本文整理匯總了PHP中Util::htmlspecialchars方法的典型用法代碼示例。如果您正苦於以下問題:PHP Util::htmlspecialchars方法的具體用法?PHP Util::htmlspecialchars怎麽用?PHP Util::htmlspecialchars使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類Util
的用法示例。
在下文中一共展示了Util::htmlspecialchars方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: cleanMessage
protected function cleanMessage()
{
$this->message = Util::htmlspecialchars($this->message, ENT_QUOTES, 'UTF-8', true);
$this->message = strtr($this->message, array("\r" => '', '[]' => '[]', '['' => '[''));
// Clean up any cut/paste issues we may have
$this->message = sanitizeMSCutPaste($this->message);
}
示例2: pre_dispatch
/**
* Common actions for all methods in the class
*/
public function pre_dispatch()
{
global $context;
$context['page_title'] = $context['forum_name'];
if (isset($context['page_title_html_safe'])) {
$context['page_title_html_safe'] = Util::htmlspecialchars(un_htmlspecialchars($context['page_title']));
}
if (!empty($context['standalone'])) {
setupMenuContext();
}
}
示例3: action_quickhelp
/**
* Show boxes with more detailed help on items, when the user clicks on their help icon.
* It handles both administrative or user help.
* Data: $_GET['help'] parameter, it holds what string to display
* and where to get the string from. ($helptxt or $txt)
* It is accessed via ?action=quickhelp;help=?.
*
* @uses ManagePermissions language file, if the help starts with permissionhelp.
* @uses Help template, 'popup' sub-template.
*/
public function action_quickhelp()
{
global $txt, $helptxt, $context, $scripturl;
if (!isset($_GET['help']) || !is_string($_GET['help'])) {
fatal_lang_error('no_access', false);
}
if (!isset($helptxt)) {
$helptxt = array();
}
$help_str = Util::htmlspecialchars($_GET['help']);
// Load the admin help language file and template.
loadLanguage('Help');
// Load permission specific help
if (substr($help_str, 0, 14) == 'permissionhelp') {
loadLanguage('ManagePermissions');
}
// Load our template
loadTemplate('Help');
// Allow addons to load their own language file here.
call_integration_hook('integrate_quickhelp');
// Set the page title to something relevant.
$context['page_title'] = $context['forum_name'] . ' - ' . $txt['help'];
// Only show the 'popup' sub-template, no layers.
Template_Layers::getInstance()->removeAll();
$context['sub_template'] = 'popup';
$helps = explode('+', $help_str);
$context['help_text'] = '';
// Find what to display: the string will be in $helptxt['help'] or in $txt['help]
foreach ($helps as $help) {
if (isset($helptxt[$help])) {
$context['help_text'] .= $helptxt[$help];
} elseif (isset($txt[$help])) {
$context['help_text'] .= $txt[$help];
} else {
// nothing :(
$context['help_text'] .= $help;
}
}
// Link to the forum URL, and include session id.
if (preg_match('~%([0-9]+\\$)?s\\?~', $context['help_text'], $match)) {
$context['help_text'] = sprintf($context['help_text'], $scripturl, $context['session_id'], $context['session_var']);
}
}
示例4: imageNeedsCache
/**
* Images cache
*
* @name Images cache
* @copyright Images cache contributors
* @license BSD http://opensource.org/licenses/BSD-3-Clause
*
* @version 0.1
*
*/
function imageNeedsCache($img)
{
global $boardurl, $txt;
static $js_loaded = false;
$parseboard = parse_url($boardurl);
$parseimg = parse_url($img);
if (!($parseboard['scheme'] === 'https') || $parseboard['scheme'] === $parseimg['scheme']) {
return false;
}
if ($js_loaded === false) {
$js_loaded = true;
loadJavascriptFile('imgcache.js', array('defer' => true));
loadLanguage('imgcache');
}
require_once SUBSDIR . '/Graphics.subs.php';
$destination = CACHEDIR . '/img_cache_' . md5($img);
if (!file_exists($destination)) {
resizeImageFile($img, $destination, 200, 200, 3);
}
return $boardurl . '/imgcache.php?id=' . md5($img) . '" rel="cached" data-warn="' . Util::htmlspecialchars($txt['httpimgcache_warn_ext']) . '" data-url="' . Util::htmlspecialchars($img);
}
示例5: action_sportal_category
/**
* View a specific category, showing all articles it contains
*/
public function action_sportal_category()
{
global $context, $scripturl, $modSettings;
// Basic article support
require_once SUBSDIR . '/PortalArticle.subs.php';
$category_id = !empty($_REQUEST['category']) ? $_REQUEST['category'] : 0;
if (is_int($category_id)) {
$category_id = (int) $category_id;
} else {
$category_id = Util::htmlspecialchars($category_id, ENT_QUOTES);
}
$context['category'] = sportal_get_categories($category_id, true, true);
if (empty($context['category']['id'])) {
fatal_lang_error('error_sp_category_not_found', false);
}
// Set up the pages
$total_articles = sportal_get_articles_in_cat_count($context['category']['id']);
$per_page = min($total_articles, !empty($modSettings['sp_articles_per_page']) ? $modSettings['sp_articles_per_page'] : 10);
$start = !empty($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0;
if ($total_articles > $per_page) {
$context['page_index'] = constructPageIndex($context['category']['href'] . ';start=%1$d', $start, $total_articles, $per_page, true);
}
// Load the articles in this category
$context['articles'] = sportal_get_articles(0, true, true, 'spa.id_article DESC', $context['category']['id'], $per_page, $start);
foreach ($context['articles'] as $article) {
// Cut me mick
if (($cutoff = Util::strpos($article['body'], '[cutoff]')) !== false) {
$article['body'] = Util::substr($article['body'], 0, $cutoff);
if ($article['type'] === 'bbc') {
require_once SUBSDIR . '/Post.subs.php';
preparsecode($article['body']);
}
}
$context['articles'][$article['id']]['preview'] = sportal_parse_content($article['body'], $article['type'], 'return');
$context['articles'][$article['id']]['date'] = htmlTime($article['date']);
}
$context['linktree'][] = array('url' => $scripturl . '?category=' . $context['category']['category_id'], 'name' => $context['category']['name']);
$context['page_title'] = $context['category']['name'];
$context['sub_template'] = 'view_category';
}
示例6: action_register2
//.........這裏部分代碼省略.........
