Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Normal
Revision Log

misc.php @ 8

Last change on this file since 8 was 4, checked in by dj3c1t, 13 years ago
passage en v5.1.1
File size: 17.3 KB

Rev	Line
[1]	1	<?php
	2
[3]	3	/**
	4	* Copyright (C) 2008-2011 FluxBB
	5	* based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
	6	* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
	7	*/
[1]	8
	9	if (isset($_GET['action']))
	10	define('PUN_QUIET_VISIT', 1);
	11
[3]	12	define('PUN_ROOT', dirname(__FILE__).'/');
[1]	13	require PUN_ROOT.'include/common.php';
	14
	15
	16	// Load the misc.php language file
	17	require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';
	18
	19	$action = isset($_GET['action']) ? $_GET['action'] : null;
	20
	21
	22	if ($action == 'rules')
	23	{
[3]	24	if ($pun_config['o_rules'] == '0' \|\| ($pun_user['is_guest'] && $pun_user['g_read_board'] == '0' && $pun_config['o_regs_allow'] == '0'))
	25	message($lang_common['Bad request']);
	26
[1]	27	// Load the register.php language file
	28	require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
	29
[3]	30	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_register['Forum rules']);
	31	define('PUN_ACTIVE_PAGE', 'rules');
[1]	32	require PUN_ROOT.'header.php';
	33
	34	?>
[3]	35	<div id="rules" class="block">
	36	<div class="hd"><h2><span><?php echo $lang_register['Forum rules'] ?></span></h2></div>
[1]	37	<div class="box">
[3]	38	<div id="rules-block" class="inbox">
	39	<div class="usercontent"><?php echo $pun_config['o_rules_message'] ?></div>
[1]	40	</div>
	41	</div>
	42	</div>
	43	<?php
	44
	45	require PUN_ROOT.'footer.php';
	46	}
	47
	48
	49	else if ($action == 'markread')
	50	{
	51	if ($pun_user['is_guest'])
	52	message($lang_common['No permission']);
	53
[3]	54	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());
[1]	55
[3]	56	// Reset tracked topics
	57	set_tracked_topics(null);
	58
[1]	59	redirect('index.php', $lang_misc['Mark read redirect']);
	60	}
	61
	62
[3]	63	// Mark the topics/posts in a forum as read?
	64	else if ($action == 'markforumread')
[1]	65	{
	66	if ($pun_user['is_guest'])
	67	message($lang_common['No permission']);
	68
[3]	69	$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
	70	if ($fid < 1)
	71	message($lang_common['Bad request']);
	72
	73	$tracked_topics = get_tracked_topics();
	74	$tracked_topics['forums'][$fid] = time();
	75	set_tracked_topics($tracked_topics);
	76
	77	redirect('viewforum.php?id='.$fid, $lang_misc['Mark forum read redirect']);
	78	}
	79
	80
	81	else if (isset($_GET['email']))
	82	{
	83	if ($pun_user['is_guest'] \|\| $pun_user['g_send_email'] == '0')
	84	message($lang_common['No permission']);
	85
[1]	86	$recipient_id = intval($_GET['email']);
	87	if ($recipient_id < 2)
	88	message($lang_common['Bad request']);
	89
[3]	90	$result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
[1]	91	if (!$db->num_rows($result))
	92	message($lang_common['Bad request']);
	93
	94	list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result);
	95
[3]	96	if ($email_setting == 2 && !$pun_user['is_admmod'])
	97	message($lang_misc['Form email disabled']);
[1]	98
	99
	100	if (isset($_POST['form_sent']))
	101	{
	102	// Clean up message and subject from POST
	103	$subject = pun_trim($_POST['req_subject']);
	104	$message = pun_trim($_POST['req_message']);
	105
	106	if ($subject == '')
[3]	107	message($lang_misc['No email subject']);
[1]	108	else if ($message == '')
[3]	109	message($lang_misc['No email message']);
	110	else if (pun_strlen($message) > PUN_MAX_POSTSIZE)
	111	message($lang_misc['Too long email message']);
[1]	112
[3]	113	if ($pun_user['last_email_sent'] != '' && (time() - $pun_user['last_email_sent']) < $pun_user['g_email_flood'] && (time() - $pun_user['last_email_sent']) >= 0)
	114	message(sprintf($lang_misc['Email flood'], $pun_user['g_email_flood']));
	115
	116	// Load the "form email" template
[1]	117	$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl'));
	118
	119	// The first row contains the subject
