
exit;
}
}
//
// Start page proper
//
$template->set_filenames(array(
"body" => "admin/forum_admin_body.tpl")
);
$template->assign_vars(array(
'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"),
'L_FORUM_TITLE' => $lang['Forum_admin'],
'L_FORUM_EXPLAIN' => $lang['Forum_admin_explain'],
'L_CREATE_FORUM' => $lang['Create_forum'],
'L_CREATE_CATEGORY' => $lang['Create_category'],
'L_EDIT' => $lang['Edit'],
'L_DELETE' => $lang['Delete'],
'L_MOVE_UP' => $lang['Move_up'],
'L_MOVE_DOWN' => $lang['Move_down'],
'L_RESYNC' => $lang['Resync'])
);
$sql = "SELECT cat_id, cat_title, cat_order
FROM " . CATEGORIES_TABLE . "
ORDER BY cat_order";
if( !$q_categories = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not query categories list", "", __LINE__, __FILE__, $sql);
}
if( $total_categories = $db->sql_numrows($q_categories) )
{
$category_rows = $db->sql_fetchrowset($q_categories);
$sql = "SELECT *
FROM " . FORUMS_TABLE . "
ORDER BY cat_id, forum_order";
if(!$q_forums = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not query forums information", "", __LINE__, __FILE__, $sql);
}
if( $total_forums = $db->sql_numrows($q_forums) )
{
$forum_rows = $db->sql_fetchrowset($q_forums);
}
//
// Okay, let's build the index
//
$gen_cat = array();
for($i = 0; $i < $total_categories; $i++)
{
$cat_id = $category_rows[$i]['cat_id'];
$template->assign_block_vars("catrow", array(
'S_ADD_FORUM_SUBMIT' => "addforum[$cat_id]",
'S_ADD_FORUM_NAME' => "forumname[$cat_id]",
'CAT_ID' => $cat_id,
'CAT_DESC' => $category_rows[$i]['cat_title'],
'U_CAT_EDIT' => append_sid("admin_forums.$phpEx?mode=editcat&amp;" . POST_CAT_URL . "=$cat_id"),
'U_CAT_DELETE' => append_sid("admin_forums.$phpEx?mode=deletecat&amp;" . POST_CAT_URL . "=$cat_id"),
'U_CAT_MOVE_UP' => append_sid("admin_forums.$phpEx?mode=cat_order&amp;move=-15&amp;" . POST_CAT_URL . "=$cat_id"),
'U_CAT_MOVE_DOWN' => append_sid("admin_forums.$phpEx?mode=cat_order&amp;move=15&amp;" . POST_CAT_URL . "=$cat_id"),
'U_VIEWCAT' => append_sid($phpbb_root_path."index.$phpEx?" . POST_CAT_URL . "=$cat_id"))
);
for($j = 0; $j < $total_forums; $j++)
{
$forum_id = $forum_rows[$j]['forum_id'];
if ($forum_rows[$j]['cat_id'] == $cat_id)
{
$template->assign_block_vars("catrow.forumrow", array(
'FORUM_NAME' => $forum_rows[$j]['forum_name'],
'FORUM_DESC' => $forum_rows[$j]['forum_desc'],
'ROW_COLOR' => $row_color,
'NUM_TOPICS' => $forum_rows[$j]['forum_topics'],
'NUM_POSTS' => $forum_rows[$j]['forum_posts'],
'U_VIEWFORUM' => append_sid($phpbb_root_path."viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"),
'U_FORUM_EDIT' => append_sid("admin_forums.$phpEx?mode=editforum&amp;" . POST_FORUM_URL . "=$forum_id"),
'U_FORUM_DELETE' => append_sid("admin_forums.$phpEx?mode=deleteforum&amp;" . POST_FORUM_URL . "=$forum_id"),
'U_FORUM_MOVE_UP' => append_sid("admin_forums.$phpEx?mode=forum_order&amp;move=-15&amp;" . POST_FORUM_URL . "=$forum_id"),
'U_FORUM_MOVE_DOWN' => append_sid("admin_forums.$phpEx?mode=forum_order&amp;move=15&amp;" . POST_FORUM_URL . "=$forum_id"),
'U_FORUM_RESYNC' => append_sid("admin_forums.$phpEx?mode=forum_sync&amp;" . POST_FORUM_URL . "=$forum_id"))
);
}// if ... forumid == catid
} // for ... forums
} // for ... categories
}// if ... total_categories
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_groups.php
0,0 → 1,417
<?php
/***************************************************************************
* admin_groups.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_groups.php,v 1.25.2.13 2006/03/09 19:42:41 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if ( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Groups']['Manage'] = $filename;
return;
}
//
// Load default header
//
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
if ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
{
$group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
}
else
{
$group_id = 0;
}
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
$mode = '';
}
if ( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
{
//
// Ok they are editing a group or creating a new group
//
$template->set_filenames(array(
'body' => 'admin/group_edit_body.tpl')
);
if ( isset($HTTP_POST_VARS['edit']) )
{
//
// They're editing. Grab the vars.
//
$sql = "SELECT *
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
AND group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
if ( !($group_info = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
}
$mode = 'editgroup';
$template->assign_block_vars('group_edit', array());
}
else if ( isset($HTTP_POST_VARS['new']) )
{
$group_info = array (
'group_name' => '',
'group_description' => '',
'group_moderator' => '',
'group_type' => GROUP_OPEN);
$group_open = ' checked="checked"';
$mode = 'newgroup';
}
//
// Ok, now we know everything about them, let's show the page.
//
if ($group_info['group_moderator'] != '')
{
$sql = "SELECT user_id, username
FROM " . USERS_TABLE . "
WHERE user_id = " . $group_info['group_moderator'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
}
$group_moderator = $row['username'];
}
else
{
$group_moderator = '';
}
$group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '';
$group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '';
$group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '';
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
$template->assign_vars(array(
'GROUP_NAME' => $group_info['group_name'],
'GROUP_DESCRIPTION' => $group_info['group_description'],
'GROUP_MODERATOR' => $group_moderator,
'L_GROUP_TITLE' => $lang['Group_administration'],
'L_GROUP_EDIT_DELETE' => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'],
'L_GROUP_NAME' => $lang['group_name'],
'L_GROUP_DESCRIPTION' => $lang['group_description'],
'L_GROUP_MODERATOR' => $lang['group_moderator'],
'L_FIND_USERNAME' => $lang['Find_username'],
'L_GROUP_STATUS' => $lang['group_status'],
'L_GROUP_OPEN' => $lang['group_open'],
'L_GROUP_CLOSED' => $lang['group_closed'],
'L_GROUP_HIDDEN' => $lang['group_hidden'],
'L_GROUP_DELETE' => $lang['group_delete'],
'L_GROUP_DELETE_CHECK' => $lang['group_delete_check'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'L_DELETE_MODERATOR' => $lang['delete_group_moderator'],
'L_DELETE_MODERATOR_EXPLAIN' => $lang['delete_moderator_explain'],
'L_YES' => $lang['Yes'],
'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"),
'S_GROUP_OPEN_TYPE' => GROUP_OPEN,
'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED,
'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN,
'S_GROUP_OPEN_CHECKED' => $group_open,
'S_GROUP_CLOSED_CHECKED' => $group_closed,
'S_GROUP_HIDDEN_CHECKED' => $group_hidden,
'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$template->pparse('body');
}
else if ( isset($HTTP_POST_VARS['group_update']) )
{
//
// Ok, they are submitting a group, let's save the data based on if it's new or editing
//
if ( isset($HTTP_POST_VARS['group_delete']) )
{
//
// Reset User Moderator Level
//
// Is Group moderating a forum ?
$sql = "SELECT auth_mod FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = " . $group_id;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select auth_access', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
if (intval($row['auth_mod']) == 1)
{
// Yes, get the assigned users and update their Permission if they are no longer moderator of one of the forums
$sql = "SELECT user_id FROM " . USER_GROUP_TABLE . "
WHERE group_id = " . $group_id;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select user_group', '', __LINE__, __FILE__, $sql);
}
$rows = $db->sql_fetchrowset($result);
for ($i = 0; $i < count($rows); $i++)
{
$sql = "SELECT g.group_id FROM " . AUTH_ACCESS_TABLE . " a, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
WHERE (a.auth_mod = 1) AND (g.group_id = a.group_id) AND (a.group_id = ug.group_id) AND (g.group_id = ug.group_id)
AND (ug.user_id = " . intval($rows[$i]['user_id']) . ") AND (ug.group_id <> " . $group_id . ")";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain moderator permissions', '', __LINE__, __FILE__, $sql);
}
if ($db->sql_numrows($result) == 0)
{
$sql = "UPDATE " . USERS_TABLE . " SET user_level = " . USER . "
WHERE user_level = " . MOD . " AND user_id = " . intval($rows[$i]['user_id']);
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update moderator permissions', '', __LINE__, __FILE__, $sql);
}
}
}
}
//
// Delete Group
//
$sql = "DELETE FROM " . GROUPS_TABLE . "
WHERE group_id = " . $group_id;
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE group_id = " . $group_id;
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update user_group', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = " . $group_id;
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update auth_access', '', __LINE__, __FILE__, $sql);
}
$message = $lang['Deleted_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
else
{
$group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN;
$group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : '';
$group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : '';
$group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false;
if ( $group_name == '' )
{
message_die(GENERAL_MESSAGE, $lang['No_group_name']);
}
else if ( $group_moderator == '' )
{
message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
}
$this_userdata = get_userdata($group_moderator, true);
$group_moderator = $this_userdata['user_id'];
if ( !$group_moderator )
{
message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
}
if( $mode == "editgroup" )
{
$sql = "SELECT *
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
AND group_id = " . $group_id;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
if( !($group_info = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
}
if ( $group_info['group_moderator'] != $group_moderator )
{
if ( $delete_old_moderator )
{
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE user_id = " . $group_info['group_moderator'] . "
AND group_id = " . $group_id;
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql);
}
}
$sql = "SELECT user_id
FROM " . USER_GROUP_TABLE . "
WHERE user_id = $group_moderator
AND group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Failed to obtain current group moderator info', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
{
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
VALUES (" . $group_id . ", " . $group_moderator . ", 0)";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql);
}
}
}
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator
WHERE group_id = $group_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql);
}
$message = $lang['Updated_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
message_die(GENERAL_MESSAGE, $message);
}
else if( $mode == 'newgroup' )
{
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user)
VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not insert new group', '', __LINE__, __FILE__, $sql);
}
$new_group_id = $db->sql_nextid();
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
VALUES ($new_group_id, $group_moderator, 0)";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not insert new user-group info', '', __LINE__, __FILE__, $sql);
}
$message = $lang['Added_new_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
message_die(GENERAL_MESSAGE, $message);
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_group_action']);
}
}
}
else
{
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
ORDER BY group_name";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain group list', '', __LINE__, __FILE__, $sql);
}
$select_list = '';
if ( $row = $db->sql_fetchrow($result) )
{
$select_list .= '<select name="' . POST_GROUPS_URL . '">';
do
{
$select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
}
while ( $row = $db->sql_fetchrow($result) );
$select_list .= '</select>';
}
$template->set_filenames(array(
'body' => 'admin/group_select_body.tpl')
);
$template->assign_vars(array(
'L_GROUP_TITLE' => $lang['Group_administration'],
'L_GROUP_EXPLAIN' => $lang['Group_admin_explain'],
'L_GROUP_SELECT' => $lang['Select_group'],
'L_LOOK_UP' => $lang['Look_up_group'],
'L_CREATE_NEW_GROUP' => $lang['New_group'],
'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
'S_GROUP_SELECT' => $select_list)
);
if ( $select_list != '' )
{
$template->assign_block_vars('select_box', array());
}
$template->pparse('body');
}
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_mass_email.php
0,0 → 1,213
<?php
/***************************************************************************
* admin_mass_email.php
* -------------------
* begin : Thu May 31, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_mass_email.php,v 1.15.2.7 2003/05/03 23:24:01 acydburn Exp $
*
****************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['General']['Mass_Email'] = $filename;
return;
}
//
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
//
// Increase maximum execution time in case of a lot of users, but don't complain about it if it isn't
// allowed.
//
@set_time_limit(1200);
$message = '';
$subject = '';
//
// Do the job ...
//
if ( isset($HTTP_POST_VARS['submit']) )
{
$subject = stripslashes(trim($HTTP_POST_VARS['subject']));
$message = stripslashes(trim($HTTP_POST_VARS['message']));
$error = FALSE;
$error_msg = '';
if ( empty($subject) )
{
$error = true;
$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject'];
}
if ( empty($message) )
{
$error = true;
$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
}
$group_id = intval($HTTP_POST_VARS[POST_GROUPS_URL]);
$sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select group members', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$bcc_list = array();
do
{
$bcc_list[] = $row['user_email'];
}
while ( $row = $db->sql_fetchrow($result) );
$db->sql_freeresult($result);
}
else
{
$message = ( $group_id != -1 ) ? $lang['Group_not_exist'] : $lang['No_such_user'];
$error = true;
$error_msg .= ( !empty($error_msg) ) ? '<br />' . $message : $message;
}
if ( !$error )
{
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
//
// Let's do some checking to make sure that mass mail functions
// are working in win32 versions of php.
//
if ( preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery'])
{
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
// We are running on windows, force delivery to use our smtp functions
// since php's are broken by default
$board_config['smtp_delivery'] = 1;
$board_config['smtp_host'] = @$ini_val('SMTP');
}
$emailer = new emailer($board_config['smtp_delivery']);
$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);
for ($i = 0; $i < count($bcc_list); $i++)
{
$emailer->bcc($bcc_list[$i]);
}
$email_headers = 'X-AntiAbuse: Board servername - ' . $board_config['server_name'] . "\n";
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
$emailer->use_template('admin_send_email');
$emailer->email_address($board_config['board_email']);
$emailer->set_subject($subject);
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'BOARD_EMAIL' => $board_config['board_email'],
'MESSAGE' => $message)
);
$emailer->send();
$emailer->reset();
message_die(GENERAL_MESSAGE, $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>'));
}
}
if ( $error )
{
$template->set_filenames(array(
'reg_header' => 'error_body.tpl')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}
//
// Initial selection
//
$sql = "SELECT group_id, group_name
FROM ".GROUPS_TABLE . "
WHERE group_single_user <> 1";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain list of groups', '', __LINE__, __FILE__, $sql);
}
$select_list = '<select name = "' . POST_GROUPS_URL . '"><option value = "-1">' . $lang['All_users'] . '</option>';
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$select_list .= '<option value = "' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
}
while ( $row = $db->sql_fetchrow($result) );
}
$select_list .= '</select>';
//
// Generate page
//
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
'body' => 'admin/user_email_body.tpl')
);
$template->assign_vars(array(
'MESSAGE' => $message,
'SUBJECT' => $subject,
'L_EMAIL_TITLE' => $lang['Email'],
'L_EMAIL_EXPLAIN' => $lang['Mass_email_explain'],
'L_COMPOSE' => $lang['Compose'],
'L_RECIPIENTS' => $lang['Recipients'],
'L_EMAIL_SUBJECT' => $lang['Subject'],
'L_EMAIL_MSG' => $lang['Message'],
'L_EMAIL' => $lang['Email'],
'L_NOTICE' => $notice,
'S_USER_ACTION' => append_sid('admin_mass_email.'.$phpEx),
'S_GROUP_SELECT' => $select_list)
);
$template->pparse('body');
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_ranks.php
0,0 → 1,349
<?php
/***************************************************************************
* admin_ranks.php
* -------------------
* begin : Thursday, Jul 12, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_ranks.php,v 1.13.2.8 2006/04/13 09:56:48 grahamje Exp $
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if( !empty($setmodules) )
{
$file = basename(__FILE__);
$module['Users']['Ranks'] = $file;
return;
}
define('IN_PHPBB', 1);
//
// Let's set the root dir for phpBB
//
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;
$no_page_header = $cancel;
require('./pagestart.' . $phpEx);
if ($cancel)
{
redirect('admin/' . append_sid("admin_ranks.$phpEx", true));
}
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
//
// These could be entered via a form button
//
if( isset($HTTP_POST_VARS['add']) )
{
$mode = "add";
}
else if( isset($HTTP_POST_VARS['save']) )
{
$mode = "save";
}
else
{
$mode = "";
}
}
// Restrict mode input to valid options
$mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
if( $mode != "" )
{
if( $mode == "edit" || $mode == "add" )
{
//
// They want to add a new rank, show the form.
//
$rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
$s_hidden_fields = "";
if( $mode == "edit" )
{
if( empty($rank_id) )
{
message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
}
$sql = "SELECT * FROM " . RANKS_TABLE . "
WHERE rank_id = $rank_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Couldn't obtain rank data", "", __LINE__, __FILE__, $sql);
}
$rank_info = $db->sql_fetchrow($result);
$s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />';
}
else
{
$rank_info['rank_special'] = 0;
}
$s_hidden_fields .= '<input type="hidden" name="mode" value="save" />';
$rank_is_special = ( $rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
$rank_is_not_special = ( !$rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
$template->set_filenames(array(
"body" => "admin/ranks_edit_body.tpl")
);
$template->assign_vars(array(
"RANK" => $rank_info['rank_title'],
"SPECIAL_RANK" => $rank_is_special,
"NOT_SPECIAL_RANK" => $rank_is_not_special,
"MINIMUM" => ( $rank_is_special ) ? "" : $rank_info['rank_min'],
"IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "",
"IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="../' . $rank_info['rank_image'] . '" />' : "",
"L_RANKS_TITLE" => $lang['Ranks_title'],
"L_RANKS_TEXT" => $lang['Ranks_explain'],
"L_RANK_TITLE" => $lang['Rank_title'],
"L_RANK_SPECIAL" => $lang['Rank_special'],
"L_RANK_MINIMUM" => $lang['Rank_minimum'],
"L_RANK_IMAGE" => $lang['Rank_image'],
"L_RANK_IMAGE_EXPLAIN" => $lang['Rank_image_explain'],
"L_SUBMIT" => $lang['Submit'],
"L_RESET" => $lang['Reset'],
"L_YES" => $lang['Yes'],
"L_NO" => $lang['No'],
"S_RANK_ACTION" => append_sid("admin_ranks.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields)
);
}
else if( $mode == "save" )
{
//
// Ok, they sent us our info, let's update it.
//
$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
$rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : "";
$special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0;
$min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1;
$rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) ) ? trim($HTTP_POST_VARS['rank_image']) : "";
if( $rank_title == "" )
{
message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
}
if( $special_rank == 1 )
{
$max_posts = -1;
$min_posts = -1;
}
//
// The rank image has to be a jpg, gif or png
//
if($rank_image != "")
{
if ( !preg_match("/(\.gif|\.png|\.jpg)$/is", $rank_image))
{
$rank_image = "";
}
}
if ($rank_id)
{
if (!$special_rank)
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_rank = 0
WHERE user_rank = $rank_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, $lang['No_update_ranks'], "", __LINE__, __FILE__, $sql);
}
}
$sql = "UPDATE " . RANKS_TABLE . "
SET rank_title = '" . str_replace("\'", "''", $rank_title) . "', rank_special = $special_rank, rank_min = $min_posts, rank_image = '" . str_replace("\'", "''", $rank_image) . "'
WHERE rank_id = $rank_id";
$message = $lang['Rank_updated'];
}
else
{
$sql = "INSERT INTO " . RANKS_TABLE . " (rank_title, rank_special, rank_min, rank_image)
VALUES ('" . str_replace("\'", "''", $rank_title) . "', $special_rank, $min_posts, '" . str_replace("\'", "''", $rank_image) . "')";
$message = $lang['Rank_added'];
}
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update/insert into ranks table", "", __LINE__, __FILE__, $sql);
}
$message .= "<br /><br />" . sprintf($lang['Click_return_rankadmin'], "<a href=\"" . append_sid("admin_ranks.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else if( $mode == "delete" )
{
//
// Ok, they want to delete their rank
//
if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
{
$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
}
else
{
$rank_id = 0;
}
$confirm = isset($HTTP_POST_VARS['confirm']);
if( $rank_id && $confirm )
{
$sql = "DELETE FROM " . RANKS_TABLE . "
WHERE rank_id = $rank_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete rank data", "", __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . USERS_TABLE . "
SET user_rank = 0
WHERE user_rank = $rank_id";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, $lang['No_update_ranks'], "", __LINE__, __FILE__, $sql);
}
$message = $lang['Rank_removed'] . "<br /><br />" . sprintf($lang['Click_return_rankadmin'], "<a href=\"" . append_sid("admin_ranks.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
elseif( $rank_id && !$confirm)
{
// Present the confirmation screen to the user
$template->set_filenames(array(
'body' => 'admin/confirm_body.tpl')
);
$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $rank_id . '" />';
$template->assign_vars(array(
'MESSAGE_TITLE' => $lang['Confirm'],
'MESSAGE_TEXT' => $lang['Confirm_delete_rank'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("admin_ranks.$phpEx"),
'S_HIDDEN_FIELDS' => $hidden_fields)
);
}
else
{
message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
}
}
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
}
//
// Show the default page
//
$template->set_filenames(array(
"body" => "admin/ranks_list_body.tpl")
);
$sql = "SELECT * FROM " . RANKS_TABLE . "
ORDER BY rank_min ASC, rank_special ASC";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
}
$rank_count = $db->sql_numrows($result);
$rank_rows = $db->sql_fetchrowset($result);
$template->assign_vars(array(
"L_RANKS_TITLE" => $lang['Ranks_title'],
"L_RANKS_TEXT" => $lang['Ranks_explain'],
"L_RANK" => $lang['Rank_title'],
"L_RANK_MINIMUM" => $lang['Rank_minimum'],
"L_SPECIAL_RANK" => $lang['Rank_special'],
"L_EDIT" => $lang['Edit'],
"L_DELETE" => $lang['Delete'],
"L_ADD_RANK" => $lang['Add_new_rank'],
"L_ACTION" => $lang['Action'],
"S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
);
for($i = 0; $i < $rank_count; $i++)
{
$rank = $rank_rows[$i]['rank_title'];
$special_rank = $rank_rows[$i]['rank_special'];
$rank_id = $rank_rows[$i]['rank_id'];
$rank_min = $rank_rows[$i]['rank_min'];
if( $special_rank == 1 )
{
$rank_min = $rank_max = "-";
}
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No'];
$template->assign_block_vars("ranks", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"RANK" => $rank,
"SPECIAL_RANK" => $rank_is_special,
"RANK_MIN" => $rank_min,
"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
);
}
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_smilies.php
0,0 → 1,597
<?php
/***************************************************************************
* admin_smilies.php
* -------------------
* begin : Thu May 31, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_smilies.php,v 1.22.2.18 2006/04/13 09:56:48 grahamje Exp $
*
****************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
/**************************************************************************
* This file will be used for modifying the smiley settings for a board.
