Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • osian/sucs-site
  • kais58/sucs-site
  • imranh/sucs-site
  • foshjedi2004/sucs-site
  • gigosaurus/sucs-site
  • matstn/sucs-site
  • ripp_/sucs-site
  • eggnog/sucs-site
  • sucssite/sucs-site
  • elbows/sucs-site
  • realitykiller/sucs-site
  • crox/sucs-site
  • vectre/sucs-site
  • welshbyte/sucs-site
  • paperclipman/sucs-site
15 results
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 0 additions and 4213 deletions
lib/punbb/lang/English/mail_templates/new_reply.tpl deleted 100644 → 0
View file @ 1047ded3
Subject: Reply to topic: <topic_subject>
<replier> has replied to the topic <topic_subject> to which you are subscribed. There may be more new replies, but this is the only notification you will receive until you visit the board again.
The post is located at <post_url>
You can unsubscribe by going to <unsubscribe_url>
--
<board_mailer>
(Do not reply to this message)
\ No newline at end of file
lib/punbb/lang/English/mail_templates/new_reply_full.tpl deleted 100644 → 0
View file @ 1047ded3
Subject: Reply to topic: <topic_subject>
<replier> has replied to the topic <topic_subject> to which you are subscribed. There may be more new replies, but this is the only notification you will receive until you visit the board again.
The message reads as follows:
-----------------------------------------------------------------------
<message>
-----------------------------------------------------------------------
The post is located at <post_url>
You can unsubscribe by going to <unsubscribe_url>
--
<board_mailer>
(Do not reply to this message)
\ No newline at end of file
lib/punbb/lang/English/mail_templates/welcome.tpl deleted 100644 → 0
View file @ 1047ded3
Subject: Welcome to <board_title>!
Thank you for registering in the forums at <base_url>. Your account details are:
Username: <username>
Password: <password>
Login at <login_url> to activate the account.
--
<board_mailer>
(Do not reply to this message)
\ No newline at end of file
lib/punbb/lang/English/misc.php deleted 100644 → 0
View file @ 1047ded3
<?php
// Language definitions used in various scripts
$lang_misc = array(
'Mark read redirect' => 'All topics and forums have been marked as read. Redirecting &hellip;',
// Send e-mail
'Form e-mail disabled' => 'The user you are trying to send an e-mail to has disabled form e-mail.',
'No e-mail subject' => 'You must enter a subject.',
'No e-mail message' => 'You must enter a message.',
'Too long e-mail message' => 'Messages cannot be longer than 65535 characters (64 KB).',
'E-mail sent redirect' => 'E-mail sent. Redirecting &hellip;',
'Send e-mail to' => 'Send e-mail to',
'E-mail subject' => 'Subject',
'E-mail message' => 'Message',
'E-mail disclosure note' => 'Please note that by using this form, your e-mail address will be disclosed to the recipient.',
'Write e-mail' => 'Write and submit your e-mail message',
// Report
'No reason' => 'You must enter a reason.',
'Report redirect' => 'Post reported. Redirecting &hellip;',
'Report post' => 'Report post',
'Reason' => 'Reason',
'Reason desc' => 'Please enter a short reason why you are reporting this post',
// Subscriptions
'Already subscribed' => 'You are already subscribed to this topic.',
'Subscribe redirect' => 'Your subscription has been added. Redirecting &hellip;',
'Not subscribed' => 'You are not subscribed to this topic.',
'Unsubscribe redirect' => 'Your subscription has been removed. Redirecting &hellip;',
// General forum and topic moderation
'Moderate' => 'Moderate',
'Select' => 'Select', // the header of a column of checkboxes
'Move' => 'Move',
'Delete' => 'Delete',
// Moderate forum
'Open' => 'Open',
'Close' => 'Close',
'Move topic' => 'Move topic',
'Move topics' => 'Move topics',
'Move legend' => 'Select destination of move',
'Move to' => 'Move to',
'Leave redirect' => 'Leave redirect topic(s)',
'Move topic redirect' => 'Topic moved. Redirecting &hellip;',
'Move topics redirect' => 'Topics moved. Redirecting &hellip;',
'Confirm delete legend' => 'Please confirm deletion',
'Delete topics' => 'Delete topics',
'Delete topics comply' => 'Are you sure you want to delete the selected topics?',
'Delete topics redirect' => 'Topics deleted. Redirecting &hellip;',
'Open topic redirect' => 'Topic opened. Redirecting &hellip;',
'Open topics redirect' => 'Topics opened. Redirecting &hellip;',
'Close topic redirect' => 'Topic closed. Redirecting &hellip;',
'Close topics redirect' => 'Topics closed. Redirecting &hellip;',
'No topics selected' => 'You must select at least one topic for move/delete/open/close.',
'Stick topic redirect' => 'Topic sticked. Redirecting &hellip;',
'Unstick topic redirect' => 'Topic unsticked. Redirecting &hellip;',
// Delete multiple posts in topic
'Delete posts' => 'Delete posts',
'Delete posts comply' => 'Are you sure you want to delete the selected posts?',
'Delete posts redirect' => 'Posts deleted. Redirecting &hellip;',
'No posts selected' => 'You must select at least one post to be deleted.'
);
lib/punbb/lang/English/post.php deleted 100644 → 0
View file @ 1047ded3
<?php
// Language definitions used in post.php and edit.php
$lang_post = array(
// Post validation stuff (many are similiar to those in edit.php)
'No subject' => 'Topics must contain a subject.',
'Too long subject' => 'Subjects cannot be longer than 70 characters.',
'No message' => 'You must enter a message.',
'Too long message' => 'Posts cannot be longer that 65535 characters (64 KB).',
// Posting
'Post errors' => 'Post errors',
'Post errors info' => 'The following errors need to be corrected before the message can be posted:',
'Post preview' => 'Post preview',
'Guest name' => 'Name', // For guests (instead of Username)
'Post redirect' => 'Post entered. Redirecting &hellip;',
'Post a reply' => 'Post a reply',
'Post new topic' => 'Post new topic',
'Hide smilies' => 'Never show smilies as icons for this post',
'Subscribe' => 'Subscribe to this topic',
'Topic review' => 'Topic review (newest first)',
'Flood start' => 'At least',
'flood end' => 'seconds have to pass between posts. Please wait a little while and try posting again.',
'Preview' => 'Preview', // submit button to preview message
// Edit post
'Edit post legend' => 'Edit the post and submit changes',
'Silent edit' => 'Silent edit (don\'t display "Edited by ..." in topic view)',
'Edit post' => 'Edit post',
'Edit redirect' => 'Post updated. Redirecting &hellip;'
);
lib/punbb/lang/English/prof_reg.php deleted 100644 → 0
View file @ 1047ded3
<?php
// Language definitions used in both profile.php and register.php
$lang_prof_reg = array(
'E-mail legend' => 'Enter a valid e-mail address',
'E-mail legend 2' => 'Enter and confirm a valid e-mail address',
'Localisation legend' => 'Set your localisation options',
'Timezone' => 'Timezone',
'Timezone info' => 'For the forum to display times correctly you must select your local timezone.',
'Language' => 'Language',
'Language info' => 'You can choose which language you wish to use to view the forum.',
'E-mail setting info' => 'Select whether you want your e-mail address to be viewable to other users or not and if you want other users to be able to send you e-mail via the forum (form e-mail) or not.',
'E-mail setting 1' => 'Display your e-mail address.',
'E-mail setting 2' => 'Hide your e-mail address but allow form e-mail.',
'E-mail setting 3' => 'Hide your e-mail address and disallow form e-mail.',
'Privacy options legend' => 'Set your privacy options',
'Save user/pass' => 'Save username and password between visits.',
'Save user/pass info' => 'This option sets whether the forum should "remember" you between visits. If enabled, you will not have to login every time you visit the forum. You will be logged in automatically. Recommended.',
'Confirm pass' => 'Confirm password',
'Username too short' => 'Usernames must be at least 2 characters long. Please choose another (longer) username.',
'Username guest' => 'The username guest is reserved. Please choose another username.',
'Username IP' => 'Usernames may not be in the form of an IP address. Please choose another username.',
'Username reserved chars' => 'Usernames may not contain all the characters \', " and [ or ] at once. Please choose another username.',
'Username BBCode' => 'Usernames may not contain any of the text formatting tags (BBCode) that the forum uses. Please choose another username.',
'Dupe username' => 'Someone else has already registered with that username. Please choose another username.',
'Pass too short' => 'Passwords must be at least 4 characters long. Please choose another (longer) password.',
'Pass not match' => 'Passwords do not match. Please go back and correct.',
'Banned e-mail' => 'The e-mail address you entered is banned in this forum. Please choose another e-mail address.',
'Dupe e-mail' => 'Someone else is already registered with that e-mail address. Please choose another e-mail address.',
'Sig too long' => 'Signatures cannot be longer than',
'characters' => 'characters',
'Sig too many lines' => 'Signatures cannot have more than',
'lines' => 'lines',
'Signature quote/code' => 'The quote and code BBCodes are not allowed in signatures. Please go back and correct.',
'Bad ICQ' => 'You entered an invalid ICQ UIN. Please go back and correct.'
);
lib/punbb/lang/English/profile.php deleted 100644 → 0
View file @ 1047ded3
<?php
// Language definitions used in profile.php
$lang_profile = array(
// Navigation and sections
'Profile menu' => 'Profile menu',
'Section essentials' => 'Essentials',
'Section personal' => 'Personal',
'Section messaging' => 'Messaging',
'Section personality' => 'Personality',
'Section display' => 'Display',
'Section privacy' => 'Privacy',
'Section admin' => 'Administration',
// Miscellaneous
'Username and pass legend' => 'Enter your username and password',
'Personal details legend' => 'Enter your personal details',
'Contact details legend' => 'Enter your messaging details',
'Options display' => 'Set your display options',
'Options post' => 'Set your post viewing options',
'User activity' => 'User activity',
'Paginate info' => 'Enter the number of topics and posts you wish to view on each page.',
// Password stuff
'Pass key bad' => 'The specified password activation key was incorrect or has expired. Please re-request a new password. If that fails, contact the forum administrator at',
'Pass updated' => 'Your password has been updated. You can now login with your new password.',
'Pass updated redirect' => 'Password updated. Redirecting &hellip;',
'Wrong pass' => 'Wrong old password.',
'Change pass' => 'Change password',
'Change pass legend' => 'Enter and confirm your new password',
'Old pass' => 'Old password',
'New pass' => 'New password',
'Confirm new pass' => 'Confirm new password',
// E-mail stuff
'E-mail key bad' => 'The specified e-mail activation key was incorrect or has expired. Please re-request change of e-mail address. If that fails, contact the forum administrator at',
'E-mail updated' => 'Your e-mail address has been updated.',
'Activate e-mail sent' => 'An email has been sent to the specified address with instructions on how to activate the new e-mail address. If it doesn\'t arrive you can contact the forum administrator at',
'E-mail legend' => 'Enter your new e-mail address',
'E-mail instructions' => 'An e-mail will be sent to your new address with an activation link. You must click the link in the e-mail you receive to activate the new address.',
'Change e-mail' => 'Change e-mail address',
'New e-mail' => 'New e-mail',
// Avatar upload stuff
'Avatars disabled' => 'The administrator has disabled avatar support.',
'Too large ini' => 'The selected file was too large to upload. The server didn\'t allow the upload.',
'Partial upload' => 'The selected file was only partially uploaded. Please try again.',
'No tmp directory' => 'PHP was unable to save the uploaded file to a temporary location.',
'No file' => 'You did not select a file for upload.',
'Bad type' => 'The file you tried to upload is not of an allowed type. Allowed types are gif, jpeg and png.',
'Too wide or high' => 'The file you tried to upload is wider and/or higher than the maximum allowed',
'Too large' => 'The file you tried to upload is larger than the maximum allowed',
'pixels' => 'pixels',
'bytes' => 'bytes',
'Move failed' => 'The server was unable to save the uploaded file. Please contact the forum administrator at',
'Unknown failure' => 'An unknown error occurred. Please try again.',
'Avatar upload redirect' => 'Avatar uploaded. Redirecting &hellip;',
'Avatar deleted redirect' => 'Avatar deleted. Redirecting &hellip;',
'Avatar desc' => 'An avatar is a small image that will be displayed under your username in your posts. It must not be any bigger than',
'Upload avatar' => 'Upload avatar',
'Upload avatar legend' => 'Enter an avatar file to upload',
'Delete avatar' => 'Delete avatar', // only for admins
'File' => 'File',
'Upload' => 'Upload', // submit button
// Form validation stuff
'Dupe username' => 'Someone else has already registered with that username. Please go back and try a different username.',
'Forbidden title' => 'The title you entered contains a forbidden word. You must choose a different title.',
'Profile redirect' => 'Profile updated. Redirecting &hellip;',
// Profile display stuff
'Not activated' => 'This user hasn\'t activated his/her account yet. The account is activated when he/she logs in the first time.',
'Unknown' => '(Unknown)', // This is displayed when a user hasn't filled out profile field (e.g. Location)
'Private' => '(Private)', // This is displayed when a user does not want to receive e-mails
'No avatar' => '(No avatar)',
'Show posts' => 'Show all posts',
'Realname' => 'Real name',
'Location' => 'Location',
'Website' => 'Website',
'Jabber' => 'Jabber',
'ICQ' => 'ICQ',
'MSN' => 'MSN Messenger',
'AOL IM' => 'AOL IM',
'Yahoo' => 'Yahoo! Messenger',
'Avatar' => 'Avatar',
'Signature' => 'Signature',
'Sig max length' => 'Max length',
'Sig max lines' => 'Max lines',
'Avatar legend' => 'Set your avatar display options',
'Avatar info' => 'An avatar is a small image that will be displayed with all your posts. You can upload an avatar by clicking the link below. The checkbox \'Use avatar\' below must be checked in order for the avatar to be visible in your posts.',
'Change avatar' => 'Change avatar',
'Use avatar' => 'Use avatar.',
'Signature legend' => 'Compose your signature',
'Signature info' => 'A signature is a small piece of text that is attached to your posts. In it, you can enter just about anything you like. Perhaps you would like to enter your favourite quote or your star sign. It\'s up to you! In your signature you can use BBCode if it is allowed in this particular forum. You can see the features that are allowed/enabled listed below whenever you edit your signature.',
'Sig preview' => 'Current signature preview:',
'No sig' => 'No signature currently stored in profile.',
'Topics per page' => 'Topics',
'Topics per page info' => 'This setting controls how many topics are displayed per page when you view a forum. If you are uncertain about what to use, you can just leave it blank and the forum default will be used.',
'Posts per page' => 'Posts',
'Posts per page info' => 'This setting controls how many posts are displayed per page when you view a topic. If you are uncertain about what to use, you can just leave it blank and the forum default will be used.',
'Leave blank' => 'Leave blank to use forum default.',
'Notify full' => 'Include post in subscription e-mails.',
'Notify full info' => 'With this enabled, a plain text version of the new post will be included in subscription notification e-mails.',
'Show smilies' => 'Show smilies as graphic icons',
'Show smilies info' => 'If you enable this option, small images will be displayed instead of text smilies.',
'Show images' => 'Show images in posts.',
'Show images info' => 'Disable this if you don\'t want to see images in posts (i.e. images displayed with the [img]-tag).',
'Show images sigs' => 'Show images in user signatures.',
'Show images sigs info' => 'Disable this if you don\'t want to see images in signatures (i.e. images displayed with the [img]-tag).',
'Show avatars' => 'Show user avatars in posts.',
'Show avatars info' => 'This option toggles whether user avatar images will be displayed in posts or not.',
'Show sigs' => 'Show user signatures.',
'Show sigs info' => 'Enable if you would like to see user signatures.',
'Style legend' => 'Select your preferred style',
'Style info' => 'If you like you can use a different visual style for this forum.',
'Admin note' => 'Admin note',
'Pagination legend' => 'Enter your pagination options',
'Post display legend' => 'Set your options for viewing posts',
'Post display info' => 'If you are on a slow connection, disabling these options, particularly showing images in posts and signatures, will make pages load faster.',
'Instructions' => 'When you update your profile, you will be redirected back to this page.',
// Administration stuff
'Group membership legend' => 'Choose user group',
'Save' => 'Save',
'Set mods legend' => 'Set moderator access',
'Moderator in' => 'Moderator in',
'Moderator in info' => 'Choose what forums this user should be allowed to moderate. Note: This only applies to moderators. Administrators always have full permissions in all forums.',
'Update forums' => 'Update forums',
'Delete ban legend' => 'Delete (administrators only) or ban user',
'Delete user' => 'Delete user',
'Ban user' => 'Ban user',
'Confirm delete legend' => 'Important: read before deleting user',
'Confirm delete user' => 'Confirm delete user',
'Confirmation info' => 'Please confirm that you want to delete the user', // the username will be appended to this string
'Delete warning' => 'Warning! Deleted users and/or posts cannot be restored. If you choose not to delete the posts made by this user, the posts can only be deleted manually at a later time.',
'Delete posts' => 'Delete any posts and topics this user has made.',
'Delete' => 'Delete', // submit button (confirm user delete)
'User delete redirect' => 'User deleted. Redirecting &hellip;',
'Group membership redirect' => 'Group membership saved. Redirecting &hellip;',
'Update forums redirect' => 'Forum moderator rights updated. Redirecting &hellip;',
'Ban redirect' => 'Redirecting &hellip;'
);
lib/punbb/lang/English/register.php deleted 100644 → 0
View file @ 1047ded3
<?php
// Language definitions used in register.php
$lang_register = array(
// Miscellaneous
'No new regs' => 'This forum is not accepting new registrations.',
'Reg cancel redirect' => 'Registration cancelled. Redirecting &hellip;',
'Forum rules' => 'Forum rules',
'Rules legend' => 'You must agree to the following in order to register',
'Agree' => 'Agree',
'Cancel' => 'Cancel',
'Register' => 'Register',
// Form validation stuff (some of these are also used in post.php)
'Username censor' => 'The username you entered contains one or more censored words. Please choose a different username.',
'Username dupe 1' => 'Someone is already registered with the username',
'Username dupe 2' => 'The username you entered is too similar. The username must differ from that by at least one alphanumerical character (a-z or 0-9). Please choose a different username.',
'E-mail not match' => 'E-mail addresses do not match. Please go back and correct.',
// Registration e-mail stuff
'Reg e-mail' => 'Thank you for registering. Your password has been sent to the specified address. If it doesn\'t arrive you can contact the forum administrator at',
'Reg complete' => 'Registration complete. Logging in and redirecting &hellip;',
// Register info
'Desc 1' => 'Registration will grant you access to a number of features and capabilities otherwise unavailable. These functions include the ability to edit and delete posts, design your own signature that accompanies your posts and much more. If you have any questions regarding this forum you should ask an administrator.',
'Desc 2' => 'Below is a form you must fill out in order to register. Once you are registered you should visit your profile and review the different settings you can change. The fields below only make up a small part of all the settings you can alter in your profile.',
'Username legend' => 'Please enter a username between 2 and 25 characters long',
'Pass legend 1' => 'Please enter and confirm your chosen password',
'Pass legend 2' => 'Please read the instructions below',
'Pass info' => 'Passwords can be between 4 and 16 characters long. Passwords are case sensitive.',
'E-mail info' => 'You must enter a valid e-mail address as your randomly generated password will be sent to that address.',
'Confirm e-mail' => 'Confirm e-mail address',
);
lib/punbb/lang/English/search.php deleted 100644 → 0
View file @ 1047ded3
<?php
// Language definitions used in search.php
$lang_search = array(
// The search form
'User search' => 'User search',
'No search permission' => 'You do not have permission to use the search feature.',
'Search' => 'Search',
'Search criteria legend' => 'Enter your search criteria',
'Search info' => 'To search by keyword, enter a term or terms to search for. Separate terms with spaces. Use AND, OR and NOT to refine your search. To search by author enter the username of the author whose posts you wish to search for. Use wildcard character * for partial matches.',
'Keyword search' => 'Keyword search',
'Author search' => 'Author search',
'Search in legend' => 'Select where to search',
'Search in info' => 'Choose in which forum you would like to search and if you want to search in topic subjects, message text or both.',
'Forum search' => 'Forum',
'All forums' => 'All forums',
'Search in' => 'Search in',
'Message and subject' => 'Message text and topic subject',
'Message only' => 'Message text only',
'Topic only' => 'Topic subject only',
'Sort by' => 'Sort by',
'Sort order' => 'Sort order',
'Search results legend' => 'Select how to view search results',
'Search results info' => 'You can choose how you wish to sort and show your results.',
'Sort by post time' => 'Post time',
'Sort by author' => 'Author',
'Sort by subject' => 'Subject',
'Sort by forum' => 'Forum',
'Ascending' => 'Ascending',
'Descending' => 'Descending',
'Show as' => 'Show results as',
'Show as topics' => 'Topics',
'Show as posts' => 'Posts',
// Results
'Search results' => 'Search results',
'No terms' => 'You have to enter at least one keyword and/or an author to search for.',
'No hits' => 'Your search returned no hits.',
'No user posts' => 'There are no posts by this user in this forum.',
'No subscriptions' => 'You are currently not subscribed to any topics.',
'No new posts' => 'There are no topics with new posts since your last visit.',
'No recent posts' => 'No new posts have been made within the last 24 hours.',
'No unanswered' => 'There are no unanswered posts in this forum.',
'Go to post' => 'Go to post'
);
lib/punbb/lang/English/stopwords.txt deleted 100644 → 0
View file @ 1047ded3
about
after
ago
all
almost
along
also
any
anybody
anywhere
are
arent
around
ask
been
before
being
between
but
came
can
cant
come
could
couldnt
did
didnt
does
doesnt
dont
each
either
else
even
every
everybody
everyone
find
for
from
get
going
gone
got
had
has
have
havent
having
her
here
hers
him
his
how
ill
into
isnt
its
ive
just
know
less
like
make
many
may
more
most
much
must
near
never
none
nothing
now
off
often
once
one
only
other
our
ours
out
over
please
rather
really
said
see
she
should
small
some
something
sometime
somewhere
take
than
thank
thanks
that
thats
the
their
theirs
them
then
there
these
they
thing
think
this
those
though
through
thus
too
true
two
under
until
upon
use
very
want
was
way
well
were
what
when
where
which
who
whom
whose
why
will
with
within
without
would
yes
yet
you
your
yours
\ No newline at end of file
lib/punbb/lang/English/topic.php deleted 100644 → 0
View file @ 1047ded3
<?php
// Language definitions used in viewtopic.php
$lang_topic = array(
'Post reply' => 'Post reply',
'Topic closed' => 'Topic closed',
'From' => 'From', // User location
'Note' => 'Note', // Admin note
'Website' => 'Website',
'Guest' => 'Guest',
'Online' => 'Online',
'Offline' => 'Offline',
'Last edit' => 'Last edited by',
'Report' => 'Report',
'Delete' => 'Delete',
'Edit' => 'Edit',
'Quote' => 'Quote',
'Is subscribed' => 'You are currently subscribed to this topic',
'Unsubscribe' => 'Unsubscribe',
'Subscribe' => 'Subscribe to this topic',
'Quick post' => 'Quick post',
'Link separator' => ' | ', // The text that separates links in posts (website, e-mail, report, edit etc.)
