本文整理汇总了PHP中SEC_setCookie函数的典型用法代码示例。如果您正苦于以下问题:PHP SEC_setCookie函数的具体用法?PHP SEC_setCookie怎么用?PHP SEC_setCookie使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SEC_setCookie函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: SESS_setSessionCookie
SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
PLG_loginUser($_USER['uid']);
// Now that we handled session cookies, handle longterm cookie
if (!isset($_COOKIE[$_CONF['cookie_name']]) || !isset($_COOKIE['cookie_password'])) {
// Either their cookie expired or they are new
$cooktime = COM_getUserCookieTimeout();
if ($VERBOSE) {
COM_errorLog("Trying to set permanent cookie with time of {$cooktime}", 1);
}
if ($cooktime > 0) {
// They want their cookie to persist for some amount of time so set it now
if ($VERBOSE) {
COM_errorLog('Trying to set permanent cookie', 1);
}
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime);
SEC_setCookie($_CONF['cookie_password'], $_USER['passwd'], time() + $cooktime);
}
} else {
$userid = $_COOKIE[$_CONF['cookie_name']];
if (empty($userid) || $userid === 'deleted') {
unset($userid);
} else {
$userid = COM_applyFilter($userid, true);
if ($userid > 1) {
if ($VERBOSE) {
COM_errorLog('NOW trying to set permanent cookie', 1);
COM_errorLog('Got ' . $userid . ' from perm cookie in users.php', 1);
}
// Create new session
$userdata = SESS_getUserDataFromId($userid);
$_USER = $userdata;
示例2: COM_siteHeader
//profile
//profile
case 'p':
require_once $_CONF['path_system'] . 'lib-user.php';
$display = COM_siteHeader('menu', $LANG_CLASSIFIEDS_1['profile']);
$display .= CLASSIFIEDS_user_menu();
function_exists('USER_showProfile') ? $display .= USER_showProfile($_GET['u'], true) : ($display .= CLASSIFIEDS_showProfile($_GET['u'], true));
$display .= COM_siteFooter(1);
break;
//Offert
//Offert
case 'o':
$_REQUEST['mode'] == 'o' ? SEC_setCookie('ads_type', 'o') : 0;
//Demand
//Demand
case 'd':
//Ads list
$_REQUEST['mode'] == 'd' ? SEC_setCookie('ads_type', 'd') : 0;
default:
$display = COM_siteHeader('menu', $LANG_CLASSIFIEDS_1['plugin_name']);
$display .= CLASSIFIEDS_user_menu();
if ($_CLASSIFIEDS_CONF['classifieds_main_header'] != '') {
$display .= '<div>' . PLG_replaceTags($_CLASSIFIEDS_CONF['classifieds_main_header']) . '</div>';
}
$display .= CLASSIFIEDS_displayAds(1);
if ($_CLASSIFIEDS_CONF['clasifieds_main_footer'] != '') {
$display .= '<div>' . PLG_replaceTags($_CLASSIFIEDS_CONF['classifieds_main_footer']) . '</div>';
}
$display .= COM_siteFooter(1);
}
COM_output($display);
示例3: DB_change
$status = '';
}
$display = '';
if ($status == USER_ACCOUNT_ACTIVE) {
DB_change($_TABLES['users'], 'pwrequestid', "NULL", 'uid', $uid);
$_USER = SESS_getUserDataFromId($uid);
$sessid = SESS_newSession($_USER['uid'], $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
PLG_loginUser($_USER['uid']);
// Now that we handled session cookies, handle longterm cookie
if (!isset($_COOKIE[$_CONF['cookie_name']])) {
// Either their cookie expired or they are new
$cooktime = COM_getUserCookieTimeout();
if (!empty($cooktime)) {
// They want their cookie to persist for some amount of time so set it now
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime);
}
}
if (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,syndication.edit', 'OR')) {
COM_redirect($_CONF['site_admin_url'] . '/index.php');
} else {
COM_redirect($_CONF['site_url'] . '/index.php');
}
} elseif (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit', 'OR') && count(PLG_getAdminOptions()) == 0 && !SEC_hasConfigAccess()) {
COM_updateSpeedlimit('login');
$display .= COM_startBlock($LANG20[1]);
if (!$_CONF['user_login_method']['standard']) {
$display .= '<p>' . $LANG_LOGIN[2] . '</p>';
} else {
if (isset($_POST['warn'])) {
$display .= $LANG20[2] . '<br' . XHTML . '><br' . XHTML . '>' . COM_accessLog($LANG20[3] . ' ' . $_POST['loginname']);
示例4: savepreferences
//.........这里部分代码省略.........
