[ Index ]

PHP Cross Reference of phpBB-3.3.14-deutsch

title

Body

[close]

/ -> ucp.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  require($phpbb_root_path . 'common.' . $phpEx);
  21  require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
  22  require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
  23  
  24  // Basic parameter data
  25  $id     = $request->variable('i', '');
  26  $mode    = $request->variable('mode', '');
  27  
  28  if (in_array($mode, array('login', 'login_link', 'logout', 'confirm', 'sendpassword', 'activate')))
  29  {
  30      define('IN_LOGIN', true);
  31  }
  32  
  33  if ($mode === 'delete_cookies')
  34  {
  35      define('SKIP_CHECK_BAN', true);
  36      define('SKIP_CHECK_DISABLED', true);
  37  }
  38  
  39  // Start session management
  40  $user->session_begin();
  41  $auth->acl($user->data);
  42  $user->setup('ucp');
  43  
  44  // Setting a variable to let the style designer know where he is...
  45  $template->assign_var('S_IN_UCP', true);
  46  
  47  $module = new p_master();
  48  $default = false;
  49  
  50  // Basic "global" modes
  51  switch ($mode)
  52  {
  53      case 'activate':
  54          $module->load('ucp', 'activate');
  55          $module->display($user->lang['UCP_ACTIVATE']);
  56  
  57          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  58      break;
  59  
  60      case 'resend_act':
  61          $module->load('ucp', 'resend');
  62          $module->display($user->lang['UCP_RESEND']);
  63      break;
  64  
  65      case 'sendpassword':
  66          /** @var \phpbb\controller\helper $controller_helper */
  67          $controller_helper = $phpbb_container->get('controller.helper');
  68  
  69          redirect($controller_helper->route('phpbb_ucp_forgot_password_controller'));
  70      break;
  71  
  72      case 'register':
  73          if ($user->data['is_registered'] || isset($_REQUEST['not_agreed']))
  74          {
  75              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  76          }
  77  
  78          $module->load('ucp', 'register');
  79          $module->display($user->lang['REGISTER']);
  80      break;
  81  
  82      case 'confirm':
  83          $module->load('ucp', 'confirm');
  84      break;
  85  
  86      case 'login':
  87          if ($user->data['is_registered'])
  88          {
  89              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  90          }
  91  
  92          login_box($request->variable('redirect', "index.$phpEx"));
  93      break;
  94  
  95      case 'login_link':
  96          if ($user->data['is_registered'])
  97          {
  98              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
  99          }
 100  
 101          $module->load('ucp', 'login_link');
 102          $module->display($user->lang['UCP_LOGIN_LINK']);
 103      break;
 104  
 105      case 'logout':
 106          if ($user->data['user_id'] != ANONYMOUS && $request->is_set('sid') && $request->variable('sid', '') === $user->session_id)
 107          {
 108              $user->session_kill();
 109          }
 110          else if ($user->data['user_id'] != ANONYMOUS)
 111          {
 112              meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
 113  
 114              $message = $user->lang['LOGOUT_FAILED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a> ');
 115              trigger_error($message);
 116          }
 117  
 118          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 119      break;
 120  
 121      case 'terms':
 122      case 'privacy':
 123  
 124          $message = ($mode == 'terms') ? 'TERMS_OF_USE_CONTENT' : 'PRIVACY_POLICY';
 125          $title = ($mode == 'terms') ? 'TERMS_USE' : 'PRIVACY';
 126  
 127          if (empty($user->lang[$message]))
 128          {
 129              if ($user->data['is_registered'])
 130              {
 131                  redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 132              }
 133  
 134              login_box();
 135          }
 136  
 137          $template->set_filenames(array(
 138              'body'        => 'ucp_agreement.html')
 139          );
 140  
 141          // Disable online list
 142          page_header($user->lang[$title]);
 143  
 144          $template->assign_vars(array(
 145              'S_AGREEMENT'            => true,
 146              'AGREEMENT_TITLE'        => $user->lang[$title],
 147              'AGREEMENT_TEXT'        => sprintf($user->lang[$message], $config['sitename'], generate_board_url()),
 148              'U_BACK'                => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'),
