github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-14 18:48:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Реформат в PSR-2 + добавление заголовков лицензии MIT в файлы

Browse source
This commit is contained in:
Yuriy Pikhtarev 2017-01-13 01:20:43 +03:00
commit 3730bed000
No known key found for this signature in database
GPG key ID: 3A9B5A757B48ECC6
207 changed files with 44327 additions and 43119 deletions
Download patch file Download diff file Expand all files Collapse all files

62
library/ajax/avatar.php
View file

@ -1,35 +1,57 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $bb_cfg, $lang, $user;
$mode = (string) $this->request['mode'];
$user_id = (int) $this->request['user_id'];
$mode = (string)$this->request['mode'];
$user_id = (int)$this->request['user_id'];
if (!$user_id OR !$u_data = get_userdata($user_id))
{
$this->ajax_die('Invalid user_id');
if (!$user_id or !$u_data = get_userdata($user_id)) {
$this->ajax_die('Invalid user_id');
}
if (!IS_ADMIN && $user_id != $user->id)
{
$this->ajax_die($lang['NOT_ADMIN']);
if (!IS_ADMIN && $user_id != $user->id) {
$this->ajax_die($lang['NOT_ADMIN']);
}
switch ($mode)
{
case 'delete':
delete_avatar($user_id, $u_data['avatar_ext_id']);
$new_ext_id = 0;
$response = '<img src="'. $bb_cfg['avatars']['upload_path'] . $bb_cfg['avatars']['no_avatar'] .'" alt="'. $user_id .'" />';
break;
default:
$this->ajax_die('Invalid mode');
switch ($mode) {
case 'delete':
delete_avatar($user_id, $u_data['avatar_ext_id']);
$new_ext_id = 0;
$response = '<img src="' . $bb_cfg['avatars']['upload_path'] . $bb_cfg['avatars']['no_avatar'] . '" alt="' . $user_id . '" />';
break;
default:
$this->ajax_die('Invalid mode');
}
DB()->query("UPDATE ". BB_USERS ." SET avatar_ext_id = $new_ext_id WHERE user_id = $user_id LIMIT 1");
DB()->query("UPDATE " . BB_USERS . " SET avatar_ext_id = $new_ext_id WHERE user_id = $user_id LIMIT 1");
cache_rm_user_sessions($user_id);
$this->response['avatar_html'] = $response;
$this->response['avatar_html'] = $response;

208
library/ajax/change_tor_status.php
View file

@ -1,106 +1,138 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $userdata, $bb_cfg, $lang;
if (!isset($this->request['attach_id'])) $this->ajax_die($lang['EMPTY_ATTACH_ID']);
if (!isset($this->request['attach_id'])) {
$this->ajax_die($lang['EMPTY_ATTACH_ID']);
}
$attach_id = (int) $this->request['attach_id'];
$mode = (string) $this->request['mode'];
$attach_id = (int)$this->request['attach_id'];
$mode = (string)$this->request['mode'];
if ($bb_cfg['tor_comment'])
{
$comment = (string) $this->request['comment'];
if ($bb_cfg['tor_comment']) {
$comment = (string)$this->request['comment'];
}
$tor = DB()->fetch_row("
SELECT
tor.poster_id, tor.forum_id, tor.topic_id, tor.tor_status, tor.checked_time, tor.checked_user_id, f.cat_id, t.topic_title
FROM ". BB_BT_TORRENTS ." tor
INNER JOIN ". BB_FORUMS ." f ON(f.forum_id = tor.forum_id)
INNER JOIN ". BB_TOPICS ." t ON(t.topic_id = tor.topic_id)
FROM " . BB_BT_TORRENTS . " tor
INNER JOIN " . BB_FORUMS . " f ON(f.forum_id = tor.forum_id)
INNER JOIN " . BB_TOPICS . " t ON(t.topic_id = tor.topic_id)
WHERE tor.attach_id = $attach_id
LIMIT 1
");
if (!$tor) $this->ajax_die($lang['TORRENT_FAILED']);
switch ($mode)
{
case 'status':
$new_status = (int) $this->request['status'];
// Валидность статуса
if (!isset($lang['TOR_STATUS_NAME'][$new_status])) $this->ajax_die($lang['TOR_STATUS_FAILED']);
if (!isset($this->request['status'])) $this->ajax_die($lang['TOR_DONT_CHANGE']);
if (!IS_AM) $this->ajax_die($lang['NOT_MODERATOR']);
// Тот же статус
if ($tor['tor_status'] == $new_status)
{
$this->ajax_die($lang['TOR_STATUS_DUB']);
}
// Запрет на изменение/присвоение CH-статуса модератором
if ($new_status == TOR_CLOSED_CPHOLD && !IS_ADMIN)
{
$this->ajax_die($lang['TOR_DONT_CHANGE']);
}
// Права на изменение статуса
if ($tor['tor_status'] == TOR_CLOSED_CPHOLD)
{
if (!IS_ADMIN) $this->verify_mod_rights($tor['forum_id']);
DB()->query("UPDATE ". BB_TOPICS ." SET topic_status = ". TOPIC_UNLOCKED ." WHERE topic_id = {$tor['topic_id']} LIMIT 1");
}
else
{
$this->verify_mod_rights($tor['forum_id']);
}
// Подтверждение изменения статуса, выставленного другим модератором
if ($tor['tor_status'] != TOR_NOT_APPROVED && $tor['checked_user_id'] != $userdata['user_id'] && $tor['checked_time'] + 2*3600 > TIMENOW)
{
if (empty($this->request['confirmed']))
{
$msg = $lang['TOR_STATUS_OF'] ." {$lang['TOR_STATUS_NAME'][$tor['tor_status']]}\n\n";
$msg .= ($username = get_username($tor['checked_user_id'])) ? $lang['TOR_STATUS_CHANGED'] . html_entity_decode($username) .", ". delta_time($tor['checked_time']) . $lang['TOR_BACK'] ."\n\n" : "";
$msg .= $lang['PROCEED'] .'?';
$this->prompt_for_confirm($msg);
}
}
change_tor_status($attach_id, $new_status);
$this->response['status'] = $bb_cfg['tor_icons'][$new_status] .' <b> '. $lang['TOR_STATUS_NAME'][$new_status]. '</b> &middot; '. profile_url($userdata) .' &middot; <i>'. delta_time(TIMENOW) . $lang['TOR_BACK']. '</i>';
if ($bb_cfg['tor_comment'] && (($comment && $comment != $lang['COMMENT']) || in_array($new_status, $bb_cfg['tor_reply'])))
{
if ($tor['poster_id'] > 0)
{
$subject = sprintf($lang['TOR_MOD_TITLE'], $tor['topic_title']);
$message = sprintf($lang['TOR_MOD_MSG'], get_username($tor['poster_id']), make_url(TOPIC_URL . $tor['topic_id']), $bb_cfg['tor_icons'][$new_status] .' '.$lang['TOR_STATUS_NAME'][$new_status]);
if ($comment && $comment != $lang['COMMENT']) $message .= "\n\n[b]". $lang['COMMENT'] .'[/b]: '. $comment;
send_pm($tor['poster_id'], $subject, $message, $userdata['user_id']);
cache_rm_user_sessions($tor['poster_id']);
}
}
break;
case 'status_reply':
if (!$bb_cfg['tor_comment']) $this->ajax_die($lang['MODULE_OFF']);
$subject = sprintf($lang['TOR_AUTH_TITLE'], $tor['topic_title']);
$message = sprintf($lang['TOR_AUTH_MSG'], get_username($tor['checked_user_id']), make_url(TOPIC_URL . $tor['topic_id']), $tor['topic_title']);
if ($comment && $comment != $lang['COMMENT']) $message .= "\n\n[b]". $lang['COMMENT'] .'[/b]: '. $comment;
send_pm($tor['checked_user_id'], $subject, $message, $userdata['user_id']);
cache_rm_user_sessions($tor['checked_user_id']);
break;
if (!$tor) {
$this->ajax_die($lang['TORRENT_FAILED']);
}
$this->response['attach_id'] = $attach_id;
switch ($mode) {
case 'status':
$new_status = (int)$this->request['status'];
// Валидность статуса
if (!isset($lang['TOR_STATUS_NAME'][$new_status])) {
$this->ajax_die($lang['TOR_STATUS_FAILED']);
}
if (!isset($this->request['status'])) {
$this->ajax_die($lang['TOR_DONT_CHANGE']);
}
if (!IS_AM) {
$this->ajax_die($lang['NOT_MODERATOR']);
}
// Тот же статус
if ($tor['tor_status'] == $new_status) {
$this->ajax_die($lang['TOR_STATUS_DUB']);
}
// Запрет на изменение/присвоение CH-статуса модератором
if ($new_status == TOR_CLOSED_CPHOLD && !IS_ADMIN) {
$this->ajax_die($lang['TOR_DONT_CHANGE']);
}
// Права на изменение статуса
if ($tor['tor_status'] == TOR_CLOSED_CPHOLD) {
if (!IS_ADMIN) {
$this->verify_mod_rights($tor['forum_id']);
}
DB()->query("UPDATE " . BB_TOPICS . " SET topic_status = " . TOPIC_UNLOCKED . " WHERE topic_id = {$tor['topic_id']} LIMIT 1");
} else {
$this->verify_mod_rights($tor['forum_id']);
}
// Подтверждение изменения статуса, выставленного другим модератором
if ($tor['tor_status'] != TOR_NOT_APPROVED && $tor['checked_user_id'] != $userdata['user_id'] && $tor['checked_time'] + 2 * 3600 > TIMENOW) {
if (empty($this->request['confirmed'])) {
$msg = $lang['TOR_STATUS_OF'] . " {$lang['TOR_STATUS_NAME'][$tor['tor_status']]}\n\n";
$msg .= ($username = get_username($tor['checked_user_id'])) ? $lang['TOR_STATUS_CHANGED'] . html_entity_decode($username) . ", " . delta_time($tor['checked_time']) . $lang['TOR_BACK'] . "\n\n" : "";
$msg .= $lang['PROCEED'] . '?';
$this->prompt_for_confirm($msg);
}
}
change_tor_status($attach_id, $new_status);
$this->response['status'] = $bb_cfg['tor_icons'][$new_status] . ' <b> ' . $lang['TOR_STATUS_NAME'][$new_status] . '</b> &middot; ' . profile_url($userdata) . ' &middot; <i>' . delta_time(TIMENOW) . $lang['TOR_BACK'] . '</i>';
if ($bb_cfg['tor_comment'] && (($comment && $comment != $lang['COMMENT']) || in_array($new_status, $bb_cfg['tor_reply']))) {
if ($tor['poster_id'] > 0) {
$subject = sprintf($lang['TOR_MOD_TITLE'], $tor['topic_title']);
$message = sprintf($lang['TOR_MOD_MSG'], get_username($tor['poster_id']), make_url(TOPIC_URL . $tor['topic_id']), $bb_cfg['tor_icons'][$new_status] . ' ' . $lang['TOR_STATUS_NAME'][$new_status]);
if ($comment && $comment != $lang['COMMENT']) {
$message .= "\n\n[b]" . $lang['COMMENT'] . '[/b]: ' . $comment;
}
send_pm($tor['poster_id'], $subject, $message, $userdata['user_id']);
cache_rm_user_sessions($tor['poster_id']);
}
}
break;
case 'status_reply':
if (!$bb_cfg['tor_comment']) {
$this->ajax_die($lang['MODULE_OFF']);
}
$subject = sprintf($lang['TOR_AUTH_TITLE'], $tor['topic_title']);
$message = sprintf($lang['TOR_AUTH_MSG'], get_username($tor['checked_user_id']), make_url(TOPIC_URL . $tor['topic_id']), $tor['topic_title']);
if ($comment && $comment != $lang['COMMENT']) {
$message .= "\n\n[b]" . $lang['COMMENT'] . '[/b]: ' . $comment;
}
send_pm($tor['checked_user_id'], $subject, $message, $userdata['user_id']);
cache_rm_user_sessions($tor['checked_user_id']);
break;
}
$this->response['attach_id'] = $attach_id;

157
library/ajax/change_torrent.php
View file

@ -1,19 +1,42 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $userdata, $bb_cfg, $lang;
if (!isset($this->request['attach_id']))
{
$this->ajax_die($lang['EMPTY_ATTACH_ID']);
if (!isset($this->request['attach_id'])) {
$this->ajax_die($lang['EMPTY_ATTACH_ID']);
}
if (!isset($this->request['type']))
{
$this->ajax_die('type');
if (!isset($this->request['type'])) {
$this->ajax_die('type');
}
$attach_id = (int) $this->request['attach_id'];
$type = (string) $this->request['type'];
$attach_id = (int)$this->request['attach_id'];
$type = (string)$this->request['type'];
$torrent = DB()->fetch_row("
SELECT
@ -22,11 +45,11 @@ $torrent = DB()->fetch_row("
p.poster_id, p.topic_id, p.forum_id,
f.allow_reg_tracker
FROM
". BB_ATTACHMENTS ." a,
". BB_ATTACHMENTS_DESC ." d,
". BB_POSTS ." p,
". BB_TOPICS ." t,
". BB_FORUMS ." f
" . BB_ATTACHMENTS . " a,
" . BB_ATTACHMENTS_DESC . " d,
" . BB_POSTS . " p,
" . BB_TOPICS . " t,
" . BB_FORUMS . " f
WHERE
a.attach_id = $attach_id
AND d.attach_id = $attach_id
@ -36,69 +59,63 @@ $torrent = DB()->fetch_row("
LIMIT 1
");
if (!$torrent) $this->ajax_die($lang['INVALID_ATTACH_ID']);
if ($torrent['poster_id'] == $userdata['user_id'] && !IS_AM)
{
if ($type == 'del_torrent' || $type == 'reg' || $type == 'unreg')
{
true;
}
else
{
$this->ajax_die($lang['ONLY_FOR_MOD']);
}
if (!$torrent) {
$this->ajax_die($lang['INVALID_ATTACH_ID']);
}
elseif (!IS_AM)
{
$this->ajax_die($lang['ONLY_FOR_MOD']);
if ($torrent['poster_id'] == $userdata['user_id'] && !IS_AM) {
if ($type == 'del_torrent' || $type == 'reg' || $type == 'unreg') {
true;
} else {
$this->ajax_die($lang['ONLY_FOR_MOD']);
}
} elseif (!IS_AM) {
$this->ajax_die($lang['ONLY_FOR_MOD']);
}
$title = $url = '';
switch ($type)
{
case 'set_gold';
case 'set_silver';
case 'unset_silver_gold';
if ($type == 'set_silver')
{
$tor_type = TOR_TYPE_SILVER;
}
elseif ($type == 'set_gold')
{
$tor_type = TOR_TYPE_GOLD;
}
else
{
$tor_type = 0;
}
change_tor_type($attach_id, $tor_type);
$title = $lang['CHANGE_TOR_TYPE'];
$url = make_url(TOPIC_URL . $torrent['topic_id']);
break;
switch ($type) {
case 'set_gold';
case 'set_silver';
case 'unset_silver_gold';
if ($type == 'set_silver') {
$tor_type = TOR_TYPE_SILVER;
} elseif ($type == 'set_gold') {
$tor_type = TOR_TYPE_GOLD;
} else {
$tor_type = 0;
}
change_tor_type($attach_id, $tor_type);
$title = $lang['CHANGE_TOR_TYPE'];
$url = make_url(TOPIC_URL . $torrent['topic_id']);
break;
case 'reg';
tracker_register($attach_id);
$url = (TOPIC_URL . $torrent['topic_id']);
break;
case 'reg';
tracker_register($attach_id);
$url = (TOPIC_URL . $torrent['topic_id']);
break;
case 'unreg';
tracker_unregister($attach_id);
$url = (TOPIC_URL . $torrent['topic_id']);
break;
case 'unreg';
tracker_unregister($attach_id);
$url = (TOPIC_URL . $torrent['topic_id']);
break;
case 'del_torrent';
if (empty($this->request['confirmed'])) $this->prompt_for_confirm($lang['DEL_TORRENT']);
delete_torrent($attach_id);
$url = make_url(TOPIC_URL . $torrent['topic_id']);
break;
case 'del_torrent';
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['DEL_TORRENT']);
}
delete_torrent($attach_id);
$url = make_url(TOPIC_URL . $torrent['topic_id']);
break;
case 'del_torrent_move_topic';
if (empty($this->request['confirmed'])) $this->prompt_for_confirm($lang['DEL_MOVE_TORRENT']);
delete_torrent($attach_id);
$url = make_url("modcp.php?t={$torrent['topic_id']}&mode=move&sid={$userdata['session_id']}");
break;
case 'del_torrent_move_topic';
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['DEL_MOVE_TORRENT']);
}
delete_torrent($attach_id);
$url = make_url("modcp.php?t={$torrent['topic_id']}&mode=move&sid={$userdata['session_id']}");
break;
}
$this->response['url'] = $url;
$this->response['title'] = $title;
$this->response['url'] = $url;
$this->response['title'] = $title;