	120	$first_crlf = strpos($mail_tpl, "\n");
[3]	121	$mail_subject = pun_trim(substr($mail_tpl, 8, $first_crlf-8));
	122	$mail_message = pun_trim(substr($mail_tpl, $first_crlf));
[1]	123
	124	$mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
	125	$mail_message = str_replace('<sender>', $pun_user['username'], $mail_message);
	126	$mail_message = str_replace('<board_title>', $pun_config['o_board_title'], $mail_message);
	127	$mail_message = str_replace('<mail_message>', $message, $mail_message);
[3]	128	$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
[1]	129
	130	require_once PUN_ROOT.'include/email.php';
	131
[3]	132	pun_mail($recipient_email, $mail_subject, $mail_message, $pun_user['email'], $pun_user['username']);
[1]	133
[3]	134	$db->query('UPDATE '.$db->prefix.'users SET last_email_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
	135
	136	redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['Email sent redirect']);
[1]	137	}
	138
	139
[3]	140	// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the email is sent)
	141	if (!empty($_SERVER['HTTP_REFERER']))
	142	{
	143	$referrer = parse_url($_SERVER['HTTP_REFERER']);
	144	// Remove www subdomain if it exists
	145	if (strpos($referrer['host'], 'www.') === 0)
	146	$referrer['host'] = substr($referrer['host'], 4);
[1]	147
[3]	148	$valid = parse_url(get_base_url());
	149	// Remove www subdomain if it exists
	150	if (strpos($valid['host'], 'www.') === 0)
	151	$valid['host'] = substr($valid['host'], 4);
	152
	153	if ($referrer['host'] == $valid['host'] && preg_match('%^'.preg_quote($valid['path'], '%').'/(.*?)\.php%i', $referrer['path']))
	154	$redirect_url = $_SERVER['HTTP_REFERER'];
	155	}
	156
	157	if (!isset($redirect_url))
	158	$redirect_url = 'profile.php?id='.$recipient_id;
	159
	160	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_misc['Send email to'].' '.pun_htmlspecialchars($recipient));
	161	$required_fields = array('req_subject' => $lang_misc['Email subject'], 'req_message' => $lang_misc['Email message']);
[1]	162	$focus_element = array('email', 'req_subject');
[3]	163	define('PUN_ACTIVE_PAGE', 'index');
[1]	164	require PUN_ROOT.'header.php';
	165
	166	?>
[3]	167	<div id="emailform" class="blockform">
	168	<h2><span><?php echo $lang_misc['Send email to'] ?> <?php echo pun_htmlspecialchars($recipient) ?></span></h2>
[1]	169	<div class="box">
	170	<form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
	171	<div class="inform">
	172	<fieldset>
[3]	173	<legend><?php echo $lang_misc['Write email'] ?></legend>
[1]	174	<div class="infldset txtarea">
	175	<input type="hidden" name="form_sent" value="1" />
[3]	176	<input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" />
	177	<label class="required"><strong><?php echo $lang_misc['Email subject'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
[1]	178	<input class="longinput" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label>
[3]	179	<label class="required"><strong><?php echo $lang_misc['Email message'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
[1]	180	<textarea name="req_message" rows="10" cols="75" tabindex="2"></textarea><br /></label>
[3]	181	<p><?php echo $lang_misc['Email disclosure note'] ?></p>
[1]	182	</div>
	183	</fieldset>
	184	</div>
[3]	185	<p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
[1]	186	</form>
	187	</div>
	188	</div>
	189	<?php
	190
	191	require PUN_ROOT.'footer.php';
	192	}
	193
	194
	195	else if (isset($_GET['report']))
	196	{
	197	if ($pun_user['is_guest'])
	198	message($lang_common['No permission']);
	199
	200	$post_id = intval($_GET['report']);
	201	if ($post_id < 1)
	202	message($lang_common['Bad request']);
	203
	204	if (isset($_POST['form_sent']))
	205	{
	206	// Clean up reason from POST
	207	$reason = pun_linebreaks(pun_trim($_POST['req_reason']));
	208	if ($reason == '')
	209	message($lang_misc['No reason']);
[3]	210	else if (strlen($reason) > 65535) // TEXT field can only hold 65535 bytes