 149              'L_BACK'                => $user->lang['BACK_TO_PREV'],
 150          ));
 151  
 152          page_footer();
 153  
 154      break;
 155  
 156      case 'delete_cookies':
 157          /** @var \phpbb\controller\helper $controller_helper */
 158          $controller_helper = $phpbb_container->get('controller.helper');
 159  
 160          // Redirect to controller
 161          redirect($controller_helper->route('phpbb_ucp_delete_cookies_controller'));
 162      break;
 163  
 164      case 'switch_perm':
 165  
 166          $user_id = $request->variable('u', 0);
 167  
 168          $sql = 'SELECT *
 169              FROM ' . USERS_TABLE . '
 170              WHERE user_id = ' . (int) $user_id;
 171          $result = $db->sql_query($sql);
 172          $user_row = $db->sql_fetchrow($result);
 173          $db->sql_freeresult($result);
 174  
 175          if (!$auth->acl_get('a_switchperm') || !$user_row || $user_id == $user->data['user_id'] || !check_link_hash($request->variable('hash', ''), 'switchperm'))
 176          {
 177              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 178          }
 179  
 180          include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
 181  
 182          $auth_admin = new auth_admin();
 183          if (!$auth_admin->ghost_permissions($user_id, $user->data['user_id']))
 184          {
 185              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 186          }
 187  
 188          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_TRANSFER_PERMISSIONS', false, array($user_row['username']));
 189  
 190          $message = sprintf($user->lang['PERMISSIONS_TRANSFERRED'], $user_row['username']) . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 191  
 192          /**
 193          * Event to run code after permissions are switched
 194          *
 195          * @event core.ucp_switch_permissions
 196          * @var    int        user_id        User ID to switch permission to
 197          * @var    array    user_row    User data
 198          * @var    string    message        Success message
 199          * @since 3.1.11-RC1
 200          */
 201          $vars = array('user_id', 'user_row', 'message');
 202          extract($phpbb_dispatcher->trigger_event('core.ucp_switch_permissions', compact($vars)));
 203  
 204          trigger_error($message);
 205  
 206      break;
 207  
 208      case 'restore_perm':
 209  
 210          if (!$user->data['user_perm_from'] || !$auth->acl_get('a_switchperm'))
 211          {
 212              redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 213          }
 214  
 215          $auth->acl_cache($user->data);
 216  
 217          $sql = 'SELECT username
 218              FROM ' . USERS_TABLE . '
 219              WHERE user_id = ' . $user->data['user_perm_from'];
 220          $result = $db->sql_query($sql);
 221          $username = $db->sql_fetchfield('username');
 222          $db->sql_freeresult($result);
 223  
 224          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ACL_RESTORE_PERMISSIONS', false, array($username));
 225  
 226          $message = $user->lang['PERMISSIONS_RESTORED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
 227  
 228          /**
 229          * Event to run code after permissions are restored
 230          *
 231          * @event core.ucp_restore_permissions
 232          * @var    string    username    User name
 233          * @var    string    message        Success message
 234          * @since 3.1.11-RC1
 235          */
 236          $vars = array('username', 'message');
 237          extract($phpbb_dispatcher->trigger_event('core.ucp_restore_permissions', compact($vars)));
 238  
 239          trigger_error($message);
 240  
 241      break;
 242  
 243      default:
 244          $default = true;
 245      break;
 246  }
 247  
 248  // We use this approach because it does not impose large code changes
 249  if (!$default)
 250  {
 251      return true;
 252  }
 253  
 254  // Only registered users can go beyond this point
 255  if (!$user->data['is_registered'])
 256  {
 257      if ($user->data['is_bot'])
 258      {
 259          redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 260      }
 261  
 262      if ($id == 'pm' && $mode == 'view' && isset($_GET['p']))
 263      {
 264          $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx?i=pm&p=" . $request->variable('p', 0));
 265          login_box($redirect_url, $user->lang['LOGIN_EXPLAIN_UCP']);
 266      }
 267  
 268      login_box('', $user->lang['LOGIN_EXPLAIN_UCP']);
 269  }
 270  
 271  // Instantiate module system and generate list of available modules
 272  $module->list_modules('ucp');