**************************************************************************/
define('IN_PHPBB', 1);
//
// First we do the setmodules stuff for the admin cp.
//
if( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['General']['Smilies'] = $filename;
return;
}
//
// Load default header
//
if( isset($HTTP_GET_VARS['export_pack']) )
{
if ( $HTTP_GET_VARS['export_pack'] == "send" )
{
$no_page_header = true;
}
}
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;
$no_page_header = $cancel;
require('./pagestart.' . $phpEx);
if ($cancel)
{
redirect('admin/' . append_sid("admin_smilies.$phpEx", true));
}
//
// Check to see what mode we should operate in.
//
if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
$mode = "";
}
$delimeter = '=+:';
//
// Read a listing of uploaded smilies for use in the add or edit smliey code...
//
$dir = @opendir($phpbb_root_path . $board_config['smilies_path']);
while($file = @readdir($dir))
{
if( !@is_dir(phpbb_realpath($phpbb_root_path . $board_config['smilies_path'] . '/' . $file)) )
{
$img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . $file);
if( $img_size[0] && $img_size[1] )
{
$smiley_images[] = $file;
}
else if( eregi('.pak$', $file) )
{
$smiley_paks[] = $file;
}
}
}
@closedir($dir);
//
// Select main mode
//
if( isset($HTTP_GET_VARS['import_pack']) || isset($HTTP_POST_VARS['import_pack']) )
{
//
// Import a list a "Smiley Pack"
//
$smile_pak = ( isset($HTTP_POST_VARS['smile_pak']) ) ? $HTTP_POST_VARS['smile_pak'] : $HTTP_GET_VARS['smile_pak'];
$clear_current = ( isset($HTTP_POST_VARS['clear_current']) ) ? $HTTP_POST_VARS['clear_current'] : $HTTP_GET_VARS['clear_current'];
$replace_existing = ( isset($HTTP_POST_VARS['replace']) ) ? $HTTP_POST_VARS['replace'] : $HTTP_GET_VARS['replace'];
if ( !empty($smile_pak) )
{
//
// The user has already selected a smile_pak file.. Import it.
//
if( !empty($clear_current) )
{
$sql = "DELETE
FROM " . SMILIES_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete current smilies", "", __LINE__, __FILE__, $sql);
}
}
else
{
$sql = "SELECT code
FROM ". SMILIES_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't get current smilies", "", __LINE__, __FILE__, $sql);
}
$cur_smilies = $db->sql_fetchrowset($result);
for( $i = 0; $i < count($cur_smilies); $i++ )
{
$k = $cur_smilies[$i]['code'];
$smiles[$k] = 1;
}
}
$fcontents = @file($phpbb_root_path . $board_config['smilies_path'] . '/'. $smile_pak);
if( empty($fcontents) )
{
message_die(GENERAL_ERROR, "Couldn't read smiley pak file", "", __LINE__, __FILE__, $sql);
}
for( $i = 0; $i < count($fcontents); $i++ )
{
$smile_data = explode($delimeter, trim(addslashes($fcontents[$i])));
for( $j = 2; $j < count($smile_data); $j++)
{
//
// Replace > and < with the proper html_entities for matching.
//
$smile_data[$j] = str_replace("<", "&lt;", $smile_data[$j]);
$smile_data[$j] = str_replace(">", "&gt;", $smile_data[$j]);
$k = $smile_data[$j];
if( $smiles[$k] == 1 )
{
if( !empty($replace_existing) )
{
$sql = "UPDATE " . SMILIES_TABLE . "
SET smile_url = '" . str_replace("\'", "''", $smile_data[0]) . "', emoticon = '" . str_replace("\'", "''", $smile_data[1]) . "'
WHERE code = '" . str_replace("\'", "''", $smile_data[$j]) . "'";
}
else
{
$sql = '';
}
}
else
{
$sql = "INSERT INTO " . SMILIES_TABLE . " (code, smile_url, emoticon)
VALUES('" . str_replace("\'", "''", $smile_data[$j]) . "', '" . str_replace("\'", "''", $smile_data[0]) . "', '" . str_replace("\'", "''", $smile_data[1]) . "')";
}
if( $sql != '' )
{
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, "Couldn't update smilies!", "", __LINE__, __FILE__, $sql);
}
}
}
}
$message = $lang['smiley_import_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else
{
//
// Display the script to get the smile_pak cfg file...
//
$smile_paks_select = "<select name='smile_pak'><option value=''>" . $lang['Select_pak'] . "</option>";
while( list($key, $value) = @each($smiley_paks) )
{
if ( !empty($value) )
{
$smile_paks_select .= "<option>" . $value . "</option>";
}
}
$smile_paks_select .= "</select>";
$hidden_vars = "<input type='hidden' name='mode' value='import'>";
$template->set_filenames(array(
"body" => "admin/smile_import_body.tpl")
);
$template->assign_vars(array(
"L_SMILEY_TITLE" => $lang['smiley_title'],
"L_SMILEY_EXPLAIN" => $lang['smiley_import_inst'],
"L_SMILEY_IMPORT" => $lang['smiley_import'],
"L_SELECT_LBL" => $lang['choose_smile_pak'],
"L_IMPORT" => $lang['import'],
"L_CONFLICTS" => $lang['smile_conflicts'],
"L_DEL_EXISTING" => $lang['del_existing_smileys'],
"L_REPLACE_EXISTING" => $lang['replace_existing'],
"L_KEEP_EXISTING" => $lang['keep_existing'],
"S_SMILEY_ACTION" => append_sid("admin_smilies.$phpEx"),
"S_SMILE_SELECT" => $smile_paks_select,
"S_HIDDEN_FIELDS" => $hidden_vars)
);
$template->pparse("body");
}
}
else if( isset($HTTP_POST_VARS['export_pack']) || isset($HTTP_GET_VARS['export_pack']) )
{
//
// Export our smiley config as a smiley pak...
//
if ( $HTTP_GET_VARS['export_pack'] == "send" )
{
$sql = "SELECT *
FROM " . SMILIES_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not get smiley list", "", __LINE__, __FILE__, $sql);
}
$resultset = $db->sql_fetchrowset($result);
$smile_pak = "";
for($i = 0; $i < count($resultset); $i++ )
{
$smile_pak .= $resultset[$i]['smile_url'] . $delimeter;
$smile_pak .= $resultset[$i]['emoticon'] . $delimeter;
$smile_pak .= $resultset[$i]['code'] . "\n";
}
header("Content-Type: text/x-delimtext; name=\"smiles.pak\"");
header("Content-disposition: attachment; filename=smiles.pak");
echo $smile_pak;
exit;
}
$message = sprintf($lang['export_smiles'], "<a href=\"" . append_sid("admin_smilies.$phpEx?export_pack=send", true) . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else if( isset($HTTP_POST_VARS['add']) || isset($HTTP_GET_VARS['add']) )
{
//
// Admin has selected to add a smiley.
//
$template->set_filenames(array(
"body" => "admin/smile_edit_body.tpl")
);
$filename_list = "";
for( $i = 0; $i < count($smiley_images); $i++ )
{
$filename_list .= '<option value="' . $smiley_images[$i] . '">' . $smiley_images[$i] . '</option>';
}
$s_hidden_fields = '<input type="hidden" name="mode" value="savenew" />';
$template->assign_vars(array(
"L_SMILEY_TITLE" => $lang['smiley_title'],
"L_SMILEY_CONFIG" => $lang['smiley_config'],
"L_SMILEY_EXPLAIN" => $lang['smile_desc'],
"L_SMILEY_CODE" => $lang['smiley_code'],
"L_SMILEY_URL" => $lang['smiley_url'],
"L_SMILEY_EMOTION" => $lang['smiley_emot'],
"L_SUBMIT" => $lang['Submit'],
"L_RESET" => $lang['Reset'],
"SMILEY_IMG" => $phpbb_root_path . $board_config['smilies_path'] . '/' . $smiley_images[0],
"S_SMILEY_ACTION" => append_sid("admin_smilies.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields,
"S_FILENAME_OPTIONS" => $filename_list,
"S_SMILEY_BASEDIR" => $phpbb_root_path . $board_config['smilies_path'])
);
$template->pparse("body");
}
else if ( $mode != "" )
{
switch( $mode )
{
case 'delete':
//
// Admin has selected to delete a smiley.
//
$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
$smiley_id = intval($smiley_id);
$confirm = isset($HTTP_POST_VARS['confirm']);
if( $confirm )
{
$sql = "DELETE FROM " . SMILIES_TABLE . "
WHERE smilies_id = " . $smiley_id;
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql);
}
$message = $lang['smiley_del_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else
{
// Present the confirmation screen to the user
$template->set_filenames(array(
'body' => 'admin/confirm_body.tpl')
);
$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $smiley_id . '" />';
$template->assign_vars(array(
'MESSAGE_TITLE' => $lang['Confirm'],
'MESSAGE_TEXT' => $lang['Confirm_delete_smiley'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("admin_smilies.$phpEx"),
'S_HIDDEN_FIELDS' => $hidden_fields)
);
$template->pparse('body');
}
break;
case 'edit':
//
// Admin has selected to edit a smiley.
//
$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
$smiley_id = intval($smiley_id);
$sql = "SELECT *
FROM " . SMILIES_TABLE . "
WHERE smilies_id = " . $smiley_id;
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, 'Could not obtain emoticon information', "", __LINE__, __FILE__, $sql);
}
$smile_data = $db->sql_fetchrow($result);
$filename_list = "";
for( $i = 0; $i < count($smiley_images); $i++ )
{
if( $smiley_images[$i] == $smile_data['smile_url'] )
{
$smiley_selected = "selected=\"selected\"";
$smiley_edit_img = $smiley_images[$i];
}
else
{
$smiley_selected = "";
}
$filename_list .= '<option value="' . $smiley_images[$i] . '"' . $smiley_selected . '>' . $smiley_images[$i] . '</option>';
}
$template->set_filenames(array(
"body" => "admin/smile_edit_body.tpl")
);
$s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="smile_id" value="' . $smile_data['smilies_id'] . '" />';
$template->assign_vars(array(
"SMILEY_CODE" => $smile_data['code'],
"SMILEY_EMOTICON" => $smile_data['emoticon'],
"L_SMILEY_TITLE" => $lang['smiley_title'],
"L_SMILEY_CONFIG" => $lang['smiley_config'],
"L_SMILEY_EXPLAIN" => $lang['smile_desc'],
"L_SMILEY_CODE" => $lang['smiley_code'],
"L_SMILEY_URL" => $lang['smiley_url'],
"L_SMILEY_EMOTION" => $lang['smiley_emot'],
"L_SUBMIT" => $lang['Submit'],
"L_RESET" => $lang['Reset'],
"SMILEY_IMG" => $phpbb_root_path . $board_config['smilies_path'] . '/' . $smiley_edit_img,
"S_SMILEY_ACTION" => append_sid("admin_smilies.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields,
"S_FILENAME_OPTIONS" => $filename_list,
"S_SMILEY_BASEDIR" => $phpbb_root_path . $board_config['smilies_path'])
);
$template->pparse("body");
break;
case "save":
//
// Admin has submitted changes while editing a smiley.
//
//
// Get the submitted data, being careful to ensure that we only
// accept the data we are looking for.
//
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? trim($HTTP_POST_VARS['smile_code']) : '';
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : '';
$smile_url = phpbb_ltrim(basename($smile_url), "'");
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : '';
$smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : 0;
$smile_code = trim($smile_code);
$smile_url = trim($smile_url);
// If no code was entered complain ...
if ($smile_code == '' || $smile_url == '')
{
message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
}
//
// Convert < and > to proper htmlentities for parsing.
//
$smile_code = str_replace('<', '&lt;', $smile_code);
$smile_code = str_replace('>', '&gt;', $smile_code);
//
// Proceed with updating the smiley table.
//
$sql = "UPDATE " . SMILIES_TABLE . "
SET code = '" . str_replace("\'", "''", $smile_code) . "', smile_url = '" . str_replace("\'", "''", $smile_url) . "', emoticon = '" . str_replace("\'", "''", $smile_emotion) . "'
WHERE smilies_id = $smile_id";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't update smilies info", "", __LINE__, __FILE__, $sql);
}
$message = $lang['smiley_edit_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
break;
case "savenew":
//
// Admin has submitted changes while adding a new smiley.
//
//
// Get the submitted data being careful to ensure the the data
// we recieve and process is only the data we are looking for.
//
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : '';
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : '';
$smile_url = phpbb_ltrim(basename($smile_url), "'");
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : '';
$smile_code = trim($smile_code);
$smile_url = trim($smile_url);
// If no code was entered complain ...
if ($smile_code == '' || $smile_url == '')
{
message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
}
//
// Convert < and > to proper htmlentities for parsing.
//
$smile_code = str_replace('<', '&lt;', $smile_code);
$smile_code = str_replace('>', '&gt;', $smile_code);
//
// Save the data to the smiley table.
//
$sql = "INSERT INTO " . SMILIES_TABLE . " (code, smile_url, emoticon)
VALUES ('" . str_replace("\'", "''", $smile_code) . "', '" . str_replace("\'", "''", $smile_url) . "', '" . str_replace("\'", "''", $smile_emotion) . "')";
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, "Couldn't insert new smiley", "", __LINE__, __FILE__, $sql);
}
$message = $lang['smiley_add_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
break;
}
}
else
{
//
// This is the main display of the page before the admin has selected
// any options.
//
$sql = "SELECT *
FROM " . SMILIES_TABLE;
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, "Couldn't obtain smileys from database", "", __LINE__, __FILE__, $sql);
}
$smilies = $db->sql_fetchrowset($result);
$template->set_filenames(array(
"body" => "admin/smile_list_body.tpl")
);
$template->assign_vars(array(
"L_ACTION" => $lang['Action'],
"L_SMILEY_TITLE" => $lang['smiley_title'],
"L_SMILEY_TEXT" => $lang['smile_desc'],
"L_DELETE" => $lang['Delete'],
"L_EDIT" => $lang['Edit'],
"L_SMILEY_ADD" => $lang['smile_add'],
"L_CODE" => $lang['Code'],
"L_EMOT" => $lang['Emotion'],
"L_SMILE" => $lang['Smile'],
"L_IMPORT_PACK" => $lang['import_smile_pack'],
"L_EXPORT_PACK" => $lang['export_smile_pack'],
"S_HIDDEN_FIELDS" => $s_hidden_fields,
"S_SMILEY_ACTION" => append_sid("admin_smilies.$phpEx"))
);
//
// Loop throuh the rows of smilies setting block vars for the template.
//
for($i = 0; $i < count($smilies); $i++)
{
//
// Replace htmlentites for < and > with actual character.
//
$smilies[$i]['code'] = str_replace('&lt;', '<', $smilies[$i]['code']);
$smilies[$i]['code'] = str_replace('&gt;', '>', $smilies[$i]['code']);
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars("smiles", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"SMILEY_IMG" => $phpbb_root_path . $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'],
"CODE" => $smilies[$i]['code'],
"EMOT" => $smilies[$i]['emoticon'],
"U_SMILEY_EDIT" => append_sid("admin_smilies.$phpEx?mode=edit&amp;id=" . $smilies[$i]['smilies_id']),
"U_SMILEY_DELETE" => append_sid("admin_smilies.$phpEx?mode=delete&amp;id=" . $smilies[$i]['smilies_id']))
);
}
//
// Spit out the page.
//
$template->pparse("body");
}
//
// Page Footer
//
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_styles.php
0,0 → 1,941
<?php
/***************************************************************************
* admin_styles.php
* -------------------
* begin : Thursday, Jul 12, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_styles.php,v 1.27.2.17 2006/04/20 13:34:15 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$file = basename(__FILE__);
$module['Styles']['Add_new'] = "$file?mode=addnew";
$module['Styles']['Create_new'] = "$file?mode=create";
$module['Styles']['Manage'] = $file;
$module['Styles']['Export'] = "$file?mode=export";
return;
}
//
// Load default header
//
//
// Check if the user has cancled a confirmation message.
//
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
$no_page_header = (!empty($HTTP_POST_VARS['send_file']) || $cancel) ? TRUE : FALSE;
require('./pagestart.' . $phpEx);
$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
if ($cancel)
{
redirect('admin/' . append_sid("admin_styles.$phpEx", true));
}
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
$mode = "";
}
switch( $mode )
{
case "addnew":
$install_to = ( isset($HTTP_GET_VARS['install_to']) ) ? urldecode($HTTP_GET_VARS['install_to']) : $HTTP_POST_VARS['install_to'];
$style_name = ( isset($HTTP_GET_VARS['style']) ) ? urldecode($HTTP_GET_VARS['style']) : $HTTP_POST_VARS['style'];
if( isset($install_to) )
{
include($phpbb_root_path. "templates/" . basename($install_to) . "/theme_info.cfg");
$template_name = $$install_to;
$found = FALSE;
for($i = 0; $i < count($template_name) && !$found; $i++)
{
if( $template_name[$i]['style_name'] == $style_name )
{
while(list($key, $val) = each($template_name[$i]))
{
$db_fields[] = $key;
$db_values[] = str_replace("\'", "''" , $val);
}
}
}
$sql = "INSERT INTO " . THEMES_TABLE . " (";
for($i = 0; $i < count($db_fields); $i++)
{
$sql .= $db_fields[$i];
if($i != (count($db_fields) - 1))
{
$sql .= ", ";
}
}
$sql .= ") VALUES (";
for($i = 0; $i < count($db_values); $i++)
{
$sql .= "'" . $db_values[$i] . "'";
if($i != (count($db_values) - 1))
{
$sql .= ", ";
}
}
$sql .= ")";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not insert theme data!", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Theme_installed'] . "<br /><br />" . sprintf($lang['Click_return_styleadmin'], "<a href=\"" . append_sid("admin_styles.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else
{
$installable_themes = array();
if( $dir = @opendir($phpbb_root_path. "templates/") )
{
while( $sub_dir = @readdir($dir) )
{
if( !is_file(phpbb_realpath($phpbb_root_path . 'templates/' .$sub_dir)) && !is_link(phpbb_realpath($phpbb_root_path . 'templates/' .$sub_dir)) && $sub_dir != "." && $sub_dir != ".." && $sub_dir != "CVS" )
{
if( @file_exists(@phpbb_realpath($phpbb_root_path. "templates/" . $sub_dir . "/theme_info.cfg")) )
{
include($phpbb_root_path. "templates/" . $sub_dir . "/theme_info.cfg");
for($i = 0; $i < count($$sub_dir); $i++)
{
$working_data = $$sub_dir;
$style_name = $working_data[$i]['style_name'];
$sql = "SELECT themes_id
FROM " . THEMES_TABLE . "
WHERE style_name = '" . str_replace("\'", "''", $style_name) . "'";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not query themes table!", "", __LINE__, __FILE__, $sql);
}
if(!$db->sql_numrows($result))
{
$installable_themes[] = $working_data[$i];
}
}
}
}
}
$template->set_filenames(array(
"body" => "admin/styles_addnew_body.tpl")
);
$template->assign_vars(array(
"L_STYLES_TITLE" => $lang['Styles_admin'],
"L_STYLES_ADD_TEXT" => $lang['Styles_addnew_explain'],
"L_STYLE" => $lang['Style'],
"L_TEMPLATE" => $lang['Template'],
"L_INSTALL" => $lang['Install'],
"L_ACTION" => $lang['Action'])
);
for($i = 0; $i < count($installable_themes); $i++)
{
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars("styles", array(
"ROW_CLASS" => $row_class,
"ROW_COLOR" => "#" . $row_color,
"STYLE_NAME" => $installable_themes[$i]['style_name'],
"TEMPLATE_NAME" => $installable_themes[$i]['template_name'],
"U_STYLES_INSTALL" => append_sid("admin_styles.$phpEx?mode=addnew&amp;style=" . urlencode($installable_themes[$i]['style_name']) . "&amp;install_to=" . urlencode($installable_themes[$i]['template_name'])))
);
}
$template->pparse("body");
}
closedir($dir);
}
break;
case "create":
case "edit":
$submit = ( isset($HTTP_POST_VARS['submit']) ) ? TRUE : 0;
if( $submit )
{
//
// DAMN! Thats alot of data to validate...
