diff --git a/_sakura/changelog.json b/_sakura/changelog.json index 75cd474..4a173bc 100644 --- a/_sakura/changelog.json +++ b/_sakura/changelog.json @@ -2720,6 +2720,22 @@ "type": "ADD", "change": "Added Linux no cron task method.", "user": "Flashwave" + }, + { + "type": "ADD", + "change": "Remove old notifications after a month.", + "user": "Flashwave" + } + + ], + + "20150914": [ + + "eminence", + { + "type": "UPD", + "change": "Make indentation style PSR2 standard compliant.", + "user": "Flashwave" } ] diff --git a/_sakura/components/Bans.php b/_sakura/components/Bans.php index d2b1c91..c341616 100644 --- a/_sakura/components/Bans.php +++ b/_sakura/components/Bans.php @@ -5,37 +5,35 @@ namespace Sakura; -class Bans { - +class Bans +{ // Check if a user is banned - public static function checkBan($id) { + public static function checkBan($uid) + { // Attempt to get a ban from this user - $bans = Database::fetch('bans', true, ['uid' => [$id, '=']]); + $bans = Database::fetch('bans', true, ['uid' => [$uid, '=']]); // Reverse the array so new bans are listed first $bans = array_reverse($bans); // Go over each ban - foreach($bans as $ban) { - + foreach ($bans as $ban) { // Check if it hasn't expired - if($ban['ban_end'] != 0 && $ban['ban_end'] < time()) { - + if ($ban['ban_end'] != 0 && $ban['ban_end'] < time()) { // If it has delete the entry and continue - Database::delete('bans', ['id' => [$ban['id'], '=']]); + Database::delete('bans', ['id' => [$ban['uid'], '=']]); continue; - } // Return the ban if all checks were passed return [ - 'user' => $ban['uid'], - 'issuer' => $ban['mod_id'], - 'issued' => $ban['ban_begin'], - 'expires' => $ban['ban_end'], - 'reason' => $ban['ban_reason'] + 'user' => $ban['uid'], + 'issuer' => $ban['mod_uid'], + 'issued' => $ban['ban_begin'], + 'expires' => $ban['ban_end'], + 'reason' => $ban['ban_reason'], ]; @@ -45,5 +43,4 @@ class Bans { return false; } - } diff --git a/_sakura/components/Comments.php b/_sakura/components/Comments.php index cfee4af..13ec03b 100644 --- a/_sakura/components/Comments.php +++ b/_sakura/components/Comments.php @@ -5,8 +5,7 @@ namespace Sakura; -class Comments { - - +class Comments +{ } diff --git a/_sakura/components/Configuration.php b/_sakura/components/Configuration.php index 9b2b5fd..71685c3 100644 --- a/_sakura/components/Configuration.php +++ b/_sakura/components/Configuration.php @@ -5,35 +5,30 @@ namespace Sakura; -class Configuration { - +class Configuration +{ // Configuration data - private static $_LCNF = []; - private static $_DCNF = []; + private static $local = []; + private static $database = []; // Initialise configuration, does not contain database initialisation because explained below - public static function init($local) { + public static function init($local) + { // Check if the configuration file exists - if(!file_exists($local)) { - + if (!file_exists($local)) { trigger_error('Local configuration file does not exist', E_USER_ERROR); - } // Attempt to load the configuration file $local = parse_ini_file($local, true); - // Check if $local is an array and then store it in $_LCNF - if(is_array($local)) { - - self::$_LCNF = $local; - + // Check if $local is an array and then store it in $local + if (is_array($local)) { + self::$local = $local; } else { - // Otherwise trigger an error trigger_error('Failed to load local configuration file, check the structure of the file to see if you made mistake somewhere', E_USER_ERROR); - } } @@ -43,7 +38,8 @@ class Configuration { * Different from init as that is called before the database connection is initially * established. */ - public static function initDB() { + public static function initDB() + { // Get config table from the database $_DATA = Database::fetch('config', true); @@ -52,89 +48,70 @@ class Configuration { $_DBCN = array(); // Properly sort the values - foreach($_DATA as $_CONF) { - + foreach ($_DATA as $_CONF) { $_DBCN[$_CONF['config_name']] = $_CONF['config_value']; - } // Assign the temporary array to the static one - self::$_DCNF = $_DBCN; + self::$database = $_DBCN; } // Get values from the configuration on the file system - public static function getLocalConfig($key, $subkey = null) { + public static function getLocalConfig($key, $subkey = null) + { // Check if the key that we're looking for exists - if(array_key_exists($key, self::$_LCNF)) { - - if($subkey) { - + if (array_key_exists($key, self::$local)) { + if ($subkey) { // If we also have a subkey return the proper data - return self::$_LCNF[$key][$subkey]; - - } else { - - // else we just return the default value - return self::$_LCNF[$key]; - + return self::$local[$key][$subkey]; } - } else {// If it doesn't exist trigger an error to avoid explosions - - trigger_error('Unable to get local configuration value "'. $key .'"', E_USER_ERROR); - + // else we just return the default value + return self::$local[$key]; } + // If it doesn't exist trigger an error to avoid explosions + trigger_error('Unable to get local configuration value "' . $key . '"', E_USER_ERROR); + } // Dynamically set local configuration values, does not update the configuration file - public static function setLocalConfig($key, $subkey, $value) { + public static function setLocalConfig($key, $subkey, $value) + { // Check if we also do a subkey - if($subkey) { - + if ($subkey) { // If we do we make sure that the parent key is an array - if(!isset(self::$_LCNF[$key])) { - - self::$_LCNF[$key] = array(); - + if (!isset(self::$local[$key])) { + self::$local[$key] = array(); } // And then assign the value - self::$_LCNF[$key][$subkey] = $value; - - } else { - - // Otherwise we just straight up assign it - self::$_LCNF[$key] = $value; - + self::$local[$key][$subkey] = $value; } + // Otherwise we just straight up assign it + self::$local[$key] = $value; + } // Get values from the configuration in the database - public static function getConfig($key, $returnNull = false) { + public static function getConfig($key, $returnNull = false) + { // Check if the key that we're looking for exists - if(array_key_exists($key, self::$_DCNF)) { - + if (array_key_exists($key, self::$database)) { // Then return the value - return self::$_DCNF[$key]; - - } elseif($returnNull) { - + return self::$database[$key]; + } elseif ($returnNull) { // Avoid the error trigger if requested return null; - - } else { - - // Then return the value - trigger_error('Unable to get configuration value "'. $key .'"', E_USER_ERROR); - } - } + // Then return the value + trigger_error('Unable to get configuration value "' . $key . '"', E_USER_ERROR); + } } diff --git a/_sakura/components/Database.php b/_sakura/components/Database.php index a33643a..768d84e 100644 --- a/_sakura/components/Database.php +++ b/_sakura/components/Database.php @@ -5,69 +5,73 @@ namespace Sakura; -class Database { - +class Database +{ // Database container - public static $_DATABASE; + public static $database; // Initialisation function - public static function init($wrapper) { + public static function init($wrapper) + { // Make the wrapper class name lowercase - $wrapper = __NAMESPACE__ .'\DBWrapper\\'. strtolower($wrapper); + $wrapper = __NAMESPACE__ . '\DBWrapper\\' . strtolower($wrapper); // Check if the class exists - if(!class_exists($wrapper)) { - + if (!class_exists($wrapper)) { trigger_error('Failed to load database wrapper', E_USER_ERROR); - } // Initialise SQL wrapper - self::$_DATABASE = new $wrapper; + self::$database = new $wrapper; } // Select from database - public static function select($table, $data = null, $order = null, $limit = null, $group = null, $distinct = false, $column = '*', $prefix = null) { + public static function select($table, $data = null, $order = null, $limit = null, $group = null, $distinct = false, $column = '*', $prefix = null) + { - return self::$_DATABASE->select($table, $data, $order, $limit, $group, $distinct, $column, $prefix); + return self::$database->select($table, $data, $order, $limit, $group, $distinct, $column, $prefix); } // Fetch from database - public static function fetch($table, $fetchAll = true, $data = null, $order = null, $limit = null, $group = null, $distinct = false, $column = '*', $prefix = null) { + public static function fetch($table, $fetchAll = true, $data = null, $order = null, $limit = null, $group = null, $distinct = false, $column = '*', $prefix = null) + { - return self::$_DATABASE->fetch($table, $fetchAll, $data, $order, $limit, $group, $distinct, $column, $prefix); + return self::$database->fetch($table, $fetchAll, $data, $order, $limit, $group, $distinct, $column, $prefix); } // Insert into database - public static function insert($table, $data, $prefix = null) { + public static function insert($table, $data, $prefix = null) + { - return self::$_DATABASE->insert($table, $data, $prefix); + return self::$database->insert($table, $data, $prefix); } // Update in database - public static function update($table, $data, $prefix = null) { + public static function update($table, $data, $prefix = null) + { - return self::$_DATABASE->update($table, $data, $prefix); + return self::$database->update($table, $data, $prefix); } // Delete from database - public static function delete($table, $data, $prefix = null) { + public static function delete($table, $data, $prefix = null) + { - return self::$_DATABASE->delete($table, $data, $prefix); + return self::$database->delete($table, $data, $prefix); } // Count from database - public static function count($table, $data = null, $prefix = null) { + public static function count($table, $data = null, $prefix = null) + { - return self::$_DATABASE->count($table, $data, $prefix); + return self::$database->count($table, $data, $prefix); } - } diff --git a/_sakura/components/Forum.php b/_sakura/components/Forum.php index 2ec105d..236481b 100644 --- a/_sakura/components/Forum.php +++ b/_sakura/components/Forum.php @@ -5,22 +5,23 @@ namespace Sakura; -class Forum { - +class Forum +{ // Empty forum template public static $emptyForum = [ - 'forum_id' => 0, - 'forum_name' => 'Forum', - 'forum_desc' => '', - 'forum_link' => '', - 'forum_category' => 0, - 'forum_type' => 1, - 'forum_posts' => 0, - 