// Did we find it?
if (isset($context['languages'][$_POST['lngfile']])) {
$_SESSION['language'] = $_POST['lngfile'];
} else {
unset($_POST['lngfile']);
}
} else {
unset($_POST['lngfile']);
}
// Some of these fields we may not want.
if (!empty($modSettings['registration_fields'])) {
// But we might want some of them if the admin asks for them.
$standard_fields = array('location', 'gender');
$reg_fields = explode(',', $modSettings['registration_fields']);
$exclude_fields = array_diff($standard_fields, $reg_fields);
// Website is a little different
if (!in_array('website', $reg_fields)) {
$exclude_fields = array_merge($exclude_fields, array('website_url', 'website_title'));
}
// We used to accept signature on registration but it's being abused by spammers these days, so no more.
$exclude_fields[] = 'signature';
} else {
$exclude_fields = array('signature', 'location', 'gender', 'website_url', 'website_title');
}
$possible_strings = array_diff($possible_strings, $exclude_fields);
$possible_ints = array_diff($possible_ints, $exclude_fields);
$possible_floats = array_diff($possible_floats, $exclude_fields);
$possible_bools = array_diff($possible_bools, $exclude_fields);
// Set the options needed for registration.
$regOptions = array('interface' => 'guest', 'username' => !empty($_POST['user']) ? $_POST['user'] : '', 'email' => !empty($_POST['email']) ? $_POST['email'] : '', 'password' => !empty($_POST['passwrd1']) ? $_POST['passwrd1'] : '', 'password_check' => !empty($_POST['passwrd2']) ? $_POST['passwrd2'] : '', 'openid' => !empty($_POST['openid_identifier']) ? $_POST['openid_identifier'] : '', 'auth_method' => !empty($_POST['authenticate']) ? $_POST['authenticate'] : '', 'check_reserved_name' => true, 'check_password_strength' => true, 'check_email_ban' => true, 'send_welcome_email' => !empty($modSettings['send_welcomeEmail']), 'require' => !empty($modSettings['coppaAge']) && !$verifiedOpenID && empty($_SESSION['skip_coppa']) ? 'coppa' : (empty($modSettings['registration_method']) ? 'nothing' : ($modSettings['registration_method'] == 1 ? 'activation' : 'approval')), 'extra_register_vars' => array(), 'theme_vars' => array());
// Include the additional options that might have been filled in.
foreach ($possible_strings as $var) {
if (isset($_POST[$var])) {
$regOptions['extra_register_vars'][$var] = Util::htmlspecialchars($_POST[$var], ENT_QUOTES);
}
}
foreach ($possible_ints as $var) {
if (isset($_POST[$var])) {
$regOptions['extra_register_vars'][$var] = (int) $_POST[$var];
}
}
foreach ($possible_floats as $var) {
if (isset($_POST[$var])) {
$regOptions['extra_register_vars'][$var] = (double) $_POST[$var];
}
}
foreach ($possible_bools as $var) {
if (isset($_POST[$var])) {
$regOptions['extra_register_vars'][$var] = empty($_POST[$var]) ? 0 : 1;
}
}
// Registration options are always default options...
if (isset($_POST['default_options'])) {
$_POST['options'] = isset($_POST['options']) ? $_POST['options'] + $_POST['default_options'] : $_POST['default_options'];
}
$regOptions['theme_vars'] = isset($_POST['options']) && is_array($_POST['options']) ? $_POST['options'] : array();
// Make sure they are clean, dammit!
$regOptions['theme_vars'] = htmlspecialchars__recursive($regOptions['theme_vars']);
// Check whether we have fields that simply MUST be displayed?
require_once SUBSDIR . '/Profile.subs.php';
loadCustomFields(0, 'register');
foreach ($context['custom_fields'] as $row) {
// Don't allow overriding of the theme variables.
if (isset($regOptions['theme_vars'][$row['colname']])) {
unset($regOptions['theme_vars'][$row['colname']]);
}
示例7: modifyEvent
/**
* Modifies an event.
*
* - allows to either set a time span (in days) or an end_date.
* - does not check any permissions of any sort.
*
* @package Calendar
* @param int $event_id
* @param mixed[] $eventOptions
*/
function modifyEvent($event_id, &$eventOptions)
{
$db = database();
// Properly sanitize the title.