	211	message($lang_misc['Reason too long']);
[1]	212
[3]	213	if ($pun_user['last_report_sent'] != '' && (time() - $pun_user['last_report_sent']) < $pun_user['g_report_flood'] && (time() - $pun_user['last_report_sent']) >= 0)
	214	message(sprintf($lang_misc['Report flood'], $pun_user['g_report_flood']));
	215
[1]	216	// Get the topic ID
	217	$result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
	218	if (!$db->num_rows($result))
	219	message($lang_common['Bad request']);
	220
	221	$topic_id = $db->result($result);
	222
	223	// Get the subject and forum ID
[3]	224	$result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
[1]	225	if (!$db->num_rows($result))
	226	message($lang_common['Bad request']);
	227
	228	list($subject, $forum_id) = $db->fetch_row($result);
	229
	230	// Should we use the internal report handling?
[3]	231	if ($pun_config['o_report_method'] == '0' \|\| $pun_config['o_report_method'] == '2')
[1]	232	$db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error());
	233
[3]	234	// Should we email the report?
	235	if ($pun_config['o_report_method'] == '1' \|\| $pun_config['o_report_method'] == '2')
[1]	236	{
	237	// We send it to the complete mailing-list in one swoop
	238	if ($pun_config['o_mailing_list'] != '')
	239	{
[3]	240	// Load the "new report" template
	241	$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/new_report.tpl'));
[1]	242
[3]	243	// The first row contains the subject
	244	$first_crlf = strpos($mail_tpl, "\n");
	245	$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
	246	$mail_message = trim(substr($mail_tpl, $first_crlf));
	247
	248	$mail_subject = str_replace('<forum_id>', $forum_id, $mail_subject);
	249	$mail_subject = str_replace('<topic_subject>', $subject, $mail_subject);
	250	$mail_message = str_replace('<username>', $pun_user['username'], $mail_message);
	251	$mail_message = str_replace('<post_url>', get_base_url().'/viewtopic.php?pid='.$post_id.'#p'.$post_id, $mail_message);
	252	$mail_message = str_replace('<reason>', $reason, $mail_message);
	253	$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
	254
[1]	255	require PUN_ROOT.'include/email.php';
	256
	257	pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
	258	}
	259	}
	260
[3]	261	$db->query('UPDATE '.$db->prefix.'users SET last_report_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
	262
[1]	263	redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']);
	264	}
	265
[3]	266	// Fetch some info about the post, the topic and the forum
	267	$result = $db->query('SELECT f.id AS fid, f.forum_name, t.id AS tid, t.subject FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
	268	if (!$db->num_rows($result))
	269	message($lang_common['Bad request']);
[1]	270
[3]	271	$cur_post = $db->fetch_assoc($result);
	272
	273	if ($pun_config['o_censoring'] == '1')
	274	$cur_post['subject'] = censor_words($cur_post['subject']);
	275
	276	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_misc['Report post']);
[1]	277	$required_fields = array('req_reason' => $lang_misc['Reason']);
	278	$focus_element = array('report', 'req_reason');
[3]	279	define('PUN_ACTIVE_PAGE', 'index');
[1]	280	require PUN_ROOT.'header.php';
	281
	282	?>
[3]	283	<div class="linkst">
	284	<div class="inbox">
	285	<ul class="crumbs">
	286	<li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li>
	287	<li><span>Â» </span><a href="viewforum.php?id=<?php echo $cur_post['fid'] ?>"><?php echo pun_htmlspecialchars($cur_post['forum_name']) ?></a></li>
	288	<li><span>Â» </span><a href="viewtopic.php?pid=<?php echo $post_id ?>#p<?php echo $post_id ?>"><?php echo pun_htmlspecialchars($cur_post['subject']) ?></a></li>
	289	<li><span>Â» </span><strong><?php echo $lang_misc['Report post'] ?></strong></li>
	290	</ul>
	291	</div>
	292	</div>
	293
	294	<div id="reportform" class="blockform">
[1]	295	<h2><span><?php echo $lang_misc['Report post'] ?></span></h2>
	296	<div class="box">
	297	<form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
	298	<div class="inform">
