[ Index ]

PHP Cross Reference of phpBB-3.2.0-deutsch

title

Body

[close]

/ -> ucp.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  require($phpbb_root_path . 'common.' . $phpEx);
  21  require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
  22  require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
  23  
  24  // Basic parameter data
  25  $id     = $request->variable('i', '');
  26  $mode    = $request->variable('mode', '');
  27  
  28  if (in_array($mode, array('login', 'login_link', 'logout', 'confirm', 'sendpassword', 'activate')))
  29  {
  30      define('IN_LOGIN', true);
  31  }
  32  
  33  // Start session management
  34  $user->session_begin();
  35  $auth->acl($user->data);
  36  $user->setup('ucp');
  37  
  38  // Setting a variable to let the style designer know where he is...
  39  $template->assign_var('S_IN_UCP', true);
  40  
  41  $module = new p_master();
  42  $default = false;
  43  
  44  // Basic "global" modes
  45  switch ($mode)
  46  {
  47      case 'activate':
  48          $module->load('ucp', 'activate');
  49          $module->display($user->lang['UCP_ACTIVATE']);
  50  
  51          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  52      break;
  53  
  54      case 'resend_act':
  55          $module->load('ucp', 'resend');
  56          $module->display($user->lang['UCP_RESEND']);
  57      break;
  58  
  59      case 'sendpassword':
  60          $module->load('ucp', 'remind');
  61          $module->display($user->lang['UCP_REMIND']);
  62      break;
  63  
  64      case 'register':
  65          if ($user->data['is_registered'] || isset($_REQUEST['not_agreed']))
  66          {
  67              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  68          }
  69  
  70          $module->load('ucp', 'register');
  71          $module->display($user->lang['REGISTER']);
  72      break;
  73  
  74      case 'confirm':
  75          $module->load('ucp', 'confirm');
  76      break;
  77  
  78      case 'login':
  79          if ($user->data['is_registered'])
  80          {
  81              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  82          }
  83  
  84          login_box($request->variable('redirect', "index.$phpEx"));
  85      break;
  86  
  87      case 'login_link':
  88          if ($user->data['is_registered'])
  89          {
  90              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  91          }
  92  
  93          $module->load('ucp', 'login_link');
  94          $module->display($user->lang['UCP_LOGIN_LINK']);
  95      break;
  96  
  97      case 'logout':
  98          if ($user->data['user_id'] != ANONYMOUS && $request->is_set('sid') && $request->variable('sid', '') === $user->session_id)
  99          {
 100              $user->session_kill();
 101          }
 102          else if ($user->data['user_id'] != ANONYMOUS)
 103          {
 104              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 105  
 106              $message = $user->lang['LOGOUT_FAILED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a> ');
 107              trigger_error($message);
 108          }
 109  
 110          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 111      break;
 112  
 113      case 'terms':
 114      case 'privacy':
 115  
 116          $message = ($mode == 'terms') ? 'TERMS_OF_USE_CONTENT' : 'PRIVACY_POLICY';
 117          $title = ($mode == 'terms') ? 'TERMS_USE' : 'PRIVACY';
 118  
 119          if (empty($user->lang[$message]))
 120          {
 121              if ($user->data['is_registered'])
 122              {
 123                  redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 124              }
 125  
 126              login_box();
 127          }
 128  
 129          $template->set_filenames(array(
 130              'body'        => 'ucp_agreement.html')
 131          );
 132  
 133          // Disable online list
 134          page_header($user->lang[$title]);
 135  
 136          $template->assign_vars(array(
 137              'S_AGREEMENT'            => true,
 138              'AGREEMENT_TITLE'        => $user->lang[$title],
 139              'AGREEMENT_TEXT'        => sprintf($user->lang[$message], $config['sitename'], generate_board_url()),
 140              'U_BACK'                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'),
 141              'L_BACK'                => $user->lang['BACK_TO_LOGIN'],
 142          ));
 143  
 144          page_footer();
 145  
 146      break;
 147  
 148      case 'delete_cookies':
 149  