'forum_topics' => 0 + 'forum_id' => 0, + 'forum_name' => 'Forum', + 'forum_desc' => '', + 'forum_link' => '', + 'forum_category' => 0, + 'forum_type' => 1, + 'forum_posts' => 0, + 'forum_topics' => 0, ]; // Getting the forum list - public static function getForumList() { + public static function getForumList() + { // Get the content from the database $forums = Database::fetch('forums'); @@ -29,36 +30,32 @@ class Forum { $return = [ 0 => [ 'forum' => self::$emptyForum, - 'forums' => [] - ] + 'forums' => [], + ], ]; // Resort the forums - foreach($forums as $forum) { - + foreach ($forums as $forum) { // If the forum type is a category create a new one - if($forum['forum_type'] == 1) { - + if ($forum['forum_type'] == 1) { $return[$forum['forum_id']]['forum'] = $forum; - } else { - // For link and reg. forum add it to the category $return[$forum['forum_category']]['forums'][$forum['forum_id']] = $forum; // Get the topic count $return[$forum['forum_category']]['forums'][$forum['forum_id']]['topic_count'] = Database::count('topics', [ - 'forum_id' => [$forum['forum_id'], '='] + 'forum_id' => [$forum['forum_id'], '='], ])[0]; // Get the post count $return[$forum['forum_category']]['forums'][$forum['forum_id']]['post_count'] = Database::count('posts', [ - 'forum_id' => [$forum['forum_id'], '='] + 'forum_id' => [$forum['forum_id'], '='], ])[0]; // Get last post in forum $lastPost = Database::fetch('posts', false, [ - 'forum_id' => [$forum['forum_id'], '='] + 'forum_id' => [$forum['forum_id'], '='], ], ['post_id', true]); // Add last poster data and the details about the post as well @@ -66,11 +63,9 @@ class Forum { 'post' => $lastPost, 'user' => ($_LAST_POSTER = Users::getUser($lastPost['poster_id'])), 'rank' => Users::getRank($_LAST_POSTER['rank_main']), - 'elap' => Main::timeElapsed($lastPost['post_time']) + 'elap' => Main::timeElapsed($lastPost['post_time']), ]; - } - } // Return the resorted data @@ -79,7 +74,8 @@ class Forum { } // Get a forum or category - public static function getForum($id) { + public static function getForum($id) + { // Get the forumlist from the database $forums = Database::fetch('forums'); @@ -91,46 +87,42 @@ class Forum { $forum = []; // Try to find the requested forum - foreach($forums as $list) { - + foreach ($forums as $list) { // Once found set $forum to $list and break the loop - if($list['forum_id'] == $id) { - + if ($list['forum_id'] == $id) { $forum['forum'] = $list; break; - } - } // If $forum is still empty after the foreach return false - if(empty($forum)) + if (empty($forum)) { return false; + } // Create conditions for fetching the forums $conditions['forum_category'] = [$id, '=']; // If the current category is 0 (the built in fallback) prevent getting categories - if($id == 0) + if ($id == 0) { $conditions['forum_type'] = ['1', '!=']; + } // Check if this forum/category has any subforums $forum['forums'] = Database::fetch('forums', true, $conditions); // Get the userdata related to last posts - foreach($forum['forums'] as $key => $sub) { - + foreach ($forum['forums'] as $key => $sub) { // Get last post in forum $lastPost = Database::fetch('posts', false, [ - 'forum_id' => [$sub['forum_id'], '='] + 'forum_id' => [$sub['forum_id'], '='], ], ['post_id', true]); $forum['forums'][$key]['last_poster'] = [ 'post' => $lastPost, - 'user' => ($_LAST_POSTER = Users::getUser($lastPost['poster_id'])), - 'rank' => Users::getRank($_LAST_POSTER['rank_main']) + 'user' => ($lastPoster = Users::getUser($lastPost['poster_id'])), + 'rank' => Users::getRank($lastPoster['rank_main']), ]; - } // Lastly grab the topics for this forum @@ -142,45 +134,44 @@ class Forum { } // Getting all topics from a forum - public static function getTopics($id) { + public static function getTopics($id) + { // Get the topics from the database $topics = Database::fetch('topics', true, [ - 'forum_id' => [$id, '='] + 'forum_id' => [$id, '='], ]); // Get the userdata related to last posts - foreach($topics as $key => $topic) { - + foreach ($topics as $key => $topic) { // Get the reply count $topics[$key]['reply_count'] = Database::count('posts', [ - 'topic_id' => [$topic['topic_id'], '='] + 'topic_id' => [$topic['topic_id'], '='], ])[0]; // Get first post in topics $firstPost = Database::fetch('posts', false, [ - 'topic_id' => [$topic['topic_id'], '='] + 'topic_id' => [$topic['topic_id'], '='], ]); $topics[$key]['first_poster'] = [ 'post' => $firstPost, 'user' => ($_FIRST_POSTER = Users::getUser($firstPost['poster_id'])), 'rank' => Users::getRank($_FIRST_POSTER['rank_main']), - 'elap' => Main::timeElapsed($firstPost['post_time']) + 'elap' => Main::timeElapsed($firstPost['post_time']), ]; // Get last post in topics $lastPost = Database::fetch('posts', false, [ - 'topic_id' => [$topic['topic_id'], '='] + 'topic_id' => [$topic['topic_id'], '='], ], ['post_id', true]); $topics[$key]['last_poster'] = [ 'post' => $lastPost, 'user' => ($_LAST_POSTER = Users::getUser($lastPost['poster_id'])), 'rank' => Users::getRank($_LAST_POSTER['rank_main']), - 'elap' => Main::timeElapsed($lastPost['post_time']) + 'elap' => Main::timeElapsed($lastPost['post_time']), ]; - } return $topics; @@ -188,38 +179,38 @@ class Forum { } // Get posts of a thread - public static function getTopic($id, $ignoreView = false) { + public static function getTopic($id, $ignoreView = false) + { // Get the topic data from the database $topicInfo = Database::fetch('topics', false, [ - 'topic_id' => [$id, '='] + 'topic_id' => [$id, '='], ]); // Check if there actually is anything - if(empty($topicInfo)) + if (empty($topicInfo)) { return false; + } // Up the view count - if(!$ignoreView) { - + if (!$ignoreView) { // Get the new count $topicInfo['topic_views'] = $topicInfo['topic_views'] + 1; // Update the count Database::update('topics', [ [ - 'topic_views' => $topicInfo['topic_views'] + 'topic_views' => $topicInfo['topic_views'], ], [ - 'topic_id' => [$id, '='] - ] + 'topic_id' => [$id, '='], + ], ]); - } // Get the posts from the database $rawPosts = Database::fetch('posts', true, [ - 'topic_id' => [$id, '='] + 'topic_id' => [$id, '='], ]); // Create storage array @@ -233,7 +224,7 @@ class Forum { // Get first post in topics $firstPost = Database::fetch('posts', false, [ - 'topic_id' => [$topic['topic']['topic_id'], '='] + 'topic_id' => [$topic['topic']['topic_id'], '='], ]); // Get the data of the first poster @@ -241,12 +232,12 @@ class Forum { 'post' => $firstPost, 'user' => ($_FIRST_POSTER = Users::getUser($firstPost['poster_id'])), 'rank' => Users::getRank($_FIRST_POSTER['rank_main']), - 'elap' => Main::timeElapsed($firstPost['post_time']) + 'elap' => Main::timeElapsed($firstPost['post_time']), ]; // Get last post in topics $lastPost = Database::fetch('posts', false, [ - 'topic_id' => [$topic['topic']['topic_id'], '='] + 'topic_id' => [$topic['topic']['topic_id'], '='], ], ['post_id', true]); // Get the data of the last poster @@ -254,32 +245,30 @@ class Forum { 'post' => $lastPost, 'user' => ($_LAST_POSTER = Users::getUser($lastPost['poster_id'])), 'rank' => Users::getRank($_LAST_POSTER['rank_main']), - 'elap' => Main::timeElapsed($lastPost['post_time']) + 'elap' => Main::timeElapsed($lastPost['post_time']), ]; // Create space for posts $topic['posts'] = []; // Parse the data of every post - foreach($rawPosts as $post) { - + foreach ($rawPosts as $post) { // Add post and metadata to the global storage array $topic['posts'][$post['post_id']] = array_merge($post, [ - 'is_op' => ($post['poster_id'] == $firstPost['poster_id'] ? '1' : '0'), - 'user' => ($_POSTER = Users::getUser($post['poster_id'])), - 'rank' => Users::getRank($_POSTER['rank_main']), - 'time_elapsed' => Main::timeElapsed($post['post_time']), - 'country' => Main::getCountryName($_POSTER['country']), - 'is_premium' => Users::checkUserPremium($_POSTER['id'])[0], - 'is_online' => Users::checkUserOnline($_POSTER['id']), - 'is_friend' => Users::checkFriend($_POSTER['id']), - 'parsed_post' => self::parseMarkUp($post['post_text'], $post['parse_mode'], $post['enable_emotes']), - 'signature' => empty($_POSTER['userData']['signature']) ? '' : self::parseMarkUp($_POSTER['userData']['signature']['text'], $_POSTER['userData']['signature']['mode']) + 'is_op' => ($post['poster_id'] == $firstPost['poster_id'] ? '1' : '0'), + 'user' => ($_POSTER = Users::getUser($post['poster_id'])), + 'rank' => Users::getRank($_POSTER['rank_main']), + 'time_elapsed' => Main::timeElapsed($post['post_time']), + 'country' => Main::getCountryName($_POSTER['country']), + 'is_premium' => Users::checkUserPremium($_POSTER['id'])[0], + 'is_online' => Users::checkUserOnline($_POSTER['id']), + 'is_friend' => Users::checkFriend($_POSTER['id']), + 'parsed_post' => self::parseMarkUp($post['post_text'], $post['parse_mode'], $post['enable_emotes']), + 'signature' => empty($_POSTER['userData']['signature']) ? '' : self::parseMarkUp($_POSTER['userData']['signature']['text'], $_POSTER['userData']['signature']['mode']), ]); // Just in case unset($_POSTER); - } // Return the compiled topic data @@ -288,16 +277,18 @@ class Forum { } // Get a topic ID from a post ID - public static function getTopicIdFromPostId($id) { + public static function getTopicIdFromPostId($id) + { // Get the post $post = Database::fetch('posts', false, [ - 'post_id' => [$id, '='] + 'post_id' => [$id, '='], ]); // Return false if nothing was returned - if(empty($post)) + if (empty($post)) { return false; + } // Return the topic id return $post['topic_id']; @@ -305,68 +296,67 @@ class Forum { } // Parse different markup flavours - public static function parseMarkUp($text, $mode, $emotes = 1) { + public static function parseMarkUp($text, $mode, $emotes = 1) + { // Clean string $text = Main::cleanString($text); // Parse emotes - if($emotes) + if ($emotes) { $text = Main::parseEmotes($text); + } // Switch between modes - switch($mode) { - + switch ($mode) { case 1: return Main::bbParse($text); - + case 2: return Main::mdParse($text); case 0: default: return $text; - } } // Get forum statistics of a user - public static function getUserStats($uid) { + public static function getUserStats($uid) + { // Collect the stats return [ - 'posts' => Database::count('posts', ['poster_id' => [$uid, '=']])[0], - 'topics' => count(Database::fetch('posts', true, ['poster_id' => [$uid, '=']], ['post_time'], null, ['topic_id'])) + 'posts' => Database::count('posts', ['poster_id' => [$uid, '=']])[0], + 'topics' => count(Database::fetch('posts', true, ['poster_id' => [$uid, '=']], ['post_time'], null, ['topic_id'])), ]; } // Creating a new post - public static function createPost($subject, $text, $enableMD, $enableSig, $forum, $type = 0, $status = 0, $topic = 0) { + public static function createPost($subject, $text, $enableMD, $enableSig, $forum, $type = 0, $status = 0, $topic = 0) + { // Check if this post is OP - if(!