$eventOptions['title'] = Util::htmlspecialchars($eventOptions['title'], ENT_QUOTES);
// Scan the start date for validity and get its components.
if (($num_results = sscanf($eventOptions['start_date'], '%d-%d-%d', $year, $month, $day)) !== 3) {
trigger_error('modifyEvent(): invalid start date format given', E_USER_ERROR);
}
// Default span to 0 days.
$eventOptions['span'] = isset($eventOptions['span']) ? (int) $eventOptions['span'] : 0;
// Set the end date to the start date + span (if the end date wasn't already given).
if (!isset($eventOptions['end_date'])) {
$eventOptions['end_date'] = strftime('%Y-%m-%d', mktime(0, 0, 0, $month, $day, $year) + $eventOptions['span'] * 86400);
}
$event_columns = array('start_date' => 'start_date = {date:start_date}', 'end_date' => 'end_date = {date:end_date}', 'title' => 'title = SUBSTRING({string:title}, 1, 60)', 'id_board' => 'id_board = {int:id_board}', 'id_topic' => 'id_topic = {int:id_topic}');
call_integration_hook('integrate_modify_event', array($event_id, &$eventOptions, &$event_columns));
$eventOptions['id_event'] = $event_id;
$to_update = array();
foreach ($event_columns as $key => $value) {
if (isset($eventOptions[$key])) {
$to_update[] = $value;
}
}
if (empty($to_update)) {
return;
}
$db->query('', '
UPDATE {db_prefix}calendar
SET
' . implode(', ', $to_update) . '
WHERE id_event = {int:id_event}', $eventOptions);
updateSettings(array('calendar_updated' => time()));
}
示例8: validateTriggers
/**
* This function validates the ban triggers
*
* @package Bans
* @param mixed[] $triggers
*/
function validateTriggers(&$triggers)
{
$db = database();
$ban_errors = Error_Context::context('ban', 1);
if (empty($triggers)) {
$ban_errors->addError('ban_empty_triggers');
}
$ban_triggers = array();
$log_info = array();
// Go through each trigger and make sure its valid
foreach ($triggers as $key => $value) {
if (!empty($value)) {
if ($key == 'member') {
continue;
}
if ($key == 'main_ip') {
$value = trim($value);
$ip_parts = ip2range($value);
if (!checkExistingTriggerIP($ip_parts, $value)) {
$ban_errors->addError('invalid_ip');
} else {
$ban_triggers['main_ip'] = array('ip_low1' => $ip_parts[0]['low'], 'ip_high1' => $ip_parts[0]['high'], 'ip_low2' => $ip_parts[1]['low'], 'ip_high2' => $ip_parts[1]['high'], 'ip_low3' => $ip_parts[2]['low'], 'ip_high3' => $ip_parts[2]['high'], 'ip_low4' => $ip_parts[3]['low'], 'ip_high4' => $ip_parts[3]['high'], 'ip_low5' => $ip_parts[4]['low'], 'ip_high5' => $ip_parts[4]['high'], 'ip_low6' => $ip_parts[5]['low'], 'ip_high6' => $ip_parts[5]['high'], 'ip_low7' => $ip_parts[6]['low'], 'ip_high7' => $ip_parts[6]['high'], 'ip_low8' => $ip_parts[7]['low'], 'ip_high8' => $ip_parts[7]['high']);
}
} elseif ($key == 'hostname') {
if (preg_match('/[^\\w.\\-*]/', $value) == 1) {
$ban_errors->addError('invalid_hostname');
} else {
// Replace the * wildcard by a MySQL wildcard %.
$value = substr(str_replace('*', '%', $value), 0, 255);
$ban_triggers['hostname']['hostname'] = $value;
}
} elseif ($key == 'email') {
if (preg_match('/[^\\w.\\-\\+*@]/', $value) == 1) {
$ban_errors->addError('invalid_email');
}
// Check the user is not banning an admin.
$request = $db->query('', '
SELECT id_member
FROM {db_prefix}members
WHERE (id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0)
AND email_address LIKE {string:email}
LIMIT 1', array('admin_group' => 1, 'email' => $value));
if ($db->num_rows($request) != 0) {
$ban_errors->addError('no_ban_admin');
}
$db->free_result($request);
$value = substr(strtolower(str_replace('*', '%', $value)), 0, 255);
$ban_triggers['email']['email_address'] = $value;
} elseif ($key == 'user') {
$user = preg_replace('~&#(\\d{4,5}|[2-9]\\d{2,4}|1[2-9]\\d);~', '&#$1;', Util::htmlspecialchars($value, ENT_QUOTES));
$request = $db->query('', '
SELECT id_member, (id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0) AS isAdmin
FROM {db_prefix}members
WHERE member_name = {string:username} OR real_name = {string:username}
LIMIT 1', array('admin_group' => 1, 'username' => $user));
if ($db->num_rows($request) == 0) {
$ban_errors->addError('invalid_username');
}
list($value, $isAdmin) = $db->fetch_row($request);
$db->free_result($request);
if ($isAdmin && strtolower($isAdmin) != 'f') {
unset($value);
$ban_errors->addError('no_ban_admin');
} else {
$ban_triggers['user']['id_member'] = $value;
}
} elseif (in_array($key, array('ips_in_messages', 'ips_in_errors'))) {
// Special case, those two are arrays themselves
$values = array_unique($value);
// Don't add the main IP again.
if (isset($triggers['main_ip'])) {
$values = array_diff($values, array($triggers['main_ip']));
}
unset($value);
foreach ($values as $val) {
$val = trim($val);
$ip_parts = ip2range($val);
if (!checkExistingTriggerIP($ip_parts, $val)) {
$ban_errors->addError('invalid_ip');
} else {
$ban_triggers[$key][] = array('ip_low1' => $ip_parts[0]['low'], 'ip_high1' => $ip_parts[0]['high'], 'ip_low2' => $ip_parts[1]['low'], 'ip_high2' => $ip_parts[1]['high'], 'ip_low3' => $ip_parts[2]['low'], 'ip_high3' => $ip_parts[2]['high'], 'ip_low4' => $ip_parts[3]['low'], 'ip_high4' => $ip_parts[3]['high'], 'ip_low5' => $ip_parts[4]['low'], 'ip_high5' => $ip_parts[4]['high'], 'ip_low6' => $ip_parts[5]['low'], 'ip_high6' => $ip_parts[5]['high'], 'ip_low7' => $ip_parts[6]['low'], 'ip_high7' => $ip_parts[6]['high'], 'ip_low8' => $ip_parts[7]['low'], 'ip_high8' => $ip_parts[7]['high']);
$log_info[] = array('value' => $val, 'bantype' => 'ip_range');
}
}
} else {
$ban_errors->addError('no_bantype_selected');
}
if (isset($value) && !is_array($value)) {
$log_info[] = array('value' => $value, 'bantype' => $key);
}
}
}
return array('ban_triggers' => $ban_triggers, 'log_info' => $log_info);
}
示例9: sp_shoutbox_prune_member
/**
* Gets a members ID from their userid or display name, used to
* prune a members shouts from a box
*
* @param string $member
*/
function sp_shoutbox_prune_member($member)
{
$db = database();
$request = $db->query('', '
SELECT id_member
FROM {db_prefix}members
WHERE member_name = {string:member}
OR real_name = {string:member}
LIMIT {int:limit}', array('member' => strtr(trim(Util::htmlspecialchars($member, ENT_QUOTES)), array('\'' => ''')), 'limit' => 1));
list($member_id) = $db->fetch_row($request);
$db->free_result($request);
return (int) $member_id;
}
示例10: _verifyAnswers
/**
* Checks if an the answers to anti-spam questions are correct
*
* @return boolean
*/
private function _verifyAnswers()
{
// Get the answers and see if they are all right!
$questions = $this->_loadAntispamQuestions(array('type' => 'id_question', 'value' => $_SESSION[$this->_options['id'] . '_vv']['q']));
$this->_incorrectQuestions = array();
foreach ($questions as $row) {
// Everything lowercase
$answers = array();
foreach ($row['answer'] as $answer) {
$answers[] = Util::strtolower($answer);
}
if (!isset($_REQUEST[$this->_options['id'] . '_vv']['q'][$row['id_question']]) || trim($_REQUEST[$this->_options['id'] . '_vv']['q'][$row['id_question']]) == '' || !in_array(trim(Util::htmlspecialchars(Util::strtolower($_REQUEST[$this->_options['id'] . '_vv']['q'][$row['id_question']]))), $answers)) {
$this->_incorrectQuestions[] = $row['id_question'];
}
}
return empty($this->_incorrectQuestions);
}
示例11: doSecurityChecks
/**
* Do some important security checks:
*
* What it does:
* - checks the existence of critical files e.g. install.php
* - checks for an active admin session.
* - checks cache directory is writable.
* - calls secureDirectory to protect attachments & cache.
* - checks if the forum is in maintance mode.
*/
function doSecurityChecks()
{
global $modSettings, $context, $maintenance, $user_info, $txt, $scripturl, $user_settings, $options;
$show_warnings = false;
if (allowedTo('admin_forum') && !$user_info['is_guest']) {
// If agreement is enabled, at least the english version shall exists
if ($modSettings['requireAgreement'] && !file_exists(BOARDDIR . '/agreement.txt')) {
$context['security_controls_files']['title'] = $txt['generic_warning'];
$context['security_controls_files']['errors']['agreement'] = $txt['agreement_missing'];
$show_warnings = true;
}
// Cache directory writeable?
if (!empty($modSettings['cache_enable']) && !is_writable(CACHEDIR)) {
$context['security_controls_files']['title'] = $txt['generic_warning'];
$context['security_controls_files']['errors']['cache'] = $txt['cache_writable'];
$show_warnings = true;
}
// @todo add a hook here
$securityFiles = array('install.php', 'upgrade.php', 'convert.php', 'repair_paths.php', 'repair_settings.php', 'Settings.php~', 'Settings_bak.php~');
foreach ($securityFiles as $securityFile) {
if (file_exists(BOARDDIR . '/' . $securityFile)) {
$context['security_controls_files']['title'] = $txt['security_risk'];
$context['security_controls_files']['errors'][$securityFile] = sprintf($txt['not_removed'], $securityFile);
$show_warnings = true;
if ($securityFile == 'Settings.php~' || $securityFile == 'Settings_bak.php~') {
$context['security_controls_files']['errors'][$securityFile] .= '<span class="smalltext">' . sprintf($txt['not_removed_extra'], $securityFile, substr($securityFile, 0, -1)) . '</span>';
}
}
}
// We are already checking so many files...just few more doesn't make any difference! :P
require_once SUBSDIR . '/Attachments.subs.php';
$path = getAttachmentPath();
secureDirectory($path, true);
secureDirectory(CACHEDIR);
// Active admin session?