'Mod controls' => 'Moderator controls'
);
lib/punbb/lang/English/userlist.php deleted 100644 → 0
View file @ 1047ded3
<?php
// Language definitions used in userlist.php
$lang_ul = array(
'User find legend' => 'Find and sort users',
'User search info' => 'Enter a username to search for and/or a user group to filter by. The username field can be left blank. Use the wildcard character * for partial matches. Sort users by name, date registered or number of posts and in ascending/descending order.',
'User group' => 'User group',
'No of posts' => 'No. of posts',
'All users' => 'All'
);
lib/punbb/lang/index.html deleted 100644 → 0
View file @ 1047ded3
<html>
<head>
<title>.</title>
</head>
<body>
.
</body>
</html>
\ No newline at end of file
lib/punbb/login.php deleted 100644 → 0
View file @ 1047ded3
<?php
/***********************************************************************
Copyright (C) 2002-2008 PunBB
This file is part of PunBB.
PunBB is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
PunBB is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston,
MA 02111-1307 USA
************************************************************************/
if (isset($_GET['action']))
define('PUN_QUIET_VISIT', 1);
define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';
// Load the login.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/login.php';
$action = isset($_GET['action']) ? $_GET['action'] : null;
if (isset($_POST['form_sent']) && $action == 'in')
{
$form_username = trim($_POST['req_username']);
$form_password = trim($_POST['req_password']);
$username_sql = ($db_type == 'mysql' || $db_type == 'mysqli') ? 'username=\''.$db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$db->escape($form_username).'\')';
$result = $db->query('SELECT id, group_id, password, save_pass FROM '.$db->prefix.'users WHERE '.$username_sql) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
list($user_id, $group_id, $db_password_hash, $save_pass) = $db->fetch_row($result);
$authorized = false;
if (!empty($db_password_hash))
{
$sha1_in_db = (strlen($db_password_hash) == 40) ? true : false;
$sha1_available = (function_exists('sha1') || function_exists('mhash')) ? true : false;
$form_password_hash = pun_hash($form_password); // This could result in either an SHA-1 or an MD5 hash (depends on $sha1_available)
if ($sha1_in_db && $sha1_available && $db_password_hash == $form_password_hash)
$authorized = true;
else if (!$sha1_in_db && $db_password_hash == md5($form_password))
{
$authorized = true;
if ($sha1_available) // There's an MD5 hash in the database, but SHA1 hashing is available, so we update the DB
$db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\' WHERE id='.$user_id) or error('Unable to update user password', __FILE__, __LINE__, $db->error());
}
}
if (!$authorized)
message($lang_login['Wrong user/pass'].' <a href="login.php?action=forget">'.$lang_login['Forgotten pass'].'</a>');
// Update the status if this is the first time the user logged in
if ($group_id == PUN_UNVERIFIED)
$db->query('UPDATE '.$db->prefix.'users SET group_id='.$pun_config['o_default_user_group'].' WHERE id='.$user_id) or error('Unable to update user status', __FILE__, __LINE__, $db->error());
// Remove this users guest entry from the online list
$db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape(get_remote_address()).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
$expire = ($save_pass == '1') ? time() + 31536000 : 0;
pun_setcookie($user_id, $form_password_hash, $expire);
redirect(htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']);
}
else if ($action == 'out')
{
if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id'] || !isset($_GET['csrf_token']) || $_GET['csrf_token'] != sha1($pun_user['id'].sha1(get_remote_address())))
{
header('Location: index.php');
pun_exit();
}
// Remove user from "users online" list.
$db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
// Update last_visit (make sure there's something to update it with)
if (isset($pun_user['logged']))
$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());
pun_setcookie(1, md5(uniqid(rand(), true)), time() + 31536000);
redirect('index.php', $lang_login['Logout redirect']);
}
else if ($action == 'forget' || $action == 'forget_2')
{
if (!$pun_user['is_guest'])
header('Location: index.php');
if (isset($_POST['form_sent']))
{
require PUN_ROOT.'include/email.php';
// Validate the email-address
$email = strtolower(trim($_POST['req_email']));
if (!is_valid_email($email))
message($lang_common['Invalid e-mail']);
$result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
// Load the "activate password" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_password.tpl'));
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
// Do the generic replacements first (they apply to all e-mails sent out here)
$mail_message = str_replace('<base_url>', $pun_config['o_base_url'].'/', $mail_message);
$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);
// Loop through users we found
while ($cur_hit = $db->fetch_assoc($result))
{
// Generate a new password and a new password activation code
$new_password = random_pass(8);
$new_password_key = random_pass(8);
$db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.pun_hash($new_password).'\', activate_key=\''.$new_password_key.'\' WHERE id='.$cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
// Do the user specific replacements to the template
$cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message);
$cur_mail_message = str_replace('<activation_url>', $pun_config['o_base_url'].'/profile.php?id='.$cur_hit['id'].'&action=change_pass&key='.$new_password_key, $cur_mail_message);
$cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
pun_mail($email, $mail_subject, $cur_mail_message);
}
message($lang_login['Forget mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
}
else
message($lang_login['No e-mail match'].' '.htmlspecialchars($email).'.');
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_login['Request pass'];
$required_fields = array('req_email' => $lang_common['E-mail']);
$focus_element = array('request_pass', 'req_email');
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_login['Request pass'] ?></span></h2>
<div class="box">
<form id="request_pass" method="post" action="login.php?action=forget_2" onsubmit="this.request_pass.disabled=true;if(process_form(this)){return true;}else{this.request_pass.disabled=false;return false;}">
<div class="inform">
<fieldset>
<legend><?php echo $lang_login['Request pass legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<input id="req_email" type="text" name="req_email" size="50" maxlength="50" />
<p><?php echo $lang_login['Request pass info'] ?></p>
</div>
</fieldset>
</div>
<p><input type="submit" name="request_pass" value="<?php echo $lang_common['Submit'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
if (!$pun_user['is_guest'])
header('Location: index.php');
// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login)
$redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Login'];
$required_fields = array('req_username' => $lang_common['Username'], 'req_password' => $lang_common['Password']);
$focus_element = array('login', 'req_username');
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_common['Login'] ?></span></h2>
<div class="box">
<form id="login" method="post" action="login.php?action=in" onsubmit="return process_form(this)">
<div class="inform">
<fieldset>
<legend><?php echo $lang_login['Login legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<input type="hidden" name="redirect_url" value="<?php echo $redirect_url ?>" />
<label class="conl"><strong><?php echo $lang_common['Username'] ?></strong><br /><input type="text" name="req_username" size="25" maxlength="25" tabindex="1" /><br /></label>
<label class="conl"><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password" size="16" maxlength="16" tabindex="2" /><br /></label>
<p class="clearb"><?php echo $lang_login['Login info'] ?></p>
<p><a href="register.php" tabindex="4"><?php echo $lang_login['Not registered'] ?></a>&nbsp;&nbsp;
<a href="login.php?action=forget" tabindex="5"><?php echo $lang_login['Forgotten pass'] ?></a></p>
</div>
</fieldset>
</div>
<p><input type="submit" name="login" value="<?php echo $lang_common['Login'] ?>" tabindex="3" /></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
lib/punbb/misc.php deleted 100644 → 0
View file @ 1047ded3
<?php
/***********************************************************************
Copyright (C) 2002-2008 PunBB
This file is part of PunBB.
PunBB is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
PunBB is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston,
MA 02111-1307 USA
************************************************************************/
if (isset($_GET['action']))
define('PUN_QUIET_VISIT', 1);
define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';
// Load the misc.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';
$action = isset($_GET['action']) ? $_GET['action'] : null;
if ($action == 'rules')
{
// Load the register.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Forum rules'];
require PUN_ROOT.'header.php';
?>
<div class="block">
<h2><span><?php echo $lang_register['Forum rules'] ?></span></h2>
<div class="box">
<div class="inbox">
<p><?php echo $pun_config['o_rules_message'] ?></p>
</div>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
else if ($action == 'markread')
{
if ($pun_user['is_guest'])
message($lang_common['No permission']);
$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());
redirect('index.php', $lang_misc['Mark read redirect']);
}
else if (isset($_GET['email']))
{
if ($pun_user['is_guest'])
message($lang_common['No permission']);
$recipient_id = intval($_GET['email']);
if ($recipient_id < 2)
message($lang_common['Bad request']);
$result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result);
if ($email_setting == 2 && $pun_user['g_id'] > PUN_MOD)
message($lang_misc['Form e-mail disabled']);
if (isset($_POST['form_sent']))
{
// Clean up message and subject from POST
$subject = pun_trim($_POST['req_subject']);
$message = pun_trim($_POST['req_message']);
if ($subject == '')
message($lang_misc['No e-mail subject']);
else if ($message == '')
message($lang_misc['No e-mail message']);
else if (strlen($message) > 65535)
message($lang_misc['Too long e-mail message']);
// Load the "form e-mail" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl'));
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
$mail_message = str_replace('<sender>', $pun_user['username'], $mail_message);
$mail_message = str_replace('<board_title>', $pun_config['o_board_title'], $mail_message);
$mail_message = str_replace('<mail_message>', $message, $mail_message);
$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);
require_once PUN_ROOT.'include/email.php';
pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>');
redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']);
}
// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent)
$redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient);
$required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']);
$focus_element = array('email', 'req_subject');
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_misc['Send e-mail to'] ?> <?php echo pun_htmlspecialchars($recipient) ?></span></h2>
<div class="box">
<form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
<div class="inform">
<fieldset>
<legend><?php echo $lang_misc['Write e-mail'] ?></legend>
<div class="infldset txtarea">
<input type="hidden" name="form_sent" value="1" />
<input type="hidden" name="redirect_url" value="<?php echo $redirect_url ?>" />
<label><strong><?php echo $lang_misc['E-mail subject'] ?></strong><br />
<input class="longinput" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label>
<label><strong><?php echo $lang_misc['E-mail message'] ?></strong><br />
<textarea name="req_message" rows="10" cols="75" tabindex="2"></textarea><br /></label>
<p><?php echo $lang_misc['E-mail disclosure note'] ?></p>
</div>
</fieldset>
</div>
<p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
else if (isset($_GET['report']))
{
if ($pun_user['is_guest'])
message($lang_common['No permission']);
$post_id = intval($_GET['report']);
if ($post_id < 1)
message($lang_common['Bad request']);
if (isset($_POST['form_sent']))
{
// Clean up reason from POST
$reason = pun_linebreaks(pun_trim($_POST['req_reason']));
if ($reason == '')
message($lang_misc['No reason']);
// Get the topic ID
$result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
$topic_id = $db->result($result);
// Get the subject and forum ID
$result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
list($subject, $forum_id) = $db->fetch_row($result);
// Should we use the internal report handling?
if ($pun_config['o_report_method'] == 0 || $pun_config['o_report_method'] == 2)
$db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error());
// Should we e-mail the report?
if ($pun_config['o_report_method'] == 1 || $pun_config['o_report_method'] == 2)
{
// We send it to the complete mailing-list in one swoop
if ($pun_config['o_mailing_list'] != '')
{
$mail_subject = 'Report('.$forum_id.') - \''.$subject.'\'';
$mail_message = 'User \''.$pun_user['username'].'\' has reported the following message:'."\n".$pun_config['o_base_url'].'/viewtopic.php?pid='.$post_id.'#p'.$post_id."\n\n".'Reason:'."\n".$reason;
require PUN_ROOT.'include/email.php';
pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
}
}
redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']);
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Report post'];
$required_fields = array('req_reason' => $lang_misc['Reason']);
$focus_element = array('report', 'req_reason');
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_misc['Report post'] ?></span></h2>
<div class="box">
<form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
<div class="inform">
<fieldset>
<legend><?php echo $lang_misc['Reason desc'] ?></legend>
<div class="infldset txtarea">
<input type="hidden" name="form_sent" value="1" />
<label><strong><?php echo $lang_misc['Reason'] ?></strong><br /><textarea name="req_reason" rows="5" cols="60"></textarea><br /></label>
</div>
</fieldset>
</div>
<p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
else if (isset($_GET['subscribe']))
{
if ($pun_user['is_guest'] || $pun_config['o_subscriptions'] != '1')
message($lang_common['No permission']);
$topic_id = intval($_GET['subscribe']);
if ($topic_id < 1)
message($lang_common['Bad request']);
// Make sure the user can view the topic
$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
message($lang_misc['Already subscribed']);
$db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']);
}
else if (isset($_GET['unsubscribe']))
{
if ($pun_user['is_guest'] || $pun_config['o_subscriptions'] != '1')
message($lang_common['No permission']);
$topic_id = intval($_GET['unsubscribe']);
if ($topic_id < 1)
message($lang_common['Bad request']);
$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_misc['Not subscribed']);
$db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());
redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']);
}
else
message($lang_common['Bad request']);
lib/punbb/moderate.php deleted 100644 → 0
View file @ 1047ded3
<?php
/***********************************************************************
Copyright (C) 2002-2008 PunBB
Partially based on code copyright (C) 2008 FluxBB.org
This file is part of PunBB.
