本文整理匯總了PHP中un_htmlspecialchars函數的典型用法代碼示例。如果您正苦於以下問題:PHP un_htmlspecialchars函數的具體用法?PHP un_htmlspecialchars怎麽用?PHP un_htmlspecialchars使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了un_htmlspecialchars函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: pre_dispatch
/**
* Common actions for all methods in the class
*/
public function pre_dispatch()
{
global $context;
$context['page_title'] = $context['forum_name'];
if (isset($context['page_title_html_safe'])) {
$context['page_title_html_safe'] = Util::htmlspecialchars(un_htmlspecialchars($context['page_title']));
}
if (!empty($context['standalone'])) {
setupMenuContext();
}
}
示例2: GetJumpTo
function GetJumpTo()
{
global $user_info, $context, $smcFunc, $sourcedir;
// Find the boards/cateogories they can see.
require_once $sourcedir . '/Subs-MessageIndex.php';
$boardListOptions = array('use_permissions' => true, 'selected_board' => isset($context['current_board']) ? $context['current_board'] : 0);
$context['jump_to'] = getBoardList($boardListOptions);
// Make the board safe for display.
foreach ($context['jump_to'] as $id_cat => $cat) {
$context['jump_to'][$id_cat]['name'] = un_htmlspecialchars(strip_tags($cat['name']));
foreach ($cat['boards'] as $id_board => $board) {
$context['jump_to'][$id_cat]['boards'][$id_board]['name'] = un_htmlspecialchars(strip_tags($board['name']));
}
}
$context['sub_template'] = 'jump_to';
}
示例3: action_jumpto
/**
* Get a list of boards and categories used for the jumpto dropdown.
*/
public function action_jumpto()
{
global $context;
// Find the boards/categories they can see.
require_once SUBSDIR . '/Boards.subs.php';
$boardListOptions = array('selected_board' => isset($context['current_board']) ? $context['current_board'] : 0);
$context += getBoardList($boardListOptions);
// Make the board safe for display.
foreach ($context['categories'] as $id_cat => $cat) {
$context['categories'][$id_cat]['name'] = un_htmlspecialchars(strip_tags($cat['name']));
foreach ($cat['boards'] as $id_board => $board) {
$context['categories'][$id_cat]['boards'][$id_board]['name'] = un_htmlspecialchars(strip_tags($board['name']));
}
}
$context['sub_template'] = 'jump_to';
}
示例4: retrieveGlobalHFContent
function retrieveGlobalHFContent($placement)
{
global $context, $boarddir, $sourcedir, $global_hf, $modSettings;
if (!isset($_GET['xml']) && (!isset($_GET['action']) || $_GET['action'] != 'dlattach')) {
$global_hf = array('head' => un_htmlspecialchars(file_get_contents($boarddir . '/smfhacks_resources/global-hf-head.txt')), 'header' => un_htmlspecialchars(file_get_contents($boarddir . '/smfhacks_resources/global-hf-header.txt')), 'footer' => un_htmlspecialchars(file_get_contents($boarddir . '/smfhacks_resources/global-hf-footer.txt')));
if ($placement != 'load') {
if (!empty($modSettings['global_header_bbc'])) {
$global_hf['parsed']['header'] = parse_bbc($global_hf['header']);
}
if (!empty($modSettings['global_footer_bbc'])) {
$global_hf['parsed']['footer'] = parse_bbc($global_hf['footer']);
}
loadTemplate('smfhacks_templates/global-hf');
loadSubTemplate('global_hf' . $placement, true);
} elseif (!empty($global_hf['head'])) {
$context['html_headers'] .= "\n" . $global_hf['head'];
}
}
}
示例5: EditorMain
function EditorMain()
{
global $context, $smcFunc;
checkSession('get');
if (!isset($_REQUEST['view']) || !isset($_REQUEST['message'])) {
fatal_lang_error('no_access', false);
}
$context['sub_template'] = 'sendbody';
$context['view'] = (int) $_REQUEST['view'];
// Return the right thing for the mode.
if ($context['view']) {
$_REQUEST['message'] = strtr($_REQUEST['message'], array('#smcol#' => ';', '#smlt#' => '<', '#smgt#' => '>', '#smamp#' => '&'));
$context['message'] = bbc_to_html($_REQUEST['message']);
} else {
$_REQUEST['message'] = un_htmlspecialchars($_REQUEST['message']);
$_REQUEST['message'] = strtr($_REQUEST['message'], array('#smcol#' => ';', '#smlt#' => '<', '#smgt#' => '>', '#smamp#' => '&'));
$context['message'] = html_to_bbc($_REQUEST['message']);
}
$context['message'] = commonAPI::htmlspecialchars($context['message']);
}
示例6: sportal_main
function sportal_main()
{
global $smcFunc, $context, $sourcedir;
if (WIRELESS) {
redirectexit('action=forum');
}
$context['page_title'] = $context['forum_name'];
if (isset($context['page_title_html_safe'])) {
$context['page_title_html_safe'] = $smcFunc['htmlspecialchars'](un_htmlspecialchars($context['page_title']));
}
if (!empty($context['standalone'])) {
setupMenuContext();
}
$actions = array('addarticle' => array('PortalArticles.php', 'sportal_add_article'), 'articles' => array('PortalArticles.php', 'sportal_articles'), 'credits' => array('', 'sportal_credits'), 'pages' => array('PortalPages.php', 'sportal_pages'), 'removearticle' => array('PortalArticles.php', 'sportal_remove_article'), 'shoutbox' => array('PortalShoutbox.php', 'sportal_shoutbox'));
if (!isset($_REQUEST['sa']) || !isset($actions[$_REQUEST['sa']])) {
$_REQUEST['sa'] = 'articles';
}
if (!empty($actions[$_REQUEST['sa']][0])) {
require_once $sourcedir . '/' . $actions[$_REQUEST['sa']][0];
}
$actions[$_REQUEST['sa']][1]();
}
示例7: action_issuewarning
//.........這裏部分代碼省略.........
// Log what we've done!
if (!$context['user']['is_owner']) {
logWarning($memID, $cur_profile['real_name'], $id_notice, $level_change, $_POST['warn_reason']);
}
// Make the change.
updateMemberData($memID, array('warning' => $_POST['warning_level']));
// Leave a lovely message.
$context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : $txt['profile_warning_success'];
} else {
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '');
}
// Show the new improved warning level.
$context['member']['warning'] = $_POST['warning_level'];
}
// Taking a look first, good idea that one.
if (isset($_POST['preview'])) {
$warning_body = !empty($_POST['warn_body']) ? trim(censorText($_POST['warn_body'])) : '';
$context['preview_subject'] = !empty($_POST['warn_sub']) ? trim(Util::htmlspecialchars($_POST['warn_sub'])) : '';
if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
$issueErrors[] = 'warning_notify_blank';
}
if (!empty($_POST['warn_body'])) {
require_once SUBSDIR . '/Post.subs.php';
preparsecode($warning_body);
$warning_body = parse_bbc($warning_body, true);
}
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '', 'body_preview' => $warning_body);
}
if (!empty($issueErrors)) {
// Fill in the suite of errors.
$context['post_errors'] = array();
foreach ($issueErrors as $error) {
$context['post_errors'][] = $txt[$error];
}
}
$context['page_title'] = $txt['profile_issue_warning'];
// Let's use a generic list to get all the current warnings
require_once SUBSDIR . '/GenericList.class.php';
require_once SUBSDIR . '/Profile.subs.php';
// Work our the various levels.
$context['level_effects'] = array(0 => $txt['profile_warning_effect_none'], $modSettings['warning_watch'] => $txt['profile_warning_effect_watch'], $modSettings['warning_moderate'] => $txt['profile_warning_effect_moderation'], $modSettings['warning_mute'] => $txt['profile_warning_effect_mute']);
$context['current_level'] = 0;
foreach ($context['level_effects'] as $limit => $dummy) {
if ($context['member']['warning'] >= $limit) {
$context['current_level'] = $limit;
}
}
// Build a list to view the warnings
$listOptions = array('id' => 'issued_warnings', 'title' => $txt['profile_viewwarning_previous_warnings'], 'items_per_page' => $modSettings['defaultMaxMessages'], 'no_items_label' => $txt['profile_viewwarning_no_warnings'], 'base_href' => $scripturl . '?action=profile;area=issuewarning;sa=user;u=' . $memID, 'default_sort_col' => 'log_time', 'get_items' => array('function' => 'list_getUserWarnings', 'params' => array($memID)), 'get_count' => array('function' => 'list_getUserWarningCount', 'params' => array($memID)), 'columns' => array('issued_by' => array('header' => array('value' => $txt['profile_warning_previous_issued'], 'style' => 'width: 20%;'), 'data' => array('function' => create_function('$warning', '
return $warning[\'issuer\'][\'link\'];
')), 'sort' => array('default' => 'lc.member_name DESC', 'reverse' => 'lc.member_name')), 'log_time' => array('header' => array('value' => $txt['profile_warning_previous_time'], 'style' => 'width: 30%;'), 'data' => array('db' => 'time'), 'sort' => array('default' => 'lc.log_time DESC', 'reverse' => 'lc.log_time')), 'reason' => array('header' => array('value' => $txt['profile_warning_previous_reason']), 'data' => array('function' => create_function('$warning', '
global $scripturl, $txt, $settings;
$ret = \'
<div class="floatleft">
\' . $warning[\'reason\'] . \'
</div>\';
// If a notice was sent, provide a way to view it
if (!empty($warning[\'id_notice\']))
$ret .= \'
<div class="floatright">
<a href="\' . $scripturl . \'?action=moderate;area=notice;nid=\' . $warning[\'id_notice\'] . \'" onclick="window.open(this.href, \\\'\\\', \\\'scrollbars=yes,resizable=yes,width=400,height=250\\\');return false;" target="_blank" class="new_win" title="\' . $txt[\'profile_warning_previous_notice\'] . \'"><img src="\' . $settings[\'images_url\'] . \'/filter.png" alt="" /></a>
</div>\';
return $ret;'))), 'level' => array('header' => array('value' => $txt['profile_warning_previous_level'], 'style' => 'width: 6%;'), 'data' => array('db' => 'counter'), 'sort' => array('default' => 'lc.counter DESC', 'reverse' => 'lc.counter'))));
// Create the list for viewing.
createList($listOptions);
$warning_for_message = isset($_REQUEST['msg']) ? (int) $_REQUEST['msg'] : false;
$warned_message_subject = '';
// Are they warning because of a message?
if (isset($_REQUEST['msg']) && 0 < (int) $_REQUEST['msg']) {
require_once SUBSDIR . '/Messages.subs.php';
$message = basicMessageInfo((int) $_REQUEST['msg']);
if (!empty($message)) {
$warned_message_subject = $message['subject'];
}
}
require_once SUBSDIR . '/Maillist.subs.php';
// Any custom templates?
$context['notification_templates'] = array();
$notification_templates = maillist_templates('warntpl');
foreach ($notification_templates as $row) {
// If we're not warning for a message skip any that are.
if (!$warning_for_message && strpos($row['body'], '{MESSAGE}') !== false) {
continue;
}
$context['notification_templates'][] = array('title' => $row['title'], 'body' => $row['body']);
}
// Setup the "default" templates.
foreach (array('spamming', 'offence', 'insulting') as $type) {
$context['notification_templates'][] = array('title' => $txt['profile_warning_notify_title_' . $type], 'body' => sprintf($txt['profile_warning_notify_template_outline' . (!empty($warning_for_message) ? '_post' : '')], $txt['profile_warning_notify_for_' . $type]));
}
// Replace all the common variables in the templates.
foreach ($context['notification_templates'] as $k => $name) {
$context['notification_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($context['member']['name']), '{MESSAGE}' => '[url=' . $scripturl . '?msg=' . $warning_for_message . ']' . un_htmlspecialchars($warned_message_subject) . '[/url]', '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => replaceBasicActionUrl($txt['regards_team'])));
}
}
示例8: smfapi_authenticate
//.........這裏部分代碼省略.........
$request = $smcFunc['db_query']('', '
SELECT passwd, id_member, id_group, lngfile, is_activated, email_address, additional_groups, member_name, password_salt,
openid_uri, passwd_flood
FROM {db_prefix}members
WHERE ' . ($smcFunc['db_case_sensitive'] ? 'LOWER(member_name) = LOWER({string:user_name})' : 'member_name = {string:user_name}') . '
LIMIT 1', array('user_name' => $smcFunc['db_case_sensitive'] ? strtolower($username) : $username));
// no user data found... invalid username
if ($smcFunc['db_num_rows']($request) == 0) {
return false;
}
$user_settings = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
if (40 != strlen($user_settings['passwd'])) {
// invalid hash in the db
return false;
}
// if it's not encrypted, do it now
if (!$encrypted) {
$sha_passwd = sha1(strtolower($user_settings['member_name']) . smfapi_unHtmlspecialchars($password));
} else {
$sha_passwd = $password;
}
// if they match the password/hash is correct
if ($user_settings['passwd'] == $sha_passwd) {
$user_info["id"] = $user_settings['id_member'];
return true;
} else {
// try other hashing schemes
$other_passwords = array();
// in case they sent the encrypted password into this as unencrypted
$other_passwords[] = $password;
// none of the below cases will be used most of the time
// (because the salt is normally set)
if ('' == $user_settings['password_salt']) {
// YaBB SE, Discus, MD5 (used a lot), SHA-1 (used some), SMF 1.0.x,
// IkonBoard, and none at all
$other_passwords[] = crypt($password, substr($password, 0, 2));
$other_passwords[] = crypt($password, substr($user_settings['passwd'], 0, 2));
$other_passwords[] = md5($password);
$other_passwords[] = sha1($password);
$other_passwords[] = md5_hmac($password, strtolower($user_settings['member_name']));
$other_passwords[] = md5($password . strtolower($user_settings['member_name']));
$other_passwords[] = md5(md5($password));
$other_passwords[] = $password;
// this one is a strange one... MyPHP, crypt() on the MD5 hash
$other_passwords[] = crypt(md5($password), md5($password));
// Snitz style - SHA-256. Technically, this is a downgrade, but most PHP
// configurations don't support sha256 anyway.
if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256')) {
$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $password));
}
// phpBB3 users new hashing. We now support it as well ;)
$other_passwords[] = phpBB3_password_check($password, $user_settings['passwd']);
// APBoard 2 login method
$other_passwords[] = md5(crypt($password, 'CRYPT_MD5'));
} elseif (strlen($user_settings['passwd']) == 32) {
// vBulletin 3 style hashing? Let's welcome them with open arms \o/
$other_passwords[] = md5(md5($password) . $user_settings['password_salt']);
// hmm.. p'raps it's Invision 2 style?
$other_passwords[] = md5(md5($user_settings['password_salt']) . md5($password));
// some common md5 ones
$other_passwords[] = md5($user_settings['password_salt'] . $password);
$other_passwords[] = md5($password . $user_settings['password_salt']);
} elseif (strlen($user_settings['passwd']) == 40) {
// maybe they are using a hash from before the password fix
$other_passwords[] = sha1(strtolower($user_settings['member_name']) . smfapi_unHtmlspecialchars($password));
// BurningBoard3 style of hashing
$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($password)));
// perhaps we converted to UTF-8 and have a valid password being
// hashed differently
if (!empty($modSettings['previousCharacterSet']) && $modSettings['previousCharacterSet'] != 'utf8') {
// try iconv first, for no particular reason
if (function_exists('iconv')) {
$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $password)));
}
// say it aint so, iconv failed
if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding')) {
$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($password, 'UTF-8', $modSettings['previousCharacterSet'])));
}
}
}
// SMF's sha1 function can give a funny result on Linux (not our fault!)
// if we've now got the real one let the old one be valid!
if (strpos(strtolower(PHP_OS), 'win') !== 0) {
require_once $sourcedir . '/Subs-Compat.php';
$other_passwords[] = sha1_smf(strtolower($user_settings['member_name']) . smfapi_unHtmlspecialchars($password));
}
// if ANY of these other hashes match we'll accept it
if (in_array($user_settings['passwd'], $other_passwords)) {
// we're not going to update the password or the hash. whatever was
// used worked, so it will work again through this api, or SMF will
// update it if the user authenticates through there. No sense messing
// with it if it's not broken imo. Authentication successful
$user_info["id"] = $user_settings['id_member'];
return true;
}
}
//authentication failed
return false;
}
示例9: sendNotifications
function sendNotifications($ID_TOPIC, $type)
{
global $txt, $scripturl, $db_prefix, $language, $user_info;
global $ID_MEMBER, $modSettings, $sourcedir;
$notification_types = array('reply' => array('subject' => 'notification_reply_subject', 'message' => 'notification_reply'), 'sticky' => array('subject' => 'notification_sticky_subject', 'message' => 'notification_sticky'), 'lock' => array('subject' => 'notification_lock_subject', 'message' => 'notification_lock'), 'unlock' => array('subject' => 'notification_unlock_subject', 'message' => 'notification_unlock'), 'remove' => array('subject' => 'notification_remove_subject', 'message' => 'notification_remove'), 'move' => array('subject' => 'notification_move_subject', 'message' => 'notification_move'), 'merge' => array('subject' => 'notification_merge_subject', 'message' => 'notification_merge'), 'split' => array('subject' => 'notification_split_subject', 'message' => 'notification_split'));
$current_type = $notification_types[$type];
// Can't do it if there's no topic.
if (empty($ID_TOPIC)) {
return;
} elseif (!is_numeric($ID_TOPIC)) {
trigger_error('sendNotifications(): \'' . $ID_TOPIC . '\' is not a topic id', E_USER_NOTICE);
}
// Get the subject and body...
$result = db_query("\n\t\tSELECT mf.subject, ml.body, t.ID_LAST_MSG\n\t\tFROM ({$db_prefix}topics AS t, {$db_prefix}messages AS mf, {$db_prefix}messages AS ml)\n\t\tWHERE t.ID_TOPIC = {$ID_TOPIC}\n\t\t\tAND mf.ID_MSG = t.ID_FIRST_MSG\n\t\t\tAND ml.ID_MSG = t.ID_LAST_MSG\n\t\tLIMIT 1", __FILE__, __LINE__);
list($subject, $body, $last_id) = mysql_fetch_row($result);
mysql_free_result($result);
if (empty($last_id)) {
trigger_error('sendNotifications(): non-existant topic passed', E_USER_NOTICE);
}
// Censor...
censorText($subject);
censorText($body);
$subject = un_htmlspecialchars($subject);
$body = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc($body, false, $last_id), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '[' => '[', ']' => ']')))));
// Find the members with notification on for this topic.
$members = db_query("\n\t\tSELECT\n\t\t\tmem.ID_MEMBER, mem.emailAddress, mem.notifyOnce, mem.notifyTypes, mem.notifySendBody, mem.lngfile,\n\t\t\tln.sent, mem.ID_GROUP, mem.additionalGroups, b.memberGroups, mem.ID_POST_GROUP, t.ID_MEMBER_STARTED\n\t\tFROM ({$db_prefix}log_notify AS ln, {$db_prefix}members AS mem, {$db_prefix}topics AS t, {$db_prefix}boards AS b)\n\t\tWHERE ln.ID_TOPIC = {$ID_TOPIC}\n\t\t\tAND t.ID_TOPIC = {$ID_TOPIC}\n\t\t\tAND b.ID_BOARD = t.ID_BOARD\n\t\t\tAND mem.ID_MEMBER != {$ID_MEMBER}\n\t\t\tAND mem.is_activated = 1\n\t\t\tAND mem.notifyTypes < " . ($type == 'reply' ? '4' : '3') . "\n\t\t\tAND ln.ID_MEMBER = mem.ID_MEMBER\n\t\tGROUP BY mem.ID_MEMBER\n\t\tORDER BY mem.lngfile", __FILE__, __LINE__);
$sent = 0;
while ($row = mysql_fetch_assoc($members)) {
// Easier to check this here... if they aren't the topic poster do they really want to know?
if ($type != 'reply' && $row['notifyTypes'] == 2 && $row['ID_MEMBER'] != $row['ID_MEMBER_STARTED']) {
continue;
}
if ($row['ID_GROUP'] != 1) {
$allowed = explode(',', $row['memberGroups']);
$row['additionalGroups'] = explode(',', $row['additionalGroups']);
$row['additionalGroups'][] = $row['ID_GROUP'];
$row['additionalGroups'][] = $row['ID_POST_GROUP'];
if (count(array_intersect($allowed, $row['additionalGroups'])) == 0) {
continue;
}
}
$needed_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
if (empty($current_language) || $current_language != $needed_language) {
$current_language = loadLanguage('Post', $needed_language, false);
}
$message = sprintf($txt[$current_type['message']], un_htmlspecialchars($user_info['name']));
if ($type != 'remove') {
$message .= $scripturl . '?topic=' . $ID_TOPIC . '.new;topicseen#new' . "\n\n" . $txt['notifyUnsubscribe'] . ': ' . $scripturl . '?action=notify;topic=' . $ID_TOPIC . '.0';
}
// Do they want the body of the message sent too?
if (!empty($row['notifySendBody']) && $type == 'reply' && empty($modSettings['disallow_sendBody'])) {
$message .= "\n\n" . $txt['notification_reply_body'] . "\n\n" . $body;
}
if (!empty($row['notifyOnce']) && $type == 'reply') {
$message .= "\n\n" . $txt['notifyXOnce2'];
}
// Send only if once is off or it's on and it hasn't been sent.
if ($type != 'reply' || empty($row['notifyOnce']) || empty($row['sent'])) {
sendmail($row['emailAddress'], sprintf($txt[$current_type['subject']], $subject), $message . "\n\n" . $txt[130], null, 'm' . $last_id);
$sent++;
}
}
mysql_free_result($members);
if (isset($current_language) && $current_language != $user_info['language']) {
loadLanguage('Post');
}
// Sent!
if ($type == 'reply' && !empty($sent)) {
db_query("\n\t\t\tUPDATE {$db_prefix}log_notify\n\t\t\tSET sent = 1\n\t\t\tWHERE ID_TOPIC = {$ID_TOPIC}\n\t\t\t\tAND ID_MEMBER != {$ID_MEMBER}", __FILE__, __LINE__);
}
}
示例10: EditPost2
function EditPost2()
{
global $txt, $smcFunc, $sourcedir;
checkSession('post');
// Get the ID
$id = (int) $_REQUEST['id'];
if (empty($id)) {
fatal_error($txt['postscheduler_nopostselected'], false);
}
// If we came from WYSIWYG then turn it back into BBC regardless.
if (!empty($_REQUEST['message_mode']) && isset($_REQUEST['message'])) {
require_once $sourcedir . '/Subs-Editor.php';
$_REQUEST['message'] = html_to_bbc($_REQUEST['message']);
// We need to unhtml it now as it gets done shortly.
$_REQUEST['message'] = un_htmlspecialchars($_REQUEST['message']);
}
$subject = $smcFunc['htmlspecialchars']($_REQUEST['subject'], ENT_QUOTES);
$boardselect = (int) $_REQUEST['boardselect'];
$postername = str_replace('"', '', $_REQUEST['postername']);
$postername = str_replace("'", '', $postername);
$postername = str_replace('\\', '', $postername);
$postername = $smcFunc['htmlspecialchars']($postername, ENT_QUOTES);
$msgicon = $smcFunc['htmlspecialchars']($_REQUEST['msgicon'], ENT_QUOTES);
$message = $smcFunc['htmlspecialchars']($_REQUEST['message'], ENT_QUOTES);
$topicid = (int) $_REQUEST['topicid'];
if ($subject == '') {
fatal_error($txt['postscheduler_err_subject'], false);
}
if ($postername == '') {
fatal_error($txt['postscheduler_err_postername'], false);
}
if ($boardselect == 0) {
fatal_error($txt['postscheduler_err_forum'], false);
}
if ($message == '') {
fatal_error($txt['postscheduler_err_message'], false);
}
$topiclocked = isset($_REQUEST['topiclocked']) ? 1 : 0;
$month = (int) $_REQUEST['month'];
$day = (int) $_REQUEST['day'];
$year = (int) $_REQUEST['year'];
$hour = (int) $_REQUEST['hour'];
$minute = (int) $_REQUEST['minute'];
$ampm = $_REQUEST['ampm'];
$minute = str_pad($minute, 2, "0", STR_PAD_LEFT);
$time_in_24_hour_format = DATE("H", STRTOTIME("{$hour}:{$minute} {$ampm}"));
if (!empty($month) && !empty($day) && !empty($year)) {
$post_time = mktime($time_in_24_hour_format, $minute, 0, $month, $day, $year);
} else {
fatal_error($txt['postscheduler_err_date'], false);
}
// Lookup the Memeber ID of the postername
$memid = 0;
$dbresult = $smcFunc['db_query']('', "\n\tSELECT \n\t\treal_name, ID_MEMBER \n\tFROM {db_prefix}members \n\tWHERE real_name = '{$postername}' OR member_name = '{$postername}' LIMIT 1");
$row = $smcFunc['db_fetch_assoc']($dbresult);
$smcFunc['db_free_result']($dbresult);
if ($smcFunc['db_affected_rows']() != 0) {
$memid = $row['ID_MEMBER'];
}
$smcFunc['db_query']('', "\n\t\tUPDATE {db_prefix}postscheduler \n\t\tSET \n\t\t\tID_BOARD = {$boardselect}, subject = '{$subject}', postername = '{$postername}', ID_MEMBER = {$memid}, locked = '{$topiclocked}', \n\t\t\tbody = '{$message}',id_topic = '{$topicid}',post_time = '{$post_time}',\n\t\t\tmsgicon = '{$msgicon}'\n\n\t WHERE ID_POST = {$id} LIMIT 1");
// Redirect to the Admin
redirectexit('action=admin;area=postscheduler;sa=admin');
}
示例11: MessageIndex
//.........這裏部分代碼省略.........
$context['icon_sources'][$row['first_icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $row['first_icon'] . '.png') ? 'images_url' : 'default_images_url';
}
if (!isset($context['icon_sources'][$row['last_icon']])) {
$context['icon_sources'][$row['last_icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $row['last_icon'] . '.png') ? 'images_url' : 'default_images_url';
}
} else {
if (!isset($context['icon_sources'][$row['first_icon']])) {
$context['icon_sources'][$row['first_icon']] = 'images_url';
}
if (!isset($context['icon_sources'][$row['last_icon']])) {
$context['icon_sources'][$row['last_icon']] = 'images_url';
}
}
if (!empty($settings['avatars_on_indexes'])) {
// Allow themers to show the latest poster's avatar along with the topic
if (!empty($row['avatar'])) {
if ($modSettings['avatar_action_too_large'] == 'option_html_resize' || $modSettings['avatar_action_too_large'] == 'option_js_resize') {
$avatar_width = !empty($modSettings['avatar_max_width_external']) ? ' width="' . $modSettings['avatar_max_width_external'] . '"' : '';
$avatar_height = !empty($modSettings['avatar_max_height_external']) ? ' height="' . $modSettings['avatar_max_height_external'] . '"' : '';
} else {
$avatar_width = '';
$avatar_height = '';
}
}
}
// 'Print' the topic info.
$context['topics'][$row['id_topic']] = array('id' => $row['id_topic'], 'first_post' => array('id' => $row['id_first_msg'], 'member' => array('username' => $row['first_member_name'], 'name' => $row['first_display_name'], 'id' => $row['first_id_member'], 'href' => !empty($row['first_id_member']) ? $scripturl . '?action=profile;u=' . $row['first_id_member'] : '', 'link' => !empty($row['first_id_member']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row['first_id_member'] . '" title="' . $txt['profile_of'] . ' ' . $row['first_display_name'] . '" class="preview">' . $row['first_display_name'] . '</a>' : $row['first_display_name']), 'time' => timeformat($row['first_poster_time']), 'timestamp' => forum_time(true, $row['first_poster_time']), 'subject' => $row['first_subject'], 'preview' => $row['first_body'], 'icon' => $row['first_icon'], 'icon_url' => $settings[$context['icon_sources'][$row['first_icon']]] . '/post/' . $row['first_icon'] . '.png', 'href' => $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . '.0', 'link' => '<a href="' . $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . '.0">' . $row['first_subject'] . '</a>'), 'last_post' => array('id' => $row['id_last_msg'], 'member' => array('username' => $row['last_member_name'], 'name' => $row['last_display_name'], 'id' => $row['last_id_member'], 'href' => !empty($row['last_id_member']) ? $scripturl . '?action=profile;u=' . $row['last_id_member'] : '', 'link' => !empty($row['last_id_member']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row['last_id_member'] . '">' . $row['last_display_name'] . '</a>' : $row['last_display_name']), 'time' => timeformat($row['last_poster_time']), 'timestamp' => forum_time(true, $row['last_poster_time']), 'subject' => $row['last_subject'], 'preview' => $row['last_body'], 'icon' => $row['last_icon'], 'icon_url' => $settings[$context['icon_sources'][$row['last_icon']]] . '/post/' . $row['last_icon'] . '.png', 'href' => $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . ($user_info['is_guest'] ? '.' . (!empty($options['view_newest_first']) ? 0 : (int) ($row['num_replies'] / $context['pageindex_multiplier']) * $context['pageindex_multiplier']) . '#msg' . $row['id_last_msg'] : ($row['num_replies'] == 0 ? '.0' : '.msg' . $row['id_last_msg']) . '#new'), 'link' => '<a href="' . $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . ($user_info['is_guest'] ? '.' . (!empty($options['view_newest_first']) ? 0 : (int) ($row['num_replies'] / $context['pageindex_multiplier']) * $context['pageindex_multiplier']) . '#msg' . $row['id_last_msg'] : ($row['num_replies'] == 0 ? '.0' : '.msg' . $row['id_last_msg']) . '#new') . '" ' . ($row['num_replies'] == 0 ? '' : 'rel="nofollow"') . '>' . $row['last_subject'] . '</a>'), 'is_sticky' => !empty($modSettings['enableStickyTopics']) && !empty($row['is_sticky']), 'is_locked' => !empty($row['locked']), 'is_poll' => $modSettings['pollMode'] == '1' && $row['id_poll'] > 0, 'is_hot' => $row['num_replies'] >= $modSettings['hotTopicPosts'], 'is_very_hot' => $row['num_replies'] >= $modSettings['hotTopicVeryPosts'], 'is_posted_in' => false, 'icon' => $row['first_icon'], 'icon_url' => $settings[$context['icon_sources'][$row['first_icon']]] . '/post/' . $row['first_icon'] . '.png', 'subject' => $row['first_subject'], 'new' => $row['new_from'] <= $row['id_msg_modified'], 'new_from' => $row['new_from'], 'newtime' => $row['new_from'], 'new_href' => $scripturl . '?topic=' . (empty($row['id_redirect_topic']) ? $row['id_topic'] : $row['id_redirect_topic']) . '.msg' . $row['new_from'] . '#new', 'pages' => $pages, 'replies' => comma_format($row['num_replies']), 'views' => comma_format($row['num_views']), 'approved' => $row['approved'], 'unapproved_posts' => $row['unapproved_posts']);
if (!empty($settings['avatars_on_indexes'])) {
$context['topics'][$row['id_topic']]['last_post']['member']['avatar'] = array('name' => $row['avatar'], 'image' => $row['avatar'] == '' ? $row['id_attach'] > 0 ? '<img class="avatar" src="' . (empty($row['attachment_type']) ? $scripturl . '?action=dlattach;attach=' . $row['id_attach'] . ';type=avatar' : $modSettings['custom_avatar_url'] . '/' . $row['filename']) . '" alt="" />' : '' : (stristr($row['avatar'], 'http://') ? '<img class="avatar" src="' . $row['avatar'] . '"' . $avatar_width . $avatar_height . ' alt="" />' : '<img class="avatar" src="' . $modSettings['avatar_url'] . '/' . htmlspecialchars($row['avatar']) . '" alt="" />'), 'href' => $row['avatar'] == '' ? $row['id_attach'] > 0 ? empty($row['attachment_type']) ? $scripturl . '?action=dlattach;attach=' . $row['id_attach'] . ';type=avatar' : $modSettings['custom_avatar_url'] . '/' . $row['filename'] : '' : (stristr($row['avatar'], 'http://') ? $row['avatar'] : $modSettings['avatar_url'] . '/' . $row['avatar']), 'url' => $row['avatar'] == '' ? '' : (stristr($row['avatar'], 'http://') ? $row['avatar'] : $modSettings['avatar_url'] . '/' . $row['avatar']));
}
determineTopicClass($context['topics'][$row['id_topic']]);
}
$smcFunc['db_free_result']($result);
// Fix the sequence of topics if they were retrieved in the wrong order. (for speed reasons...)
if ($fake_ascending) {
$context['topics'] = array_reverse($context['topics'], true);
}
if (!empty($modSettings['enableParticipation']) && !$user_info['is_guest'] && !empty($topic_ids)) {
$result = $smcFunc['db_query']('', '
SELECT id_topic
FROM {db_prefix}messages
WHERE id_topic IN ({array_int:topic_list})
AND id_member = {int:current_member}
GROUP BY id_topic
LIMIT ' . count($topic_ids), array('current_member' => $user_info['id'], 'topic_list' => $topic_ids));
while ($row = $smcFunc['db_fetch_assoc']($result)) {
$context['topics'][$row['id_topic']]['is_posted_in'] = true;
$context['topics'][$row['id_topic']]['class'] = 'my_' . $context['topics'][$row['id_topic']]['class'];
}
$smcFunc['db_free_result']($result);
}
}
$context['jump_to'] = array('label' => addslashes(un_htmlspecialchars($txt['jump_to'])), 'board_name' => htmlspecialchars(strtr(strip_tags($board_info['name']), array('&' => '&'))), 'child_level' => $board_info['child_level']);
// Is Quick Moderation active/needed?
if (!empty($options['display_quick_mod']) && !empty($context['topics'])) {
$context['can_markread'] = $context['user']['is_logged'];
$context['can_lock'] = allowedTo('lock_any');
$context['can_sticky'] = allowedTo('make_sticky') && !empty($modSettings['enableStickyTopics']);
$context['can_move'] = allowedTo('move_any');
$context['can_remove'] = allowedTo('remove_any');
$context['can_merge'] = allowedTo('merge_any');
// Ignore approving own topics as it's unlikely to come up...
$context['can_approve'] = $modSettings['postmod_active'] && allowedTo('approve_posts') && !empty($board_info['unapproved_topics']);
// Can we restore topics?
$context['can_restore'] = allowedTo('move_any') && !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] == $board;
// Set permissions for all the topics.
foreach ($context['topics'] as $t => $topic) {
$started = $topic['first_post']['member']['id'] == $user_info['id'];
$context['topics'][$t]['quick_mod'] = array('lock' => allowedTo('lock_any') || $started && allowedTo('lock_own'), 'sticky' => allowedTo('make_sticky') && !empty($modSettings['enableStickyTopics']), 'move' => allowedTo('move_any') || $started && allowedTo('move_own'), 'modify' => allowedTo('modify_any') || $started && allowedTo('modify_own'), 'remove' => allowedTo('remove_any') || $started && allowedTo('remove_own'), 'approve' => $context['can_approve'] && $topic['unapproved_posts']);
$context['can_lock'] |= $started && allowedTo('lock_own');
$context['can_move'] |= $started && allowedTo('move_own');
$context['can_remove'] |= $started && allowedTo('remove_own');
}
// Find the boards/cateogories they can move their topic to.
if ($options['display_quick_mod'] == 1 && $context['can_move'] && !empty($context['topics'])) {
require_once $sourcedir . '/Subs-MessageIndex.php';
$boardListOptions = array('excluded_boards' => array($board), 'not_redirection' => true, 'use_permissions' => true, 'selected_board' => empty($_SESSION['move_to_topic']) ? null : $_SESSION['move_to_topic']);
// With no other boards to see, it's useless to move.
if (empty($context['move_to_boards'])) {
$context['can_move'] = false;
}
}
// Can we use quick moderation checkboxes?
if ($options['display_quick_mod'] == 1) {
$context['can_quick_mod'] = $context['user']['is_logged'] || $context['can_approve'] || $context['can_remove'] || $context['can_lock'] || $context['can_sticky'] || $context['can_move'] || $context['can_merge'] || $context['can_restore'];
} else {
$context['can_quick_mod'] = $context['can_remove'] || $context['can_lock'] || $context['can_sticky'] || $context['can_move'];
}
}
if (!empty($context['can_quick_mod']) && $options['display_quick_mod'] == 1) {
$context['qmod_actions'] = array('approve', 'remove', 'lock', 'sticky', 'move', 'merge', 'restore', 'markread');
call_integration_hook('integrate_quick_mod_actions');
}
// If there are children, but no topics and no ability to post topics...
$context['no_topic_listing'] = !empty($context['boards']) && empty($context['topics']) && !$context['can_post_new'];
// Build the message index button array.
$context['normal_buttons'] = array('new_topic' => array('test' => 'can_post_new', 'text' => 'new_topic', 'image' => 'new_topic.png', 'lang' => true, 'url' => $scripturl . '?action=post;board=' . $context['current_board'] . '.0', 'active' => true), 'post_poll' => array('test' => 'can_post_poll', 'text' => 'new_poll', 'image' => 'new_poll.png', 'lang' => true, 'url' => $scripturl . '?action=post;board=' . $context['current_board'] . '.0;poll'), 'notify' => array('test' => 'can_mark_notify', 'text' => $context['is_marked_notify'] ? 'unnotify' : 'notify', 'image' => ($context['is_marked_notify'] ? 'un' : '') . 'notify.png', 'lang' => true, 'custom' => 'onclick="return confirm(\'' . ($context['is_marked_notify'] ? $txt['notification_disable_board'] : $txt['notification_enable_board']) . '\');"', 'url' => $scripturl . '?action=notifyboard;sa=' . ($context['is_marked_notify'] ? 'off' : 'on') . ';board=' . $context['current_board'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'markread' => array('text' => 'mark_read_short', 'image' => 'markread.png', 'lang' => true, 'url' => $scripturl . '?action=markasread;sa=board;board=' . $context['current_board'] . '.0;' . $context['session_var'] . '=' . $context['session_id']));
// Allow adding new buttons easily.
call_integration_hook('integrate_messageindex_buttons');
}
示例12: ReportMessage
/**
* Allows the user to report a personal message to an administrator.
*
* - In the first instance requires that the ID of the message to report is passed through $_GET.
* - It allows the user to report to either a particular administrator - or the whole admin team.
* - It will forward on a copy of the original message without allowing the reporter to make changes.
*
* @uses report_message sub-template.
*/
function ReportMessage()
{
global $txt, $context, $scripturl, $sourcedir;
global $user_info, $language, $modSettings, $smcFunc;
// Check that this feature is even enabled!
if (empty($modSettings['enableReportPM']) || empty($_REQUEST['pmsg'])) {
fatal_lang_error('no_access', false);
}
$pmsg = (int) $_REQUEST['pmsg'];
if (!isAccessiblePM($pmsg, 'inbox')) {
fatal_lang_error('no_access', false);
}
$context['pm_id'] = $pmsg;
$context['page_title'] = $txt['pm_report_title'];
// If we're here, just send the user to the template, with a few useful context bits.
if (!isset($_POST['report'])) {
$context['sub_template'] = 'report_message';
// @todo I don't like being able to pick who to send it to. Favoritism, etc. sucks.
// Now, get all the administrators.
$request = $smcFunc['db_query']('', '
SELECT id_member, real_name
FROM {db_prefix}members
WHERE id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0
ORDER BY real_name', array('admin_group' => 1));
$context['admins'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['admins'][$row['id_member']] = $row['real_name'];
}
$smcFunc['db_free_result']($request);
// How many admins in total?
$context['admin_count'] = count($context['admins']);
} else {
// Check the session before proceeding any further!
checkSession('post');
// First, pull out the message contents, and verify it actually went to them!
$request = $smcFunc['db_query']('', '
SELECT pm.subject, pm.body, pm.msgtime, pm.id_member_from, IFNULL(m.real_name, pm.from_name) AS sender_name
FROM {db_prefix}personal_messages AS pm
INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)
LEFT JOIN {db_prefix}members AS m ON (m.id_member = pm.id_member_from)
WHERE pm.id_pm = {int:id_pm}
AND pmr.id_member = {int:current_member}
AND pmr.deleted = {int:not_deleted}
LIMIT 1', array('current_member' => $user_info['id'], 'id_pm' => $context['pm_id'], 'not_deleted' => 0));
// Can only be a hacker here!
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_access', false);
}
list($subject, $body, $time, $memberFromID, $memberFromName) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Remove the line breaks...
$body = preg_replace('~<br ?/?' . '>~i', "\n", $body);
// Get any other recipients of the email.
$request = $smcFunc['db_query']('', '
SELECT mem_to.id_member AS id_member_to, mem_to.real_name AS to_name, pmr.bcc
FROM {db_prefix}pm_recipients AS pmr
LEFT JOIN {db_prefix}members AS mem_to ON (mem_to.id_member = pmr.id_member)
WHERE pmr.id_pm = {int:id_pm}
AND pmr.id_member != {int:current_member}', array('current_member' => $user_info['id'], 'id_pm' => $context['pm_id']));
$recipients = array();
$hidden_recipients = 0;
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// If it's hidden still don't reveal their names - privacy after all ;)
if ($row['bcc']) {
$hidden_recipients++;
} else {
$recipients[] = '[url=' . $scripturl . '?action=profile;u=' . $row['id_member_to'] . ']' . $row['to_name'] . '[/url]';
}
}
$smcFunc['db_free_result']($request);
if ($hidden_recipients) {
$recipients[] = sprintf($txt['pm_report_pm_hidden'], $hidden_recipients);
}
// Now let's get out and loop through the admins.
$request = $smcFunc['db_query']('', '
SELECT id_member, real_name, lngfile
FROM {db_prefix}members
WHERE (id_group = {int:admin_id} OR FIND_IN_SET({int:admin_id}, additional_groups) != 0)
' . (empty($_POST['id_admin']) ? '' : 'AND id_member = {int:specific_admin}') . '
ORDER BY lngfile', array('admin_id' => 1, 'specific_admin' => isset($_POST['id_admin']) ? (int) $_POST['id_admin'] : 0));
// Maybe we shouldn't advertise this?
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_access', false);
}
$memberFromName = un_htmlspecialchars($memberFromName);
// Prepare the message storage array.
$messagesToSend = array();
// Loop through each admin, and add them to the right language pile...
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// Need to send in the correct language!
$cur_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
//.........這裏部分代碼省略.........
示例13: Login2
//.........這裏部分代碼省略.........
// Let them try again, it didn't match anything...
if ($smcFunc['db_num_rows']($request) == 0) {
$context['login_errors'] = array($txt['username_no_exist']);
return;
}
}
$user_settings = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
// Figure out the password using SMF's encryption - if what they typed is right.
if (isset($_REQUEST['hash_passwrd']) && strlen($_REQUEST['hash_passwrd']) == 40) {
// Needs upgrading?
if (strlen($user_settings['passwd']) != 40) {
$context['login_errors'] = array($txt['login_hash_error']);
$context['disable_login_hashing'] = true;
unset($user_settings);
return;
} elseif ($_REQUEST['hash_passwrd'] == sha1($user_settings['passwd'] . $sc)) {
$sha_passwd = $user_settings['passwd'];
} else {
// Don't allow this!
validatePasswordFlood($user_settings['id_member'], $user_settings['passwd_flood']);
$_SESSION['failed_login'] = @$_SESSION['failed_login'] + 1;
if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold']) {
redirectexit('action=reminder');
} else {
log_error($txt['incorrect_password'] . ' - <span class="remove">' . $user_settings['member_name'] . '</span>', 'user');
$context['disable_login_hashing'] = true;
$context['login_errors'] = array($txt['incorrect_password']);
unset($user_settings);
return;
}
}
} else {
$sha_passwd = sha1(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));
}
// Bad password! Thought you could fool the database?!
if ($user_settings['passwd'] != $sha_passwd) {
// Let's be cautious, no hacking please. thanx.
validatePasswordFlood($user_settings['id_member'], $user_settings['passwd_flood']);
// Maybe we were too hasty... let's try some other authentication methods.
$other_passwords = array();
// None of the below cases will be used most of the time (because the salt is normally set.)
if ($user_settings['password_salt'] == '') {
// YaBB SE, Discus, MD5 (used a lot), SHA-1 (used some), SMF 1.0.x, IkonBoard, and none at all.
$other_passwords[] = crypt($_POST['passwrd'], substr($_POST['passwrd'], 0, 2));
$other_passwords[] = crypt($_POST['passwrd'], substr($user_settings['passwd'], 0, 2));
$other_passwords[] = md5($_POST['passwrd']);
$other_passwords[] = sha1($_POST['passwrd']);
$other_passwords[] = md5_hmac($_POST['passwrd'], strtolower($user_settings['member_name']));
$other_passwords[] = md5($_POST['passwrd'] . strtolower($user_settings['member_name']));
$other_passwords[] = $_POST['passwrd'];
// This one is a strange one... MyPHP, crypt() on the MD5 hash.
$other_passwords[] = crypt(md5($_POST['passwrd']), md5($_POST['passwrd']));
// Snitz style - SHA-256. Technically, this is a downgrade, but most PHP configurations don't support sha256 anyway.
if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256')) {
$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
}
// phpBB3 users new hashing. We now support it as well ;).
$other_passwords[] = phpBB3_password_check($_POST['passwrd'], $user_settings['passwd']);
// APBoard 2 Login Method.
$other_passwords[] = md5(crypt($_REQUEST['passwrd'], 'CRYPT_MD5'));
} elseif (strlen($user_settings['passwd']) == 32) {
// vBulletin 3 style hashing? Let's welcome them with open arms \o/.
$other_passwords[] = md5(md5($_POST['passwrd']) . $user_settings['password_salt']);
// Hmm.. p'raps it's Invision 2 style?
$other_passwords[] = md5(md5($user_settings['password_salt']) . md5($_POST['passwrd']));
示例14: scheduled_daily_digest
function scheduled_daily_digest()
{
global $is_weekly, $txt, $mbname, $scripturl, $sourcedir, $context, $modSettings;
// We'll want this...
require_once $sourcedir . '/lib/Subs-Post.php';
loadEssentialThemeData();
$is_weekly = !empty($is_weekly) ? 1 : 0;
// Right - get all the notification data FIRST.
$request = smf_db_query('
SELECT ln.id_topic, COALESCE(t.id_board, ln.id_board) AS id_board, mem.email_address, mem.member_name, mem.notify_types,
mem.lngfile, mem.id_member
FROM {db_prefix}log_notify AS ln
INNER JOIN {db_prefix}members AS mem ON (mem.id_member = ln.id_member)
LEFT JOIN {db_prefix}topics AS t ON (ln.id_topic != {int:empty_topic} AND t.id_topic = ln.id_topic)
WHERE mem.notify_regularity = {int:notify_regularity}
AND mem.is_activated = {int:is_activated}', array('empty_topic' => 0, 'notify_regularity' => $is_weekly ? '3' : '2', 'is_activated' => 1));
$members = array();
$langs = array();
$notify = array();
while ($row = mysql_fetch_assoc($request)) {
if (!isset($members[$row['id_member']])) {
$members[$row['id_member']] = array('email' => $row['email_address'], 'name' => $row['member_name'], 'id' => $row['id_member'], 'notifyMod' => $row['notify_types'] < 3 ? true : false, 'lang' => $row['lngfile']);
$langs[$row['lngfile']] = $row['lngfile'];
}
// Store this useful data!
$boards[$row['id_board']] = $row['id_board'];
if ($row['id_topic']) {
$notify['topics'][$row['id_topic']][] = $row['id_member'];
} else {
$notify['boards'][$row['id_board']][] = $row['id_member'];
}
}
mysql_free_result($request);
if (empty($boards)) {
return true;
}
// Just get the board names.
$request = smf_db_query('
SELECT id_board, name
FROM {db_prefix}boards
WHERE id_board IN ({array_int:board_list})', array('board_list' => $boards));
$boards = array();
while ($row = mysql_fetch_assoc($request)) {
$boards[$row['id_board']] = $row['name'];
}
mysql_free_result($request);
if (empty($boards)) {
return true;
}
// Get the actual topics...
$request = smf_db_query('
SELECT ld.note_type, t.id_topic, t.id_board, t.id_member_started, m.id_msg, m.subject,
b.name AS board_name
FROM {db_prefix}log_digest AS ld
INNER JOIN {db_prefix}topics AS t ON (t.id_topic = ld.id_topic
AND t.id_board IN ({array_int:board_list}))
INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
WHERE ' . ($is_weekly ? 'ld.daily != {int:daily_value}' : 'ld.daily IN (0, 2)'), array('board_list' => array_keys($boards), 'daily_value' => 2));
$types = array();
while ($row = mysql_fetch_assoc($request)) {
if (!isset($types[$row['note_type']][$row['id_board']])) {
$types[$row['note_type']][$row['id_board']] = array('lines' => array(), 'name' => $row['board_name'], 'id' => $row['id_board']);
}
if ($row['note_type'] == 'reply') {
if (isset($types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']])) {
$types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']]['count']++;
} else {
$types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']] = array('id' => $row['id_topic'], 'subject' => un_htmlspecialchars($row['subject']), 'count' => 1);
}
} elseif ($row['note_type'] == 'topic') {
if (!isset($types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']])) {
$types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']] = array('id' => $row['id_topic'], 'subject' => un_htmlspecialchars($row['subject']));
}
} else {
if (!isset($types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']])) {
$types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']] = array('id' => $row['id_topic'], 'subject' => un_htmlspecialchars($row['subject']), 'starter' => $row['id_member_started']);
}
}
$types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']]['members'] = array();
if (!empty($notify['topics'][$row['id_topic']])) {
$types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']]['members'] = array_merge($types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']]['members'], $notify['topics'][$row['id_topic']]);
}
if (!empty($notify['boards'][$row['id_board']])) {
$types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']]['members'] = array_merge($types[$row['note_type']][$row['id_board']]['lines'][$row['id_topic']]['members'], $notify['boards'][$row['id_board']]);
}
}
mysql_free_result($request);
if (empty($types)) {
return true;
}
// Let's load all the languages into a cache thingy.
$langtxt = array();
foreach ($langs as $lang) {
loadLanguage('Post', $lang);
loadLanguage('index', $lang);
loadLanguage('EmailTemplates', $lang);
$langtxt[$lang] = array('subject' => $txt['digest_subject_' . ($is_weekly ? 'weekly' : 'daily')], 'char_set' => $txt['lang_character_set'], 'intro' => sprintf($txt['digest_intro_' . ($is_weekly ? 'weekly' : 'daily')], $mbname), 'new_topics' => $txt['digest_new_topics'], 'topic_lines' => $txt['digest_new_topics_line'], 'new_replies' => $txt['digest_new_replies'], 'mod_actions' => $txt['digest_mod_actions'], 'replies_one' => $txt['digest_new_replies_one'], 'replies_many' => $txt['digest_new_replies_many'], 'sticky' => $txt['digest_mod_act_sticky'], 'lock' => $txt['digest_mod_act_lock'], 'unlock' => $txt['digest_mod_act_unlock'], 'remove' => $txt['digest_mod_act_remove'], 'move' => $txt['digest_mod_act_move'], 'merge' => $txt['digest_mod_act_merge'], 'split' => $txt['digest_mod_act_split'], 'bye' => $txt['regards_team']);
}
// Right - send out the silly things - this will take quite some space!
//.........這裏部分代碼省略.........
示例15: EditSmileys
function EditSmileys()
{
global $modSettings, $context, $settings, $db_prefix, $txt, $boarddir;
// Force the correct tab to be displayed.
$context['admin_tabs']['tabs']['editsmileys']['is_selected'] = true;
// Submitting a form?
if (isset($_POST['sc'])) {
checkSession();
// Changing the selected smileys?
if (isset($_POST['smiley_action']) && !empty($_POST['checked_smileys'])) {
foreach ($_POST['checked_smileys'] as $id => $smiley_id) {
$_POST['checked_smileys'][$id] = (int) $smiley_id;
}
if ($_POST['smiley_action'] == 'delete') {
db_query("\n\t\t\t\t\tDELETE FROM {$db_prefix}smileys\n\t\t\t\t\tWHERE ID_SMILEY IN (" . implode(', ', $_POST['checked_smileys']) . ')', __FILE__, __LINE__);
} else {
// Check it's a valid type.
$displayTypes = array('post' => 0, 'hidden' => 1, 'popup' => 2);
if (isset($displayTypes[$_POST['smiley_action']])) {
db_query("\n\t\t\t\t\t\tUPDATE {$db_prefix}smileys\n\t\t\t\t\t\tSET hidden = " . $displayTypes[$_POST['smiley_action']] . "\n\t\t\t\t\t\tWHERE ID_SMILEY IN (" . implode(', ', $_POST['checked_smileys']) . ')', __FILE__, __LINE__);
}
}
} elseif (isset($_POST['smiley'])) {
$_POST['smiley'] = (int) $_POST['smiley'];
$_POST['smiley_code'] = htmltrim__recursive($_POST['smiley_code']);
$_POST['smiley_filename'] = htmltrim__recursive($_POST['smiley_filename']);
$_POST['smiley_location'] = empty($_POST['smiley_location']) || $_POST['smiley_location'] > 2 || $_POST['smiley_location'] < 0 ? 0 : (int) $_POST['smiley_location'];
// Make sure some code was entered.
if (empty($_POST['smiley_code'])) {
fatal_lang_error('smiley_has_no_code');
}
// Also make sure a filename was given.
if (empty($_POST['smiley_filename'])) {
fatal_lang_error('smiley_has_no_filename');
}
// Check whether the new code has duplicates. It should be unique.
$request = db_query("\n\t\t\t\tSELECT ID_SMILEY\n\t\t\t\tFROM {$db_prefix}smileys\n\t\t\t\tWHERE code = BINARY '{$_POST['smiley_code']}'" . (empty($_POST['smiley']) ? '' : "\n\t\t\t\t\tAND ID_SMILEY != {$_POST['smiley']}"), __FILE__, __LINE__);
if (mysql_num_rows($request) > 0) {
fatal_lang_error('smiley_not_unique');
}
mysql_free_result($request);
db_query("\n\t\t\t\tUPDATE {$db_prefix}smileys\n\t\t\t\tSET\n\t\t\t\t\tcode = '{$_POST['smiley_code']}',\n\t\t\t\t\tfilename = '{$_POST['smiley_filename']}',\n\t\t\t\t\tdescription = '{$_POST['smiley_description']}',\n\t\t\t\t\thidden = {$_POST['smiley_location']}\n\t\t\t\tWHERE ID_SMILEY = {$_POST['smiley']}", __FILE__, __LINE__);
// Sort all smiley codes for more accurate parsing (longest code first).
db_query("\n\t\t\t\tALTER TABLE {$db_prefix}smileys\n\t\t\t\tORDER BY LENGTH(code) DESC", __FILE__, __LINE__);
}
cache_put_data('parsing_smileys', null, 480);
cache_put_data('posting_smileys', null, 480);
}
// Load all known smiley sets.
$context['smiley_sets'] = explode(',', $modSettings['smiley_sets_known']);
$set_names = explode("\n", $modSettings['smiley_sets_names']);
foreach ($context['smiley_sets'] as $i => $set) {
$context['smiley_sets'][$i] = array('id' => $i, 'path' => htmlspecialchars($set), 'name' => htmlspecialchars($set_names[$i]), 'selected' => $set == $modSettings['smiley_sets_default']);
}
// Prepare overview of all (custom) smileys.
if ($context['sub_action'] == 'editsmileys') {
$sortColumns = array('code', 'filename', 'description', 'hidden');
// Default to 'order by filename'.
$context['sort'] = empty($_REQUEST['sort']) || !in_array($_REQUEST['sort'], $sortColumns) ? 'filename' : $_REQUEST['sort'];
$request = db_query("\n\t\t\tSELECT ID_SMILEY, code, filename, description, smileyRow, smileyOrder, hidden\n\t\t\tFROM {$db_prefix}smileys\n\t\t\tORDER BY {$context['sort']}", __FILE__, __LINE__);
$context['smileys'] = array();
while ($row = mysql_fetch_assoc($request)) {
$context['smileys'][] = array('id' => $row['ID_SMILEY'], 'code' => htmlspecialchars($row['code']), 'filename' => htmlspecialchars($row['filename']), 'description' => htmlspecialchars($row['description']), 'row' => $row['smileyRow'], 'order' => $row['smileyOrder'], 'location' => empty($row['hidden']) ? $txt['smileys_location_form'] : ($row['hidden'] == 1 ? $txt['smileys_location_hidden'] : $txt['smileys_location_popup']), 'sets_not_found' => array());
}
mysql_free_result($request);
if (!empty($modSettings['smileys_dir']) && is_dir($modSettings['smileys_dir'])) {
foreach ($context['smiley_sets'] as $smiley_set) {
foreach ($context['smileys'] as $smiley_id => $smiley) {
if (!file_exists($modSettings['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']) . '/' . $smiley['filename'])) {
$context['smileys'][$smiley_id]['sets_not_found'][] = $smiley_set['path'];
}
}
}
}
$context['selected_set'] = $modSettings['smiley_sets_default'];
} elseif ($context['sub_action'] == 'modifysmiley') {
// Get a list of all known smiley sets.
$context['smileys_dir'] = empty($modSettings['smileys_dir']) ? $boarddir . '/Smileys' : $modSettings['smileys_dir'];
$context['smileys_dir_found'] = is_dir($context['smileys_dir']);
$context['smiley_sets'] = explode(',', $modSettings['smiley_sets_known']);
$set_names = explode("\n", $modSettings['smiley_sets_names']);
foreach ($context['smiley_sets'] as $i => $set) {
$context['smiley_sets'][$i] = array('id' => $i, 'path' => htmlspecialchars($set), 'name' => htmlspecialchars($set_names[$i]), 'selected' => $set == $modSettings['smiley_sets_default']);
}
$context['selected_set'] = $modSettings['smiley_sets_default'];
// Get all possible filenames for the smileys.
$context['filenames'] = array();
if ($context['smileys_dir_found']) {
foreach ($context['smiley_sets'] as $smiley_set) {
if (!file_exists($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']))) {
continue;
}
$dir = dir($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']));
while ($entry = $dir->read()) {
if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png'))) {
$context['filenames'][strtolower($entry)] = array('id' => htmlspecialchars($entry), 'selected' => false);
}
}
$dir->close();
}
//.........這裏部分代碼省略.........