//
$updated['style_name'] = $HTTP_POST_VARS['style_name'];
$updated['template_name'] = $HTTP_POST_VARS['template_name'];
$updated['head_stylesheet'] = $HTTP_POST_VARS['head_stylesheet'];
$updated['body_background'] = $HTTP_POST_VARS['body_background'];
$updated['body_bgcolor'] = $HTTP_POST_VARS['body_bgcolor'];
$updated['body_text'] = $HTTP_POST_VARS['body_text'];
$updated['body_link'] = $HTTP_POST_VARS['body_link'];
$updated['body_vlink'] = $HTTP_POST_VARS['body_vlink'];
$updated['body_alink'] = $HTTP_POST_VARS['body_alink'];
$updated['body_hlink'] = $HTTP_POST_VARS['body_hlink'];
$updated['tr_color1'] = $HTTP_POST_VARS['tr_color1'];
$updated_name['tr_color1_name'] = $HTTP_POST_VARS['tr_color1_name'];
$updated['tr_color2'] = $HTTP_POST_VARS['tr_color2'];
$updated_name['tr_color2_name'] = $HTTP_POST_VARS['tr_color2_name'];
$updated['tr_color3'] = $HTTP_POST_VARS['tr_color3'];
$updated_name['tr_color3_name'] = $HTTP_POST_VARS['tr_color3_name'];
$updated['tr_class1'] = $HTTP_POST_VARS['tr_class1'];
$updated_name['tr_class1_name'] = $HTTP_POST_VARS['tr_class1_name'];
$updated['tr_class2'] = $HTTP_POST_VARS['tr_class2'];
$updated_name['tr_class2_name'] = $HTTP_POST_VARS['tr_class2_name'];
$updated['tr_class3'] = $HTTP_POST_VARS['tr_class3'];
$updated_name['tr_class3_name'] = $HTTP_POST_VARS['tr_class3_name'];
$updated['th_color1'] = $HTTP_POST_VARS['th_color1'];
$updated_name['th_color1_name'] = $HTTP_POST_VARS['th_color1_name'];
$updated['th_color2'] = $HTTP_POST_VARS['th_color2'];
$updated_name['th_color2_name'] = $HTTP_POST_VARS['th_color2_name'];
$updated['th_color3'] = $HTTP_POST_VARS['th_color3'];
$updated_name['th_color3_name'] = $HTTP_POST_VARS['th_color3_name'];
$updated['th_class1'] = $HTTP_POST_VARS['th_class1'];
$updated_name['th_class1_name'] = $HTTP_POST_VARS['th_class1_name'];
$updated['th_class2'] = $HTTP_POST_VARS['th_class2'];
$updated_name['th_class2_name'] = $HTTP_POST_VARS['th_class2_name'];
$updated['th_class3'] = $HTTP_POST_VARS['th_class3'];
$updated_name['th_class3_name'] = $HTTP_POST_VARS['th_class3_name'];
$updated['td_color1'] = $HTTP_POST_VARS['td_color1'];
$updated_name['td_color1_name'] = $HTTP_POST_VARS['td_color1_name'];
$updated['td_color2'] = $HTTP_POST_VARS['td_color2'];
$updated_name['td_color2_name'] = $HTTP_POST_VARS['td_color2_name'];
$updated['td_color3'] = $HTTP_POST_VARS['td_color3'];
$updated_name['td_color3_name'] = $HTTP_POST_VARS['td_color3_name'];
$updated['td_class1'] = $HTTP_POST_VARS['td_class1'];
$updated_name['td_class1_name'] = $HTTP_POST_VARS['td_class1_name'];
$updated['td_class2'] = $HTTP_POST_VARS['td_class2'];
$updated_name['td_class2_name'] = $HTTP_POST_VARS['td_class2_name'];
$updated['td_class3'] = $HTTP_POST_VARS['td_class3'];
$updated_name['td_class3_name'] = $HTTP_POST_VARS['td_class3_name'];
$updated['fontface1'] = $HTTP_POST_VARS['fontface1'];
$updated_name['fontface1_name'] = $HTTP_POST_VARS['fontface1_name'];
$updated['fontface2'] = $HTTP_POST_VARS['fontface2'];
$updated_name['fontface2_name'] = $HTTP_POST_VARS['fontface2_name'];
$updated['fontface3'] = $HTTP_POST_VARS['fontface3'];
$updated_name['fontface3_name'] = $HTTP_POST_VARS['fontface3_name'];
$updated['fontsize1'] = intval($HTTP_POST_VARS['fontsize1']);
$updated_name['fontsize1_name'] = $HTTP_POST_VARS['fontsize1_name'];
$updated['fontsize2'] = intval($HTTP_POST_VARS['fontsize2']);
$updated_name['fontsize2_name'] = $HTTP_POST_VARS['fontsize2_name'];
$updated['fontsize3'] = intval($HTTP_POST_VARS['fontsize3']);
$updated_name['fontsize3_name'] = $HTTP_POST_VARS['fontsize3_name'];
$updated['fontcolor1'] = $HTTP_POST_VARS['fontcolor1'];
$updated_name['fontcolor1_name'] = $HTTP_POST_VARS['fontcolor1_name'];
$updated['fontcolor2'] = $HTTP_POST_VARS['fontcolor2'];
$updated_name['fontcolor2_name'] = $HTTP_POST_VARS['fontcolor2_name'];
$updated['fontcolor3'] = $HTTP_POST_VARS['fontcolor3'];
$updated_name['fontcolor3_name'] = $HTTP_POST_VARS['fontcolor3_name'];
$updated['span_class1'] = $HTTP_POST_VARS['span_class1'];
$updated_name['span_class1_name'] = $HTTP_POST_VARS['span_class1_name'];
$updated['span_class2'] = $HTTP_POST_VARS['span_class2'];
$updated_name['span_class2_name'] = $HTTP_POST_VARS['span_class2_name'];
$updated['span_class3'] = $HTTP_POST_VARS['span_class3'];
$updated_name['span_class3_name'] = $HTTP_POST_VARS['span_class3_name'];
$style_id = intval($HTTP_POST_VARS['style_id']);
//
// Wheeeew! Thank heavens for copy and paste and search and replace :D
//
if($mode == "edit")
{
$sql = "UPDATE " . THEMES_TABLE . " SET ";
$count = 0;
while(list($key, $val) = each($updated))
{
if($count != 0)
{
$sql .= ", ";
}
//
// I don't like this but it'll keep MSSQL from throwing
// an error and save me alot of typing
//
$sql .= ( stristr($key, "fontsize") ) ? "$key = $val" : "$key = '" . str_replace("\'", "''", $val) . "'";
$count++;
}
$sql .= " WHERE themes_id = $style_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not update themes table!", "", __LINE__, __FILE__, $sql);
}
//
// Check if there's a names table entry for this style
//
$sql = "SELECT themes_id
FROM " . THEMES_NAME_TABLE . "
WHERE themes_id = $style_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get data from themes_name table", "", __LINE__, __FILE__, $sql);
}
if($db->sql_numrows($result) > 0)
{
$sql = "UPDATE " . THEMES_NAME_TABLE . "
SET ";
$count = 0;
while(list($key, $val) = each($updated_name))
{
if($count != 0)
{
$sql .= ", ";
}
$sql .= "$key = '$val'";
$count++;
}
$sql .= " WHERE themes_id = $style_id";
}
else
{
//
// Nope, no names entry so we create a new one.
//
$sql = "INSERT INTO " . THEMES_NAME_TABLE . " (themes_id, ";
while(list($key, $val) = each($updated_name))
{
$fields[] = $key;
$vals[] = str_replace("\'", "''", $val);
}
for($i = 0; $i < count($fields); $i++)
{
if($i > 0)
{
$sql .= ", ";
}
$sql .= $fields[$i];
}
$sql .= ") VALUES ($style_id, ";
for($i = 0; $i < count($vals); $i++)
{
if($i > 0)
{
$sql .= ", ";
}
$sql .= "'" . $vals[$i] . "'";
}
$sql .= ")";
}
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not update themes name table!", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Theme_updated'] . "<br /><br />" . sprintf($lang['Click_return_styleadmin'], "<a href=\"" . append_sid("admin_styles.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else
{
//
// First, check if we already have a style by this name
//
$sql = "SELECT themes_id
FROM " . THEMES_TABLE . "
WHERE style_name = '" . str_replace("\'", "''", $updated['style_name']) . "'";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not query themes table", "", __LINE__, __FILE__, $sql);
}
if($db->sql_numrows($result))
{
message_die(GENERAL_ERROR, $lang['Style_exists'], $lang['Error']);
}
while(list($key, $val) = each($updated))
{
$field_names[] = $key;
if(stristr($key, "fontsize"))
{
$values[] = "$val";
}
else
{
$values[] = "'" . str_replace("\'", "''", $val) . "'";
}
}
$sql = "INSERT
INTO " . THEMES_TABLE . " (";
for($i = 0; $i < count($field_names); $i++)
{
if($i != 0)
{
$sql .= ", ";
}
$sql .= $field_names[$i];
}
$sql .= ") VALUES (";
for($i = 0; $i < count($values); $i++)
{
if($i != 0)
{
$sql .= ", ";
}
$sql .= $values[$i];
}
$sql .= ")";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not update themes table!", "", __LINE__, __FILE__, $sql);
}
$style_id = $db->sql_nextid();
//
// Insert names data
//
$sql = "INSERT INTO " . THEMES_NAME_TABLE . " (themes_id, ";
while(list($key, $val) = each($updated_name))
{
$fields[] = $key;
$vals[] = $val;
}
for($i = 0; $i < count($fields); $i++)
{
if($i > 0)
{
$sql .= ", ";
}
$sql .= $fields[$i];
}
$sql .= ") VALUES ($style_id, ";
for($i = 0; $i < count($vals); $i++)
{
if($i > 0)
{
$sql .= ", ";
}
$sql .= "'" . $vals[$i] . "'";
}
$sql .= ")";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not insert themes name table!", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Theme_created'] . "<br /><br />" . sprintf($lang['Click_return_styleadmin'], "<a href=\"" . append_sid("admin_styles.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
}
else
{
if($mode == "edit")
{
$themes_title = $lang['Edit_theme'];
$themes_explain = $lang['Edit_theme_explain'];
$style_id = intval($HTTP_GET_VARS['style_id']);
$selected_names = array();
$selected_values = array();
//
// Fetch the Theme Info from the db
//
$sql = "SELECT *
FROM " . THEMES_TABLE . "
WHERE themes_id = $style_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get data from themes table", "", __LINE__, __FILE__, $sql);
}
if ( $selected_values = $db->sql_fetchrow($result) )
{
while(list($key, $val) = @each($selected_values))
{
$selected[$key] = $val;
}
}
//
// Fetch the Themes Name data
//
$sql = "SELECT *
FROM " . THEMES_NAME_TABLE . "
WHERE themes_id = $style_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get data from themes name table", "", __LINE__, __FILE__, $sql);
}
if ( $selected_names = $db->sql_fetchrow($result) )
{
while(list($key, $val) = @each($selected_names))
{
$selected[$key] = $val;
}
}
$s_hidden_fields = '<input type="hidden" name="style_id" value="' . $style_id . '" />';
}
else
{
$themes_title = $lang['Create_theme'];
$themes_explain = $lang['Create_theme_explain'];
}
$template->set_filenames(array(
"body" => "admin/styles_edit_body.tpl")
);
if( $dir = @opendir($phpbb_root_path . 'templates/') )
{
$s_template_select = '<select name="template_name">';
while( $file = @readdir($dir) )
{
if( !is_file(phpbb_realpath($phpbb_root_path . 'templates/' . $file)) && !is_link(phpbb_realpath($phpbb_root_path . 'templates/' . $file)) && $file != "." && $file != ".." && $file != "CVS" )
{
if($file == $selected['template_name'])
{
$s_template_select .= '<option value="' . $file . '" selected="selected">' . $file . "</option>\n";
}
else
{
$s_template_select .= '<option value="' . $file . '">' . $file . "</option>\n";
}
}
}
$s_template_select .= '</select>';
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_template_dir']);
}
$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
$template->assign_vars(array(
"L_THEMES_TITLE" => $themes_title,
"L_THEMES_EXPLAIN" => $themes_explain,
"L_THEME_NAME" => $lang['Theme_name'],
"L_TEMPLATE" => $lang['Template'],
"L_THEME_SETTINGS" => $lang['Theme_settings'],
"L_THEME_ELEMENT" => $lang['Theme_element'],
"L_SIMPLE_NAME" => $lang['Simple_name'],
"L_VALUE" => $lang['Value'],
"L_STYLESHEET" => $lang['Stylesheet'],
"L_STYLESHEET_EXPLAIN" => $lang['Stylesheet_explain'],
"L_BACKGROUND_IMAGE" => $lang['Background_image'],
"L_BACKGROUND_COLOR" => $lang['Background_color'],
"L_BODY_TEXT_COLOR" => $lang['Text_color'],
"L_BODY_LINK_COLOR" => $lang['Link_color'],
"L_BODY_VLINK_COLOR" => $lang['VLink_color'],
"L_BODY_ALINK_COLOR" => $lang['ALink_color'],
"L_BODY_HLINK_COLOR" => $lang['HLink_color'],
"L_TR_COLOR1" => $lang['Tr_color1'],
"L_TR_COLOR2" => $lang['Tr_color2'],
"L_TR_COLOR3" => $lang['Tr_color3'],
"L_TR_CLASS1" => $lang['Tr_class1'],
"L_TR_CLASS2" => $lang['Tr_class2'],
"L_TR_CLASS3" => $lang['Tr_class3'],
"L_TH_COLOR1" => $lang['Th_color1'],
"L_TH_COLOR2" => $lang['Th_color2'],
"L_TH_COLOR3" => $lang['Th_color3'],
"L_TH_CLASS1" => $lang['Th_class1'],
"L_TH_CLASS2" => $lang['Th_class2'],
"L_TH_CLASS3" => $lang['Th_class3'],
"L_TD_COLOR1" => $lang['Td_color1'],
"L_TD_COLOR2" => $lang['Td_color2'],
"L_TD_COLOR3" => $lang['Td_color3'],
"L_TD_CLASS1" => $lang['Td_class1'],
"L_TD_CLASS2" => $lang['Td_class2'],
"L_TD_CLASS3" => $lang['Td_class3'],
"L_FONTFACE_1" => $lang['fontface1'],
"L_FONTFACE_2" => $lang['fontface2'],
"L_FONTFACE_3" => $lang['fontface3'],
"L_FONTSIZE_1" => $lang['fontsize1'],
"L_FONTSIZE_2" => $lang['fontsize2'],
"L_FONTSIZE_3" => $lang['fontsize3'],
"L_FONTCOLOR_1" => $lang['fontcolor1'],
"L_FONTCOLOR_2" => $lang['fontcolor2'],
"L_FONTCOLOR_3" => $lang['fontcolor3'],
"L_SPAN_CLASS_1" => $lang['span_class1'],
"L_SPAN_CLASS_2" => $lang['span_class2'],
"L_SPAN_CLASS_3" => $lang['span_class3'],
"L_SAVE_SETTINGS" => $lang['Save_Settings'],
"THEME_NAME" => $selected['style_name'],
"HEAD_STYLESHEET" => $selected['head_stylesheet'],
"BODY_BACKGROUND" => $selected['body_background'],
"BODY_BGCOLOR" => $selected['body_bgcolor'],
"BODY_TEXT_COLOR" => $selected['body_text'],
"BODY_LINK_COLOR" => $selected['body_link'],
"BODY_VLINK_COLOR" => $selected['body_vlink'],
"BODY_ALINK_COLOR" => $selected['body_alink'],
"BODY_HLINK_COLOR" => $selected['body_hlink'],
"TR_COLOR1" => $selected['tr_color1'],
"TR_COLOR2" => $selected['tr_color2'],
"TR_COLOR3" => $selected['tr_color3'],
"TR_CLASS1" => $selected['tr_class1'],
"TR_CLASS2" => $selected['tr_class2'],
"TR_CLASS3" => $selected['tr_class3'],
"TH_COLOR1" => $selected['th_color1'],
"TH_COLOR2" => $selected['th_color2'],
"TH_COLOR3" => $selected['th_color3'],
"TH_CLASS1" => $selected['th_class1'],
"TH_CLASS2" => $selected['th_class2'],
"TH_CLASS3" => $selected['th_class3'],
"TD_COLOR1" => $selected['td_color1'],
"TD_COLOR2" => $selected['td_color2'],
"TD_COLOR3" => $selected['td_color3'],
"TD_CLASS1" => $selected['td_class1'],
"TD_CLASS2" => $selected['td_class2'],
"TD_CLASS3" => $selected['td_class3'],
"FONTFACE1" => $selected['fontface1'],
"FONTFACE2" => $selected['fontface2'],
"FONTFACE3" => $selected['fontface3'],
"FONTSIZE1" => $selected['fontsize1'],
"FONTSIZE2" => $selected['fontsize2'],
"FONTSIZE3" => $selected['fontsize3'],
"FONTCOLOR1" => $selected['fontcolor1'],
"FONTCOLOR2" => $selected['fontcolor2'],
"FONTCOLOR3" => $selected['fontcolor3'],
"SPAN_CLASS1" => $selected['span_class1'],
"SPAN_CLASS2" => $selected['span_class2'],
"SPAN_CLASS3" => $selected['span_class3'],
"TR_COLOR1_NAME" => $selected['tr_color1_name'],
"TR_COLOR2_NAME" => $selected['tr_color2_name'],
"TR_COLOR3_NAME" => $selected['tr_color3_name'],
"TR_CLASS1_NAME" => $selected['tr_class1_name'],
"TR_CLASS2_NAME" => $selected['tr_class2_name'],
"TR_CLASS3_NAME" => $selected['tr_class3_name'],
"TH_COLOR1_NAME" => $selected['th_color1_name'],
"TH_COLOR2_NAME" => $selected['th_color2_name'],
"TH_COLOR3_NAME" => $selected['th_color3_name'],
"TH_CLASS1_NAME" => $selected['th_class1_name'],
"TH_CLASS2_NAME" => $selected['th_class2_name'],
"TH_CLASS3_NAME" => $selected['th_class3_name'],
"TD_COLOR1_NAME" => $selected['td_color1_name'],
"TD_COLOR2_NAME" => $selected['td_color2_name'],
"TD_COLOR3_NAME" => $selected['td_color3_name'],
"TD_CLASS1_NAME" => $selected['td_class1_name'],
"TD_CLASS2_NAME" => $selected['td_class2_name'],
"TD_CLASS3_NAME" => $selected['td_class3_name'],
"FONTFACE1_NAME" => $selected['fontface1_name'],
"FONTFACE2_NAME" => $selected['fontface2_name'],
"FONTFACE3_NAME" => $selected['fontface3_name'],
"FONTSIZE1_NAME" => $selected['fontsize1_name'],
"FONTSIZE2_NAME" => $selected['fontsize2_name'],
"FONTSIZE3_NAME" => $selected['fontsize3_name'],
"FONTCOLOR1_NAME" => $selected['fontcolor1_name'],
"FONTCOLOR2_NAME" => $selected['fontcolor2_name'],
"FONTCOLOR3_NAME" => $selected['fontcolor3_name'],
"SPAN_CLASS1_NAME" => $selected['span_class1_name'],
"SPAN_CLASS2_NAME" => $selected['span_class2_name'],
"SPAN_CLASS3_NAME" => $selected['span_class3_name'],
"S_THEME_ACTION" => append_sid("admin_styles.$phpEx"),
"S_TEMPLATE_SELECT" => $s_template_select,
"S_HIDDEN_FIELDS" => $s_hidden_fields)
);
$template->pparse("body");
}
break;
case "export";
if($HTTP_POST_VARS['export_template'])
{
$template_name = $HTTP_POST_VARS['export_template'];
$sql = "SELECT *
FROM " . THEMES_TABLE . "
WHERE template_name = '" . str_replace("\'", "''", $template_name) . "'";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get theme data for selected template", "", __LINE__, __FILE__, $sql);
}
$theme_rowset = $db->sql_fetchrowset($result);
if( count($theme_rowset) == 0 )
{
message_die(GENERAL_MESSAGE, $lang['No_themes']);
}
$theme_data = '<?php'."\n\n";
$theme_data .= "//\n// phpBB 2.x auto-generated theme config file for $template_name\n// Do not change anything in this file!\n//\n\n";
for($i = 0; $i < count($theme_rowset); $i++)
{
while(list($key, $val) = each($theme_rowset[$i]))
{
if(!intval($key) && $key != "0" && $key != "themes_id")
{
$theme_data .= '$' . $template_name . "[$i]['$key'] = \"" . addslashes($val) . "\";\n";
}
}
$theme_data .= "\n";
}
$theme_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused!