}
}
}
$TIDS = @array_values($A['topics']);
$AIDS = @array_values($A['selauthors']);
$BOXES = @array_values($A['blocks']);
$ETIDS = @array_values($A['dgtopics']);
$allowed_etids = USER_buildTopicList();
$AETIDS = explode(' ', $allowed_etids);
$tids = '';
if (sizeof($TIDS) > 0) {
$tids = DB_escapeString(implode(' ', array_intersect($AETIDS, $TIDS)));
}
$aids = '';
if (sizeof($AIDS) > 0) {
foreach ($AIDS as $key => $val) {
$AIDS[$key] = intval($val);
}
$aids = DB_escapeString(implode(' ', $AIDS));
}
$selectedblocks = '';
$selectedBoxes = array();
if (count($BOXES) > 0) {
foreach ($BOXES as $key => $val) {
$BOXES[$key] = intval($val);
}
$boxes = DB_escapeString(implode(',', $BOXES));
$blockresult = DB_query("SELECT bid,name FROM {$_TABLES['blocks']} WHERE bid NOT IN ({$boxes})");
$numRows = DB_numRows($blockresult);
for ($x = 1; $x <= $numRows; $x++) {
$row = DB_fetchArray($blockresult);
if ($row['name'] != 'user_block' and $row['name'] != 'admin_block' and $row['name'] != 'section_block') {
$selectedblocks .= $row['bid'];
if ($x != $numRows) {
$selectedblocks .= ' ';
}
}
}
}
$etids = '';
if (sizeof($ETIDS) > 0) {
$etids = DB_escapeString(implode(' ', array_intersect($AETIDS, $ETIDS)));
}
if (isset($A['tzid'])) {
$A['tzid'] = COM_applyFilter($A['tzid']);
} else {
$A['tzid'] = '';
}
if (isset($A['theme'])) {
$A['theme'] = COM_applyFilter($A['theme']);
}
if (empty($A['theme'])) {
$A['theme'] = $_CONF['theme'];
}
if (isset($A['language'])) {
$A['language'] = COM_applyFilter($A['language']);
}
if (empty($A['language'])) {
$A['language'] = $_CONF['language'];
}
if (isset($A['search_result_format'])) {
$A['search_result_format'] = COM_applyFilter($A['search_result_format']);
} else {
$A['search_result_format'] = 'google';
}
// Save theme, when doing so, put in cookie so we can set the user's theme
// even when they aren't logged in
$theme = DB_escapeString($A['theme']);
$language = DB_escapeString($A['language']);
DB_query("UPDATE {$_TABLES['users']} SET theme='{$theme}',language='{$language}' WHERE uid = {$_USER['uid']}");
SEC_setCookie($_CONF['cookie_theme'], $A['theme'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
SEC_setCookie($_CONF['cookie_language'], $A['language'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
SEC_setCookie($_CONF['cookie_tzid'], $A['tzid'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
$A['dfid'] = (int) COM_applyFilter($A['dfid'], true);
DB_query("UPDATE {$_TABLES['userprefs']} SET search_result_format='" . DB_escapeString($A['search_result_format']) . "',noicons=" . (int) $A['noicons'] . ", willing=" . (int) $A['willing'] . ", dfid=" . (int) $A['dfid'] . ", tzid='" . DB_escapeString($A['tzid']) . "', emailfromadmin='" . DB_escapeString($A['emailfromadmin']) . "', emailfromuser=" . (int) $A['emailfromuser'] . ", showonline=" . (int) $A['showonline'] . " WHERE uid=" . (int) $_USER['uid']);
if (empty($etids)) {
$etids = '-';
}
DB_save($_TABLES['userindex'], "uid,tids,aids,boxes,noboxes,maxstories,etids", "{$_USER['uid']},'{$tids}','{$aids}','{$selectedblocks}'," . (int) $A['noboxes'] . "," . (int) $A['maxstories'] . ",'{$etids}'");
$A['commentmode'] = COM_applyFilter($A['commentmode']);
if (empty($A['commentmode'])) {
$A['commentmode'] = $_CONF['comment_mode'];
}
$A['commentmode'] = DB_escapeString($A['commentmode']);
$A['commentorder'] = COM_applyFilter($A['commentorder']);
$A['commentorder'] = strtoupper($A['commentorder']) == 'DESC' ? 'DESC' : 'ASC';
$A['commentorder'] = DB_escapeString($A['commentorder']);
$A['commentlimit'] = COM_applyFilter($A['commentlimit'], true);
if ($A['commentlimit'] <= 0) {
$A['commentlimit'] = $_CONF['comment_limit'];
}
DB_save($_TABLES['usercomment'], 'uid,commentmode,commentorder,commentlimit', "{$_USER['uid']},'{$A['commentmode']}','{$A['commentorder']}'," . (int) $A['commentlimit']);
$subscription_deletes = @array_values($A['subdelete']);
if (is_array($subscription_deletes)) {
foreach ($subscription_deletes as $subid) {
DB_delete($_TABLES['subscriptions'], 'sub_id', (int) $subid);
}
}
PLG_userInfoChanged($_USER['uid']);
}
示例5: saveuser
//.........这里部分代码省略.........
DB_change($_TABLES['users'], 'username', $A['new_username'], "uid", $_USER['uid']);
} else {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=51');
}
}
}
// a quick spam check with the unfiltered field contents
$profile = '<h1>' . $LANG04[1] . ' ' . $_USER['username'] . '</h1>' . '<p>' . COM_createLink($A['homepage'], $A['homepage']) . '<br' . XHTML . '>' . $A['location'] . '<br' . XHTML . '>' . $A['sig'] . '<br' . XHTML . '>' . $A['about'] . '<br' . XHTML . '>' . $A['pgpkey'] . '</p>';
$result = PLG_checkforSpam($profile, $_CONF['spamx']);
if ($result > 0) {
COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
}
$A['email'] = COM_applyFilter($A['email']);
$A['email_conf'] = COM_applyFilter($A['email_conf']);
$A['homepage'] = COM_applyFilter($A['homepage']);
// basic filtering only
$A['fullname'] = strip_tags(COM_stripslashes($A['fullname']));
$A['location'] = strip_tags(COM_stripslashes($A['location']));
$A['sig'] = strip_tags(COM_stripslashes($A['sig']));
$A['about'] = strip_tags(COM_stripslashes($A['about']));
$A['pgpkey'] = strip_tags(COM_stripslashes($A['pgpkey']));
if (!COM_isEmail($A['email'])) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=52');
} else {
if ($A['email'] !== $A['email_conf']) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=78');
} else {
if (emailAddressExists($A['email'], $_USER['uid'])) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=56');
} else {
if (!empty($A['passwd'])) {
if ($A['passwd'] == $A['passwd_conf'] && SEC_encryptPassword($A['old_passwd']) == $current_password) {
$passwd = SEC_encryptPassword($A['passwd']);
DB_change($_TABLES['users'], 'passwd', "{$passwd}", "uid", $_USER['uid']);
if ($A['cooktime'] > 0) {
$cooktime = $A['cooktime'];
} else {
$cooktime = -1000;
}
SEC_setCookie($_CONF['cookie_password'], $passwd, time() + $cooktime);