55
library/ajax/change_user_opt.php
View file

@ -1,33 +1,54 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $bf, $lang;
$user_id = (int) $this->request['user_id'];
$user_id = (int)$this->request['user_id'];
$new_opt = Zend\Json\Json::decode($this->request['user_opt'], Zend\Json\Json::TYPE_ARRAY);
if (!$user_id OR !$u_data = get_userdata($user_id))
{
$this->ajax_die('invalid user_id');
if (!$user_id or !$u_data = get_userdata($user_id)) {
$this->ajax_die('invalid user_id');
}
if (!is_array($new_opt))
{
$this->ajax_die('invalid new_opt');
if (!is_array($new_opt)) {
$this->ajax_die('invalid new_opt');
}
foreach ($bf['user_opt'] as $opt_name => $opt_bit)
{
if (isset($new_opt[$opt_name]))
{
setbit($u_data['user_opt'], $opt_bit, !empty($new_opt[$opt_name]));
}
foreach ($bf['user_opt'] as $opt_name => $opt_bit) {
if (isset($new_opt[$opt_name])) {
setbit($u_data['user_opt'], $opt_bit, !empty($new_opt[$opt_name]));
}
}
DB()->query("UPDATE ". BB_USERS ." SET user_opt = {$u_data['user_opt']} WHERE user_id = $user_id LIMIT 1");
DB()->query("UPDATE " . BB_USERS . " SET user_opt = {$u_data['user_opt']} WHERE user_id = $user_id LIMIT 1");
// Удаляем данные из кеша
cache_rm_user_sessions ($user_id);
cache_rm_user_sessions($user_id);
$this->response['resp_html'] = $lang['SAVED'];
$this->response['resp_html'] = $lang['SAVED'];

43
library/ajax/change_user_rank.php
View file

@ -1,27 +1,50 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $datastore, $lang;
$ranks = $datastore->get('ranks');
$ranks = $datastore->get('ranks');
$rank_id = intval($this->request['rank_id']);
if (!$user_id = intval($this->request['user_id']) OR !$profiledata = get_userdata($user_id))
{
$this->ajax_die("invalid user_id: $user_id");
if (!$user_id = intval($this->request['user_id']) or !$profiledata = get_userdata($user_id)) {
$this->ajax_die("invalid user_id: $user_id");
}
if ($rank_id != 0 && !isset($ranks[$rank_id]))
{
$this->ajax_die("invalid rank_id: $rank_id");
if ($rank_id != 0 && !isset($ranks[$rank_id])) {
$this->ajax_die("invalid rank_id: $rank_id");
}
DB()->query("UPDATE ". BB_USERS ." SET user_rank = $rank_id WHERE user_id = $user_id LIMIT 1");
DB()->query("UPDATE " . BB_USERS . " SET user_rank = $rank_id WHERE user_id = $user_id LIMIT 1");
cache_rm_user_sessions($user_id);
$user_rank = ($rank_id) ? '<span class="'. $ranks[$rank_id]['rank_style'] .'">'. $ranks[$rank_id]['rank_title'] .'</span>' : '';
$user_rank = ($rank_id) ? '<span class="' . $ranks[$rank_id]['rank_style'] . '">' . $ranks[$rank_id]['rank_title'] . '</span>' : '';
$this->response['html'] = ($rank_id) ? $lang['AWARDED_RANK'] . "<b> $user_rank </b>" : $lang['SHOT_RANK'];
$this->response['rank_name'] = ($rank_id) ? $user_rank : $lang['USER'];

89
library/ajax/edit_group_profile.php
View file

@ -1,52 +1,73 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $bb_cfg, $userdata, $lang;
if (!$group_id = intval($this->request['group_id']) OR !$group_info = get_group_data($group_id))
{
$this->ajax_die($lang['NO_GROUP_ID_SPECIFIED']);
if (!$group_id = intval($this->request['group_id']) or !$group_info = get_group_data($group_id)) {
$this->ajax_die($lang['NO_GROUP_ID_SPECIFIED']);
}
if (!$mode = (string) $this->request['mode'])
{
$this->ajax_die('No mode specified');
if (!$mode = (string)$this->request['mode']) {
$this->ajax_die('No mode specified');
}
$value = $this->request['value'] = (string) (isset($this->request['value'])) ? $this->request['value'] : 0;
$value = $this->request['value'] = (string)(isset($this->request['value'])) ? $this->request['value'] : 0;
if (!IS_ADMIN && $userdata['user_id'] != $group_info['group_moderator'])
{
$this->ajax_die($lang['ONLY_FOR_MOD']);
if (!IS_ADMIN && $userdata['user_id'] != $group_info['group_moderator']) {
$this->ajax_die($lang['ONLY_FOR_MOD']);
}
switch ($mode)
{
case 'group_name':
case 'group_signature':
case 'group_description':
$value = htmlCHR($value, false, ENT_NOQUOTES);
$this->response['new_value'] = $value;
break;
switch ($mode) {
case 'group_name':
case 'group_signature':
case 'group_description':
$value = htmlCHR($value, false, ENT_NOQUOTES);
$this->response['new_value'] = $value;
break;
case 'group_type':
$this->response['new_value'] = $value;
break;
case 'group_type':
$this->response['new_value'] = $value;
break;
case 'release_group':
$this->response['new_value'] = $value;
break;
case 'release_group':
$this->response['new_value'] = $value;
break;
case 'delete_avatar':
delete_avatar(GROUP_AVATAR_MASK . $group_id, $group_info['avatar_ext_id']);
$value = 0;
$mode = 'avatar_ext_id';
$this->response['act'] = $value;
break;
case 'delete_avatar':
delete_avatar(GROUP_AVATAR_MASK . $group_id, $group_info['avatar_ext_id']);
$value = 0;
$mode = 'avatar_ext_id';
$this->response['act'] = $value;
break;
default:
$this->ajax_die('Unknown mode');
default:
$this->ajax_die('Unknown mode');
}
$value_sql = DB()->escape($value, true);
DB()->query("UPDATE ". BB_GROUPS ." SET $mode = $value_sql WHERE group_id = $group_id LIMIT 1");
DB()->query("UPDATE " . BB_GROUPS . " SET $mode = $value_sql WHERE group_id = $group_id LIMIT 1");

283
library/ajax/edit_user_profile.php
View file

@ -1,168 +1,181 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $bb_cfg, $lang;
if (!$user_id = intval($this->request['user_id']) OR !$profiledata = get_userdata($user_id))
{
$this->ajax_die($lang['NO_USER_ID_SPECIFIED']);
if (!$user_id = intval($this->request['user_id']) or !$profiledata = get_userdata($user_id)) {
$this->ajax_die($lang['NO_USER_ID_SPECIFIED']);
}
if (!$field = (string) $this->request['field'])
{
$this->ajax_die('invalid profile field');
if (!$field = (string)$this->request['field']) {
$this->ajax_die('invalid profile field');
}
$table = BB_USERS;
$value = $this->request['value'] = (string) (isset($this->request['value'])) ? $this->request['value'] : 0;
$value = $this->request['value'] = (string)(isset($this->request['value'])) ? $this->request['value'] : 0;
switch ($field)
{
case 'username':
require_once(INC_DIR .'functions_validate.php');
$value = clean_username($value);
if ($err = validate_username($value))
{
$this->ajax_die(strip_tags($err));
}
$this->response['new_value'] = $this->request['value'];
break;
switch ($field) {
case 'username':
require_once(INC_DIR . 'functions_validate.php');
$value = clean_username($value);
if ($err = validate_username($value)) {
$this->ajax_die(strip_tags($err));
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_email':
require_once(INC_DIR .'functions_validate.php');
$value = htmlCHR($value);
if ($err = validate_email($value))
{
$this->ajax_die($err);
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_email':
require_once(INC_DIR . 'functions_validate.php');
$value = htmlCHR($value);
if ($err = validate_email($value)) {
$this->ajax_die($err);
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_website':
if ($value == '' || preg_match('#^https?://[\w\#!$%&~/.\-;:=,?@а-яА-Я\[\]+]+$#iu', $value))
{
$this->response['new_value'] = htmlCHR($value);
}
else $this->ajax_die($lang['WEBSITE_ERROR']);
break;
case 'user_website':
if ($value == '' || preg_match('#^https?://[\w\#!$%&~/.\-;:=,?@а-яА-Я\[\]+]+$#iu', $value)) {
$this->response['new_value'] = htmlCHR($value);
} else {
$this->ajax_die($lang['WEBSITE_ERROR']);
}
break;
case 'user_gender':
if (!$bb_cfg['gender']) $this->ajax_die($lang['MODULE_OFF']);
if (!isset($lang['GENDER_SELECT'][$value]))
{
$this->ajax_die($lang['ERROR']);
}
else $this->response['new_value'] = $lang['GENDER_SELECT'][$value];
break;
case 'user_gender':
if (!$bb_cfg['gender']) {
$this->ajax_die($lang['MODULE_OFF']);
}
if (!isset($lang['GENDER_SELECT'][$value])) {
$this->ajax_die($lang['ERROR']);
} else {
$this->response['new_value'] = $lang['GENDER_SELECT'][$value];
}
break;
case 'user_birthday':
if (!$bb_cfg['birthday_enabled']) $this->ajax_die($lang['MODULE_OFF']);
$birthday_date = date_parse($value);
case 'user_birthday':
if (!$bb_cfg['birthday_enabled']) {
$this->ajax_die($lang['MODULE_OFF']);
}
$birthday_date = date_parse($value);
if (!empty($birthday_date['year']))
{
if (strtotime($value) >= TIMENOW)
{
$this->ajax_die($lang['WRONG_BIRTHDAY_FORMAT']);
}
elseif (bb_date(TIMENOW, 'Y', 'false') - $birthday_date['year'] > $bb_cfg['birthday_max_age'])
{
$this->ajax_die(sprintf($lang['BIRTHDAY_TO_HIGH'], $bb_cfg['birthday_max_age']));
}
elseif (bb_date(TIMENOW, 'Y', 'false') - $birthday_date['year'] < $bb_cfg['birthday_min_age'])
{
$this->ajax_die(sprintf($lang['BIRTHDAY_TO_LOW'], $bb_cfg['birthday_min_age']));
}
}
if (!empty($birthday_date['year'])) {
if (strtotime($value) >= TIMENOW) {
$this->ajax_die($lang['WRONG_BIRTHDAY_FORMAT']);
} elseif (bb_date(TIMENOW, 'Y', 'false') - $birthday_date['year'] > $bb_cfg['birthday_max_age']) {
$this->ajax_die(sprintf($lang['BIRTHDAY_TO_HIGH'], $bb_cfg['birthday_max_age']));
} elseif (bb_date(TIMENOW, 'Y', 'false') - $birthday_date['year'] < $bb_cfg['birthday_min_age']) {
$this->ajax_die(sprintf($lang['BIRTHDAY_TO_LOW'], $bb_cfg['birthday_min_age']));
}
}
$this->response['new_value'] = $this->request['value'];
break;
$this->response['new_value'] = $this->request['value'];
break;
case 'user_icq':
if ($value && !preg_match('#^\d{6,15}$#', $value))
{
$this->ajax_die($lang['ICQ_ERROR']);
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_icq':
if ($value && !preg_match('#^\d{6,15}$#', $value)) {
$this->ajax_die($lang['ICQ_ERROR']);
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_skype':
if ($value && !preg_match("#^[a-zA-Z0-9_.\-@,]{6,32}$#", $value))
{
$this->ajax_die($lang['SKYPE_ERROR']);
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_skype':
if ($value && !preg_match("#^[a-zA-Z0-9_.\-@,]{6,32}$#", $value)) {
$this->ajax_die($lang['SKYPE_ERROR']);
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_twitter':
if ($value && !preg_match("#^[a-zA-Z0-9_]{1,15}$#", $value))
{
$this->ajax_die($lang['TWITTER_ERROR']);
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_twitter':
if ($value && !preg_match("#^[a-zA-Z0-9_]{1,15}$#", $value)) {
$this->ajax_die($lang['TWITTER_ERROR']);
}
$this->response['new_value'] = $this->request['value'];
break;
case 'user_from':
case 'user_occ':
case 'user_interests':
$value = htmlCHR($value);
$this->response['new_value'] = $value;
break;
case 'user_from':
case 'user_occ':
case 'user_interests':
$value = htmlCHR($value);
$this->response['new_value'] = $value;
break;
case 'user_regdate':
case 'user_lastvisit':
$tz = TIMENOW + (3600 * $bb_cfg['board_timezone']);
if (($value = strtotime($value, $tz)) < $bb_cfg['board_startdate'] OR $value > TIMENOW)
{
$this->ajax_die($lang['INVALID_DATE'] . $this->request['value']);
}
$this->response['new_value'] = bb_date($value, 'Y-m-d H:i', false);
break;
case 'user_regdate':
case 'user_lastvisit':
$tz = TIMENOW + (3600 * $bb_cfg['board_timezone']);
if (($value = strtotime($value, $tz)) < $bb_cfg['board_startdate'] or $value > TIMENOW) {
$this->ajax_die($lang['INVALID_DATE'] . $this->request['value']);
}
$this->response['new_value'] = bb_date($value, 'Y-m-d H:i', false);
break;
case 'u_up_total':
case 'u_down_total':
case 'u_up_release':
case 'u_up_bonus':
if (!IS_ADMIN) $this->ajax_die($lang['NOT_ADMIN']);
case 'u_up_total':
case 'u_down_total':
case 'u_up_release':
case 'u_up_bonus':
if (!IS_ADMIN) {
$this->ajax_die($lang['NOT_ADMIN']);
}
$table = BB_BT_USERS;
$value = (float) str_replace(',', '.', $this->request['value']);
$table = BB_BT_USERS;
$value = (float)str_replace(',', '.', $this->request['value']);
foreach (array('KB'=>1,'MB'=>2,'GB'=>3,'TB'=>4) as $s => $m)
{
if (strpos($this->request['value'], $s) !== false)
{
$value *= pow(1024, $m);
break;
}
}
$value = sprintf('%.0f', $value);
$this->response['new_value'] = humn_size($value, null, null, ' ');
foreach (array('KB' => 1, 'MB' => 2, 'GB' => 3, 'TB' => 4) as $s => $m) {
if (strpos($this->request['value'], $s) !== false) {
$value *= pow(1024, $m);
break;
}
}
$value = sprintf('%.0f', $value);
$this->response['new_value'] = humn_size($value, null, null, ' ');
if (!$btu = get_bt_userdata($user_id))
{
require(INC_DIR .'functions_torrent.php');
generate_passkey($user_id, true);
$btu = get_bt_userdata($user_id);
}
$btu[$field] = $value;
$this->response['update_ids']['u_ratio'] = (string) get_bt_ratio($btu);
break;
if (!$btu = get_bt_userdata($user_id)) {
require(INC_DIR . 'functions_torrent.php');
generate_passkey($user_id, true);
$btu = get_bt_userdata($user_id);
}
$btu[$field] = $value;
$this->response['update_ids']['u_ratio'] = (string)get_bt_ratio($btu);
break;
case 'user_points':
$value = htmlCHR($value);
$value = (float) str_replace(',', '.', $this->request['value']);
$value = sprintf('%.2f', $value);
$this->response['new_value'] = $value;
break;
case 'user_points':
$value = htmlCHR($value);
$value = (float)str_replace(',', '.', $this->request['value']);
$value = sprintf('%.2f', $value);
$this->response['new_value'] = $value;
break;
default:
$this->ajax_die("invalid profile field: $field");
default:
$this->ajax_die("invalid profile field: $field");
}
$value_sql = DB()->escape($value, true);
DB()->query("UPDATE $table SET $field = $value_sql WHERE user_id = $user_id LIMIT 1");
cache_rm_user_sessions ($user_id);
cache_rm_user_sessions($user_id);
$this->response['edit_id'] = $this->request['edit_id'];
$this->response['edit_id'] = $this->request['edit_id'];

53
library/ajax/gen_passkey.php
View file

@ -1,25 +1,48 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $userdata, $lang;
$req_uid = (int) $this->request['user_id'];
$req_uid = (int)$this->request['user_id'];
if ($req_uid == $userdata['user_id'] || IS_ADMIN)
{
if (empty($this->request['confirmed']))
{
$this->prompt_for_confirm($lang['BT_GEN_PASSKEY_NEW']);
}
if ($req_uid == $userdata['user_id'] || IS_ADMIN) {
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['BT_GEN_PASSKEY_NEW']);
}
if (!$passkey = generate_passkey($req_uid, IS_ADMIN))
{
$this->ajax_die('Could not insert passkey');
}
if (!$passkey = generate_passkey($req_uid, IS_ADMIN)) {
$this->ajax_die('Could not insert passkey');
}
tracker_rm_user($req_uid);
tracker_rm_user($req_uid);
$this->response['passkey'] = $passkey;
$this->response['passkey'] = $passkey;
} else {
$this->ajax_die($lang['NOT_AUTHORISED']);
}
else $this->ajax_die($lang['NOT_AUTHORISED']);

121
library/ajax/group_membership.php
View file

@ -1,69 +1,82 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $lang, $user;
if (!$user_id = intval($this->request['user_id']) OR !$profiledata = get_userdata($user_id))
{
$this->ajax_die("invalid user_id: $user_id");
if (!$user_id = intval($this->request['user_id']) or !$profiledata = get_userdata($user_id)) {
$this->ajax_die("invalid user_id: $user_id");
}
if (!$mode = (string) $this->request['mode'])
{
$this->ajax_die('invalid mode (empty)');
if (!$mode = (string)$this->request['mode']) {
$this->ajax_die('invalid mode (empty)');
}
switch ($mode)
{
case 'get_group_list':
$sql = "
switch ($mode) {
case 'get_group_list':
$sql = "
SELECT ug.user_pending, g.group_id, g.group_type, g.group_name, g.group_moderator, self.user_id AS can_view
FROM ". BB_USER_GROUP ." ug
INNER JOIN ". BB_GROUPS ." g ON(g.group_id = ug.group_id AND g.group_single_user = 0)
LEFT JOIN ". BB_USER_GROUP ." self ON(self.group_id = g.group_id AND self.user_id = {$user->id} AND self.user_pending = 0)
FROM " . BB_USER_GROUP . " ug
INNER JOIN " . BB_GROUPS . " g ON(g.group_id = ug.group_id AND g.group_single_user = 0)
LEFT JOIN " . BB_USER_GROUP . " self ON(self.group_id = g.group_id AND self.user_id = {$user->id} AND self.user_pending = 0)
WHERE ug.user_id = $user_id
ORDER BY g.group_name
";
$html = array();
foreach (DB()->fetch_rowset($sql) as $row)
{
$class = ($row['user_pending']) ? 'med' : 'med bold';
$class .= ($row['group_moderator'] == $user_id) ? ' colorMod' : '';
$href = "group.php?g={$row['group_id']}";
$html = array();
foreach (DB()->fetch_rowset($sql) as $row) {
$class = ($row['user_pending']) ? 'med' : 'med bold';
$class .= ($row['group_moderator'] == $user_id) ? ' colorMod' : '';
$href = "group.php?g={$row['group_id']}";
if (IS_ADMIN)
{
$href .= "&amp;u=$user_id";
$link = '<a href="'. $href .'" class="'. $class .'" target="_blank">'. htmlCHR($row['group_name']) .'</a>';
$html[] = $link;
}
else
{
// скрытая группа и сам юзер не является ее членом
if ($row['group_type'] == GROUP_HIDDEN && !$row['can_view'])
{
continue;
}
if ($row['group_moderator'] == $user->id)
{
$class .= ' selfMod';
$href .= "&amp;u=$user_id"; // сам юзер модератор этой группы
}
$link = '<a href="'. $href .'" class="'. $class .'" target="_blank">'. htmlCHR($row['group_name']) .'</a>';
$html[] = $link;
}
}
if ($html)
{
$this->response['group_list_html'] = '<ul><li>'. join('</li><li>', $html) .'</li></ul>';
}
else
{
$this->response['group_list_html'] = $lang['GROUP_LIST_HIDDEN'];
}
break;
if (IS_ADMIN) {
$href .= "&amp;u=$user_id";
$link = '<a href="' . $href . '" class="' . $class . '" target="_blank">' . htmlCHR($row['group_name']) . '</a>';
$html[] = $link;
} else {
// скрытая группа и сам юзер не является ее членом
if ($row['group_type'] == GROUP_HIDDEN && !$row['can_view']) {
continue;
}
if ($row['group_moderator'] == $user->id) {
$class .= ' selfMod';
$href .= "&amp;u=$user_id"; // сам юзер модератор этой группы
}
$link = '<a href="' . $href . '" class="' . $class . '" target="_blank">' . htmlCHR($row['group_name']) . '</a>';
$html[] = $link;
}
}
if ($html) {
$this->response['group_list_html'] = '<ul><li>' . join('</li><li>', $html) . '</li></ul>';
} else {
$this->response['group_list_html'] = $lang['GROUP_LIST_HIDDEN'];
}
break;
default:
$this->ajax_die("invalid mode: $mode");
}
default:
$this->ajax_die("invalid mode: $mode");
}

227
library/ajax/index_data.php
View file

@ -1,132 +1,153 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $bb_cfg, $lang, $userdata, $datastore;
$mode = (string) $this->request['mode'];
$mode = (string)$this->request['mode'];
$html = '';
switch($mode)
{
case 'birthday_week':
$stats = $datastore->get('stats');
$datastore->enqueue(array(
'stats',
));
switch ($mode) {
case 'birthday_week':
$stats = $datastore->get('stats');
$datastore->enqueue(array(
'stats',
));
if ($stats['birthday_week_list'])
{
foreach($stats['birthday_week_list'] as $week)
{
$html[] = profile_url($week) .' <span class="small">('. birthday_age($week['user_birthday']) .')</span>';
}
$html = sprintf($lang['BIRTHDAY_WEEK'], $bb_cfg['birthday_check_day'], join(', ', $html));
}
else $html = sprintf($lang['NOBIRTHDAY_WEEK'], $bb_cfg['birthday_check_day']);
break;
if ($stats['birthday_week_list']) {
foreach ($stats['birthday_week_list'] as $week) {
$html[] = profile_url($week) . ' <span class="small">(' . birthday_age($week['user_birthday']) . ')</span>';
}
$html = sprintf($lang['BIRTHDAY_WEEK'], $bb_cfg['birthday_check_day'], join(', ', $html));
} else {
$html = sprintf($lang['NOBIRTHDAY_WEEK'], $bb_cfg['birthday_check_day']);
}
break;
case 'birthday_today':
$stats = $datastore->get('stats');
$datastore->enqueue(array(
'stats',
));
case 'birthday_today':
$stats = $datastore->get('stats');
$datastore->enqueue(array(
'stats',
));
if ($stats['birthday_today_list'])
{
foreach($stats['birthday_today_list'] as $today)
{
$html[] = profile_url($today) .' <span class="small">('. birthday_age($today['user_birthday']) .')</span>';
}
$html = $lang['BIRTHDAY_TODAY'] . join(', ', $html);
}
else $html = $lang['NOBIRTHDAY_TODAY'];
break;
if ($stats['birthday_today_list']) {
foreach ($stats['birthday_today_list'] as $today) {
$html[] = profile_url($today) . ' <span class="small">(' . birthday_age($today['user_birthday']) . ')</span>';
}
$html = $lang['BIRTHDAY_TODAY'] . join(', ', $html);
} else {
$html = $lang['NOBIRTHDAY_TODAY'];
}
break;
case 'get_forum_mods':
$forum_id = (int) $this->request['forum_id'];
case 'get_forum_mods':
$forum_id = (int)$this->request['forum_id'];
$datastore->enqueue(array(
'moderators',
));
$datastore->enqueue(array(
'moderators',
));
$moderators = array();
$mod = $datastore->get('moderators');
$moderators = array();
$mod = $datastore->get('moderators');
if (isset($mod['mod_users'][$forum_id]))
{
foreach ($mod['mod_users'][$forum_id] as $user_id)
{
$moderators[] = '<a href="'. PROFILE_URL . $user_id .'">'. $mod['name_users'][$user_id] .'</a>';
}
}
if (isset($mod['mod_users'][$forum_id])) {
foreach ($mod['mod_users'][$forum_id] as $user_id) {
$moderators[] = '<a href="' . PROFILE_URL . $user_id . '">' . $mod['name_users'][$user_id] . '</a>';
}
}
if (isset($mod['mod_groups'][$forum_id]))
{
foreach ($mod['mod_groups'][$forum_id] as $group_id)
{
$moderators[] = '<a href="'. "group.php?". POST_GROUPS_URL ."=". $group_id .'">'. $mod['name_groups'][$group_id] .'</a>';
}
}
if (isset($mod['mod_groups'][$forum_id])) {
foreach ($mod['mod_groups'][$forum_id] as $group_id) {
$moderators[] = '<a href="' . "group.php?" . POST_GROUPS_URL . "=" . $group_id . '">' . $mod['name_groups'][$group_id] . '</a>';
}
}
$html = ':&nbsp;';
$html .= ($moderators) ? join(', ', $moderators) : $lang['NONE'];
unset($moderators, $mod);
$datastore->rm('moderators');
break;
$html = ':&nbsp;';
$html .= ($moderators) ? join(', ', $moderators) : $lang['NONE'];
unset($moderators, $mod);
$datastore->rm('moderators');
break;
case 'change_tz':
$tz = (int) $this->request['tz'];
if ($tz < -12) $tz = -12;
if ($tz > 13) $tz = 13;
if ($tz != $bb_cfg['board_timezone'])
{
// Set current user timezone
DB()->query("UPDATE ". BB_USERS ." SET user_timezone = $tz WHERE user_id = ". $userdata['user_id'] ." LIMIT 1");
$bb_cfg['board_timezone'] = $tz;
cache_rm_user_sessions ($userdata['user_id']);
}
break;
case 'change_tz':
$tz = (int)$this->request['tz'];
if ($tz < -12) {
$tz = -12;
}
if ($tz > 13) {
$tz = 13;
}
if ($tz != $bb_cfg['board_timezone']) {
// Set current user timezone
DB()->query("UPDATE " . BB_USERS . " SET user_timezone = $tz WHERE user_id = " . $userdata['user_id'] . " LIMIT 1");
$bb_cfg['board_timezone'] = $tz;
cache_rm_user_sessions($userdata['user_id']);
}
break;
case 'get_traf_stats':
$user_id = (int) $this->request['user_id'];
$btu = get_bt_userdata($user_id);
$profiledata = get_userdata($user_id);
case 'get_traf_stats':
$user_id = (int)$this->request['user_id'];
$btu = get_bt_userdata($user_id);
$profiledata = get_userdata($user_id);
$speed_up = ($btu['speed_up']) ? humn_size($btu['speed_up']).'/s' : '0 KB/s';
$speed_down = ($btu['speed_down']) ? humn_size($btu['speed_down']).'/s' : '0 KB/s';
$user_ratio = ($btu['u_down_total'] > MIN_DL_FOR_RATIO) ? '<b class="gen">'. get_bt_ratio($btu) .'</b>' : $lang['IT_WILL_BE_DOWN'] .' <b>'. humn_size(MIN_DL_FOR_RATIO) .'</b>';
$speed_up = ($btu['speed_up']) ? humn_size($btu['speed_up']) . '/s' : '0 KB/s';
$speed_down = ($btu['speed_down']) ? humn_size($btu['speed_down']) . '/s' : '0 KB/s';
$user_ratio = ($btu['u_down_total'] > MIN_DL_FOR_RATIO) ? '<b class="gen">' . get_bt_ratio($btu) . '</b>' : $lang['IT_WILL_BE_DOWN'] . ' <b>' . humn_size(MIN_DL_FOR_RATIO) . '</b>';
$html = '
$html = '
<tr class="row3">
<th style="padding: 0;"></th>
<th>'. $lang['DOWNLOADED'] .'</th>
<th>'. $lang['UPLOADED'] .'</th>
<th>'. $lang['RELEASED'] .'</th>
<th>'. $lang['BONUS'] .'</th>';
$html .= ($bb_cfg['seed_bonus_enabled']) ? '<th>'. $lang['SEED_BONUS'] .'</th>' : '';
$html .= '</tr>
<th>' . $lang['DOWNLOADED'] . '</th>
<th>' . $lang['UPLOADED'] . '</th>
<th>' . $lang['RELEASED'] . '</th>
<th>' . $lang['BONUS'] . '</th>';
$html .= ($bb_cfg['seed_bonus_enabled']) ? '<th>' . $lang['SEED_BONUS'] . '</th>' : '';
$html .= '</tr>
<tr class="row1">
<td>'. $lang['TOTAL_TRAF'] .'</td>
<td id="u_down_total"><span class="editable bold leechmed">'. humn_size($btu['u_down_total']) .'</span></td>
<td id="u_up_total"><span class="editable bold seedmed">' .humn_size($btu['u_up_total']) .'</span></td>
<td id="u_up_release"><span class="editable bold seedmed">'. humn_size($btu['u_up_release']) .'</span></td>
<td id="u_up_bonus"><span class="editable bold seedmed">'. humn_size($btu['u_up_bonus']) .'</span></td>';
$html .= ($bb_cfg['seed_bonus_enabled']) ? '<td id="user_points"><span class="editable bold points">'. $profiledata['user_points'] .'</b></td>' : '';
$html .= '</tr>
<td>' . $lang['TOTAL_TRAF'] . '</td>
<td id="u_down_total"><span class="editable bold leechmed">' . humn_size($btu['u_down_total']) . '</span></td>
<td id="u_up_total"><span class="editable bold seedmed">' . humn_size($btu['u_up_total']) . '</span></td>
<td id="u_up_release"><span class="editable bold seedmed">' . humn_size($btu['u_up_release']) . '</span></td>
<td id="u_up_bonus"><span class="editable bold seedmed">' . humn_size($btu['u_up_bonus']) . '</span></td>';
$html .= ($bb_cfg['seed_bonus_enabled']) ? '<td id="user_points"><span class="editable bold points">' . $profiledata['user_points'] . '</b></td>' : '';
$html .= '</tr>
<tr class="row5">
<td colspan="1">'. $lang['MAX_SPEED'] .'</td>
<td colspan="2">'. $lang['DL_DL_SPEED'] .': '. $speed_down .'</span></td>
<td colspan="2">'. $lang['DL_UL_SPEED'] .': '. $speed_up .'</span></td>';
$html .= ($bb_cfg['seed_bonus_enabled']) ? '<td colspan="1"></td>' : '';
$html .= '</tr>';
<td colspan="1">' . $lang['MAX_SPEED'] . '</td>
<td colspan="2">' . $lang['DL_DL_SPEED'] . ': ' . $speed_down . '</span></td>
<td colspan="2">' . $lang['DL_UL_SPEED'] . ': ' . $speed_up . '</span></td>';
$html .= ($bb_cfg['seed_bonus_enabled']) ? '<td colspan="1"></td>' : '';
$html .= '</tr>';
$this->response['user_ratio'] = '
<th><a href="'. $bb_cfg['ratio_url_help'] .'" class="bold">'. $lang['USER_RATIO'] .'</a>:</th>
<td>'. $user_ratio .'</td>
$this->response['user_ratio'] = '
<th><a href="' . $bb_cfg['ratio_url_help'] . '" class="bold">' . $lang['USER_RATIO'] . '</a>:</th>
<td>' . $user_ratio . '</td>
';
break;
break;
}
$this->response['html'] = $html;
$this->response['mode'] = $mode;
$this->response['mode'] = $mode;