if (empty($modSettings['securityDisable']) && (isset($_SESSION['admin_time']) && $_SESSION['admin_time'] + $modSettings['admin_session_lifetime'] * 60 > time())) {
$context['warning_controls']['admin_session'] = sprintf($txt['admin_session_active'], $scripturl . '?action=admin;area=adminlogoff;redir;' . $context['session_var'] . '=' . $context['session_id']);
}
// Maintenance mode enabled?
if (!empty($maintenance)) {
$context['warning_controls']['maintenance'] = sprintf($txt['admin_maintenance_active'], $scripturl . '?action=admin;area=serversettings;' . $context['session_var'] . '=' . $context['session_id']);
}
// New updates
if (defined('FORUM_VERSION')) {
$index = 'new_in_' . str_replace(array('ElkArte ', '.'), array('', '_'), FORUM_VERSION);
if (!empty($modSettings[$index]) && empty($options['dismissed_' . $index])) {
$show_warnings = true;
$context['new_version_updates'] = array('title' => $txt['new_version_updates'], 'errors' => array(replaceBasicActionUrl($txt['new_version_updates_text'])));
}
}
}
// Check for database errors.
if (!empty($_SESSION['query_command_denied'])) {
if ($user_info['is_admin']) {
$context['security_controls_query']['title'] = $txt['query_command_denied'];
$show_warnings = true;
foreach ($_SESSION['query_command_denied'] as $command => $error) {
$context['security_controls_query']['errors'][$command] = '<pre>' . Util::htmlspecialchars($error) . '</pre>';
}
} else {
$context['security_controls_query']['title'] = $txt['query_command_denied_guests'];
foreach ($_SESSION['query_command_denied'] as $command => $error) {
$context['security_controls_query']['errors'][$command] = '<pre>' . sprintf($txt['query_command_denied_guests_msg'], Util::htmlspecialchars($command)) . '</pre>';
}
}
}
// Are there any members waiting for approval?
if (allowedTo('moderate_forum') && (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2 || !empty($modSettings['approveAccountDeletion'])) && !empty($modSettings['unapprovedMembers'])) {
$context['warning_controls']['unapproved_members'] = sprintf($txt[$modSettings['unapprovedMembers'] == 1 ? 'approve_one_member_waiting' : 'approve_many_members_waiting'], $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve', $modSettings['unapprovedMembers']);
}
if (!empty($context['open_mod_reports']) && (empty($user_settings['mod_prefs']) || $user_settings['mod_prefs'][0] == 1)) {
$context['warning_controls']['open_mod_reports'] = '<a href="' . $scripturl . '?action=moderate;area=reports">' . sprintf($txt['mod_reports_waiting'], $context['open_mod_reports']) . '</a>';
}
if (isset($_SESSION['ban']['cannot_post'])) {
// An admin cannot be banned (technically he could), and if it is better he knows.
$context['security_controls_ban']['title'] = sprintf($txt['you_are_post_banned'], $user_info['is_guest'] ? $txt['guest_title'] : $user_info['name']);
$show_warnings = true;
$context['security_controls_ban']['errors']['reason'] = '';
if (!empty($_SESSION['ban']['cannot_post']['reason'])) {
$context['security_controls_ban']['errors']['reason'] = $_SESSION['ban']['cannot_post']['reason'];
}
if (!empty($_SESSION['ban']['expire_time'])) {
$context['security_controls_ban']['errors']['reason'] .= '<span class="smalltext">' . sprintf($txt['your_ban_expires'], standardTime($_SESSION['ban']['expire_time'], false)) . '</span>';
} else {
$context['security_controls_ban']['errors']['reason'] .= '<span class="smalltext">' . $txt['your_ban_expires_never'] . '</span>';
}
}
// Finally, let's show the layer.
if ($show_warnings || !empty($context['warning_controls'])) {
Template_Layers::getInstance()->addAfter('admin_warning', 'body');
//.........這裏部分代碼省略.........
示例12: action_log
/**
* Prepares the information from the moderation log for viewing.
* Show the moderation log, or admin log...
* Disallows the deletion of events within twenty-four hours of now.
* Requires the admin_forum permission for admin log.
* Accessed via ?action=moderate;area=modlog.
*
* @uses Modlog template, main sub-template.
*/
public function action_log()
{
global $txt, $context, $scripturl;
require_once SUBSDIR . '/Modlog.subs.php';
// Are we looking at the moderation log or the administration log.
$context['log_type'] = isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'adminlog' ? 3 : 1;
if ($context['log_type'] == 3) {
isAllowedTo('admin_forum');
}
// These change dependant on whether we are viewing the moderation or admin log.
if ($context['log_type'] == 3 || $_REQUEST['action'] == 'admin') {
$context['url_start'] = '?action=admin;area=logs;sa=' . ($context['log_type'] == 3 ? 'adminlog' : 'modlog') . ';type=' . $context['log_type'];
} else {
$context['url_start'] = '?action=moderate;area=modlog;type=' . $context['log_type'];
}
$context['can_delete'] = allowedTo('admin_forum');
loadLanguage('Modlog');
$context['page_title'] = $context['log_type'] == 3 ? $txt['modlog_admin_log'] : $txt['modlog_view'];
// The number of entries to show per page of log file.
