Blame Identity/Webenv/App/phpBB/3.0.4/ucp.php

f2e824
f2e824
/**
f2e824
*
f2e824
* @package ucp
f2e824
* @version $Id: ucp.php 8915 2008-09-23 13:30:52Z acydburn $
f2e824
* @copyright (c) 2005 phpBB Group
f2e824
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
f2e824
*
f2e824
*/
f2e824
f2e824
/**
f2e824
* @ignore
f2e824
*/
f2e824
define('IN_PHPBB', true);
f2e824
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
f2e824
$phpEx = substr(strrchr(__FILE__, '.'), 1);
f2e824
require($phpbb_root_path . 'common.' . $phpEx);
f2e824
require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
f2e824
require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
f2e824
f2e824
// Basic parameter data
f2e824
$id 	= request_var('i', '');
f2e824
$mode	= request_var('mode', '');
f2e824
f2e824
if ($mode == 'login' || $mode == 'logout' || $mode == 'confirm')
f2e824
{
f2e824
	define('IN_LOGIN', true);
f2e824
}
f2e824
f2e824
// Start session management
f2e824
$user->session_begin();
f2e824
$auth->acl($user->data);
f2e824
$user->setup('ucp');
f2e824
f2e824
// Setting a variable to let the style designer know where he is...
f2e824
$template->assign_var('S_IN_UCP', true);
f2e824
f2e824
$module = new p_master();
f2e824
$default = false;
f2e824
f2e824
// Basic "global" modes
f2e824
switch ($mode)
f2e824
{
f2e824
	case 'activate':
f2e824
		$module->load('ucp', 'activate');
f2e824
		$module->display($user->lang['UCP_ACTIVATE']);
f2e824
f2e824
		redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
	break;
f2e824
f2e824
	case 'resend_act':
f2e824
		$module->load('ucp', 'resend');
f2e824
		$module->display($user->lang['UCP_RESEND']);
f2e824
	break;
f2e824
f2e824
	case 'sendpassword':
f2e824
		$module->load('ucp', 'remind');
f2e824
		$module->display($user->lang['UCP_REMIND']);
f2e824
	break;
f2e824
f2e824
	case 'register':
f2e824
		if ($user->data['is_registered'] || isset($_REQUEST['not_agreed']))
f2e824
		{
f2e824
			redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
		}
f2e824
f2e824
		$module->load('ucp', 'register');
f2e824
		$module->display($user->lang['REGISTER']);
f2e824
	break;
f2e824
f2e824
	case 'confirm':
f2e824
		$module->load('ucp', 'confirm');
f2e824
	break;
f2e824
f2e824
	case 'login':
f2e824
		if ($user->data['is_registered'])
f2e824
		{
f2e824
			redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
		}
f2e824
f2e824
		login_box(request_var('redirect', "index.$phpEx"));
f2e824
	break;
f2e824
f2e824
	case 'logout':
f2e824
		if ($user->data['user_id'] != ANONYMOUS && isset($_GET['sid']) && !is_array($_GET['sid']) && $_GET['sid'] === $user->session_id)
f2e824
		{
f2e824
			$user->session_kill();
f2e824
			$user->session_begin();
f2e824
			$message = $user->lang['LOGOUT_REDIRECT'];
f2e824
		}
f2e824
		else
f2e824
		{
f2e824
			$message = ($user->data['user_id'] == ANONYMOUS) ? $user->lang['LOGOUT_REDIRECT'] : $user->lang['LOGOUT_FAILED'];
f2e824
		}
f2e824
		meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
f2e824
		$message = $message . '