	299	<fieldset>
	300	<legend><?php echo $lang_misc['Reason desc'] ?></legend>
	301	<div class="infldset txtarea">
	302	<input type="hidden" name="form_sent" value="1" />
[3]	303	<label class="required"><strong><?php echo $lang_misc['Reason'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><textarea name="req_reason" rows="5" cols="60"></textarea><br /></label>
[1]	304	</div>
	305	</fieldset>
	306	</div>
[3]	307	<p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
[1]	308	</form>
	309	</div>
	310	</div>
	311	<?php
	312
	313	require PUN_ROOT.'footer.php';
	314	}
	315
	316
[3]	317	else if ($action == 'subscribe')
[1]	318	{
[3]	319	if ($pun_user['is_guest'])
[1]	320	message($lang_common['No permission']);
	321
[3]	322	$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
	323	$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
	324	if ($topic_id < 1 && $forum_id < 1)
[1]	325	message($lang_common['Bad request']);
	326
[3]	327	if ($topic_id)
	328	{
	329	if ($pun_config['o_topic_subscriptions'] != '1')
	330	message($lang_common['No permission']);
[1]	331
[3]	332	// Make sure the user can view the topic
	333	$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
	334	if (!$db->num_rows($result))
	335	message($lang_common['Bad request']);
[1]	336
[3]	337	$result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
	338	if ($db->num_rows($result))
	339	message($lang_misc['Already subscribed topic']);
	340
	341	$db->query('INSERT INTO '.$db->prefix.'topic_subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
	342
	343	redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']);
	344	}
	345
	346	if ($forum_id)
	347	{
	348	if ($pun_config['o_forum_subscriptions'] != '1')
	349	message($lang_common['No permission']);
	350
	351	// Make sure the user can view the forum
	352	$result = $db->query('SELECT 1 FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$forum_id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
	353	if (!$db->num_rows($result))
	354	message($lang_common['Bad request']);
	355
	356	$result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
	357	if ($db->num_rows($result))
	358	message($lang_misc['Already subscribed forum']);
	359
	360	$db->query('INSERT INTO '.$db->prefix.'forum_subscriptions (user_id, forum_id) VALUES('.$pun_user['id'].' ,'.$forum_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
	361
	362	redirect('viewforum.php?id='.$forum_id, $lang_misc['Subscribe redirect']);
	363	}
[1]	364	}
	365
	366
[3]	367	else if ($action == 'unsubscribe')
[1]	368	{
[3]	369	if ($pun_user['is_guest'])
[1]	370	message($lang_common['No permission']);
	371
[3]	372	$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
	373	$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
	374	if ($topic_id < 1 && $forum_id < 1)
[1]	375	message($lang_common['Bad request']);
	376
[3]	377	if ($topic_id)
	378	{
	379	if ($pun_config['o_topic_subscriptions'] != '1')
	380	message($lang_common['No permission']);
[1]	381
[3]	382	$result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
	383	if (!$db->num_rows($result))
	384	message($lang_misc['Not subscribed topic']);
[1]	385
[3]	386	$db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());
	387
	388	redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']);
	389	}
	390
	391	if ($forum_id)
	392	{
	393	if ($pun_config['o_forum_subscriptions'] != '1')
	394	message($lang_common['No permission']);
	395
	396	$result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
	397	if (!$db->num_rows($result))
	398	message($lang_misc['Not subscribed forum']);
	399
	400	$db->query('DELETE FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());
	401
	402	redirect('viewforum.php?id='.$forum_id, $lang_misc['Unsubscribe redirect']);
	403	}
[1]	404	}
	405
	406
	407	else
	408	message($lang_common['Bad request']);

Note: See TracBrowser for help on using the repository browser.

rsr - v.5

Context Navigation

source: branches/rsr.v5.1.1/web/punbb/misc.php @ 8

Download in other formats: