Vergleich admin/inc/functions.php - 1.8.2 - 1.8.30

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 33Zeile 33
		"dateline" => TIME_NOW,
"module" => $db->escape_string($mybb->get_input('module')),
"action" => $db->escape_string($mybb->get_input('action')),

		"dateline" => TIME_NOW,
"module" => $db->escape_string($mybb->get_input('module')),
"action" => $db->escape_string($mybb->get_input('action')),

		"data" => $db->escape_string(@serialize($data))

		"data" => $db->escape_string(@my_serialize($data))

	);

$db->insert_query("adminlog", $log_entry);

	);

$db->insert_query("adminlog", $log_entry);

Zeile 42Zeile 42
/**
* Redirects the current user to a specified URL.
*

/**
* Redirects the current user to a specified URL.
*

 * @param string The URL to redirect to

 * @param string $url The URL to redirect to

 */
function admin_redirect($url)
{

 */
function admin_redirect($url)
{

Zeile 61Zeile 61
/**
* Updates an administration session data array.
*

/**
* Updates an administration session data array.
*

 * @param string The name of the item in the data session to update
* @param mixed The value

 * @param string $name The name of the item in the data session to update
* @param mixed $value The value

 */
function update_admin_session($name, $value)
{

 */
function update_admin_session($name, $value)
{

Zeile 70Zeile 70

$admin_session['data'][$name] = $value;
$updated_session = array(


$admin_session['data'][$name] = $value;
$updated_session = array(

		"data" => $db->escape_string(@serialize($admin_session['data']))

		"data" => $db->escape_string(@my_serialize($admin_session['data']))

	);
$db->update_query("adminsessions", $updated_session, "sid='{$admin_session['sid']}'");
}

	);
$db->update_query("adminsessions", $updated_session, "sid='{$admin_session['sid']}'");
}

Zeile 78Zeile 78
/**
* Saves a "flash message" for the current user to be shown on their next page visit.
*

/**
* Saves a "flash message" for the current user to be shown on their next page visit.
*

 * @param string The message to show
* @param string The type of message to be shown (success|error)

 * @param string $message The message to show
* @param string $type The type of message to be shown (success|error)

 */
function flash_message($message, $type='')
{

 */
function flash_message($message, $type='')
{

Zeile 90Zeile 90
/**
* Draw pagination for pages in the Admin CP.
*

/**
* Draw pagination for pages in the Admin CP.
*

 * @param int The current page we're on
* @param int The number of items per page
* @param int The total number of items in this collection
* @param string The URL for pagination of this collection

 * @param int $page The current page we're on
* @param int $per_page The number of items per page
* @param int $total_items The total number of items in this collection
* @param string $url The URL for pagination of this collection

 * @return string The built pagination
*/
function draw_admin_pagination($page, $per_page, $total_items, $url)

 * @return string The built pagination
*/
function draw_admin_pagination($page, $per_page, $total_items, $url)

Zeile 102Zeile 102

if($total_items <= $per_page)
{


if($total_items <= $per_page)
{

		return;

		return '';

	}

$pages = ceil($total_items / $per_page);

	}

$pages = ceil($total_items / $per_page);

Zeile 120Zeile 120
	if(!$mybb->settings['maxmultipagelinks'])
{
$mybb->settings['maxmultipagelinks'] = 5;

	if(!$mybb->settings['maxmultipagelinks'])
{
$mybb->settings['maxmultipagelinks'] = 5;

	}

$max_links = $mybb->settings['maxmultipagelinks'];


	}

$max_links = $mybb->settings['maxmultipagelinks'];


	$from = $page-floor($mybb->settings['maxmultipagelinks']/2);
$to = $page+floor($mybb->settings['maxmultipagelinks']/2);


	$from = $page-floor($mybb->settings['maxmultipagelinks']/2);
$to = $page+floor($mybb->settings['maxmultipagelinks']/2);


Zeile 185Zeile 185

/**
* Builds a CSV parent list for a particular forum.


/**
* Builds a CSV parent list for a particular forum.