@umask(0111);
$fp = @fopen($phpbb_root_path . 'templates/' . basename($template_name) . '/theme_info.cfg', 'w');
if( !$fp )
{
//
// Unable to open the file writeable do something here as an attempt
// to get around that...
//
$s_hidden_fields = '<input type="hidden" name="theme_info" value="' . htmlspecialchars($theme_data) . '" />';
$s_hidden_fields .= '<input type="hidden" name="send_file" value="1" /><input type="hidden" name="mode" value="export" />';
$download_form = '<form action="' . append_sid("admin_styles.$phpEx") . '" method="post"><input class="mainoption" type="submit" name="submit" value="' . $lang['Download'] . '" />' . $s_hidden_fields;
$template->set_filenames(array(
"body" => "message_body.tpl")
);
$template->assign_vars(array(
"MESSAGE_TITLE" => $lang['Export_themes'],
"MESSAGE_TEXT" => $lang['Download_theme_cfg'] . "<br /><br />" . $download_form)
);
$template->pparse('body');
exit();
}
$result = @fputs($fp, $theme_data, strlen($theme_data));
fclose($fp);
$message = $lang['Theme_info_saved'] . "<br /><br />" . sprintf($lang['Click_return_styleadmin'], "<a href=\"" . append_sid("admin_styles.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else if($HTTP_POST_VARS['send_file'])
{
header("Content-Type: text/x-delimtext; name=\"theme_info.cfg\"");
header("Content-disposition: attachment; filename=theme_info.cfg");
echo stripslashes($HTTP_POST_VARS['theme_info']);
}
else
{
$template->set_filenames(array(
"body" => "admin/styles_exporter.tpl")
);
if( $dir = @opendir($phpbb_root_path . 'templates/') )
{
$s_template_select = '<select name="export_template">';
while( $file = @readdir($dir) )
{
if( !is_file(phpbb_realpath($phpbb_root_path . 'templates/' . $file)) && !is_link(phpbb_realpath($phpbb_root_path . 'templates/' .$file)) && $file != "." && $file != ".." && $file != "CVS" )
{
$s_template_select .= '<option value="' . $file . '">' . $file . "</option>\n";
}
}
$s_template_select .= '</select>';
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_template_dir']);
}
$template->assign_vars(array(
"L_STYLE_EXPORTER" => $lang['Export_themes'],
"L_EXPORTER_EXPLAIN" => $lang['Export_explain'],
"L_TEMPLATE_SELECT" => $lang['Select_template'],
"L_SUBMIT" => $lang['Submit'],
"S_EXPORTER_ACTION" => append_sid("admin_styles.$phpEx?mode=export"),
"S_TEMPLATE_SELECT" => $s_template_select)
);
$template->pparse("body");
}
break;
case "delete":
$style_id = ( isset($HTTP_GET_VARS['style_id']) ) ? intval($HTTP_GET_VARS['style_id']) : intval($HTTP_POST_VARS['style_id']);
if( !$confirm )
{
if($style_id == $board_config['default_style'])
{
message_die(GENERAL_MESSAGE, $lang['Cannot_remove_style']);
}
$hidden_fields = '<input type="hidden" name="mode" value="'.$mode.'" /><input type="hidden" name="style_id" value="'.$style_id.'" />';
//
// Set template files
//
$template->set_filenames(array(
"confirm" => "admin/confirm_body.tpl")
);
$template->assign_vars(array(
"MESSAGE_TITLE" => $lang['Confirm'],
"MESSAGE_TEXT" => $lang['Confirm_delete_style'],
"L_YES" => $lang['Yes'],
"L_NO" => $lang['No'],
"S_CONFIRM_ACTION" => append_sid("admin_styles.$phpEx"),
"S_HIDDEN_FIELDS" => $hidden_fields)
);
$template->pparse("confirm");
}
else
{
//
// The user has confirmed the delete. Remove the style, the style element
// names and update any users who might be using this style
//
$sql = "DELETE FROM " . THEMES_TABLE . "
WHERE themes_id = $style_id";
if(!$result = $db->sql_query($sql, BEGIN_TRANSACTION))
{
message_die(GENERAL_ERROR, "Could not remove style data!", "", __LINE__, __FILE__, $sql);
}
//
// There may not be any theme name data so don't throw an error
// if the SQL dosan't work
//
$sql = "DELETE FROM " . THEMES_NAME_TABLE . "
WHERE themes_id = $style_id";
$db->sql_query($sql);
$sql = "UPDATE " . USERS_TABLE . "
SET user_style = " . $board_config['default_style'] . "
WHERE user_style = $style_id";
if(!$result = $db->sql_query($sql, END_TRANSACTION))
{
message_die(GENERAL_ERROR, "Could not update user style information", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Style_removed'] . "<br /><br />" . sprintf($lang['Click_return_styleadmin'], "<a href=\"" . append_sid("admin_styles.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
break;
default:
$sql = "SELECT themes_id, template_name, style_name
FROM " . THEMES_TABLE . "
ORDER BY template_name";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get style information!", "", __LINE__, __FILE__, $sql);
}
$style_rowset = $db->sql_fetchrowset($result);
$template->set_filenames(array(
"body" => "admin/styles_list_body.tpl")
);
$template->assign_vars(array(
"L_STYLES_TITLE" => $lang['Styles_admin'],
"L_STYLES_TEXT" => $lang['Styles_explain'],
"L_STYLE" => $lang['Style'],
"L_TEMPLATE" => $lang['Template'],
"L_EDIT" => $lang['Edit'],
"L_DELETE" => $lang['Delete'])
);
for($i = 0; $i < count($style_rowset); $i++)
{
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars("styles", array(
"ROW_CLASS" => $row_class,
"ROW_COLOR" => $row_color,
"STYLE_NAME" => $style_rowset[$i]['style_name'],
"TEMPLATE_NAME" => $style_rowset[$i]['template_name'],
"U_STYLES_EDIT" => append_sid("admin_styles.$phpEx?mode=edit&amp;style_id=" . $style_rowset[$i]['themes_id']),
"U_STYLES_DELETE" => append_sid("admin_styles.$phpEx?mode=delete&amp;style_id=" . $style_rowset[$i]['themes_id']))
);
}
$template->pparse("body");
break;
}
if (empty($HTTP_POST_VARS['send_file']))
{
include('./page_footer_admin.'.$phpEx);
}
?>

/Forum/admin/admin_ug_auth.php
0,0 → 1,999
<?php
/***************************************************************************
* admin_ug_auth.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_ug_auth.php,v 1.13.2.10 2005/09/14 18:14:29 acydburn Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Users']['Permissions'] = $filename . "?mode=user";
$module['Groups']['Permissions'] = $filename . "?mode=group";
return;
}
//
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
$params = array('mode' => 'mode', 'user_id' => POST_USERS_URL, 'group_id' => POST_GROUPS_URL, 'adv' => 'adv');
while( list($var, $param) = @each($params) )
{
if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
{
$$var = ( !empty($HTTP_POST_VARS[$param]) ) ? $HTTP_POST_VARS[$param] : $HTTP_GET_VARS[$param];
}
else
{
$$var = "";
}
}
$user_id = intval($user_id);
$group_id = intval($group_id);
$adv = intval($adv);
$mode = htmlspecialchars($mode);
//
// Start program - define vars
//
$forum_auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate');
$auth_field_match = array(
'auth_view' => AUTH_VIEW,
'auth_read' => AUTH_READ,
'auth_post' => AUTH_POST,
'auth_reply' => AUTH_REPLY,
'auth_edit' => AUTH_EDIT,
'auth_delete' => AUTH_DELETE,
'auth_sticky' => AUTH_STICKY,
'auth_announce' => AUTH_ANNOUNCE,
'auth_vote' => AUTH_VOTE,
'auth_pollcreate' => AUTH_POLLCREATE);
$field_names = array(
'auth_view' => $lang['View'],
'auth_read' => $lang['Read'],
'auth_post' => $lang['Post'],
'auth_reply' => $lang['Reply'],
'auth_edit' => $lang['Edit'],
'auth_delete' => $lang['Delete'],
'auth_sticky' => $lang['Sticky'],
'auth_announce' => $lang['Announce'],
'auth_vote' => $lang['Vote'],
'auth_pollcreate' => $lang['Pollcreate']);
// ---------------
// Start Functions
//
function check_auth($type, $key, $u_access, $is_admin)
{
$auth_user = 0;
if( count($u_access) )
{
for($j = 0; $j < count($u_access); $j++)
{
$result = 0;
switch($type)
{
case AUTH_ACL:
$result = $u_access[$j][$key];
case AUTH_MOD:
$result = $result || $u_access[$j]['auth_mod'];
case AUTH_ADMIN:
$result = $result || $is_admin;
break;
}
$auth_user = $auth_user || $result;
}
}
else
{
$auth_user = $is_admin;
}
return $auth_user;
}
//
// End Functions
// -------------
if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || ( $mode == 'group' && $group_id ) ) )
{
$user_level = '';
if ( $mode == 'user' )
{
//
// Get group_id for this user_id
//
$sql = "SELECT g.group_id, u.user_level
FROM " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u, " . GROUPS_TABLE . " g
WHERE u.user_id = $user_id
AND ug.user_id = u.user_id
AND g.group_id = ug.group_id
AND g.group_single_user = " . TRUE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select info from user/user_group table', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$group_id = $row['group_id'];
$user_level = $row['user_level'];
$db->sql_freeresult($result);
}
//
// Carry out requests
//
if ( $mode == 'user' && $HTTP_POST_VARS['userlevel'] == 'admin' && $user_level != ADMIN )
{
//
// Make user an admin (if already user)
//
if ( $userdata['user_id'] != $user_id )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . ADMIN . "
WHERE user_id = $user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = $group_id
AND auth_mod = 0";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't delete auth access info", "", __LINE__, __FILE__, $sql);
}
//
// Delete any entries in auth_access, they are not required if user is becoming an
// admin
//
$sql = "UPDATE " . AUTH_ACCESS_TABLE . "
SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_sticky = 0, auth_announce = 0
WHERE group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't update auth access", "", __LINE__, __FILE__, $sql);
}
}
$message = $lang['Auth_updated'] . '<br /><br />' . sprintf($lang['Click_return_userauth'], '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$mode") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
else
{
if ( $mode == 'user' && $HTTP_POST_VARS['userlevel'] == 'user' && $user_level == ADMIN )
{
//
// Make admin a user (if already admin) ... ignore if you're trying
// to change yourself from an admin to user!
//
if ( $userdata['user_id'] != $user_id )
{
$sql = "UPDATE " . AUTH_ACCESS_TABLE . "
SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_sticky = 0, auth_announce = 0
WHERE group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update auth access', '', __LINE__, __FILE__, $sql);
}
//
// Update users level, reset to USER
//
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
WHERE user_id = $user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
}
}
$message = $lang['Auth_updated'] . '<br /><br />' . sprintf($lang['Click_return_userauth'], '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$mode") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
}
else
{
$change_mod_list = ( isset($HTTP_POST_VARS['moderator']) ) ? $HTTP_POST_VARS['moderator'] : false;
if ( empty($adv) )
{
$change_acl_list = ( isset($HTTP_POST_VARS['private']) ) ? $HTTP_POST_VARS['private'] : false;
}
else
{
$change_acl_list = array();
for($j = 0; $j < count($forum_auth_fields); $j++)
{
$auth_field = $forum_auth_fields[$j];
while( list($forum_id, $value) = @each($HTTP_POST_VARS['private_' . $auth_field]) )
{
$change_acl_list[$forum_id][$auth_field] = $value;
}
}
}
$sql = 'SELECT f.*
FROM ' . FORUMS_TABLE . ' f, ' . CATEGORIES_TABLE . ' c
WHERE f.cat_id = c.cat_id
ORDER BY c.cat_order, f.forum_order';
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
}
$forum_access = array();
while( $row = $db->sql_fetchrow($result) )
{
$forum_access[] = $row;
}
$db->sql_freeresult($result);
$sql = ( $mode == 'user' ) ? "SELECT aa.* FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g WHERE ug.user_id = $user_id AND g.group_id = ug.group_id AND aa.group_id = ug.group_id AND g.group_single_user = " . TRUE : "SELECT * FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain user/group permissions", "", __LINE__, __FILE__, $sql);
}
$auth_access = array();
while( $row = $db->sql_fetchrow($result) )
{
$auth_access[$row['forum_id']] = $row;
}
$db->sql_freeresult($result);
$forum_auth_action = array();
$update_acl_status = array();
$update_mod_status = array();
for($i = 0; $i < count($forum_access); $i++)
{
$forum_id = $forum_access[$i]['forum_id'];
if (
( isset($auth_access[$forum_id]['auth_mod']) && $change_mod_list[$forum_id]['auth_mod'] != $auth_access[$forum_id]['auth_mod'] ) ||
( !isset($auth_access[$forum_id]['auth_mod']) && !empty($change_mod_list[$forum_id]['auth_mod']) )
)
{
$update_mod_status[$forum_id] = $change_mod_list[$forum_id]['auth_mod'];
if ( !$update_mod_status[$forum_id] )
{
$forum_auth_action[$forum_id] = 'delete';
}
else if ( !isset($auth_access[$forum_id]['auth_mod']) )
{
$forum_auth_action[$forum_id] = 'insert';
}
else
{
$forum_auth_action[$forum_id] = 'update';
}
}
for($j = 0; $j < count($forum_auth_fields); $j++)
{
$auth_field = $forum_auth_fields[$j];
if( $forum_access[$i][$auth_field] == AUTH_ACL && isset($change_acl_list[$forum_id][$auth_field]) )
{
if ( ( empty($auth_access[$forum_id]['auth_mod']) &&
( isset($auth_access[$forum_id][$auth_field]) && $change_acl_list[$forum_id][$auth_field] != $auth_access[$forum_id][$auth_field] ) ||
( !isset($auth_access[$forum_id][$auth_field]) && !empty($change_acl_list[$forum_id][$auth_field]) ) ) ||
!empty($update_mod_status[$forum_id])
)
{
$update_acl_status[$forum_id][$auth_field] = ( !empty($update_mod_status[$forum_id]) ) ? 0 : $change_acl_list[$forum_id][$auth_field];
if ( isset($auth_access[$forum_id][$auth_field]) && empty($update_acl_status[$forum_id][$auth_field]) && $forum_auth_action[$forum_id] != 'insert' && $forum_auth_action[$forum_id] != 'update' )
{
$forum_auth_action[$forum_id] = 'delete';
}
else if ( !isset($auth_access[$forum_id][$auth_field]) && !( $forum_auth_action[$forum_id] == 'delete' && empty($update_acl_status[$forum_id][$auth_field]) ) )
{
$forum_auth_action[$forum_id] = 'insert';
}
else if ( isset($auth_access[$forum_id][$auth_field]) && !empty($update_acl_status[$forum_id][$auth_field]) )
{
$forum_auth_action[$forum_id] = 'update';
}
}
else if ( ( empty($auth_access[$forum_id]['auth_mod']) &&
( isset($auth_access[$forum_id][$auth_field]) && $change_acl_list[$forum_id][$auth_field] == $auth_access[$forum_id][$auth_field] ) ) && $forum_auth_action[$forum_id] == 'delete' )
{
$forum_auth_action[$forum_id] = 'update';
}
}
}
}
//
// Checks complete, make updates to DB
//
$delete_sql = '';
while( list($forum_id, $action) = @each($forum_auth_action) )
{
if ( $action == 'delete' )
{
$delete_sql .= ( ( $delete_sql != '' ) ? ', ' : '' ) . $forum_id;
}
else
{
if ( $action == 'insert' )
{
$sql_field = '';
$sql_value = '';
while ( list($auth_type, $value) = @each($update_acl_status[$forum_id]) )
{
$sql_field .= ( ( $sql_field != '' ) ? ', ' : '' ) . $auth_type;
$sql_value .= ( ( $sql_value != '' ) ? ', ' : '' ) . $value;
}
$sql_field .= ( ( $sql_field != '' ) ? ', ' : '' ) . 'auth_mod';
$sql_value .= ( ( $sql_value != '' ) ? ', ' : '' ) . ( ( !isset($update_mod_status[$forum_id]) ) ? 0 : $update_mod_status[$forum_id]);
$sql = "INSERT INTO " . AUTH_ACCESS_TABLE . " (forum_id, group_id, $sql_field)
VALUES ($forum_id, $group_id, $sql_value)";
}
else
{
$sql_values = '';
while ( list($auth_type, $value) = @each($update_acl_status[$forum_id]) )
{
$sql_values .= ( ( $sql_values != '' ) ? ', ' : '' ) . $auth_type . ' = ' . $value;
}
$sql_values .= ( ( $sql_values != '' ) ? ', ' : '' ) . 'auth_mod = ' . ( ( !isset($update_mod_status[$forum_id]) ) ? 0 : $update_mod_status[$forum_id]);
$sql = "UPDATE " . AUTH_ACCESS_TABLE . "
SET $sql_values
WHERE group_id = $group_id
AND forum_id = $forum_id";
}
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't update private forum permissions", "", __LINE__, __FILE__, $sql);
}
}
}
if ( $delete_sql != '' )
{
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = $group_id
AND forum_id IN ($delete_sql)";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't delete permission entries", "", __LINE__, __FILE__, $sql);
}
}
$l_auth_return = ( $mode == 'user' ) ? $lang['Click_return_userauth'] : $lang['Click_return_groupauth'];
$message = $lang['Auth_updated'] . '<br /><br />' . sprintf($l_auth_return, '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$mode") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
}
//
// Update user level to mod for appropriate users
//
$sql = "SELECT u.user_id
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
WHERE ug.group_id = aa.group_id
AND u.user_id = ug.user_id
AND ug.user_pending = 0
AND u.user_level NOT IN (" . MOD . ", " . ADMIN . ")
GROUP BY u.user_id
HAVING SUM(aa.auth_mod) > 0";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain user/group permissions", "", __LINE__, __FILE__, $sql);
}
$set_mod = '';
while( $row = $db->sql_fetchrow($result) )
{
$set_mod .= ( ( $set_mod != '' ) ? ', ' : '' ) . $row['user_id'];
}
$db->sql_freeresult($result);
//
// Update user level to user for appropriate users
//
switch ( SQL_LAYER )
{
case 'postgresql':
$sql = "SELECT u.user_id
FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug, " . AUTH_ACCESS_TABLE . " aa
WHERE ug.user_id = u.user_id
AND aa.group_id = ug.group_id
AND u.user_level NOT IN (" . USER . ", " . ADMIN . ")
GROUP BY u.user_id
HAVING SUM(aa.auth_mod) = 0
UNION (
SELECT u.user_id
FROM " . USERS_TABLE . " u
WHERE NOT EXISTS (
SELECT aa.auth_mod
FROM " . USER_GROUP_TABLE . " ug, " . AUTH_ACCESS_TABLE . " aa
WHERE ug.user_id = u.user_id
AND aa.group_id = ug.group_id
)
AND u.user_level NOT IN (" . USER . ", " . ADMIN . ")
GROUP BY u.user_id
)";
break;
case 'oracle':
$sql = "SELECT u.user_id
FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug, " . AUTH_ACCESS_TABLE . " aa
WHERE ug.user_id = u.user_id(+)
AND aa.group_id = ug.group_id(+)
AND u.user_level NOT IN (" . USER . ", " . ADMIN . ")
GROUP BY u.user_id
HAVING SUM(aa.auth_mod) = 0";
break;
default:
$sql = "SELECT u.user_id
FROM ( ( " . USERS_TABLE . " u
LEFT JOIN " . USER_GROUP_TABLE . " ug ON ug.user_id = u.user_id )
LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = ug.group_id )
WHERE u.user_level NOT IN (" . USER . ", " . ADMIN . ")
GROUP BY u.user_id
HAVING SUM(aa.auth_mod) = 0";
break;
}
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain user/group permissions", "", __LINE__, __FILE__, $sql);
}
$unset_mod = "";
while( $row = $db->sql_fetchrow($result) )
{
$unset_mod .= ( ( $unset_mod != '' ) ? ', ' : '' ) . $row['user_id'];
}
$db->sql_freeresult($result);
if ( $set_mod != '' )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . MOD . "
WHERE user_id IN ($set_mod)";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't update user level", "", __LINE__, __FILE__, $sql);
}
}
if ( $unset_mod != '' )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
WHERE user_id IN ($unset_mod)";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't update user level", "", __LINE__, __FILE__, $sql);
}
}
$sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
WHERE group_id = $group_id";
$result = $db->sql_query($sql);
$group_user = array();
while ($row = $db->sql_fetchrow($result))
{
$group_user[$row['user_id']] = $row['user_id'];
}
$db->sql_freeresult($result);
$sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
WHERE ug.user_id IN (" . implode(', ', $group_user) . ")
AND aa.group_id = ug.group_id
AND aa.auth_mod = 1
GROUP BY ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
while ($row = $db->sql_fetchrow($result))
{
if ($row['is_auth_mod'])
{
unset($group_user[$row['user_id']]);
}
}
$db->sql_freeresult($result);
if (sizeof($group_user))
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
WHERE user_id IN (" . implode(', ', $group_user) . ") AND user_level = " . MOD;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
}
}
message_die(GENERAL_MESSAGE, $message);
}
}
else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id ) ) || ( $mode == 'group' && $group_id ) )
{
if ( isset($HTTP_POST_VARS['username']) )
{
$this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
if ( !is_array($this_userdata) )
{
message_die(GENERAL_MESSAGE, $lang['No_such_user']);
}
$user_id = $this_userdata['user_id'];
}
//
// Front end
//
$sql = "SELECT f.*
FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
WHERE f.cat_id = c.cat_id
ORDER BY c.cat_order, f.forum_order ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
}
$forum_access = array();
while( $row = $db->sql_fetchrow($result) )
{
$forum_access[] = $row;
}
$db->sql_freeresult($result);
if( empty($adv) )
{
for($i = 0; $i < count($forum_access); $i++)
{
$forum_id = $forum_access[$i]['forum_id'];
$forum_auth_level[$forum_id] = AUTH_ALL;
for($j = 0; $j < count($forum_auth_fields); $j++)
{
$forum_access[$i][$forum_auth_fields[$j]] . ' :: ';
if ( $forum_access[$i][$forum_auth_fields[$j]] == AUTH_ACL )
{
$forum_auth_level[$forum_id] = AUTH_ACL;
$forum_auth_level_fields[$forum_id][] = $forum_auth_fields[$j];
}
}
}
}
$sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user, ug.user_pending FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
$sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain user/group information", "", __LINE__, __FILE__, $sql);
}
$ug_info = array();
while( $row = $db->sql_fetchrow($result) )
{
$ug_info[] = $row;
}
$db->sql_freeresult($result);
$sql = ( $mode == 'user' ) ? "SELECT aa.*, g.group_single_user FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g WHERE ug.user_id = $user_id AND g.group_id = ug.group_id AND aa.group_id = ug.group_id AND g.group_single_user = 1" : "SELECT * FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain user/group permissions", "", __LINE__, __FILE__, $sql);
}
$auth_access = array();
$auth_access_count = array();
while( $row = $db->sql_fetchrow($result) )
{
$auth_access[$row['forum_id']][] = $row;
$auth_access_count[$row['forum_id']]++;
}
$db->sql_freeresult($result);
$is_admin = ( $mode == 'user' ) ? ( ( $ug_info[0]['user_level'] == ADMIN && $ug_info[0]['user_id'] != ANONYMOUS ) ? 1 : 0 ) : 0;
for($i = 0; $i < count($forum_access); $i++)
{
$forum_id = $forum_access[$i]['forum_id'];
unset($prev_acl_setting);
for($j = 0; $j < count($forum_auth_fields); $j++)
{
$key = $forum_auth_fields[$j];
$value = $forum_access[$i][$key];
switch( $value )
{
case AUTH_ALL:
case AUTH_REG:
$auth_ug[$forum_id][$key] = 1;
break;
case AUTH_ACL:
$auth_ug[$forum_id][$key] = ( !empty($auth_access_count[$forum_id]) ) ? check_auth(AUTH_ACL, $key, $auth_access[$forum_id], $is_admin) : 0;
$auth_field_acl[$forum_id][$key] = $auth_ug[$forum_id][$key];
if ( isset($prev_acl_setting) )
{
if ( $prev_acl_setting != $auth_ug[$forum_id][$key] && empty($adv) )
{
$adv = 1;
}
}
$prev_acl_setting = $auth_ug[$forum_id][$key];
break;
case AUTH_MOD:
$auth_ug[$forum_id][$key] = ( !empty($auth_access_count[$forum_id]) ) ? check_auth(AUTH_MOD, $key, $auth_access[$forum_id], $is_admin) : 0;
break;
case AUTH_ADMIN:
$auth_ug[$forum_id][$key] = $is_admin;
break;
default:
$auth_ug[$forum_id][$key] = 0;
break;
}
}
//
// Is user a moderator?