 150          // Delete Cookies with dynamic names (do NOT delete poll cookies)
 151          if (confirm_box(true))
 152          {
 153              $set_time = time() - 31536000;
 154  
 155              foreach ($request->variable_names(\phpbb\request\request_interface::COOKIE) as $cookie_name)
 156              {
 157                  $cookie_data = $request->variable($cookie_name, '', true, \phpbb\request\request_interface::COOKIE);
 158  
 159                  // Only delete board cookies, no other ones...
 160                  if (strpos($cookie_name, $config['cookie_name'] . '_') !== 0)
 161                  {
 162                      continue;
 163                  }
 164  
 165                  $cookie_name = str_replace($config['cookie_name'] . '_', '', $cookie_name);
 166  
 167                  /**
 168                  * Event to save custom cookies from deletion
 169                  *
 170                  * @event core.ucp_delete_cookies
 171                  * @var    string    cookie_name        Cookie name to checking
 172                  * @var    bool    retain_cookie    Do we retain our cookie or not, true if retain
 173                  * @since 3.1.3-RC1
 174                  */
 175                  $retain_cookie = false;
 176                  $vars = array('cookie_name', 'retain_cookie');
 177                  extract($phpbb_dispatcher->trigger_event('core.ucp_delete_cookies', compact($vars)));
 178                  if ($retain_cookie)
 179                  {
 180                      continue;
 181                  }
 182  
 183                  // Polls are stored as {cookie_name}_poll_{topic_id}, cookie_name_ got removed, therefore checking for poll_
 184                  if (strpos($cookie_name, 'poll_') !== 0)
 185                  {
 186                      $user->set_cookie($cookie_name, '', $set_time);
 187                  }
 188              }
 189  
 190              $user->set_cookie('track', '', $set_time);
 191              $user->set_cookie('u', '', $set_time);
 192              $user->set_cookie('k', '', $set_time);
 193              $user->set_cookie('sid', '', $set_time);
 194  
 195              // We destroy the session here, the user will be logged out nevertheless
 196              $user->session_kill();
 197              $user->session_begin();
 198  
 199              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 200  
 201              $message = $user->lang['COOKIES_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 202              trigger_error($message);
 203          }
 204          else
 205          {
 206              confirm_box(false, 'DELETE_COOKIES', '');
 207          }
 208  
 209          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 210  
 211      break;
 212  
 213      case 'switch_perm':
 214  
 215          $user_id = $request->variable('u', 0);
 216  
 217          $sql = 'SELECT *
 218              FROM ' . USERS_TABLE . '
 219              WHERE user_id = ' . (int) $user_id;
 220          $result = $db->sql_query($sql);
 221          $user_row = $db->sql_fetchrow($result);
 222          $db->sql_freeresult($result);
 223  
 224          if (!$auth->acl_get('a_switchperm') || !$user_row || $user_id == $user->data['user_id'] || !check_link_hash($request->variable('hash', ''), 'switchperm'))
 225          {
 226              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 227          }
 228  
 229          include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
 230  
 231          $auth_admin = new auth_admin();
 232          if (!$auth_admin->ghost_permissions($user_id, $user->data['user_id']))
 233          {
 234              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 235          }
 236  
 237          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_TRANSFER_PERMISSIONS', false, array($user_row['username']));
 238  
 239          $message = sprintf($user->lang['PERMISSIONS_TRANSFERRED'], $user_row['username']) . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 240          trigger_error($message);
 241  
 242      break;
 243  
 244      case 'restore_perm':
 245  
 246          if (!$user->data['user_perm_from'] || !$auth->acl_get('a_switchperm'))
 247          {
 248              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 249          }
 250  
 251          $auth->acl_cache($user->data);
 252  
 253          $sql = 'SELECT username
 254              FROM ' . USERS_TABLE . '
 255              WHERE user_id = ' . $user->data['user_perm_from'];
 256          $result = $db->sql_query($sql);