 273  
 274  // Check if the zebra module is set
 275  if ($module->is_active('zebra', 'friends'))
 276  {
 277      // Output listing of friends online
 278      $update_time = $config['load_online_time'] * 60;
 279  
 280      $sql_ary = array(
 281          'SELECT'    => 'u.user_id, u.username, u.username_clean, u.user_colour, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline',
 282  
 283          'FROM'        => array(
 284              USERS_TABLE        => 'u',
 285              ZEBRA_TABLE        => 'z',
 286          ),
 287  
 288          'LEFT_JOIN'    => array(
 289              array(
 290                  'FROM'    => array(SESSIONS_TABLE => 's'),
 291                  'ON'    => 's.session_user_id = z.zebra_id',
 292              ),
 293          ),
 294  
 295          'WHERE'        => 'z.user_id = ' . $user->data['user_id'] . '
 296              AND z.friend = 1
 297              AND u.user_id = z.zebra_id',
 298  
 299          'GROUP_BY'    => 'z.zebra_id, u.user_id, u.username_clean, u.user_colour, u.username',
 300  
 301          'ORDER_BY'    => 'u.username_clean ASC',
 302      );
 303  
 304      /**
 305      * Event to modify the SQL query before listing of friends
 306      *
 307      * @event core.ucp_modify_friends_sql
 308      * @var    array    sql_ary        SQL query array for listing of friends
 309      *
 310      * @since 3.2.10-RC1
 311      * @since 3.3.1-RC1
 312      */
 313      $vars = [
 314          'sql_ary',
 315      ];
 316      extract($phpbb_dispatcher->trigger_event('core.ucp_modify_friends_sql', compact($vars)));
 317  
 318      $sql = $db->sql_build_query('SELECT_DISTINCT', $sql_ary);
 319      $result = $db->sql_query($sql);
 320  
 321      while ($row = $db->sql_fetchrow($result))
 322      {
 323          $which = (time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline'))) ? 'online' : 'offline';
 324  
 325          $tpl_ary = [
 326              'USER_ID'        => $row['user_id'],
 327              'U_PROFILE'        => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
 328              'USER_COLOUR'    => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
 329              'USERNAME'        => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
 330              'USERNAME_FULL'    => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'])
 331          ];
 332  
 333          /**
 334          * Event to modify the template before listing of friends
 335          *
 336          * @event core.ucp_modify_friends_template_vars
 337          * @var    array    row            friend user row
 338          * @var    array    tpl_ary        friend template array
 339          * @var    string    which        friend is 'online' or 'offline'
 340          *
 341          * @since 3.2.10-RC1
 342          * @since 3.3.1-RC1
 343          */
 344          $vars = [
 345              'row',
 346              'tpl_ary',
 347              'which',
 348          ];
 349          extract($phpbb_dispatcher->trigger_event('core.ucp_modify_friends_template_vars', compact($vars)));
 350  
 351          $template->assign_block_vars("friends_{$which}", $tpl_ary);
 352      }
 353      $db->sql_freeresult($result);
 354  }
 355  
 356  // Do not display subscribed topics/forums if not allowed
 357  if (!$config['allow_topic_notify'] && !$config['allow_forum_notify'])
 358  {
 359      $module->set_display('main', 'subscribed', false);
 360  }
 361  
 362  /**
 363  * Use this event to enable and disable additional UCP modules
 364  *
 365  * @event core.ucp_display_module_before
 366  * @var    p_master    module    Object holding all modules and their status
 367  * @var    mixed        id        Active module category (can be the int or string)
 368  * @var    string        mode    Active module
 369  * @since 3.1.0-a1
 370  */
 371  $vars = array('module', 'id', 'mode');
 372  extract($phpbb_dispatcher->trigger_event('core.ucp_display_module_before', compact($vars)));
 373  
 374  $template->assign_block_vars('navlinks', array(
 375      'BREADCRUMB_NAME'    => $user->lang('UCP'),
 376      'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}ucp.$phpEx"),
 377  ));
 378  
 379  // Select the active module
 380  $module->set_active($id, $mode);
 381  
 382  // Load and execute the relevant module
 383  $module->load_active();
 384  
 385  // Assign data to the template engine for the list of modules
 386  $module->assign_tpl_vars(append_sid("{$phpbb_root_path}ucp.$phpEx"));
 387  
 388  // Generate the page, do not display/query online list
 389  $module->display($module->get_page_title());


Generated: Mon Nov 25 19:05:08 2024 Cross-referenced by PHPXref 0.7.1