//
$auth_ug[$forum_id]['auth_mod'] = ( !empty($auth_access_count[$forum_id]) ) ? check_auth(AUTH_MOD, 'auth_mod', $auth_access[$forum_id], 0) : 0;
}
$i = 0;
@reset($auth_ug);
while( list($forum_id, $user_ary) = @each($auth_ug) )
{
if ( empty($adv) )
{
if ( $forum_auth_level[$forum_id] == AUTH_ACL )
{
$allowed = 1;
for($j = 0; $j < count($forum_auth_level_fields[$forum_id]); $j++)
{
if ( !$auth_ug[$forum_id][$forum_auth_level_fields[$forum_id][$j]] )
{
$allowed = 0;
}
}
$optionlist_acl = '<select name="private[' . $forum_id . ']">';
if ( $is_admin || $user_ary['auth_mod'] )
{
$optionlist_acl .= '<option value="1">' . $lang['Allowed_Access'] . '</option>';
}
else if ( $allowed )
{
$optionlist_acl .= '<option value="1" selected="selected">' . $lang['Allowed_Access'] . '</option><option value="0">'. $lang['Disallowed_Access'] . '</option>';
}
else
{
$optionlist_acl .= '<option value="1">' . $lang['Allowed_Access'] . '</option><option value="0" selected="selected">' . $lang['Disallowed_Access'] . '</option>';
}
$optionlist_acl .= '</select>';
}
else
{
$optionlist_acl = '&nbsp;';
}
}
else
{
for($j = 0; $j < count($forum_access); $j++)
{
if ( $forum_access[$j]['forum_id'] == $forum_id )
{
for($k = 0; $k < count($forum_auth_fields); $k++)
{
$field_name = $forum_auth_fields[$k];
if( $forum_access[$j][$field_name] == AUTH_ACL )
{
$optionlist_acl_adv[$forum_id][$k] = '<select name="private_' . $field_name . '[' . $forum_id . ']">';
if( isset($auth_field_acl[$forum_id][$field_name]) && !($is_admin || $user_ary['auth_mod']) )
{
if( !$auth_field_acl[$forum_id][$field_name] )
{
$optionlist_acl_adv[$forum_id][$k] .= '<option value="1">' . $lang['ON'] . '</option><option value="0" selected="selected">' . $lang['OFF'] . '</option>';
}
else
{
$optionlist_acl_adv[$forum_id][$k] .= '<option value="1" selected="selected">' . $lang['ON'] . '</option><option value="0">' . $lang['OFF'] . '</option>';
}
}
else
{
if( $is_admin || $user_ary['auth_mod'] )
{
$optionlist_acl_adv[$forum_id][$k] .= '<option value="1">' . $lang['ON'] . '</option>';
}
else
{
$optionlist_acl_adv[$forum_id][$k] .= '<option value="1">' . $lang['ON'] . '</option><option value="0" selected="selected">' . $lang['OFF'] . '</option>';
}
}
$optionlist_acl_adv[$forum_id][$k] .= '</select>';
}
}
}
}
}
$optionlist_mod = '<select name="moderator[' . $forum_id . ']">';
$optionlist_mod .= ( $user_ary['auth_mod'] ) ? '<option value="1" selected="selected">' . $lang['Is_Moderator'] . '</option><option value="0">' . $lang['Not_Moderator'] . '</option>' : '<option value="1">' . $lang['Is_Moderator'] . '</option><option value="0" selected="selected">' . $lang['Not_Moderator'] . '</option>';
$optionlist_mod .= '</select>';
$row_class = ( !( $i % 2 ) ) ? 'row2' : 'row1';
$row_color = ( !( $i % 2 ) ) ? $theme['td_color1'] : $theme['td_color2'];
$template->assign_block_vars('forums', array(
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'FORUM_NAME' => $forum_access[$i]['forum_name'],
'U_FORUM_AUTH' => append_sid("admin_forumauth.$phpEx?f=" . $forum_access[$i]['forum_id']),
'S_MOD_SELECT' => $optionlist_mod)
);
if( !$adv )
{
$template->assign_block_vars('forums.aclvalues', array(
'S_ACL_SELECT' => $optionlist_acl)
);
}
else
{
for($j = 0; $j < count($forum_auth_fields); $j++)
{
$template->assign_block_vars('forums.aclvalues', array(
'S_ACL_SELECT' => $optionlist_acl_adv[$forum_id][$j])
);
}
}
$i++;
}
// @reset($auth_user);
if ( $mode == 'user' )
{
$t_username = $ug_info[0]['username'];
$s_user_type = ( $is_admin ) ? '<select name="userlevel"><option value="admin" selected="selected">' . $lang['Auth_Admin'] . '</option><option value="user">' . $lang['Auth_User'] . '</option></select>' : '<select name="userlevel"><option value="admin">' . $lang['Auth_Admin'] . '</option><option value="user" selected="selected">' . $lang['Auth_User'] . '</option></select>';
}
else
{
$t_groupname = $ug_info[0]['group_name'];
}
$name = array();
$id = array();
for($i = 0; $i < count($ug_info); $i++)
{
if( ( $mode == 'user' && !$ug_info[$i]['group_single_user'] ) || $mode == 'group' )
{
$name[] = ( $mode == 'user' ) ? $ug_info[$i]['group_name'] : $ug_info[$i]['username'];
$id[] = ( $mode == 'user' ) ? intval($ug_info[$i]['group_id']) : intval($ug_info[$i]['user_id']);
}
}
$t_usergroup_list = $t_pending_list = '';
if( count($name) )
{
for($i = 0; $i < count($ug_info); $i++)
{
$ug = ( $mode == 'user' ) ? 'group&amp;' . POST_GROUPS_URL : 'user&amp;' . POST_USERS_URL;
if (!$ug_info[$i]['user_pending'])
{
$t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$ug=" . $id[$i]) . '">' . $name[$i] . '</a>';
}
else
{
$t_pending_list .= ( ( $t_pending_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$ug=" . $id[$i]) . '">' . $name[$i] . '</a>';
}
}
}
$t_usergroup_list = ($t_usergroup_list == '') ? $lang['None'] : $t_usergroup_list;
$t_pending_list = ($t_pending_list == '') ? $lang['None'] : $t_pending_list;
$s_column_span = 2; // Two columns always present
if( !$adv )
{
$template->assign_block_vars('acltype', array(
'L_UG_ACL_TYPE' => $lang['Simple_Permission'])
);
$s_column_span++;
}
else
{
for($i = 0; $i < count($forum_auth_fields); $i++)
{
$cell_title = $field_names[$forum_auth_fields[$i]];
$template->assign_block_vars('acltype', array(
'L_UG_ACL_TYPE' => $cell_title)
);
$s_column_span++;
}
}
//
// Dump in the page header ...
//
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => 'admin/auth_ug_body.tpl')
);
$adv_switch = ( empty($adv) ) ? 1 : 0;
$u_ug_switch = ( $mode == 'user' ) ? POST_USERS_URL . "=" . $user_id : POST_GROUPS_URL . "=" . $group_id;
$switch_mode = append_sid("admin_ug_auth.$phpEx?mode=$mode&amp;" . $u_ug_switch . "&amp;adv=$adv_switch");
$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="adv" value="' . $adv . '" />';
$s_hidden_fields .= ( $mode == 'user' ) ? '<input type="hidden" name="' . POST_USERS_URL . '" value="' . $user_id . '" />' : '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
if ( $mode == 'user' )
{
$template->assign_block_vars('switch_user_auth', array());
$template->assign_vars(array(
'USERNAME' => $t_username,
'USER_LEVEL' => $lang['User_Level'] . " : " . $s_user_type,
'USER_GROUP_MEMBERSHIPS' => $lang['Group_memberships'] . ' : ' . $t_usergroup_list)
);
}
else
{
$template->assign_block_vars("switch_group_auth", array());
$template->assign_vars(array(
'USERNAME' => $t_groupname,
'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list . '<br />' . $lang['Pending_members'] . ' : ' . $t_pending_list)
);
}
$template->assign_vars(array(
'L_USER_OR_GROUPNAME' => ( $mode == 'user' ) ? $lang['Username'] : $lang['Group_name'],
'L_AUTH_TITLE' => ( $mode == 'user' ) ? $lang['Auth_Control_User'] : $lang['Auth_Control_Group'],
'L_AUTH_EXPLAIN' => ( $mode == 'user' ) ? $lang['User_auth_explain'] : $lang['Group_auth_explain'],
'L_MODERATOR_STATUS' => $lang['Moderator_status'],
'L_PERMISSIONS' => $lang['Permissions'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'L_FORUM' => $lang['Forum'],
'U_USER_OR_GROUP' => append_sid("admin_ug_auth.$phpEx"),
'U_SWITCH_MODE' => $u_switch_mode,
'S_COLUMN_SPAN' => $s_column_span,
'S_AUTH_ACTION' => append_sid("admin_ug_auth.$phpEx"),
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
}
else
{
//
// Select a user/group
//
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
'body' => ( $mode == 'user' ) ? 'admin/user_select_body.tpl' : 'admin/auth_select_body.tpl')
);
if ( $mode == 'user' )
{
$template->assign_vars(array(
'L_FIND_USERNAME' => $lang['Find_username'],
'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"))
);
}
else
{
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't get group list", "", __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$select_list = '<select name="' . POST_GROUPS_URL . '">';
do
{
$select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
}
while ( $row = $db->sql_fetchrow($result) );
$select_list .= '</select>';
}
$template->assign_vars(array(
'S_AUTH_SELECT' => $select_list)
);
}
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
$l_type = ( $mode == 'user' ) ? 'USER' : 'AUTH';
$template->assign_vars(array(
'L_' . $l_type . '_TITLE' => ( $mode == 'user' ) ? $lang['Auth_Control_User'] : $lang['Auth_Control_Group'],
'L_' . $l_type . '_EXPLAIN' => ( $mode == 'user' ) ? $lang['User_auth_explain'] : $lang['Group_auth_explain'],
'L_' . $l_type . '_SELECT' => ( $mode == 'user' ) ? $lang['Select_a_User'] : $lang['Select_a_Group'],
'L_LOOK_UP' => ( $mode == 'user' ) ? $lang['Look_up_User'] : $lang['Look_up_Group'],
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_' . $l_type . '_ACTION' => append_sid("admin_ug_auth.$phpEx"))
);
}
$template->pparse('body');
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_user_ban.php
0,0 → 1,452
<?php
/***************************************************************************
* admin_user_ban.php
* -------------------
* begin : Tuesday, Jul 31, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_user_ban.php,v 1.21.2.6 2005/10/30 15:17:13 acydburn Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if ( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Users']['Ban_Management'] = $filename;
return;
}
//
// Load default header
//
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
//
// Start program
//
if ( isset($HTTP_POST_VARS['submit']) )
{
$user_bansql = '';
$email_bansql = '';
$ip_bansql = '';
$user_list = array();
if ( !empty($HTTP_POST_VARS['username']) )
{
$this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
}
$user_list[] = $this_userdata['user_id'];
}
$ip_list = array();
if ( isset($HTTP_POST_VARS['ban_ip']) )
{
$ip_list_temp = explode(',', $HTTP_POST_VARS['ban_ip']);
for($i = 0; $i < count($ip_list_temp); $i++)
{
if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ip_list_temp[$i]), $ip_range_explode) )
{
//
// Don't ask about all this, just don't ask ... !
//
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];
while ( $ip_1_counter <= $ip_1_end )
{
$ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0;
$ip_2_end = ( $ip_1_counter < $ip_1_end ) ? 254 : $ip_range_explode[6];
if ( $ip_2_counter == 0 && $ip_2_end == 254 )
{
$ip_2_counter = 255;
$ip_2_fragment = 255;
$ip_list[] = encode_ip("$ip_1_counter.255.255.255");
}
while ( $ip_2_counter <= $ip_2_end )
{
$ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0;
$ip_3_end = ( $ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end ) ? 254 : $ip_range_explode[7];
if ( $ip_3_counter == 0 && $ip_3_end == 254 )
{
$ip_3_counter = 255;
$ip_3_fragment = 255;
$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.255.255");
}
while ( $ip_3_counter <= $ip_3_end )
{
$ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0;
$ip_4_end = ( $ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end ) ? 254 : $ip_range_explode[8];
if ( $ip_4_counter == 0 && $ip_4_end == 254 )
{
$ip_4_counter = 255;
$ip_4_fragment = 255;
$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.255");
}
while ( $ip_4_counter <= $ip_4_end )
{
$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter");
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ip_list_temp[$i])) )
{
$ip = gethostbynamel(trim($ip_list_temp[$i]));
for($j = 0; $j < count($ip); $j++)
{
if ( !empty($ip[$j]) )
{
$ip_list[] = encode_ip($ip[$j]);
}
}
}
else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ip_list_temp[$i])) )
{
$ip_list[] = encode_ip(str_replace('*', '255', trim($ip_list_temp[$i])));
}
}
}
$email_list = array();
if ( isset($HTTP_POST_VARS['ban_email']) )
{
$email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']);
for($i = 0; $i < count($email_list_temp); $i++)
{
//
// This ereg match is based on one by php@unreelpro.com
// contained in the annotated php manual at php.com (ereg
// section)
//
if (preg_match('/^(([a-z0-9&\'\.\-_\+])|(\*))+@(([a-z0-9\-])|(\*))+\.([a-z0-9\-]+\.)*?[a-z]+$/is', trim($email_list_temp[$i])))
{
$email_list[] = trim($email_list_temp[$i]);
}
}
}
$sql = "SELECT *
FROM " . BANLIST_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql);
}
$current_banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$kill_session_sql = '';
for($i = 0; $i < count($user_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if ( $user_list[$i] == $current_banlist[$j]['ban_userid'] )
{
$in_banlist = true;
}
}
if ( !$in_banlist )
{
$kill_session_sql .= ( ( $kill_session_sql != '' ) ? ' OR ' : '' ) . "session_user_id = " . $user_list[$i];
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid)
VALUES (" . $user_list[$i] . ")";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql);
}
}
}
for($i = 0; $i < count($ip_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if ( $ip_list[$i] == $current_banlist[$j]['ban_ip'] )
{
$in_banlist = true;
}
}
if ( !$in_banlist )
{
if ( preg_match('/(ff\.)|(\.ff)/is', chunk_split($ip_list[$i], 2, '.')) )
{
$kill_ip_sql = "session_ip LIKE '" . str_replace('.', '', preg_replace('/(ff\.)|(\.ff)/is', '%', chunk_split($ip_list[$i], 2, "."))) . "'";
}
else
{
$kill_ip_sql = "session_ip = '" . $ip_list[$i] . "'";
}
$kill_session_sql .= ( ( $kill_session_sql != '' ) ? ' OR ' : '' ) . $kill_ip_sql;
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip)
VALUES ('" . $ip_list[$i] . "')";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql);
}
}
}
//
// Now we'll delete all entries from the session table with any of the banned
// user or IP info just entered into the ban table ... this will force a session
// initialisation resulting in an instant ban
//
if ( $kill_session_sql != '' )
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE $kill_session_sql";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);
}
}
for($i = 0; $i < count($email_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if ( $email_list[$i] == $current_banlist[$j]['ban_email'] )
{
$in_banlist = true;
}
}
if ( !$in_banlist )
{
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email)
VALUES ('" . str_replace("\'", "''", $email_list[$i]) . "')";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql);
}
}
}
$where_sql = '';
if ( isset($HTTP_POST_VARS['unban_user']) )
{
$user_list = $HTTP_POST_VARS['unban_user'];
for($i = 0; $i < count($user_list); $i++)
{
if ( $user_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . intval($user_list[$i]);
}
}
}
if ( isset($HTTP_POST_VARS['unban_ip']) )
{
$ip_list = $HTTP_POST_VARS['unban_ip'];
for($i = 0; $i < count($ip_list); $i++)
{
if ( $ip_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . str_replace("\'", "''", $ip_list[$i]);
}
}
}
if ( isset($HTTP_POST_VARS['unban_email']) )
{
$email_list = $HTTP_POST_VARS['unban_email'];
for($i = 0; $i < count($email_list); $i++)
{
if ( $email_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . str_replace("\'", "''", $email_list[$i]);
}
}
}
if ( $where_sql != '' )
{
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($where_sql)";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql);
}
}
$message = $lang['Ban_update_sucessful'] . '<br /><br />' . sprintf($lang['Click_return_banadmin'], '<a href="' . append_sid("admin_user_ban.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
else
{
$template->set_filenames(array(
'body' => 'admin/user_ban_body.tpl')
);
$template->assign_vars(array(
'L_BAN_TITLE' => $lang['Ban_control'],
'L_BAN_EXPLAIN' => $lang['Ban_explain'],
'L_BAN_EXPLAIN_WARN' => $lang['Ban_explain_warn'],
'L_IP_OR_HOSTNAME' => $lang['IP_hostname'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'S_BANLIST_ACTION' => append_sid("admin_user_ban.$phpEx"))
);
$template->assign_vars(array(
'L_BAN_USER' => $lang['Ban_username'],
'L_BAN_USER_EXPLAIN' => $lang['Ban_username_explain'],
'L_BAN_IP' => $lang['Ban_IP'],
'L_BAN_IP_EXPLAIN' => $lang['Ban_IP_explain'],
'L_BAN_EMAIL' => $lang['Ban_email'],
'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'])
);
$userban_count = 0;
$ipban_count = 0;
$emailban_count = 0;
$sql = "SELECT b.ban_id, u.user_id, u.username
FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u
WHERE u.user_id = b.ban_userid
AND b.ban_userid <> 0
AND u.user_id <> " . ANONYMOUS . "
ORDER BY u.user_id ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql);
}
$user_list = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_userlist = '';
for($i = 0; $i < count($user_list); $i++)
{
$select_userlist .= '<option value="' . $user_list[$i]['ban_id'] . '">' . $user_list[$i]['username'] . '</option>';
$userban_count++;
}
if( $select_userlist == '' )
{
$select_userlist = '<option value="-1">' . $lang['No_banned_users'] . '</option>';
}
$select_userlist = '<select name="unban_user[]" multiple="multiple" size="5">' . $select_userlist . '</select>';
$sql = "SELECT ban_id, ban_ip, ban_email
FROM " . BANLIST_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select current ip ban list', '', __LINE__, __FILE__, $sql);
}
$banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_iplist = '';
$select_emaillist = '';
for($i = 0; $i < count($banlist); $i++)
{
$ban_id = $banlist[$i]['ban_id'];
if ( !empty($banlist[$i]['ban_ip']) )
{
$ban_ip = str_replace('255', '*', decode_ip($banlist[$i]['ban_ip']));
$select_iplist .= '<option value="' . $ban_id . '">' . $ban_ip . '</option>';
$ipban_count++;
}
else if ( !empty($banlist[$i]['ban_email']) )
{
$ban_email = $banlist[$i]['ban_email'];
$select_emaillist .= '<option value="' . $ban_id . '">' . $ban_email . '</option>';
$emailban_count++;
}
}
if ( $select_iplist == '' )
{
$select_iplist = '<option value="-1">' . $lang['No_banned_ip'] . '</option>';
}
if ( $select_emaillist == '' )
{
$select_emaillist = '<option value="-1">' . $lang['No_banned_email'] . '</option>';
}
$select_iplist = '<select name="unban_ip[]" multiple="multiple" size="5">' . $select_iplist . '</select>';
$select_emaillist = '<select name="unban_email[]" multiple="multiple" size="5">' . $select_emaillist . '</select>';
$template->assign_vars(array(
'L_UNBAN_USER' => $lang['Unban_username'],
'L_UNBAN_USER_EXPLAIN' => $lang['Unban_username_explain'],
'L_UNBAN_IP' => $lang['Unban_IP'],
'L_UNBAN_IP_EXPLAIN' => $lang['Unban_IP_explain'],
'L_UNBAN_EMAIL' => $lang['Unban_email'],
'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'],
'L_USERNAME' => $lang['Username'],
'L_LOOK_UP' => $lang['Look_up_User'],
'L_FIND_USERNAME' => $lang['Find_username'],
'U_SEARCH_USER' => append_sid("./../search.$phpEx?mode=searchuser"),
'S_UNBAN_USERLIST_SELECT' => $select_userlist,
'S_UNBAN_IPLIST_SELECT' => $select_iplist,
'S_UNBAN_EMAILLIST_SELECT' => $select_emaillist,
'S_BAN_ACTION' => append_sid("admin_user_ban.$phpEx"))
);
}
$template->pparse('body');
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_users.php
0,0 → 1,1173
<?php
/***************************************************************************
* admin_users.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_users.php,v 1.57.2.35 2006/03/26 14:43:24 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Users']['Manage'] = $filename;
return;
}
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/bbcode.'.$phpEx);
require($phpbb_root_path . 'includes/functions_post.'.$phpEx);
require($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
$html_entities_match = array('#<#', '#>#');
$html_entities_replace = array('&lt;', '&gt;');
//
// Set mode
//
if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
{
$mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
$mode = '';
}
//
// Begin program
//
if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) )
{
//
// Ok, the profile has been modified and submitted, let's update
//
if ( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
{
$user_id = intval($HTTP_POST_VARS['id']);
if (!($this_userdata = get_userdata($user_id)))
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
}
if( $HTTP_POST_VARS['deleteuser'] && ( $userdata['user_id'] != $user_id ) )
{
$sql = "SELECT g.group_id
FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id
AND g.group_single_user = 1";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
SET poster_id = " . DELETED . ", post_username = '" . str_replace("\\'", "''", addslashes($this_userdata['username'])) . "'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update posts for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_poster = " . DELETED . "
WHERE topic_poster = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . VOTE_USERS_TABLE . "
SET vote_user_id = " . DELETED . "
WHERE vote_user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "SELECT group_id
FROM " . GROUPS_TABLE . "
WHERE group_moderator = $user_id";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql);
}
while ( $row_group = $db->sql_fetchrow($result) )
{
$group_moderator[] = $row_group['group_id'];
}
if ( count($group_moderator) )
{
$update_moderator_id = implode(', ', $group_moderator);
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_moderator = " . $userdata['user_id'] . "
WHERE group_moderator IN ($update_moderator_id)";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
}
}
$sql = "DELETE FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user from user_group table', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . GROUPS_TABLE . "
WHERE group_id = " . $row['group_id'];
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = " . $row['group_id'];
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
WHERE user_id = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_userid = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user from banlist table', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_user_id = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete sessions for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . SESSIONS_KEYS_TABLE . "
WHERE user_id = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete auto-login keys for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "SELECT privmsgs_id
FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_from_userid = $user_id
OR privmsgs_to_userid = $user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select all users private messages', '', __LINE__, __FILE__, $sql);
}
// This little bit of code directly from the private messaging section.
