1 <?php |
|
2 /*********************************************************************** |
|
3 |
|
4 Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org) |
|
5 |
|
6 This file is part of PunBB. |
|
7 |
|
8 PunBB is free software; you can redistribute it and/or modify it |
|
9 under the terms of the GNU General Public License as published |
|
10 by the Free Software Foundation; either version 2 of the License, |
|
11 or (at your option) any later version. |
|
12 |
|
13 PunBB is distributed in the hope that it will be useful, but |
|
14 WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 GNU General Public License for more details. |
|
17 |
|
18 You should have received a copy of the GNU General Public License |
|
19 along with this program; if not, write to the Free Software |
|
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, |
|
21 MA 02111-1307 USA |
|
22 |
|
23 ************************************************************************/ |
|
24 |
|
25 |
|
26 if (isset($_GET['action'])) |
|
27 define('PUN_QUIET_VISIT', 1); |
|
28 |
|
29 //define('PUN_ROOT', './'); |
|
30 //require PUN_ROOT.'include/common.php'; |
|
31 |
|
32 global $pun_db, $pun_user, $pun_config, $lang_common; |
|
33 |
|
34 |
|
35 |
|
36 // Load the misc.php language file |
|
37 require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php'; |
|
38 |
|
39 $action = isset($_GET['action']) ? $_GET['action'] : null; |
|
40 |
|
41 |
|
42 if ($action == 'rules') |
|
43 { |
|
44 // Load the register.php language file |
|
45 require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php'; |
|
46 |
|
47 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Forum rules']; |
|
48 require PUN_ROOT.'header.php'; |
|
49 |
|
50 ?> |
|
51 <div class="block"> |
|
52 <h2><span><?php echo $lang_register['Forum rules'] ?></span></h2> |
|
53 <div class="box"> |
|
54 <div class="inbox"> |
|
55 <p><?php echo $pun_config['o_rules_message'] ?></p> |
|
56 </div> |
|
57 </div> |
|
58 </div> |
|
59 <?php |
|
60 |
|
61 require PUN_ROOT.'footer.php'; |
|
62 } |
|
63 |
|
64 |
|
65 else if ($action == 'markread') |
|
66 { |
|
67 if ($pun_user['is_guest']) |
|
68 message($lang_common['No permission']); |
|
69 |
|
70 $pun_db->query('UPDATE '.$pun_db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $pun_db->error()); |
|
71 |
|
72 pun_redirect('index.php', $lang_misc['Mark read redirect']); |
|
73 } |
|
74 |
|
75 |
|
76 else if (isset($_GET['email'])) |
|
77 { |
|
78 if ($pun_user['is_guest']) |
|
79 message($lang_common['No permission']); |
|
80 |
|
81 $recipient_id = intval($_GET['email']); |
|
82 if ($recipient_id < 2) |
|
83 message($lang_common['Bad request']); |
|
84 |
|
85 $result = $pun_db->query('SELECT username, email, email_setting FROM '.$pun_db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $pun_db->error()); |
|
86 if (!$pun_db->num_rows($result)) |
|
87 message($lang_common['Bad request']); |
|
88 |
|
89 list($recipient, $recipient_email, $email_setting) = $pun_db->fetch_row($result); |
|
90 |
|
91 if ($email_setting == 2 && $pun_user['g_id'] < PUN_MOD) |
|
92 message($lang_misc['Form e-mail disabled']); |
|
93 |
|
94 |
|
95 if (isset($_POST['form_sent'])) |
|
96 { |
|
97 // Clean up message and subject from POST |
|
98 $subject = pun_trim($_POST['req_subject']); |
|
99 $message = pun_trim($_POST['req_message']); |
|
100 |
|
101 if ($subject == '') |
|
102 message($lang_misc['No e-mail subject']); |
|
103 else if ($message == '') |
|
104 message($lang_misc['No e-mail message']); |
|
105 else if (strlen($message) > 65535) |
|
106 message($lang_misc['Too long e-mail message']); |
|
107 |
|
108 // Load the "form e-mail" template |
|
109 $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl')); |