$topic) { - + if (!$topic) { // If so create a new topic Database::insert('topics', [ - 'forum_id' => $forum, - 'topic_hidden' => 0, - 'topic_title' => $subject, - 'topic_time' => time(), - 'topic_time_limit' => 0, - 'topic_last_reply' => 0, - 'topic_views' => 0, - 'topic_replies' => 0, - 'topic_status' => $status, - 'topic_status_change' => 0, - 'topic_type' => $type, - 'topic_first_post_id' => 0, - 'topic_first_poster_id' => Session::$userId + 'forum_id' => $forum, + 'topic_hidden' => 0, + 'topic_title' => $subject, + 'topic_time' => time(), + 'topic_time_limit' => 0, + 'topic_last_reply' => 0, + 'topic_views' => 0, + 'topic_replies' => 0, + 'topic_status' => $status, + 'topic_status_change' => 0, + 'topic_type' => $type, + 'topic_first_post_id' => 0, + 'topic_first_poster_id' => Session::$userId, ]); - } } - } diff --git a/_sakura/components/Hashing.php b/_sakura/components/Hashing.php index 2b46bd7..a6fbfdb 100644 --- a/_sakura/components/Hashing.php +++ b/_sakura/components/Hashing.php @@ -31,23 +31,24 @@ namespace Sakura; -class Hashing { - +class Hashing +{ // These variables can be changed without break the existing hashes - private static $_PBKDF2_HASH_ALGORITHM = 'sha256'; - private static $_PBKDF2_ITERATIONS = 1000; - private static $_PBKDF2_SALT_BYTES = 24; - private static $_PBKDF2_HASH_BYTES = 24; + private static $_PBKDF2_HASH_ALGORITHM = 'sha256'; + private static $_PBKDF2_ITERATIONS = 1000; + private static $_PBKDF2_SALT_BYTES = 24; + private static $_PBKDF2_HASH_BYTES = 24; // Changing these will break them though - private static $_HASH_ALGORITHM_INDEX = 0; - private static $_HASH_ITERATION_INDEX = 1; - private static $_HASH_SALT_INDEX = 2; - private static $_HASH_PBKDF2_INDEX = 3; - private static $_HASH_SECTIONS = 4; + private static $_HASH_ALGORITHM_INDEX = 0; + private static $_HASH_ITERATION_INDEX = 1; + private static $_HASH_SALT_INDEX = 2; + private static $_HASH_PBKDF2_INDEX = 3; + private static $_HASH_SECTIONS = 4; // Returns an array formatted like: [algorithm, iterations, salt, hash] - public static function create_hash($pass) { + public static function create_hash($pass) + { $salt = base64_encode( \mcrypt_create_iv( @@ -71,7 +72,7 @@ class Hashing { self::$_PBKDF2_HASH_ALGORITHM, self::$_PBKDF2_ITERATIONS, $salt, - $hash + $hash, ); return $passwordData; @@ -79,10 +80,12 @@ class Hashing { } // Validates hashed password - public static function validate_password($password, $params) { + public static function validate_password($password, $params) + { - if(count($params) < self::$_HASH_SECTIONS) + if (count($params) < self::$_HASH_SECTIONS) { return false; + } $pbkdf2 = base64_decode($params[self::$_HASH_PBKDF2_INDEX]); @@ -92,7 +95,7 @@ class Hashing { $params[self::$_HASH_ALGORITHM_INDEX], $password, $params[self::$_HASH_SALT_INDEX], - (int)$params[self::$_HASH_ITERATION_INDEX], + (int) $params[self::$_HASH_ITERATION_INDEX], strlen($pbkdf2), true ) @@ -103,12 +106,14 @@ class Hashing { } // Compares two strings $a and $b in length-constant time. - public static function slow_equals($a, $b) { + public static function slow_equals($a, $b) + { $diff = strlen($a) ^ strlen($b); - for($i = 0; $i < strlen($a) && $i < strlen($b); $i++) + for ($i = 0; $i < strlen($a) && $i < strlen($b); $i++) { $diff |= ord($a[$i]) ^ ord($b[$i]); + } return $diff === 0; @@ -130,24 +135,26 @@ class Hashing { * With improvements by http://www.variations-of-shadow.com */ - private static function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) { + private static function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) + { $algorithm = strtolower($algorithm); - if(!in_array($algorithm, hash_algos(), true)) + if (!in_array($algorithm, hash_algos(), true)) { trigger_error('PBKDF2 ERROR: Invalid hash algorithm.', E_USER_ERROR); + } - if($count <= 0 || $key_length <= 0) + if ($count <= 0 || $key_length <= 0) { trigger_error('PBKDF2 ERROR: Invalid parameters.', E_USER_ERROR); + } - if(function_exists('hash_pbkdf2')) { - + if (function_exists('hash_pbkdf2')) { // The output length is in NIBBLES (4-bits) if $raw_output is false! - if(!$raw_output) + if (!$raw_output) { $key_length = $key_length * 2; + } return hash_pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output); - } $hash_length = strlen(hash($algorithm, '', true)); @@ -155,8 +162,7 @@ class Hashing { $output = ''; - for($i = 1; $i <= $block_count; $i++) { - + for ($i = 1; $i <= $block_count; $i++) { // $i encoded as 4 bytes, big endian. $last = $salt . pack('N', $i); @@ -164,18 +170,18 @@ class Hashing { $last = $xorsum = hash_hmac($algorithm, $last, $password, true); // Perform the other $count - 1 interations - for($j = 1; $j < $count; $j++) + for ($j = 1; $j < $count; $j++) { $xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true)); + } $output .= $xorsum; - if($raw_output) + if ($raw_output) { return substr($output, 0, $key_length); - else - return bin2hex(substr($output, 0, $key_length)); + } + return bin2hex(substr($output, 0, $key_length)); } } - } diff --git a/_sakura/components/Main.php b/_sakura/components/Main.php index 9af6b63..8028aea 100644 --- a/_sakura/components/Main.php +++ b/_sakura/components/Main.php @@ -8,10 +8,11 @@ namespace Sakura; use Parsedown; use PHPMailer; -class Main { - +class Main +{ // Constructor - public static function init($config) { + public static function init($config) + { // Configuration Management and local configuration Configuration::init($config); @@ -28,32 +29,35 @@ class Main { } // Parse markdown - public static function mdParse($text) { + public static function mdParse($text) + { return (new Parsedown())->text($text); } // Get bbcodes - public static function getBBcodes() { + public static function getBBcodes() + { return Database::fetch('bbcodes'); } // Parse bbcodes - public static function bbParse($text) { + public static function bbParse($text) + { // Get bbcode regex from the database $bbcodes = Database::fetch('bbcodes'); // Split the regex - $regex = array_map(function($arr) { + $regex = array_map(function ($arr) { return $arr['regex']; }, $bbcodes); // Split the replacement - $replace = array_map(function($arr) { + $replace = array_map(function ($arr) { return $arr['replace']; }, $bbcodes); @@ -66,23 +70,23 @@ class Main { } // Get emoticons - public static function getEmotes() { + public static function getEmotes() + { return Database::fetch('emoticons'); } // Parsing emoticons - public static function parseEmotes($text) { + public static function parseEmotes($text) + { // Get emoticons from the database $emotes = Database::fetch('emoticons'); // Do the replacements - foreach($emotes as $emote) { - - $text = str_replace($emote['emote_string'], ''. $emote['emote_string'] .'', $text); - + foreach ($emotes as $emote) { + $text = str_replace($emote['emote_string'], '' . $emote['emote_string'] . '', $text); } // Return the parsed text @@ -91,16 +95,15 @@ class Main { } // Verify ReCAPTCHA - public static function verifyCaptcha($response) { + public static function verifyCaptcha($response) + { // Attempt to get the response - $resp = @file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='. Configuration::getConfig('recaptcha_private') .'&response='. $response); + $resp = @file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=' . Configuration::getConfig('recaptcha_private') . '&response=' . $response); // In the highly unlikely case that it failed to get anything forge a false - if(!$resp) { - + if (!$resp) { return false; - } // Decode the response JSON from the servers @@ -112,49 +115,44 @@ class Main { } // Error Handler - public static function errorHandler($errno, $errstr, $errfile, $errline) { + public static function errorHandler($errno, $errstr, $errfile, $errline) + { // Remove ROOT path from the error string and file location - $errstr = str_replace(ROOT, '', $errstr); - $errfile = str_replace(ROOT, '', $errfile); + $errstr = str_replace(ROOT, '', $errstr); + $errfile = str_replace(ROOT, '', $errfile); // Attempt to log the error to the database - if(Database::$_DATABASE !== null) { - + if (Database::$database !== null) { // Encode backtrace data $backtrace = base64_encode(json_encode(debug_backtrace())); // Check if this error has already been logged in the past - if($past = Database::fetch('error_log', false, ['backtrace' => [$backtrace, '=', true], 'error_string' => [$errstr, '=']])) { - + if ($past = Database::fetch('error_log', false, ['backtrace' => [$backtrace, '=', true], 'error_string' => [$errstr, '=']])) { // If so assign the errid $errid = $past['id']; - } else { - // Create an error ID $errid = substr(md5(microtime()), rand(0, 22), 10); // Log the error Database::insert('error_log', [ - 'id' => $errid, - 'timestamp' => date("r"), - 'revision' => SAKURA_VERSION, - 'error_type' => $errno, - 'error_line' => $errline, - 'error_string' => $errstr, - 'error_file' => $errfile, - 'backtrace' => $backtrace + 'id' => $errid, + 'timestamp' => date("r"), + 'revision' => SAKURA_VERSION, + 'error_type' => $errno, + 'error_line' => $errline, + 'error_string' => $errstr, + 'error_file' => $errfile, + 'backtrace' => $backtrace, ]); - } } switch ($errno) { - case E_ERROR: case E_USER_ERROR: $error = 'FATAL ERROR: ' . $errstr . ' on line ' . $errline . ' in ' . $errfile; @@ -172,7 +170,6 @@ class Main { default: $error = 'Unknown error type [' . $errno . ']: ' . $errstr . ' on line ' . $errline . ' in ' . $errfile; - } // Truncate all previous outputs @@ -205,41 +202,33 @@ class Main {