} elseif (SEC_encryptPassword($A['old_passwd']) != $current_password) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=68');
} elseif ($A['passwd'] != $A['passwd_conf']) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=67');
}
}
if ($_US_VERBOSE) {
COM_errorLog('cooktime = ' . $A['cooktime'], 1);
}
if ($A['cooktime'] <= 0) {
$cooktime = 1000;
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() - $cooktime);
} else {
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $A['cooktime']);
}
if ($_CONF['allow_user_photo'] == 1) {
$delete_photo = '';
if (isset($A['delete_photo'])) {
$delete_photo = $A['delete_photo'];
}
$filename = handlePhotoUpload($delete_photo);
}
if (!empty($A['homepage'])) {
$pos = MBYTE_strpos($A['homepage'], ':');
if ($pos === false) {
$A['homepage'] = 'http://' . $A['homepage'];
} else {
$prot = substr($A['homepage'], 0, $pos + 1);
if ($prot != 'http:' && $prot != 'https:') {
$A['homepage'] = 'http:' . substr($A['homepage'], $pos + 1);
}
}
$A['homepage'] = addslashes($A['homepage']);
}
$A['fullname'] = addslashes($A['fullname']);
$A['email'] = addslashes($A['email']);
$A['location'] = addslashes($A['location']);
$A['sig'] = addslashes($A['sig']);
$A['about'] = addslashes($A['about']);
$A['pgpkey'] = addslashes($A['pgpkey']);
if (!empty($filename)) {
if (!file_exists($_CONF['path_images'] . 'userphotos/' . $filename)) {
$filename = '';
}
}
DB_query("UPDATE {$_TABLES['users']} SET fullname='{$A['fullname']}',email='{$A['email']}',homepage='{$A['homepage']}',sig='{$A['sig']}',cookietimeout={$A['cooktime']},photo='{$filename}' WHERE uid={$_USER['uid']}");
DB_query("UPDATE {$_TABLES['userinfo']} SET pgpkey='{$A['pgpkey']}',about='{$A['about']}',location='{$A['location']}' WHERE uid={$_USER['uid']}");
// Call custom registration save function if enabled and exists
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) {
CUSTOM_userSave($_USER['uid']);
}
PLG_userInfoChanged($_USER['uid']);
if ($_US_VERBOSE) {
COM_errorLog('**** Leaving saveuser in usersettings.php ****', 1);
}
return COM_refresh($_CONF['site_url'] . '/users.php?mode=profile&uid=' . $_USER['uid'] . '&msg=5');
}
}
}
}
示例6: SESS_endUserSession
<?php
/* Reminder: always indent with 4 spaces (no tabs). */
//admin/plugins/databox/job/makecache.php
//権限チェックはしていません
//当プログラムを置くディレクトリは、BASIC認証を付加することを推奨します
//デバック用 true にすると、ログを出力します
$_CACHE_VERBOSE = false;
//↓ディレクトリ位置が変わる場合は修正してください
include '../../../../lib-common.php';
//静的ページキャッシュファイル作成
require_once $_CONF['path'] . 'plugins/databox/fnc_databoxcache.inc';
//強制的にログアウトする
if (!empty($_USER['uid']) and $_USER['uid'] > 1) {
SESS_endUserSession($_USER['uid']);
PLG_logoutUser($_USER['uid']);
}
SEC_setCookie($_CONF['cookie_session'], '', time() - 10000);
SEC_setCookie($_CONF['cookie_password'], '', time() - 10000);
SEC_setCookie($_CONF['cookie_name'], '', time() - 10000);
//★fnc_putcache("data" ,"データのcode" ,"テンプレートディレクトリ");
// データ(ヘッダフッタなし)
//★fnc_putcache("category" ,"カテゴリのcode" ,"テンプレートディレクトリ");
// カテゴリ(ヘッダフッタなし)
//★fnc_putcache("datapage" ,"データのcode" ,"テンプレートディレクトリ");
// データページ(ヘッダフッタは、設定による)
//★fnc_putcache("categorypage" ,"カテゴリのcode" ,"テンプレートディレクトリ");
// カテゴリページ(ヘッダフッタは、設定による)
fnc_databoxcache("category", "xxxx1");
//ホームに遷移
echo COM_refresh($_CONF['site_url'] . '/index.php');
示例7: SESS_setSessionCookie
SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
PLG_loginUser($_USER['uid']);
// Now that we handled session cookies, handle longterm cookie
if (!isset($_COOKIE[$_CONF['cookie_name']]) || !isset($_COOKIE['password'])) {
// Either their cookie expired or they are new
$cooktime = COM_getUserCookieTimeout();
if ($VERBOSE) {
COM_errorLog("Trying to set permanent cookie with time of {$cooktime}", 1);
}
if ($cooktime > 0) {
// They want their cookie to persist for some amount of time so set it now
if ($VERBOSE) {
COM_errorLog('Trying to set permanent cookie', 1);
}
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime);
SEC_setCookie($_CONF['cookie_password'], SEC_encryptPassword($passwd), time() + $cooktime);
}
} else {
$userid = $_COOKIE[$_CONF['cookie_name']];
if (empty($userid) || $userid == 'deleted') {
unset($userid);
} else {
$userid = COM_applyFilter($userid, true);
if ($userid > 1) {
if ($VERBOSE) {
COM_errorLog('NOW trying to set permanent cookie', 1);
COM_errorLog('Got ' . $userid . ' from perm cookie in users.php', 1);
}
// Create new session
$userdata = SESS_getUserDataFromId($userid);
$_USER = $userdata;
示例8: sreq_userinfo_response
public function sreq_userinfo_response($query)
{
$userinfo = array();
// COM_errorLog("BASE:sreq_userinfo_response()------------------");
try {
$this->token = $_COOKIE['request_token'];
$this->token_secret = $_COOKIE['request_token_secret'];
$verifier = $query[$this->callback_query_string];
// clear cookies
SEC_setCookie($_COOKIE['request_token'], '', time() - 10000);
SEC_setCookie($_COOKIE['request_token_secret'], '', time() - 10000);
$this->consumer = new HTTP_OAuth_Consumer($this->consumer_key, $this->consumer_secret, $this->token, $this->token_secret);
$this->consumer->accept($this->request);
$this->consumer->getAccessToken($this->url_accessToken, $verifier, array(), $this->method_accessToken);
$this->token = $this->consumer->getToken();
$this->token_secret = $this->consumer->getTokenSecret();
$this->consumer->setToken($this->token);
$this->consumer->setTokenSecret($this->token_secret);
$response = $this->consumer->sendRequest($this->url_userinfo, array(), $this->method_userinfo);
if ($response->getStatus() !== 200) {
$this->errormsg = $response->getStatus() . ' : ' . $response->getBody();
} else {
$userinfo = simplexml_load_string($response->getBody());
}
} catch (HTTP_OAuth_Consumer_Exception_Invalid_Response $e) {
$this->errormsg = get_class($e) . ': ' . $e->getBody();
} catch (Exception $e) {
$this->errormsg = get_class($e) . ': ' . $e->getMessage();
}
return $userinfo;
}
示例9: urldecode
$getdata = urldecode($_POST['token_getdata']);
}
$filedata = '';
if (isset($_POST['token_filedata'])) {
$filedata = urldecode($_POST['token_filedata']);
}
$display = COM_siteHeader('menu');
$display .= SEC_reauthform($destination, $LANG20[9], $method, $postdata, $getdata, $filedata);
$display .= COM_siteFooter();
echo $display;
exit;
}
COM_resetSpeedlimit('login', $_SERVER['REMOTE_ADDR']);
if ($_SYSTEM['admin_session'] != 0) {
$token = SEC_createTokenGeneral('administration', $_SYSTEM['admin_session']);
SEC_setCookie('token', $token, 0, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true);
}
if ($currentUID != $_USER['uid']) {
// remove tokens for previous user
if ($currentUID > 1) {
DB_delete($_TABLES['tokens'], 'owner_id', (int) $currentUID);
}
echo COM_refresh($destination);
exit;
}
$method = '';
if (isset($_POST['token_requestmethod'])) {
$method = COM_applyFilter($_POST['token_requestmethod']);
}
$postdata = '';
if (isset($_POST['token_postdata'])) {
示例10: STORY_edit
//.........这里部分代码省略.........
$story_templates->set_var('cmt_close_minute_options', $minute_options);
$story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
$featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
$featured_options_data = COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured'));
$story_templates->set_var('featured_options_data', $featured_options_data);
} else {
$featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"/>";
$story_templates->unset_var('featured_options_data');
}
$story_templates->set_var('featured_options', $featured_options);
$story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
$story_templates->set_var('story_introtext', $story->EditElements('introtext'));
$story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
$story_templates->set_var('lang_introtext', $LANG24[16]);
$story_templates->set_var('lang_bodytext', $LANG24[17]);
$story_templates->set_var('lang_postmode', $LANG24[4]);
$story_templates->set_var('lang_publishoptions', $LANG24[76]);
$story_templates->set_var('lang_publishdate', $LANG24[69]);
$story_templates->set_var('lang_nojavascript', $LANG24[77]);
$story_templates->set_var('postmode', $story->EditElements('postmode'));
if ($story->EditElements('postmode') == 'plaintext' || $story->EditElements('postmode') == 'text') {
$allowedHTML = '';
} else {
$allowedHTML = COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>';
}
$allowedHTML .= COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story');
$story_templates->set_var('lang_allowed_html', $allowedHTML);
$fileinputs = '';
$saved_images = '';
if ($_CONF['maximagesperarticle'] > 0) {
$story_templates->set_var('lang_images', $LANG24[47]);
$icount = DB_count($_TABLES['article_images'], 'ai_sid', DB_escapeString($story->getSid()));
if ($icount > 0) {
$result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . DB_escapeString($story->getSid()) . "'");
for ($z = 1; $z <= $icount; $z++) {
$I = DB_fetchArray($result_articles);
$saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . ' ' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']" /><br />';
}
}
$newallowed = $_CONF['maximagesperarticle'] - $icount;
for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
$fileinputs .= $z . ') <input type="file" dir="ltr" name="file[]' . '" />';
if ($z < $_CONF['maximagesperarticle']) {
$fileinputs .= '<br />';
}
}
$fileinputs .= '<br />' . $LANG24[51];
if ($_CONF['allow_user_scaling'] == 1) {
$fileinputs .= $LANG24[27];
}
$fileinputs .= $LANG24[28] . '<br />';
}
$story_templates->set_var('saved_images', $saved_images);
$story_templates->set_var('image_form_elements', $fileinputs);
$story_templates->set_var('lang_hits', $LANG24[18]);
$story_templates->set_var('story_hits', $story->EditElements('hits'));
$story_templates->set_var('lang_comments', $LANG24[19]);
$story_templates->set_var('story_comments', $story->EditElements('comments'));
$story_templates->set_var('lang_trackbacks', $LANG24[29]);
$story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
$story_templates->set_var('lang_emails', $LANG24[39]);
$story_templates->set_var('story_emails', $story->EditElements('numemails'));
if ($_CONF['rating_enabled']) {
$rating = @number_format($story->EditElements('rating'), 2);
$votes = $story->EditElements('votes');
$story_templates->set_var('rating', $rating);
$story_templates->set_var('votes', $votes);
}
$story_templates->set_var('attribution_url', $story->EditElements('attribution_url'));
$story_templates->set_var('attribution_name', $story->EditElements('attribution_name'));
$story_templates->set_var('attribution_author', $story->EditElements('attribution_author'));
$story_templates->set_var('lang_attribution_url', $LANG24[105]);
$story_templates->set_var('lang_attribution_name', $LANG24[106]);
$story_templates->set_var('lang_attribution_author', $LANG24[107]);
$story_templates->set_var('lang_attribution', $LANG24[108]);
$sec_token_name = CSRF_TOKEN;
$sec_token = SEC_createToken();
$story_templates->set_var('story_id', $story->getSid());
$story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
$story_templates->set_var('lang_sid', $LANG24[12]);
$story_templates->set_var('lang_save', $saveoption);
$story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
$story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
$story_templates->set_var('lang_timeout', $LANG_ADMIN['timeout_msg']);
$story_templates->set_var('gltoken_name', CSRF_TOKEN);
$story_templates->set_var('gltoken', $sec_token);
$story_templates->set_var('security_token', $sec_token);
$story_templates->set_var('security_token_name', $sec_token_name);
$story_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
PLG_templateSetVars('storyeditor', $story_templates);
if ($story->EditElements('postmode') != 'html') {
$story_templates->unset_var('wysiwyg');
}
SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
$story_templates->parse('output', 'editor');
$display .= $story_templates->finish($story_templates->get_var('output'));
return $display;
}
示例11: USER_mergeAccounts
/**
* Merge User Accounts
*
* This validates the entered password and then merges a remote
* account with a local account.