156
library/ajax/manage_admin.php
View file

@ -1,115 +1,133 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $userdata, $lang, $bb_cfg;
$mode = (string) $this->request['mode'];
$mode = (string)$this->request['mode'];
switch ($mode)
{
case 'clear_cache':
switch ($mode) {
case 'clear_cache':
foreach ($bb_cfg['cache']['engines'] as $cache_name => $cache_val)
{
if (!in_array('db_sqlite', $cache_val))
{
CACHE($cache_name)->rm();
}
}
foreach ($bb_cfg['cache']['engines'] as $cache_name => $cache_val) {
if (!in_array('db_sqlite', $cache_val)) {
CACHE($cache_name)->rm();
}
}
$this->response['cache_html'] = '<span class="seed bold">'. $lang['ALL_CACHE_CLEARED'] .'</span>';
$this->response['cache_html'] = '<span class="seed bold">' . $lang['ALL_CACHE_CLEARED'] . '</span>';
break;
break;
case 'clear_datastore':
case 'clear_datastore':
global $datastore;
global $datastore;
$datastore->clean();
$datastore->clean();
$this->response['datastore_html'] = '<span class="seed bold">'. $lang['DATASTORE_CLEARED'] .'</span>';
$this->response['datastore_html'] = '<span class="seed bold">' . $lang['DATASTORE_CLEARED'] . '</span>';
break;
break;
case 'clear_template_cache':
case 'clear_template_cache':
global $template;
global $template;
$match = 'tpl_';
$match_len = strlen($match);
$dir = $template->cachedir;
$res = @opendir($dir);
while (($file = readdir($res)) !== false)
{
if (substr($file, 0, $match_len) === $match)
{
@unlink($dir . $file);
}
}
closedir($res);
$match = 'tpl_';
$match_len = strlen($match);
$dir = $template->cachedir;
$res = @opendir($dir);
while (($file = readdir($res)) !== false) {
if (substr($file, 0, $match_len) === $match) {
@unlink($dir . $file);
}
}
closedir($res);
$this->response['template_cache_html'] = '<span class="seed bold">'. $lang['ALL_TEMPLATE_CLEARED'] .'</span>';
$this->response['template_cache_html'] = '<span class="seed bold">' . $lang['ALL_TEMPLATE_CLEARED'] . '</span>';
break;
break;
case 'indexer':
case 'indexer':
exec("indexer --config {$bb_cfg['sphinx_config_path']} --all --rotate", $result);
exec("indexer --config {$bb_cfg['sphinx_config_path']} --all --rotate", $result);
if (!is_file($bb_cfg['sphinx_config_path'].".log"))
{
file_put_contents($bb_cfg['sphinx_config_path'].".log", "####Logger from dimka3210.####".date("H:i:s", TIMENOW)."##############################\r\n\r\n\r\n\r\n", FILE_APPEND);
}
if (!is_file($bb_cfg['sphinx_config_path'] . ".log")) {
file_put_contents($bb_cfg['sphinx_config_path'] . ".log", "####Logger from dimka3210.####" . date("H:i:s", TIMENOW) . "##############################\r\n\r\n\r\n\r\n", FILE_APPEND);
}
file_put_contents($bb_cfg['sphinx_config_path'].".log", "##############################".date("H:i:s", TIMENOW)."##############################\r\n", FILE_APPEND);
file_put_contents($bb_cfg['sphinx_config_path'] . ".log", "##############################" . date("H:i:s", TIMENOW) . "##############################\r\n", FILE_APPEND);
foreach ($result as $row)
{
file_put_contents($bb_cfg['sphinx_config_path'].".log", $row."\r\n", FILE_APPEND);
}
foreach ($result as $row) {
file_put_contents($bb_cfg['sphinx_config_path'] . ".log", $row . "\r\n", FILE_APPEND);
}
file_put_contents($bb_cfg['sphinx_config_path'].".log", "\r\n", FILE_APPEND);
file_put_contents($bb_cfg['sphinx_config_path'].".log", "\r\n", FILE_APPEND);
file_put_contents($bb_cfg['sphinx_config_path'] . ".log", "\r\n", FILE_APPEND);
file_put_contents($bb_cfg['sphinx_config_path'] . ".log", "\r\n", FILE_APPEND);
$this->response['indexer_html'] = '<span class="seed bold">'. $lang['INDEXER'] .'</span>';
$this->response['indexer_html'] = '<span class="seed bold">' . $lang['INDEXER'] . '</span>';
break;
break;
case 'update_user_level':
case 'update_user_level':
require(INC_DIR .'functions_group.php');
require(INC_DIR . 'functions_group.php');
update_user_level('all');
update_user_level('all');
$this->response['update_user_level_html'] = '<span class="seed bold">'. $lang['USER_LEVELS_UPDATED'] .'</span>';
$this->response['update_user_level_html'] = '<span class="seed bold">' . $lang['USER_LEVELS_UPDATED'] . '</span>';
break;
break;
case 'sync_topics':
case 'sync_topics':
sync('topic', 'all');
sync_all_forums();
sync('topic', 'all');
sync_all_forums();
$this->response['sync_topics_html'] = '<span class="seed bold">'. $lang['TOPICS_DATA_SYNCHRONIZED'] .'</span>';
$this->response['sync_topics_html'] = '<span class="seed bold">' . $lang['TOPICS_DATA_SYNCHRONIZED'] . '</span>';
break;
break;
case 'sync_user_posts':
case 'sync_user_posts':
sync('user_posts', 'all');
sync('user_posts', 'all');
$this->response['sync_user_posts_html'] = '<span class="seed bold">'. $lang['USER_POSTS_COUNT_SYNCHRONIZED'] .'</span>';
$this->response['sync_user_posts_html'] = '<span class="seed bold">' . $lang['USER_POSTS_COUNT_SYNCHRONIZED'] . '</span>';
break;
break;
case 'unlock_cron':
case 'unlock_cron':
cron_enable_board();
cron_enable_board();
$this->response['unlock_cron_html'] = '<span class="seed bold">'. $lang['ADMIN_UNLOCKED'] .'</span>';
$this->response['unlock_cron_html'] = '<span class="seed bold">' . $lang['ADMIN_UNLOCKED'] . '</span>';
break;
break;
}
$this->response['mode'] = $mode;
$this->response['mode'] = $mode;

142
library/ajax/manage_user.php
View file

@ -1,84 +1,126 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $userdata, $lang, $bb_cfg;
$mode = (string) $this->request['mode'];
$mode = (string)$this->request['mode'];
$user_id = $this->request['user_id'];
switch ($mode)
{
case 'delete_profile':
switch ($mode) {
case 'delete_profile':
if ($userdata['user_id'] == $user_id) $this->ajax_die($lang['USER_DELETE_ME']);
if (empty($this->request['confirmed'])) $this->prompt_for_confirm($lang['USER_DELETE_CONFIRM']);
if ($userdata['user_id'] == $user_id) {
$this->ajax_die($lang['USER_DELETE_ME']);
}
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['USER_DELETE_CONFIRM']);
}
if ($user_id != BOT_UID)
{
delete_user_sessions($user_id);
user_delete($user_id);
if ($user_id != BOT_UID) {
delete_user_sessions($user_id);
user_delete($user_id);
$this->response['info'] = $lang['USER_DELETED'];
}
else $this->ajax_die($lang['USER_DELETE_CSV']);
$this->response['info'] = $lang['USER_DELETED'];
} else {
$this->ajax_die($lang['USER_DELETE_CSV']);
}
break;
break;
case 'delete_topics':
case 'delete_topics':
if (empty($this->request['confirmed']) && $userdata['user_id'] == $user_id) $this->prompt_for_confirm($lang['DELETE_USER_POSTS_ME']);
if (empty($this->request['confirmed'])) $this->prompt_for_confirm($lang['DELETE_USER_ALL_POSTS_CONFIRM']);
if (empty($this->request['confirmed']) && $userdata['user_id'] == $user_id) {
$this->prompt_for_confirm($lang['DELETE_USER_POSTS_ME']);
}
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['DELETE_USER_ALL_POSTS_CONFIRM']);
}
if (IS_ADMIN)
{
$user_topics = DB()->fetch_rowset("SELECT topic_id FROM ". BB_TOPICS ." WHERE topic_poster = $user_id", 'topic_id');
$deleted_topics = topic_delete($user_topics);
$deleted_posts = post_delete('user', $user_id);
if (IS_ADMIN) {
$user_topics = DB()->fetch_rowset("SELECT topic_id FROM " . BB_TOPICS . " WHERE topic_poster = $user_id", 'topic_id');
$deleted_topics = topic_delete($user_topics);
$deleted_posts = post_delete('user', $user_id);
$this->response['info'] = $lang['USER_DELETED_POSTS'];
}
else $this->ajax_die($lang['NOT_ADMIN']);
$this->response['info'] = $lang['USER_DELETED_POSTS'];
} else {
$this->ajax_die($lang['NOT_ADMIN']);
}
break;
break;
case 'delete_message':
case 'delete_message':
if (empty($this->request['confirmed']) && $userdata['user_id'] == $user_id) $this->prompt_for_confirm($lang['DELETE_USER_POSTS_ME']);
if (empty($this->request['confirmed'])) $this->prompt_for_confirm($lang['DELETE_USER_POSTS_CONFIRM']);
if (empty($this->request['confirmed']) && $userdata['user_id'] == $user_id) {
$this->prompt_for_confirm($lang['DELETE_USER_POSTS_ME']);
}
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['DELETE_USER_POSTS_CONFIRM']);
}
if (IS_ADMIN)
{
post_delete('user', $user_id);
if (IS_ADMIN) {
post_delete('user', $user_id);
$this->response['info'] = $lang['USER_DELETED_POSTS'];
}
else $this->ajax_die($lang['NOT_ADMIN']);
$this->response['info'] = $lang['USER_DELETED_POSTS'];
} else {
$this->ajax_die($lang['NOT_ADMIN']);
}
break;
break;
case 'user_activate':
case 'user_activate':
if (empty($this->request['confirmed'])) $this->prompt_for_confirm($lang['DEACTIVATE_CONFIRM']);
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['DEACTIVATE_CONFIRM']);
}
DB()->query("UPDATE ". BB_USERS ." SET user_active = '1' WHERE user_id = ". $user_id);
DB()->query("UPDATE " . BB_USERS . " SET user_active = '1' WHERE user_id = " . $user_id);
$this->response['info'] = $lang['USER_ACTIVATE_ON'];
$this->response['info'] = $lang['USER_ACTIVATE_ON'];
break;
break;
case 'user_deactivate':
case 'user_deactivate':
if ($userdata['user_id'] == $user_id) $this->ajax_die($lang['USER_DEACTIVATE_ME']);
if (empty($this->request['confirmed'])) $this->prompt_for_confirm($lang['ACTIVATE_CONFIRM']);
if ($userdata['user_id'] == $user_id) {
$this->ajax_die($lang['USER_DEACTIVATE_ME']);
}
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['ACTIVATE_CONFIRM']);
}
DB()->query("UPDATE ". BB_USERS ." SET user_active = '0' WHERE user_id = ". $user_id);
delete_user_sessions($user_id);
DB()->query("UPDATE " . BB_USERS . " SET user_active = '0' WHERE user_id = " . $user_id);
delete_user_sessions($user_id);
$this->response['info'] = $lang['USER_ACTIVATE_OFF'];
$this->response['info'] = $lang['USER_ACTIVATE_OFF'];
break;
break;
}
$this->response['mode'] = $mode;
$this->response['url'] = html_entity_decode(make_url('/') . PROFILE_URL . $user_id);
$this->response['url'] = html_entity_decode(make_url('/') . PROFILE_URL . $user_id);

202
library/ajax/mod_action.php
View file

@ -1,130 +1,152 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $userdata, $bb_cfg, $lang, $datastore;
$mode = (string) $this->request['mode'];
$mode = (string)$this->request['mode'];
switch ($mode)
{
case 'tor_status':
$topics = (string) $this->request['topic_ids'];
$status = (int) $this->request['status'];
switch ($mode) {
case 'tor_status':
$topics = (string)$this->request['topic_ids'];
$status = (int)$this->request['status'];
// Валидность статуса
if (!isset($lang['TOR_STATUS_NAME'][$status]))
{
$this->ajax_die($lang['STATUS_DOES_EXIST'] . $new_status);
}
// Валидность статуса
if (!isset($lang['TOR_STATUS_NAME'][$status])) {
$this->ajax_die($lang['STATUS_DOES_EXIST'] . $new_status);
}
$topic_ids = DB()->fetch_rowset("SELECT attach_id FROM ". BB_BT_TORRENTS ." WHERE topic_id IN($topics)", 'attach_id');
$topic_ids = DB()->fetch_rowset("SELECT attach_id FROM " . BB_BT_TORRENTS . " WHERE topic_id IN($topics)", 'attach_id');
foreach($topic_ids as $attach_id)
{
change_tor_status($attach_id, $status);
}
$this->response['status'] = $bb_cfg['tor_icons'][$status];
$this->response['topics'] = explode(',', $topics);
break;
foreach ($topic_ids as $attach_id) {
change_tor_status($attach_id, $status);
}
$this->response['status'] = $bb_cfg['tor_icons'][$status];
$this->response['topics'] = explode(',', $topics);
break;
case 'edit_topic_title':
$topic_id = (int) $this->request['topic_id'];
$topic_title = (string) $this->request['topic_title'];
$new_title = clean_title($topic_title);
case 'edit_topic_title':
$topic_id = (int)$this->request['topic_id'];
$topic_title = (string)$this->request['topic_title'];
$new_title = clean_title($topic_title);
if (!$topic_id) $this->ajax_die($lang['INVALID_TOPIC_ID']);
if ($new_title == '') $this->ajax_die($lang['DONT_MESSAGE_TITLE']);
if (!$topic_id) {
$this->ajax_die($lang['INVALID_TOPIC_ID']);
}
if ($new_title == '') {
$this->ajax_die($lang['DONT_MESSAGE_TITLE']);
}
if (!$t_data = DB()->fetch_row("SELECT forum_id FROM ". BB_TOPICS ." WHERE topic_id = $topic_id LIMIT 1"))
{
$this->ajax_die($lang['INVALID_TOPIC_ID_DB']);
}
$this->verify_mod_rights($t_data['forum_id']);
if (!$t_data = DB()->fetch_row("SELECT forum_id FROM " . BB_TOPICS . " WHERE topic_id = $topic_id LIMIT 1")) {
$this->ajax_die($lang['INVALID_TOPIC_ID_DB']);
}
$this->verify_mod_rights($t_data['forum_id']);
$topic_title_sql = DB()->escape($new_title);
$topic_title_sql = DB()->escape($new_title);
DB()->query("UPDATE ". BB_TOPICS ." SET topic_title = '$topic_title_sql' WHERE topic_id = $topic_id LIMIT 1");
DB()->query("UPDATE " . BB_TOPICS . " SET topic_title = '$topic_title_sql' WHERE topic_id = $topic_id LIMIT 1");
// Обновление кеша новостей на главной
$news_forums = array_flip(explode(',', $bb_cfg['latest_news_forum_id']));
if (isset($news_forums[$t_data['forum_id']]) && $bb_cfg['show_latest_news'])
{
$datastore->enqueue('latest_news');
$datastore->update('latest_news');
}
// Обновление кеша новостей на главной
$news_forums = array_flip(explode(',', $bb_cfg['latest_news_forum_id']));
if (isset($news_forums[$t_data['forum_id']]) && $bb_cfg['show_latest_news']) {
$datastore->enqueue('latest_news');
$datastore->update('latest_news');
}
$net_forums = array_flip(explode(',', $bb_cfg['network_news_forum_id']));
if (isset($net_forums[$t_data['forum_id']]) && $bb_cfg['show_network_news'])
{
$datastore->enqueue('network_news');
$datastore->update('network_news');
}
$net_forums = array_flip(explode(',', $bb_cfg['network_news_forum_id']));
if (isset($net_forums[$t_data['forum_id']]) && $bb_cfg['show_network_news']) {
$datastore->enqueue('network_news');
$datastore->update('network_news');
}
$this->response['topic_id'] = $topic_id;
$this->response['topic_title'] = $new_title;
break;
$this->response['topic_id'] = $topic_id;
$this->response['topic_title'] = $new_title;
break;
case 'profile_ip':
$user_id = (int) $this->request['user_id'];
$profiledata = get_userdata($user_id);
case 'profile_ip':
$user_id = (int)$this->request['user_id'];
$profiledata = get_userdata($user_id);
if (!$user_id) $this->ajax_die($lang['NO_USER_ID_SPECIFIED']);
if (!$user_id) {
$this->ajax_die($lang['NO_USER_ID_SPECIFIED']);
}
$reg_ip = DB()->fetch_rowset("SELECT username, user_id, user_rank FROM ". BB_USERS ."
$reg_ip = DB()->fetch_rowset("SELECT username, user_id, user_rank FROM " . BB_USERS . "
WHERE user_reg_ip = '{$profiledata['user_reg_ip']}'
AND user_reg_ip != ''
AND user_id != {$profiledata['user_id']}
ORDER BY username ASC");
$last_ip = DB()->fetch_rowset("SELECT username, user_id, user_rank FROM " .BB_USERS ."
$last_ip = DB()->fetch_rowset("SELECT username, user_id, user_rank FROM " . BB_USERS . "
WHERE user_last_ip = '{$profiledata['user_last_ip']}'
AND user_last_ip != ''
AND user_id != {$profiledata['user_id']}");
$link_reg_ip = $link_last_ip = '';
$link_reg_ip = $link_last_ip = '';
if (!empty($reg_ip))
{
$link_reg_ip .= $lang['OTHER_IP'] .' ';
foreach ($reg_ip as $row)
{
$link_reg_ip .= profile_url($row) .' ';
}
}
if (!empty($reg_ip)) {
$link_reg_ip .= $lang['OTHER_IP'] . ' ';
foreach ($reg_ip as $row) {
$link_reg_ip .= profile_url($row) . ' ';
}
}
if (!empty($last_ip))
{
$link_last_ip .= $lang['OTHER_IP'] .' ';
foreach ($last_ip as $row)
{
$link_last_ip .= profile_url($row) .' ';
}
}
if (!empty($last_ip)) {
$link_last_ip .= $lang['OTHER_IP'] . ' ';
foreach ($last_ip as $row) {
$link_last_ip .= profile_url($row) . ' ';
}
}
if ($profiledata['user_level'] == ADMIN && !IS_ADMIN) $reg_ip = $last_ip = $lang['HIDDEN'];
elseif ($profiledata['user_level'] == MOD && IS_MOD) $reg_ip = $last_ip = $lang['HIDDEN'];
else
{
$user_reg_ip = decode_ip($profiledata['user_reg_ip']);
$user_last_ip = decode_ip($profiledata['user_last_ip']);
$reg_ip = '<a href="'. $bb_cfg['whois_info'] . $user_reg_ip .'" class="gen" target="_blank">'. $user_reg_ip .'</a>';
$last_ip = '<a href="'. $bb_cfg['whois_info'] . $user_last_ip .'" class="gen" target="_blank">'. $user_last_ip .'</a>';
}
if ($profiledata['user_level'] == ADMIN && !IS_ADMIN) {
$reg_ip = $last_ip = $lang['HIDDEN'];
} elseif ($profiledata['user_level'] == MOD && IS_MOD) {
$reg_ip = $last_ip = $lang['HIDDEN'];
} else {
$user_reg_ip = decode_ip($profiledata['user_reg_ip']);
$user_last_ip = decode_ip($profiledata['user_last_ip']);
$reg_ip = '<a href="' . $bb_cfg['whois_info'] . $user_reg_ip . '" class="gen" target="_blank">' . $user_reg_ip . '</a>';
$last_ip = '<a href="' . $bb_cfg['whois_info'] . $user_last_ip . '" class="gen" target="_blank">' . $user_last_ip . '</a>';
}
$this->response['ip_list_html'] = '
$this->response['ip_list_html'] = '
<br /><table class="mod_ip bCenter borderless" cellspacing="1">
<tr class="row5" >
<td>'. $lang['REG_IP'] .'</td>
<td class="tCenter">'. $reg_ip .'</td>
<td><div>'. $link_reg_ip .'</div></td>
<td>' . $lang['REG_IP'] . '</td>
<td class="tCenter">' . $reg_ip . '</td>
<td><div>' . $link_reg_ip . '</div></td>
</tr>
<tr class="row4">
<td>'. $lang['LAST_IP'] .'</td>
<td class="tCenter">'. $last_ip .'</td>
<td><div>'. $link_last_ip .'</div></td>
<td>' . $lang['LAST_IP'] . '</td>
<td class="tCenter">' . $last_ip . '</td>
<td><div>' . $link_last_ip . '</div></td>
</tr>
</table><br />
';
break;
}
break;
}