$context['displaypage'] = 30;
// Amount of hours that must pass before allowed to delete file.
$context['hoursdisable'] = 24;
// Handle deletion...
if (isset($_POST['removeall']) && $context['can_delete']) {
checkSession();
validateToken('mod-ml');
deleteLogAction($context['log_type'], $context['hoursdisable']);
} elseif (!empty($_POST['remove']) && isset($_POST['delete']) && $context['can_delete']) {
checkSession();
validateToken('mod-ml');
deleteLogAction($context['log_type'], $context['hoursdisable'], $_POST['delete']);
}
// If we're coming from a search, get the variables.
if (!empty($_REQUEST['params']) && empty($_REQUEST['is_search'])) {
$search_params = base64_decode(strtr($_REQUEST['params'], array(' ' => '+')));
$search_params = @unserialize($search_params);
}
// This array houses all the valid quick search types.
$searchTypes = array('action' => array('sql' => 'lm.action', 'label' => $txt['modlog_action']), 'member' => array('sql' => 'mem.real_name', 'label' => $txt['modlog_member']), 'position' => array('sql' => 'mg.group_name', 'label' => $txt['modlog_position']), 'ip' => array('sql' => 'lm.ip', 'label' => $txt['modlog_ip']));
// Setup the allowed search
$context['order'] = isset($_REQUEST['sort']) && isset($searchTypes[$_REQUEST['sort']]) ? $_REQUEST['sort'] : 'member';
if (!isset($search_params['string']) || !empty($_REQUEST['search']) && $search_params['string'] != $_REQUEST['search']) {
$search_params_string = empty($_REQUEST['search']) ? '' : $_REQUEST['search'];
} else {
$search_params_string = $search_params['string'];
}
if (isset($_REQUEST['search_type']) || empty($search_params['type']) || !isset($searchTypes[$search_params['type']])) {
$search_params_type = isset($_REQUEST['search_type']) && isset($searchTypes[$_REQUEST['search_type']]) ? $_REQUEST['search_type'] : $context['order'];
} else {
$search_params_type = $search_params['type'];
}
$search_params_column = $searchTypes[$search_params_type]['sql'];
$search_params = array('string' => $search_params_string, 'type' => $search_params_type);
// Setup the search context.
$context['search_params'] = empty($search_params['string']) ? '' : base64_encode(serialize($search_params));
$context['search'] = array('string' => $search_params['string'], 'type' => $search_params['type'], 'label' => $searchTypes[$search_params_type]['label']);
// If they are searching by action, then we must do some manual intervention to search in their language!
if ($search_params['type'] == 'action' && !empty($search_params['string'])) {
// Build a regex which looks for the words
$regex = '';
$search = explode(' ', $search_params['string']);
foreach ($search as $word) {
$regex .= '(?=[\\w\\s]*' . $word . ')';
}
// For the moment they can only search for ONE action!
foreach ($txt as $key => $text) {
if (strpos($key, 'modlog_ac_') === 0 && preg_match('~' . $regex . '~i', $text)) {
$search_params['string'] = substr($key, 10);
break;
}
}
}
require_once SUBSDIR . '/GenericList.class.php';
// This is all the information required for a moderation/admin log listing.
$listOptions = array('id' => 'moderation_log_list', 'width' => '100%', 'items_per_page' => $context['displaypage'], 'no_items_label' => $txt['modlog_' . ($context['log_type'] == 3 ? 'admin_log_' : '') . 'no_entries_found'], 'base_href' => $scripturl . $context['url_start'] . (!empty($context['search_params']) ? ';params=' . $context['search_params'] : ''), 'default_sort_col' => 'time', 'get_items' => array('function' => array($this, 'getModLogEntries'), 'params' => array(!empty($search_params['string']) ? ' INSTR({raw:sql_type}, {string:search_string})' : '', array('sql_type' => $search_params_column, 'search_string' => $search_params['string']), $context['log_type'])), 'get_count' => array('function' => array($this, 'getModLogEntryCount'), 'params' => array(!empty($search_params['string']) ? ' INSTR({raw:sql_type}, {string:search_string})' : '', array('sql_type' => $search_params_column, 'search_string' => $search_params['string']), $context['log_type'])), 'columns' => array('action' => array('header' => array('value' => $txt['modlog_action'], 'class' => 'lefttext'), 'data' => array('db' => 'action_text', 'class' => 'smalltext'), 'sort' => array('default' => 'lm.action', 'reverse' => 'lm.action DESC')), 'time' => array('header' => array('value' => $txt['modlog_date'], 'class' => 'lefttext'), 'data' => array('db' => 'time', 'class' => 'smalltext'), 'sort' => array('default' => 'lm.log_time DESC', 'reverse' => 'lm.log_time')), 'moderator' => array('header' => array('value' => $txt['modlog_member'], 'class' => 'lefttext'), 'data' => array('db' => 'moderator_link', 'class' => 'smalltext'), 'sort' => array('default' => 'mem.real_name', 'reverse' => 'mem.real_name DESC')), 'position' => array('header' => array('value' => $txt['modlog_position'], 'class' => 'lefttext'), 'data' => array('db' => 'position', 'class' => 'smalltext'), 'sort' => array('default' => 'mg.group_name', 'reverse' => 'mg.group_name DESC')), 'ip' => array('header' => array('value' => $txt['modlog_ip'], 'class' => 'lefttext'), 'data' => array('db' => 'ip', 'class' => 'smalltext'), 'sort' => array('default' => 'lm.ip', 'reverse' => 'lm.ip DESC')), 'delete' => array('header' => array('value' => '<input type="checkbox" name="all" class="input_check" onclick="invertAll(this, this.form);" />', 'class' => 'centertext'), 'data' => array('function' => create_function('$entry', '