*
* @return string HTML merge form if error, redirect on success
*
*/
function USER_mergeAccounts()
{
global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG04, $LANG12, $LANG20;
$retval = '';
$remoteUID = COM_applyFilter($_POST['remoteuid'], true);
$localUID = COM_applyFilter($_POST['localuid'], true);
$localpwd = $_POST['localp'];
$localResult = DB_query("SELECT * FROM {$_TABLES['users']} WHERE uid=" . (int) $localUID);
$localRow = DB_fetchArray($localResult);
if (SEC_check_hash($localpwd, $localRow['passwd'])) {
// password is valid
$sql = "SELECT * FROM {$_TABLES['users']} WHERE remoteusername <> '' and email='" . DB_escapeString($localRow['email']) . "'";
$result = DB_query($sql);
$numRows = DB_numRows($result);
if ($numRows == 1) {
$remoteRow = DB_fetchArray($result);
if ($remoteUID == $remoteRow['uid']) {
$remoteUID = (int) $remoteRow['uid'];
$remoteService = substr($remoteRow['remoteservice'], 6);
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$sql = "UPDATE {$_TABLES['users']} SET remoteusername='" . DB_escapeString($remoteRow['remoteusername']) . "'," . "remoteservice='" . DB_escapeString($remoteRow['remoteservice']) . "', " . "account_type=3 " . " WHERE uid=" . (int) $localUID;
DB_query($sql);
$_USER['uid'] = $localRow['uid'];
$local_login = true;
SESS_completeLogin($localUID);
$_GROUPS = SEC_getUserGroups($_USER['uid']);
$_RIGHTS = explode(',', SEC_getUserPermissions());
if ($_SYSTEM['admin_session'] > 0 && $local_login) {
if (SEC_isModerator() || SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit', 'OR') || count(PLG_getAdminOptions()) > 0) {
$admin_token = SEC_createTokenGeneral('administration', $_SYSTEM['admin_session']);
SEC_setCookie('token', $admin_token, 0, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true);
}
}
COM_resetSpeedlimit('login');
// log the user out
SESS_endUserSession($remoteUID);
// Let plugins know a user is being merged
PLG_moveUser($remoteUID, $_USER['uid']);
// Ok, now delete everything related to this user
// let plugins update their data for this user
PLG_deleteUser($remoteUID);
if (function_exists('CUSTOM_userDeleteHook')) {
CUSTOM_userDeleteHook($remoteUID);
}
// Call custom account profile delete function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDelete')) {
CUSTOM_userDelete($remoteUID);
}
// remove from all security groups
DB_delete($_TABLES['group_assignments'], 'ug_uid', $remoteUID);
// remove user information and preferences
DB_delete($_TABLES['userprefs'], 'uid', $remoteUID);
DB_delete($_TABLES['userindex'], 'uid', $remoteUID);
DB_delete($_TABLES['usercomment'], 'uid', $remoteUID);
DB_delete($_TABLES['userinfo'], 'uid', $remoteUID);
// delete user photo, if enabled & exists
if ($_CONF['allow_user_photo'] == 1) {
$photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$remoteUID}");
USER_deletePhoto($photo, false);
}
// delete subscriptions
DB_delete($_TABLES['subscriptions'], 'uid', $remoteUID);
// in case the user owned any objects that require Admin access, assign
// them to the Root user with the lowest uid
$rootgroup = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'");
$result = DB_query("SELECT DISTINCT ug_uid FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id = '{$rootgroup}' ORDER BY ug_uid LIMIT 1");
$A = DB_fetchArray($result);
$rootuser = $A['ug_uid'];
if ($rootuser == '' || $rootuser < 2) {
$rootuser = 2;
}
DB_query("UPDATE {$_TABLES['blocks']} SET owner_id = {$rootuser} WHERE owner_id = {$remoteUID}");
DB_query("UPDATE {$_TABLES['topics']} SET owner_id = {$rootuser} WHERE owner_id = {$remoteUID}");
// now delete the user itself
DB_delete($_TABLES['users'], 'uid', $remoteUID);
} else {
// invalid password - let's try one more time
// need to set speed limit and give them 3 tries
COM_clearSpeedlimit($_CONF['login_speedlimit'], 'merge');
$last = COM_checkSpeedlimit('merge', 4);
if ($last > 0) {
COM_setMsg($LANG04[190], 'error');
echo COM_refresh($_CONF['site_url'] . '/users.php');
} else {
COM_updateSpeedlimit('merge');
USER_mergeAccountScreen($remoteUID, $localUID, $LANG20[3]);
//.........这里部分代码省略.........