while ( $row_privmsgs = $db->sql_fetchrow($result) )
{
$mark_list[] = $row_privmsgs['privmsgs_id'];
}
if ( count($mark_list) )
{
$delete_sql_id = implode(', ', $mark_list);
$delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "
WHERE privmsgs_text_id IN ($delete_sql_id)";
$delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_id IN ($delete_sql_id)";
if ( !$db->sql_query($delete_sql) )
{
message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
}
if ( !$db->sql_query($delete_text_sql) )
{
message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
}
}
$message = $lang['User_deleted'] . '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
$username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
$password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
$password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : '';
$icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags( $HTTP_POST_VARS['icq'] ) ) : '';
$aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags( $HTTP_POST_VARS['aim'] ) ) : '';
$msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags( $HTTP_POST_VARS['msn'] ) ) : '';
$yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags( $HTTP_POST_VARS['yim'] ) ) : '';
$website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags( $HTTP_POST_VARS['website'] ) ) : '';
$location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags( $HTTP_POST_VARS['location'] ) ) : '';
$occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags( $HTTP_POST_VARS['occupation'] ) ) : '';
$interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags( $HTTP_POST_VARS['interests'] ) ) : '';
$signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace('<br />', "\n", $HTTP_POST_VARS['signature'] ) ) : '';
validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
$viewemail = ( isset( $HTTP_POST_VARS['viewemail']) ) ? ( ( $HTTP_POST_VARS['viewemail'] ) ? TRUE : 0 ) : 0;
$allowviewonline = ( isset( $HTTP_POST_VARS['hideonline']) ) ? ( ( $HTTP_POST_VARS['hideonline'] ) ? 0 : TRUE ) : TRUE;
$notifyreply = ( isset( $HTTP_POST_VARS['notifyreply']) ) ? ( ( $HTTP_POST_VARS['notifyreply'] ) ? TRUE : 0 ) : 0;
$notifypm = ( isset( $HTTP_POST_VARS['notifypm']) ) ? ( ( $HTTP_POST_VARS['notifypm'] ) ? TRUE : 0 ) : TRUE;
$popuppm = ( isset( $HTTP_POST_VARS['popup_pm']) ) ? ( ( $HTTP_POST_VARS['popup_pm'] ) ? TRUE : 0 ) : TRUE;
$attachsig = ( isset( $HTTP_POST_VARS['attachsig']) ) ? ( ( $HTTP_POST_VARS['attachsig'] ) ? TRUE : 0 ) : 0;
$allowhtml = ( isset( $HTTP_POST_VARS['allowhtml']) ) ? intval( $HTTP_POST_VARS['allowhtml'] ) : $board_config['allow_html'];
$allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode'];
$allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies'];
$user_style = ( isset( $HTTP_POST_VARS['style'] ) ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style'];
$user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang'];
$user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone'];
$user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat'];
$user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] ) ) ? $HTTP_POST_VARS['avatarlocal'] : '' );
$user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;
$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : '';
$user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : '';
$user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '';
$user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : '';
$user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
$user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : '';
$user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : '';
$user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : '';
$user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0;
$user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0;
$user_rank = ( !empty($HTTP_POST_VARS['user_rank']) ) ? intval( $HTTP_POST_VARS['user_rank'] ) : 0;
$user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0;
if( isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
{
$username = stripslashes($username);
$email = stripslashes($email);
$password = '';
$password_confirm = '';
$icq = stripslashes($icq);
$aim = htmlspecialchars(stripslashes($aim));
$msn = htmlspecialchars(stripslashes($msn));
$yim = htmlspecialchars(stripslashes($yim));
$website = htmlspecialchars(stripslashes($website));
$location = htmlspecialchars(stripslashes($location));
$occupation = htmlspecialchars(stripslashes($occupation));
$interests = htmlspecialchars(stripslashes($interests));
$signature = htmlspecialchars(stripslashes($signature));
$user_lang = stripslashes($user_lang);
$user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
if ( !isset($HTTP_POST_VARS['cancelavatar']))
{
$user_avatar = $user_avatar_category . '/' . $user_avatar_local;
$user_avatar_type = USER_AVATAR_GALLERY;
}
}
}
if( isset( $HTTP_POST_VARS['submit'] ) )
{
include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
$error = FALSE;
if (stripslashes($username) != $this_userdata['username'])
{
unset($rename_user);
if ( stripslashes(strtolower($username)) != strtolower($this_userdata['username']) )
{
$result = validate_username($username);
if ( $result['error'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
}
else if ( strtolower(str_replace("\\'", "''", $username)) == strtolower($userdata['username']) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Username_taken'];
}
}
if (!$error)
{
$username_sql = "username = '" . str_replace("\\'", "''", $username) . "', ";
$rename_user = $username; // Used for renaming usergroup
}
}
$passwd_sql = '';
if( !empty($password) && !empty($password_confirm) )
{
//
// Awww, the user wants to change their password, isn't that cute..
//
if($password != $password_confirm)
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
}
else
{
$password = md5($password);
$passwd_sql = "user_password = '$password', ";
}
}
else if( $password && !$password_confirm )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
}
else if( !$password && $password_confirm )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
}
if ($signature != '')
{
$sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature));
if ( $allowhtml )
{
$sig_length_check = preg_replace('/(\<.*?)(=.*?)( .*?=.*?)?([ \/]?\>)/is', '\\1\\3\\4', $sig_length_check);
}
// Only create a new bbcode_uid when there was no uid yet.
if ( $signature_bbcode_uid == '' )
{
$signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : '';
}
$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
if ( strlen($sig_length_check) > $board_config['max_sig_chars'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long'];
}
}
//
// Avatar stuff
//
$avatar_sql = "";
if( isset($HTTP_POST_VARS['avatardel']) )
{
if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
{
if( @file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
{
@unlink('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
}
}
$avatar_sql = ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE;
}
else if( ( $user_avatar_loc != "" || !empty($user_avatar_url) ) && !$error )
{
//
// Only allow one type of upload, either a
// filename or a URL
//
if( !empty($user_avatar_loc) && !empty($user_avatar_url) )
{
$error = TRUE;
if( isset($error_msg) )
{
$error_msg .= "<br />";
}
$error_msg .= $lang['Only_one_avatar'];
}
if( $user_avatar_loc != "" )
{
if( file_exists(@phpbb_realpath($user_avatar_loc)) && ereg(".jpg$|.gif$|.png$", $user_avatar_name) )
{
if( $user_avatar_size <= $board_config['avatar_filesize'] && $user_avatar_size > 0)
{
$error_type = false;
//
// Opera appends the image name after the type, not big, not clever!
//
preg_match("'image\/[x\-]*([a-z]+)'", $user_avatar_filetype, $user_avatar_filetype);
$user_avatar_filetype = $user_avatar_filetype[1];
switch( $user_avatar_filetype )
{
case "jpeg":
case "pjpeg":
case "jpg":
$imgtype = '.jpg';
break;
case "gif":
$imgtype = '.gif';
break;
case "png":
$imgtype = '.png';
break;
default:
$error = true;
$error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
break;
}
if( !$error )
{
list($width, $height) = @getimagesize($user_avatar_loc);
if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{
$user_id = $this_userdata['user_id'];
$avatar_filename = $user_id . $imgtype;
if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
{
if( @file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
{
@unlink("./../" . $board_config['avatar_path'] . "/". $this_userdata['user_avatar']);
}
}
@copy($user_avatar_loc, "./../" . $board_config['avatar_path'] . "/$avatar_filename");
$avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD;
}
else
{
$l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
}
}
}
else
{
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
}
}
else
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
}
}
else if( !empty($user_avatar_url) )
{
//
// First check what port we should connect
// to, look for a :[xxxx]/ or, if that doesn't
// exist assume port 80 (http)
//
preg_match("/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/", $user_avatar_url, $url_ary);
if( !empty($url_ary[4]) )
{
$port = (!empty($url_ary[3])) ? $url_ary[3] : 80;
$fsock = @fsockopen($url_ary[2], $port, $errno, $errstr);
if( $fsock )
{
$base_get = "/" . $url_ary[4];
//
// Uses HTTP 1.1, could use HTTP 1.0 ...
//
@fputs($fsock, "GET $base_get HTTP/1.1\r\n");
@fputs($fsock, "HOST: " . $url_ary[2] . "\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
unset($avatar_data);
while( !@feof($fsock) )
{
$avatar_data .= @fread($fsock, $board_config['avatar_filesize']);
}
@fclose($fsock);
if( preg_match("/Content-Length\: ([0-9]+)[^\/ ][\s]+/i", $avatar_data, $file_data1) && preg_match("/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data2) )
{
$file_size = $file_data1[1];
$file_type = $file_data2[1];
switch( $file_type )
{
case "jpeg":
case "pjpeg":
case "jpg":
$imgtype = '.jpg';
break;
case "gif":
$imgtype = '.gif';
break;
case "png":
$imgtype = '.png';
break;
default:
$error = true;
$error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
break;
}
if( !$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'] )
{
$avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size);
$tmp_filename = tempnam ("/tmp", $this_userdata['user_id'] . "-");
$fptr = @fopen($tmp_filename, "wb");
$bytes_written = @fwrite($fptr, $avatar_data, $file_size);
@fclose($fptr);
if( $bytes_written == $file_size )
{
list($width, $height) = @getimagesize($tmp_filename);
if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{
$user_id = $this_userdata['user_id'];
$avatar_filename = $user_id . $imgtype;
if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "")
{
if( file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
{
@unlink("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
}
}
@copy($tmp_filename, "./../" . $board_config['avatar_path'] . "/$avatar_filename");
@unlink($tmp_filename);
$avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD;
}
else
{
$l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
}
}
else
{
//
// Error writing file
//
@unlink($tmp_filename);
message_die(GENERAL_ERROR, "Could not write avatar file to local storage. Please contact the board administrator with this message", "", __LINE__, __FILE__);
}
}
}
else
{
//
// No data
//
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['File_no_data'] : $lang['File_no_data'];
}
}
else
{
//
// No connection
//
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['No_connection_URL'] : $lang['No_connection_URL'];
}
}
else
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Incomplete_URL'] : $lang['Incomplete_URL'];
}
}
else if( !empty($user_avatar_name) )
{
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
}
}
else if( $user_avatar_remoteurl != "" && $avatar_sql == "" && !$error )
{
if( !preg_match("#^http:\/\/#i", $user_avatar_remoteurl) )
{
$user_avatar_remoteurl = "http://" . $user_avatar_remoteurl;
}
if( preg_match("#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+\/.*?\.(gif|jpg|png)$)#is", $user_avatar_remoteurl) )
{
$avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_remoteurl) . "', user_avatar_type = " . USER_AVATAR_REMOTE;
}
else
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
}
}
else if( $user_avatar_local != "" && $avatar_sql == "" && !$error )
{
$avatar_sql = ", user_avatar = '" . str_replace("\'", "''", phpbb_ltrim(basename($user_avatar_category), "'") . '/' . phpbb_ltrim(basename($user_avatar_local), "'")) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
}
//
// Update entry in DB
//
if( !$error )
{
$sql = "UPDATE " . USERS_TABLE . "
SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank = $user_rank" . $avatar_sql . "
WHERE user_id = $user_id";
if( $result = $db->sql_query($sql) )
{
if( isset($rename_user) )
{
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_name = '".str_replace("\'", "''", $rename_user)."'