|
110 |
|
111 // The first row contains the subject |
|
112 $first_crlf = strpos($mail_tpl, "\n"); |
|
113 $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); |
|
114 $mail_message = trim(substr($mail_tpl, $first_crlf)); |
|
115 |
|
116 $mail_subject = str_replace('<mail_subject>', $subject, $mail_subject); |
|
117 $mail_message = str_replace('<sender>', $pun_user['username'], $mail_message); |
|
118 $mail_message = str_replace('<board_title>', $pun_config['o_board_title'], $mail_message); |
|
119 $mail_message = str_replace('<mail_message>', $message, $mail_message); |
|
120 $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message); |
|
121 |
|
122 require_once PUN_ROOT.'include/email.php'; |
|
123 |
|
124 pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>'); |
|
125 |
|
126 pun_redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']); |
|
127 } |
|
128 |
|
129 |
|
130 // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent) |
|
131 $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php'; |
|
132 |
|
133 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient); |
|
134 $required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']); |
|
135 $focus_element = array('email', 'req_subject'); |
|
136 require PUN_ROOT.'header.php'; |
|
137 |
|
138 ?> |
|
139 <div class="blockform"> |
|
140 <h2><span><?php echo $lang_misc['Send e-mail to'] ?> <?php echo pun_htmlspecialchars($recipient) ?></span></h2> |
|
141 <div class="box"> |
|
142 <form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}"> |
|
143 <div class="inform"> |
|
144 <fieldset> |
|
145 <legend><?php echo $lang_misc['Write e-mail'] ?></legend> |
|
146 <div class="infldset txtarea"> |
|
147 <input type="hidden" name="form_sent" value="1" /> |
|
148 <input type="hidden" name="redirect_url" value="<?php echo $redirect_url ?>" /> |
|
149 <label><strong><?php echo $lang_misc['E-mail subject'] ?></strong><br /> |
|
150 <input class="longinput" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label> |
|
151 <label><strong><?php echo $lang_misc['E-mail message'] ?></strong><br /> |
|
152 <textarea name="req_message" rows="10" cols="75" tabindex="2"></textarea><br /></label> |
|
153 <p><?php echo $lang_misc['E-mail disclosure note'] ?></p> |
|
154 </div> |
|
155 </fieldset> |
|
156 </div> |
|
157 <p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
|
158 </form> |
|
159 </div> |
|
160 </div> |
|
161 <?php |
|
162 |
|
163 require PUN_ROOT.'footer.php'; |
|
164 } |
|
165 |
|
166 |
|
167 else if (isset($_GET['report'])) |
|
168 { |
|
169 if ($pun_user['is_guest']) |
|
170 message($lang_common['No permission']); |
|
171 |
|
172 $post_id = intval($_GET['report']); |
|
173 if ($post_id < 1) |
|
174 message($lang_common['Bad request']); |
|
175 |
|
176 if (isset($_POST['form_sent'])) |
|
177 { |
|
178 // Clean up reason from POST |
|
179 $reason = pun_linebreaks(pun_trim($_POST['req_reason'])); |
|
180 if ($reason == '') |
|
181 message($lang_misc['No reason']); |
|
182 |
|
183 // Get the topic ID |
|
184 $result = $pun_db->query('SELECT topic_id FROM '.$pun_db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $pun_db->error()); |
|
185 if (!$pun_db->num_rows($result)) |
|
186 message($lang_common['Bad request']); |
|
187 |
|
188 $topic_id = $pun_db->result($result); |
|
189 |
|
190 // Get the subject and forum ID |
|
191 $result = $pun_db->query('SELECT subject, forum_id FROM '.$pun_db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $pun_db->error()); |
|
192 if (!$pun_db->num_rows($result)) |
|
193 message($lang_common['Bad request']); |
|
194 |
|
195 list($subject, $forum_id) = $pun_db->fetch_row($result); |
|
196 |
|
197 // Should we use the internal report handling? |