示例12: BLOCK_save
/**
* Saves a block
*
* @param string $bid Block ID
* @param string $name Block name
* @param string $title Block title
* @param string $type Type of block
* @param int $blockorder Order block appears relative to the others
* @param string $content Content of block
* @param string $tid Topic block should appear in
* @param string $rdfurl URL to headline feed for portal blocks
* @param string $rdfupdated Date RSS/RDF feed was last updated
* @param string $rdflimit max. number of entries to import from feed
* @param string $phpblockfn Name of php function to call to get content
* @param int $onleft Flag indicates if block shows up on left or right
* @param int $owner_id ID of owner
* @param int $group_id ID of group block belongs to
* @param array $perm_owner Permissions the owner has on the object
* @param array $perm_group Permissions the group has on the object
* @param array $perm_members Permissions the logged in members have
* @param array $perm_anon Permissinos anonymous users have
* @param int $is_enabled Flag, indicates if block is enabled or not
* @param int $allow_autotags Flag, indicates if autotags are enabed or not
* @return string HTML redirect or error message
*
*/
function BLOCK_save($bid, $name, $title, $help, $type, $blockorder, $content, $tid, $rdfurl, $rdfupdated, $rdflimit, $phpblockfn, $onleft, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $is_enabled, $allow_autotags)
{
global $_CONF, $_TABLES, $LANG01, $LANG21, $MESSAGE;
$retval = '';
$B['bid'] = (int) $bid;
$B['name'] = $name;
$B['title'] = $title;
$B['type'] = $type;
$B['blockorder'] = $blockorder;
$B['content'] = $content;
$B['tid'] = $tid;
$B['rdfurl'] = $rdfurl;
$B['rdfupdated'] = $rdfupdated;
$B['rdflimit'] = $rdflimit;
$B['phpblockfn'] = $phpblockfn;
$B['onleft'] = $onleft;
$B['owner_id'] = $owner_id;
$B['group_id'] = $group_id;
$B['perm_owner'] = $perm_owner;
$B['perm_group'] = $perm_group;
$B['perm_members'] = $perm_members;
$B['perm_anon'] = $perm_anon;
$B['is_enabled'] = $is_enabled;
$B['allow_autotags'] = $allow_autotags;
$bid = (int) $bid;
$MenuElementAllowedHTML = "i[class|style],div[class|style],span[class|style],img[src|class|style],em,strong,del,ins,q,abbr,dfn,small";
$filter = sanitizer::getInstance();
$allowedElements = $filter->makeAllowedElements($MenuElementAllowedHTML);
$filter->setAllowedElements($allowedElements);
$filter->setPostmode('html');
$title = $filter->filterHTML($title);
$title = DB_escapeString($title);
$phpblockfn = DB_escapeString(trim($phpblockfn));
if (empty($title) || !BLOCK_validateName($name)) {
if (empty($title)) {
$msg = $LANG21[64];
} else {
$msg = $LANG21[70];
}
SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
$retval .= COM_siteHeader('menu', $LANG21[63]) . COM_showMessageText($msg, $LANG21[63], true) . BLOCK_edit($bid, $B) . COM_siteFooter();
return $retval;
}
// Convert array values to numeric permission values
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
$access = 0;
if ($bid > 0 && DB_count($_TABLES['blocks'], 'bid', $bid) > 0) {
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['blocks']} WHERE bid = '{$bid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
} else {
$access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
}
if ($access < 3 || !BLOCK_hasTopicAccess($tid) || !SEC_inGroup($group_id)) {
$retval .= COM_siteHeader('menu', $MESSAGE[30]);
$retval .= COM_showMessageText($MESSAGE[33], $MESSAGE[30], true);
$retval .= COM_siteFooter();
COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}.");
return $retval;
} elseif ($type == 'normal' && !empty($title) && !empty($content) or $type == 'portal' && !empty($title) && !empty($rdfurl) or $type == 'gldefault' && strlen($blockorder) > 0 or $type == 'phpblock' && !empty($phpblockfn) && !empty($title)) {
if ($is_enabled == 'on') {
$is_enabled = 1;
} else {
$is_enabled = 0;
}
if ($allow_autotags == 1) {
$allow_autotags = 1;
} else {
$allow_autotags = 0;
}
if ($type == 'portal') {
$content = '';
$rdfupdated = '';
$phpblockfn = '';
//.........这里部分代码省略.........
示例13: DB_escapeString
die;
}
if (!isset($_COOKIE['token'])) {
die;
}
$sql = "SELECT * FROM {$_TABLES['tokens']} WHERE token='" . DB_escapeString($token) . "'";
$result = DB_query($sql);
if (DB_numRows($result) != 1) {
die;
}
$advtoken = COM_applyFilter($_COOKIE[$_CONF['cookie_name'] . 'adveditor']);
$sql = "SELECT * FROM {$_TABLES['tokens']} WHERE token='" . DB_escapeString($advtoken) . "'";
$result = DB_query($sql);
if (DB_numRows($result) != 1) {
die;
}
$admtoken = COM_applyFilter($_COOKIE['token']);
$sql = "SELECT * FROM {$_TABLES['tokens']} WHERE token='" . DB_escapeString($admtoken) . "'";
$result = DB_query($sql);
if (DB_numRows($result) != 1) {
die;
}
// refresh tokens
$sql = "UPDATE {$_TABLES['tokens']} SET created=NOW() WHERE token='" . DB_escapeString($token) . "'";
DB_query($sql);
$sql = "UPDATE {$_TABLES['tokens']} SET created=NOW() WHERE token='" . DB_escapeString($advtoken) . "'";
DB_query($sql);
SEC_setCookie($_CONF['cookie_name'] . 'adveditor', $advtoken, time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
$sql = "UPDATE {$_TABLES['tokens']} SET created=NOW() WHERE token='" . DB_escapeString($admtoken) . "'";
DB_query($sql);
exit;
示例14: saveuser
//.........这里部分代码省略.........