To prevent potential security risks or data loss Sakura has stopped execution of the script.

'; -if(isset($errid)) { + if (isset($errid)) { + $errorPage .= '

The error and surrounding data has been logged.

+

' . (SAKURA_STABLE ? 'Report the following text to a staff member' : 'Logged as') . '

' . $errid . '
'; + } else { + $errorPage .= '

Sakura was not able to log this error which could mean that there was an error with the database connection. If you\'re the system administrator check the database credentials and make sure the server is running and if you\'re not please let the system administrator know about this error if it occurs again.

'; + } - $errorPage .= '

The error and surrounding data has been logged.

-

'. (SAKURA_STABLE ? 'Report the following text to a staff member' : 'Logged as') .'

'. $errid .'
'; - -} else { - - $errorPage .= '

Sakura was not able to log this error which could mean that there was an error with the database connection. If you\'re the system administrator check the database credentials and make sure the server is running and if you\'re not please let the system administrator know about this error if it occurs again.

'; - -} - -if(!SAKURA_STABLE) { - $errorPage .= '

Summary

- 
'. $error .'
+ if (!SAKURA_STABLE) { + $errorPage .= '

Summary

+ 
' . $error . '

Backtraces

'; - foreach(debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS) as $num => $trace) { + foreach (debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS) as $num => $trace) { + $errorPage .= '

#' . $num . '

';
 
-        $errorPage .= '
#'. $num .'
';
+                foreach ($trace as $key => $val) {
+                    $errorPage .= str_pad('[' . $key . ']', 12) . '=> ' . (is_array($val) || is_object($val) ? json_encode($val) : $val) . "\r\n";
+                }
 
-        foreach($trace as $key => $val) {
-
-            $errorPage .= str_pad('['. $key .']', 12) .'=> '. (is_array($val) || is_object($val) ? json_encode($val) : $val) ."\r\n";
+                $errorPage .= '
';
+            }
 
