[ Index ]

PHP Cross Reference of phpBB-3.2.8-deutsch

title

Body

[close]

/ -> ucp.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  require($phpbb_root_path . 'common.' . $phpEx);
  21  require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
  22  require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
  23  
  24  // Basic parameter data
  25  $id     = $request->variable('i', '');
  26  $mode    = $request->variable('mode', '');
  27  
  28  if (in_array($mode, array('login', 'login_link', 'logout', 'confirm', 'sendpassword', 'activate')))
  29  {
  30      define('IN_LOGIN', true);
  31  }
  32  
  33  if ($mode === 'delete_cookies')
  34  {
  35      define('SKIP_CHECK_BAN', true);
  36      define('SKIP_CHECK_DISABLED', true);
  37  }
  38  
  39  // Start session management
  40  $user->session_begin();
  41  $auth->acl($user->data);
  42  $user->setup('ucp');
  43  
  44  // Setting a variable to let the style designer know where he is...
  45  $template->assign_var('S_IN_UCP', true);
  46  
  47  $module = new p_master();
  48  $default = false;
  49  
  50  // Basic "global" modes
  51  switch ($mode)
  52  {
  53      case 'activate':
  54          $module->load('ucp', 'activate');
  55          $module->display($user->lang['UCP_ACTIVATE']);
  56  
  57          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  58      break;
  59  
  60      case 'resend_act':
  61          $module->load('ucp', 'resend');
  62          $module->display($user->lang['UCP_RESEND']);
  63      break;
  64  
  65      case 'sendpassword':
  66          $module->load('ucp', 'remind');
  67          $module->display($user->lang['UCP_REMIND']);
  68      break;
  69  
  70      case 'register':
  71          if ($user->data['is_registered'] || isset($_REQUEST['not_agreed']))
  72          {
  73              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  74          }
  75  
  76          $module->load('ucp', 'register');
  77          $module->display($user->lang['REGISTER']);
  78      break;
  79  
  80      case 'confirm':
  81          $module->load('ucp', 'confirm');
  82      break;
  83  
  84      case 'login':
  85          if ($user->data['is_registered'])
  86          {
  87              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  88          }
  89  
  90          login_box($request->variable('redirect', "index.$phpEx"));
  91      break;
  92  
  93      case 'login_link':
  94          if ($user->data['is_registered'])
  95          {
  96              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  97          }
  98  
  99          $module->load('ucp', 'login_link');
 100          $module->display($user->lang['UCP_LOGIN_LINK']);
 101      break;
 102  
 103      case 'logout':
 104          if ($user->data['user_id'] != ANONYMOUS && $request->is_set('sid') && $request->variable('sid', '') === $user->session_id)
 105          {
 106              $user->session_kill();
 107          }
 108          else if ($user->data['user_id'] != ANONYMOUS)
 109          {
 110              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 111  
 112              $message = $user->lang['LOGOUT_FAILED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a> ');
 113              trigger_error($message);
 114          }
 115  
 116          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 117      break;
 118  
 119      case 'terms':
 120      case 'privacy':
 121  
 122          $message = ($mode == 'terms') ? 'TERMS_OF_USE_CONTENT' : 'PRIVACY_POLICY';
 123          $title = ($mode == 'terms') ? 'TERMS_USE' : 'PRIVACY';
 124  
 125          if (empty($user->lang[$message]))
 126          {
 127              if ($user->data['is_registered'])
 128              {
 129                  redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 130              }
 131  
 132              login_box();
 133          }
 134  
 135          $template->set_filenames(array(
 136              'body'        => 'ucp_agreement.html')
 137          );
 138  
 139          // Disable online list
 140          page_header($user->lang[$title]);
 141  
 142          $template->assign_vars(array(
 143              'S_AGREEMENT'            => true,
 144              'AGREEMENT_TITLE'        => $user->lang[$title],
 145              'AGREEMENT_TEXT'        => sprintf($user->lang[$message], $config['sitename'], generate_board_url()),
 146              'U_BACK'                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'),
 147              'L_BACK'                => $user->lang['BACK_TO_PREV'],
 148          ));
 149  
 150          page_footer();
 151  
 152      break;
 153  
 154      case 'delete_cookies':
 155  
 156          // Delete Cookies with dynamic names (do NOT delete poll cookies)
 157          if (confirm_box(true))
 158          {
 159              $set_time = time() - 31536000;
 160  
 161              foreach ($request->variable_names(\phpbb\request\request_interface::COOKIE) as $cookie_name)
 162              {
 163                  $cookie_data = $request->variable($cookie_name, '', true, \phpbb\request\request_interface::COOKIE);
 164  
 165                  // Only delete board cookies, no other ones...
 166                  if (strpos($cookie_name, $config['cookie_name'] . '_') !== 0)
 167                  {
 168                      continue;
 169                  }
 170  
 171                  $cookie_name = str_replace($config['cookie_name'] . '_', '', $cookie_name);
 172  
 173                  /**
 174                  * Event to save custom cookies from deletion
 175                  *
 176                  * @event core.ucp_delete_cookies
 177                  * @var    string    cookie_name        Cookie name to checking
 178                  * @var    bool    retain_cookie    Do we retain our cookie or not, true if retain
 179                  * @since 3.1.3-RC1
 180                  */
 181                  $retain_cookie = false;
 182                  $vars = array('cookie_name', 'retain_cookie');
 183                  extract($phpbb_dispatcher->trigger_event('core.ucp_delete_cookies', compact($vars)));
 184                  if ($retain_cookie)
 185                  {
 186                      continue;
 187                  }
 188  
 189                  // Polls are stored as {cookie_name}_poll_{topic_id}, cookie_name_ got removed, therefore checking for poll_
 190                  if (strpos($cookie_name, 'poll_') !== 0)
 191                  {
 192                      $user->set_cookie($cookie_name, '', $set_time);
 193                  }
 194              }
 195  
 196              $user->set_cookie('track', '', $set_time);
 197              $user->set_cookie('u', '', $set_time);
 198              $user->set_cookie('k', '', $set_time);
 199              $user->set_cookie('sid', '', $set_time);
 200  
 201              // We destroy the session here, the user will be logged out nevertheless
 202              $user->session_kill();
 203              $user->session_begin();
 204  
 205              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 206  
 207              $message = $user->lang['COOKIES_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 208              trigger_error($message);
 209          }
 210          else
 211          {
 212              confirm_box(false, 'DELETE_COOKIES', '');
 213          }
 214  
 215          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 216  
 217      break;
 218  
 219      case 'switch_perm':
 220  
 221          $user_id = $request->variable('u', 0);
 222  
 223          $sql = 'SELECT *
 224              FROM ' . USERS_TABLE . '
 225              WHERE user_id = ' . (int) $user_id;
 226          $result = $db->sql_query($sql);
 227          $user_row = $db->sql_fetchrow($result);
 228          $db->sql_freeresult($result);
 229  
 230          if (!$auth->acl_get('a_switchperm') || !$user_row || $user_id == $user->data['user_id'] || !check_link_hash($request->variable('hash', ''), 'switchperm'))
 231          {
 232              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 233          }
 234  
 235          include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
 236  
 237          $auth_admin = new auth_admin();
 238          if (!$auth_admin->ghost_permissions($user_id, $user->data['user_id']))
 239          {
 240              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 241          }
 242  
 243          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_TRANSFER_PERMISSIONS', false, array($user_row['username']));
 244  
 245          $message = sprintf($user->lang['PERMISSIONS_TRANSFERRED'], $user_row['username']) . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 246  
 247          /**
 248          * Event to run code after permissions are switched
 249          *
 250          * @event core.ucp_switch_permissions
 251          * @var    int        user_id        User ID to switch permission to
 252          * @var    array    user_row    User data
 253          * @var    string    message        Success message
 254          * @since 3.1.11-RC1
 255          */
 256          $vars = array('user_id', 'user_row', 'message');
 257          extract($phpbb_dispatcher->trigger_event('core.ucp_switch_permissions', compact($vars)));
 258  
 259          trigger_error($message);
 260  
 261      break;
 262  
 263      case 'restore_perm':
 264  
 265          if (!$user->data['user_perm_from'] || !$auth->acl_get('a_switchperm'))
 266          {
 267              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 268          }
 269  
 270          $auth->acl_cache($user->data);
 271  
 272          $sql = 'SELECT username
 273              FROM ' . USERS_TABLE . '
 274              WHERE user_id = ' . $user->data['user_perm_from'];
 275          $result = $db->sql_query($sql);
 276          $username = $db->sql_fetchfield('username');
 277          $db->sql_freeresult($result);
 278  
 279          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_RESTORE_PERMISSIONS', false, array($username));
 280  
 281          $message = $user->lang['PERMISSIONS_RESTORED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 282  
 283          /**
 284          * Event to run code after permissions are restored
 285          *
 286          * @event core.ucp_restore_permissions
 287          * @var    string    username    User name
 288          * @var    string    message        Success message
 289          * @since 3.1.11-RC1
 290          */
 291          $vars = array('username', 'message');
 292          extract($phpbb_dispatcher->trigger_event('core.ucp_restore_permissions', compact($vars)));
 293  
 294          trigger_error($message);
 295  
 296      break;
 297  
 298      default:
 299          $default = true;
 300      break;
 301  }
 302  
 303  // We use this approach because it does not impose large code changes
 304  if (!$default)
 305  {
 306      return true;
 307  }
 308  
 309  // Only registered users can go beyond this point
 310  if (!$user->data['is_registered'])
 311  {
 312      if ($user->data['is_bot'])
 313      {
 314          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 315      }
 316  
 317      if ($id == 'pm' && $mode == 'view' && isset($_GET['p']))
 318      {
 319          $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx?i=pm&p=" . $request->variable('p', 0));
 320          login_box($redirect_url, $user->lang['LOGIN_EXPLAIN_UCP']);
 321      }
 322  
 323      login_box('', $user->lang['LOGIN_EXPLAIN_UCP']);
 324  }
 325  
 326  // Instantiate module system and generate list of available modules
 327  $module->list_modules('ucp');
 328  
 329  // Check if the zebra module is set
 330  if ($module->is_active('zebra', 'friends'))
 331  {
 332      // Output listing of friends online
 333      $update_time = $config['load_online_time'] * 60;
 334  
 335      $sql_ary = array(
 336          'SELECT'    => 'u.user_id, u.username, u.username_clean, u.user_colour, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline',
 337  
 338          'FROM'        => array(
 339              USERS_TABLE        => 'u',
 340              ZEBRA_TABLE        => 'z',
 341          ),
 342  
 343          'LEFT_JOIN'    => array(
 344              array(
 345                  'FROM'    => array(SESSIONS_TABLE => 's'),
 346                  'ON'    => 's.session_user_id = z.zebra_id',
 347              ),
 348          ),
 349  
 350          'WHERE'        => 'z.user_id = ' . $user->data['user_id'] . '
 351              AND z.friend = 1
 352              AND u.user_id = z.zebra_id',
 353  
 354          'GROUP_BY'    => 'z.zebra_id, u.user_id, u.username_clean, u.user_colour, u.username',
 355  
 356          'ORDER_BY'    => 'u.username_clean ASC',
 357      );
 358  
 359      $sql = $db->sql_build_query('SELECT_DISTINCT', $sql_ary);
 360      $result = $db->sql_query($sql);
 361  
 362      while ($row = $db->sql_fetchrow($result))
 363      {
 364          $which = (time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline'))) ? 'online' : 'offline';
 365  
 366          $template->assign_block_vars("friends_{$which}", array(
 367              'USER_ID'        => $row['user_id'],
 368  
 369              'U_PROFILE'        => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
 370              'USER_COLOUR'    => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
 371              'USERNAME'        => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
 372              'USERNAME_FULL'    => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']))
 373          );
 374      }
 375      $db->sql_freeresult($result);
 376  }
 377  
 378  // Do not display subscribed topics/forums if not allowed
 379  if (!$config['allow_topic_notify'] && !$config['allow_forum_notify'])
 380  {
 381      $module->set_display('main', 'subscribed', false);
 382  }
 383  
 384  /**
 385  * Use this event to enable and disable additional UCP modules
 386  *
 387  * @event core.ucp_display_module_before
 388  * @var    p_master    module    Object holding all modules and their status
 389  * @var    mixed        id        Active module category (can be the int or string)
 390  * @var    string        mode    Active module
 391  * @since 3.1.0-a1
 392  */
 393  $vars = array('module', 'id', 'mode');
 394  extract($phpbb_dispatcher->trigger_event('core.ucp_display_module_before', compact($vars)));
 395  
 396  // Select the active module
 397  $module->set_active($id, $mode);
 398  
 399  // Load and execute the relevant module
 400  $module->load_active();
 401  
 402  // Assign data to the template engine for the list of modules
 403  $module->assign_tpl_vars(append_sid("{$phpbb_root_path}ucp.$phpEx"));
 404  
 405  // Generate the page, do not display/query online list
 406  $module->display($module->get_page_title());


Generated: Tue Apr 7 19:42:26 2020 Cross-referenced by PHPXref 0.7.1