$profile .= $A['location'] . '<br' . XHTML . '>' . $A['sig'] . '<br' . XHTML . '>' . $A['about'] . '<br' . XHTML . '>' . $A['pgpkey'] . '</p>';
$result = PLG_checkforSpam($profile, $_CONF['spamx']);
if ($result > 0) {
COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
}
$A['email'] = COM_applyFilter($A['email']);
$A['email_conf'] = COM_applyFilter($A['email_conf']);
$A['homepage'] = COM_applyFilter($A['homepage']);
// basic filtering only
$A['fullname'] = strip_tags(COM_stripslashes($A['fullname']));
$A['location'] = strip_tags(COM_stripslashes($A['location']));
$A['sig'] = strip_tags(COM_stripslashes($A['sig']));
$A['about'] = strip_tags(COM_stripslashes($A['about']));
$A['pgpkey'] = strip_tags(COM_stripslashes($A['pgpkey']));
if (!COM_isEmail($A['email'])) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=52');
} else {
if ($A['email'] !== $A['email_conf']) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=78');
} else {
if (emailAddressExists($A['email'], $_USER['uid'])) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=56');
} else {
$passwd = '';
if ($service == '') {
if (!empty($A['passwd'])) {
if ($A['passwd'] == $A['passwd_conf'] && SEC_encryptUserPassword($A['old_passwd'], $_USER['uid']) == 0) {
SEC_updateUserPassword($A['passwd'], $_USER['uid']);
if ($A['cooktime'] > 0) {
$cooktime = $A['cooktime'];
} else {
$cooktime = -1000;
}
SEC_setCookie($_CONF['cookie_password'], $passwd, time() + $cooktime);
} elseif (SEC_encryptUserPassword($A['old_passwd'], $_USER['uid']) < 0) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=68');
} elseif ($A['passwd'] != $A['passwd_conf']) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=67');
}
}
} else {
// Cookie
if ($A['cooktime'] > 0) {
$cooktime = $A['cooktime'];
} else {
$cooktime = -1000;
}
SEC_setCookie($_CONF['cookie_password'], $passwd, time() + $cooktime);
}
if ($_US_VERBOSE) {
COM_errorLog('cooktime = ' . $A['cooktime'], 1);
}
if ($A['cooktime'] <= 0) {
$cooktime = 1000;
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() - $cooktime);
} else {
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $A['cooktime']);
}
if ($_CONF['allow_user_photo'] == 1) {
$delete_photo = '';
if (isset($A['delete_photo'])) {
$delete_photo = $A['delete_photo'];
}
$filename = handlePhotoUpload($delete_photo);
}
if (!empty($A['homepage'])) {
示例15: FF_postEditor
//.........这里部分代码省略.........
} else {
$notify_val = '';
}
$notify_prompt = $LANG_GF02['msg38'] . '<br/><input type="checkbox" name="notify" ' . $notify_val . '/>';
$locked_prompt = '';
} else {
$notify_prompt = '';
$locked_prompt = '';
}
}
if ($postData['postmode'] == 'html' || $postData['postmode'] == 'HTML') {
$postmode_msg = $LANG_GF01['TEXTMODE'];
$postData['postmode'] = 'html';
} else {
$peTemplate->unset_var('show_htmleditor');
$postmode_msg = $LANG_GF01['HTMLMODE'];
}
if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
if ($action == 'edittopic') {
$mode_prompt = $postmode_msg . '<br/><input type="checkbox" name="postmode_switch" value="1"/><input type="hidden" name="postmode" value="' . $postData['postmode'] . '"/>';
}
}
if ($action == 'edittopic') {
$peTemplate->set_var('bbcodeeditor', true);
}
$postData['subject'] = str_replace('"', '"', $postData['subject']);
if (!$_FF_CONF['allow_smilies']) {
$smilies = '';
} else {
$smilies = forumPLG_showsmilies(0);
}
$disable_bbcode_prompt = $LANG_GF01['disable_bbcode'] . ' <input type="checkbox" name="disable_bbcode" value="1" ' . $disable_bbcode_val . '/>';
if ($_FF_CONF['allow_smilies']) {
$disable_smilies_prompt = $LANG_GF01['disable_smilies'] . ' <input type="checkbox" name="disable_smilies" value="1"' . $disable_smilies_val . ' />';
} else {
$disable_smilies_prompt = '';
}
$disable_urlparse_prompt = $LANG_GF01['disable_urlparse'] . ' <input type="checkbox" name="disable_urlparse" value="1"' . $disable_urlparse_val . ' />';
$peTemplate->set_var('comment', @htmlspecialchars($postData['comment'], ENT_QUOTES, COM_getEncodingt()));
$peTemplate->set_var(array('edit_val' => $edit_val, 'sticky_val' => $sticky_val, 'postmode_msg' => $postmode_msg, 'notify_val' => $notify_val, 'disable_bbcode_val' => $disable_bbcode_val, 'disable_smilies_val' => $disable_smilies_val, 'disable_urlparse_val' => $disable_urlparse_val, 'bbcode_prompt' => $disable_bbcode_prompt, 'smilies_prompt' => $disable_smilies_prompt, 'urlparse_prompt' => $disable_urlparse_prompt, 'LANG_SUBJECT' => $LANG_GF01['SUBJECT'], 'LANG_OPTIONS' => $LANG_GF01['OPTIONS'], 'mode_prompt' => isset($mode_prompt) ? $mode_prompt : '', 'notify_prompt' => $notify_prompt, 'locked_prompt' => $locked_prompt, 'sticky_prompt' => isset($sticky_prompt) ? $sticky_prompt : '', 'edit_prompt' => $edit_prompt, 'LANG_SUBMIT' => $LANG_GF01['SUBMIT'], 'LANG_PREVIEW' => $LANG_GF01['PREVIEW'], 'subject' => $postData['subject'], 'smilies' => $smilies, 'LANG_attachments' => $LANG_GF10['attachments'], 'LANG_maxattachments' => sprintf($LANG_GF10['maxattachments'], $_FF_CONF['maxattachments']), 'postmode' => $postData['postmode']));