         }
 
-        $errorPage .= '
'; - - } - -} - -$errorPage .= '
+ $errorPage .= '
- Sakura r'. SAKURA_VERSION .'. + Sakura r' . SAKURA_VERSION . '.
@@ -251,7 +240,8 @@ $errorPage .= ' } // Send emails - public static function sendMail($to, $subject, $body) { + public static function sendMail($to, $subject, $body) + { // Initialise PHPMailer $mail = new PHPMailer(); @@ -272,11 +262,9 @@ $errorPage .= ' $mail->Port = Configuration::getConfig('smtp_port'); // If authentication is required log in as well - if(Configuration::getConfig('smtp_auth')) { - + if (Configuration::getConfig('smtp_auth')) { $mail->Username = Configuration::getConfig('smtp_username'); $mail->Password = base64_decode(Configuration::getConfig('smtp_password')); - } // Add a reply-to header @@ -286,10 +274,8 @@ $errorPage .= ' $mail->SetFrom(Configuration::getConfig('smtp_from_email'), Configuration::getConfig('smtp_from_name')); // Set the addressee - foreach($to as $email => $name) { - + foreach ($to as $email => $name) { $mail->AddBCC($email, $name); - } // Subject line @@ -299,12 +285,12 @@ $errorPage .= ' $mail->isHTML(true); // Set email contents - $htmlMail = file_get_contents(ROOT .'_sakura/templates/htmlEmail.tpl'); + $htmlMail = file_get_contents(ROOT . '_sakura/templates/htmlEmail.tpl'); // Replace template tags - $htmlMail = str_replace('{{ sitename }}', Configuration::getConfig('sitename'), $htmlMail); - $htmlMail = str_replace('{{ siteurl }}', '//'. Configuration::getConfig('url_main'), $htmlMail); - $htmlMail = str_replace('{{ contents }}', self::mdParse($body), $htmlMail); + $htmlMail = str_replace('{{ sitename }}', Configuration::getConfig('sitename'), $htmlMail); + $htmlMail = str_replace('{{ siteurl }}', '//' . Configuration::getConfig('url_main'), $htmlMail); + $htmlMail = str_replace('{{ contents }}', self::mdParse($body), $htmlMail); // Set HTML body $mail->Body = $htmlMail; @@ -319,7 +305,7 @@ $errorPage .= ' $mail->ClearAddresses(); // If we got an error return the error - if(!$send) { + if (!$send) { return $mail->ErrorInfo; @@ -331,7 +317,8 @@ $errorPage .= ' } // Cleaning strings - public static function cleanString($string, $lower = false, $nospecial = false) { + public static function cleanString($string, $lower = false, $noSpecial = false) + { // Run common sanitisation function over string $string = htmlentities($string, ENT_NOQUOTES | ENT_HTML401, Configuration::getConfig('charset')); @@ -339,17 +326,13 @@ $errorPage .= ' $string = strip_tags($string); // If set also make the string lowercase - if($lower) { - + if ($lower) { $string = strtolower($string); - } // If set remove all characters that aren't a-z or 0-9 - if($nospecial) { - + if ($noSpecial) { $string = preg_replace('/[^a-z0-9]/', '', $string); - } // Return clean string @@ -358,7 +341,8 @@ $errorPage .= ' } // Loading info pages - public static function loadInfoPage($id) { + public static function loadInfoPage($id) + { // Get contents from the database $infopage = Database::fetch('infopages', false, ['shorthand' => [$id, '=']]); @@ -369,7 +353,8 @@ $errorPage .= ' } // Validate MX records - public static function checkMXRecord($email) { + public static function checkMXRecord($email) + { // Get the domain from the e-mail address $domain = substr(strstr($email, '@'), 1); @@ -383,25 +368,20 @@ $errorPage .= ' } // Check IP version - public static function ipVersion($ip) { + public static function ipVersion($ip) + { // Check if var is IP - if(filter_var($ip, FILTER_VALIDATE_IP)) { - + if (filter_var($ip, FILTER_VALIDATE_IP)) { // IPv4 - if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { - + if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { return 4; - } // IPv6 - if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - + if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { return 6; - } - } // Not an IP or unknown type @@ -410,7 +390,8 @@ $errorPage .= ' } // Convert inet_pton to string with bits - public static function inetToBits($inet) { + public static function inetToBits($inet) + { // Unpack string $unpacked = unpack('A16', $inet); @@ -422,10 +403,8 @@ $errorPage .= ' $binaryIP = null; // "Build" binary IP - foreach($unpacked as $char) { - + foreach ($unpacked as $char) { $binaryIP .= str_pad(decbin(ord($char)), 8, '0', STR_PAD_LEFT); - } // Return IP @@ -434,20 +413,19 @@ $errorPage .= ' } // Match IP subnets - public static function matchSubnet($ip, $range) { + public static function matchSubnet($ip, $range) + { // Use the proper IP type - switch(self::ipVersion($ip)) { - + switch (self::ipVersion($ip)) { case 4: - // Break the range up in parts list($subnet, $bits) = explode('/', $range); // Convert IP and Subnet to long - $ip = ip2long($ip); + $ip = ip2long($ip); $subnet = ip2long($subnet); - $mask = -1 << (32 - $bits); + $mask = -1 << (32 - $bits); // In case the supplied subnet wasn't correctly aligned $subnet &= $mask; @@ -456,20 +434,19 @@ $errorPage .= ' return ($ip & $mask) == $subnet; case 6: - // Break the range up in parts list($subnet, $bits) = explode('/', $range); // Convert subnet to packed address and convert it to binary - $subnet = inet_pton($subnet); - $binarySubnet = self::inetToBits($subnet); + $subnet = inet_pton($subnet); + $binarySubnet = self::inetToBits($subnet); // Convert IPv6 to packed address and convert it to binary as well - $ip = inet_pton($ip); - $binaryIP = self::inetToBits($ip); + $ip = inet_pton($ip); + $binaryIP = self::inetToBits($ip); // Return bits of the strings according to the bits - $ipBits = substr($binaryIP, 0, $bits); + $ipBits = substr($binaryIP, 0, $bits); $subnetBits = substr($binarySubnet, 0, $bits); return ($ipBits === $subnetBits); @@ -482,10 +459,11 @@ $errorPage .= ' } // Check if IP is a CloudFlare IP - public static function checkCFIP($ip) { + public static function checkCFIP($ip) + { // Get CloudFlare Subnet list - $cfhosts = file_get_contents(ROOT .'_sakura/'. Configuration::getLocalConfig('data', 'cfipv'. (self::ipVersion($ip)))); + $cfhosts = file_get_contents(ROOT . '_sakura/' . Configuration::getLocalConfig('data', 'cfipv' . (self::ipVersion($ip)))); // Replace \r\n with \n $cfhosts = str_replace("\r\n", "\n", $cfhosts); @@ -494,22 +472,16 @@ $errorPage .= ' $cfhosts = explode("\n", $cfhosts); // Check if IP is in a CloudFlare subnet - foreach($cfhosts as $subnet) { - + foreach ($cfhosts as $subnet) { // Check if the subnet isn't empty (git newline prevention) - if(strlen($subnet) < 1) { - + if (strlen($subnet) < 1) { continue; - } // Return true if found - if(self::matchSubnet($ip, $subnet)) { - + if (self::matchSubnet($ip, $subnet)) { return true; - } - } // Return false if fails @@ -518,21 +490,18 @@ $errorPage .= ' } // Gets IP of current visitor - public static function getRemoteIP() { + public static function getRemoteIP() + { // Assign REMOTE_ADDR to a variables $ip = $_SERVER['REMOTE_ADDR']; // Check if the IP is a CloudFlare IP - if(self::checkCFIP($ip)) { - + if (self::checkCFIP($ip)) { // If it is check if the CloudFlare IP header is set and if it is assign it to the ip variable - if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])) { - + if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) { $ip = $_SERVER['HTTP_CF_CONNECTING_IP']; - } - } // Return the correct IP @@ -541,13 +510,12 @@ $errorPage .= ' } // Get country code from CloudFlare header (which just returns XX if not found) - public static function getCountryCode() { + public static function getCountryCode() + { // Check if the required header is set and return it - if(isset($_SERVER['HTTP_CF_IPCOUNTRY'])) { - + if (isset($_SERVER['HTTP_CF_IPCOUNTRY'])) { return $_SERVER['HTTP_CF_IPCOUNTRY']; - } // Return XX as a fallback @@ -556,13 +524,12 @@ $errorPage .= ' } // Create a new action code - public static function newActionCode($action, $userid, $instruct) { + public static function newActionCode($action, $userid, $instruct) + { // Make sure the user we're working with exists - if(Users::getUser($userid)['id'] == 0) { - + if (Users::getUser($userid)['id'] == 0) { return false; - } // Convert the instruction array to a JSON @@ -573,10 +540,10 @@ $errorPage .