 257          $username = $db->sql_fetchfield('username');
 258          $db->sql_freeresult($result);
 259  
 260          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_RESTORE_PERMISSIONS', false, array($username));
 261  
 262          $message = $user->lang['PERMISSIONS_RESTORED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 263          trigger_error($message);
 264  
 265      break;
 266  
 267      default:
 268          $default = true;
 269      break;
 270  }
 271  
 272  // We use this approach because it does not impose large code changes
 273  if (!$default)
 274  {
 275      return true;
 276  }
 277  
 278  // Only registered users can go beyond this point
 279  if (!$user->data['is_registered'])
 280  {
 281      if ($user->data['is_bot'])
 282      {
 283          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 284      }
 285  
 286      if ($id == 'pm' && $mode == 'view' && isset($_GET['p']))
 287      {
 288          $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx?i=pm&p=" . $request->variable('p', 0));
 289          login_box($redirect_url, $user->lang['LOGIN_EXPLAIN_UCP']);
 290      }
 291  
 292      login_box('', $user->lang['LOGIN_EXPLAIN_UCP']);
 293  }
 294  
 295  // Instantiate module system and generate list of available modules
 296  $module->list_modules('ucp');
 297  
 298  // Check if the zebra module is set
 299  if ($module->is_active('zebra', 'friends'))
 300  {
 301      // Output listing of friends online
 302      $update_time = $config['load_online_time'] * 60;
 303  
 304      $sql_ary = array(
 305          'SELECT'    => 'u.user_id, u.username, u.username_clean, u.user_colour, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline',
 306  
 307          'FROM'        => array(
 308              USERS_TABLE        => 'u',
 309              ZEBRA_TABLE        => 'z',
 310          ),
 311  
 312          'LEFT_JOIN'    => array(
 313              array(
 314                  'FROM'    => array(SESSIONS_TABLE => 's'),
 315                  'ON'    => 's.session_user_id = z.zebra_id',
 316              ),
 317          ),
 318  
 319          'WHERE'        => 'z.user_id = ' . $user->data['user_id'] . '
 320              AND z.friend = 1
 321              AND u.user_id = z.zebra_id',
 322  
 323          'GROUP_BY'    => 'z.zebra_id, u.user_id, u.username_clean, u.user_colour, u.username',
 324  
 325          'ORDER_BY'    => 'u.username_clean ASC',
 326      );
 327  
 328      $sql = $db->sql_build_query('SELECT_DISTINCT', $sql_ary);
 329      $result = $db->sql_query($sql);
 330  
 331      while ($row = $db->sql_fetchrow($result))
 332      {
 333          $which = (time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline'))) ? 'online' : 'offline';
 334  
 335          $template->assign_block_vars("friends_{$which}", array(
 336              'USER_ID'        => $row['user_id'],
 337  
 338              'U_PROFILE'        => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
 339              'USER_COLOUR'    => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
 340              'USERNAME'        => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
 341              'USERNAME_FULL'    => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']))
 342          );
 343      }
 344      $db->sql_freeresult($result);
 345  }
 346  
 347  // Do not display subscribed topics/forums if not allowed
 348  if (!$config['allow_topic_notify'] && !$config['allow_forum_notify'])
 349  {
 350      $module->set_display('main', 'subscribed', false);
 351  }
 352  
 353  /**
 354  * Use this event to enable and disable additional UCP modules
 355  *
 356  * @event core.ucp_display_module_before
 357  * @var    p_master    module    Object holding all modules and their status
 358  * @var    mixed        id        Active module category (can be the int or string)
 359  * @var    string        mode    Active module
 360  * @since 3.1.0-a1
 361  */
 362  $vars = array('module', 'id', 'mode');
 363  extract($phpbb_dispatcher->trigger_event('core.ucp_display_module_before', compact($vars)));
 364  
 365  // Select the active module
 366  $module->set_active($id, $mode);
 367  
 368  // Load and execute the relevant module
 369  $module->load_active();
 370  
 371  // Assign data to the template engine for the list of modules
 372  $module->assign_tpl_vars(append_sid("{$phpbb_root_path}ucp.$phpEx"));
 373  
 374  // Generate the page, do not display/query online list
 375  $module->display($module->get_page_title());


Generated: Sun Feb 19 19:47:08 2017 Cross-referenced by PHPXref 0.7.1