|
198 if ($pun_config['o_report_method'] == 0 || $pun_config['o_report_method'] == 2) |
|
199 $pun_db->query('INSERT INTO '.$pun_db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$pun_db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $pun_db->error()); |
|
200 |
|
201 // Should we e-mail the report? |
|
202 if ($pun_config['o_report_method'] == 1 || $pun_config['o_report_method'] == 2) |
|
203 { |
|
204 // We send it to the complete mailing-list in one swoop |
|
205 if ($pun_config['o_mailing_list'] != '') |
|
206 { |
|
207 $mail_subject = 'Report('.$forum_id.') - \''.$subject.'\''; |
|
208 $mail_message = 'User \''.$pun_user['username'].'\' has reported the following message:'."\n".$pun_config['o_base_url'].'/viewtopic.php?pid='.$post_id.'#p'.$post_id."\n\n".'Reason:'."\n".$reason; |
|
209 |
|
210 require PUN_ROOT.'include/email.php'; |
|
211 |
|
212 pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); |
|
213 } |
|
214 } |
|
215 |
|
216 pun_redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']); |
|
217 } |
|
218 |
|
219 |
|
220 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Report post']; |
|
221 $required_fields = array('req_reason' => $lang_misc['Reason']); |
|
222 $focus_element = array('report', 'req_reason'); |
|
223 require PUN_ROOT.'header.php'; |
|
224 |
|
225 ?> |
|
226 <div class="blockform"> |
|
227 <h2><span><?php echo $lang_misc['Report post'] ?></span></h2> |
|
228 <div class="box"> |
|
229 <form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}"> |
|
230 <div class="inform"> |
|
231 <fieldset> |
|
232 <legend><?php echo $lang_misc['Reason desc'] ?></legend> |
|
233 <div class="infldset txtarea"> |
|
234 <input type="hidden" name="form_sent" value="1" /> |
|
235 <label><strong><?php echo $lang_misc['Reason'] ?></strong><br /><textarea name="req_reason" rows="5" cols="60"></textarea><br /></label> |
|
236 </div> |
|
237 </fieldset> |
|
238 </div> |
|
239 <p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
|
240 </form> |
|
241 </div> |
|
242 </div> |
|
243 <?php |
|
244 |
|
245 require PUN_ROOT.'footer.php'; |
|
246 } |
|
247 |
|
248 |
|
249 else if (isset($_GET['subscribe'])) |
|
250 { |
|
251 if ($pun_user['is_guest'] || $pun_config['o_subscriptions'] != '1') |
|
252 message($lang_common['No permission']); |
|
253 |
|
254 $topic_id = intval($_GET['subscribe']); |
|
255 if ($topic_id < 1) |
|
256 message($lang_common['Bad request']); |
|
257 |
|
258 $result = $pun_db->query('SELECT 1 FROM '.$pun_db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $pun_db->error()); |
|
259 if ($pun_db->num_rows($result)) |
|
260 message($lang_misc['Already subscribed']); |
|
261 |
|
262 $pun_db->query('INSERT INTO '.$pun_db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $pun_db->error()); |
|
263 |
|
264 pun_redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']); |
|
265 } |
|
266 |
|
267 |
|
268 else if (isset($_GET['unsubscribe'])) |
|
269 { |
|
270 if ($pun_user['is_guest'] || $pun_config['o_subscriptions'] != '1') |
|
271 message($lang_common['No permission']); |
|
272 |
|
273 $topic_id = intval($_GET['unsubscribe']); |
|
274 if ($topic_id < 1) |
|
275 message($lang_common['Bad request']); |
|
276 |
|
277 $result = $pun_db->query('SELECT 1 FROM '.$pun_db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $pun_db->error()); |
|
278 if (!$pun_db->num_rows($result)) |
|
279 message($lang_misc['Not subscribed']); |
|
280 |
|
281 $pun_db->query('DELETE FROM '.$pun_db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $pun_db->error()); |
|
282 |
|
283 pun_redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']); |
|
284 } |
|
285 |
|
286 |
|
287 else |
|
288 message($lang_common['Bad request']); |
|