= ' // Insert the key into the database Database::insert('actioncodes', [ - 'action' => $action, - 'userid' => $userid, - 'actkey' => $key, - 'instruction' => $instruct + 'action' => $action, + 'userid' => $userid, + 'actkey' => $key, + 'instruction' => $instruct, ]); // Return the key @@ -585,35 +552,30 @@ $errorPage .= ' } // Use an action code - public static function useActionCode($action, $key, $uid = 0) { + public static function useActionCode($action, $key, $uid = 0) + { // Retrieve the row from the database $keyRow = Database::fetch('actioncodes', false, [ - 'actkey' => [$key, '='], - 'action' => [$action, '='] + 'actkey' => [$key, '='], + 'action' => [$action, '='], ]); // Check if the code exists - if(count($keyRow) <= 1) { - + if (count($keyRow) <= 1) { return [0, 'INVALID_CODE']; - } // Check if the code was intended for the user that's using this code - if($keyRow['userid'] != 0) { - - if($keyRow['userid'] != $uid) { - + if ($keyRow['userid'] != 0) { + if ($keyRow['userid'] != $uid) { return [0, 'INVALID_USER']; - } - } // Remove the key from the database Database::delete('actioncodes', [ - 'id' => [$keyRow['id'], '='] + 'id' => [$keyRow['id'], '='], ]); // Return success @@ -622,7 +584,8 @@ $errorPage .= ' } // Calculate password entropy - public static function pwdEntropy($pw) { + public static function pwdEntropy($pw) + { // Decode utf-8 chars $pw = utf8_decode($pw); @@ -633,26 +596,25 @@ $errorPage .= ' } // Get country name from ISO 3166 code - public static function getCountryName($code) { + public static function getCountryName($code) + { // Parse JSON file - $iso3166 = json_decode(utf8_encode(file_get_contents(ROOT .'_sakura/'. Configuration::getLocalConfig('data', 'iso3166'))), true); + $iso3166 = json_decode(utf8_encode(file_get_contents(ROOT . '_sakura/' . Configuration::getLocalConfig('data', 'iso3166'))), true); // Check if key exists - if(array_key_exists($code, $iso3166)) { - + if (array_key_exists($code, $iso3166)) { return $iso3166[$code]; // If entry found return the full name - - } else { - - return 'Unknown'; // Else return unknown - } + // Else return unknown + return 'Unknown'; + } // Get FAQ data - public static function getFaqData() { + public static function getFaqData() + { // Do database call $faq = Database::fetch('faq', true, null, ['id']); @@ -663,16 +625,15 @@ $errorPage .= ' } // Get log type string - public static function getLogStringFromType($type) { + public static function getLogStringFromType($type) + { // Query the database $return = Database::fetch('logtypes', false, ['id' => [$type, '=']]); // Check if type exists and else return a unformattable string - if(count($return) < 2) { - + if (count($return) < 2) { return 'Unknown action.'; - } // Return the string @@ -681,7 +642,8 @@ $errorPage .= ' } // Get formatted logs - public static function getUserLogs($uid = 0) { + public static function getUserLogs($uid = 0) + { // Check if a user is specified $conditions = ($uid ? ['uid' => [$uid, '=']] : null); @@ -693,15 +655,13 @@ $errorPage .= ' $logs = array(); // Iterate over entries - foreach($logsDB as $log) { - + foreach ($logsDB as $log) { // Store usable data $logs[$log['id']] = [ - 'user' => $_USER = Users::getUser($log['uid']), - 'rank' => Users::getRank($_USER['rank_main']), - 'string' => vsprintf(self::getLogStringFromType($log['action']), json_decode($log['attribs'], true)) + 'user' => $_USER = Users::getUser($log['uid']), + 'rank' => Users::getRank($_USER['rank_main']), + 'string' => vsprintf(self::getLogStringFromType($log['action']), json_decode($log['attribs'], true)), ]; - } // Return new logs @@ -710,7 +670,8 @@ $errorPage .= ' } // Indent JSON - public static function jsonPretty($json) { + public static function jsonPretty($json) + { // Defines $tab = ' '; @@ -720,70 +681,53 @@ $errorPage .= ' $obj = json_decode($json); // Validate the object - if($obj === false) + if ($obj === false) { return false; + } // Re-encode the json and get the length $json = json_encode($obj); $len = strlen($json); // Go over the entries - for($c = 0; $c < $len; $c++) { - + for ($c = 0; $c < $len; $c++) { // Get the current character $char = $json[$c]; - switch($char) { - + switch ($char) { case '[': case '{': - if($str) { - + if ($str) { $out .= $char; - } else { - - $out .= $char ."\r\n". str_repeat($tab, $lvl + 1); + $out .= $char . "\r\n" . str_repeat($tab, $lvl + 1); $lvl++; - } break; case ']': case '}': - if($str) { - + if ($str) { $out .= $char; - } else { - $lvl--; - $out .= "\r\n". str_repeat($tab, $lvl) . $char; - + $out .= "\r\n" . str_repeat($tab, $lvl) . $char; } break; case ',': - if($str) { - + if ($str) { $out .= $char; - } else { - - $out .= ",\r\n". str_repeat($tab, $lvl); - + $out .= ",\r\n" . str_repeat($tab, $lvl); } break; case ':': - if($str) { - + if ($str) { $out .= $char; - } else { - $out .= ": "; - } break; @@ -801,53 +745,50 @@ $errorPage .= ' } // Time elapsed - public static function timeElapsed($timestamp, $append = ' ago', $none = 'Just now') { + public static function timeElapsed($timestamp, $append = ' ago', $none = 'Just now') + { // Subtract the entered timestamp from the current timestamp $time = time() - $timestamp; // If the new timestamp is below 1 return a standard string - if($time < 1) { - + if ($time < 1) { return $none; - } // Array containing time "types" $times = [ 365 * 24 * 60 * 60 => 'year', - 30 * 24 * 60 * 60 => 'month', - 24 * 60 * 60 => 'day', - 60 * 60 => 'hour', - 60 => 'minute', - 1 => 'second' + 30 * 24 * 60 * 60 => 'month', + 24 * 60 * 60 => 'day', + 60 * 60 => 'hour', + 60 => 'minute', + 1 => 'second', ]; - foreach($times as $secs => $str) { - + foreach ($times as $secs => $str) { // Do a devision to check if the given timestamp fits in the current "type" $calc = $time / $secs; - if($calc >= 1) { - + if ($calc >= 1) { // Round the number $round = round($calc); // Return the string - return $round .' '. $times[$secs] . ($round == 1 ? '' : 's') . $append; - + return $round . ' ' . $times[$secs] . ($round == 1 ? '' : 's') . $append; } - } } // Get the byte symbol from a value - public static function getByteSymbol($bytes) { + public static function getByteSymbol($bytes) + { // Return nothing if the input was 0 - if(!$bytes) + if (!$bytes) { return; + } // Array with byte symbols $symbols = ['B', 'KiB', 'MiB', 'GiB', 'TiB', 'PiB', 'EiB', 'ZiB', 'YiB']; @@ -856,7 +797,7 @@ $errorPage .= ' $exp = floor(log($bytes) / log(1024)); // Format the things - $bytes = sprintf("%.2f ". $symbols[$exp], ($bytes / pow(1024, floor($exp)))); + $bytes = sprintf("%.2f " . $symbols[$exp], ($bytes / pow(1024, floor($exp)))); // Return the formatted string return $bytes; @@ -864,7 +805,8 @@ $errorPage .= ' } // Get Premium tracker data - public static function getPremiumTrackerData() { + public static function getPremiumTrackerData() + { // Create data array $data = []; @@ -882,18 +824,16 @@ $errorPage .= ' $data['users'] = []; // Calculate the thing - foreach($table as $row) { - + foreach ($table as $row) { // Calculate balance $data['balance'] = $data['balance'] + $row['amount']; // Add userdata to table - if(!array_key_exists($row['uid'], $data['users'])) { + if (!array_key_exists($row['uid'], $data['users'])) { $data['users'][$row['uid']] = new User($row['uid']); } - } // Return the data @@ -902,17 +842,17 @@ $errorPage .