103
library/ajax/post_mod_comment.php
View file

@ -1,60 +1,87 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $lang, $userdata;
$post_id = (int) $this->request['post_id'];
$mc_type = (int) $this->request['mc_type'];
$mc_text = (string) $this->request['mc_text'];
if (!$mc_text = prepare_message($mc_text)) $this->ajax_die($lang['EMPTY_MESSAGE']);
$post_id = (int)$this->request['post_id'];
$mc_type = (int)$this->request['mc_type'];
$mc_text = (string)$this->request['mc_text'];
if (!$mc_text = prepare_message($mc_text)) {
$this->ajax_die($lang['EMPTY_MESSAGE']);
}
$post = DB()->fetch_row("
SELECT
p.post_id, p.poster_id
FROM ". BB_POSTS ." p
FROM " . BB_POSTS . " p
WHERE p.post_id = $post_id
");
if (!$post) $this->ajax_die('not post');
if (!$post) {
$this->ajax_die('not post');
}
$data = array(
'mc_comment' => ($mc_type) ? $mc_text : '',
'mc_type' => $mc_type,
'mc_user_id' => ($mc_type) ? $userdata['user_id'] : 0,
'mc_comment' => ($mc_type) ? $mc_text : '',
'mc_type' => $mc_type,
'mc_user_id' => ($mc_type) ? $userdata['user_id'] : 0,
);
$sql_args = DB()->build_array('UPDATE', $data);
DB()->query("UPDATE ". BB_POSTS ." SET $sql_args WHERE post_id = $post_id");
DB()->query("UPDATE " . BB_POSTS . " SET $sql_args WHERE post_id = $post_id");
if ($mc_type && $post['poster_id'] != $userdata['user_id'])
{
$subject = sprintf($lang['MC_COMMENT_PM_SUBJECT'], $lang['MC_COMMENT'][$mc_type]['type']);
$message = sprintf($lang['MC_COMMENT_PM_MSG'], get_username($post['poster_id']), make_url(POST_URL ."$post_id#$post_id"), $lang['MC_COMMENT'][$mc_type]['type'], $mc_text);
if ($mc_type && $post['poster_id'] != $userdata['user_id']) {
$subject = sprintf($lang['MC_COMMENT_PM_SUBJECT'], $lang['MC_COMMENT'][$mc_type]['type']);
$message = sprintf($lang['MC_COMMENT_PM_MSG'], get_username($post['poster_id']), make_url(POST_URL . "$post_id#$post_id"), $lang['MC_COMMENT'][$mc_type]['type'], $mc_text);
send_pm($post['poster_id'], $subject, $message);
cache_rm_user_sessions($post['poster_id']);
send_pm($post['poster_id'], $subject, $message);
cache_rm_user_sessions($post['poster_id']);
}
switch($mc_type)
{
case 1: // Комментарий
$mc_class = 'success';
break;
case 2: // Информация
$mc_class = 'info';
break;
case 3: // Предупреждение
$mc_class = 'warning';
break;
case 4: // Нарушение
$mc_class = 'danger';
break;
default:
$mc_class = '';
break;
switch ($mc_type) {
case 1: // Комментарий
$mc_class = 'success';
break;
case 2: // Информация
$mc_class = 'info';
break;
case 3: // Предупреждение
$mc_class = 'warning';
break;
case 4: // Нарушение
$mc_class = 'danger';
break;
default:
$mc_class = '';
break;
}
$this->response['mc_type'] = $mc_type;
$this->response['post_id'] = $post_id;
$this->response['mc_type'] = $mc_type;
$this->response['post_id'] = $post_id;
$this->response['mc_title'] = sprintf($lang['MC_COMMENT'][$mc_type]['title'], profile_url($userdata));
$this->response['mc_text'] = bbcode2html($mc_text);
$this->response['mc_class'] = $mc_class;
$this->response['mc_text'] = bbcode2html($mc_text);
$this->response['mc_class'] = $mc_class;