 *
* @param int The forum ID
* @param string Optional separator - defaults to comma for CSV list

 *
* @param int $fid The forum ID
* @param string $navsep Optional separator - defaults to comma for CSV list

 * @return string The built parent list
*/
function make_parent_list($fid, $navsep=",")

 * @return string The built parent list
*/
function make_parent_list($fid, $navsep=",")

Zeile 198Zeile 198
	{
$query = $db->simple_select("forums", "name, fid, pid", "", array("order_by" => "disporder, pid"));
while($forum = $db->fetch_array($query))

	{
$query = $db->simple_select("forums", "name, fid, pid", "", array("order_by" => "disporder, pid"));
while($forum = $db->fetch_array($query))

		{

		{

			$pforumcache[$forum['fid']][$forum['pid']] = $forum;
}
}

			$pforumcache[$forum['fid']][$forum['pid']] = $forum;
}
}





	reset($pforumcache);
reset($pforumcache[$fid]);

	reset($pforumcache);
reset($pforumcache[$fid]);

 

$navigation = '';


foreach($pforumcache[$fid] as $key => $forum)
{
if($fid == $forum['fid'])
{


foreach($pforumcache[$fid] as $key => $forum)
{
if($fid == $forum['fid'])
{

			if($pforumcache[$forum['pid']])

			if(!empty($pforumcache[$forum['pid']]))

			{
$navigation = make_parent_list($forum['pid'], $navsep).$navigation;
}

			{
$navigation = make_parent_list($forum['pid'], $navsep).$navigation;
}

Zeile 220Zeile 222
				$navigation .= $navsep;
}
$navigation .= $forum['fid'];

				$navigation .= $navsep;
}
$navigation .= $forum['fid'];

		}

		}

	}
return $navigation;
}

	}
return $navigation;
}







/**
* @param int $fid
*/

function save_quick_perms($fid)
{
global $db, $inherit, $canview, $canpostthreads, $canpostreplies, $canpostpolls, $canpostattachments, $cache;

$permission_fields = array();

function save_quick_perms($fid)
{
global $db, $inherit, $canview, $canpostthreads, $canpostreplies, $canpostpolls, $canpostattachments, $cache;

$permission_fields = array();





	$field_list = $db->show_fields_from("forumpermissions");
foreach($field_list as $field)
{

	$field_list = $db->show_fields_from("forumpermissions");
foreach($field_list as $field)
{

		if(strpos($field['Field'], 'can') !== false)

		if(strpos($field['Field'], 'can') !== false || strpos($field['Field'], 'mod') !== false)

		{
$permission_fields[$field['Field']] = 1;
}

		{
$permission_fields[$field['Field']] = 1;
}

Zeile 252Zeile 257
		$existing_permissions = $db->fetch_array($query2);

if(!$existing_permissions)

		$existing_permissions = $db->fetch_array($query2);

if(!$existing_permissions)

		{

		{

			$query2 = $db->simple_select("usergroups", $db->escape_string(implode(',', array_keys($usergroup_permission_fields))), "gid='{$usergroup['gid']}'", array('limit' => 1));
$existing_permissions = $db->fetch_array($query2);
}

			$query2 = $db->simple_select("usergroups", $db->escape_string(implode(',', array_keys($usergroup_permission_fields))), "gid='{$usergroup['gid']}'", array('limit' => 1));
$existing_permissions = $db->fetch_array($query2);
}

Zeile 273Zeile 278
			}

if($canpostthreads[$usergroup['gid']] == 1)

			}

if($canpostthreads[$usergroup['gid']] == 1)

			{

			{

				$pthreads = 1;
}
else

				$pthreads = 1;
}
else

Zeile 336Zeile 341
/**
* Checks if a particular user has the necessary permissions to access a particular page.
*

/**
* Checks if a particular user has the necessary permissions to access a particular page.
*

 * @param array Array containing module and action to check for



 * @param array $action Array containing module and action to check for
* @param bool $error
* @return bool

 */
function check_admin_permissions($action, $error = true)
{

 */
function check_admin_permissions($action, $error = true)
{

Zeile 352Zeile 359
	{
$func = $action['module']."_admin_permissions";
$permissions = $func();

	{
$func = $action['module']."_admin_permissions";
$permissions = $func();

		if($permissions['permissions'][$action['action']] && $mybb->admin['permissions'][$action['module']][$action['action']] != 1)




		if(
!empty($permissions['permissions'][$action['action']]) &&
empty($mybb->admin['permissions'][$action['module']][$action['action']])
)

		{
if($error)
{

		{
if($error)
{

Zeile 375Zeile 385
/**
* Fetches the list of administrator permissions for a particular user or group
*

/**
* Fetches the list of administrator permissions for a particular user or group
*

 * @param int The user ID to fetch permissions for
* @param int The (optional) group ID to fetch permissions for

 * @param int $get_uid The user ID to fetch permissions for
* @param int $get_gid The (optional) group ID to fetch permissions for

 * @return array Array of permissions for specified user or group
*/

 * @return array Array of permissions for specified user or group
*/

function get_admin_permissions($get_uid="", $get_gid="")

function get_admin_permissions($get_uid=0, $get_gid=0)

{
global $db, $mybb;


{
global $db, $mybb;


Zeile 389Zeile 399

$gid_array = array();



$gid_array = array();


	if($uid === "")

	if($uid === 0)

	{
$uid = $mybb->user['uid'];
}

	{
$uid = $mybb->user['uid'];
}

Zeile 497Zeile 507
		{
return $final_group_perms;
}

		{
return $final_group_perms;
}

		else

		elseif(isset($perms_def))

		{
return $perms_def;
}

		{
return $perms_def;
}

 

return array();

	}
}

/**
* Fetch the iconv/mb encoding for a particular MySQL encoding
*

	}
}

/**
* Fetch the iconv/mb encoding for a particular MySQL encoding
*

 * @param string The MySQL encoding

 * @param string $mysql_encoding The MySQL encoding

 * @return string The iconv/mb encoding
*/
function fetch_iconv_encoding($mysql_encoding)

 * @return string The iconv/mb encoding
*/
function fetch_iconv_encoding($mysql_encoding)

Zeile 529Zeile 541
/**
* Adds/Updates a Page/Tab to the permissions array in the adminoptions table
*

/**
* Adds/Updates a Page/Tab to the permissions array in the adminoptions table
*

 * @param string The name of the tab that is being affected
* @param string The name of the page being affected (optional - if not specified, will affect everything under the specified tab)
* @param integer Default permissions for the page (1 for allowed - 0 for disallowed - -1 to remove)

 * @param string $tab The name of the tab that is being affected
* @param string $page The name of the page being affected (optional - if not specified, will affect everything under the specified tab)
* @param integer $default Default permissions for the page (1 for allowed - 0 for disallowed - -1 to remove)

 */
function change_admin_permission($tab, $page="", $default=1)

 */
function change_admin_permission($tab, $page="", $default=1)

{

{

	global $db;

$query = $db->simple_select("adminoptions", "uid, permissions", "permissions != ''");

	global $db;

$query = $db->simple_select("adminoptions", "uid, permissions", "permissions != ''");

Zeile 556Zeile 568
		else
{
if(!empty($page))

		else
{
if(!empty($page))

			{
if($adminoption['uid'] == 0)
{

			{
if($adminoption['uid'] == 0)
{

					$adminoption['permissions'][$tab][$page] = 0;
}
else
{
$adminoption['permissions'][$tab][$page] = $default;

					$adminoption['permissions'][$tab][$page] = 0;
}
else
{
$adminoption['permissions'][$tab][$page] = $default;

				}
}

				}
}

			else
{
if($adminoption['uid'] == 0)

			else
{
if($adminoption['uid'] == 0)

Zeile 579Zeile 591
			}
}


			}
}


		$db->update_query("adminoptions", array('permissions' => $db->escape_string(serialize($adminoption['permissions']))), "uid='{$adminoption['uid']}'");

		$db->update_query("adminoptions", array('permissions' => $db->escape_string(my_serialize($adminoption['permissions']))), "uid='{$adminoption['uid']}'");

	}
}

	}
}





/**
* Checks if we have had too many attempts at logging into the ACP
*

/**
* Checks if we have had too many attempts at logging into the ACP
*

 * @param integer The uid of the admin to check
* @param boolean Return an array of the number of attempts and expiry time? (default false)

 * @param integer $uid The uid of the admin to check
* @param boolean $return_num Return an array of the number of attempts and expiry time? (default false)

 * @return mixed Return an array if the second parameter is true, boolean otherwise.
*/
function login_attempt_check_acp($uid=0, $return_num=false)

 * @return mixed Return an array if the second parameter is true, boolean otherwise.
*/
function login_attempt_check_acp($uid=0, $return_num=false)