' . sprintf($user->lang['RETURN_INDEX'], '', ' ');
f2e824
		trigger_error($message);
f2e824
f2e824
	break;
f2e824
f2e824
	case 'terms':
f2e824
	case 'privacy':
f2e824
f2e824
		$message = ($mode == 'terms') ? 'TERMS_OF_USE_CONTENT' : 'PRIVACY_POLICY';
f2e824
		$title = ($mode == 'terms') ? 'TERMS_USE' : 'PRIVACY';
f2e824
f2e824
		if (empty($user->lang[$message]))
f2e824
		{
f2e824
			if ($user->data['is_registered'])
f2e824
			{
f2e824
				redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
			}
f2e824
f2e824
			login_box();
f2e824
		}
f2e824
f2e824
		$template->set_filenames(array(
f2e824
			'body'		=> 'ucp_agreement.html')
f2e824
		);
f2e824
f2e824
		// Disable online list
f2e824
		page_header($user->lang[$title], false);
f2e824
f2e824
		$template->assign_vars(array(
f2e824
			'S_AGREEMENT'			=> true,
f2e824
			'AGREEMENT_TITLE'		=> $user->lang[$title],
f2e824
			'AGREEMENT_TEXT'		=> sprintf($user->lang[$message], $config['sitename'], generate_board_url()),
f2e824
			'U_BACK'				=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'),
f2e824
			'L_BACK'				=> $user->lang['BACK_TO_LOGIN'])
f2e824
		);
f2e824
f2e824
		page_footer();
f2e824
f2e824
	break;
f2e824
f2e824
	case 'delete_cookies':
f2e824
f2e824
		// Delete Cookies with dynamic names (do NOT delete poll cookies)
f2e824
		if (confirm_box(true))
f2e824
		{
f2e824
			$set_time = time() - 31536000;
f2e824
f2e824
			foreach ($_COOKIE as $cookie_name => $cookie_data)
f2e824
			{
f2e824
				$cookie_name = str_replace($config['cookie_name'] . '_', '', $cookie_name);
f2e824
f2e824
				// Polls are stored as {cookie_name}_poll_{topic_id}, cookie_name_ got removed, therefore checking for poll_
f2e824
				if (strpos($cookie_name, 'poll_') !== 0)
f2e824
				{
f2e824
					$user->set_cookie($cookie_name, '', $set_time);
f2e824
				}
f2e824
			}
f2e824
f2e824
			$user->set_cookie('track', '', $set_time);
f2e824
			$user->set_cookie('u', '', $set_time);
f2e824
			$user->set_cookie('k', '', $set_time);
f2e824
			$user->set_cookie('sid', '', $set_time);
f2e824
f2e824
			// We destroy the session here, the user will be logged out nevertheless
f2e824
			$user->session_kill();
f2e824
			$user->session_begin();
f2e824
f2e824
			meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
f2e824
			$message = $user->lang['COOKIES_DELETED'] . '

' . sprintf($user->lang['RETURN_INDEX'], '', '');
f2e824
			trigger_error($message);
f2e824
		}
f2e824
		else
f2e824
		{
f2e824
			confirm_box(false, 'DELETE_COOKIES', '');
f2e824
		}
f2e824
f2e824
		redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
f2e824
	break;
f2e824
f2e824
	case 'switch_perm':
f2e824
f2e824
		$user_id = request_var('u', 0);
f2e824
f2e824
		$sql = 'SELECT *
f2e824
			FROM ' . USERS_TABLE . '
f2e824
			WHERE user_id = ' . (int) $user_id;
f2e824
		$result = $db->sql_query($sql);
f2e824
		$user_row = $db->sql_fetchrow($result);
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		if (!$auth->acl_get('a_switchperm') || !$user_row || $user_id == $user->data['user_id'])
f2e824
		{
f2e824
			redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
		}
f2e824
f2e824
		include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
f2e824
f2e824
		$auth_admin = new auth_admin();
f2e824
		if (!$auth_admin->ghost_permissions($user_id, $user->data['user_id']))
f2e824
		{
f2e824
			redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
		}
f2e824
f2e824
		add_log('admin', 'LOG_ACL_TRANSFER_PERMISSIONS', $user_row['username']);
f2e824
f2e824
		$message = sprintf($user->lang['PERMISSIONS_TRANSFERRED'], $user_row['username']) . '

' . sprintf($user->lang['RETURN_INDEX'], '', '');
f2e824
		trigger_error($message);
f2e824
f2e824
	break;
f2e824
f2e824
	case 'restore_perm':
f2e824
f2e824
		if (!$user->data['user_perm_from'] || !$auth->acl_get('a_switchperm'))
f2e824
		{
f2e824
			redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
		}
f2e824
f2e824
		$auth->acl_cache($user->data);
f2e824
f2e824
		$sql = 'UPDATE ' . USERS_TABLE . "
f2e824
			SET user_perm_from = 0
f2e824
			WHERE user_id = " . $user->data['user_id'];
f2e824
		$db->sql_query($sql);
f2e824
f2e824
		$sql = 'SELECT username
f2e824
			FROM ' . USERS_TABLE . '
f2e824
			WHERE user_id = ' . $user->data['user_perm_from'];
f2e824
		$result = $db->sql_query($sql);
f2e824
		$username = $db->sql_fetchfield('username');
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		add_log('admin', 'LOG_ACL_RESTORE_PERMISSIONS', $username);
f2e824
f2e824
		$message = $user->lang['PERMISSIONS_RESTORED'] . '