486
library/ajax/posts.php
View file

@ -1,212 +1,212 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $lang, $bb_cfg, $userdata;
if (!isset($this->request['type']))
{
$this->ajax_die('empty type');
if (!isset($this->request['type'])) {
$this->ajax_die('empty type');
}
if (isset($this->request['post_id']))
{
$post_id = (int) $this->request['post_id'];
$post = DB()->fetch_row("SELECT t.*, f.*, p.*, pt.post_text
FROM ". BB_TOPICS ." t, ". BB_FORUMS ." f, ". BB_POSTS ." p, ". BB_POSTS_TEXT ." pt
if (isset($this->request['post_id'])) {
$post_id = (int)$this->request['post_id'];
$post = DB()->fetch_row("SELECT t.*, f.*, p.*, pt.post_text
FROM " . BB_TOPICS . " t, " . BB_FORUMS . " f, " . BB_POSTS . " p, " . BB_POSTS_TEXT . " pt
WHERE p.post_id = $post_id
AND t.topic_id = p.topic_id
AND f.forum_id = t.forum_id
AND p.post_id = pt.post_id
LIMIT 1");
if(!$post) $this->ajax_die('not post');
if (!$post) {
$this->ajax_die('not post');
}
$is_auth = auth(AUTH_ALL, $post['forum_id'], $userdata, $post);
if ($post['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])
{
$this->ajax_die($lang['TOPIC_LOCKED']);
}
}
elseif (isset($this->request['topic_id']))
{
$topic_id = (int) $this->request['topic_id'];
$post = DB()->fetch_row("SELECT t.*, f.*
FROM ". BB_TOPICS ." t, ". BB_FORUMS ." f
$is_auth = auth(AUTH_ALL, $post['forum_id'], $userdata, $post);
if ($post['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod']) {
$this->ajax_die($lang['TOPIC_LOCKED']);
}
} elseif (isset($this->request['topic_id'])) {
$topic_id = (int)$this->request['topic_id'];
$post = DB()->fetch_row("SELECT t.*, f.*
FROM " . BB_TOPICS . " t, " . BB_FORUMS . " f
WHERE t.topic_id = $topic_id
AND f.forum_id = t.forum_id
LIMIT 1");
if(!$post) $this->ajax_die('not post');
if (!$post) {
$this->ajax_die('not post');
}
$is_auth = auth(AUTH_ALL, $post['forum_id'], $userdata, $post);
$is_auth = auth(AUTH_ALL, $post['forum_id'], $userdata, $post);
}
if (!defined('WORD_LIST_OBTAINED'))
{
$orig_word = array();
$replace_word = array();
obtain_word_list($orig_word, $replace_word);
define('WORD_LIST_OBTAINED', true);
if (!defined('WORD_LIST_OBTAINED')) {
$orig_word = array();
$replace_word = array();
obtain_word_list($orig_word, $replace_word);
define('WORD_LIST_OBTAINED', true);
}
switch($this->request['type'])
{
case 'delete';
if ($post['post_id'] != $post['topic_first_post_id'] && $is_auth['auth_delete'] && ($is_auth['auth_mod'] || ($userdata['user_id'] == $post['poster_id'] && $post['topic_last_post_id'] == $post['post_id'] && $post['post_time'] + 3600*3 > TIMENOW)))
{
if (empty($this->request['confirmed']))
{
$this->prompt_for_confirm($lang['CONFIRM_DELETE']);
}
post_delete($post_id);
switch ($this->request['type']) {
case 'delete';
if ($post['post_id'] != $post['topic_first_post_id'] && $is_auth['auth_delete'] && ($is_auth['auth_mod'] || ($userdata['user_id'] == $post['poster_id'] && $post['topic_last_post_id'] == $post['post_id'] && $post['post_time'] + 3600 * 3 > TIMENOW))) {
if (empty($this->request['confirmed'])) {
$this->prompt_for_confirm($lang['CONFIRM_DELETE']);
}
post_delete($post_id);
// Update atom feed
update_atom('topic', (int) $this->request['topic_id']);
// Update atom feed
update_atom('topic', (int)$this->request['topic_id']);
$this->response['hide'] = true;
$this->response['post_id'] = $post_id;
}
else
{
$this->ajax_die(sprintf($lang['SORRY_AUTH_DELETE'], strip_tags($is_auth['auth_delete_type'])));
}
break;
$this->response['hide'] = true;
$this->response['post_id'] = $post_id;
} else {
$this->ajax_die(sprintf($lang['SORRY_AUTH_DELETE'], strip_tags($is_auth['auth_delete_type'])));
}
break;
case 'reply';
if (bf($userdata['user_opt'], 'user_opt', 'dis_post'))
{
$this->ajax_die(strip_tags($lang['RULES_REPLY_CANNOT']));
}
elseif(!$is_auth['auth_reply'])
{
$this->ajax_die(sprintf($lang['SORRY_AUTH_REPLY'], strip_tags($is_auth['auth_reply_type'])));
}
case 'reply';
if (bf($userdata['user_opt'], 'user_opt', 'dis_post')) {
$this->ajax_die(strip_tags($lang['RULES_REPLY_CANNOT']));
} elseif (!$is_auth['auth_reply']) {
$this->ajax_die(sprintf($lang['SORRY_AUTH_REPLY'], strip_tags($is_auth['auth_reply_type'])));
}
$quote_username = ($post['post_username'] != '') ? $post['post_username'] : get_username($post['poster_id']);
$message = "[quote=\"". $quote_username ."\"][qpost=". $post['post_id'] ."]". $post['post_text'] ."[/quote]\r";
$quote_username = ($post['post_username'] != '') ? $post['post_username'] : get_username($post['poster_id']);
$message = "[quote=\"" . $quote_username . "\"][qpost=" . $post['post_id'] . "]" . $post['post_text'] . "[/quote]\r";
// hide user passkey
$message = preg_replace('#(?<=\?uk=)[a-zA-Z0-9]{10}(?=&)#', 'passkey', $message);
// hide sid
$message = preg_replace('#(?<=[\?&;]sid=)[a-zA-Z0-9]{12}#', 'sid', $message);
// hide user passkey
$message = preg_replace('#(?<=\?uk=)[a-zA-Z0-9]{10}(?=&)#', 'passkey', $message);
// hide sid
$message = preg_replace('#(?<=[\?&;]sid=)[a-zA-Z0-9]{12}#', 'sid', $message);
if (!empty($orig_word))
{
$message = (!empty($message)) ? preg_replace($orig_word, $replace_word, $message) : '';
}
if (!empty($orig_word)) {
$message = (!empty($message)) ? preg_replace($orig_word, $replace_word, $message) : '';
}
if ($post['post_id'] == $post['topic_first_post_id'])
{
$message = "[quote]". $post['topic_title'] ."[/quote]\r";
}
if (mb_strlen($message, 'UTF-8') > 1000)
{
$this->response['redirect'] = make_url(POSTING_URL.'?mode=quote&p='. $post_id);
}
if ($post['post_id'] == $post['topic_first_post_id']) {
$message = "[quote]" . $post['topic_title'] . "[/quote]\r";
}
if (mb_strlen($message, 'UTF-8') > 1000) {
$this->response['redirect'] = make_url(POSTING_URL . '?mode=quote&p=' . $post_id);
}
$this->response['quote'] = true;
$this->response['message'] = $message;
break;
$this->response['quote'] = true;
$this->response['message'] = $message;
break;
case 'view_message':
$message = (string) $this->request['message'];
if(!trim($message)) $this->ajax_die($lang['EMPTY_MESSAGE']);
$message = htmlCHR($message, false, ENT_NOQUOTES);
case 'view_message':
$message = (string)$this->request['message'];
if (!trim($message)) {
$this->ajax_die($lang['EMPTY_MESSAGE']);
}
$message = htmlCHR($message, false, ENT_NOQUOTES);
$this->response['message_html'] = bbcode2html($message);
$this->response['res_id'] = @$this->request['res_id'];
break;
$this->response['message_html'] = bbcode2html($message);
$this->response['res_id'] = @$this->request['res_id'];
break;
case 'edit':
case 'editor':
if (bf($userdata['user_opt'], 'user_opt', 'dis_post_edit'))
{
$this->ajax_die($lang['POST_EDIT_CANNOT']);
}
if ($post['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'])
{
$this->ajax_die($lang['EDIT_OWN_POSTS']);
}
if ((mb_strlen($post['post_text'], 'UTF-8') > 1000) || $post['post_attachment'] || ($post['topic_first_post_id'] == $post_id))
{
$this->response['redirect'] = make_url(POSTING_URL.'?mode=editpost&p='. $post_id);
}
elseif ($this->request['type'] == 'editor')
{
$text = (string) $this->request['text'];
$text = prepare_message($text);
case 'edit':
case 'editor':
if (bf($userdata['user_opt'], 'user_opt', 'dis_post_edit')) {
$this->ajax_die($lang['POST_EDIT_CANNOT']);
}
if ($post['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod']) {
$this->ajax_die($lang['EDIT_OWN_POSTS']);
}
if ((mb_strlen($post['post_text'], 'UTF-8') > 1000) || $post['post_attachment'] || ($post['topic_first_post_id'] == $post_id)) {
$this->response['redirect'] = make_url(POSTING_URL . '?mode=editpost&p=' . $post_id);
} elseif ($this->request['type'] == 'editor') {
$text = (string)$this->request['text'];
$text = prepare_message($text);
if (mb_strlen($text) > 2)
{
if ($text != $post['post_text'])
{
if ($bb_cfg['max_smilies'])
{
$count_smilies = substr_count(bbcode2html($text), '<img class="smile" src="'. $bb_cfg['smilies_path']);
if ($count_smilies > $bb_cfg['max_smilies'])
{
$this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies']));
}
}
DB()->query("UPDATE ". BB_POSTS_TEXT ." SET post_text = '". DB()->escape($text) ."' WHERE post_id = $post_id LIMIT 1");
if ($post['topic_last_post_id'] != $post['post_id'] && $userdata['user_id'] == $post['poster_id'])
{
DB()->query("UPDATE ". BB_POSTS ." SET post_edit_time = '". TIMENOW ."', post_edit_count = post_edit_count + 1 WHERE post_id = $post_id LIMIT 1");
}
$s_text = str_replace('\n', "\n", $text);
$s_topic_title = str_replace('\n', "\n", $post['topic_title']);
add_search_words($post_id, stripslashes($s_text), stripslashes($s_topic_title));
update_post_html(array(
'post_id' => $post_id,
'post_text' => $text,
));
}
}
else $this->ajax_die($lang['EMPTY_MESSAGE']);
if (mb_strlen($text) > 2) {
if ($text != $post['post_text']) {
if ($bb_cfg['max_smilies']) {
$count_smilies = substr_count(bbcode2html($text), '<img class="smile" src="' . $bb_cfg['smilies_path']);
if ($count_smilies > $bb_cfg['max_smilies']) {
$this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies']));
}
}
DB()->query("UPDATE " . BB_POSTS_TEXT . " SET post_text = '" . DB()->escape($text) . "' WHERE post_id = $post_id LIMIT 1");
if ($post['topic_last_post_id'] != $post['post_id'] && $userdata['user_id'] == $post['poster_id']) {
DB()->query("UPDATE " . BB_POSTS . " SET post_edit_time = '" . TIMENOW . "', post_edit_count = post_edit_count + 1 WHERE post_id = $post_id LIMIT 1");
}
$s_text = str_replace('\n', "\n", $text);
$s_topic_title = str_replace('\n', "\n", $post['topic_title']);
add_search_words($post_id, stripslashes($s_text), stripslashes($s_topic_title));
update_post_html(array(
'post_id' => $post_id,
'post_text' => $text,
));
}
} else {
$this->ajax_die($lang['EMPTY_MESSAGE']);
}
// Update atom feed
update_atom('topic', (int) $this->request['topic_id']);
// Update atom feed
update_atom('topic', (int)$this->request['topic_id']);
$this->response['html'] = bbcode2html($text);
}
else
{
$is_auth = auth(AUTH_ALL, $post['forum_id'], $userdata, $post);
if ($post['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])
{
$this->ajax_die($lang['TOPIC_LOCKED']);
}
elseif (!$is_auth['auth_edit'])
{
$this->ajax_die(sprintf($lang['SORRY_AUTH_EDIT'], strip_tags($is_auth['auth_edit_type'])));
}
$this->response['html'] = bbcode2html($text);
} else {
$is_auth = auth(AUTH_ALL, $post['forum_id'], $userdata, $post);
if ($post['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod']) {
$this->ajax_die($lang['TOPIC_LOCKED']);
} elseif (!$is_auth['auth_edit']) {
$this->ajax_die(sprintf($lang['SORRY_AUTH_EDIT'], strip_tags($is_auth['auth_edit_type'])));
}
$hidden_form = '<input type="hidden" name="mode" value="editpost" />';
$hidden_form .= '<input type="hidden" name="'. POST_POST_URL .'" value="'. $post_id .'" />';
$hidden_form .= '<input type="hidden" name="subject" value="'. $post['topic_title'] .'" />';
$hidden_form = '<input type="hidden" name="mode" value="editpost" />';
$hidden_form .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
$hidden_form .= '<input type="hidden" name="subject" value="' . $post['topic_title'] . '" />';
$this->response['text'] = '
<form action="'. POSTING_URL .'" method="post" name="post">
'. $hidden_form .'
$this->response['text'] = '
<form action="' . POSTING_URL . '" method="post" name="post">
' . $hidden_form . '
<div class="buttons mrg_4">
<input type="button" value="B" name="codeB" title="'. $lang['BOLD'] .'" style="font-weight: bold; width: 25px;" />
<input type="button" value="i" name="codeI" title="'. $lang['ITALIC'] .'" style="width: 25px; font-style: italic;" />
<input type="button" value="u" name="codeU" title="'. $lang['UNDERLINE'] .'" style="width: 25px; text-decoration: underline;" />
<input type="button" value="s" name="codeS" title="'. $lang['STRIKEOUT'] .'" style="width: 25px; text-decoration: line-through;" />&nbsp;&nbsp;
<input type="button" value="'. $lang['QUOTE'] .'" name="codeQuote" title="'. $lang['QUOTE_TITLE'] .'" style="width: 57px;" />
<input type="button" value="Img" name="codeImg" title="'. $lang['IMG_TITLE'] .'" style="width: 40px;" />
<input type="button" value="'. $lang['URL'] .'" name="codeUrl" title="'. $lang['URL_TITLE'] .'" style="width: 63px; text-decoration: underline;" />&nbsp;
<input type="button" value="'. $lang['CODE'] .'" name="codeCode" title="'. $lang['CODE_TITLE'] .'" style="width: 43px;" />
<input type="button" value="'. $lang['LIST'] .'" name="codeList" title="'. $lang['LIST_TITLE'] .'" style="width: 60px;" />
<input type="button" value="1." name="codeOpt" title="'. $lang['LIST_ITEM'] .'" style="width: 30px;" />&nbsp;
<input type="button" value="'. $lang['QUOTE_SEL'] .'" name="quoteselected" title="'. $lang['QUOTE_SELECTED'] .'" onclick="bbcode.onclickQuoteSel();" />&nbsp;
<input type="button" value="B" name="codeB" title="' . $lang['BOLD'] . '" style="font-weight: bold; width: 25px;" />
<input type="button" value="i" name="codeI" title="' . $lang['ITALIC'] . '" style="width: 25px; font-style: italic;" />
<input type="button" value="u" name="codeU" title="' . $lang['UNDERLINE'] . '" style="width: 25px; text-decoration: underline;" />
<input type="button" value="s" name="codeS" title="' . $lang['STRIKEOUT'] . '" style="width: 25px; text-decoration: line-through;" />&nbsp;&nbsp;
<input type="button" value="' . $lang['QUOTE'] . '" name="codeQuote" title="' . $lang['QUOTE_TITLE'] . '" style="width: 57px;" />
<input type="button" value="Img" name="codeImg" title="' . $lang['IMG_TITLE'] . '" style="width: 40px;" />
<input type="button" value="' . $lang['URL'] . '" name="codeUrl" title="' . $lang['URL_TITLE'] . '" style="width: 63px; text-decoration: underline;" />&nbsp;
<input type="button" value="' . $lang['CODE'] . '" name="codeCode" title="' . $lang['CODE_TITLE'] . '" style="width: 43px;" />
<input type="button" value="' . $lang['LIST'] . '" name="codeList" title="' . $lang['LIST_TITLE'] . '" style="width: 60px;" />
<input type="button" value="1." name="codeOpt" title="' . $lang['LIST_ITEM'] . '" style="width: 30px;" />&nbsp;
<input type="button" value="' . $lang['QUOTE_SEL'] . '" name="quoteselected" title="' . $lang['QUOTE_SELECTED'] . '" onclick="bbcode.onclickQuoteSel();" />&nbsp;
</div>
<textarea id="message-'. $post_id .'" class="editor mrg_4" name="message" rows="18" cols="92">'. $post['post_text'] .'</textarea>
<textarea id="message-' . $post_id . '" class="editor mrg_4" name="message" rows="18" cols="92">' . $post['post_text'] . '</textarea>
<div class="mrg_4 tCenter">
<input title="Alt+Enter" name="preview" type="submit" value="'. $lang['PREVIEW'] .'">
<input type="button" onclick="edit_post('. $post_id .');" value="'. $lang['CANCEL'] .'">
<input type="button" onclick="edit_post('. $post_id .', \'editor\', $(\'#message-'. $post_id .'\').val()); return false;" class="bold" value="'. $lang['SUBMIT'] .'">
<input title="Alt+Enter" name="preview" type="submit" value="' . $lang['PREVIEW'] . '">
<input type="button" onclick="edit_post(' . $post_id . ');" value="' . $lang['CANCEL'] . '">
<input type="button" onclick="edit_post(' . $post_id . ', \'editor\', $(\'#message-' . $post_id . '\').val()); return false;" class="bold" value="' . $lang['SUBMIT'] . '">
</div><hr>
<script type="text/javascript">
var bbcode = new BBCode("message-'. $post_id .'");
var bbcode = new BBCode("message-' . $post_id . '");
var ctrl = "ctrl";
bbcode.addTag("codeB", "b", null, "B", ctrl);
@ -223,106 +223,92 @@ switch($this->request['type'])
bbcode.addTag("codeOpt", "*", "", "0", ctrl);
</script>
</form>';
}
$this->response['post_id'] = $post_id;
break;
}
$this->response['post_id'] = $post_id;
break;
case 'add':
if (!isset($this->request['topic_id']))
{
$this->ajax_die('empty topic_id');
}
case 'add':
if (!isset($this->request['topic_id'])) {
$this->ajax_die('empty topic_id');
}
if (bf($userdata['user_opt'], 'user_opt', 'dis_post'))
{
$this->ajax_die(strip_tags($lang['RULES_REPLY_CANNOT']));
}
elseif (!$is_auth['auth_reply'])
{
$this->ajax_die(sprintf($lang['SORRY_AUTH_REPLY'], strip_tags($is_auth['auth_reply_type'])));
}
if ($post['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])
{
$this->ajax_die($lang['TOPIC_LOCKED']);
}
if (bf($userdata['user_opt'], 'user_opt', 'dis_post')) {
$this->ajax_die(strip_tags($lang['RULES_REPLY_CANNOT']));
} elseif (!$is_auth['auth_reply']) {
$this->ajax_die(sprintf($lang['SORRY_AUTH_REPLY'], strip_tags($is_auth['auth_reply_type'])));
}
if ($post['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod']) {
$this->ajax_die($lang['TOPIC_LOCKED']);
}
$message = (string) $this->request['message'];
$message = prepare_message($message);
$message = (string)$this->request['message'];
$message = prepare_message($message);
// Flood control
$where_sql = (IS_GUEST) ? "p.poster_ip = '". USER_IP ."'" : "p.poster_id = {$userdata['user_id']}";
// Flood control
$where_sql = (IS_GUEST) ? "p.poster_ip = '" . USER_IP . "'" : "p.poster_id = {$userdata['user_id']}";
$sql = "SELECT MAX(p.post_time) AS last_post_time FROM ". BB_POSTS ." p WHERE $where_sql";
if ($row = DB()->fetch_row($sql) AND $row['last_post_time'])
{
if ($userdata['user_level'] == USER)
{
if (TIMENOW - $row['last_post_time'] < $bb_cfg['flood_interval'])
{
$this->ajax_die($lang['FLOOD_ERROR']);
}
}
}
$sql = "SELECT MAX(p.post_time) AS last_post_time FROM " . BB_POSTS . " p WHERE $where_sql";
if ($row = DB()->fetch_row($sql) and $row['last_post_time']) {
if ($userdata['user_level'] == USER) {
if (TIMENOW - $row['last_post_time'] < $bb_cfg['flood_interval']) {
$this->ajax_die($lang['FLOOD_ERROR']);
}
}
}
// Double Post Control
if (!empty($row['last_post_time']) && !IS_AM)
{
$sql = "
// Double Post Control
if (!empty($row['last_post_time']) && !IS_AM) {
$sql = "
SELECT pt.post_text
FROM ". BB_POSTS ." p, ". BB_POSTS_TEXT ." pt
FROM " . BB_POSTS . " p, " . BB_POSTS_TEXT . " pt
WHERE $where_sql
AND p.post_time = ". (int) $row['last_post_time'] ."
AND p.post_time = " . (int)$row['last_post_time'] . "
AND pt.post_id = p.post_id
LIMIT 1
";
if ($row = DB()->fetch_row($sql))
{
$last_msg = DB()->escape($row['post_text']);
if ($row = DB()->fetch_row($sql)) {
$last_msg = DB()->escape($row['post_text']);
if ($last_msg == $message)
{
$this->ajax_die($lang['DOUBLE_POST_ERROR']);
}
}
}
if ($last_msg == $message) {
$this->ajax_die($lang['DOUBLE_POST_ERROR']);
}
}
}
if ($bb_cfg['max_smilies'])
{
$count_smilies = substr_count(bbcode2html($message), '<img class="smile" src="'. $bb_cfg['smilies_path']);
if ($count_smilies > $bb_cfg['max_smilies'])
{
$this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies']));
}
}
if ($bb_cfg['max_smilies']) {
$count_smilies = substr_count(bbcode2html($message), '<img class="smile" src="' . $bb_cfg['smilies_path']);
if ($count_smilies > $bb_cfg['max_smilies']) {
$this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies']));
}
}
DB()->sql_query("INSERT INTO " . BB_POSTS . " (topic_id, forum_id, poster_id, post_time, poster_ip) VALUES ($topic_id, ". $post['forum_id'] .", ". $userdata['user_id'] .", '". TIMENOW ."', '". USER_IP ."')");
$post_id = DB()->sql_nextid();
DB()->sql_query("INSERT INTO " . BB_POSTS_TEXT . " (post_id, post_text) VALUES ($post_id, '". DB()->escape($message) ."')");
DB()->sql_query("INSERT INTO " . BB_POSTS . " (topic_id, forum_id, poster_id, post_time, poster_ip) VALUES ($topic_id, " . $post['forum_id'] . ", " . $userdata['user_id'] . ", '" . TIMENOW . "', '" . USER_IP . "')");
$post_id = DB()->sql_nextid();
DB()->sql_query("INSERT INTO " . BB_POSTS_TEXT . " (post_id, post_text) VALUES ($post_id, '" . DB()->escape($message) . "')");
update_post_stats('reply', $post, $post['forum_id'], $topic_id, $post_id, $userdata['user_id']);
update_post_stats('reply', $post, $post['forum_id'], $topic_id, $post_id, $userdata['user_id']);
$s_message = str_replace('\n', "\n", $message);
$s_topic_title = str_replace('\n', "\n", $post['topic_title']);
add_search_words($post_id, stripslashes($s_message), stripslashes($s_topic_title));
update_post_html(array(
'post_id' => $post_id,
'post_text' => $message,
));
$s_message = str_replace('\n', "\n", $message);
$s_topic_title = str_replace('\n', "\n", $post['topic_title']);
add_search_words($post_id, stripslashes($s_message), stripslashes($s_topic_title));
update_post_html(array(
'post_id' => $post_id,
'post_text' => $message,
));
if ($bb_cfg['topic_notify_enabled'])
{
$notify = !empty($this->request['notify']);
user_notification('reply', $post, $post['topic_title'], $post['forum_id'], $topic_id, $notify);
}
if ($bb_cfg['topic_notify_enabled']) {
$notify = !empty($this->request['notify']);
user_notification('reply', $post, $post['topic_title'], $post['forum_id'], $topic_id, $notify);
}
// Update atom feed
update_atom('topic', (int) $this->request['topic_id']);
// Update atom feed
update_atom('topic', (int)$this->request['topic_id']);
$this->response['redirect'] = make_url(POST_URL . "$post_id#$post_id");
break;
$this->response['redirect'] = make_url(POST_URL . "$post_id#$post_id");
break;
default:
$this->ajax_die('empty type');
break;
}
default:
$this->ajax_die('empty type');
break;
}