PunBB is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
PunBB is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston,
MA 02111-1307 USA
************************************************************************/
define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';
// This particular function doesn't require forum-based moderator access. It can be used
// by all moderators and admins.
if (isset($_GET['get_host']))
{
if ($pun_user['g_id'] > PUN_MOD)
message($lang_common['No permission']);
// Is get_host an IP address or a post ID?
if (@preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $_GET['get_host']))
$ip = $_GET['get_host'];
else
{
$get_host = intval($_GET['get_host']);
if ($get_host < 1)
message($lang_common['Bad request']);
$result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE id='.$get_host) or error('Unable to fetch post IP address', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
$ip = $db->result($result);
}
message('The IP address is: '.$ip.'<br />The host name is: '.@gethostbyaddr($ip).'<br /><br /><a href="admin_users.php?show_users='.$ip.'">Show more users for this IP</a>');
}
// All other functions require moderator/admin access
$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($fid < 1)
message($lang_common['Bad request']);
$result = $db->query('SELECT moderators FROM '.$db->prefix.'forums WHERE id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
$moderators = $db->result($result);
$mods_array = ($moderators != '') ? unserialize($moderators) : array();
if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_id'] != PUN_MOD || !array_key_exists($pun_user['username'], $mods_array)))
message($lang_common['No permission']);
// Load the misc.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';
// All other topic moderation features require a topic id in GET
if (isset($_GET['tid']))
{
$tid = intval($_GET['tid']);
if ($tid < 1)
message($lang_common['Bad request']);
// Fetch some info about the topic
$result = $db->query('SELECT t.subject, t.num_replies, f.id AS forum_id, forum_name FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'subscriptions AS s ON (t.id=s.topic_id AND s.user_id='.$pun_user['id'].') LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid.' AND t.id='.$tid.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
$cur_topic = $db->fetch_assoc($result);
// Delete one or more posts
if (isset($_POST['delete_posts']) || isset($_POST['delete_posts_comply']))
{
$posts = $_POST['posts'];
if (empty($posts))
message($lang_misc['No posts selected']);
if (isset($_POST['delete_posts_comply']))
{
confirm_referrer('moderate.php');
if (@preg_match('/[^0-9,]/', $posts))
message($lang_common['Bad request']);
// Verify that the post IDs are valid
$result = $db->query('SELECT 1 FROM '.$db->prefix.'posts WHERE id IN('.$posts.') AND topic_id='.$tid) or error('Unable to check posts', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != substr_count($posts, ',') + 1)
message($lang_common['Bad request']);
// Delete the posts
$db->query('DELETE FROM '.$db->prefix.'posts WHERE id IN('.$posts.')') or error('Unable to delete posts', __FILE__, __LINE__, $db->error());
require PUN_ROOT.'include/search_idx.php';
strip_search_index($posts);
// Get last_post, last_post_id, and last_poster for the topic after deletion
$result = $db->query('SELECT id, poster, posted FROM '.$db->prefix.'posts WHERE topic_id='.$tid.' ORDER BY id DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
$last_post = $db->fetch_assoc($result);
// How many posts did we just delete?
$num_posts_deleted = substr_count($posts, ',') + 1;
// Update the topic
$db->query('UPDATE '.$db->prefix.'topics SET last_post='.$last_post['posted'].', last_post_id='.$last_post['id'].', last_poster=\''.$db->escape($last_post['poster']).'\', num_replies=num_replies-'.$num_posts_deleted.' WHERE id='.$tid) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
update_forum($fid);
redirect('viewtopic.php?id='.$tid, $lang_misc['Delete posts redirect']);
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Moderate'];
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_misc['Delete posts'] ?></span></h2>
<div class="box">
<form method="post" action="moderate.php?fid=<?php echo $fid ?>&amp;tid=<?php echo $tid ?>">
<div class="inform">
<fieldset>
<legend><?php echo $lang_misc['Confirm delete legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="posts" value="<?php echo implode(',', array_map('intval', array_keys($posts))) ?>" />
<p><?php echo $lang_misc['Delete posts comply'] ?></p>
</div>
</fieldset>
</div>
<p><input type="submit" name="delete_posts_comply" value="<?php echo $lang_misc['Delete'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
// Show the delete multiple posts view
// Load the viewtopic.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/topic.php';
// Used to disable the Move and Delete buttons if there are no replies to this topic
$button_status = ($cur_topic['num_replies'] == 0) ? ' disabled' : '';
// Determine the post offset (based on $_GET['p'])
$num_pages = ceil(($cur_topic['num_replies'] + 1) / $pun_user['disp_posts']);
$p = (!isset($_GET['p']) || !is_numeric($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
$start_from = $pun_user['disp_posts'] * ($p - 1);
// Generate paging links
$paging_links = $lang_common['Pages'].': '.paginate($num_pages, $p, 'moderate.php?fid='.$fid.'&amp;tid='.$tid);
if ($pun_config['o_censoring'] == '1')
$cur_topic['subject'] = censor_words($cur_topic['subject']);
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$cur_topic['subject'];
require PUN_ROOT.'header.php';
?>
<div class="linkst">
<div class="inbox">
<p class="pagelink conl"><?php echo $paging_links ?></p>
<ul><li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li><li>&nbsp;&raquo;&nbsp;<a href="viewforum.php?id=<?php echo $fid ?>"><?php echo pun_htmlspecialchars($cur_topic['forum_name']) ?></a></li><li>&nbsp;&raquo;&nbsp;<?php echo pun_htmlspecialchars($cur_topic['subject']) ?></li></ul>
<div class="clearer"></div>
</div>
</div>
<form method="post" action="moderate.php?fid=<?php echo $fid ?>&amp;tid=<?php echo $tid ?>">
<?php
require PUN_ROOT.'include/parser.php';
$bg_switch = true; // Used for switching background color in posts
$post_count = 0; // Keep track of post numbers
// Retrieve the posts (and their respective poster)
$result = $db->query('SELECT u.title, u.num_posts, g.g_id, g.g_user_title, p.id, p.poster, p.poster_id, p.message, p.hide_smilies, p.posted, p.edited, p.edited_by FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'users AS u ON u.id=p.poster_id INNER JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE p.topic_id='.$tid.' ORDER BY p.id LIMIT '.$start_from.','.$pun_user['disp_posts'], true) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
while ($cur_post = $db->fetch_assoc($result))
{
$post_count++;
// If the poster is a registered user.
if ($cur_post['poster_id'] > 1)
{
$poster = '<a href="profile.php?id='.$cur_post['poster_id'].'">'.pun_htmlspecialchars($cur_post['poster']).'</a>';
// get_title() requires that an element 'username' be present in the array
$cur_post['username'] = $cur_post['poster'];
$user_title = get_title($cur_post);
if ($pun_config['o_censoring'] == '1')
$user_title = censor_words($user_title);
}
// If the poster is a guest (or a user that has been deleted)
else
{
$poster = pun_htmlspecialchars($cur_post['poster']);
$user_title = $lang_topic['Guest'];
}
// Switch the background color for every message.
$bg_switch = ($bg_switch) ? $bg_switch = false : $bg_switch = true;
$vtbg = ($bg_switch) ? ' roweven' : ' rowodd';
// Perform the main parsing of the message (BBCode, smilies, censor words etc)
$cur_post['message'] = parse_message($cur_post['message'], $cur_post['hide_smilies']);
?>
<div class="blockpost<?php echo $vtbg ?>">
<a name="<?php echo $cur_post['id'] ?>"></a>
<h2><span><span class="conr">#<?php echo ($start_from + $post_count) ?>&nbsp;</span><a href="viewtopic.php?pid=<?php echo $cur_post['id'].'#p'.$cur_post['id'] ?>"><?php echo format_time($cur_post['posted']) ?></a></span></h2>
<div class="box">
<div class="inbox">
<div class="postleft">
<dl>
<dt><strong><?php echo $poster ?></strong></dt>
<dd><strong><?php echo $user_title ?></strong></dd>
</dl>
</div>
<div class="postright">
<h3 class="nosize"><?php echo $lang_common['Message'] ?></h3>
<div class="postmsg">
<?php echo $cur_post['message']."\n" ?>
<?php if ($cur_post['edited'] != '') echo "\t\t\t\t\t".'<p class="postedit"><em>'.$lang_topic['Last edit'].' '.pun_htmlspecialchars($cur_post['edited_by']).' ('.format_time($cur_post['edited']).')</em></p>'."\n"; ?>
</div>
<?php if ($start_from + $post_count > 1) echo '<p class="multidelete"><label><strong>'.$lang_misc['Select'].'</strong>&nbsp;&nbsp;<input type="checkbox" name="posts['.$cur_post['id'].']" value="1" /></label></p>'."\n" ?>
</div>
<div class="clearer"></div>
</div>
</div>
</div>
<?php
}
?>
<div class="postlinksb">
<div class="inbox">
<p class="pagelink conl"><?php echo $paging_links ?></p>
<p class="conr"><input type="submit" name="delete_posts" value="<?php echo $lang_misc['Delete'] ?>"<?php echo $button_status ?> /></p>
<div class="clearer"></div>
</div>
</div>
</form>
<?php
require PUN_ROOT.'footer.php';
}
// Move one or more topics
if (isset($_REQUEST['move_topics']) || isset($_POST['move_topics_to']))
{
if (isset($_POST['move_topics_to']))
{
confirm_referrer('moderate.php');
if (@preg_match('/[^0-9,]/', $_POST['topics']))
message($lang_common['Bad request']);
$topics = explode(',', $_POST['topics']);
$move_to_forum = isset($_POST['move_to_forum']) ? intval($_POST['move_to_forum']) : 0;
if (empty($topics) || $move_to_forum < 1)
message($lang_common['Bad request']);
// Verify that the topic IDs are valid
$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.implode(',',$topics).') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != count($topics))
message($lang_common['Bad request']);
// Delete any redirect topics if there are any (only if we moved/copied the topic back to where it where it was once moved from)
$db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error());
// Move the topic(s)
$db->query('UPDATE '.$db->prefix.'topics SET forum_id='.$move_to_forum.' WHERE id IN('.implode(',',$topics).')') or error('Unable to move topics', __FILE__, __LINE__, $db->error());
// Should we create redirect topics?
if (isset($_POST['with_redirect']))
{
while (list(, $cur_topic) = @each($topics))
{
// Fetch info for the redirect topic
$result = $db->query('SELECT poster, subject, posted, last_post FROM '.$db->prefix.'topics WHERE id='.$cur_topic) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
$moved_to = $db->fetch_assoc($result);
// Create the redirect topic
$db->query('INSERT INTO '.$db->prefix.'topics (poster, subject, posted, last_post, moved_to, forum_id) VALUES(\''.$db->escape($moved_to['poster']).'\', \''.$db->escape($moved_to['subject']).'\', '.$moved_to['posted'].', '.$moved_to['last_post'].', '.$cur_topic.', '.$fid.')') or error('Unable to create redirect topic', __FILE__, __LINE__, $db->error());
}
}
update_forum($fid); // Update the forum FROM which the topic was moved
update_forum($move_to_forum); // Update the forum TO which the topic was moved
$redirect_msg = (count($topics) > 1) ? $lang_misc['Move topics redirect'] : $lang_misc['Move topic redirect'];
redirect('viewforum.php?id='.$move_to_forum, $redirect_msg);
}
if (isset($_POST['move_topics']))
{
$topics = isset($_POST['topics']) ? $_POST['topics'] : array();
if (empty($topics))
message($lang_misc['No topics selected']);
$topics = implode(',', array_map('intval', array_keys($topics)));
$action = 'multi';
}
else
{
$topics = intval($_GET['move_topics']);
if ($topics < 1)
message($lang_common['Bad request']);
$action = 'single';
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Moderate';
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo ($action == 'single') ? $lang_misc['Move topic'] : $lang_misc['Move topics'] ?></span></h2>
<div class="box">
<form method="post" action="moderate.php?fid=<?php echo $fid ?>">
<div class="inform">
<input type="hidden" name="topics" value="<?php echo $topics ?>" />
<fieldset>
<legend><?php echo $lang_misc['Move legend'] ?></legend>
<div class="infldset">
<label><?php echo $lang_misc['Move to'] ?>
<br /><select name="move_to_forum">
<?php
$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.redirect_url IS NULL ORDER BY c.disp_position, c.id, f.disp_position', true) or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
$cur_category = 0;
while ($cur_forum = $db->fetch_assoc($result))
{
if ($cur_forum['cid'] != $cur_category) // A new category since last iteration?
{
if ($cur_category)
echo "\t\t\t\t\t\t\t".'</optgroup>'."\n";
echo "\t\t\t\t\t\t\t".'<optgroup label="'.pun_htmlspecialchars($cur_forum['cat_name']).'">'."\n";
$cur_category = $cur_forum['cid'];
}
if ($cur_forum['fid'] != $fid)
echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_forum['fid'].'">'.pun_htmlspecialchars($cur_forum['forum_name']).'</option>'."\n";
}
?>
</optgroup>
</select>
<br /></label>
<div class="rbox">
<label><input type="checkbox" name="with_redirect" value="1"<?php if ($action == 'single') echo ' checked="checked"' ?> /><?php echo $lang_misc['Leave redirect'] ?><br /></label>
</div>
</div>
</fieldset>
</div>
<p><input type="submit" name="move_topics_to" value="<?php echo $lang_misc['Move'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
// Delete one or more topics
if (isset($_REQUEST['delete_topics']) || isset($_POST['delete_topics_comply']))
{
$topics = isset($_POST['topics']) ? $_POST['topics'] : array();
if (empty($topics))
message($lang_misc['No topics selected']);
if (isset($_POST['delete_topics_comply']))
{
confirm_referrer('moderate.php');
if (@preg_match('/[^0-9,]/', $topics))
message($lang_common['Bad request']);
require PUN_ROOT.'include/search_idx.php';
// Verify that the topic IDs are valid
$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.$topics.') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != substr_count($topics, ',') + 1)
message($lang_common['Bad request']);
// Delete the topics and any redirect topics
$db->query('DELETE FROM '.$db->prefix.'topics WHERE id IN('.$topics.') OR moved_to IN('.$topics.')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error());
// Delete any subscriptions
$db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE topic_id IN('.$topics.')') or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error());
// Create a list of the post ID's in this topic and then strip the search index
$result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id IN('.$topics.')') or error('Unable to fetch posts', __FILE__, __LINE__, $db->error());
$post_ids = '';
while ($row = $db->fetch_row($result))
$post_ids .= ($post_ids != '') ? ','.$row[0] : $row[0];
// We have to check that we actually have a list of post ID's since we could be deleting just a redirect topic
if ($post_ids != '')
strip_search_index($post_ids);
// Delete posts
$db->query('DELETE FROM '.$db->prefix.'posts WHERE topic_id IN('.$topics.')') or error('Unable to delete posts', __FILE__, __LINE__, $db->error());
update_forum($fid);
redirect('viewforum.php?id='.$fid, $lang_misc['Delete topics redirect']);
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Moderate'];
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><?php echo $lang_misc['Delete topics'] ?></h2>
<div class="box">
<form method="post" action="moderate.php?fid=<?php echo $fid ?>">
<input type="hidden" name="topics" value="<?php echo implode(',', array_map('intval', array_keys($topics))) ?>" />
<div class="inform">
<fieldset>
<legend><?php echo $lang_misc['Confirm delete legend'] ?></legend>
<div class="infldset">
<p><?php echo $lang_misc['Delete topics comply'] ?></p>
</div>
</fieldset>
</div>
<p><input type="submit" name="delete_topics_comply" value="<?php echo $lang_misc['Delete'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
// Open or close one or more topics
else if (isset($_REQUEST['open']) || isset($_REQUEST['close']))
{
$action = (isset($_REQUEST['open'])) ? 0 : 1;
// There could be an array of topic ID's in $_POST
if (isset($_POST['open']) || isset($_POST['close']))
{
confirm_referrer('moderate.php');
$topics = isset($_POST['topics']) ? @array_map('intval', @array_keys($_POST['topics'])) : array();
if (empty($topics))
message($lang_misc['No topics selected']);
$db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id IN('.implode(',', $topics).') AND forum_id='.$fid) or error('Unable to close topics', __FILE__, __LINE__, $db->error());
$redirect_msg = ($action) ? $lang_misc['Close topics redirect'] : $lang_misc['Open topics redirect'];
redirect('moderate.php?fid='.$fid, $redirect_msg);
}
// Or just one in $_GET
else
{
confirm_referrer('viewtopic.php');
$topic_id = ($action) ? intval($_GET['close']) : intval($_GET['open']);
if ($topic_id < 1)
message($lang_common['Bad request']);
$db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id.' AND forum_id='.$fid) or error('Unable to close topic', __FILE__, __LINE__, $db->error());
$redirect_msg = ($action) ? $lang_misc['Close topic redirect'] : $lang_misc['Open topic redirect'];
redirect('viewtopic.php?id='.$topic_id, $redirect_msg);
}
}
// Stick a topic
else if (isset($_GET['stick']))
{
confirm_referrer('viewtopic.php');
$stick = intval($_GET['stick']);
if ($stick < 1)
message($lang_common['Bad request']);
$db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick.' AND forum_id='.$fid) or error('Unable to stick topic', __FILE__, __LINE__, $db->error());
redirect('viewtopic.php?id='.$stick, $lang_misc['Stick topic redirect']);
}
// Unstick a topic
else if (isset($_GET['unstick']))
{
confirm_referrer('viewtopic.php');
$unstick = intval($_GET['unstick']);
if ($unstick < 1)
message($lang_common['Bad request']);
$db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick.' AND forum_id='.$fid) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error());
redirect('viewtopic.php?id='.$unstick, $lang_misc['Unstick topic redirect']);
}
// No specific forum moderation action was specified in the query string, so we'll display the moderator forum
// Load the viewforum.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/forum.php';
// Fetch some info about the forum
$result = $db->query('SELECT f.forum_name, f.redirect_url, f.num_topics FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
$cur_forum = $db->fetch_assoc($result);
// Is this a redirect forum? In that case, abort!
if ($cur_forum['redirect_url'] != '')
message($lang_common['Bad request']);
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.pun_htmlspecialchars($cur_forum['forum_name']);
require PUN_ROOT.'header.php';
// Determine the topic offset (based on $_GET['p'])
$num_pages = ceil($cur_forum['num_topics'] / $pun_user['disp_topics']);
$p = (!isset($_GET['p']) || !is_numeric($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
$start_from = $pun_user['disp_topics'] * ($p - 1);
// Generate paging links
$paging_links = $lang_common['Pages'].': '.paginate($num_pages, $p, 'moderate.php?fid='.$fid)
?>
<div class="linkst">
<div class="inbox">
<p class="pagelink conl"><?php echo $paging_links ?></p>
<ul><li><a href="index.php"><?php echo $lang_common['Index'] ?></a>&nbsp;</li><li>&raquo;&nbsp;<?php echo pun_htmlspecialchars($cur_forum['forum_name']) ?></li></ul>
<div class="clearer"></div>
</div>
</div>
<form method="post" action="moderate.php?fid=<?php echo $fid ?>">
<div id="vf" class="blocktable">
<h2><span><?php echo pun_htmlspecialchars($cur_forum['forum_name']) ?></span></h2>
<div class="box">
<div class="inbox">
<table cellspacing="0">
<thead>
<tr>
<th class="tcl" scope="col"><?php echo $lang_common['Topic'] ?></th>
<th class="tc2" scope="col"><?php echo $lang_common['Replies'] ?></th>
<th class="tc3" scope="col"><?php echo $lang_forum['Views'] ?></th>
<th class="tcr"><?php echo $lang_common['Last post'] ?></th>
<th class="tcmod" scope="col"><?php echo $lang_misc['Select'] ?></th>
</tr>
</thead>
<tbody>
<?php
// Select topics
$result = $db->query('SELECT id, poster, subject, posted, last_post, last_post_id, last_poster, num_views, num_replies, closed, sticky, moved_to FROM '.$db->prefix.'topics WHERE forum_id='.$fid.' ORDER BY sticky DESC, last_post DESC LIMIT '.$start_from.', '.$pun_user['disp_topics']) or error('Unable to fetch topic list for forum', __FILE__, __LINE__, $db->error());
// If there are topics in this forum.