// Check and see if the filemgmt plugin is installed and enabled
if (function_exists('filemgmt_buildAccessSql') && $_FF_CONF['enable_fm_integration'] == 1) {
$peTemplate->set_var('filemgmt_category_options', gf_makeFilemgmtCatSelect($uid));
$peTemplate->set_var('LANG_usefilemgmt', $LANG_GF10['usefilemgmt']);
$peTemplate->set_var('LANG_description', $LANG_GF10['description']);
$peTemplate->set_var('LANG_category', $LANG_GF10['category']);
} else {
$peTemplate->set_var('show_filemgmt_option', 'none');
}
if (COM_isAnonUser()) {
$peTemplate->set_var('hide_notify', 'none');
}
if (function_exists('plugin_templatesetvars_captcha')) {
plugin_templatesetvars_captcha('forum', $peTemplate);
} else {
$peTemplate->set_var('captcha', '');
}
if ($postData['id'] > 0) {
$peTemplate->set_var('topic_id', $postData['id']);
}
$peTemplate->set_var(array('navbreadcrumbsimg' => _ff_getImage('nav_breadcrumbs'), 'navtopicimg' => _ff_getImage('nav_topic'), 'form_action' => $_CONF['site_url'] . '/forum/createtopic.php', 'referer' => $forumData['referer'], 'forum_id' => $forumData['forum'], 'cat_name' => $postData['cat_name'], 'cat_id' => $forumData['forum_cat'], 'forum_name' => $postData['forum_name'], 'subject' => @htmlspecialchars($postData['subject'], ENT_QUOTES, COM_getEncodingt()), 'LANG_HOME' => $LANG_GF01['HOMEPAGE'], 'forum_home' => $LANG_GF01['INDEXPAGE'], 'hidden_id' => $postData['id'], 'page' => $forumData['page'], 'LANG_bhelp' => $LANG_GF01['b_help'], 'LANG_ihelp' => $LANG_GF01['i_help'], 'LANG_uhelp' => $LANG_GF01['u_help'], 'LANG_qhelp' => $LANG_GF01['q_help'], 'LANG_chelp' => $LANG_GF01['c_help'], 'LANG_lhelp' => $LANG_GF01['l_help'], 'LANG_ohelp' => $LANG_GF01['o_help'], 'LANG_phelp' => $LANG_GF01['p_help'], 'LANG_whelp' => $LANG_GF01['w_help'], 'LANG_ahelp' => $LANG_GF01['a_help'], 'LANG_shelp' => $LANG_GF01['s_help'], 'LANG_fhelp' => $LANG_GF01['f_help'], 'LANG_hhelp' => $LANG_GF01['h_help'], 'LANG_thelp' => $LANG_GF01['t_help'], 'LANG_ehelp' => $LANG_GF01['e_help'], 'LANG_code' => $LANG_GF01['CODE'], 'LANG_fontcolor' => $LANG_GF01['FONTCOLOR'], 'LANG_fontsize' => $LANG_GF01['FONTSIZE'], 'LANG_closetags' => $LANG_GF01['CLOSETAGS'], 'LANG_codetip' => $LANG_GF01['CODETIP'], 'LANG_tiny' => $LANG_GF01['TINY'], 'LANG_small' => $LANG_GF01['SMALL'], 'LANG_normal' => $LANG_GF01['NORMAL'], 'LANG_large' => $LANG_GF01['LARGE'], 'LANG_huge' => $LANG_GF01['HUGE'], 'LANG_default' => $LANG_GF01['DEFAULT'], 'LANG_dkred' => $LANG_GF01['DKRED'], 'LANG_red' => $LANG_GF01['RED'], 'LANG_orange' => $LANG_GF01['ORANGE'], 'LANG_brown' => $LANG_GF01['BROWN'], 'LANG_yellow' => $LANG_GF01['YELLOW'], 'LANG_green' => $LANG_GF01['GREEN'], 'LANG_olive' => $LANG_GF01['OLIVE'], 'LANG_cyan' => $LANG_GF01['CYAN'], 'LANG_blue' => $LANG_GF01['BLUE'], 'LANG_dkblue' => $LANG_GF01['DKBLUE'], 'LANG_indigo' => $LANG_GF01['INDIGO'], 'LANG_violet' => $LANG_GF01['VIOLET'], 'LANG_white' => $LANG_GF01['WHITE'], 'LANG_black' => $LANG_GF01['BLACK']));
$peTemplate->set_var('token_name', CSRF_TOKEN);
$peTemplate->set_var('token', SEC_createToken());
$peTemplate->set_var('postmode', $postData['postmode']);
$peTemplate->unset_var('show_htmleditor');
if ($_FF_CONF['use_wysiwyg_editor'] && $postData['postmode'] == 'html') {
// hook into wysiwyg here
switch (PLG_getEditorType()) {
case 'ckeditor':
$peTemplate->set_var('show_htmleditor', true);
PLG_requestEditor('forum', 'forum_entry', 'ckeditor_forum.thtml');
PLG_templateSetVars('forum_entry', $peTemplate);
break;
case 'tinymce':
$peTemplate->set_var('show_htmleditor', true);
PLG_requestEditor('forum', 'forum_entry', 'tinymce_forum.thtml');
PLG_templateSetVars('forum_entry', $peTemplate);
break;
default:
// don't support others right now
break;
}
}
$peTemplate->parse('output', 'posteditor');
$retval .= $peTemplate->finish($peTemplate->get_var('output'));
$urlfor = 'advancededitor';
if ($uid == 1) {
$urlfor = 'advancededitor' . md5($REMOTE_ADDR);
}
SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
if (!isset($_POST['editpost'])) {
$_POST['editpost'] = '';
}
if ($action != 'newtopic' && $_POST['editpost'] != 'yes' && ($action == 'newreply' || $viewMode)) {
if ($FF_userprefs['showiframe']) {
$retval .= "<iframe src=\"{$_CONF['site_url']}/forum/viewtopic.php?mode=preview&showtopic=" . $postData['id'] . "&onlytopic=1&lastpost=true\" height=\"300\" width=\"100%\"></iframe>";
}
}
return $retval;
}