' . sprintf($user->lang['RETURN_INDEX'], '', '');
f2e824
		trigger_error($message);
f2e824
f2e824
	break;
f2e824
f2e824
	default:
f2e824
		$default = true;
f2e824
	break;
f2e824
}
f2e824
f2e824
// We use this approach because it does not impose large code changes
f2e824
if (!$default)
f2e824
{
f2e824
	return true;
f2e824
}
f2e824
f2e824
// Only registered users can go beyond this point
f2e824
if (!$user->data['is_registered'])
f2e824
{
f2e824
	if ($user->data['is_bot'])
f2e824
	{
f2e824
		redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
	}
f2e824
f2e824
	login_box('', $user->lang['LOGIN_EXPLAIN_UCP']);
f2e824
}
f2e824
f2e824
// Instantiate module system and generate list of available modules
f2e824
$module->list_modules('ucp');
f2e824
f2e824
// Check if the zebra module is set
f2e824
if ($module->is_active('zebra', 'friends'))
f2e824
{
f2e824
	// Output listing of friends online
f2e824
	$update_time = $config['load_online_time'] * 60;
f2e824
f2e824
	$sql = $db->sql_build_query('SELECT_DISTINCT', array(
f2e824
		'SELECT'	=> 'u.user_id, u.username, u.username_clean, u.user_colour, MAX(s.session_time) as online_time, MIN(s.session_viewonline) AS viewonline',
f2e824
f2e824
		'FROM'		=> array(
f2e824
			USERS_TABLE		=> 'u',
f2e824
			ZEBRA_TABLE		=> 'z'
f2e824
		),
f2e824
f2e824
		'LEFT_JOIN'	=> array(
f2e824
			array(
f2e824
				'FROM'	=> array(SESSIONS_TABLE => 's'),
f2e824
				'ON'	=> 's.session_user_id = z.zebra_id'
f2e824
			)
f2e824
		),
f2e824
f2e824
		'WHERE'		=> 'z.user_id = ' . $user->data['user_id'] . '
f2e824
			AND z.friend = 1
f2e824
			AND u.user_id = z.zebra_id',
f2e824
f2e824
		'GROUP_BY'	=> 'z.zebra_id, u.user_id, u.username_clean, u.user_colour, u.username',
f2e824
f2e824
		'ORDER_BY'	=> 'u.username_clean ASC',
f2e824
	));
f2e824
f2e824
	$result = $db->sql_query($sql);
f2e824
f2e824
	while ($row = $db->sql_fetchrow($result))
f2e824
	{
f2e824
		$which = (time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline'))) ? 'online' : 'offline';
f2e824
f2e824
		$template->assign_block_vars("friends_{$which}", array(
f2e824
			'USER_ID'		=> $row['user_id'],
f2e824
f2e824
			'U_PROFILE'		=> get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
f2e824
			'USER_COLOUR'	=> get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
f2e824
			'USERNAME'		=> get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
f2e824
			'USERNAME_FULL'	=> get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']))
f2e824
		);
f2e824
	}
f2e824
	$db->sql_freeresult($result);
f2e824
}
f2e824
f2e824
// Do not display subscribed topics/forums if not allowed
f2e824
if (!$config['allow_topic_notify'] && !$config['allow_forum_notify'])
f2e824
{
f2e824
	$module->set_display('main', 'subscribed', false);
f2e824
}
f2e824
f2e824
// Select the active module
f2e824
$module->set_active($id, $mode);
f2e824
f2e824
// Load and execute the relevant module
f2e824
$module->load_active();
f2e824
f2e824
// Assign data to the template engine for the list of modules
f2e824
$module->assign_tpl_vars(append_sid("{$phpbb_root_path}ucp.$phpEx"));
f2e824
f2e824
// Generate the page, do not display/query online list
f2e824
$module->display($module->get_page_title(), false);
f2e824
f2e824
/**
f2e824
* Function for assigning a template var if the zebra module got included
f2e824
*/
f2e824
function _module_zebra($mode, &$module_row)
f2e824
{
f2e824
	global $template;
f2e824
f2e824
	$template->assign_var('S_ZEBRA_ENABLED', true);
f2e824
f2e824
	if ($mode == 'friends')
f2e824
	{
f2e824
		$template->assign_var('S_ZEBRA_FRIENDS_ENABLED', true);
f2e824
	}
f2e824
f2e824
	if ($mode == 'foes')
f2e824
	{
f2e824
		$template->assign_var('S_ZEBRA_FOES_ENABLED', true);
f2e824
	}
f2e824
}
f2e824
f2e824
?>