if ($db->num_rows($result))
{
$button_status = '';
while ($cur_topic = $db->fetch_assoc($result))
{
$icon_text = $lang_common['Normal icon'];
$item_status = '';
$icon_type = 'icon';
if ($cur_topic['moved_to'] == null)
{
$last_post = '<a href="viewtopic.php?pid='.$cur_topic['last_post_id'].'#p'.$cur_topic['last_post_id'].'">'.format_time($cur_topic['last_post']).'</a> '.$lang_common['by'].' '.pun_htmlspecialchars($cur_topic['last_poster']);
$ghost_topic = false;
}
else
{
$last_post = '&nbsp;';
$ghost_topic = true;
}
if ($pun_config['o_censoring'] == '1')
$cur_topic['subject'] = censor_words($cur_topic['subject']);
if ($cur_topic['moved_to'] != 0)
$subject = $lang_forum['Moved'].': <a href="viewtopic.php?id='.$cur_topic['moved_to'].'">'.pun_htmlspecialchars($cur_topic['subject']).'</a> <span class="byuser">'.$lang_common['by'].' '.pun_htmlspecialchars($cur_topic['poster']).'</span>';
else if ($cur_topic['closed'] == '0')
$subject = '<a href="viewtopic.php?id='.$cur_topic['id'].'">'.pun_htmlspecialchars($cur_topic['subject']).'</a> <span>'.$lang_common['by'].'&nbsp;'.pun_htmlspecialchars($cur_topic['poster']).'</span>';
else
{
$subject = '<a href="viewtopic.php?id='.$cur_topic['id'].'">'.pun_htmlspecialchars($cur_topic['subject']).'</a> <span class="byuser">'.$lang_common['by'].' '.pun_htmlspecialchars($cur_topic['poster']).'</span>';
$icon_text = $lang_common['Closed icon'];
$item_status = 'iclosed';
}
if ($cur_topic['last_post'] > $pun_user['last_visit'] && !$ghost_topic)
{
$icon_text .= ' '.$lang_common['New icon'];
$item_status .= ' inew';
$icon_type = 'icon inew';
$subject = '<strong>'.$subject.'</strong>';
$subject_new_posts = '<span class="newtext">[&nbsp;<a href="viewtopic.php?id='.$cur_topic['id'].'&amp;action=new" title="'.$lang_common['New posts info'].'">'.$lang_common['New posts'].'</a>&nbsp;]</span>';
}
else
$subject_new_posts = null;
// We won't display "the dot", but we add the spaces anyway
if ($pun_config['o_show_dot'] == '1')
$subject = '&nbsp;&nbsp;'.$subject;
if ($cur_topic['sticky'] == '1')
{
$subject = '<span class="stickytext">'.$lang_forum['Sticky'].': </span>'.$subject;
$item_status .= ' isticky';
$icon_text .= ' '.$lang_forum['Sticky'];
}
$num_pages_topic = ceil(($cur_topic['num_replies'] + 1) / $pun_user['disp_posts']);
if ($num_pages_topic > 1)
$subject_multipage = '[ '.paginate($num_pages_topic, -1, 'viewtopic.php?id='.$cur_topic['id']).' ]';
else
$subject_multipage = null;
// Should we show the "New posts" and/or the multipage links?
if (!empty($subject_new_posts) || !empty($subject_multipage))
{
$subject .= '&nbsp; '.(!empty($subject_new_posts) ? $subject_new_posts : '');
$subject .= !empty($subject_multipage) ? ' '.$subject_multipage : '';
}
?>
<tr<?php if ($item_status != '') echo ' class="'.trim($item_status).'"'; ?>>
<td class="tcl">
<div class="<?php echo $icon_type ?>"><div class="nosize"><?php echo trim($icon_text) ?></div></div>
<div class="tclcon">
<?php echo $subject."\n" ?>
</div>
</td>
<td class="tc2"><?php echo (!$ghost_topic) ? $cur_topic['num_replies'] : '&nbsp;' ?></td>
<td class="tc3"><?php echo (!$ghost_topic) ? $cur_topic['num_views'] : '&nbsp;' ?></td>
<td class="tcr"><?php echo $last_post ?></td>
<td class="tcmod"><input type="checkbox" name="topics[<?php echo $cur_topic['id'] ?>]" value="1" /></td>
</tr>
<?php
}
}
else
{
$button_status = ' disabled';
echo "\t\t\t\t\t".'<tr><td class="tcl" colspan="5">'.$lang_forum['Empty forum'].'</td></tr>'."\n";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<div class="linksb">
<div class="inbox">
<p class="pagelink conl"><?php echo $paging_links ?></p>
<p class="conr"><input type="submit" name="move_topics" value="<?php echo $lang_misc['Move'] ?>"<?php echo $button_status ?> />&nbsp;&nbsp;<input type="submit" name="delete_topics" value="<?php echo $lang_misc['Delete'] ?>"<?php echo $button_status ?> />&nbsp;&nbsp;<input type="submit" name="open" value="<?php echo $lang_misc['Open'] ?>"<?php echo $button_status ?> />&nbsp;&nbsp;<input type="submit" name="close" value="<?php echo $lang_misc['Close'] ?>"<?php echo $button_status ?> /></p>
<div class="clearer"></div>
</div>
</div>
</form>
<?php
require PUN_ROOT.'footer.php';
lib/punbb/plugins/AMP_Example.php deleted 100644 → 0
View file @ 1047ded3
<?php
/***********************************************************************
Copyright (C) 2002-2008 PunBB
This file is part of PunBB.
PunBB is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
PunBB is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston,
MA 02111-1307 USA
************************************************************************/
##
##
## A few notes of interest for aspiring plugin authors:
##
## 1. If you want to display a message via the message() function, you
## must do so before calling generate_admin_menu($plugin).
##
## 2. Plugins are loaded by admin_loader.php and must not be
## terminated (e.g. by calling exit()). After the plugin script has
## finished, the loader script displays the footer, so don't worry
## about that. Please note that terminating a plugin by calling
## message() or redirect() is fine though.
##
## 3. The action attribute of any and all <form> tags and the target
## URL for the redirect() function must be set to the value of
## $_SERVER['REQUEST_URI']. This URL can however be extended to
## include extra variables (like the addition of &amp;foo=bar in
## the form of this example plugin).
##
## 4. If your plugin is for administrators only, the filename must
## have the prefix "AP_". If it is for both administrators and
## moderators, use the prefix "AMP_". This example plugin has the
## prefix "AMP_" and is therefore available for both admins and
## moderators in the navigation menu.
##
## 5. Use _ instead of spaces in the file name.
##
## 6. Since plugin scripts are included from the PunBB script
## admin_loader.php, you have access to all PunBB functions and
## global variables (e.g. $db, $pun_config, $pun_user etc).
##
## 7. Do your best to keep the look and feel of your plugins' user
## interface similar to the rest of the admin scripts. Feel free to
## borrow markup and code from the admin scripts to use in your
## plugins. If you create your own styles they need to be added to
## the "base_admin" style sheet.
##
## 8. Plugins must be released under the GNU General Public License or
## a GPL compatible license. Copy the GPL preamble at the top of
## this file into your plugin script and alter the copyright notice
## to refrect the author of the plugin (i.e. you).
##
##
// Make sure no one attempts to run this script "directly"
if (!defined('PUN'))
exit;
// Tell admin_loader.php that this is indeed a plugin and that it is loaded
define('PUN_PLUGIN_LOADED', 1);
//
// The rest is up to you!
//
// If the "Show text" button was clicked
if (isset($_POST['show_text']))
{
// Make sure something something was entered
if (trim($_POST['text_to_show']) == '')
message('You didn\'t enter anything!');
// Display the admin navigation menu
generate_admin_menu($plugin);
?>
<div class="block">
<h2><span>Example plugin</span></h2>
<div class="box">
<div class="inbox">
<p>You said "<?php echo pun_htmlspecialchars($_POST['text_to_show']) ?>". Great stuff.</p>
<p><a href="javascript: history.go(-1)">Go back</a></p>
</div>
</div>
</div>
<?php
}
else // If not, we show the "Show text" form
{
// Display the admin navigation menu
generate_admin_menu($plugin);
?>
<div id="exampleplugin" class="blockform">
<h2><span>Example plugin</span></h2>
<div class="box">
<div class="inbox">
<p>This plugin doesn't do anything useful. Hence the name "Example".</p>
<p>This would be a good spot to talk a little about your plugin. Describe what it does and how it should be used. Be brief, but informative.</p>
</div>
</div>
<h2 class="block2"><span>An example form</span></h2>
<div class="box">
<form id="example" method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>&amp;foo=bar">
<div class="inform">
<fieldset>
<legend>Enter a piece of text and hit "Show text"!</legend>
<div class="infldset">
<table class="aligntop" cellspacing="0">
<tr>
<th scope="row">Text to show<div><input type="submit" name="show_text" value="Show text" tabindex="2" /></div></th>
<td>
<input type="text" name="text_to_show" size="25" tabindex="1" />
<span>The text you want to display.</span>
</td>
</tr>
</table>
</div>
</fieldset>
</div>
</form>
</div>
</div>
<?php
}
// Note that the script just ends here. The footer will be included by admin_loader.php.
lib/punbb/plugins/index.html deleted 100644 → 0
View file @ 1047ded3
<html>
<head>
<title>.</title>
</head>
<body>
.
</body>
</html>
\ No newline at end of file
lib/punbb/post.php deleted 100644 → 0
View file @ 1047ded3
<?php
/***********************************************************************
Copyright (C) 2002-2008 PunBB
This file is part of PunBB.
PunBB is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
PunBB is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston,
MA 02111-1307 USA
************************************************************************/
define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';
if ($pun_user['g_read_board'] == '0')
message($lang_common['No view']);
$tid = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($tid < 1 && $fid < 1 || $tid > 0 && $fid > 0)
message($lang_common['Bad request']);
// Fetch some info about the topic and/or the forum
if ($tid)
$result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.subject, t.closed FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$tid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
else
$result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
$cur_posting = $db->fetch_assoc($result);
// Is someone trying to post into a redirect forum?
if ($cur_posting['redirect_url'] != '')
message($lang_common['Bad request']);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = ($cur_posting['moderators'] != '') ? unserialize($cur_posting['moderators']) : array();
$is_admmod = ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && array_key_exists($pun_user['username'], $mods_array))) ? true : false;
// Do we have permission to post?
if ((($tid && (($cur_posting['post_replies'] == '' && $pun_user['g_post_replies'] == '0') || $cur_posting['post_replies'] == '0')) ||
($fid && (($cur_posting['post_topics'] == '' && $pun_user['g_post_topics'] == '0') || $cur_posting['post_topics'] == '0')) ||
(isset($cur_posting['closed']) && $cur_posting['closed'] == '1')) &&
!$is_admmod)
message($lang_common['No permission']);
// Load the post.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
// Start with a clean slate
$errors = array();
// Did someone just hit "Submit" or "Preview"?
if (isset($_POST['form_sent']))
{
// Make sure form_user is correct
if (($pun_user['is_guest'] && $_POST['form_user'] != 'Guest') || (!$pun_user['is_guest'] && $_POST['form_user'] != $pun_user['username']))
message($lang_common['Bad request']);
// Flood protection
if (!$pun_user['is_guest'] && !isset($_POST['preview']) && $pun_user['last_post'] != '' && (time() - $pun_user['last_post']) < $pun_user['g_post_flood'])
$errors[] = $lang_post['Flood start'].' '.$pun_user['g_post_flood'].' '.$lang_post['flood end'];
// If it's a new topic
if ($fid)
{
$subject = pun_trim($_POST['req_subject']);
if ($subject == '')
$errors[] = $lang_post['No subject'];
else if (pun_strlen($subject) > 70)
$errors[] = $lang_post['Too long subject'];
else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && $pun_user['g_id'] > PUN_MOD)
$subject = ucwords(strtolower($subject));
}
// If the user is logged in we get the username and e-mail from $pun_user
if (!$pun_user['is_guest'])
{
$username = $pun_user['username'];
$email = $pun_user['email'];
}
// Otherwise it should be in $_POST
else
{
$username = trim($_POST['req_username']);
$email = strtolower(trim(($pun_config['p_force_guest_email'] == '1') ? $_POST['req_email'] : $_POST['email']));
// Load the register.php/profile.php language files
require PUN_ROOT.'lang/'.$pun_user['language'].'/prof_reg.php';
require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
// It's a guest, so we have to validate the username
if (strlen($username) < 2)
$errors[] = $lang_prof_reg['Username too short'];
else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, $lang_common['Guest']))
$errors[] = $lang_prof_reg['Username guest'];
else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $username))
$errors[] = $lang_prof_reg['Username IP'];
if ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false)
$errors[] = $lang_prof_reg['Username reserved chars'];
if (preg_match('#\[b\]|\[/b\]|\[u\]|\[/u\]|\[i\]|\[/i\]|\[color|\[/color\]|\[quote\]|\[quote=|\[/quote\]|\[code\]|\[/code\]|\[img\]|\[/img\]|\[url|\[/url\]|\[email|\[/email\]#i', $username))
$errors[] = $lang_prof_reg['Username BBCode'];
// Check username for any censored words
$temp = censor_words($username);
if ($temp != $username)
$errors[] = $lang_register['Username censor'];
// Check that the username (or a too similar username) is not already registered
$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE (username=\''.$db->escape($username).'\' OR username=\''.$db->escape(preg_replace('/[^\w]/', '', $username)).'\') AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
$busy = $db->result($result);
$errors[] = $lang_register['Username dupe 1'].' '.pun_htmlspecialchars($busy).'. '.$lang_register['Username dupe 2'];
}
if ($pun_config['p_force_guest_email'] == '1' || $email != '')
{
require PUN_ROOT.'include/email.php';
if (!is_valid_email($email))
$errors[] = $lang_common['Invalid e-mail'];
}
}
// Clean up message from POST
$message = pun_linebreaks(pun_trim($_POST['req_message']));
if ($message == '')
$errors[] = $lang_post['No message'];
else if (strlen($message) > 65535)
$errors[] = $lang_post['Too long message'];
else if ($pun_config['p_message_all_caps'] == '0' && strtoupper($message) == $message && $pun_user['g_id'] > PUN_MOD)
$message = ucwords(strtolower($message));
// Validate BBCode syntax
if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
{
require PUN_ROOT.'include/parser.php';
$message = preparse_bbcode($message, $errors);
}
require PUN_ROOT.'include/search_idx.php';
$hide_smilies = isset($_POST['hide_smilies']) ? 1 : 0;
$subscribe = isset($_POST['subscribe']) ? 1 : 0;
$now = time();
// Did everything go according to plan?
if (empty($errors) && !isset($_POST['preview']))
{
// If it's a reply
if ($tid)
{
if (!$pun_user['is_guest'])
{
// Insert the new post
$db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_id, poster_ip, message, hide_smilies, posted, topic_id) VALUES(\''.$db->escape($username).'\', '.$pun_user['id'].', \''.get_remote_address().'\', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$tid.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
$new_pid = $db->insert_id();
// To subscribe or not to subscribe, that ...
if ($pun_config['o_subscriptions'] == '1' && $subscribe)
{
$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$tid) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
$db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$tid.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
}
}
else
{
// It's a guest. Insert the new post
$email_sql = ($pun_config['p_force_guest_email'] == '1' || $email != '') ? '\''.$email.'\'' : 'NULL';
$db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_ip, poster_email, message, hide_smilies, posted, topic_id) VALUES(\''.$db->escape($username).'\', \''.get_remote_address().'\', '.$email_sql.', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$tid.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
$new_pid = $db->insert_id();
}
// Count number of replies in the topic
$result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'posts WHERE topic_id='.$tid) or error('Unable to fetch post count for topic', __FILE__, __LINE__, $db->error());
$num_replies = $db->result($result, 0) - 1;
// Update topic
$db->query('UPDATE '.$db->prefix.'topics SET num_replies='.$num_replies.', last_post='.$now.', last_post_id='.$new_pid.', last_poster=\''.$db->escape($username).'\' WHERE id='.$tid) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
update_search_index('post', $new_pid, $message);
update_forum($cur_posting['id']);
// Should we send out notifications?
if ($pun_config['o_subscriptions'] == '1')
{
// Get the post time for the previous post in this topic
$result = $db->query('SELECT posted FROM '.$db->prefix.'posts WHERE topic_id='.$tid.' ORDER BY id DESC LIMIT 1, 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
$previous_post_time = $db->result($result);
// Get any subscribed users that should be notified (banned users are excluded)
$result = $db->query('SELECT u.id, u.email, u.notify_with_post, u.language FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'subscriptions AS s ON u.id=s.user_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id='.$cur_posting['id'].' AND fp.group_id=u.group_id) LEFT JOIN '.$db->prefix.'online AS o ON u.id=o.user_id LEFT JOIN '.$db->prefix.'bans AS b ON u.username=b.username WHERE b.username IS NULL AND COALESCE(o.logged, u.last_visit)>'.$previous_post_time.' AND (fp.read_forum IS NULL OR fp.read_forum=1) AND s.topic_id='.$tid.' AND u.id!='.intval($pun_user['id'])) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
require_once PUN_ROOT.'include/email.php';
$notification_emails = array();
// Loop through subscribed users and send e-mails
while ($cur_subscriber = $db->fetch_assoc($result))
{
// Is the subscription e-mail for $cur_subscriber['language'] cached or not?
if (!isset($notification_emails[$cur_subscriber['language']]))
{
if (file_exists(PUN_ROOT.'lang/'.$cur_subscriber['language'].'/mail_templates/new_reply.tpl'))
{
// Load the "new reply" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$cur_subscriber['language'].'/mail_templates/new_reply.tpl'));
// Load the "new reply full" template (with post included)
$mail_tpl_full = trim(file_get_contents(PUN_ROOT.'lang/'.$cur_subscriber['language'].'/mail_templates/new_reply_full.tpl'));
// The first row contains the subject (it also starts with "Subject:")
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
$first_crlf = strpos($mail_tpl_full, "\n");
$mail_subject_full = trim(substr($mail_tpl_full, 8, $first_crlf-8));
$mail_message_full = trim(substr($mail_tpl_full, $first_crlf));
$mail_subject = str_replace('<topic_subject>', '\''.$cur_posting['subject'].'\'', $mail_subject);
$mail_message = str_replace('<topic_subject>', '\''.$cur_posting['subject'].'\'', $mail_message);
$mail_message = str_replace('<replier>', $username, $mail_message);
$mail_message = str_replace('<post_url>', $pun_config['o_base_url'].'/viewtopic.php?pid='.$new_pid.'#p'.$new_pid, $mail_message);
$mail_message = str_replace('<unsubscribe_url>', $pun_config['o_base_url'].'/misc.php?unsubscribe='.$tid, $mail_message);
$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);
$mail_subject_full = str_replace('<topic_subject>', '\''.$cur_posting['subject'].'\'', $mail_subject_full);
$mail_message_full = str_replace('<topic_subject>', '\''.$cur_posting['subject'].'\'', $mail_message_full);
$mail_message_full = str_replace('<replier>', $username, $mail_message_full);
$mail_message_full = str_replace('<message>', $message, $mail_message_full);
$mail_message_full = str_replace('<post_url>', $pun_config['o_base_url'].'/viewtopic.php?pid='.$new_pid.'#p'.$new_pid, $mail_message_full);
$mail_message_full = str_replace('<unsubscribe_url>', $pun_config['o_base_url'].'/misc.php?unsubscribe='.$tid, $mail_message_full);
$mail_message_full = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message_full);
$notification_emails[$cur_subscriber['language']][0] = $mail_subject;
$notification_emails[$cur_subscriber['language']][1] = $mail_message;
$notification_emails[$cur_subscriber['language']][2] = $mail_subject_full;
$notification_emails[$cur_subscriber['language']][3] = $mail_message_full;
$mail_subject = $mail_message = $mail_subject_full = $mail_message_full = null;
}
}
// We have to double check here because the templates could be missing
if (isset($notification_emails[$cur_subscriber['language']]))
{
if ($cur_subscriber['notify_with_post'] == '0')
pun_mail($cur_subscriber['email'], $notification_emails[$cur_subscriber['language']][0], $notification_emails[$cur_subscriber['language']][1]);
else
pun_mail($cur_subscriber['email'], $notification_emails[$cur_subscriber['language']][2], $notification_emails[$cur_subscriber['language']][3]);
}
}
}
}
}
// If it's a new topic
else if ($fid)
{
// Create the topic
$db->query('INSERT INTO '.$db->prefix.'topics (poster, subject, posted, last_post, last_poster, forum_id) VALUES(\''.$db->escape($username).'\', \''.$db->escape($subject).'\', '.$now.', '.$now.', \''.$db->escape($username).'\', '.$fid.')') or error('Unable to create topic', __FILE__, __LINE__, $db->error());
$new_tid = $db->insert_id();
if (!$pun_user['is_guest'])
{
// To subscribe or not to subscribe, that ...
if ($pun_config['o_subscriptions'] == '1' && (isset($_POST['subscribe']) && $_POST['subscribe'] == '1'))
$db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$new_tid.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
// Create the post ("topic post")
$db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_id, poster_ip, message, hide_smilies, posted, topic_id) VALUES(\''.$db->escape($username).'\', '.$pun_user['id'].', \''.get_remote_address().'\', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$new_tid.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
}
else
{
// Create the post ("topic post")
$email_sql = ($pun_config['p_force_guest_email'] == '1' || $email != '') ? '\''.$email.'\'' : 'NULL';
$db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_ip, poster_email, message, hide_smilies, posted, topic_id) VALUES(\''.$db->escape($username).'\', \''.get_remote_address().'\', '.$email_sql.', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$new_tid.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
}
$new_pid = $db->insert_id();
// Update the topic with last_post_id
$db->query('UPDATE '.$db->prefix.'topics SET last_post_id='.$new_pid.' WHERE id='.$new_tid) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
update_search_index('post', $new_pid, $message, $subject);
update_forum($fid);
}
// If the posting user is logged in, increment his/her post count
if (!$pun_user['is_guest'])
{
$low_prio = ($db_type == 'mysql') ? 'LOW_PRIORITY ' : '';
$db->query('UPDATE '.$low_prio.$db->prefix.'users SET num_posts=num_posts+1, last_post='.$now.' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
}
redirect('viewtopic.php?pid='.$new_pid.'#p'.$new_pid, $lang_post['Post redirect']);
}
}
// If a topic id was specified in the url (it's a reply).
if ($tid)
{
$action = $lang_post['Post a reply'];
$form = '<form id="post" method="post" action="post.php?action=post&amp;tid='.$tid.'" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">';
// If a quote-id was specified in the url.
if (isset($_GET['qid']))
{
$qid = intval($_GET['qid']);
if ($qid < 1)
message($lang_common['Bad request']);
$result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid.' AND topic_id='.$tid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
list($q_poster, $q_message) = $db->fetch_row($result);
$q_message = str_replace('[img]', '[url]', $q_message);
$q_message = str_replace('[/img]', '[/url]', $q_message);
$q_message = pun_htmlspecialchars($q_message);
if ($pun_config['p_message_bbcode'] == '1')
{
// If username contains a square bracket, we add "" or '' around it (so we know when it starts and ends)
if (strpos($q_poster, '[') !== false || strpos($q_poster, ']') !== false)
{
if (strpos($q_poster, '\'') !== false)
$q_poster = '"'.$q_poster.'"';
else
$q_poster = '\''.$q_poster.'\'';
}
else
{
// Get the characters at the start and end of $q_poster
$ends = substr($q_poster, 0, 1).substr($q_poster, -1, 1);
// Deal with quoting "Username" or 'Username' (becomes '"Username"' or "'Username'")
if ($ends == '\'\'')
$q_poster = '"'.$q_poster.'"';
else if ($ends == '""')
$q_poster = '\''.$q_poster.'\'';
}
$quote = '[quote='.$q_poster.']'.$q_message.'[/quote]'."\n";
}
else
$quote = '> '.$q_poster.' '.$lang_common['wrote'].':'."\n\n".'> '.$q_message."\n";
}
$forum_name = '<a href="viewforum.php?id='.$cur_posting['id'].'">'.pun_htmlspecialchars($cur_posting['forum_name']).'</a>';
}
// If a forum_id was specified in the url (new topic).
else if ($fid)
{
$action = $lang_post['Post new topic'];
$form = '<form id="post" method="post" action="post.php?action=post&amp;fid='.$fid.'" onsubmit="return process_form(this)">';
$forum_name = pun_htmlspecialchars($cur_posting['forum_name']);
}
else
message($lang_common['Bad request']);
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$action;
$required_fields = array('req_email' => $lang_common['E-mail'], 'req_subject' => $lang_common['Subject'], 'req_message' => $lang_common['Message']);
$focus_element = array('post');
if (!$pun_user['is_guest'])
$focus_element[] = ($fid) ? 'req_subject' : 'req_message';
else
{
$required_fields['req_username'] = $lang_post['Guest name'];
$focus_element[] = 'req_username';
}
require PUN_ROOT.'header.php';
?>
<div class="linkst">
<div class="inbox">
<ul><li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li><li>&nbsp;&raquo;&nbsp;<?php echo $forum_name ?><?php if (isset($cur_posting['subject'])) echo '</li><li>&nbsp;&raquo;&nbsp;'.pun_htmlspecialchars($cur_posting['subject']) ?></li></ul>
</div>
</div>
<?php
// If there are errors, we display them
if (!empty($errors))
{
?>
<div id="posterror" class="block">
<h2><span><?php echo $lang_post['Post errors'] ?></span></h2>
<div class="box">
<div class="inbox">
<p><?php echo $lang_post['Post errors info'] ?></p>
<ul>
<?php
while (list(, $cur_error) = each($errors))
echo "\t\t\t\t".'<li><strong>'.$cur_error.'</strong></li>'."\n";
?>
</ul>
</div>
</div>
</div>
<?php
}
else if (isset($_POST['preview']))
{
require_once PUN_ROOT.'include/parser.php';
$preview_message = parse_message($message, $hide_smilies);
?>
<div id="postpreview" class="blockpost">
<h2><span><?php echo $lang_post['Post preview'] ?></span></h2>
<div class="box">
<div class="inbox">
<div class="postright">
<div class="postmsg">
<?php echo $preview_message."\n" ?>
</div>
</div>
</div>
</div>
</div>
<?php
}
$cur_index = 1;
?>
<div class="blockform">
<h2><span><?php echo $action ?></span></h2>
<div class="box">
<?php echo $form."\n" ?>
<div class="inform">
<fieldset>
<legend><?php echo $lang_common['Write message legend'] ?></legend>
<div class="infldset txtarea">
<input type="hidden" name="form_sent" value="1" />
<input type="hidden" name="form_user" value="<?php echo (!$pun_user['is_guest']) ? pun_htmlspecialchars($pun_user['username']) : 'Guest'; ?>" />
<?php
if ($pun_user['is_guest'])
{
$email_label = ($pun_config['p_force_guest_email'] == '1') ? '<strong>'.$lang_common['E-mail'].'</strong>' : $lang_common['E-mail'];
$email_form_name = ($pun_config['p_force_guest_email'] == '1') ? 'req_email' : 'email';
?> <label class="conl"><strong><?php echo $lang_post['Guest name'] ?></strong><br /><input type="text" name="req_username" value="<?php if (isset($_POST['req_username'])) echo pun_htmlspecialchars($username); ?>" size="25" maxlength="25" tabindex="<?php echo $cur_index++ ?>" /><br /></label>
<label class="conl"><?php echo $email_label ?><br /><input type="text" name="<?php echo $email_form_name ?>" value="<?php if (isset($_POST[$email_form_name])) echo pun_htmlspecialchars($email); ?>" size="50" maxlength="50" tabindex="<?php echo $cur_index++ ?>" /><br /></label>
<div class="clearer"></div>
<?php
}
if ($fid): ?>
<label><strong><?php echo $lang_common['Subject'] ?></strong><br /><input class="longinput" type="text" name="req_subject" value="<?php if (isset($_POST['req_subject'])) echo pun_htmlspecialchars($subject); ?>" size="80" maxlength="70" tabindex="<?php echo $cur_index++ ?>" /><br /></label>
<?php endif; ?> <label><strong><?php echo $lang_common['Message'] ?></strong><br />
<textarea name="req_message" rows="20" cols="95" tabindex="<?php echo $cur_index++ ?>"><?php echo isset($_POST['req_message']) ? pun_htmlspecialchars($message) : (isset($quote) ? $quote : ''); ?></textarea><br /></label>
<ul class="bblinks">
<li><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a>: <?php echo ($pun_config['p_message_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
<li><a href="help.php#img" onclick="window.open(this.href); return false;"><?php echo $lang_common['img tag'] ?></a>: <?php echo ($pun_config['p_message_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
<li><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
</ul>
</div>
</fieldset>
<?php
$checkboxes = array();
if (!$pun_user['is_guest'])
{
if ($pun_config['o_smilies'] == '1')
$checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" tabindex="'.($cur_index++).'"'.(isset($_POST['hide_smilies']) ? ' checked="checked"' : '').' />'.$lang_post['Hide smilies'];
if ($pun_config['o_subscriptions'] == '1')
$checkboxes[] = '<label><input type="checkbox" name="subscribe" value="1" tabindex="'.($cur_index++).'"'.(isset($_POST['subscribe']) ? ' checked="checked"' : '').' />'.$lang_post['Subscribe'];
}
else if ($pun_config['o_smilies'] == '1')
$checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" tabindex="'.($cur_index++).'"'.(isset($_POST['hide_smilies']) ? ' checked="checked"' : '').' />'.$lang_post['Hide smilies'];
if (!empty($checkboxes))
{
?>
</div>
<div class="inform">
<fieldset>
<legend><?php echo $lang_common['Options'] ?></legend>
<div class="infldset">
<div class="rbox">
<?php echo implode('<br /></label>'."\n\t\t\t\t", $checkboxes).'<br /></label>'."\n" ?>
</div>
</div>
</fieldset>
<?php
}
?>
</div>
<p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="<?php echo $cur_index++ ?>" accesskey="s" /><input type="submit" name="preview" value="<?php echo $lang_post['Preview'] ?>" tabindex="<?php echo $cur_index++ ?>" accesskey="p" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
// Check to see if the topic review is to be displayed.
if ($tid && $pun_config['o_topic_review'] != '0')
{
require_once PUN_ROOT.'include/parser.php';
$result = $db->query('SELECT poster, message, hide_smilies, posted FROM '.$db->prefix.'posts WHERE topic_id='.$tid.' ORDER BY id DESC LIMIT '.$pun_config['o_topic_review']) or error('Unable to fetch topic review', __FILE__, __LINE__, $db->error());
?>
<div id="postreview" class="blockpost">
<h2><span><?php echo $lang_post['Topic review'] ?></span></h2>
<?php
//Set background switching on
$bg_switch = true;
$post_count = 0;
while ($cur_post = $db->fetch_assoc($result))
{
// Switch the background color for every message.
$bg_switch = ($bg_switch) ? $bg_switch = false : $bg_switch = true;
$vtbg = ($bg_switch) ? ' roweven' : ' rowodd';
$post_count++;
$cur_post['message'] = parse_message($cur_post['message'], $cur_post['hide_smilies']);
?>
<div class="box<?php echo $vtbg ?>">
<div class="inbox">
<div class="postleft">
<dl>
<dt><strong><?php echo pun_htmlspecialchars($cur_post['poster']) ?></strong></dt>
<dd><?php echo format_time($cur_post['posted']) ?></dd>
</dl>
</div>
<div class="postright">
<div class="postmsg">
<?php echo $cur_post['message'] ?>
</div>
</div>
<div class="clearer"></div>
</div>
</div>
<?php
}
?>
</div>
<?php
}
require PUN_ROOT.'footer.php';
\ No newline at end of file
lib/punbb/profile.php deleted 100644 → 0
View file @ 1047ded3
<?php
/***********************************************************************
Copyright (C) 2002-2008 PunBB
This file is part of PunBB.
PunBB is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
PunBB is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston,
MA 02111-1307 USA
************************************************************************/
define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';
$action = isset($_GET['action']) ? $_GET['action'] : null;
$section = isset($_GET['section']) ? $_GET['section'] : null;
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id < 2)
message($lang_common['Bad request']);
if ($pun_user['g_read_board'] == '0' && ($action != 'change_pass' || !isset($_GET['key'])))
message($lang_common['No view']);
// Load the profile.php/register.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/prof_reg.php';
// Load the profile.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/profile.php';
if ($action == 'change_pass')
{
if (isset($_GET['key']))
{
// If the user is already logged in we shouldn't be here :)
if (!$pun_user['is_guest'])
{
header('Location: index.php');
pun_exit();
}
$key = $_GET['key'];
$result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch new password', __FILE__, __LINE__, $db->error());
list($new_password_hash, $new_password_key) = $db->fetch_row($result);
if ($key == '' || $key != $new_password_key)
message($lang_profile['Pass key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
else
{
$db->query('UPDATE '.$db->prefix.'users SET password=\''.$new_password_hash.'\', activate_string=NULL, activate_key=NULL WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error());
message($lang_profile['Pass updated'], true);
}
}
// Make sure we are allowed to change this users password
if ($pun_user['id'] != $id)
{
if ($pun_user['g_id'] > PUN_MOD) // A regular user trying to change another users password?
message($lang_common['No permission']);
else if ($pun_user['g_id'] == PUN_MOD) // A moderator trying to change a users password?
{
$result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
if ($pun_config['p_mod_edit_users'] == '0' || $pun_config['p_mod_change_passwords'] == '0' || $db->result($result) < PUN_GUEST)
message($lang_common['No permission']);
}
}
if (isset($_POST['form_sent']))
{
if ($pun_user['g_id'] < PUN_GUEST)
confirm_referrer('profile.php');
$old_password = isset($_POST['req_old_password']) ? trim($_POST['req_old_password']) : '';
$new_password1 = trim($_POST['req_new_password1']);
$new_password2 = trim($_POST['req_new_password2']);
if ($new_password1 != $new_password2)
message($lang_prof_reg['Pass not match']);
if (strlen($new_password1) < 4)
message($lang_prof_reg['Pass too short']);
$result = $db->query('SELECT password, save_pass FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch password', __FILE__, __LINE__, $db->error());
list($db_password_hash, $save_pass) = $db->fetch_row($result);
$authorized = false;
if (!empty($db_password_hash))
{
$sha1_in_db = (strlen($db_password_hash) == 40) ? true : false;
$sha1_available = (function_exists('sha1') || function_exists('mhash')) ? true : false;
$old_password_hash = pun_hash($old_password); // This could result in either an SHA-1 or an MD5 hash
if (($sha1_in_db && $sha1_available && $db_password_hash == $old_password_hash) ||
(!$sha1_in_db && $db_password_hash == md5($old_password)) ||
$pun_user['g_id'] < PUN_GUEST)
$authorized = true;
}
if (!$authorized)
message($lang_profile['Wrong pass']);
$new_password_hash = pun_hash($new_password1);
$db->query('UPDATE '.$db->prefix.'users SET password=\''.$new_password_hash.'\' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error());
if ($pun_user['id'] == $id)
{
$expire = ($save_pass == '1') ? time() + 31536000 : 0;
pun_setcookie($pun_user['id'], $new_password_hash, $expire);
}
redirect('profile.php?section=essentials&amp;id='.$id, $lang_profile['Pass updated redirect']);
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
$required_fields = array('req_old_password' => $lang_profile['Old pass'], 'req_new_password1' => $lang_profile['New pass'], 'req_new_password2' => $lang_profile['Confirm new pass']);
$focus_element = array('change_pass', (($pun_user['g_id'] > PUN_MOD) ? 'req_old_password' : 'req_new_password1'));
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_profile['Change pass'] ?></span></h2>
<div class="box">
<form id="change_pass" method="post" action="profile.php?action=change_pass&amp;id=<?php echo $id ?>" onsubmit="return process_form(this)">
<div class="inform">
<input type="hidden" name="form_sent" value="1" />
<fieldset>
<legend><?php echo $lang_profile['Change pass legend'] ?></legend>
<div class="infldset">
<?php if ($pun_user['g_id'] > PUN_MOD): ?> <label><strong><?php echo $lang_profile['Old pass'] ?></strong><br />
<input type="password" name="req_old_password" size="16" maxlength="16" /><br /></label>
<?php endif; ?> <label class="conl"><strong><?php echo $lang_profile['New pass'] ?></strong><br />
<input type="password" name="req_new_password1" size="16" maxlength="16" /><br /></label>
<label class="conl"><strong><?php echo $lang_profile['Confirm new pass'] ?></strong><br />
<input type="password" name="req_new_password2" size="16" maxlength="16" /><br /></label>
<div class="clearb"></div>
</div>
</fieldset>
</div>
<p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
else if ($action == 'change_email')
{
// Make sure we are allowed to change this users e-mail
if ($pun_user['id'] != $id)
{
if ($pun_user['g_id'] > PUN_MOD) // A regular user trying to change another users e-mail?
message($lang_common['No permission']);
else if ($pun_user['g_id'] == PUN_MOD) // A moderator trying to change a users e-mail?
{
$result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
if ($pun_config['p_mod_edit_users'] == '0' || $db->result($result) < PUN_GUEST)
message($lang_common['No permission']);
}
}
if (isset($_GET['key']))
{
$key = $_GET['key'];
$result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());
list($new_email, $new_email_key) = $db->fetch_row($result);
if ($key == '' || $key != $new_email_key)
message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
else
{
$db->query('UPDATE '.$db->prefix.'users SET email=activate_string, activate_string=NULL, activate_key=NULL WHERE id='.$id) or error('Unable to update e-mail address', __FILE__, __LINE__, $db->error());
message($lang_profile['E-mail updated'], true);
}
}
else if (isset($_POST['form_sent']))
{
if (pun_hash($_POST['req_password']) !== $pun_user['password'])
message($lang_profile['Wrong pass']);
require PUN_ROOT.'include/email.php';
// Validate the email-address
$new_email = strtolower(trim($_POST['req_new_email']));
if (!is_valid_email($new_email))
message($lang_common['Invalid e-mail']);
// Check it it's a banned e-mail address
if (is_banned_email($new_email))
{
if ($pun_config['p_allow_banned_email'] == '0')
message($lang_prof_reg['Banned e-mail']);
else if ($pun_config['o_mailing_list'] != '')
{
$mail_subject = 'Alert - Banned e-mail detected';
$mail_message = 'User \''.$pun_user['username'].'\' changed to banned e-mail address: '.$new_email."\n\n".'User profile: '.$pun_config['o_base_url'].'/profile.php?id='.$id."\n\n".'-- '."\n".'Forum Mailer'."\n".'(Do not reply to this message)';
pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
}
}
// Check if someone else already has registered with that e-mail address
$result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($new_email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
if ($pun_config['p_allow_dupe_email'] == '0')
message($lang_prof_reg['Dupe e-mail']);
else if ($pun_config['o_mailing_list'] != '')
{
while ($cur_dupe = $db->fetch_assoc($result))
$dupe_list[] = $cur_dupe['username'];
$mail_subject = 'Alert - Duplicate e-mail detected';
$mail_message = 'User \''.$pun_user['username'].'\' changed to an e-mail address that also belongs to: '.implode(', ', $dupe_list)."\n\n".'User profile: '.$pun_config['o_base_url'].'/profile.php?id='.$id."\n\n".'-- '."\n".'Forum Mailer'."\n".'(Do not reply to this message)';
pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
}
}
$new_email_key = random_pass(8);
$db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.$db->escape($new_email).'\', activate_key=\''.$new_email_key.'\' WHERE id='.$id) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
// Load the "activate e-mail" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_email.tpl'));
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', $pun_user['username'], $mail_message);
$mail_message = str_replace('<base_url>', $pun_config['o_base_url'], $mail_message);
$mail_message = str_replace('<activation_url>', $pun_config['o_base_url'].'/profile.php?action=change_email&id='.$id.'&key='.$new_email_key, $mail_message);
$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);
pun_mail($new_email, $mail_subject, $mail_message);
message($lang_profile['Activate e-mail sent'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true);
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
$required_fields = array('req_new_email' => $lang_profile['New e-mail'], 'req_password' => $lang_common['Password']);
$focus_element = array('change_email', 'req_new_email');
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_profile['Change e-mail'] ?></span></h2>
<div class="box">
<form id="change_email" method="post" action="profile.php?action=change_email&amp;id=<?php echo $id ?>" id="change_email" onsubmit="return process_form(this)">
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['E-mail legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label>
<label><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password" size="16" maxlength="16" /><br /></label>
<p><?php echo $lang_profile['E-mail instructions'] ?></p>
</div>
</fieldset>
</div>
<p><input type="submit" name="new_email" value="<?php echo $lang_common['Submit'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
else if ($action == 'upload_avatar' || $action == 'upload_avatar2')
{
if ($pun_config['o_avatars'] == '0')
message($lang_profile['Avatars disabled']);
if ($pun_user['id'] != $id && $pun_user['g_id'] > PUN_MOD)
message($lang_common['No permission']);
if (isset($_POST['form_sent']))
{
if (!isset($_FILES['req_file']))
message($lang_profile['No file']);
$uploaded_file = $_FILES['req_file'];
// Make sure the upload went smooth
if (isset($uploaded_file['error']))
{
switch ($uploaded_file['error'])
{
case 1: // UPLOAD_ERR_INI_SIZE
case 2: // UPLOAD_ERR_FORM_SIZE
message($lang_profile['Too large ini']);
break;
case 3: // UPLOAD_ERR_PARTIAL
message($lang_profile['Partial upload']);
break;
case 4: // UPLOAD_ERR_NO_FILE
message($lang_profile['No file']);
break;
case 6: // UPLOAD_ERR_NO_TMP_DIR
message($lang_profile['No tmp directory']);
break;
default:
// No error occured, but was something actually uploaded?
if ($uploaded_file['size'] == 0)
message($lang_profile['No file']);
break;
}
}
if (is_uploaded_file($uploaded_file['tmp_name']))
{
$allowed_types = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/png', 'image/x-png');
if (!in_array($uploaded_file['type'], $allowed_types))
message($lang_profile['Bad type']);
// Make sure the file isn't too big
if ($uploaded_file['size'] > $pun_config['o_avatars_size'])
message($lang_profile['Too large'].' '.$pun_config['o_avatars_size'].' '.$lang_profile['bytes'].'.');
// Determine type
$extensions = null;
if ($uploaded_file['type'] == 'image/gif')
$extensions = array('.gif', '.jpg', '.png');
else if ($uploaded_file['type'] == 'image/jpeg' || $uploaded_file['type'] == 'image/pjpeg')
$extensions = array('.jpg', '.gif', '.png');
else
$extensions = array('.png', '.gif', '.jpg');
// Move the file to the avatar directory. We do this before checking the width/height to circumvent open_basedir restrictions.
if (!@move_uploaded_file($uploaded_file['tmp_name'], $pun_config['o_avatars_dir'].'/'.$id.'.tmp'))
message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
// Now check the width/height
list($width, $height, $type,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
if (empty($width) || empty($height) || $width > $pun_config['o_avatars_width'] || $height > $pun_config['o_avatars_height'])
{
@unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.');
}
else if ($type == 1 && $uploaded_file['type'] != 'image/gif') // Prevent dodgy uploads
{
@unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
message($lang_profile['Bad type']);
}
// Delete any old avatars and put the new one in place
@unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]);
@unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[1]);
@unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[2]);
@rename($pun_config['o_avatars_dir'].'/'.$id.'.tmp', $pun_config['o_avatars_dir'].'/'.$id.$extensions[0]);
@chmod($pun_config['o_avatars_dir'].'/'.$id.$extensions[0], 0644);
}
else
message($lang_profile['Unknown failure']);
// Enable use_avatar (seems sane since the user just uploaded an avatar)
$db->query('UPDATE '.$db->prefix.'users SET use_avatar=1 WHERE id='.$id) or error('Unable to update avatar state', __FILE__, __LINE__, $db->error());
redirect('profile.php?section=personality&amp;id='.$id, $lang_profile['Avatar upload redirect']);
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
$required_fields = array('req_file' => $lang_profile['File']);
$focus_element = array('upload_avatar', 'req_file');
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_profile['Upload avatar'] ?></span></h2>
<div class="box">
<form id="upload_avatar" method="post" enctype="multipart/form-data" action="profile.php?action=upload_avatar2&amp;id=<?php echo $id ?>" onsubmit="return process_form(this)">
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Upload avatar legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $pun_config['o_avatars_size'] ?>" />
<label><strong><?php echo $lang_profile['File'] ?></strong><br /><input name="req_file" type="file" size="40" /><br /></label>
<p><?php echo $lang_profile['Avatar desc'].' '.$pun_config['o_avatars_width'].' x '.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].' '.$lang_common['and'].' '.$pun_config['o_avatars_size'].' '.$lang_profile['bytes'].' ('.ceil($pun_config['o_avatars_size'] / 1024) ?> KB).</p>
</div>
</fieldset>
</div>
<p><input type="submit" name="upload" value="<?php echo $lang_profile['Upload'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
else if ($action == 'delete_avatar')
{
if ($pun_user['id'] != $id && $pun_user['g_id'] > PUN_MOD)
message($lang_common['No permission']);
confirm_referrer('profile.php');
@unlink($pun_config['o_avatars_dir'].'/'.$id.'.jpg');
@unlink($pun_config['o_avatars_dir'].'/'.$id.'.png');
@unlink($pun_config['o_avatars_dir'].'/'.$id.'.gif');
// Disable use_avatar
$db->query('UPDATE '.$db->prefix.'users SET use_avatar=0 WHERE id='.$id) or error('Unable to update avatar state', __FILE__, __LINE__, $db->error());
redirect('profile.php?section=personality&amp;id='.$id, $lang_profile['Avatar deleted redirect']);
}
else if (isset($_POST['update_group_membership']))
{
if ($pun_user['g_id'] > PUN_ADMIN)
message($lang_common['No permission']);
confirm_referrer('profile.php');
$new_group_id = intval($_POST['group_id']);
$db->query('UPDATE '.$db->prefix.'users SET group_id='.$new_group_id.' WHERE id='.$id) or error('Unable to change user group', __FILE__, __LINE__, $db->error());
// If the user was a moderator or an administrator, we remove him/her from the moderator list in all forums as well
if ($new_group_id > PUN_MOD)
{
$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
while ($cur_forum = $db->fetch_assoc($result))
{
$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
if (in_array($id, $cur_moderators))
{
$username = array_search($id, $cur_moderators);
unset($cur_moderators[$username]);
$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
$db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
}
}
}
redirect('profile.php?section=admin&amp;id='.$id, $lang_profile['Group membership redirect']);
}
else if (isset($_POST['update_forums']))
{
if ($pun_user['g_id'] > PUN_ADMIN)
message($lang_common['No permission']);
confirm_referrer('profile.php');
// Get the username of the user we are processing
$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
$username = $db->result($result);
$moderator_in = (isset($_POST['moderator_in'])) ? array_keys($_POST['moderator_in']) : array();
// Loop through all forums
$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
while ($cur_forum = $db->fetch_assoc($result))
{
$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
// If the user should have moderator access (and he/she doesn't already have it)
if (in_array($cur_forum['id'], $moderator_in) && !in_array($id, $cur_moderators))
{
$cur_moderators[$username] = $id;
ksort($cur_moderators);
$db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
}
// If the user shouldn't have moderator access (and he/she already has it)
else if (!in_array($cur_forum['id'], $moderator_in) && in_array($id, $cur_moderators))
{
unset($cur_moderators[$username]);
$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
$db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
}
}
redirect('profile.php?section=admin&amp;id='.$id, $lang_profile['Update forums redirect']);
}
else if (isset($_POST['ban']))
{
if ($pun_user['g_id'] > PUN_MOD || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '0'))
message($lang_common['No permission']);
redirect('admin_bans.php?add_ban='.$id, $lang_profile['Ban redirect']);
}
else if (isset($_POST['delete_user']) || isset($_POST['delete_user_comply']))
{
if ($pun_user['g_id'] > PUN_ADMIN)
message($lang_common['No permission']);
confirm_referrer('profile.php');
// Get the username and group of the user we are deleting
$result = $db->query('SELECT group_id, username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
list($group_id, $username) = $db->fetch_row($result);
if ($group_id == PUN_ADMIN)
message('Administrators cannot be deleted. In order to delete this user, you must first move him/her to a different user group.');
if (isset($_POST['delete_user_comply']))
{
// If the user is a moderator or an administrator, we remove him/her from the moderator list in all forums as well
if ($group_id < PUN_GUEST)
{
$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
while ($cur_forum = $db->fetch_assoc($result))
{
$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
if (in_array($id, $cur_moderators))
{
unset($cur_moderators[$username]);
$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
$db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
}
}
}
// Delete any subscriptions
$db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$id) or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error());
// Remove him/her from the online list (if they happen to be logged in)
$db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$id) or error('Unable to remove user from online list', __FILE__, __LINE__, $db->error());
// Should we delete all posts made by this user?
if (isset($_POST['delete_posts']))
{
require PUN_ROOT.'include/search_idx.php';
@set_time_limit(0);
// Find all posts made by this user
$result = $db->query('SELECT p.id, p.topic_id, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id WHERE p.poster_id='.$id) or error('Unable to fetch posts', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
while ($cur_post = $db->fetch_assoc($result))
{
// Determine whether this post is the "topic post" or not
$result2 = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['topic_id'].' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if ($db->result($result2) == $cur_post['id'])
delete_topic($cur_post['topic_id']);
else
delete_post($cur_post['id'], $cur_post['topic_id']);
update_forum($cur_post['forum_id']);
}
}
}
else
// Set all his/her posts to guest
$db->query('UPDATE '.$db->prefix.'posts SET poster_id=1 WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error());
// Delete the user
$db->query('DELETE FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to delete user', __FILE__, __LINE__, $db->error());
// Delete user avatar
if (file_exists($pun_config['o_avatars_dir'].'/'.$id.'.gif'))
@unlink($pun_config['o_avatars_dir'].'/'.$id.'.gif');
if (file_exists($pun_config['o_avatars_dir'].'/'.$id.'.jpg'))
@unlink($pun_config['o_avatars_dir'].'/'.$id.'.jpg');
if (file_exists($pun_config['o_avatars_dir'].'/'.$id.'.png'))
@unlink($pun_config['o_avatars_dir'].'/'.$id.'.png');
redirect('index.php', $lang_profile['User delete redirect']);
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
require PUN_ROOT.'header.php';
?>
<div class="blockform">
<h2><span><?php echo $lang_profile['Confirm delete user'] ?></span></h2>
<div class="box">
<form id="confirm_del_user" method="post" action="profile.php?id=<?php echo $id ?>">
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Confirm delete legend'] ?></legend>
<div class="infldset">
<p><?php echo $lang_profile['Confirmation info'].' '.pun_htmlspecialchars($username).'.' ?></p>
<div class="rbox">
<label><input type="checkbox" name="delete_posts" value="1" checked="checked" /><?php echo $lang_profile['Delete posts'] ?><br /></label>
</div>
<p class="warntext"><strong><?php echo $lang_profile['Delete warning'] ?></strong></p>
</div>
</fieldset>
</div>
<p><input type="submit" name="delete_user_comply" value="<?php echo $lang_profile['Delete'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
</form>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
else if (isset($_POST['form_sent']))
{
// Fetch the user group of the user we are editing
$result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
$group_id = $db->result($result);
if ($pun_user['id'] != $id &&
($pun_user['g_id'] > PUN_MOD ||
($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_edit_users'] == '0') ||
($pun_user['g_id'] == PUN_MOD && $group_id < PUN_GUEST)))
message($lang_common['No permission']);
if ($pun_user['g_id'] < PUN_GUEST)
confirm_referrer('profile.php');
// Extract allowed elements from $_POST['form']
function extract_elements($allowed_elements)
{
$form = array();
while (list($key, $value) = @each($_POST['form']))
{
if (in_array($key, $allowed_elements))
$form[$key] = $value;
}
return $form;
}
$username_updated = false;
// Validate input depending on section
switch ($section)
{
case 'essentials':
{
$form = extract_elements(array('timezone', 'language'));
if ($pun_user['g_id'] < PUN_GUEST)
{
$form['admin_note'] = trim($_POST['admin_note']);
// Are we allowed to change usernames?
if ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_rename_users'] == '1'))
{
$form['username'] = trim($_POST['req_username']);
$old_username = trim($_POST['old_username']);
if (strlen($form['username']) < 2)
message($lang_prof_reg['Username too short']);
else if (pun_strlen($form['username']) > 25) // This usually doesn't happen since the form element only accepts 25 characters
message($lang_common['Bad request']);
else if (!strcasecmp($form['username'], 'Guest') || !strcasecmp($form['username'], $lang_common['Guest']))
message($lang_prof_reg['Username guest']);
else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $form['username']))
message($lang_prof_reg['Username IP']);
else if (preg_match('#\[b\]|\[/b\]|\[u\]|\[/u\]|\[i\]|\[/i\]|\[color|\[/color\]|\[quote\]|\[quote=|\[/quote\]|\[code\]|\[/code\]|\[img\]|\[/img\]|\[url|\[/url\]|\[email|\[/email\]#i', $form['username']))
message($lang_prof_reg['Username BBCode']);
// Check that the username is not already registered
$result = $db->query('SELECT 1 FROM '.$db->prefix.'users WHERE username=\''.$db->escape($form['username']).'\' AND id!='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
message($lang_profile['Dupe username']);
if ($form['username'] != $old_username)
$username_updated = true;
}
// We only allow administrators to update the post count
if ($pun_user['g_id'] == PUN_ADMIN)
$form['num_posts'] = intval($_POST['num_posts']);
}
if ($pun_config['o_regs_verify'] == '0' || $pun_user['g_id'] < PUN_GUEST)
{
require PUN_ROOT.'include/email.php';
// Validate the email-address
$form['email'] = strtolower(trim($_POST['req_email']));
if (!is_valid_email($form['email']))
message($lang_common['Invalid e-mail']);
}
// Make sure we got a valid language string
if (isset($form['language']))
{
$form['language'] = preg_replace('#[\.\\\/]#', '', $form['language']);
if (!file_exists(PUN_ROOT.'lang/'.$form['language'].'/common.php'))
message($lang_common['Bad request']);
}
break;
}
case 'personal':
{
$form = extract_elements(array('realname', 'url', 'location'));
if ($pun_user['g_id'] == PUN_ADMIN)
$form['title'] = trim($_POST['title']);
else if ($pun_user['g_set_title'] == '1')
{
$form['title'] = trim($_POST['title']);
if ($form['title'] != '')
{
// A list of words that the title may not contain
// If the language is English, there will be some duplicates, but it's not the end of the world
$forbidden = array('Member', 'Moderator', 'Administrator', 'Banned', 'Guest', $lang_common['Member'], $lang_common['Moderator'], $lang_common['Administrator'], $lang_common['Banned'], $lang_common['Guest']);
if (in_array($form['title'], $forbidden))
message($lang_profile['Forbidden title']);
}
}
// Add http:// if the URL doesn't contain it already
if ($form['url'] != '' && strpos(strtolower($form['url']), 'http://') !== 0)
$form['url'] = 'http://'.$form['url'];
break;
}
case 'messaging':
{
$form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo'));
// If the ICQ UIN contains anything other than digits it's invalid
if ($form['icq'] != '' && @preg_match('/[^0-9]/', $form['icq']))
message($lang_prof_reg['Bad ICQ']);
break;
}
case 'personality':
{
$form = extract_elements(array('use_avatar'));
// Clean up signature from POST
$form['signature'] = pun_linebreaks(trim($_POST['signature']));
// Validate signature
if (pun_strlen($form['signature']) > $pun_config['p_sig_length'])
message($lang_prof_reg['Sig too long'].' '.$pun_config['p_sig_length'].' '.$lang_prof_reg['characters'].'.');
else if (substr_count($form['signature'], "\n") > ($pun_config['p_sig_lines']-1))
message($lang_prof_reg['Sig too many lines'].' '.$pun_config['p_sig_lines'].' '.$lang_prof_reg['lines'].'.');
else if ($form['signature'] && $pun_config['p_sig_all_caps'] == '0' && strtoupper($form['signature']) == $form['signature'] && $pun_user['g_id'] > PUN_MOD)
$form['signature'] = ucwords(strtolower($form['signature']));
// Validate BBCode syntax
if ($pun_config['p_sig_bbcode'] == '1' && strpos($form['signature'], '[') !== false && strpos($form['signature'], ']') !== false)
{
require PUN_ROOT.'include/parser.php';
$form['signature'] = preparse_bbcode($form['signature'], $foo, true);
}
if (!isset($form['use_avatar']) || $form['use_avatar'] != '1') $form['use_avatar'] = '0';
break;
}
case 'display':
{
$form = extract_elements(array('disp_topics', 'disp_posts', 'show_smilies', 'show_img', 'show_img_sig', 'show_avatars', 'show_sig', 'style'));
if ($form['disp_topics'] != '' && intval($form['disp_topics']) < 3) $form['disp_topics'] = 3;
if ($form['disp_topics'] != '' && intval($form['disp_topics']) > 75) $form['disp_topics'] = 75;
if ($form['disp_posts'] != '' && intval($form['disp_posts']) < 3) $form['disp_posts'] = 3;
if ($form['disp_posts'] != '' && intval($form['disp_posts']) > 75) $form['disp_posts'] = 75;
if (!isset($form['show_smilies']) || $form['show_smilies'] != '1') $form['show_smilies'] = '0';
if (!isset($form['show_img']) || $form['show_img'] != '1') $form['show_img'] = '0';
if (!isset($form['show_img_sig']) || $form['show_img_sig'] != '1') $form['show_img_sig'] = '0';
if (!isset($form['show_avatars']) || $form['show_avatars'] != '1') $form['show_avatars'] = '0';
if (!isset($form['show_sig']) || $form['show_sig'] != '1') $form['show_sig'] = '0';
break;
}
case 'privacy':
{
$form = extract_elements(array('email_setting', 'save_pass', 'notify_with_post'));
$form['email_setting'] = intval($form['email_setting']);
if ($form['email_setting'] < 0 && $form['email_setting'] > 2) $form['email_setting'] = 1;
if (!isset($form['save_pass']) || $form['save_pass'] != '1') $form['save_pass'] = '0';
if (!isset($form['notify_with_post']) || $form['notify_with_post'] != '1') $form['notify_with_post'] = '0';
// If the save_pass setting has changed, we need to set a new cookie with the appropriate expire date
if ($pun_user['id'] == $id && $form['save_pass'] != $pun_user['save_pass'])
{
$result = $db->query('SELECT password FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user password hash', __FILE__, __LINE__, $db->error());
pun_setcookie($id, $db->result($result), ($form['save_pass'] == '1') ? time() + 31536000 : 0);
}
break;
}
default:
message($lang_common['Bad request']);
}
// Singlequotes around non-empty values and NULL for empty values
$temp = array();
while (list($key, $input) = @each($form))
{
$value = ($input !== '') ? '\''.$db->escape($input).'\'' : 'NULL';
$temp[] = $key.'='.$value;
}
if (empty($temp))
message($lang_common['Bad request']);
$db->query('UPDATE '.$db->prefix.'users SET '.implode(',', $temp).' WHERE id='.$id) or error('Unable to update profile', __FILE__, __LINE__, $db->error());
// If we changed the username we have to update some stuff
if ($username_updated)
{
$db->query('UPDATE '.$db->prefix.'posts SET poster=\''.$db->escape($form['username']).'\' WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error());
$db->query('UPDATE '.$db->prefix.'topics SET poster=\''.$db->escape($form['username']).'\' WHERE poster=\''.$db->escape($old_username).'\'') or error('Unable to update topics', __FILE__, __LINE__, $db->error());
$db->query('UPDATE '.$db->prefix.'topics SET last_poster=\''.$db->escape($form['username']).'\' WHERE last_poster=\''.$db->escape($old_username).'\'') or error('Unable to update topics', __FILE__, __LINE__, $db->error());
$db->query('UPDATE '.$db->prefix.'forums SET last_poster=\''.$db->escape($form['username']).'\' WHERE last_poster=\''.$db->escape($old_username).'\'') or error('Unable to update forums', __FILE__, __LINE__, $db->error());
$db->query('UPDATE '.$db->prefix.'online SET ident=\''.$db->escape($form['username']).'\' WHERE ident=\''.$db->escape($old_username).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error());
// If the user is a moderator or an administrator we have to update the moderator lists
$result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
$group_id = $db->result($result);
if ($group_id < PUN_GUEST)
{
$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
while ($cur_forum = $db->fetch_assoc($result))
{
$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
if (in_array($id, $cur_moderators))
{
unset($cur_moderators[$old_username]);
$cur_moderators[$form['username']] = $id;
ksort($cur_moderators);
$db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
}
}
}
}
redirect('profile.php?section='.$section.'&amp;id='.$id, $lang_profile['Profile redirect']);
}
$result = $db->query('SELECT u.username, u.email, u.title, u.realname, u.url, u.jabber, u.icq, u.msn, u.aim, u.yahoo, u.location, u.use_avatar, u.signature, u.disp_topics, u.disp_posts, u.email_setting, u.save_pass, u.notify_with_post, u.show_smilies, u.show_img, u.show_img_sig, u.show_avatars, u.show_sig, u.timezone, u.language, u.style, u.num_posts, u.last_post, u.registered, u.registration_ip, u.admin_note, g.g_id, g.g_user_title FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
message($lang_common['Bad request']);
$user = $db->fetch_assoc($result);
$last_post = format_time($user['last_post']);
if ($user['signature'] != '')
{
require PUN_ROOT.'include/parser.php';
$parsed_signature = parse_signature($user['signature']);
}
// View or edit?
if ($pun_user['id'] != $id &&
($pun_user['g_id'] > PUN_MOD ||
($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_edit_users'] == '0') ||
($pun_user['g_id'] == PUN_MOD && $user['g_id'] < PUN_GUEST)))
{
if ($user['email_setting'] == '0' && !$pun_user['is_guest'])
$email_field = '<a href="mailto:'.$user['email'].'">'.$user['email'].'</a>';
else if ($user['email_setting'] == '1' && !$pun_user['is_guest'])
$email_field = '<a href="misc.php?email='.$id.'">'.$lang_common['Send e-mail'].'</a>';
else
$email_field = $lang_profile['Private'];
$user_title_field = get_title($user);
if ($user['url'] != '')
{
$user['url'] = pun_htmlspecialchars($user['url']);
if ($pun_config['o_censoring'] == '1')
$user['url'] = censor_words($user['url']);
$url = '<a href="'.$user['url'].'">'.$user['url'].'</a>';
}
else
$url = $lang_profile['Unknown'];
if ($pun_config['o_avatars'] == '1')
{
if ($user['use_avatar'] == '1')
{
if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.gif'))
$avatar_field = '<img src="'.$pun_config['o_avatars_dir'].'/'.$id.'.gif" '.$img_size[3].' alt="" />';
else if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.jpg'))
$avatar_field = '<img src="'.$pun_config['o_avatars_dir'].'/'.$id.'.jpg" '.$img_size[3].' alt="" />';
else if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.png'))
$avatar_field = '<img src="'.$pun_config['o_avatars_dir'].'/'.$id.'.png" '.$img_size[3].' alt="" />';
else
$avatar_field = $lang_profile['No avatar'];
}
else
$avatar_field = $lang_profile['No avatar'];
}
$posts_field = '';
if ($pun_config['o_show_post_count'] == '1' || $pun_user['g_id'] < PUN_GUEST)
$posts_field = $user['num_posts'];
if ($pun_user['g_search'] == '1')
$posts_field .= (($posts_field != '') ? ' - ' : '').'<a href="search.php?action=show_user&amp;user_id='.$id.'">'.$lang_profile['Show posts'].'</a>';
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
define('PUN_ALLOW_INDEX', 1);
require PUN_ROOT.'header.php';
?>
<div id="viewprofile" class="block">
<h2><span><?php echo $lang_common['Profile'] ?></span></h2>
<div class="box">
<div class="fakeform">
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Section personal'] ?></legend>
<div class="infldset">
<dl>
<dt><?php echo $lang_common['Username'] ?>: </dt>
<dd><?php echo pun_htmlspecialchars($user['username']) ?></dd>
<dt><?php echo $lang_common['Title'] ?>: </dt>
<dd><?php echo ($pun_config['o_censoring'] == '1') ? censor_words($user_title_field) : $user_title_field; ?></dd>
<dt><?php echo $lang_profile['Realname'] ?>: </dt>
<dd><?php echo ($user['realname'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['realname']) : $user['realname']) : $lang_profile['Unknown']; ?></dd>
<dt><?php echo $lang_profile['Location'] ?>: </dt>
<dd><?php echo ($user['location'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['location']) : $user['location']) : $lang_profile['Unknown']; ?></dd>
<dt><?php echo $lang_profile['Website'] ?>: </dt>
<dd><?php echo $url ?>&nbsp;</dd>
<dt><?php echo $lang_common['E-mail'] ?>: </dt>
<dd><?php echo $email_field ?></dd>
</dl>
<div class="clearer"></div>
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Section messaging'] ?></legend>
<div class="infldset">
<dl>
<dt><?php echo $lang_profile['Jabber'] ?>: </dt>
<dd><?php echo ($user['jabber'] !='') ? pun_htmlspecialchars($user['jabber']) : $lang_profile['Unknown']; ?></dd>
<dt><?php echo $lang_profile['ICQ'] ?>: </dt>
<dd><?php echo ($user['icq'] !='') ? $user['icq'] : $lang_profile['Unknown']; ?></dd>
<dt><?php echo $lang_profile['MSN'] ?>: </dt>
<dd><?php echo ($user['msn'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['msn']) : $user['msn']) : $lang_profile['Unknown']; ?></dd>
<dt><?php echo $lang_profile['AOL IM'] ?>: </dt>
<dd><?php echo ($user['aim'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['aim']) : $user['aim']) : $lang_profile['Unknown']; ?></dd>
<dt><?php echo $lang_profile['Yahoo'] ?>: </dt>
<dd><?php echo ($user['yahoo'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['yahoo']) : $user['yahoo']) : $lang_profile['Unknown']; ?></dd>
</dl>
<div class="clearer"></div>
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Section personality'] ?></legend>
<div class="infldset">
<dl>
<?php if ($pun_config['o_avatars'] == '1'): ?> <dt><?php echo $lang_profile['Avatar'] ?>: </dt>
<dd><?php echo $avatar_field ?></dd>
<?php endif; ?> <dt><?php echo $lang_profile['Signature'] ?>: </dt>
<dd><div><?php echo isset($parsed_signature) ? $parsed_signature : $lang_profile['No sig']; ?></div></dd>
</dl>
<div class="clearer"></div>
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['User activity'] ?></legend>
<div class="infldset">
<dl>
<?php if ($posts_field != ''): ?> <dt><?php echo $lang_common['Posts'] ?>: </dt>
<dd><?php echo $posts_field ?></dd>
<?php endif; ?> <dt><?php echo $lang_common['Last post'] ?>: </dt>
<dd><?php echo $last_post ?></dd>
<dt><?php echo $lang_common['Registered'] ?>: </dt>
<dd><?php echo format_time($user['registered'], true) ?></dd>
</dl>
<div class="clearer"></div>
</div>
</fieldset>
</div>
</div>
</div>
</div>
<?php
require PUN_ROOT.'footer.php';
}
else
{
if (!$section || $section == 'essentials')
{
if ($pun_user['g_id'] < PUN_GUEST)
{
if ($pun_user['g_id'] == PUN_ADMIN || $pun_config['p_mod_rename_users'] == '1')
$username_field = '<input type="hidden" name="old_username" value="'.pun_htmlspecialchars($user['username']).'" /><label><strong>'.$lang_common['Username'].'</strong><br /><input type="text" name="req_username" value="'.pun_htmlspecialchars($user['username']).'" size="25" maxlength="25" /><br /></label>'."\n";
else
$username_field = '<p>'.$lang_common['Username'].': '.pun_htmlspecialchars($user['username']).'</p>'."\n";
$email_field = '<label><strong>'.$lang_common['E-mail'].'</strong><br /><input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="50" /><br /></label><p><a href="misc.php?email='.$id.'">'.$lang_common['Send e-mail'].'</a></p>'."\n";
}
else
{
$username_field = '<p>'.$lang_common['Username'].': '.pun_htmlspecialchars($user['username']).'</p>'."\n";
if ($pun_config['o_regs_verify'] == '1')
$email_field = '<p>'.$lang_common['E-mail'].': '.$user['email'].'&nbsp;-&nbsp;<a href="profile.php?action=change_email&amp;id='.$id.'">'.$lang_profile['Change e-mail'].'</a></p>'."\n";
else
$email_field = '<label><strong>'.$lang_common['E-mail'].'</strong><br /><input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="50" /><br /></label>'."\n";
}
if ($pun_user['g_id'] == PUN_ADMIN)
$posts_field = '<label>'.$lang_common['Posts'].'<br /><input type="text" name="num_posts" value="'.$user['num_posts'].'" size="8" maxlength="8" /><br /></label><p><a href="search.php?action=show_user&amp;user_id='.$id.'">'.$lang_profile['Show posts'].'</a></p>'."\n";
else if ($pun_config['o_show_post_count'] == '1' || $pun_user['g_id'] < PUN_GUEST)
$posts_field = '<p>'.$lang_common['Posts'].': '.$user['num_posts'].' - <a href="search.php?action=show_user&amp;user_id='.$id.'">'.$lang_profile['Show posts'].'</a></p>'."\n";
else
$posts_field = '<p><a href="search.php?action=show_user&amp;user_id='.$id.'">'.$lang_profile['Show posts'].'</a></p>'."\n";
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
$required_fields = array('req_username' => $lang_common['Username'], 'req_email' => $lang_common['E-mail']);
require PUN_ROOT.'header.php';
generate_profile_menu('essentials');
?>
<div class="blockform">
<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section essentials'] ?></span></h2>
<div class="box">
<form id="profile1" method="post" action="profile.php?section=essentials&amp;id=<?php echo $id ?>" onsubmit="return process_form(this)">
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Username and pass legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<?php echo $username_field ?>
<?php if ($pun_user['id'] == $id || $pun_user['g_id'] == PUN_ADMIN || ($user['g_id'] > PUN_MOD && $pun_config['p_mod_change_passwords'] == '1')): ?><p><a href="profile.php?action=change_pass&amp;id=<?php echo $id ?>"><?php echo $lang_profile['Change pass'] ?></a></p>
<?php endif; ?> </div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend><?php echo $lang_prof_reg['E-mail legend'] ?></legend>
<div class="infldset">
<?php echo $email_field ?>
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend><?php echo $lang_prof_reg['Localisation legend'] ?></legend>
<div class="infldset">
<label><?php echo $lang_prof_reg['Timezone'] ?>: <?php echo $lang_prof_reg['Timezone info'] ?>
<br /><select name="form[timezone]">
<option value="-12"<?php if ($user['timezone'] == -12) echo ' selected="selected"' ?>>-12</option>
<option value="-11"<?php if ($user['timezone'] == -11) echo ' selected="selected"' ?>>-11</option>
<option value="-10"<?php if ($user['timezone'] == -10) echo ' selected="selected"' ?>>-10</option>
<option value="-9.5"<?php if ($user['timezone'] == -9.5) echo ' selected="selected"' ?>>-09.5</option>
<option value="-9"<?php if ($user['timezone'] == -9) echo ' selected="selected"' ?>>-09</option>
<option value="-8.5"<?php if ($user['timezone'] == -8.5) echo ' selected="selected"' ?>>-08.5</option>
<option value="-8"<?php if ($user['timezone'] == -8) echo ' selected="selected"' ?>>-08 PST</option>
<option value="-7"<?php if ($user['timezone'] == -7) echo ' selected="selected"' ?>>-07 MST</option>
<option value="-6"<?php if ($user['timezone'] == -6) echo ' selected="selected"' ?>>-06 CST</option>
<option value="-5"<?php if ($user['timezone'] == -5) echo ' selected="selected"' ?>>-05 EST</option>
<option value="-4"<?php if ($user['timezone'] == -4) echo ' selected="selected"' ?>>-04 AST</option>
<option value="-3.5"<?php if ($user['timezone'] == -3.5) echo ' selected="selected"' ?>>-03.5</option>
<option value="-3"<?php if ($user['timezone'] == -3) echo ' selected="selected"' ?>>-03 ADT</option>
<option value="-2"<?php if ($user['timezone'] == -2) echo ' selected="selected"' ?>>-02</option>
<option value="-1"<?php if ($user['timezone'] == -1) echo ' selected="selected"' ?>>-01</option>
<option value="0"<?php if ($user['timezone'] == 0) echo ' selected="selected"' ?>>00 GMT</option>
<option value="1"<?php if ($user['timezone'] == 1) echo ' selected="selected"' ?>>+01 CET</option>
<option value="2"<?php if ($user['timezone'] == 2) echo ' selected="selected"' ?>>+02</option>
<option value="3"<?php if ($user['timezone'] == 3) echo ' selected="selected"' ?>>+03</option>
<option value="3.5"<?php if ($user['timezone'] == 3.5) echo ' selected="selected"' ?>>+03.5</option>
<option value="4"<?php if ($user['timezone'] == 4) echo ' selected="selected"' ?>>+04</option>
<option value="4.5"<?php if ($user['timezone'] == 4.5) echo ' selected="selected"' ?>>+04.5</option>
<option value="5"<?php if ($user['timezone'] == 5) echo ' selected="selected"' ?>>+05</option>
<option value="5.5"<?php if ($user['timezone'] == 5.5) echo ' selected="selected"' ?>>+05.5</option>
<option value="6"<?php if ($user['timezone'] == 6) echo ' selected="selected"' ?>>+06</option>
<option value="6.5"<?php if ($user['timezone'] == 6.5) echo ' selected="selected"' ?>>+06.5</option>
<option value="7"<?php if ($user['timezone'] == 7) echo ' selected="selected"' ?>>+07</option>
<option value="8"<?php if ($user['timezone'] == 8) echo ' selected="selected"' ?>>+08</option>
<option value="9"<?php if ($user['timezone'] == 9) echo ' selected="selected"' ?>>+09</option>
<option value="9.5"<?php if ($user['timezone'] == 9.5) echo ' selected="selected"' ?>>+09.5</option>
<option value="10"<?php if ($user['timezone'] == 10) echo ' selected="selected"' ?>>+10</option>
<option value="10.5"<?php if ($user['timezone'] == 10.5) echo ' selected="selected"' ?>>+10.5</option>
<option value="11"<?php if ($user['timezone'] == 11) echo ' selected="selected"' ?>>+11</option>
<option value="11.5"<?php if ($user['timezone'] == 11.5) echo ' selected="selected"' ?>>+11.5</option>
<option value="12"<?php if ($user['timezone'] == 12) echo ' selected="selected"' ?>>+12</option>
<option value="13"<?php if ($user['timezone'] == 13) echo ' selected="selected"' ?>>+13</option>
<option value="14"<?php if ($user['timezone'] == 14) echo ' selected="selected"' ?>>+14</option>
</select>
<br /></label>
<?php
$languages = array();
$d = dir(PUN_ROOT.'lang');
while (($entry = $d->read()) !== false)
{
if ($entry != '.' && $entry != '..' && is_dir(PUN_ROOT.'lang/'.$entry) && file_exists(PUN_ROOT.'lang/'.$entry.'/common.php'))
$languages[] = $entry;
}
$d->close();
// Only display the language selection box if there's more than one language available
if (count($languages) > 1)
{
natsort($languages);
?>
<label><?php echo $lang_prof_reg['Language'] ?>: <?php echo $lang_prof_reg['Language info'] ?>
<br /><select name="form[language]">
<?php
while (list(, $temp) = @each($languages))
{
if ($user['language'] == $temp)
echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.$temp.'</option>'."\n";
else
echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.$temp.'</option>'."\n";
}
?>
</select>
<br /></label>
<?php
}
?>
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['User activity'] ?></legend>
<div class="infldset">
<p><?php echo $lang_common['Registered'] ?>: <?php echo format_time($user['registered'], true); if ($pun_user['g_id'] < PUN_GUEST) echo ' (<a href="moderate.php?get_host='.pun_htmlspecialchars($user['registration_ip']).'">'.pun_htmlspecialchars($user['registration_ip']).'</a>)'; ?></p>
<p><?php echo $lang_common['Last post'] ?>: <?php echo $last_post ?></p>
<?php echo $posts_field ?>
<?php if ($pun_user['g_id'] < PUN_GUEST): ?> <label><?php echo $lang_profile['Admin note'] ?><br />
<input id="admin_note" type="text" name="admin_note" value="<?php echo pun_htmlspecialchars($user['admin_note']) ?>" size="30" maxlength="30" /><br /></label>
<?php endif; ?> </div>
</fieldset>
</div>
<p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p>
</form>
</div>
</div>
<?php
}
else if ($section == 'personal')
{
if ($pun_user['g_set_title'] == '1')
$title_field = '<label>'.$lang_common['Title'].'&nbsp;&nbsp;(<em>'.$lang_profile['Leave blank'].'</em>)<br /><input type="text" name="title" value="'.pun_htmlspecialchars($user['title']).'" size="30" maxlength="50" /><br /></label>'."\n";
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
require PUN_ROOT.'header.php';
generate_profile_menu('personal');
?>
<div class="blockform">
<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section personal'] ?></span></h2>
<div class="box">
<form id="profile2" method="post" action="profile.php?section=personal&amp;id=<?php echo $id ?>">
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Personal details legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<label><?php echo $lang_profile['Realname'] ?><br /><input type="text" name="form[realname]" value="<?php echo pun_htmlspecialchars($user['realname']) ?>" size="40" maxlength="40" /><br /></label>
<?php if (isset($title_field)): ?> <?php echo $title_field ?>
<?php endif; ?> <label><?php echo $lang_profile['Location'] ?><br /><input type="text" name="form[location]" value="<?php echo pun_htmlspecialchars($user['location']) ?>" size="30" maxlength="30" /><br /></label>
<label><?php echo $lang_profile['Website'] ?><br /><input type="text" name="form[url]" value="<?php echo pun_htmlspecialchars($user['url']) ?>" size="50" maxlength="80" /><br /></label>
</div>
</fieldset>
</div>
<p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p>
</form>
</div>
</div>
<?php
}
else if ($section == 'messaging')
{
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
require PUN_ROOT.'header.php';
generate_profile_menu('messaging');
?>
<div class="blockform">
<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section messaging'] ?></span></h2>
<div class="box">
<form id="profile3" method="post" action="profile.php?section=messaging&amp;id=<?php echo $id ?>">
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Contact details legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<label><?php echo $lang_profile['Jabber'] ?><br /><input id="jabber" type="text" name="form[jabber]" value="<?php echo pun_htmlspecialchars($user['jabber']) ?>" size="40" maxlength="75" /><br /></label>
<label><?php echo $lang_profile['ICQ'] ?><br /><input id="icq" type="text" name="form[icq]" value="<?php echo $user['icq'] ?>" size="12" maxlength="12" /><br /></label>
<label><?php echo $lang_profile['MSN'] ?><br /><input id="msn" type="text" name="form[msn]" value="<?php echo pun_htmlspecialchars($user['msn']) ?>" size="40" maxlength="50" /><br /></label>
<label><?php echo $lang_profile['AOL IM'] ?><br /><input id="aim" type="text" name="form[aim]" value="<?php echo pun_htmlspecialchars($user['aim']) ?>" size="20" maxlength="30" /><br /></label>
<label><?php echo $lang_profile['Yahoo'] ?><br /><input id="yahoo" type="text" name="form[yahoo]" value="<?php echo pun_htmlspecialchars($user['yahoo']) ?>" size="20" maxlength="30" /><br /></label>
</div>
</fieldset>
</div>
<p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p>
</form>
</div>
</div>
<?php
}
else if ($section == 'personality')
{
$avatar_field = '<a href="profile.php?action=upload_avatar&amp;id='.$id.'">'.$lang_profile['Change avatar'].'</a>';
if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.gif'))
$avatar_format = 'gif';
else if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.jpg'))
$avatar_format = 'jpg';
else if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.png'))
$avatar_format = 'png';
else
$avatar_field = '<a href="profile.php?action=upload_avatar&amp;id='.$id.'">'.$lang_profile['Upload avatar'].'</a>';
// Display the delete avatar link?
if ($img_size)
$avatar_field .= '&nbsp;&nbsp;&nbsp;<a href="profile.php?action=delete_avatar&amp;id='.$id.'">'.$lang_profile['Delete avatar'].'</a>';
if ($user['signature'] != '')
$signature_preview = '<p>'.$lang_profile['Sig preview'].'</p>'."\n\t\t\t\t\t".'<div class="postsignature">'."\n\t\t\t\t\t\t".'<hr />'."\n\t\t\t\t\t\t".$parsed_signature."\n\t\t\t\t\t".'</div>'."\n";
else
$signature_preview = '<p>'.$lang_profile['No sig'].'</p>'."\n";
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
require PUN_ROOT.'header.php';
generate_profile_menu('personality');
?>
<div class="blockform">
<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section personality'] ?></span></h2>
<div class="box">
<form id="profile4" method="post" action="profile.php?section=personality&amp;id=<?php echo $id ?>">
<div><input type="hidden" name="form_sent" value="1" /></div>
<?php if ($pun_config['o_avatars'] == '1'): ?> <div class="inform">
<fieldset id="profileavatar">
<legend><?php echo $lang_profile['Avatar legend'] ?></legend>
<div class="infldset">
<?php if (isset($avatar_format)): ?> <img src="<?php echo $pun_config['o_avatars_dir'].'/'.$id.'.'.$avatar_format ?>" <?php echo $img_size[3] ?> alt="" />
<?php endif; ?> <p><?php echo $lang_profile['Avatar info'] ?></p>
<div class="rbox">
<label><input type="checkbox" name="form[use_avatar]" value="1"<?php if ($user['use_avatar'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Use avatar'] ?><br /></label>
</div>
<p class="clearb"><?php echo $avatar_field ?></p>
</div>
</fieldset>
</div>
<?php endif; ?> <div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Signature legend'] ?></legend>
<div class="infldset">
<p><?php echo $lang_profile['Signature info'] ?></p>
<div class="txtarea">
<label><?php echo $lang_profile['Sig max length'] ?>: <?php echo $pun_config['p_sig_length'] ?> / <?php echo $lang_profile['Sig max lines'] ?>: <?php echo $pun_config['p_sig_lines'] ?><br />
<textarea name="signature" rows="4" cols="65"><?php echo pun_htmlspecialchars($user['signature']) ?></textarea><br /></label>
</div>
<ul class="bblinks">
<li><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a>: <?php echo ($pun_config['p_sig_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
<li><a href="help.php#img" onclick="window.open(this.href); return false;"><?php echo $lang_common['img tag'] ?></a>: <?php echo ($pun_config['p_sig_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
<li><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies_sig'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
</ul>
<?php echo $signature_preview ?>
</div>
</fieldset>
</div>
<p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p>
</form>
</div>
</div>
<?php
}
else if ($section == 'display')
{
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
require PUN_ROOT.'header.php';
generate_profile_menu('display');
?>
<div class="blockform">
<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section display'] ?></span></h2>
<div class="box">
<form id="profile5" method="post" action="profile.php?section=display&amp;id=<?php echo $id ?>">
<div><input type="hidden" name="form_sent" value="1" /></div>
<?php
$styles = array();
$d = dir(PUN_ROOT.'style');
while (($entry = $d->read()) !== false)
{
if (substr($entry, strlen($entry)-4) == '.css')
$styles[] = substr($entry, 0, strlen($entry)-4);
}
$d->close();
// Only display the style selection box if there's more than one style available
if (count($styles) == 1)
echo "\t\t\t".'<div><input type="hidden" name="form[style]" value="'.$styles[0].'" /></div>'."\n";
else if (count($styles) > 1)
{
natsort($styles);
?>
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Style legend'] ?></legend>
<div class="infldset">
<label><?php echo $lang_profile['Style info'] ?><br />
<select name="form[style]">
<?php
while (list(, $temp) = @each($styles))
{
if ($user['style'] == $temp)
echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.str_replace('_', ' ', $temp).'</option>'."\n";
else
echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.str_replace('_', ' ', $temp).'</option>'."\n";
}
?>
</select>
<br /></label>
</div>
</fieldset>
</div>
<?php
}
?>
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Post display legend'] ?></legend>
<div class="infldset">
<p><?php echo $lang_profile['Post display info'] ?></p>
<div class="rbox">
<label><input type="checkbox" name="form[show_smilies]" value="1"<?php if ($user['show_smilies'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show smilies'] ?><br /></label>
<label><input type="checkbox" name="form[show_sig]" value="1"<?php if ($user['show_sig'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show sigs'] ?><br /></label>
<?php if ($pun_config['o_avatars'] == '1'): ?> <label><input type="checkbox" name="form[show_avatars]" value="1"<?php if ($user['show_avatars'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show avatars'] ?><br /></label>
<?php endif; ?> <label><input type="checkbox" name="form[show_img]" value="1"<?php if ($user['show_img'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show images'] ?><br /></label>
<label><input type="checkbox" name="form[show_img_sig]" value="1"<?php if ($user['show_img_sig'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show images sigs'] ?><br /></label>
</div>
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Pagination legend'] ?></legend>
<div class="infldset">
<label class="conl"><?php echo $lang_profile['Topics per page'] ?><br /><input type="text" name="form[disp_topics]" value="<?php echo $user['disp_topics'] ?>" size="6" maxlength="3" /><br /></label>
<label class="conl"><?php echo $lang_profile['Posts per page'] ?><br /><input type="text" name="form[disp_posts]" value="<?php echo $user['disp_posts'] ?>" size="6" maxlength="3" /><br /></label>
<p class="clearb"><?php echo $lang_profile['Paginate info'] ?> <?php echo $lang_profile['Leave blank'] ?></p>
</div>
</fieldset>
</div>
<p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p>
</form>
</div>
</div>
<?php
}
else if ($section == 'privacy')
{
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
require PUN_ROOT.'header.php';
generate_profile_menu('privacy');
?>
<div class="blockform">
<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section privacy'] ?></span></h2>
<div class="box">
<form id="profile6" method="post" action="profile.php?section=privacy&amp;id=<?php echo $id ?>">
<div class="inform">
<fieldset>
<legend><?php echo $lang_prof_reg['Privacy options legend'] ?></legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<p><?php echo $lang_prof_reg['E-mail setting info'] ?></p>
<div class="rbox">
<label><input type="radio" name="form[email_setting]" value="0"<?php if ($user['email_setting'] == '0') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['E-mail setting 1'] ?><br /></label>
<label><input type="radio" name="form[email_setting]" value="1"<?php if ($user['email_setting'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['E-mail setting 2'] ?><br /></label>
<label><input type="radio" name="form[email_setting]" value="2"<?php if ($user['email_setting'] == '2') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['E-mail setting 3'] ?><br /></label>
</div>
<p><?php echo $lang_prof_reg['Save user/pass info'] ?></p>
<div class="rbox">
<label><input type="checkbox" name="form[save_pass]" value="1"<?php if ($user['save_pass'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['Save user/pass'] ?><br /></label>
</div>
<p><?php echo $lang_profile['Notify full info'] ?></p>
<div class="rbox">
<label><input type="checkbox" name="form[notify_with_post]" value="1"<?php if ($user['notify_with_post'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Notify full'] ?><br /></label>
</div>
</div>
</fieldset>
</div>
<p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p>
</form>
</div>
</div>
<?php
}
else if ($section == 'admin')
{
if ($pun_user['g_id'] > PUN_MOD || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '0'))
message($lang_common['Bad request']);
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
require PUN_ROOT.'header.php';
generate_profile_menu('admin');
?>
<div class="blockform">
<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section admin'] ?></span></h2>
<div class="box">
<form id="profile7" method="post" action="profile.php?section=admin&amp;id=<?php echo $id ?>&amp;action=foo">
<div class="inform">
<input type="hidden" name="form_sent" value="1" />
<fieldset>
<?php
if ($pun_user['g_id'] == PUN_MOD)
{
?>
<legend><?php echo $lang_profile['Delete ban legend'] ?></legend>
<div class="infldset">
<p><input type="submit" name="ban" value="<?php echo $lang_profile['Ban user'] ?>" /></p>
</div>
</fieldset>
</div>
<?php
}
else
{
if ($pun_user['id'] != $id)
{
?>
<legend><?php echo $lang_profile['Group membership legend'] ?></legend>
<div class="infldset">
<select id="group_id" name="group_id">
<?php
$result = $db->query('SELECT g_id, g_title FROM '.$db->prefix.'groups WHERE g_id!='.PUN_GUEST.' ORDER BY g_title') or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());
while ($cur_group = $db->fetch_assoc($result))
{
if ($cur_group['g_id'] == $user['g_id'] || ($cur_group['g_id'] == $pun_config['o_default_user_group'] && $user['g_id'] == ''))
echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.pun_htmlspecialchars($cur_group['g_title']).'</option>'."\n";
else
echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.pun_htmlspecialchars($cur_group['g_title']).'</option>'."\n";
}
?>
</select>
<input type="submit" name="update_group_membership" value="<?php echo $lang_profile['Save'] ?>" />
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<?php
}
?>
<legend><?php echo $lang_profile['Delete ban legend'] ?></legend>
<div class="infldset">
<input type="submit" name="delete_user" value="<?php echo $lang_profile['Delete user'] ?>" />&nbsp;&nbsp;<input type="submit" name="ban" value="<?php echo $lang_profile['Ban user'] ?>" />
</div>
</fieldset>
</div>
<?php
if ($user['g_id'] == PUN_MOD || $user['g_id'] == PUN_ADMIN)
{
?>
<div class="inform">
<fieldset>
<legend><?php echo $lang_profile['Set mods legend'] ?></legend>
<div class="infldset">
<p><?php echo $lang_profile['Moderator in info'] ?></p>
<?php
$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.moderators FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id WHERE f.redirect_url IS NULL ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
$cur_category = 0;
while ($cur_forum = $db->fetch_assoc($result))
{
if ($cur_forum['cid'] != $cur_category) // A new category since last iteration?
{
if ($cur_category)
echo "\n\t\t\t\t\t\t\t\t".'</div>';
if ($cur_category != 0)
echo "\n\t\t\t\t\t\t\t".'</div>'."\n";
echo "\t\t\t\t\t\t\t".'<div class="conl">'."\n\t\t\t\t\t\t\t\t".'<p><strong>'.$cur_forum['cat_name'].'</strong></p>'."\n\t\t\t\t\t\t\t\t".'<div class="rbox">';
$cur_category = $cur_forum['cid'];
}
$moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
echo "\n\t\t\t\t\t\t\t\t\t".'<label><input type="checkbox" name="moderator_in['.$cur_forum['fid'].']" value="1"'.((in_array($id, $moderators)) ? ' checked="checked"' : '').' />'.pun_htmlspecialchars($cur_forum['forum_name']).'<br /></label>'."\n";
}
?>
</div>
</div>
<br class="clearb" /><input type="submit" name="update_forums" value="<?php echo $lang_profile['Update forums'] ?>" />
</div>
</fieldset>
</div>
<?php
}
}
?>
</form>
</div>
</div>
<?php
}
?>
<div class="clearer"></div>
</div>
<?php
require PUN_ROOT.'footer.php';
}