return \'<input type="checkbox" class="input_check" name="delete[]" value="\' . $entry[\'id\'] . \'"\' . ($entry[\'editable\'] ? \'\' : \' disabled="disabled"\') . \' />\';
'), 'class' => 'centertext'))), 'form' => array('href' => $scripturl . $context['url_start'], 'include_sort' => true, 'include_start' => true, 'hidden_fields' => array($context['session_var'] => $context['session_id'], 'params' => $context['search_params']), 'token' => 'mod-ml'), 'additional_rows' => array(array('class' => 'submitbutton', 'position' => 'below_table_data', 'value' => '
<div id="quick_log_search">
' . $txt['modlog_search'] . ' (' . $txt['modlog_by'] . ': ' . $context['search']['label'] . ')
<input type="text" name="search" size="18" value="' . Util::htmlspecialchars($context['search']['string']) . '" class="input_text" />
<input type="submit" name="is_search" value="' . $txt['modlog_go'] . '" class="button_submit" />
' . ($context['can_delete'] ? '|
<input type="submit" name="remove" value="' . $txt['modlog_remove'] . '" onclick="return confirm(\'' . $txt['modlog_remove_selected_confirm'] . '\');" class="right_submit" />
<input type="submit" name="removeall" value="' . $txt['modlog_removeall'] . '" onclick="return confirm(\'' . $txt['modlog_remove_all_confirm'] . '\');" class="right_submit" />' : '') . '
</div>')));
createToken('mod-ml');
// Create the log listing
createList($listOptions);
$context['sub_template'] = 'show_list';
$context['default_list'] = 'moderation_log_list';
}
示例13: template_list_boards
/**
* Main template for displaying the list of boards
*
* @param int $boards
* @param string $id
*/
function template_list_boards($boards, $id)
{
global $context, $settings, $txt, $scripturl, $theme_bi_alternating_row;
echo '
<ul class="category_boards" id="', $id, '">';
// Each board in each category's boards has:
// new (is it new?), id, name, description, moderators (see below), link_moderators (just a list.),
// children (see below.), link_children (easier to use.), children_new (are they new?),
// topics (# of), posts (# of), link, href, and last_post. (see below.)
foreach ($boards as $board) {
echo '
<li class="board_row', !empty($board['children']) ? ' parent_board' : '', $board['is_redirect'] ? ' board_row_redirect' : '', $theme_bi_alternating_row ? ' alternating_row' : '', '" id="board_', $board['id'], '">
<div class="board_info">
<a class="icon_anchor" href="', $board['is_redirect'] || $context['user']['is_guest'] ? $board['href'] : $scripturl . '?action=unread;board=' . $board['id'] . '.0;children', '">';
// If the board or children is new, show an indicator.
if ($board['new'] || $board['children_new']) {
echo '
<span class="board_icon ', $board['new'] ? 'on_board' : 'on2_board', '" title="', $txt['new_posts'], '"></span>';
} elseif ($board['is_redirect']) {
echo '
<span class="board_icon redirect_board" title="', sprintf($txt['redirect_board_to'], Util::htmlspecialchars($board['name'])), '"></span>';
} else {
echo '
<span class="board_icon off_board" title="', $txt['old_posts'], '"></span>';
}
echo '
</a>
<h3 class="board_name">
<a href="', $board['href'], '" id="b', $board['id'], '">', $board['name'], '</a>';
// Has it outstanding posts for approval? @todo - Might change presentation here.
if ($board['can_approve_posts'] && ($board['unapproved_posts'] || $board['unapproved_topics'])) {
echo '
<a href="', $scripturl, '?action=moderate;area=postmod;sa=', $board['unapproved_topics'] > 0 ? 'topics' : 'posts', ';brd=', $board['id'], ';', $context['session_var'], '=', $context['session_id'], '" title="', sprintf($txt['unapproved_posts'], $board['unapproved_topics'], $board['unapproved_posts']), '" class="moderation_link"><img class="icon" src="', $settings['images_url'], '/icons/field_invalid.png" alt="(!)" /></a>';
}
echo '
</h3>
<p class="board_description">', $board['description'], '</p>';
// Show the "Moderators: ". Each has name, href, link, and id. (but we're gonna use link_moderators.)
if (!empty($board['moderators'])) {
echo '
<p class="moderators">', count($board['moderators']) === 1 ? $txt['moderator'] : $txt['moderators'], ': ', implode(', ', $board['link_moderators']), '</p>';
}
// Show some basic information about the number of posts, etc.
echo '
</div>
<div class="board_latest">
<p class="board_stats">
', comma_format($board['posts']), ' ', $board['is_redirect'] ? $txt['redirects'] : $txt['posts'], $board['is_redirect'] ? '' : '<br /> ' . comma_format($board['topics']) . ' ' . $txt['board_topics'], '
</p>';
// @todo - Last post message still needs some work. Probably split the language string into three chunks.
// Example:
// <chunk>Re: Nunc aliquam justo e...</chunk> <chunk>by Whoever</chunk> <chunk>Last post: Today at 08:00:37 am</chunk>
// That should still allow sufficient scope for any language, if done sensibly.
if (!empty($board['last_post']['id'])) {
echo '
<p class="board_lastpost">';
if (!empty($settings['avatars_on_indexes'])) {
echo '
<span class="board_avatar"><a href="', $board['last_post']['member']['href'], '"><img class="avatar" src="', $board['last_post']['member']['avatar']['href'], '" alt="" /></a></span>';
}
echo '
', $board['last_post']['last_post_message'], '
</p>';
}
echo '
</div>
</li>';
// Show the "Sub-boards: ". (there's a link_children but we're going to bold the new ones...)
if (!empty($board['children'])) {
// Sort the links into an array with new boards bold so it can be imploded.
$children = array();
// Each child in each board's children has:
// id, name, description, new (is it new?), topics (#), posts (#), href, link, and last_post.
foreach ($board['children'] as $child) {
if (!$child['is_redirect']) {
$child['link'] = '<a href="' . $child['href'] . '" ' . ($child['new'] ? 'class="board_new_posts" ' : '') . 'title="' . ($child['new'] ? $txt['new_posts'] : $txt['old_posts']) . ' (' . $txt['board_topics'] . ': ' . comma_format($child['topics']) . ', ' . $txt['posts'] . ': ' . comma_format($child['posts']) . ')">' . $child['name'] . ($child['new'] ? '</a> <a ' . ($child['new'] ? 'class="new_posts" ' : '') . 'href="' . $scripturl . '?action=unread;board=' . $child['id'] . '" title="' . $txt['new_posts'] . ' (' . $txt['board_topics'] . ': ' . comma_format($child['topics']) . ', ' . $txt['posts'] . ': ' . comma_format($child['posts']) . ')"><span class="new_posts">' . $txt['new'] . '</span>' : '') . '</a>';
} else {
$child['link'] = '<a href="' . $child['href'] . '" title="' . comma_format($child['posts']) . ' ' . $txt['redirects'] . '">' . $child['name'] . '</a>';
}
// Has it posts awaiting approval?
if ($child['can_approve_posts'] && ($child['unapproved_posts'] || $child['unapproved_topics'])) {
$child['link'] .= ' <a href="' . $scripturl . '?action=moderate;area=postmod;sa=' . ($child['unapproved_topics'] > 0 ? 'topics' : 'posts') . ';brd=' . $child['id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . '" title="' . sprintf($txt['unapproved_posts'], $child['unapproved_topics'], $child['unapproved_posts']) . '" class="moderation_link"><img class="icon" src="' . $settings['images_url'] . '/icons/field_invalid.png" alt="(!)" /></a>';
}
$children[] = $child['link'];
}
// New <li> for sub-boards (if any). Can be styled to look like part of previous <li>.
// Use h4 tag here for better a11y. Use <ul> for list of sub-boards.
// Having sub-board links in <li>'s will allow "tidy sub-boards" via easy CSS tweaks. ;)
echo '
<li class="childboard_row', $theme_bi_alternating_row ? ' alternating_row' : '', '" id="board_', $board['id'], '_children">
<ul class="childboards">
<li>
<h4>', $txt['parent_boards'], ':</h4>
</li>
//.........這裏部分代碼省略.........
示例14: htmlspecialchars__recursive
/**
* Adds html entities to the array/variable. Uses two underscores to guard against overloading.
*
* What it does:
* - adds entities (", <, >) to the array or string var.
* - importantly, does not effect keys, only values.
* - calls itself recursively if necessary.
*
* @param string[]|string $var
* @param int $level = 0
* @return mixed[]|string
*/
function htmlspecialchars__recursive($var, $level = 0)
{
if (!is_array($var)) {
return Util::htmlspecialchars($var, ENT_QUOTES);
}
// Add the htmlspecialchars to every element.
foreach ($var as $k => $v) {
$var[$k] = $level > 25 ? null : htmlspecialchars__recursive($v, $level + 1);
}
return $var;
}
示例15: action_search
/**
* This function allocates out all the search stuff.
*/
public function action_search()
{
global $txt, $context;
// What can we search for?
$subActions = array('internal' => array($this, 'action_search_internal', 'permission' => 'admin_forum'), 'online' => array($this, 'action_search_doc', 'permission' => 'admin_forum'), 'member' => array($this, 'action_search_member', 'permission' => 'admin_forum'));
// Set the subaction
$action = new Action();
$subAction = $action->initialize($subActions, 'internal');
// Keep track of what the admin wants in terms of advanced or not
if (empty($context['admin_preferences']['sb']) || $context['admin_preferences']['sb'] != $subAction) {
$context['admin_preferences']['sb'] = $subAction;
// Update the preferences.
require_once SUBSDIR . '/Admin.subs.php';
updateAdminPreferences();
}
// Setup for the template
$context['search_type'] = $subAction;
$context['search_term'] = isset($_REQUEST['search_term']) ? Util::htmlspecialchars($_REQUEST['search_term'], ENT_QUOTES) : '';
$context['sub_template'] = 'admin_search_results';
$context['page_title'] = $txt['admin_search_results'];
// You did remember to enter something to search for, otherwise its easy
if (trim($context['search_term']) == '') {
$context['search_results'] = array();
} else {
$action->dispatch($subAction);
}
}