WHERE group_name = '".str_replace("'", "''", $this_userdata['username'] )."'";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not rename users group', '', __LINE__, __FILE__, $sql);
}
}
// Delete user session, to prevent the user navigating the forum (if logged in) when disabled
if (!$user_status)
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_user_id = " . $user_id;
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
}
}
// We remove all stored login keys since the password has been updated
// and change the current one (if applicable)
if ( !empty($passwd_sql) )
{
session_reset_keys($user_id, $user_ip);
}
$message .= $lang['Admin_user_updated'];
}
else
{
message_die(GENERAL_ERROR, 'Admin_user_fail', '', __LINE__, __FILE__, $sql);
}
$message .= '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
else
{
$template->set_filenames(array(
'reg_header' => 'error_body.tpl')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
$username = htmlspecialchars(stripslashes($username));
$email = stripslashes($email);
$password = '';
$password_confirm = '';
$icq = stripslashes($icq);
$aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim)));
$msn = htmlspecialchars(stripslashes($msn));
$yim = htmlspecialchars(stripslashes($yim));
$website = htmlspecialchars(stripslashes($website));
$location = htmlspecialchars(stripslashes($location));
$occupation = htmlspecialchars(stripslashes($occupation));
$interests = htmlspecialchars(stripslashes($interests));
$signature = htmlspecialchars(stripslashes($signature));
$user_lang = stripslashes($user_lang);
$user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
}
}
else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) )
{
if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) )
{
$user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]);
$this_userdata = get_userdata($user_id);
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
}
}
else
{
$this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
}
}
//
// Now parse and display it as a template
//
$user_id = $this_userdata['user_id'];
$username = $this_userdata['username'];
$email = $this_userdata['user_email'];
$password = '';
$password_confirm = '';
$icq = $this_userdata['user_icq'];
$aim = htmlspecialchars(str_replace('+', ' ', $this_userdata['user_aim'] ));
$msn = htmlspecialchars($this_userdata['user_msnm']);
$yim = htmlspecialchars($this_userdata['user_yim']);
$website = htmlspecialchars($this_userdata['user_website']);
$location = htmlspecialchars($this_userdata['user_from']);
$occupation = htmlspecialchars($this_userdata['user_occ']);
$interests = htmlspecialchars($this_userdata['user_interests']);
$signature = ($this_userdata['user_sig_bbcode_uid'] != '') ? preg_replace('#:' . $this_userdata['user_sig_bbcode_uid'] . '#si', '', $this_userdata['user_sig']) : $this_userdata['user_sig'];
$signature = preg_replace($html_entities_match, $html_entities_replace, $signature);
$viewemail = $this_userdata['user_viewemail'];
$notifypm = $this_userdata['user_notify_pm'];
$popuppm = $this_userdata['user_popup_pm'];
$notifyreply = $this_userdata['user_notify'];
$attachsig = $this_userdata['user_attachsig'];
$allowhtml = $this_userdata['user_allowhtml'];
$allowbbcode = $this_userdata['user_allowbbcode'];
$allowsmilies = $this_userdata['user_allowsmile'];
$allowviewonline = $this_userdata['user_allow_viewonline'];
$user_avatar = $this_userdata['user_avatar'];
$user_avatar_type = $this_userdata['user_avatar_type'];
$user_style = $this_userdata['user_style'];
$user_lang = $this_userdata['user_lang'];
$user_timezone = $this_userdata['user_timezone'];
$user_dateformat = htmlspecialchars($this_userdata['user_dateformat']);
$user_status = $this_userdata['user_active'];
$user_allowavatar = $this_userdata['user_allowavatar'];
$user_allowpm = $this_userdata['user_allow_pm'];
$COPPA = false;
$html_status = ($this_userdata['user_allowhtml'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
$bbcode_status = ($this_userdata['user_allowbbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
$smilies_status = ($this_userdata['user_allowsmile'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
}
if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
{
if( !$error )
{
$user_id = intval($HTTP_POST_VARS['id']);
$template->set_filenames(array(
"body" => "admin/user_avatar_gallery.tpl")
);
$dir = @opendir("../" . $board_config['avatar_gallery_path']);
$avatar_images = array();
while( $file = @readdir($dir) )
{
if( $file != "." && $file != ".." && !is_file(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) && !is_link(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) )
{
$sub_dir = @opendir("../" . $board_config['avatar_gallery_path'] . "/" . $file);
$avatar_row_count = 0;
$avatar_col_count = 0;
while( $sub_file = @readdir($sub_dir) )
{
if( preg_match("/(\.gif$|\.png$|\.jpg)$/is", $sub_file) )
{
$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $sub_file;
$avatar_col_count++;
if( $avatar_col_count == 5 )
{
$avatar_row_count++;
$avatar_col_count = 0;
}
}
}
}
}
@closedir($dir);
if( isset($HTTP_POST_VARS['avatarcategory']) )
{
$category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']);
}
else
{
list($category, ) = each($avatar_images);
}
@reset($avatar_images);
$s_categories = "";
while( list($key) = each($avatar_images) )
{
$selected = ( $key == $category ) ? "selected=\"selected\"" : "";
if( count($avatar_images[$key]) )
{
$s_categories .= '<option value="' . $key . '"' . $selected . '>' . ucfirst($key) . '</option>';
}
}
$s_colspan = 0;
for($i = 0; $i < count($avatar_images[$category]); $i++)
{
$template->assign_block_vars("avatar_row", array());
$s_colspan = max($s_colspan, count($avatar_images[$category][$i]));
for($j = 0; $j < count($avatar_images[$category][$i]); $j++)
{
$template->assign_block_vars("avatar_row.avatar_column", array(
"AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_images[$category][$i][$j])
);
$template->assign_block_vars("avatar_row.avatar_option_column", array(
"S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j])
);
}
}
$coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE;
$s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" /><input type="hidden" name="avatarcatname" value="' . $category . '" />';
$s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />';
$s_hidden_fields .= '<input type="hidden" name="username" value="' . str_replace("\"", "&quot;", $username) . '" />';
$s_hidden_fields .= '<input type="hidden" name="email" value="' . str_replace("\"", "&quot;", $email) . '" />';
$s_hidden_fields .= '<input type="hidden" name="icq" value="' . str_replace("\"", "&quot;", $icq) . '" />';
$s_hidden_fields .= '<input type="hidden" name="aim" value="' . str_replace("\"", "&quot;", $aim) . '" />';
$s_hidden_fields .= '<input type="hidden" name="msn" value="' . str_replace("\"", "&quot;", $msn) . '" />';
$s_hidden_fields .= '<input type="hidden" name="yim" value="' . str_replace("\"", "&quot;", $yim) . '" />';
$s_hidden_fields .= '<input type="hidden" name="website" value="' . str_replace("\"", "&quot;", $website) . '" />';
$s_hidden_fields .= '<input type="hidden" name="location" value="' . str_replace("\"", "&quot;", $location) . '" />';
$s_hidden_fields .= '<input type="hidden" name="occupation" value="' . str_replace("\"", "&quot;", $occupation) . '" />';
$s_hidden_fields .= '<input type="hidden" name="interests" value="' . str_replace("\"", "&quot;", $interests) . '" />';
$s_hidden_fields .= '<input type="hidden" name="signature" value="' . str_replace("\"", "&quot;", $signature) . '" />';
$s_hidden_fields .= '<input type="hidden" name="viewemail" value="' . $viewemail . '" />';
$s_hidden_fields .= '<input type="hidden" name="notifypm" value="' . $notifypm . '" />';
$s_hidden_fields .= '<input type="hidden" name="popup_pm" value="' . $popuppm . '" />';
$s_hidden_fields .= '<input type="hidden" name="notifyreply" value="' . $notifyreply . '" />';
$s_hidden_fields .= '<input type="hidden" name="attachsig" value="' . $attachsig . '" />';
$s_hidden_fields .= '<input type="hidden" name="allowhtml" value="' . $allowhtml . '" />';
$s_hidden_fields .= '<input type="hidden" name="allowbbcode" value="' . $allowbbcode . '" />';
$s_hidden_fields .= '<input type="hidden" name="allowsmilies" value="' . $allowsmilies . '" />';
$s_hidden_fields .= '<input type="hidden" name="hideonline" value="' . !$allowviewonline . '" />';
$s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />';
$s_hidden_fields .= '<input type="hidden" name="language" value="' . $user_lang . '" />';
$s_hidden_fields .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />';
$s_hidden_fields .= '<input type="hidden" name="dateformat" value="' . str_replace("\"", "&quot;", $user_dateformat) . '" />';
$s_hidden_fields .= '<input type="hidden" name="user_status" value="' . $user_status . '" />';
$s_hidden_fields .= '<input type="hidden" name="user_allowpm" value="' . $user_allowpm . '" />';
$s_hidden_fields .= '<input type="hidden" name="user_allowavatar" value="' . $user_allowavatar . '" />';
$s_hidden_fields .= '<input type="hidden" name="user_rank" value="' . $user_rank . '" />';
$template->assign_vars(array(
"L_USER_TITLE" => $lang['User_admin'],
"L_USER_EXPLAIN" => $lang['User_admin_explain'],
"L_AVATAR_GALLERY" => $lang['Avatar_gallery'],
"L_SELECT_AVATAR" => $lang['Select_avatar'],
"L_RETURN_PROFILE" => $lang['Return_profile'],
"L_CATEGORY" => $lang['Select_category'],
"L_GO" => $lang['Go'],
"S_OPTIONS_CATEGORIES" => $s_categories,
"S_COLSPAN" => $s_colspan,
"S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"),
"S_HIDDEN_FIELDS" => $s_hidden_fields)
);
}
}
else
{
$s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
$s_hidden_fields .= '<input type="hidden" name="id" value="' . $this_userdata['user_id'] . '" />';
if( !empty($user_avatar_local) )
{
$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />';
}
if( $user_avatar_type )
{
switch( $user_avatar_type )
{
case USER_AVATAR_UPLOAD:
$avatar = '<img src="../' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />';
break;
case USER_AVATAR_REMOTE:
$avatar = '<img src="' . $user_avatar . '" alt="" />';
break;
case USER_AVATAR_GALLERY:
$avatar = '<img src="../' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />';
break;
}
}
else
{
$avatar = "";
}
$sql = "SELECT * FROM " . RANKS_TABLE . "
WHERE rank_special = 1
ORDER BY rank_title";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain ranks data', '', __LINE__, __FILE__, $sql);
}
$rank_select_box = '<option value="0">' . $lang['No_assigned_rank'] . '</option>';
while( $row = $db->sql_fetchrow($result) )
{
$rank = $row['rank_title'];
$rank_id = $row['rank_id'];
$selected = ( $this_userdata['user_rank'] == $rank_id ) ? ' selected="selected"' : '';
$rank_select_box .= '<option value="' . $rank_id . '"' . $selected . '>' . $rank . '</option>';
}
$template->set_filenames(array(
"body" => "admin/user_edit_body.tpl")
);
//
// Let's do an overall check for settings/versions which would prevent
// us from doing file uploads....
//
$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$form_enctype = ( !@$ini_val('file_uploads') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
$template->assign_vars(array(
'USERNAME' => $username,
'EMAIL' => $email,
'YIM' => $yim,
'ICQ' => $icq,
'MSN' => $msn,
'AIM' => $aim,
'OCCUPATION' => $occupation,
'INTERESTS' => $interests,
'LOCATION' => $location,
'WEBSITE' => $website,
'SIGNATURE' => str_replace('<br />', "\n", $signature),
'VIEW_EMAIL_YES' => ($viewemail) ? 'checked="checked"' : '',
'VIEW_EMAIL_NO' => (!$viewemail) ? 'checked="checked"' : '',
'HIDE_USER_YES' => (!$allowviewonline) ? 'checked="checked"' : '',
'HIDE_USER_NO' => ($allowviewonline) ? 'checked="checked"' : '',
'NOTIFY_PM_YES' => ($notifypm) ? 'checked="checked"' : '',
'NOTIFY_PM_NO' => (!$notifypm) ? 'checked="checked"' : '',
'POPUP_PM_YES' => ($popuppm) ? 'checked="checked"' : '',
'POPUP_PM_NO' => (!$popuppm) ? 'checked="checked"' : '',
'ALWAYS_ADD_SIGNATURE_YES' => ($attachsig) ? 'checked="checked"' : '',
'ALWAYS_ADD_SIGNATURE_NO' => (!$attachsig) ? 'checked="checked"' : '',
'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '',
'NOTIFY_REPLY_NO' => ( !$notifyreply ) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_BBCODE_YES' => ($allowbbcode) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_BBCODE_NO' => (!$allowbbcode) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_HTML_YES' => ($allowhtml) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_HTML_NO' => (!$allowhtml) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_SMILIES_YES' => ($allowsmilies) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_SMILIES_NO' => (!$allowsmilies) ? 'checked="checked"' : '',
'AVATAR' => $avatar,
'LANGUAGE_SELECT' => language_select($user_lang),
'TIMEZONE_SELECT' => tz_select($user_timezone),
'STYLE_SELECT' => style_select($user_style, 'style'),
'DATE_FORMAT' => $user_dateformat,
'ALLOW_PM_YES' => ($user_allowpm) ? 'checked="checked"' : '',
'ALLOW_PM_NO' => (!$user_allowpm) ? 'checked="checked"' : '',
'ALLOW_AVATAR_YES' => ($user_allowavatar) ? 'checked="checked"' : '',
'ALLOW_AVATAR_NO' => (!$user_allowavatar) ? 'checked="checked"' : '',
'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '',
'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '',
'RANK_SELECT_BOX' => $rank_select_box,
'L_USERNAME' => $lang['Username'],
'L_USER_TITLE' => $lang['User_admin'],
'L_USER_EXPLAIN' => $lang['User_admin_explain'],
'L_NEW_PASSWORD' => $lang['New_password'],
'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'],
'L_CONFIRM_PASSWORD' => $lang['Confirm_password'],
'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'L_ICQ_NUMBER' => $lang['ICQ'],
'L_MESSENGER' => $lang['MSNM'],
'L_YAHOO' => $lang['YIM'],
'L_WEBSITE' => $lang['Website'],
'L_AIM' => $lang['AIM'],
'L_LOCATION' => $lang['Location'],
'L_OCCUPATION' => $lang['Occupation'],
'L_BOARD_LANGUAGE' => $lang['Board_lang'],
'L_BOARD_STYLE' => $lang['Board_style'],
'L_TIMEZONE' => $lang['Timezone'],
'L_DATE_FORMAT' => $lang['Date_format'],
'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'L_INTERESTS' => $lang['Interests'],
'L_ALWAYS_ALLOW_SMILIES' => $lang['Always_smile'],
'L_ALWAYS_ALLOW_BBCODE' => $lang['Always_bbcode'],
'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'],
'L_HIDE_USER' => $lang['Hide_user'],
'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'],
'L_SPECIAL' => $lang['User_special'],
'L_SPECIAL_EXPLAIN' => $lang['User_special_explain'],
'L_USER_ACTIVE' => $lang['User_status'],
'L_ALLOW_PM' => $lang['User_allowpm'],
'L_ALLOW_AVATAR' => $lang['User_allowavatar'],
'L_AVATAR_PANEL' => $lang['Avatar_panel'],
'L_AVATAR_EXPLAIN' => $lang['Admin_avatar_explain'],
'L_DELETE_AVATAR' => $lang['Delete_Image'],
'L_CURRENT_IMAGE' => $lang['Current_Image'],
'L_UPLOAD_AVATAR_FILE' => $lang['Upload_Avatar_file'],
'L_UPLOAD_AVATAR_URL' => $lang['Upload_Avatar_URL'],
'L_AVATAR_GALLERY' => $lang['Select_from_gallery'],
'L_SHOW_GALLERY' => $lang['View_avatar_gallery'],
'L_LINK_REMOTE_AVATAR' => $lang['Link_remote_Avatar'],
'L_SIGNATURE' => $lang['Signature'],
'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars'] ),
'L_NOTIFY_ON_PRIVMSG' => $lang['Notify_on_privmsg'],
'L_NOTIFY_ON_REPLY' => $lang['Always_notify'],
'L_POPUP_ON_PRIVMSG' => $lang['Popup_on_privmsg'],
'L_PREFERENCES' => $lang['Preferences'],
'L_PUBLIC_VIEW_EMAIL' => $lang['Public_view_email'],
'L_ITEMS_REQUIRED' => $lang['Items_required'],
'L_REGISTRATION_INFO' => $lang['Registration_info'],
'L_PROFILE_INFO' => $lang['Profile_info'],
'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
'S_FORM_ENCTYPE' => $form_enctype,
'HTML_STATUS' => $html_status,
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
'SMILIES_STATUS' => $smilies_status,
'L_DELETE_USER' => $lang['User_delete'],
'L_DELETE_USER_EXPLAIN' => $lang['User_delete_explain'],
'L_SELECT_RANK' => $lang['Rank_title'],
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_PROFILE_ACTION' => append_sid("admin_users.$phpEx"))
);
if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'])) && ($board_config['allow_avatar_upload'] == TRUE) )
{
if ( $form_enctype != '' )
{
$template->assign_block_vars('avatar_local_upload', array() );
}
$template->assign_block_vars('avatar_remote_upload', array() );
}
if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_gallery_path'])) && ($board_config['allow_avatar_local'] == TRUE) )
{
$template->assign_block_vars('avatar_local_gallery', array() );
}
if( $board_config['allow_avatar_remote'] == TRUE )
{
$template->assign_block_vars('avatar_remote_link', array() );
}
}
$template->pparse('body');
}
else
{
//
// Default user selection box
//
$template->set_filenames(array(
'body' => 'admin/user_select_body.tpl')
);
$template->assign_vars(array(
'L_USER_TITLE' => $lang['User_admin'],
'L_USER_EXPLAIN' => $lang['User_admin_explain'],
'L_USER_SELECT' => $lang['Select_a_User'],
'L_LOOK_UP' => $lang['Look_up_user'],
'L_FIND_USERNAME' => $lang['Find_username'],
'U_SEARCH_USER' => append_sid("./../search.$phpEx?mode=searchuser"),
'S_USER_ACTION' => append_sid("admin_users.$phpEx"),
'S_USER_SELECT' => $select_list)
);
$template->pparse('body');
}
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/admin_words.php
0,0 → 1,273
<?php
/***************************************************************************
* admin_words.php
* -------------------
* begin : Thursday, Jul 12, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: admin_words.php,v 1.10.2.6 2006/04/13 09:56:48 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if( !empty($setmodules) )
{
$file = basename(__FILE__);
$module['General']['Word_Censor'] = $file;
return;
}
define('IN_PHPBB', 1);
//
// Load default header
//
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;
$no_page_header = $cancel;
require('./pagestart.' . $phpEx);
if ($cancel)
{
redirect('admin/' . append_sid("admin_words.$phpEx", true));
}
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
//
// These could be entered via a form button
//
if( isset($HTTP_POST_VARS['add']) )
{
$mode = "add";
}
else if( isset($HTTP_POST_VARS['save']) )
{
$mode = "save";
}
else
{
$mode = "";
}
}
// Restrict mode input to valid options
$mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
if( $mode != "" )
{
if( $mode == "edit" || $mode == "add" )
{
$word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
$template->set_filenames(array(
"body" => "admin/words_edit_body.tpl")
);
$word_info = array('word' => '', 'replacement' => '');
$s_hidden_fields = '';
if( $mode == "edit" )
{
if( $word_id )
{
$sql = "SELECT *
FROM " . WORDS_TABLE . "
WHERE word_id = $word_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not query words table", "Error", __LINE__, __FILE__, $sql);
}
$word_info = $db->sql_fetchrow($result);
$s_hidden_fields .= '<input type="hidden" name="id" value="' . $word_id . '" />';
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_word_selected']);
}
}
$template->assign_vars(array(
"WORD" => $word_info['word'],
"REPLACEMENT" => $word_info['replacement'],
"L_WORDS_TITLE" => $lang['Words_title'],
"L_WORDS_TEXT" => $lang['Words_explain'],
"L_WORD_CENSOR" => $lang['Edit_word_censor'],
"L_WORD" => $lang['Word'],
"L_REPLACEMENT" => $lang['Replacement'],
"L_SUBMIT" => $lang['Submit'],
"S_WORDS_ACTION" => append_sid("admin_words.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields)
);
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
}
else if( $mode == "save" )
{
$word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
$word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : "";
$replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : "";
if($word == "" || $replacement == "")
{
message_die(GENERAL_MESSAGE, $lang['Must_enter_word']);
}
if( $word_id )
{
$sql = "UPDATE " . WORDS_TABLE . "
SET word = '" . str_replace("\'", "''", $word) . "', replacement = '" . str_replace("\'", "''", $replacement) . "'
WHERE word_id = $word_id";
$message = $lang['Word_updated'];
}
else
{
$sql = "INSERT INTO " . WORDS_TABLE . " (word, replacement)
VALUES ('" . str_replace("\'", "''", $word) . "', '" . str_replace("\'", "''", $replacement) . "')";
$message = $lang['Word_added'];
}
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not insert data into words table", $lang['Error'], __LINE__, __FILE__, $sql);
}
$message .= "<br /><br />" . sprintf($lang['Click_return_wordadmin'], "<a href=\"" . append_sid("admin_words.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else if( $mode == "delete" )
{
if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
{
$word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
$word_id = intval($word_id);
}
else
{
$word_id = 0;
}
$confirm = isset($HTTP_POST_VARS['confirm']);
if( $word_id && $confirm )
{
$sql = "DELETE FROM " . WORDS_TABLE . "
WHERE word_id = $word_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not remove data from words table", $lang['Error'], __LINE__, __FILE__, $sql);
}
$message = $lang['Word_removed'] . "<br /><br />" . sprintf($lang['Click_return_wordadmin'], "<a href=\"" . append_sid("admin_words.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
elseif( $word_id && !$confirm)
{
// Present the confirmation screen to the user
$template->set_filenames(array(
'body' => 'admin/confirm_body.tpl')
);
$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $word_id . '" />';
$template->assign_vars(array(
'MESSAGE_TITLE' => $lang['Confirm'],
'MESSAGE_TEXT' => $lang['Confirm_delete_word'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("admin_words.$phpEx"),
'S_HIDDEN_FIELDS' => $hidden_fields)
);
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_word_selected']);
}
}
}
else
{
$template->set_filenames(array(
"body" => "admin/words_list_body.tpl")
);
$sql = "SELECT *
FROM " . WORDS_TABLE . "
ORDER BY word";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not query words table", $lang['Error'], __LINE__, __FILE__, $sql);
}
$word_rows = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$word_count = count($word_rows);
$template->assign_vars(array(
"L_WORDS_TITLE" => $lang['Words_title'],
"L_WORDS_TEXT" => $lang['Words_explain'],
"L_WORD" => $lang['Word'],
"L_REPLACEMENT" => $lang['Replacement'],
"L_EDIT" => $lang['Edit'],
"L_DELETE" => $lang['Delete'],
"L_ADD_WORD" => $lang['Add_new_word'],
"L_ACTION" => $lang['Action'],
"S_WORDS_ACTION" => append_sid("admin_words.$phpEx"),
"S_HIDDEN_FIELDS" => '')
);
for($i = 0; $i < $word_count; $i++)
{
$word = $word_rows[$i]['word'];
$replacement = $word_rows[$i]['replacement'];
$word_id = $word_rows[$i]['word_id'];
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars("words", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"WORD" => $word,
"REPLACEMENT" => $replacement,
"U_WORD_EDIT" => append_sid("admin_words.$phpEx?mode=edit&amp;id=$word_id"),
"U_WORD_DELETE" => append_sid("admin_words.$phpEx?mode=delete&amp;id=$word_id"))
);
}
}
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
?>

/Forum/admin/index.php
0,0 → 1,657
<?php
/***************************************************************************
* (admin) index.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: index.php,v 1.40.2.10 2005/12/04 12:55:28 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
//
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
// ---------------
// Begin functions
//
function inarray($needle, $haystack)
{
for($i = 0; $i < sizeof($haystack); $i++ )
{
if( $haystack[$i] == $needle )
{
return true;
}
}
return false;
}
//
// End functions
// -------------
//
// Generate relevant output
//
if( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' )
{
$dir = @opendir(".");
$setmodules = 1;
while( $file = @readdir($dir) )
{
if( preg_match("/^admin_.*?\." . $phpEx . "$/", $file) )
{
include('./' . $file);
}
}
@closedir($dir);
unset($setmodules);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/index_navigate.tpl")
);
$template->assign_vars(array(
"U_FORUM_INDEX" => append_sid("../index.$phpEx"),
"U_ADMIN_INDEX" => append_sid("index.$phpEx?pane=right"),
"L_FORUM_INDEX" => $lang['Main_index'],
"L_ADMIN_INDEX" => $lang['Admin_Index'],
"L_PREVIEW_FORUM" => $lang['Preview_forum'])
);
ksort($module);
while( list($cat, $action_array) = each($module) )
{
$cat = ( !empty($lang[$cat]) ) ? $lang[$cat] : preg_replace("/_/", " ", $cat);
$template->assign_block_vars("catrow", array(
"ADMIN_CATEGORY" => $cat)
);
ksort($action_array);
$row_count = 0;
while( list($action, $file) = each($action_array) )
{
$row_color = ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($row_count%2) ) ? $theme['td_class1'] : $theme['td_class2'];
$action = ( !empty($lang[$action]) ) ? $lang[$action] : preg_replace("/_/", " ", $action);
$template->assign_block_vars("catrow.modulerow", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"ADMIN_MODULE" => $action,
"U_ADMIN_MODULE" => append_sid($file))
);
$row_count++;
}
}
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
}
elseif( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
{
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/index_body.tpl")
);
$template->assign_vars(array(
"L_WELCOME" => $lang['Welcome_phpBB'],
"L_ADMIN_INTRO" => $lang['Admin_intro'],
"L_FORUM_STATS" => $lang['Forum_stats'],
"L_WHO_IS_ONLINE" => $lang['Who_is_Online'],
"L_USERNAME" => $lang['Username'],
"L_LOCATION" => $lang['Location'],
"L_LAST_UPDATE" => $lang['Last_updated'],
"L_IP_ADDRESS" => $lang['IP_Address'],
"L_STATISTIC" => $lang['Statistic'],
"L_VALUE" => $lang['Value'],
"L_NUMBER_POSTS" => $lang['Number_posts'],
"L_POSTS_PER_DAY" => $lang['Posts_per_day'],
"L_NUMBER_TOPICS" => $lang['Number_topics'],
"L_TOPICS_PER_DAY" => $lang['Topics_per_day'],
"L_NUMBER_USERS" => $lang['Number_users'],
"L_USERS_PER_DAY" => $lang['Users_per_day'],
"L_BOARD_STARTED" => $lang['Board_started'],
"L_AVATAR_DIR_SIZE" => $lang['Avatar_dir_size'],
"L_DB_SIZE" => $lang['Database_size'],
"L_FORUM_LOCATION" => $lang['Forum_Location'],
"L_STARTED" => $lang['Login'],
"L_GZIP_COMPRESSION" => $lang['Gzip_compression'])
);
//
// Get forum statistics
//
$total_posts = get_db_stat('postcount');
$total_users = get_db_stat('usercount');
$total_topics = get_db_stat('topiccount');
$start_date = create_date($board_config['default_dateformat'], $board_config['board_startdate'], $board_config['board_timezone']);
$boarddays = ( time() - $board_config['board_startdate'] ) / 86400;
$posts_per_day = sprintf("%.2f", $total_posts / $boarddays);
$topics_per_day = sprintf("%.2f", $total_topics / $boarddays);
$users_per_day = sprintf("%.2f", $total_users / $boarddays);
$avatar_dir_size = 0;
if ($avatar_dir = @opendir($phpbb_root_path . $board_config['avatar_path']))
{
while( $file = @readdir($avatar_dir) )
{
if( $file != "." && $file != ".." )
{
$avatar_dir_size += @filesize($phpbb_root_path . $board_config['avatar_path'] . "/" . $file);
}
}
@closedir($avatar_dir);
//
// This bit of code translates the avatar directory size into human readable format
// Borrowed the code from the PHP.net annoted manual, origanally written by:
// Jesse (jesse@jess.on.ca)
//
if($avatar_dir_size >= 1048576)
{
$avatar_dir_size = round($avatar_dir_size / 1048576 * 100) / 100 . " MB";
}
else if($avatar_dir_size >= 1024)
{
$avatar_dir_size = round($avatar_dir_size / 1024 * 100) / 100 . " KB";
}
else
{
$avatar_dir_size = $avatar_dir_size . " Bytes";
}
}
else
{
// Couldn't open Avatar dir.
