[ Index ]

PHP Cross Reference of phpBB-3.2.2-deutsch

title

Body

[close]

/ -> ucp.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  require($phpbb_root_path . 'common.' . $phpEx);
  21  require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
  22  require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
  23  
  24  // Basic parameter data
  25  $id     = $request->variable('i', '');
  26  $mode    = $request->variable('mode', '');
  27  
  28  if (in_array($mode, array('login', 'login_link', 'logout', 'confirm', 'sendpassword', 'activate')))
  29  {
  30      define('IN_LOGIN', true);
  31  }
  32  
  33  // Start session management
  34  $user->session_begin();
  35  $auth->acl($user->data);
  36  $user->setup('ucp');
  37  
  38  // Setting a variable to let the style designer know where he is...
  39  $template->assign_var('S_IN_UCP', true);
  40  
  41  $module = new p_master();
  42  $default = false;
  43  
  44  // Basic "global" modes
  45  switch ($mode)
  46  {
  47      case 'activate':
  48          $module->load('ucp', 'activate');
  49          $module->display($user->lang['UCP_ACTIVATE']);
  50  
  51          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  52      break;
  53  
  54      case 'resend_act':
  55          $module->load('ucp', 'resend');
  56          $module->display($user->lang['UCP_RESEND']);
  57      break;
  58  
  59      case 'sendpassword':
  60          $module->load('ucp', 'remind');
  61          $module->display($user->lang['UCP_REMIND']);
  62      break;
  63  
  64      case 'register':
  65          if ($user->data['is_registered'] || isset($_REQUEST['not_agreed']))
  66          {
  67              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  68          }
  69  
  70          $module->load('ucp', 'register');
  71          $module->display($user->lang['REGISTER']);
  72      break;
  73  
  74      case 'confirm':
  75          $module->load('ucp', 'confirm');
  76      break;
  77  
  78      case 'login':
  79          if ($user->data['is_registered'])
  80          {
  81              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  82          }
  83  
  84          login_box($request->variable('redirect', "index.$phpEx"));
  85      break;
  86  
  87      case 'login_link':
  88          if ($user->data['is_registered'])
  89          {
  90              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  91          }
  92  
  93          $module->load('ucp', 'login_link');
  94          $module->display($user->lang['UCP_LOGIN_LINK']);
  95      break;
  96  
  97      case 'logout':
  98          if ($user->data['user_id'] != ANONYMOUS && $request->is_set('sid') && $request->variable('sid', '') === $user->session_id)
  99          {
 100              $user->session_kill();
 101          }
 102          else if ($user->data['user_id'] != ANONYMOUS)
 103          {
 104              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 105  
 106              $message = $user->lang['LOGOUT_FAILED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a> ');
 107              trigger_error($message);
 108          }
 109  
 110          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 111      break;
 112  
 113      case 'terms':
 114      case 'privacy':
 115  
 116          $message = ($mode == 'terms') ? 'TERMS_OF_USE_CONTENT' : 'PRIVACY_POLICY';
 117          $title = ($mode == 'terms') ? 'TERMS_USE' : 'PRIVACY';
 118  
 119          if (empty($user->lang[$message]))
 120          {
 121              if ($user->data['is_registered'])
 122              {
 123                  redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 124              }
 125  
 126              login_box();
 127          }
 128  
 129          $template->set_filenames(array(
 130              'body'        => 'ucp_agreement.html')
 131          );
 132  
 133          // Disable online list
 134          page_header($user->lang[$title]);
 135  
 136          $template->assign_vars(array(
 137              'S_AGREEMENT'            => true,
 138              'AGREEMENT_TITLE'        => $user->lang[$title],
 139              'AGREEMENT_TEXT'        => sprintf($user->lang[$message], $config['sitename'], generate_board_url()),
 140              'U_BACK'                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'),
 141              'L_BACK'                => $user->lang['BACK_TO_LOGIN'],
 142          ));
 143  
 144          page_footer();
 145  
 146      break;
 147  
 148      case 'delete_cookies':
 149  
 150          // Delete Cookies with dynamic names (do NOT delete poll cookies)
 151          if (confirm_box(true))
 152          {
 153              $set_time = time() - 31536000;
 154  
 155              foreach ($request->variable_names(\phpbb\request\request_interface::COOKIE) as $cookie_name)
 156              {
 157                  $cookie_data = $request->variable($cookie_name, '', true, \phpbb\request\request_interface::COOKIE);
 158  
 159                  // Only delete board cookies, no other ones...
 160                  if (strpos($cookie_name, $config['cookie_name'] . '_') !== 0)
 161                  {
 162                      continue;
 163                  }
 164  
 165                  $cookie_name = str_replace($config['cookie_name'] . '_', '', $cookie_name);
 166  
 167                  /**
 168                  * Event to save custom cookies from deletion
 169                  *
 170                  * @event core.ucp_delete_cookies
 171                  * @var    string    cookie_name        Cookie name to checking
 172                  * @var    bool    retain_cookie    Do we retain our cookie or not, true if retain
 173                  * @since 3.1.3-RC1
 174                  */
 175                  $retain_cookie = false;
 176                  $vars = array('cookie_name', 'retain_cookie');
 177                  extract($phpbb_dispatcher->trigger_event('core.ucp_delete_cookies', compact($vars)));
 178                  if ($retain_cookie)
 179                  {
 180                      continue;
 181                  }
 182  
 183                  // Polls are stored as {cookie_name}_poll_{topic_id}, cookie_name_ got removed, therefore checking for poll_
 184                  if (strpos($cookie_name, 'poll_') !== 0)
 185                  {
 186                      $user->set_cookie($cookie_name, '', $set_time);
 187                  }
 188              }
 189  
 190              $user->set_cookie('track', '', $set_time);
 191              $user->set_cookie('u', '', $set_time);
 192              $user->set_cookie('k', '', $set_time);
 193              $user->set_cookie('sid', '', $set_time);
 194  
 195              // We destroy the session here, the user will be logged out nevertheless
 196              $user->session_kill();
 197              $user->session_begin();
 198  
 199              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 200  
 201              $message = $user->lang['COOKIES_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 202              trigger_error($message);
 203          }
 204          else
 205          {
 206              confirm_box(false, 'DELETE_COOKIES', '');
 207          }
 208  
 209          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 210  
 211      break;
 212  
 213      case 'switch_perm':
 214  
 215          $user_id = $request->variable('u', 0);
 216  
 217          $sql = 'SELECT *
 218              FROM ' . USERS_TABLE . '
 219              WHERE user_id = ' . (int) $user_id;
 220          $result = $db->sql_query($sql);
 221          $user_row = $db->sql_fetchrow($result);
 222          $db->sql_freeresult($result);
 223  
 224          if (!$auth->acl_get('a_switchperm') || !$user_row || $user_id == $user->data['user_id'] || !check_link_hash($request->variable('hash', ''), 'switchperm'))
 225          {
 226              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 227          }
 228  
 229          include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
 230  
 231          $auth_admin = new auth_admin();
 232          if (!$auth_admin->ghost_permissions($user_id, $user->data['user_id']))
 233          {
 234              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 235          }
 236  
 237          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_TRANSFER_PERMISSIONS', false, array($user_row['username']));
 238  
 239          $message = sprintf($user->lang['PERMISSIONS_TRANSFERRED'], $user_row['username']) . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 240  
 241          /**
 242          * Event to run code after permissions are switched
 243          *
 244          * @event core.ucp_switch_permissions
 245          * @var    int        user_id        User ID to switch permission to
 246          * @var    array    user_row    User data
 247          * @var    string    message        Success message
 248          * @since 3.1.11-RC1
 249          */
 250          $vars = array('user_id', 'user_row', 'message');
 251          extract($phpbb_dispatcher->trigger_event('core.ucp_switch_permissions', compact($vars)));
 252  
 253          trigger_error($message);
 254  
 255      break;
 256  
 257      case 'restore_perm':
 258  
 259          if (!$user->data['user_perm_from'] || !$auth->acl_get('a_switchperm'))
 260          {
 261              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 262          }
 263  
 264          $auth->acl_cache($user->data);
 265  
 266          $sql = 'SELECT username
 267              FROM ' . USERS_TABLE . '
 268              WHERE user_id = ' . $user->data['user_perm_from'];
 269          $result = $db->sql_query($sql);
 270          $username = $db->sql_fetchfield('username');
 271          $db->sql_freeresult($result);
 272  
 273          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_RESTORE_PERMISSIONS', false, array($username));
 274  
 275          $message = $user->lang['PERMISSIONS_RESTORED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 276  
 277          /**
 278          * Event to run code after permissions are restored
 279          *
 280          * @event core.ucp_restore_permissions
 281          * @var    string    username    User name
 282          * @var    string    message        Success message
 283          * @since 3.1.11-RC1
 284          */
 285          $vars = array('username', 'message');
 286          extract($phpbb_dispatcher->trigger_event('core.ucp_restore_permissions', compact($vars)));
 287  
 288          trigger_error($message);
 289  
 290      break;
 291  
 292      default:
 293          $default = true;
 294      break;
 295  }
 296  
 297  // We use this approach because it does not impose large code changes
 298  if (!$default)
 299  {
 300      return true;
 301  }
 302  
 303  // Only registered users can go beyond this point
 304  if (!$user->data['is_registered'])
 305  {
 306      if ($user->data['is_bot'])
 307      {
 308          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 309      }
 310  
 311      if ($id == 'pm' && $mode == 'view' && isset($_GET['p']))
 312      {
 313          $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx?i=pm&p=" . $request->variable('p', 0));
 314          login_box($redirect_url, $user->lang['LOGIN_EXPLAIN_UCP']);
 315      }
 316  
 317      login_box('', $user->lang['LOGIN_EXPLAIN_UCP']);
 318  }
 319  
 320  // Instantiate module system and generate list of available modules
 321  $module->list_modules('ucp');
 322  
 323  // Check if the zebra module is set
 324  if ($module->is_active('zebra', 'friends'))
 325  {
 326      // Output listing of friends online
 327      $update_time = $config['load_online_time'] * 60;
 328  
 329      $sql_ary = array(
 330          'SELECT'    => 'u.user_id, u.username, u.username_clean, u.user_colour, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline',
 331  
 332          'FROM'        => array(
 333              USERS_TABLE        => 'u',
 334              ZEBRA_TABLE        => 'z',
 335          ),
 336  
 337          'LEFT_JOIN'    => array(
 338              array(
 339                  'FROM'    => array(SESSIONS_TABLE => 's'),
 340                  'ON'    => 's.session_user_id = z.zebra_id',
 341              ),
 342          ),
 343  
 344          'WHERE'        => 'z.user_id = ' . $user->data['user_id'] . '
 345              AND z.friend = 1
 346              AND u.user_id = z.zebra_id',
 347  
 348          'GROUP_BY'    => 'z.zebra_id, u.user_id, u.username_clean, u.user_colour, u.username',
 349  
 350          'ORDER_BY'    => 'u.username_clean ASC',
 351      );
 352  
 353      $sql = $db->sql_build_query('SELECT_DISTINCT', $sql_ary);
 354      $result = $db->sql_query($sql);
 355  
 356      while ($row = $db->sql_fetchrow($result))
 357      {
 358          $which = (time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline'))) ? 'online' : 'offline';
 359  
 360          $template->assign_block_vars("friends_{$which}", array(
 361              'USER_ID'        => $row['user_id'],
 362  
 363              'U_PROFILE'        => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
 364              'USER_COLOUR'    => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
 365              'USERNAME'        => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
 366              'USERNAME_FULL'    => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']))
 367          );
 368      }
 369      $db->sql_freeresult($result);
 370  }
 371  
 372  // Do not display subscribed topics/forums if not allowed
 373  if (!$config['allow_topic_notify'] && !$config['allow_forum_notify'])
 374  {
 375      $module->set_display('main', 'subscribed', false);
 376  }
 377  
 378  /**
 379  * Use this event to enable and disable additional UCP modules
 380  *
 381  * @event core.ucp_display_module_before
 382  * @var    p_master    module    Object holding all modules and their status
 383  * @var    mixed        id        Active module category (can be the int or string)
 384  * @var    string        mode    Active module
 385  * @since 3.1.0-a1
 386  */
 387  $vars = array('module', 'id', 'mode');
 388  extract($phpbb_dispatcher->trigger_event('core.ucp_display_module_before', compact($vars)));
 389  
 390  // Select the active module
 391  $module->set_active($id, $mode);
 392  
 393  // Load and execute the relevant module
 394  $module->load_active();
 395  
 396  // Assign data to the template engine for the list of modules
 397  $module->assign_tpl_vars(append_sid("{$phpbb_root_path}ucp.$phpEx"));
 398  
 399  // Generate the page, do not display/query online list
 400  $module->display($module->get_page_title());


Generated: Thu Jan 11 23:14:31 2018 Cross-referenced by PHPXref 0.7.1