= ' } // Update donation tracker - public static function updatePremiumTracker($id, $amount, $comment) { + public static function updatePremiumTracker($id, $amount, $comment) + { Database::insert('premium_log', [ - 'uid' => $id, - 'amount' => $amount, - 'date' => time(), - 'comment' => $comment + 'uid' => $id, + 'amount' => $amount, + 'date' => time(), + 'comment' => $comment, ]); } - } diff --git a/_sakura/components/Manage.php b/_sakura/components/Manage.php index 0c88f92..385978a 100644 --- a/_sakura/components/Manage.php +++ b/_sakura/components/Manage.php @@ -2,11 +2,10 @@ /* * Management Class */ - + namespace Sakura; -class Manage { - - +class Manage +{ } diff --git a/_sakura/components/News.php b/_sakura/components/News.php index e089e46..89d68c1 100644 --- a/_sakura/components/News.php +++ b/_sakura/components/News.php @@ -5,26 +5,24 @@ namespace Sakura; -class News { - - private $posts = []; // Posts array - private $posters = []; // Posters array (so we don't create a new user object every time) +class News +{ + private $posts = []; // Posts array + private $posters = []; // Posters array (so we don't create a new user object every time) // Initialise the news object - function __construct($category, $comments = true) { + public function __construct($category, $comments = true) + { // Get the news posts and assign them to $posts $posts = Database::fetch('news', true, ['category' => [$category, '=']], ['id', true]); // Attach poster data - foreach($posts as $post) { - + foreach ($posts as $post) { // Check if we already have an object for this user - if(!array_key_exists($post['uid'], $this->posters)) { - - // Create new object - $this->posters[$post['uid']] = new User($post['uid']); - + if (!array_key_exists($post['uid'], $this->posters)) { + // Create new object + $this->posters[$post['uid']] = new User($post['uid']); } // Parse the news post @@ -35,53 +33,50 @@ class News { // Add post to posts array $this->posts[$post['id']] = $post; - } - } // Get the amount of posts - public function getCount() { + public function getCount() + { return count($this->posts); } // Get the amount of posts - public function postExists($id) { + public function postExists($pid) + { - return array_key_exists($id, $this->posts) ? $id : 0; + return array_key_exists($pid, $this->posts) ? $pid : 0; } // Get a single post - public function getPost($id) { + public function getPost($pid) + { - return array_key_exists($id, $this->posts) ? $this->posts[$id] : 0; + return array_key_exists($pid, $this->posts) ? $this->posts[$pid] : 0; } // Getting posts - public function getPosts($start = null, $end = null) { + public function getPosts($start = null, $end = null) + { // Get posts $posts = $this->posts; // Only return requested posts - if($start !== null && $end !== null) { - + if ($start !== null && $end !== null) { // Slice the array $posts = array_slice($posts, $start, $end, true); - - } elseif($start !== null) { - + } elseif ($start !== null) { // Devide the array in parts (pages) $posts = array_chunk($posts, $start, true); - } return $posts; } - } diff --git a/_sakura/components/Payments.php b/_sakura/components/Payments.php index ec19ea5..7a7f7c3 100644 --- a/_sakura/components/Payments.php +++ b/_sakura/components/Payments.php @@ -5,23 +5,24 @@ namespace Sakura; -use \PayPal\Api\Payer; +use \PayPal\Api\Amount; +use \PayPal\Api\Details; use \PayPal\Api\Item; use \PayPal\Api\ItemList; -use \PayPal\Api\Details; -use \PayPal\Api\Amount; -use \PayPal\Api\Transaction; -use \PayPal\Api\RedirectUrls; +use \PayPal\Api\Payer; use \PayPal\Api\Payment; use \PayPal\Api\PaymentExecution; +use \PayPal\Api\RedirectUrls; +use \PayPal\Api\Transaction; -class Payments { - +class Payments +{ // Container for PayPal API private static $paypal; // Initialise PayPal API - public static function init() { + public static function init() + { // Set PayPal object try { @@ -31,7 +32,7 @@ class Payments { Configuration::getConfig('paypal_secret') ) ); - } catch(Exception $e) { + } catch (Exception $e) { return false; } @@ -40,7 +41,8 @@ class Payments { } // Create transaction - public static function createTransaction($total, $itemName, $transDescription, $returnUrl) { + public static function createTransaction($total, $itemName, $transDescription, $returnUrl) + { // Create the payer object $payer = new Payer(); @@ -52,10 +54,10 @@ class Payments { $item = new Item(); // Set the item details - $item ->setName($itemName) - ->setCurrency('EUR') - ->setQuantity(1) - ->setPrice($total); + $item->setName($itemName) + ->setCurrency('EUR') + ->setQuantity(1) + ->setPrice($total); // Create itemlist $list = new ItemList(); @@ -73,39 +75,39 @@ class Payments { $amount = new Amount(); // Set amount data - $amount ->setCurrency('EUR') - ->setTotal($total) - ->setDetails($details); + $amount->setCurrency('EUR') + ->setTotal($total) + ->setDetails($details); // Create transaction $trans = new Transaction(); // Set transaction data (aka shit we already set but whatever who cares we need to set it again 500 times over again anyway, YAY TECHNOLOGY!) - $trans ->setAmount($amount) - ->setItemList($list) - ->setDescription($transDescription) - ->setInvoiceNumber(uniqid()); + $trans->setAmount($amount) + ->setItemList($list) + ->setDescription($transDescription) + ->setInvoiceNumber(uniqid()); // Create redirect url object $redir = new RedirectUrls(); // Set redirect url data - $redir ->setReturnUrl($returnUrl. '?mode=finish&success=true') - ->setCancelUrl($returnUrl. '?mode=finish&success=false'); + $redir->setReturnUrl($returnUrl . '?mode=finish&success=true') + ->setCancelUrl($returnUrl . '?mode=finish&success=false'); // Create payment object $payment = new Payment(); // Set payment data (finally) $payment->setIntent('sale') - ->setPayer($payer) - ->setRedirectUrls($redir) - ->setTransactions([$trans]); + ->setPayer($payer) + ->setRedirectUrls($redir) + ->setTransactions([$trans]); // Try to create payment try { $payment->create(self::$paypal); - } catch(Exception $ex) { + } catch (Exception $ex) { return false; } @@ -115,7 +117,8 @@ class Payments { } // Complete the PayPal transaction - public static function completeTransaction($paymentId, $payerId) { + public static function completeTransaction($paymentId, $payerId) + { // Attempt to get the payment $payment = Payment::get($paymentId, self::$paypal); @@ -129,7 +132,7 @@ class Payments { // Attempt to charge the fucker try { $payment->execute($execute, self::$paypal); - } catch(Exception $ex) { + } catch (Exception $ex) { return false; } @@ -137,5 +140,4 @@ class Payments { return true; } - } diff --git a/_sakura/components/Permissions.php b/_sakura/components/Permissions.php index f127a89..d6703c9 100644 --- a/_sakura/components/Permissions.php +++ b/_sakura/components/Permissions.php @@ -5,17 +5,17 @@ namespace Sakura; -class Permissions { - +class Permissions +{ // Fallback permission data private static $fallback = [ - 'rid' => 0, - 'uid' => 0, - 'siteperms' => 1, - 'manageperms' => 0, - 'forumperms' => 0, - 'rankinherit' => 111 + 'rid' => 0, + 'uid' => 0, + 'siteperms' => 1, + 'manageperms' => 0, + 'forumperms' => 0, + 'rankinherit' => 111, ]; @@ -25,79 +25,72 @@ class Permissions { // Site permissions 'SITE' => [ - 'DEACTIVATED' => 1, // Is a user deactivated - 'RESTRICTED' => 2, // Is a user restricted - 'ALTER_PROFILE' => 4, // Can alter their profile data - 'CHANGE_AVATAR' => 8, // Can change their avatar - 'CREATE_BACKGROUND' => 16, // Can create a background (different from changing) - 'CHANGE_BACKGROUND' => 32, // Can change their background - 'VIEW_MEMBERLIST' => 64, // Can view the memberlist - 'CREATE_USERPAGE' => 128, // Can create a userpage (different from changing) - 'CHANGE_USERPAGE' => 256, // Can change their userpage - 'USE_MESSAGES' => 512, // Can use the Private Messaging system - 'SEND_MESSAGES' => 1024, // Can send Private Messages to other users - 'CHANGE_EMAIL' => 2048, // Can change their account e-mail address - 'CHANGE_USERNAME' => 4096, // Can change their username - 'CHANGE_USERTITLE' => 8192, // Can change their usertitle - 'CHANGE_PASSWORD' => 16384, // Can change their password - 'ALTER_RANKS' => 32768, // Can change their ranks - 'MANAGE_SESSIONS' => 65536, // Can manage their sessions - 'CREATE_REGKEYS' => 131072, // Can create registration keys - 'DEACTIVATE_ACCOUNT' => 262144, // Can deactivate their account - 'VIEW_PROFILE_DATA' => 524288, // Can view other's profile data - 'MANAGE_FRIENDS' => 1048576, // Can manage friends (add/remove) - 