103
library/ajax/sitemap.php
View file

@ -1,55 +1,80 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $bb_cfg, $lang;
$mode = (string) $this->request['mode'];
$map = new sitemap();
$mode = (string)$this->request['mode'];
$map = new sitemap();
$html = '';
switch ($mode)
{
case 'create':
$map->create();
if (@file_exists(SITEMAP_DIR. 'sitemap.xml'))
{
$html .= $lang['SITEMAP_CREATED'].': <b>'.bb_date(TIMENOW, $bb_cfg['post_date_format']).'</b> '.$lang['SITEMAP_AVAILABLE'].': <a href="'.make_url('sitemap.xml').'" target="_blank">'.make_url('sitemap.xml').'</a>';
} else {
$html .= $lang['SITEMAP_NOT_CREATED'];
}
break;
switch ($mode) {
case 'create':
$map->create();
if (@file_exists(SITEMAP_DIR . 'sitemap.xml')) {
$html .= $lang['SITEMAP_CREATED'] . ': <b>' . bb_date(TIMENOW, $bb_cfg['post_date_format']) . '</b> ' . $lang['SITEMAP_AVAILABLE'] . ': <a href="' . make_url('sitemap.xml') . '" target="_blank">' . make_url('sitemap.xml') . '</a>';
} else {
$html .= $lang['SITEMAP_NOT_CREATED'];
}
break;
case 'search_update':
if (!@file_exists(SITEMAP_DIR. 'sitemap.xml')) $map->create();
case 'search_update':
if (!@file_exists(SITEMAP_DIR . 'sitemap.xml')) {
$map->create();
}
$map_link = make_url(SITEMAP_DIR. 'sitemap.xml');
$map_link = make_url(SITEMAP_DIR . 'sitemap.xml');
if (strpos($map->send_url("http://google.com/webmasters/sitemaps/ping?sitemap=", $map_link), "successfully added") !== false) {
$html .= '<br />'.$lang['SITEMAP_NOTIFY_SEARCH'].' Google: <font style="color: green;">'.$lang['SITEMAP_SENT'].'</font>';
} else {
$html .= '<br />'.$lang['SITEMAP_NOTIFY_SEARCH'].' Google: <font style="color: red;">'.$lang['SITEMAP_ERROR'].'</font> URL: <a href="http://google.com/webmasters/sitemaps/ping?sitemap='.urlencode($map_link).'" target="_blank">http://google.com/webmasters/sitemaps/ping?sitemap='.$map_link.'</a>';
}
if (strpos($map->send_url("http://google.com/webmasters/sitemaps/ping?sitemap=", $map_link), "successfully added") !== false) {
$html .= '<br />' . $lang['SITEMAP_NOTIFY_SEARCH'] . ' Google: <font style="color: green;">' . $lang['SITEMAP_SENT'] . '</font>';
} else {
$html .= '<br />' . $lang['SITEMAP_NOTIFY_SEARCH'] . ' Google: <font style="color: red;">' . $lang['SITEMAP_ERROR'] . '</font> URL: <a href="http://google.com/webmasters/sitemaps/ping?sitemap=' . urlencode($map_link) . '" target="_blank">http://google.com/webmasters/sitemaps/ping?sitemap=' . $map_link . '</a>';
}
if (strpos($map->send_url("http://ping.blogs.yandex.ru/ping?sitemap=", $map_link), "OK") !== false) {
$html .= '<br />'.$lang['SITEMAP_NOTIFY_SEARCH'].' Yandex: <font style="color: green;">'.$lang['SITEMAP_SENT'].'</font>';
} else {
$html .= '<br />'.$lang['SITEMAP_NOTIFY_SEARCH'].' Yandex: <font style="color: red;">'.$lang['SITEMAP_ERROR'].'</font> URL: <a href="http://ping.blogs.yandex.ru/ping?sitemap='.urlencode($map_link).'" target="_blank">http://ping.blogs.yandex.ru/ping?sitemap='.$map_link.'</a>';
}
if (strpos($map->send_url("http://ping.blogs.yandex.ru/ping?sitemap=", $map_link), "OK") !== false) {
$html .= '<br />' . $lang['SITEMAP_NOTIFY_SEARCH'] . ' Yandex: <font style="color: green;">' . $lang['SITEMAP_SENT'] . '</font>';
} else {
$html .= '<br />' . $lang['SITEMAP_NOTIFY_SEARCH'] . ' Yandex: <font style="color: red;">' . $lang['SITEMAP_ERROR'] . '</font> URL: <a href="http://ping.blogs.yandex.ru/ping?sitemap=' . urlencode($map_link) . '" target="_blank">http://ping.blogs.yandex.ru/ping?sitemap=' . $map_link . '</a>';
}
if ($map->send_url("http://www.bing.com/ping?sitemap=", $map_link)) {
$html .= '<br />'.$lang['SITEMAP_NOTIFY_SEARCH'].' Bing: <font style="color: green;">'.$lang['SITEMAP_SENT'].'</font>';
} else {
$html .= '<br />'.$lang['SITEMAP_NOTIFY_SEARCH'].' Bing: <font style="color: red;">'.$lang['SITEMAP_ERROR'].'</font> URL: <a href="http://www.bing.com/ping?sitemap='.urlencode($map_link).'" target="_blank">http://www.bing.com/ping?sitemap='.$map_link.'</a>';
}
if ($map->send_url("http://www.bing.com/ping?sitemap=", $map_link)) {
$html .= '<br />' . $lang['SITEMAP_NOTIFY_SEARCH'] . ' Bing: <font style="color: green;">' . $lang['SITEMAP_SENT'] . '</font>';
} else {
$html .= '<br />' . $lang['SITEMAP_NOTIFY_SEARCH'] . ' Bing: <font style="color: red;">' . $lang['SITEMAP_ERROR'] . '</font> URL: <a href="http://www.bing.com/ping?sitemap=' . urlencode($map_link) . '" target="_blank">http://www.bing.com/ping?sitemap=' . $map_link . '</a>';
}
if (strpos($map->send_url("http://rpc.weblogs.com/pingSiteForm?name=InfraBlog&url=", $map_link), "Thanks for the ping") !== false) {
$html .= '<br />'.$lang['SITEMAP_NOTIFY_SEARCH'].' Weblogs: <font style="color: green;">'.$lang['SITEMAP_SENT'].'</font>';
} else {
$html .= '<br />'.$lang['SITEMAP_NOTIFY_SEARCH'].' Weblogs: <font style="color: red;">'.$lang['SITEMAP_ERROR'].'</font> URL: <a href="http://rpc.weblogs.com/pingSiteForm?name=InfraBlog&url='.urlencode($map_link).'" target="_blank">http://rpc.weblogs.com/pingSiteForm?name=InfraBlog&url='.$map_link.'</a>';
}
break;
if (strpos($map->send_url("http://rpc.weblogs.com/pingSiteForm?name=InfraBlog&url=", $map_link), "Thanks for the ping") !== false) {
$html .= '<br />' . $lang['SITEMAP_NOTIFY_SEARCH'] . ' Weblogs: <font style="color: green;">' . $lang['SITEMAP_SENT'] . '</font>';
} else {
$html .= '<br />' . $lang['SITEMAP_NOTIFY_SEARCH'] . ' Weblogs: <font style="color: red;">' . $lang['SITEMAP_ERROR'] . '</font> URL: <a href="http://rpc.weblogs.com/pingSiteForm?name=InfraBlog&url=' . urlencode($map_link) . '" target="_blank">http://rpc.weblogs.com/pingSiteForm?name=InfraBlog&url=' . $map_link . '</a>';
}
break;
}
$this->response['html'] = $html;
$this->response['mode'] = $mode;
$this->response['mode'] = $mode;

290
library/ajax/topic_tpl.php
View file

@ -1,172 +1,180 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $userdata;
if (!IS_SUPER_ADMIN) $this->ajax_die('not auth');
if (!IS_SUPER_ADMIN) {
$this->ajax_die('not auth');
}
array_deep($this->request, 'trim');
$mode = (string) $this->request['mode'];
$mode = (string)$this->request['mode'];
$sql_error = false;
// установка / начальная валидация значений
switch ($mode)
{
case 'load':
case 'save':
if (!$tpl_id = (int) $this->request['tpl_id'])
{
$this->ajax_die('Выбранный шаблон не найден, создайте новый (empty tpl_id)');
}
if (!$tpl_data = DB()->fetch_row("SELECT * FROM ". BB_TOPIC_TPL ." WHERE tpl_id = $tpl_id LIMIT 1"))
{
$this->ajax_die("Шаблон [id: $tpl_id] не найден в БД");
}
break;
switch ($mode) {
case 'load':
case 'save':
if (!$tpl_id = (int)$this->request['tpl_id']) {
$this->ajax_die('Выбранный шаблон не найден, создайте новый (empty tpl_id)');
}
if (!$tpl_data = DB()->fetch_row("SELECT * FROM " . BB_TOPIC_TPL . " WHERE tpl_id = $tpl_id LIMIT 1")) {
$this->ajax_die("Шаблон [id: $tpl_id] не найден в БД");
}
break;
}
switch ($mode)
{
case 'save':
case 'new':
if (!$tpl_name = htmlCHR(str_compact($this->request['tpl_name'])))
{
$this->ajax_die('не заполнено название шаблона');
}
$tpl_name = substr($tpl_name, 0, 60);
switch ($mode) {
case 'save':
case 'new':
if (!$tpl_name = htmlCHR(str_compact($this->request['tpl_name']))) {
$this->ajax_die('не заполнено название шаблона');
}
$tpl_name = substr($tpl_name, 0, 60);
if (!$tpl_src_form = htmlCHR($this->request['tpl_src_form']))
{
$this->ajax_die('не заполнен скрипт формы шаблона');
}
if (!$tpl_src_title = htmlCHR($this->request['tpl_src_title']))
{
$this->ajax_die('не заполнен формат названия темы');
}
$tpl_src_title = str_compact($tpl_src_title);
if (!$tpl_src_form = htmlCHR($this->request['tpl_src_form'])) {
$this->ajax_die('не заполнен скрипт формы шаблона');
}
if (!$tpl_src_title = htmlCHR($this->request['tpl_src_title'])) {
$this->ajax_die('не заполнен формат названия темы');
}
$tpl_src_title = str_compact($tpl_src_title);
if (!$tpl_src_msg = htmlCHR($this->request['tpl_src_msg']))
{
$this->ajax_die('не заполнен формат создания сообщения');
}
if (!$tpl_src_msg = htmlCHR($this->request['tpl_src_msg'])) {
$this->ajax_die('не заполнен формат создания сообщения');
}
$tpl_comment = htmlCHR($this->request['tpl_comment']);
$tpl_comment = htmlCHR($this->request['tpl_comment']);
preg_match('#\d+#', (string) $this->request['tpl_rules'], $m);
$tpl_rules_post_id = isset($m[0]) ? (int) $m[0] : 0;
preg_match('#\d+#', (string)$this->request['tpl_rules'], $m);
$tpl_rules_post_id = isset($m[0]) ? (int)$m[0] : 0;
$sql_args = array(
'tpl_name' => (string) $tpl_name,
'tpl_src_form' => (string) $tpl_src_form,
'tpl_src_title' => (string) $tpl_src_title,
'tpl_src_msg' => (string) $tpl_src_msg,
'tpl_comment' => (string) $tpl_comment,
'tpl_rules_post_id' => (int) $tpl_rules_post_id,
'tpl_last_edit_tm' => (int) TIMENOW,
'tpl_last_edit_by' => (int) $userdata['user_id'],
);
break;
$sql_args = array(
'tpl_name' => (string)$tpl_name,
'tpl_src_form' => (string)$tpl_src_form,
'tpl_src_title' => (string)$tpl_src_title,
'tpl_src_msg' => (string)$tpl_src_msg,
'tpl_comment' => (string)$tpl_comment,
'tpl_rules_post_id' => (int)$tpl_rules_post_id,
'tpl_last_edit_tm' => (int)TIMENOW,
'tpl_last_edit_by' => (int)$userdata['user_id'],
);
break;
}
// выполнение
switch ($mode)
{
// загрузка шаблона
case 'load':
$this->response['val']['tpl-name-save'] = $tpl_data['tpl_name'];
$this->response['val']['tpl-src-form'] = $tpl_data['tpl_src_form'];
$this->response['val']['tpl-src-title'] = $tpl_data['tpl_src_title'];
$this->response['val']['tpl-src-msg'] = $tpl_data['tpl_src_msg'];
$this->response['val']['tpl-comment-save'] = $tpl_data['tpl_comment'];
$this->response['val']['tpl-rules-save'] = $tpl_data['tpl_rules_post_id'];
array_deep($this->response['val'], 'html_ent_decode');
switch ($mode) {
// загрузка шаблона
case 'load':
$this->response['val']['tpl-name-save'] = $tpl_data['tpl_name'];
$this->response['val']['tpl-src-form'] = $tpl_data['tpl_src_form'];
$this->response['val']['tpl-src-title'] = $tpl_data['tpl_src_title'];
$this->response['val']['tpl-src-msg'] = $tpl_data['tpl_src_msg'];
$this->response['val']['tpl-comment-save'] = $tpl_data['tpl_comment'];
$this->response['val']['tpl-rules-save'] = $tpl_data['tpl_rules_post_id'];
array_deep($this->response['val'], 'html_ent_decode');
$this->response['val']['tpl-id-save'] = $tpl_id;
$this->response['val']['tpl-last-edit-tst'] = $tpl_data['tpl_last_edit_tm'];
$this->response['html']['tpl-name-old-save'] = $tpl_data['tpl_name'];
$this->response['html']['tpl-last-edit-time'] = bb_date($tpl_data['tpl_last_edit_tm'], 'd-M-y H:i');
$this->response['html']['tpl-last-edit-by'] = get_username(intval($tpl_data['tpl_last_edit_by']));
$this->response['val']['tpl-id-save'] = $tpl_id;
$this->response['val']['tpl-last-edit-tst'] = $tpl_data['tpl_last_edit_tm'];
$this->response['html']['tpl-name-old-save'] = $tpl_data['tpl_name'];
$this->response['html']['tpl-last-edit-time'] = bb_date($tpl_data['tpl_last_edit_tm'], 'd-M-y H:i');
$this->response['html']['tpl-last-edit-by'] = get_username(intval($tpl_data['tpl_last_edit_by']));
$this->response['tpl_rules_href'] = POST_URL . $tpl_data['tpl_rules_post_id'] .'#'. $tpl_data['tpl_rules_post_id'];
break;
$this->response['tpl_rules_href'] = POST_URL . $tpl_data['tpl_rules_post_id'] . '#' . $tpl_data['tpl_rules_post_id'];
break;
// включение / отключение шаблона в форуме
case 'assign':
if (!$tpl_id = (int) $this->request['tpl_id'])
{
$this->ajax_die('Выбранный шаблон не найден, создайте новый (empty tpl_id)');
}
if (!$forum_id = (int) $this->request['forum_id'])
{
$this->ajax_die('empty forum_id');
}
if (!forum_exists($forum_id))
{
$this->ajax_die("нет такого форума [id: $forum_id]");
}
// отключение
if ($tpl_id == -1)
{
$new_tpl_id = 0;
$this->response['msg'] = 'Шаблоны в этом форуме отключены';
}
// включение
else
{
if (!$tpl_name = DB()->fetch_row("SELECT tpl_name FROM ". BB_TOPIC_TPL ." WHERE tpl_id = $tpl_id LIMIT 1", 'tpl_name'))
{
$this->ajax_die("Шаблон [id: $tpl_id] не найден в БД");
}
$new_tpl_id = $tpl_id;
$this->response['msg'] = "Включен шаблон $tpl_name";
}
DB()->query("UPDATE ". BB_FORUMS ." SET forum_tpl_id = $new_tpl_id WHERE forum_id = $forum_id LIMIT 1");
break;
// включение / отключение шаблона в форуме
case 'assign':
if (!$tpl_id = (int)$this->request['tpl_id']) {
$this->ajax_die('Выбранный шаблон не найден, создайте новый (empty tpl_id)');
}
if (!$forum_id = (int)$this->request['forum_id']) {
$this->ajax_die('empty forum_id');
}
if (!forum_exists($forum_id)) {
$this->ajax_die("нет такого форума [id: $forum_id]");
}
// отключение
if ($tpl_id == -1) {
$new_tpl_id = 0;
$this->response['msg'] = 'Шаблоны в этом форуме отключены';
} // включение
else {
if (!$tpl_name = DB()->fetch_row("SELECT tpl_name FROM " . BB_TOPIC_TPL . " WHERE tpl_id = $tpl_id LIMIT 1", 'tpl_name')) {
$this->ajax_die("Шаблон [id: $tpl_id] не найден в БД");
}
$new_tpl_id = $tpl_id;
$this->response['msg'] = "Включен шаблон $tpl_name";
}
DB()->query("UPDATE " . BB_FORUMS . " SET forum_tpl_id = $new_tpl_id WHERE forum_id = $forum_id LIMIT 1");
break;
// сохранение изменений
case 'save':
if ($tpl_data['tpl_last_edit_tm'] > $this->request['tpl_l_ed_tst'] && $tpl_data['tpl_last_edit_by'] != $userdata['user_id'])
{
$last_edit_by_username = get_username(intval($tpl_data['tpl_last_edit_by']));
$msg = "Изменения не были сохранены!\n\n";
$msg .= 'Шаблон был отредактирован: '. html_entity_decode($last_edit_by_username) .', '. delta_time($tpl_data['tpl_last_edit_tm']) ." назад\n\n";
$this->ajax_die($msg);
}
$sql = "UPDATE ". BB_TOPIC_TPL ." SET ". DB()->build_array('UPDATE', $sql_args) ." WHERE tpl_id = $tpl_id LIMIT 1";
if (!@DB()->query($sql))
{
$sql_error = DB()->sql_error();
}
$this->response['tpl_id'] = $tpl_id;
$this->response['tpl_name'] = $tpl_name;
$this->response['html']['tpl-last-edit-time'] = bb_date(TIMENOW, 'd-M-y H:i');
$this->response['html']['tpl-last-edit-by'] = $userdata['username'];
break;
// сохранение изменений
case 'save':
if ($tpl_data['tpl_last_edit_tm'] > $this->request['tpl_l_ed_tst'] && $tpl_data['tpl_last_edit_by'] != $userdata['user_id']) {
$last_edit_by_username = get_username(intval($tpl_data['tpl_last_edit_by']));
$msg = "Изменения не были сохранены!\n\n";
$msg .= 'Шаблон был отредактирован: ' . html_entity_decode($last_edit_by_username) . ', ' . delta_time($tpl_data['tpl_last_edit_tm']) . " назад\n\n";
$this->ajax_die($msg);
}
$sql = "UPDATE " . BB_TOPIC_TPL . " SET " . DB()->build_array('UPDATE', $sql_args) . " WHERE tpl_id = $tpl_id LIMIT 1";
if (!@DB()->query($sql)) {
$sql_error = DB()->sql_error();
}
$this->response['tpl_id'] = $tpl_id;
$this->response['tpl_name'] = $tpl_name;
$this->response['html']['tpl-last-edit-time'] = bb_date(TIMENOW, 'd-M-y H:i');
$this->response['html']['tpl-last-edit-by'] = $userdata['username'];
break;
// создание нового шаблона
case 'new':
$sql = "INSERT INTO ". BB_TOPIC_TPL . DB()->build_array('INSERT', $sql_args);
if (!@DB()->query($sql))
{
$sql_error = DB()->sql_error();
}
break;
// создание нового шаблона
case 'new':
$sql = "INSERT INTO " . BB_TOPIC_TPL . DB()->build_array('INSERT', $sql_args);
if (!@DB()->query($sql)) {
$sql_error = DB()->sql_error();
}
break;
// ошибочный $mode
default:
$this->ajax_die("invalid mode: $mode");
// ошибочный $mode
default:
$this->ajax_die("invalid mode: $mode");
}
// возможный дубль названия шаблона
if ($sql_error)
{
if ($sql_error['code'] == 1062) // Duplicate entry
{
$this->ajax_die('Шаблон с таким названием уже существует, выберите другое название');
}
$this->ajax_die("db error {$sql_error['code']}: {$sql_error['message']}");
if ($sql_error) {
if ($sql_error['code'] == 1062) {
// Duplicate entry
$this->ajax_die('Шаблон с таким названием уже существует, выберите другое название');
}
$this->ajax_die("db error {$sql_error['code']}: {$sql_error['message']}");
}
// выход
$this->response['mode'] = $mode;
$this->response['timestamp'] = TIMENOW;
$this->response['mode'] = $mode;
$this->response['timestamp'] = TIMENOW;

123
library/ajax/user_register.php
View file

@ -1,72 +1,79 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $bb_cfg, $lang, $userdata;
$mode = (string) $this->request['mode'];
$mode = (string)$this->request['mode'];
$html = '<img src="./styles/images/good.gif">';
switch($mode)
{
case 'check_name':
$username = clean_username($this->request['username']);
switch ($mode) {
case 'check_name':
$username = clean_username($this->request['username']);
if (empty($username))
{
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">'. $lang['CHOOSE_A_NAME'] .'</span>';
}
elseif($err = validate_username($username))
{
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">'. $err .'</span>';
}
break;
if (empty($username)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $lang['CHOOSE_A_NAME'] . '</span>';
} elseif ($err = validate_username($username)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $err . '</span>';
}
break;
case 'check_email':
$email = (string) $this->request['email'];
case 'check_email':
$email = (string)$this->request['email'];
if (empty($email))
{
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">'. $lang['CHOOSE_E_MAIL'] .'</span>';
}
elseif($err = validate_email($email))
{
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">'. $err .'</span>';
}
break;
if (empty($email)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $lang['CHOOSE_E_MAIL'] . '</span>';
} elseif ($err = validate_email($email)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $err . '</span>';
}
break;
case 'check_pass':
$pass = (string) $this->request['pass'];
$pass_confirm = (string) $this->request['pass_confirm'];
if (empty($pass) || empty($pass_confirm))
{
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">'. $lang['CHOOSE_PASS'] .'</span>';
}
else
{
if ($pass != $pass_confirm)
{
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">'. $lang['CHOOSE_PASS_ERR'] .'</span>';
}
else
{
if (mb_strlen($pass, 'UTF-8') > 20)
{
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">'. sprintf($lang['CHOOSE_PASS_ERR_MAX'], 20) .'</span>';
}
elseif (mb_strlen($pass, 'UTF-8') < 5)
{
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">'. sprintf($lang['CHOOSE_PASS_ERR_MIN'], 5) .'</span>';
}
else
{
$text = (IS_GUEST) ? $lang['CHOOSE_PASS_REG_OK'] : $lang['CHOOSE_PASS_OK'];
$html = '<img src="./styles/images/good.gif"> <span class="seedmed bold">'. $text .'</span>';
}
}
}
break;
case 'check_pass':
$pass = (string)$this->request['pass'];
$pass_confirm = (string)$this->request['pass_confirm'];
if (empty($pass) || empty($pass_confirm)) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $lang['CHOOSE_PASS'] . '</span>';
} else {
if ($pass != $pass_confirm) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . $lang['CHOOSE_PASS_ERR'] . '</span>';
} else {
if (mb_strlen($pass, 'UTF-8') > 20) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . sprintf($lang['CHOOSE_PASS_ERR_MAX'], 20) . '</span>';
} elseif (mb_strlen($pass, 'UTF-8') < 5) {
$html = '<img src="./styles/images/bad.gif"> <span class="leechmed bold">' . sprintf($lang['CHOOSE_PASS_ERR_MIN'], 5) . '</span>';
} else {
$text = (IS_GUEST) ? $lang['CHOOSE_PASS_REG_OK'] : $lang['CHOOSE_PASS_OK'];
$html = '<img src="./styles/images/good.gif"> <span class="seedmed bold">' . $text . '</span>';
}
}
}
break;
}
$this->response['html'] = $html;
$this->response['mode'] = $mode;
$this->response['mode'] = $mode;

78
library/ajax/view_post.php
View file

@ -1,15 +1,39 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $user, $lang;
$post_id = (int) @$this->request['post_id'];
$topic_id = (int) @$this->request['topic_id'];
$post_id = (int)@$this->request['post_id'];
$topic_id = (int)@$this->request['topic_id'];
if (!$post_id)
{
$post_id = DB()->fetch_row("SELECT topic_first_post_id FROM ". BB_TOPICS ." WHERE topic_id = $topic_id", 'topic_first_post_id');
if (!$post_id) {
$post_id = DB()->fetch_row("SELECT topic_first_post_id FROM " . BB_TOPICS . " WHERE topic_id = $topic_id", 'topic_first_post_id');
}
$sql = "
@ -17,37 +41,31 @@ $sql = "
p.*,
h.post_html, IF(h.post_html IS NULL, pt.post_text, NULL) AS post_text,
f.auth_read
FROM ". BB_POSTS ." p
INNER JOIN ". BB_POSTS_TEXT ." pt ON(pt.post_id = p.post_id)
LEFT JOIN ". BB_POSTS_HTML ." h ON(h.post_id = pt.post_id)
INNER JOIN ". BB_FORUMS ." f ON(f.forum_id = p.forum_id)
FROM " . BB_POSTS . " p
INNER JOIN " . BB_POSTS_TEXT . " pt ON(pt.post_id = p.post_id)
LEFT JOIN " . BB_POSTS_HTML . " h ON(h.post_id = pt.post_id)
INNER JOIN " . BB_FORUMS . " f ON(f.forum_id = p.forum_id)
WHERE
p.post_id = $post_id
LIMIT 1
";
if (!$post_data = DB()->fetch_row($sql))
{
$this->ajax_die($lang['TOPIC_POST_NOT_EXIST']);
if (!$post_data = DB()->fetch_row($sql)) {
$this->ajax_die($lang['TOPIC_POST_NOT_EXIST']);
}
// Auth check
if ($post_data['auth_read'] == AUTH_REG)
{
if (IS_GUEST)
{
$this->ajax_die($lang['NEED_TO_LOGIN_FIRST']);
}
}
elseif ($post_data['auth_read'] != AUTH_ALL)
{
$is_auth = auth(AUTH_READ, $post_data['forum_id'], $user->data, $post_data);
if (!$is_auth['auth_read'])
{
$this->ajax_die($lang['TOPIC_POST_NOT_EXIST']);
}
if ($post_data['auth_read'] == AUTH_REG) {
if (IS_GUEST) {
$this->ajax_die($lang['NEED_TO_LOGIN_FIRST']);
}
} elseif ($post_data['auth_read'] != AUTH_ALL) {
$is_auth = auth(AUTH_READ, $post_data['forum_id'], $user->data, $post_data);
if (!$is_auth['auth_read']) {
$this->ajax_die($lang['TOPIC_POST_NOT_EXIST']);
}
}
$this->response['post_id'] = $post_id;
$this->response['topic_id'] = $topic_id;
$this->response['post_html'] = get_parsed_post($post_data);
$this->response['post_id'] = $post_id;
$this->response['topic_id'] = $topic_id;
$this->response['post_html'] = get_parsed_post($post_data);

278
library/ajax/view_torrent.php
View file

@ -1,186 +1,190 @@
<?php
/**
* MIT License
*
* Copyright (c) 2005-2017 TorrentPier
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
if (!defined('IN_AJAX')) die(basename(__FILE__));
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $lang;
if (!isset($this->request['attach_id']))
{
$this->ajax_die($lang['EMPTY_ATTACH_ID']);
if (!isset($this->request['attach_id'])) {
$this->ajax_die($lang['EMPTY_ATTACH_ID']);
}
$attach_id = (int) $this->request['attach_id'];
$attach_id = (int)$this->request['attach_id'];
global $bnc_error;
$bnc_error = 0;
$torrent = DB()->fetch_row("SELECT at.attach_id, at.physical_filename FROM ". BB_ATTACHMENTS_DESC ." at WHERE at.attach_id = $attach_id LIMIT 1");
if (!$torrent) $this->ajax_die($lang['EMPTY_ATTACH_ID']);
$filename = get_attachments_dir() .'/'. $torrent['physical_filename'];
$torrent = DB()->fetch_row("SELECT at.attach_id, at.physical_filename FROM " . BB_ATTACHMENTS_DESC . " at WHERE at.attach_id = $attach_id LIMIT 1");
if (!$torrent) {
$this->ajax_die($lang['EMPTY_ATTACH_ID']);
}
$filename = get_attachments_dir() . '/' . $torrent['physical_filename'];
if (($file_contents = @file_get_contents($filename)) === false)
{
if (IS_AM)
{
$this->ajax_die($lang['ERROR_NO_ATTACHMENT'] ."\n\n". htmlCHR($filename));
}
else
{
$this->ajax_die($lang['ERROR_NO_ATTACHMENT']);
}
if (($file_contents = @file_get_contents($filename)) === false) {
if (IS_AM) {
$this->ajax_die($lang['ERROR_NO_ATTACHMENT'] . "\n\n" . htmlCHR($filename));
} else {
$this->ajax_die($lang['ERROR_NO_ATTACHMENT']);
}
}
// Построение списка
$tor_filelist = build_tor_filelist($file_contents);
function build_tor_filelist ($file_contents)
function build_tor_filelist($file_contents)
{
global $lang;
global $lang;
if (!$tor = bdecode($file_contents))
{
return $lang['TORFILE_INVALID'];
}
if (!$tor = bdecode($file_contents)) {
return $lang['TORFILE_INVALID'];
}
$torrent = new torrent($tor);
$torrent = new torrent($tor);
return $torrent->get_filelist();
return $torrent->get_filelist();
}
class torrent
{
public $tor_decoded = array();
public $files_ary = array('/' => '');
public $multiple = null;
public $root_dir = '';
public $files_html = '';
public $tor_decoded = array();
public $files_ary = array('/' => '');
public $multiple = null;
public $root_dir = '';
public $files_html = '';
public function __construct ($decoded_file_contents)
{
$this->tor_decoded = $decoded_file_contents;
}
public function __construct($decoded_file_contents)
{
$this->tor_decoded = $decoded_file_contents;
}
public function get_filelist ()
{
$this->build_filelist_array();
public function get_filelist()
{
$this->build_filelist_array();
if ($this->multiple)
{
if ($this->files_ary['/'] !== '')
{
$this->files_ary = array_merge($this->files_ary, $this->files_ary['/']);
unset($this->files_ary['/']);
}
$filelist = $this->build_filelist_html();
return "<div class=\"tor-root-dir\">{$this->root_dir}</div>$filelist";
}
else
{
return join('', $this->files_ary['/']);
}
}
if ($this->multiple) {
if ($this->files_ary['/'] !== '') {
$this->files_ary = array_merge($this->files_ary, $this->files_ary['/']);
unset($this->files_ary['/']);
}
$filelist = $this->build_filelist_html();
return "<div class=\"tor-root-dir\">{$this->root_dir}</div>$filelist";
} else {
return join('', $this->files_ary['/']);
}
}
public function build_filelist_array ()
{
$info = $this->tor_decoded['info'];
public function build_filelist_array()
{
$info = $this->tor_decoded['info'];
if (isset($info['name.utf-8']))
{
$info['name'] =& $info['name.utf-8'];
}
if (isset($info['name.utf-8'])) {
$info['name'] =& $info['name.utf-8'];
}
if (isset($info['files']) && is_array($info['files']))
{
$this->root_dir = isset($info['name']) ? '../'. clean_tor_dirname($info['name']) : '...';
$this->multiple = true;
if (isset($info['files']) && is_array($info['files'])) {
$this->root_dir = isset($info['name']) ? '../' . clean_tor_dirname($info['name']) : '...';
$this->multiple = true;
foreach ($info['files'] as $f)
{
if (isset($f['path.utf-8']))
{
$f['path'] =& $f['path.utf-8'];
}
if (!isset($f['path']) || !is_array($f['path']))
{
continue;
}
array_deep($f['path'], 'clean_tor_dirname');
foreach ($info['files'] as $f) {
if (isset($f['path.utf-8'])) {
$f['path'] =& $f['path.utf-8'];
}
if (!isset($f['path']) || !is_array($f['path'])) {
continue;
}
array_deep($f['path'], 'clean_tor_dirname');
$length = isset($f['length']) ? (float) $f['length'] : 0;
$subdir_count = count($f['path']) - 1;
$length = isset($f['length']) ? (float)$f['length'] : 0;
$subdir_count = count($f['path']) - 1;
if ($subdir_count > 0)
{
$name = array_pop($f['path']);
$cur_files_ary =& $this->files_ary;
if ($subdir_count > 0) {
$name = array_pop($f['path']);
$cur_files_ary =& $this->files_ary;
for ($i=0,$j=1; $i < $subdir_count; $i++,$j++)
{
$subdir = $f['path'][$i];
for ($i = 0, $j = 1; $i < $subdir_count; $i++, $j++) {
$subdir = $f['path'][$i];
if (!isset($cur_files_ary[$subdir]))
{
$cur_files_ary[$subdir] = array();
}
$cur_files_ary =& $cur_files_ary[$subdir];
if (!isset($cur_files_ary[$subdir])) {
$cur_files_ary[$subdir] = array();
}
$cur_files_ary =& $cur_files_ary[$subdir];
if ($j == $subdir_count)
{
if (is_string($cur_files_ary))
{
$GLOBALS['bnc_error'] = 1;
break(1);
}
$cur_files_ary[] = $this->build_file_item($name, $length);
}
}
@natsort($cur_files_ary);
}
else
{
$name = $f['path'][0];
$this->files_ary['/'][] = $this->build_file_item($name, $length);
natsort($this->files_ary['/']);
}
}
}
else
{
$this->multiple = false;
$name = isset($info['name']) ? clean_tor_dirname($info['name']) : '';
$length = isset($info['length']) ? (float) $info['length'] : 0;
if ($j == $subdir_count) {
if (is_string($cur_files_ary)) {
$GLOBALS['bnc_error'] = 1;
break(1);
}
$cur_files_ary[] = $this->build_file_item($name, $length);
}
}
@natsort($cur_files_ary);
} else {
$name = $f['path'][0];
$this->files_ary['/'][] = $this->build_file_item($name, $length);
natsort($this->files_ary['/']);
}
}
} else {
$this->multiple = false;
$name = isset($info['name']) ? clean_tor_dirname($info['name']) : '';
$length = isset($info['length']) ? (float)$info['length'] : 0;
$this->files_ary['/'][] = $this->build_file_item($name, $length);
natsort($this->files_ary['/']);
}
}
$this->files_ary['/'][] = $this->build_file_item($name, $length);
natsort($this->files_ary['/']);
}
}
public function build_file_item ($name, $length)
{
global $bb_cfg, $images, $lang;
public function build_file_item($name, $length)
{
global $bb_cfg, $images, $lang;
$magnet_name = $magnet_ext = '';
$magnet_name = $magnet_ext = '';
if ($bb_cfg['magnet_links_enabled'])
{
$magnet_name = '<a title="'.$lang['DC_MAGNET'].'" href="dchub:magnet:?kt='.$name.'&xl='.$length.'"><img src="'. $images['icon_dc_magnet'] .'" width="10" height="10" border="0" /></a>';
$magnet_ext = '<a title="'.$lang['DC_MAGNET_EXT'].'" href="dchub:magnet:?kt=.'.substr(strrchr($name, '.'), 1).'&xl='.$length.'"><img src="'. $images['icon_dc_magnet_ext'] .'" width="10" height="10" border="0" /></a>';
}
if ($bb_cfg['magnet_links_enabled']) {
$magnet_name = '<a title="' . $lang['DC_MAGNET'] . '" href="dchub:magnet:?kt=' . $name . '&xl=' . $length . '"><img src="' . $images['icon_dc_magnet'] . '" width="10" height="10" border="0" /></a>';
$magnet_ext = '<a title="' . $lang['DC_MAGNET_EXT'] . '" href="dchub:magnet:?kt=.' . substr(strrchr($name, '.'), 1) . '&xl=' . $length . '"><img src="' . $images['icon_dc_magnet_ext'] . '" width="10" height="10" border="0" /></a>';
}
return "$name <i>$length</i> $magnet_name $magnet_ext";
}
return "$name <i>$length</i> $magnet_name $magnet_ext";
}
public function build_filelist_html ()
{
global $html;
return $html->array2html($this->files_ary);
}
public function build_filelist_html()
{
global $html;
return $html->array2html($this->files_ary);
}
}
function clean_tor_dirname ($dirname)
function clean_tor_dirname($dirname)
{
return str_replace(array('[', ']', '<', '>', "'"), array('&#91;', '&#93;', '&lt;', '&gt;', '&#039;'), $dirname);
return str_replace(array('[', ']', '<', '>', "'"), array('&#91;', '&#93;', '&lt;', '&gt;', '&#039;'), $dirname);
}
if ($bnc_error) $tor_filelist = '<b style="color: #993300;">'.$lang['ERROR_BUILD'].'</b><br /><br />'.$tor_filelist;
if ($bnc_error) {
$tor_filelist = '<b style="color: #993300;">' . $lang['ERROR_BUILD'] . '</b><br /><br />' . $tor_filelist;
}
$this->response['html'] = $tor_filelist;