Zeile 600Zeile 612
	{
$query = $db->simple_select("adminoptions", "loginattempts, loginlockoutexpiry", "uid='".(int)$uid."'", 1);
$attempts = $db->fetch_array($query);

	{
$query = $db->simple_select("adminoptions", "loginattempts, loginlockoutexpiry", "uid='".(int)$uid."'", 1);
$attempts = $db->fetch_array($query);

 

if(!$attempts)
{
return false;
}

	}

if($attempts['loginattempts'] <= 0)

	}

if($attempts['loginattempts'] <= 0)

Zeile 633Zeile 650
/**
* Checks whether the administrator is on a mobile device
*

/**
* Checks whether the administrator is on a mobile device
*

 * @param string The useragent to be checked

 * @param string $useragent The useragent to be checked

 * @return boolean A true/false depending on if the administrator is on a mobile
*/
function is_mobile($useragent)

 * @return boolean A true/false depending on if the administrator is on a mobile
*/
function is_mobile($useragent)

Zeile 644Zeile 661
/**
* Checks whether there are any 'security' issues in templates via complex syntax
*

/**
* Checks whether there are any 'security' issues in templates via complex syntax
*

 * @param string The template to be scanned

 * @param string $template The template to be scanned

 * @return boolean A true/false depending on if an issue was detected
*/
function check_template($template)
{
// Check to see if our database password is in the template

 * @return boolean A true/false depending on if an issue was detected
*/
function check_template($template)
{
// Check to see if our database password is in the template

	if(preg_match("#database'?\\s*\]\\s*\[\\s*'?password#", $template))

	if(preg_match('#\$config\[(([\'|"]database[\'|"])|([^\'"].*?))\]\[(([\'|"](database|hostname|password|table_prefix|username)[\'|"])|([^\'"].*?))\]#i', $template)) 

	{
return true;
}

	{
return true;
}

Zeile 674Zeile 691
/**
* Provides a function to entirely delete a user's posts, and find the threads attached to them
*

/**
* Provides a function to entirely delete a user's posts, and find the threads attached to them
*

 * @param integer The uid of the user
* @param int A UNIX timestamp to delete posts that are older

 * @param integer $uid The uid of the user
* @param int $date A UNIX timestamp to delete posts that are older

 * @return array An array of threads to delete, threads/forums to recount
*/
function delete_user_posts($uid, $date)

 * @return array An array of threads to delete, threads/forums to recount
*/
function delete_user_posts($uid, $date)

Zeile 719Zeile 736
		{
while($post = $db->fetch_array($query))
{

		{
while($post = $db->fetch_array($query))
{

				if($post['usepostcounts'] != 0 && $post['visible'] != 0)

				if($post['usepostcounts'] != 0 && $post['visible'] == 1)

				{
++$post_count;
}

				{
++$post_count;
}

Zeile 795Zeile 812
		}
}
</script>";

		}
}
</script>";

 
}

if(!function_exists('array_column'))
{
function array_column($input, $column_key)
{
$values = array();

if(!is_array($input))
{
$input = array($input);
}

foreach($input as $val)
{
if(is_array($val) && isset($val[$column_key]))
{
$values[] = $val[$column_key];
}
elseif(is_object($val) && isset($val->$column_key))
{
$values[] = $val->$column_key;
}
}

return $values;
}
}

/**
* Output the auto redirect block.
*
* @param \Form $form An existing form instance to wrap the redirect within.
* @param string $prompt The prompt to show.
*/
function output_auto_redirect($form, $prompt)
{
global $lang;

echo <<<HTML
<div class="confirm_action">
<p>{$prompt}</p>
<br />
<script type="text/javascript">
$(function() {
var button = $("#proceed_button");
if (button.length > 0) {
// create a temporary div element to render the text within, un-escaping HTML entities
var textElement = $('<div/>').html('{$lang->automatically_redirecting}');

button.val(textElement.text());
button.attr("disabled", true);
button.css("color", "#aaa");
button.css("borderColor", "#aaa");

var parent_form = button.closest('form');

if (parent_form.length > 0) {
parent_form.submit();
}
}
});
</script>
<p class="buttons">
{$form->generate_submit_button($lang->proceed, array('class' => 'button_yes', 'id' => 'proceed_button'))}
</p>
</div>
HTML;

}

}