[ Index ]

PHP Cross Reference of phpBB-3.3.0-deutsch

title

Body

[close]

/ -> ucp.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  require($phpbb_root_path . 'common.' . $phpEx);
  21  require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
  22  require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
  23  
  24  // Basic parameter data
  25  $id     = $request->variable('i', '');
  26  $mode    = $request->variable('mode', '');
  27  
  28  if (in_array($mode, array('login', 'login_link', 'logout', 'confirm', 'sendpassword', 'activate')))
  29  {
  30      define('IN_LOGIN', true);
  31  }
  32  
  33  if ($mode === 'delete_cookies')
  34  {
  35      define('SKIP_CHECK_BAN', true);
  36      define('SKIP_CHECK_DISABLED', true);
  37  }
  38  
  39  // Start session management
  40  $user->session_begin();
  41  $auth->acl($user->data);
  42  $user->setup('ucp');
  43  
  44  // Setting a variable to let the style designer know where he is...
  45  $template->assign_var('S_IN_UCP', true);
  46  
  47  $module = new p_master();
  48  $default = false;
  49  
  50  // Basic "global" modes
  51  switch ($mode)
  52  {
  53      case 'activate':
  54          $module->load('ucp', 'activate');
  55          $module->display($user->lang['UCP_ACTIVATE']);
  56  
  57          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  58      break;
  59  
  60      case 'resend_act':
  61          $module->load('ucp', 'resend');
  62          $module->display($user->lang['UCP_RESEND']);
  63      break;
  64  
  65      case 'sendpassword':
  66          /** @var \phpbb\controller\helper $controller_helper */
  67          $controller_helper = $phpbb_container->get('controller.helper');
  68  
  69          redirect($controller_helper->route('phpbb_ucp_forgot_password_controller'));
  70      break;
  71  
  72      case 'register':
  73          if ($user->data['is_registered'] || isset($_REQUEST['not_agreed']))
  74          {
  75              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  76          }
  77  
  78          $module->load('ucp', 'register');
  79          $module->display($user->lang['REGISTER']);
  80      break;
  81  
  82      case 'confirm':
  83          $module->load('ucp', 'confirm');
  84      break;
  85  
  86      case 'login':
  87          if ($user->data['is_registered'])
  88          {
  89              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  90          }
  91  
  92          login_box($request->variable('redirect', "index.$phpEx"));
  93      break;
  94  
  95      case 'login_link':
  96          if ($user->data['is_registered'])
  97          {
  98              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  99          }
 100  
 101          $module->load('ucp', 'login_link');
 102          $module->display($user->lang['UCP_LOGIN_LINK']);
 103      break;
 104  
 105      case 'logout':
 106          if ($user->data['user_id'] != ANONYMOUS && $request->is_set('sid') && $request->variable('sid', '') === $user->session_id)
 107          {
 108              $user->session_kill();
 109          }
 110          else if ($user->data['user_id'] != ANONYMOUS)
 111          {
 112              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 113  
 114              $message = $user->lang['LOGOUT_FAILED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a> ');
 115              trigger_error($message);
 116          }
 117  
 118          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 119      break;
 120  
 121      case 'terms':
 122      case 'privacy':
 123  
 124          $message = ($mode == 'terms') ? 'TERMS_OF_USE_CONTENT' : 'PRIVACY_POLICY';
 125          $title = ($mode == 'terms') ? 'TERMS_USE' : 'PRIVACY';
 126  
 127          if (empty($user->lang[$message]))
 128          {
 129              if ($user->data['is_registered'])
 130              {
 131                  redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 132              }
 133  
 134              login_box();
 135          }
 136  
 137          $template->set_filenames(array(
 138              'body'        => 'ucp_agreement.html')
 139          );
 140  
 141          // Disable online list
 142          page_header($user->lang[$title]);
 143  
 144          $template->assign_vars(array(
 145              'S_AGREEMENT'            => true,
 146              'AGREEMENT_TITLE'        => $user->lang[$title],
 147              'AGREEMENT_TEXT'        => sprintf($user->lang[$message], $config['sitename'], generate_board_url()),
 148              'U_BACK'                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'),
 149              'L_BACK'                => $user->lang['BACK_TO_PREV'],
 150          ));
 151  
 152          page_footer();
 153  
 154      break;
 155  
 156      case 'delete_cookies':
 157  
 158          // Delete Cookies with dynamic names (do NOT delete poll cookies)
 159          if (confirm_box(true))
 160          {
 161              $set_time = time() - 31536000;
 162  
 163              foreach ($request->variable_names(\phpbb\request\request_interface::COOKIE) as $cookie_name)
 164              {
 165                  $cookie_data = $request->variable($cookie_name, '', true, \phpbb\request\request_interface::COOKIE);
 166  
 167                  // Only delete board cookies, no other ones...
 168                  if (strpos($cookie_name, $config['cookie_name'] . '_') !== 0)
 169                  {
 170                      continue;
 171                  }
 172  
 173                  $cookie_name = str_replace($config['cookie_name'] . '_', '', $cookie_name);
 174  
 175                  /**
 176                  * Event to save custom cookies from deletion
 177                  *
 178                  * @event core.ucp_delete_cookies
 179                  * @var    string    cookie_name        Cookie name to checking
 180                  * @var    bool    retain_cookie    Do we retain our cookie or not, true if retain
 181                  * @since 3.1.3-RC1
 182                  */
 183                  $retain_cookie = false;
 184                  $vars = array('cookie_name', 'retain_cookie');
 185                  extract($phpbb_dispatcher->trigger_event('core.ucp_delete_cookies', compact($vars)));
 186                  if ($retain_cookie)
 187                  {
 188                      continue;
 189                  }
 190  
 191                  // Polls are stored as {cookie_name}_poll_{topic_id}, cookie_name_ got removed, therefore checking for poll_
 192                  if (strpos($cookie_name, 'poll_') !== 0)
 193                  {
 194                      $user->set_cookie($cookie_name, '', $set_time);
 195                  }
 196              }
 197  
 198              $user->set_cookie('track', '', $set_time);
 199              $user->set_cookie('u', '', $set_time);
 200              $user->set_cookie('k', '', $set_time);
 201              $user->set_cookie('sid', '', $set_time);
 202  
 203              // We destroy the session here, the user will be logged out nevertheless
 204              $user->session_kill();
 205              $user->session_begin();
 206  
 207              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 208  
 209              $message = $user->lang['COOKIES_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 210              trigger_error($message);
 211          }
 212          else
 213          {
 214              confirm_box(false, 'DELETE_COOKIES', '');
 215          }
 216  
 217          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 218  
 219      break;
 220  
 221      case 'switch_perm':
 222  
 223          $user_id = $request->variable('u', 0);
 224  
 225          $sql = 'SELECT *
 226              FROM ' . USERS_TABLE . '
 227              WHERE user_id = ' . (int) $user_id;
 228          $result = $db->sql_query($sql);
 229          $user_row = $db->sql_fetchrow($result);
 230          $db->sql_freeresult($result);
 231  
 232          if (!$auth->acl_get('a_switchperm') || !$user_row || $user_id == $user->data['user_id'] || !check_link_hash($request->variable('hash', ''), 'switchperm'))
 233          {
 234              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 235          }
 236  
 237          include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
 238  
 239          $auth_admin = new auth_admin();
 240          if (!$auth_admin->ghost_permissions($user_id, $user->data['user_id']))
 241          {
 242              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 243          }
 244  
 245          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_TRANSFER_PERMISSIONS', false, array($user_row['username']));
 246  
 247          $message = sprintf($user->lang['PERMISSIONS_TRANSFERRED'], $user_row['username']) . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 248  
 249          /**
 250          * Event to run code after permissions are switched
 251          *
 252          * @event core.ucp_switch_permissions
 253          * @var    int        user_id        User ID to switch permission to
 254          * @var    array    user_row    User data
 255          * @var    string    message        Success message
 256          * @since 3.1.11-RC1
 257          */
 258          $vars = array('user_id', 'user_row', 'message');
 259          extract($phpbb_dispatcher->trigger_event('core.ucp_switch_permissions', compact($vars)));
 260  
 261          trigger_error($message);
 262  
 263      break;
 264  
 265      case 'restore_perm':
 266  
 267          if (!$user->data['user_perm_from'] || !$auth->acl_get('a_switchperm'))
 268          {
 269              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 270          }
 271  
 272          $auth->acl_cache($user->data);
 273  
 274          $sql = 'SELECT username
 275              FROM ' . USERS_TABLE . '
 276              WHERE user_id = ' . $user->data['user_perm_from'];
 277          $result = $db->sql_query($sql);
 278          $username = $db->sql_fetchfield('username');
 279          $db->sql_freeresult($result);
 280  
 281          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_RESTORE_PERMISSIONS', false, array($username));
 282  
 283          $message = $user->lang['PERMISSIONS_RESTORED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 284  
 285          /**
 286          * Event to run code after permissions are restored
 287          *
 288          * @event core.ucp_restore_permissions
 289          * @var    string    username    User name
 290          * @var    string    message        Success message
 291          * @since 3.1.11-RC1
 292          */
 293          $vars = array('username', 'message');
 294          extract($phpbb_dispatcher->trigger_event('core.ucp_restore_permissions', compact($vars)));
 295  
 296          trigger_error($message);
 297  
 298      break;
 299  
 300      default:
 301          $default = true;
 302      break;
 303  }
 304  
 305  // We use this approach because it does not impose large code changes
 306  if (!$default)
 307  {
 308      return true;
 309  }
 310  
 311  // Only registered users can go beyond this point
 312  if (!$user->data['is_registered'])
 313  {
 314      if ($user->data['is_bot'])
 315      {
 316          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 317      }
 318  
 319      if ($id == 'pm' && $mode == 'view' && isset($_GET['p']))
 320      {
 321          $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx?i=pm&p=" . $request->variable('p', 0));
 322          login_box($redirect_url, $user->lang['LOGIN_EXPLAIN_UCP']);
 323      }
 324  
 325      login_box('', $user->lang['LOGIN_EXPLAIN_UCP']);
 326  }
 327  
 328  // Instantiate module system and generate list of available modules
 329  $module->list_modules('ucp');
 330  
 331  // Check if the zebra module is set
 332  if ($module->is_active('zebra', 'friends'))
 333  {
 334      // Output listing of friends online
 335      $update_time = $config['load_online_time'] * 60;
 336  
 337      $sql_ary = array(
 338          'SELECT'    => 'u.user_id, u.username, u.username_clean, u.user_colour, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline',
 339  
 340          'FROM'        => array(
 341              USERS_TABLE        => 'u',
 342              ZEBRA_TABLE        => 'z',
 343          ),
 344  
 345          'LEFT_JOIN'    => array(
 346              array(
 347                  'FROM'    => array(SESSIONS_TABLE => 's'),
 348                  'ON'    => 's.session_user_id = z.zebra_id',
 349              ),
 350          ),
 351  
 352          'WHERE'        => 'z.user_id = ' . $user->data['user_id'] . '
 353              AND z.friend = 1
 354              AND u.user_id = z.zebra_id',
 355  
 356          'GROUP_BY'    => 'z.zebra_id, u.user_id, u.username_clean, u.user_colour, u.username',
 357  
 358          'ORDER_BY'    => 'u.username_clean ASC',
 359      );
 360  
 361      $sql = $db->sql_build_query('SELECT_DISTINCT', $sql_ary);
 362      $result = $db->sql_query($sql);
 363  
 364      while ($row = $db->sql_fetchrow($result))
 365      {
 366          $which = (time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline'))) ? 'online' : 'offline';
 367  
 368          $template->assign_block_vars("friends_{$which}", array(
 369              'USER_ID'        => $row['user_id'],
 370  
 371              'U_PROFILE'        => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
 372              'USER_COLOUR'    => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
 373              'USERNAME'        => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
 374              'USERNAME_FULL'    => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']))
 375          );
 376      }
 377      $db->sql_freeresult($result);
 378  }
 379  
 380  // Do not display subscribed topics/forums if not allowed
 381  if (!$config['allow_topic_notify'] && !$config['allow_forum_notify'])
 382  {
 383      $module->set_display('main', 'subscribed', false);
 384  }
 385  
 386  /**
 387  * Use this event to enable and disable additional UCP modules
 388  *
 389  * @event core.ucp_display_module_before
 390  * @var    p_master    module    Object holding all modules and their status
 391  * @var    mixed        id        Active module category (can be the int or string)
 392  * @var    string        mode    Active module
 393  * @since 3.1.0-a1
 394  */
 395  $vars = array('module', 'id', 'mode');
 396  extract($phpbb_dispatcher->trigger_event('core.ucp_display_module_before', compact($vars)));
 397  
 398  $template->assign_block_vars('navlinks', array(
 399      'BREADCRUMB_NAME'    => $user->lang('UCP'),
 400      'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}ucp.$phpEx"),
 401  ));
 402  
 403  // Select the active module
 404  $module->set_active($id, $mode);
 405  
 406  // Load and execute the relevant module
 407  $module->load_active();
 408  
 409  // Assign data to the template engine for the list of modules
 410  $module->assign_tpl_vars(append_sid("{$phpbb_root_path}ucp.$phpEx"));
 411  
 412  // Generate the page, do not display/query online list
 413  $module->display($module->get_page_title());


Generated: Tue Apr 7 19:44:41 2020 Cross-referenced by PHPXref 0.7.1