$avatar_dir_size = $lang['Not_available'];
}
if($posts_per_day > $total_posts)
{
$posts_per_day = $total_posts;
}
if($topics_per_day > $total_topics)
{
$topics_per_day = $total_topics;
}
if($users_per_day > $total_users)
{
$users_per_day = $total_users;
}
//
// DB size ... MySQL only
//
// This code is heavily influenced by a similar routine
// in phpMyAdmin 2.2.0
//
if( preg_match("/^mysql/", SQL_LAYER) )
{
$sql = "SELECT VERSION() AS mysql_version";
if($result = $db->sql_query($sql))
{
$row = $db->sql_fetchrow($result);
$version = $row['mysql_version'];
if( preg_match("/^(3\.23|4\.|5\.)/", $version) )
{
$db_name = ( preg_match("/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)|(5\.)/", $version) ) ? "`$dbname`" : $dbname;
$sql = "SHOW TABLE STATUS
FROM " . $db_name;
if($result = $db->sql_query($sql))
{
$tabledata_ary = $db->sql_fetchrowset($result);
$dbsize = 0;
for($i = 0; $i < count($tabledata_ary); $i++)
{
if( $tabledata_ary[$i]['Type'] != "MRG_MyISAM" )
{
if( $table_prefix != "" )
{
if( strstr($tabledata_ary[$i]['Name'], $table_prefix) )
{
$dbsize += $tabledata_ary[$i]['Data_length'] + $tabledata_ary[$i]['Index_length'];
}
}
else
{
$dbsize += $tabledata_ary[$i]['Data_length'] + $tabledata_ary[$i]['Index_length'];
}
}
}
} // Else we couldn't get the table status.
}
else
{
$dbsize = $lang['Not_available'];
}
}
else
{
$dbsize = $lang['Not_available'];
}
}
else if( preg_match("/^mssql/", SQL_LAYER) )
{
$sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize
FROM sysfiles";
if( $result = $db->sql_query($sql) )
{
$dbsize = ( $row = $db->sql_fetchrow($result) ) ? intval($row['dbsize']) : $lang['Not_available'];
}
else
{
$dbsize = $lang['Not_available'];
}
}
else
{
$dbsize = $lang['Not_available'];
}
if ( is_integer($dbsize) )
{
if( $dbsize >= 1048576 )
{
$dbsize = sprintf("%.2f MB", ( $dbsize / 1048576 ));
}
else if( $dbsize >= 1024 )
{
$dbsize = sprintf("%.2f KB", ( $dbsize / 1024 ));
}
else
{
$dbsize = sprintf("%.2f Bytes", $dbsize);
}
}
$template->assign_vars(array(
"NUMBER_OF_POSTS" => $total_posts,
"NUMBER_OF_TOPICS" => $total_topics,
"NUMBER_OF_USERS" => $total_users,
"START_DATE" => $start_date,
"POSTS_PER_DAY" => $posts_per_day,
"TOPICS_PER_DAY" => $topics_per_day,
"USERS_PER_DAY" => $users_per_day,
"AVATAR_DIR_SIZE" => $avatar_dir_size,
"DB_SIZE" => $dbsize,
"GZIP_COMPRESSION" => ( $board_config['gzip_compress'] ) ? $lang['ON'] : $lang['OFF'])
);
//
// End forum statistics
//
//
// Get users online information.
//
$sql = "SELECT u.user_id, u.username, u.user_session_time, u.user_session_page, s.session_logged_in, s.session_ip, s.session_start
FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE . " s
WHERE s.session_logged_in = " . TRUE . "
AND u.user_id = s.session_user_id
AND u.user_id <> " . ANONYMOUS . "
AND s.session_time >= " . ( time() - 300 ) . "
ORDER BY u.user_session_time DESC";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Couldn't obtain regd user/online information.", "", __LINE__, __FILE__, $sql);
}
$onlinerow_reg = $db->sql_fetchrowset($result);
$sql = "SELECT session_page, session_logged_in, session_time, session_ip, session_start
FROM " . SESSIONS_TABLE . "
WHERE session_logged_in = 0
AND session_time >= " . ( time() - 300 ) . "
ORDER BY session_time DESC";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Couldn't obtain guest user/online information.", "", __LINE__, __FILE__, $sql);
}
$onlinerow_guest = $db->sql_fetchrowset($result);
$sql = "SELECT forum_name, forum_id
FROM " . FORUMS_TABLE;
if($forums_result = $db->sql_query($sql))
{
while($forumsrow = $db->sql_fetchrow($forums_result))
{
$forum_data[$forumsrow['forum_id']] = $forumsrow['forum_name'];
}
}
else
{
message_die(GENERAL_ERROR, "Couldn't obtain user/online forums information.", "", __LINE__, __FILE__, $sql);
}
$reg_userid_ary = array();
if( count($onlinerow_reg) )
{
$registered_users = 0;
for($i = 0; $i < count($onlinerow_reg); $i++)
{
if( !inarray($onlinerow_reg[$i]['user_id'], $reg_userid_ary) )
{
$reg_userid_ary[] = $onlinerow_reg[$i]['user_id'];
$username = $onlinerow_reg[$i]['username'];
if( $onlinerow_reg[$i]['user_allow_viewonline'] || $userdata['user_level'] == ADMIN )
{
$registered_users++;
$hidden = FALSE;
}
else
{
$hidden_users++;
$hidden = TRUE;
}
if( $onlinerow_reg[$i]['user_session_page'] < 1 )
{
switch($onlinerow_reg[$i]['user_session_page'])
{
case PAGE_INDEX:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_POSTING:
$location = $lang['Posting_message'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_LOGIN:
$location = $lang['Logging_on'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_SEARCH:
$location = $lang['Searching_forums'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_PROFILE:
$location = $lang['Viewing_profile'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_VIEWONLINE:
$location = $lang['Viewing_online'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_VIEWMEMBERS:
$location = $lang['Viewing_member_list'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_PRIVMSGS:
$location = $lang['Viewing_priv_msgs'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_FAQ:
$location = $lang['Viewing_FAQ'];
$location_url = "index.$phpEx?pane=right";
break;
default:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx?pane=right";
}
}
else
{
$location_url = append_sid("admin_forums.$phpEx?mode=editforum&amp;" . POST_FORUM_URL . "=" . $onlinerow_reg[$i]['user_session_page']);
$location = $forum_data[$onlinerow_reg[$i]['user_session_page']];
}
$row_color = ( $registered_users % 2 ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( $registered_users % 2 ) ? $theme['td_class1'] : $theme['td_class2'];
$reg_ip = decode_ip($onlinerow_reg[$i]['session_ip']);
$template->assign_block_vars("reg_user_row", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"USERNAME" => $username,
"STARTED" => create_date($board_config['default_dateformat'], $onlinerow_reg[$i]['session_start'], $board_config['board_timezone']),
"LASTUPDATE" => create_date($board_config['default_dateformat'], $onlinerow_reg[$i]['user_session_time'], $board_config['board_timezone']),
"FORUM_LOCATION" => $location,
"IP_ADDRESS" => $reg_ip,
"U_WHOIS_IP" => "http://network-tools.com/default.asp?host=$reg_ip",
"U_USER_PROFILE" => append_sid("admin_users.$phpEx?mode=edit&amp;" . POST_USERS_URL . "=" . $onlinerow_reg[$i]['user_id']),
"U_FORUM_LOCATION" => append_sid($location_url))
);
}
}
}
else
{
$template->assign_vars(array(
"L_NO_REGISTERED_USERS_BROWSING" => $lang['No_users_browsing'])
);
}
//
// Guest users
//
if( count($onlinerow_guest) )
{
$guest_users = 0;
for($i = 0; $i < count($onlinerow_guest); $i++)
{
$guest_userip_ary[] = $onlinerow_guest[$i]['session_ip'];
$guest_users++;
if( $onlinerow_guest[$i]['session_page'] < 1 )
{
switch( $onlinerow_guest[$i]['session_page'] )
{
case PAGE_INDEX:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_POSTING:
$location = $lang['Posting_message'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_LOGIN:
$location = $lang['Logging_on'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_SEARCH:
$location = $lang['Searching_forums'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_PROFILE:
$location = $lang['Viewing_profile'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_VIEWONLINE:
$location = $lang['Viewing_online'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_VIEWMEMBERS:
$location = $lang['Viewing_member_list'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_PRIVMSGS:
$location = $lang['Viewing_priv_msgs'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_FAQ:
$location = $lang['Viewing_FAQ'];
$location_url = "index.$phpEx?pane=right";
break;
default:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx?pane=right";
}
}
else
{
$location_url = append_sid("admin_forums.$phpEx?mode=editforum&amp;" . POST_FORUM_URL . "=" . $onlinerow_guest[$i]['session_page']);
$location = $forum_data[$onlinerow_guest[$i]['session_page']];
}
$row_color = ( $guest_users % 2 ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( $guest_users % 2 ) ? $theme['td_class1'] : $theme['td_class2'];
$guest_ip = decode_ip($onlinerow_guest[$i]['session_ip']);
$template->assign_block_vars("guest_user_row", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"USERNAME" => $lang['Guest'],
"STARTED" => create_date($board_config['default_dateformat'], $onlinerow_guest[$i]['session_start'], $board_config['board_timezone']),
"LASTUPDATE" => create_date($board_config['default_dateformat'], $onlinerow_guest[$i]['session_time'], $board_config['board_timezone']),
"FORUM_LOCATION" => $location,
"IP_ADDRESS" => $guest_ip,
"U_WHOIS_IP" => "http://network-tools.com/default.asp?host=$guest_ip",
"U_FORUM_LOCATION" => append_sid($location_url))
);
}
}
else
{
$template->assign_vars(array(
"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
);
}
// Check for new version
$current_version = explode('.', '2' . $board_config['version']);
$minor_revision = (int) $current_version[2];
$errno = 0;
$errstr = $version_info = '';
if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr, 10))
{
@fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
@fputs($fsock, "HOST: www.phpbb.com\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
$get_info = false;
while (!@feof($fsock))
{
if ($get_info)
{
$version_info .= @fread($fsock, 1024);
}
else
{
if (@fgets($fsock, 1024) == "\r\n")
{
$get_info = true;
}
}
}
@fclose($fsock);
$version_info = explode("\n", $version_info);
$latest_head_revision = (int) $version_info[0];
$latest_minor_revision = (int) $version_info[2];
$latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];
if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
{
$version_info = '<p style="color:green">' . $lang['Version_up_to_date'] . '</p>';
}
else
{
$version_info = '<p style="color:red">' . $lang['Version_not_up_to_date'];
$version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . ' ' . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';
}
}
else
{
if ($errstr)
{
$version_info = '<p style="color:red">' . sprintf($lang['Connect_socket_error'], $errstr) . '</p>';
}
else
{
$version_info = '<p>' . $lang['Socket_functions_disabled'] . '</p>';
}
}
$version_info .= '<p>' . $lang['Mailing_list_subscribe_reminder'] . '</p>';
$template->assign_vars(array(
'VERSION_INFO' => $version_info,
'L_VERSION_INFORMATION' => $lang['Version_information'])
);
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
}
else
{
//
// Generate frameset
//
$template->set_filenames(array(
"body" => "admin/index_frameset.tpl")
);
$template->assign_vars(array(
"S_FRAME_NAV" => append_sid("index.$phpEx?pane=left"),
"S_FRAME_MAIN" => append_sid("index.$phpEx?pane=right"))
);
header ("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
$template->pparse("body");
$db->sql_close();
exit;
}
?>

/Forum/admin/page_footer_admin.php
0,0 → 1,75
<?php
/***************************************************************************
* page_footer_admin.php
* -------------------
* begin : Saturday, Jul 14, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: page_footer_admin.php,v 1.9.2.5 2005/09/19 20:49:06 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
}
global $do_gzip_compress;
//
// Show the overall footer.
//
$template->set_filenames(array(
'page_footer' => 'admin/page_footer.tpl')
);
$template->assign_vars(array(
'PHPBB_VERSION' => ($userdata['user_level'] == ADMIN && $userdata['user_id'] != ANONYMOUS) ? '2' . $board_config['version'] : '',
'TRANSLATION_INFO' => (isset($lang['TRANSLATION_INFO'])) ? $lang['TRANSLATION_INFO'] : ((isset($lang['TRANSLATION'])) ? $lang['TRANSLATION'] : ''))
);
$template->pparse('page_footer');
//
// Close our DB connection.
//
$db->sql_close();
//
// Compress buffered output if required
// and send to browser
//
if( $do_gzip_compress )
{
//
// Borrowed from php.net!
//
$gzip_contents = ob_get_contents();
ob_end_clean();
$gzip_size = strlen($gzip_contents);
$gzip_crc = crc32($gzip_contents);
$gzip_contents = gzcompress($gzip_contents, 9);
$gzip_contents = substr($gzip_contents, 0, strlen($gzip_contents) - 4);
echo "\x1f\x8b\x08\x00\x00\x00\x00\x00";
echo $gzip_contents;
echo pack('V', $gzip_crc);
echo pack('V', $gzip_size);
}
exit;
?>

/Forum/admin/page_header_admin.php
0,0 → 1,150
<?php
/***************************************************************************
* page_header_admin.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: page_header_admin.php,v 1.12.2.7 2006/01/29 21:19:02 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
}
define('HEADER_INC', true);
//
// gzip_compression
//
$do_gzip_compress = FALSE;
if ( $board_config['gzip_compress'] )
{
$phpver = phpversion();
$useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
if ( extension_loaded('zlib') )
{
ob_start('ob_gzhandler');
}
}
else if ( $phpver > '4.0' )
{
if ( strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') )
{
if ( extension_loaded('zlib') )
{
$do_gzip_compress = TRUE;
ob_start();
ob_implicit_flush(0);
header('Content-Encoding: gzip');
}
}
}
}
$template->set_filenames(array(
'header' => 'admin/page_header.tpl')
);
// Format Timezone. We are unable to use array_pop here, because of PHP3 compatibility
$l_timezone = explode('.', $board_config['board_timezone']);
$l_timezone = (count($l_timezone) > 1 && $l_timezone[count($l_timezone)-1] != 0) ? $lang[sprintf('%.1f', $board_config['board_timezone'])] : $lang[number_format($board_config['board_timezone'])];
//
// The following assigns all _common_ variables that may be used at any point
// in a template. Note that all URL's should be wrapped in append_sid, as
// should all S_x_ACTIONS for forms.
//
$template->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'PAGE_TITLE' => $page_title,
'L_ADMIN' => $lang['Admin'],
'L_INDEX' => sprintf($lang['Forum_Index'], $board_config['sitename']),
'L_FAQ' => $lang['FAQ'],
'U_INDEX' => append_sid('../index.'.$phpEx),
'S_TIMEZONE' => sprintf($lang['All_times'], $l_timezone),
'S_LOGIN_ACTION' => append_sid('../login.'.$phpEx),
'S_JUMPBOX_ACTION' => append_sid('../viewforum.'.$phpEx),
'S_CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),
'S_CONTENT_DIRECTION' => $lang['DIRECTION'],
'S_CONTENT_ENCODING' => $lang['ENCODING'],
'S_CONTENT_DIR_LEFT' => $lang['LEFT'],
'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'],
'T_HEAD_STYLESHEET' => $theme['head_stylesheet'],
'T_BODY_BACKGROUND' => $theme['body_background'],
'T_BODY_BGCOLOR' => '#'.$theme['body_bgcolor'],
'T_BODY_TEXT' => '#'.$theme['body_text'],
'T_BODY_LINK' => '#'.$theme['body_link'],
'T_BODY_VLINK' => '#'.$theme['body_vlink'],
'T_BODY_ALINK' => '#'.$theme['body_alink'],
'T_BODY_HLINK' => '#'.$theme['body_hlink'],
'T_TR_COLOR1' => '#'.$theme['tr_color1'],
'T_TR_COLOR2' => '#'.$theme['tr_color2'],
'T_TR_COLOR3' => '#'.$theme['tr_color3'],
'T_TR_CLASS1' => $theme['tr_class1'],
'T_TR_CLASS2' => $theme['tr_class2'],
'T_TR_CLASS3' => $theme['tr_class3'],
'T_TH_COLOR1' => '#'.$theme['th_color1'],
'T_TH_COLOR2' => '#'.$theme['th_color2'],
'T_TH_COLOR3' => '#'.$theme['th_color3'],
'T_TH_CLASS1' => $theme['th_class1'],
'T_TH_CLASS2' => $theme['th_class2'],
'T_TH_CLASS3' => $theme['th_class3'],
'T_TD_COLOR1' => '#'.$theme['td_color1'],
'T_TD_COLOR2' => '#'.$theme['td_color2'],
'T_TD_COLOR3' => '#'.$theme['td_color3'],
'T_TD_CLASS1' => $theme['td_class1'],
'T_TD_CLASS2' => $theme['td_class2'],
'T_TD_CLASS3' => $theme['td_class3'],
'T_FONTFACE1' => $theme['fontface1'],
'T_FONTFACE2' => $theme['fontface2'],
'T_FONTFACE3' => $theme['fontface3'],
'T_FONTSIZE1' => $theme['fontsize1'],
'T_FONTSIZE2' => $theme['fontsize2'],
'T_FONTSIZE3' => $theme['fontsize3'],
'T_FONTCOLOR1' => '#'.$theme['fontcolor1'],
'T_FONTCOLOR2' => '#'.$theme['fontcolor2'],
'T_FONTCOLOR3' => '#'.$theme['fontcolor3'],
'T_SPAN_CLASS1' => $theme['span_class1'],
'T_SPAN_CLASS2' => $theme['span_class2'],
'T_SPAN_CLASS3' => $theme['span_class3'])
);
// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2'))
{
header ('Cache-Control: no-cache, pre-check=0, post-check=0');
}
else
{
header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
}
header ('Expires: 0');
header ('Pragma: no-cache');
$template->pparse('header');
?>

/Forum/admin/pagestart.php
0,0 → 1,67
<?php
/***************************************************************************
* pagestart.php
* -------------------
* begin : Thursday, Aug 2, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: pagestart.php,v 1.1.2.10 2006/01/22 17:11:09 grahamje Exp $
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if (!defined('IN_PHPBB'))
{
die("Hacking attempt");
}
define('IN_ADMIN', true);
// Include files
include($phpbb_root_path . 'common.'.$phpEx);
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
//
// End session management
//
if (!$userdata['session_logged_in'])
{
redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx", true));
}
else if ($userdata['user_level'] != ADMIN)
{
message_die(GENERAL_MESSAGE, $lang['Not_admin']);
}
if ($HTTP_GET_VARS['sid'] != $userdata['session_id'])
{
redirect("index.$phpEx?sid=" . $userdata['session_id']);
}
if (!$userdata['session_admin'])
{
redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx&admin=1", true));
}
if (empty($no_page_header))
{
// Not including the pageheader can be neccesarry if META tags are
// needed in the calling script.
include('./page_header_admin.'.$phpEx);
}
?>