'REPORT_USERS' => 2097152, // Can report users to staff - 'OBTAIN_PREMIUM' => 4194304, // Can obtain the premium rank - 'JOIN_GROUPS' => 8388608, // Can join groups - 'CREATE_GROUP' => 16777216, // Can create a group - 'MULTIPLE_GROUPS' => 33554432, // Can create multiple groups (requires single group perm) - 'CHANGE_NAMECOLOUR' => 67108864, // Can change their username colour - 'STATIC_PREMIUM' => 134217728 // User has static premium status + 'DEACTIVATED' => 1, // Is a user deactivated + 'RESTRICTED' => 2, // Is a user restricted + 'ALTER_PROFILE' => 4, // Can alter their profile data + 'CHANGE_AVATAR' => 8, // Can change their avatar + 'CREATE_BACKGROUND' => 16, // Can create a background (different from changing) + 'CHANGE_BACKGROUND' => 32, // Can change their background + 'VIEW_MEMBERLIST' => 64, // Can view the memberlist + 'CREATE_USERPAGE' => 128, // Can create a userpage (different from changing) + 'CHANGE_USERPAGE' => 256, // Can change their userpage + 'USE_MESSAGES' => 512, // Can use the Private Messaging system + 'SEND_MESSAGES' => 1024, // Can send Private Messages to other users + 'CHANGE_EMAIL' => 2048, // Can change their account e-mail address + 'CHANGE_USERNAME' => 4096, // Can change their username + 'CHANGE_USERTITLE' => 8192, // Can change their usertitle + 'CHANGE_PASSWORD' => 16384, // Can change their password + 'ALTER_RANKS' => 32768, // Can change their ranks + 'MANAGE_SESSIONS' => 65536, // Can manage their sessions + 'CREATE_REGKEYS' => 131072, // Can create registration keys + 'DEACTIVATE_ACCOUNT' => 262144, // Can deactivate their account + 'VIEW_PROFILE_DATA' => 524288, // Can view other's profile data + 'MANAGE_FRIENDS' => 1048576, // Can manage friends (add/remove) + 'REPORT_USERS' => 2097152, // Can report users to staff + 'OBTAIN_PREMIUM' => 4194304, // Can obtain the premium rank + 'JOIN_GROUPS' => 8388608, // Can join groups + 'CREATE_GROUP' => 16777216, // Can create a group + 'MULTIPLE_GROUPS' => 33554432, // Can create multiple groups (requires single group perm) + 'CHANGE_NAMECOLOUR' => 67108864, // Can change their username colour + 'STATIC_PREMIUM' => 134217728, // User has static premium status ], // Forum permissions 'FORUM' => [ - 'USE_FORUM' => 1 + 'USE_FORUM' => 1, ], // Site management permissions 'MANAGE' => [ - 'USE_MANAGE' => 1 + 'USE_MANAGE' => 1, - ] + ], ]; // Checking if a user has the permissions to do a thing - public static function check($layer, $action, $operator, $mode = 0) { + public static function check($layer, $action, $operator, $mode = 0) + { // Check if the permission layer and the permission itself exists - if(!array_key_exists($layer, self::$permissions) || !array_key_exists($action, self::$permissions[$layer])) { - + if (!array_key_exists($layer, self::$permissions) || !array_key_exists($action, self::$permissions[$layer])) { return false; - } // Convert to the appropiate mode - if($mode === 2) { - + if ($mode === 2) { $operator = self::getRankPermissions($operator)[$layer]; - - } elseif($mode === 1) { - + } elseif ($mode === 1) { $operator = self::getUserPermissions($operator)[$layer]; - } // Perform the bitwise AND - if(bindec($operator) & self::$permissions[$layer][$action]) { - + if (bindec($operator) & self::$permissions[$layer][$action]) { return true; - } // Else just return false @@ -106,54 +99,45 @@ class Permissions { } // Get permission data of a rank from the database - public static function getRankPermissions($ranks) { + public static function getRankPermissions($ranks) + { // Container array - $getRanks = []; - $perms = []; + $getRanks = []; + $perms = []; // Get permission row for all ranks - foreach($ranks as $rank) { - - $getRanks[] = Database::fetch('permissions', false, ['rid' => [$rank, '='], 'uid' => [0 ,'=']]); - + foreach ($ranks as $rank) { + $getRanks[] = Database::fetch('permissions', false, ['rid' => [$rank, '='], 'uid' => [0, '=']]); } // Check if getRanks is empty or if the rank id is 0 return the fallback - if(empty($getRanks) || in_array(0, $ranks)) { - + if (empty($getRanks) || in_array(0, $ranks)) { $getRanks = [self::$fallback]; - } // Go over the permission data - foreach($getRanks as $rank) { - + foreach ($getRanks as $rank) { // Check if perms is empty - if(empty($perms)) { - + if (empty($perms)) { // Store the data of the current rank in $perms $perms = [ - 'SITE' => $rank['siteperms'], - 'MANAGE' => $rank['manageperms'], - 'FORUM' => $rank['forumperms'] + 'SITE' => $rank['siteperms'], + 'MANAGE' => $rank['manageperms'], + 'FORUM' => $rank['forumperms'], ]; - } else { - // Perform a bitwise OR on the ranks $perms = [ - 'SITE' => $perms['SITE'] | $rank['siteperms'], - 'MANAGE' => $perms['MANAGE'] | $rank['manageperms'], - 'FORUM' => $perms['FORUM'] | $rank['forumperms'] + 'SITE' => $perms['SITE'] | $rank['siteperms'], + 'MANAGE' => $perms['MANAGE'] | $rank['manageperms'], + 'FORUM' => $perms['FORUM'] | $rank['forumperms'], ]; - } - } // Return the compiled permission strings @@ -162,51 +146,43 @@ class Permissions { } // Get permission data for a user - public static function getUserPermissions($uid) { + public static function getUserPermissions($uid) + { // Get user data $user = Users::getUser($uid); // Attempt to get the permission row of a user - $userPerms = Database::fetch('permissions', false, ['rid' => [0, '='], 'uid' => [$user['id'] ,'=']]); + $userPerms = Database::fetch('permissions', false, ['rid' => [0, '='], 'uid' => [$user['id'], '=']]); // Get their rank permissions $rankPerms = self::getRankPermissions(json_decode($user['ranks'], true)); // Just return the rank permissions if no special ones are set - if(empty($userPerms)) { - + if (empty($userPerms)) { return $rankPerms; - } // Split the inherit option things up $inheritance = str_split($userPerms['rankinherit']); // Override site permissions - if(!$inheritance[0]) { - + if (!$inheritance[0]) { $rankPerms['SITE'] = $userPerms['siteperms']; - } // Override management permissions - if(!$inheritance[1]) { - + if (!$inheritance[1]) { $rankPerms['MANAGE'] = $userPerms['manageperms']; - } // Override forum permissions - if(!$inheritance[2]) { - + if (!$inheritance[2]) { $rankPerms['FORUM'] = $userPerms['forumperms']; - } // Return permissions return $rankPerms; } - } diff --git a/_sakura/components/Sessions.php b/_sakura/components/Sessions.php index b799a70..09cd6d2 100644 --- a/_sakura/components/Sessions.php +++ b/_sakura/components/Sessions.php @@ -5,43 +5,43 @@ namespace Sakura; -class Session { - +class Session +{ // Current user data public static $userId; public static $sessionId; // Initiate new session - public static function init() { + public static function init() + { // Start PHP session - if(session_status() != PHP_SESSION_ACTIVE) { - + if (session_status() != PHP_SESSION_ACTIVE) { session_start(); - } // Assign user and session IDs - self::$userId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') .'id'] : 0; - self::$sessionId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') .'session'] : ''; + self::$userId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'id']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') . 'id'] : 0; + self::$sessionId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'session']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') . 'session'] : ''; } // Create new session - public static function newSession($userID, $remember = false) { + public static function newSession($userId, $remember = false) + { // Generate session key - $session = sha1($userID . base64_encode('sakura'. mt_rand(0, 99999999)) . time()); + $session = sha1($userId . base64_encode('sakura' . mt_rand(0, 99999999)) . time()); // Insert the session into the database Database::insert('sessions', [ - 'userip' => Main::getRemoteIP(), + 'userip' => Main::getRemoteIP(), 'useragent' => Main::cleanString($_SERVER['HTTP_USER_AGENT']), - 'userid' => $userID, - 'skey' => $session, - 'started' => time(), - 'expire' => time() + 604800, - 'remember' => $remember ? '1' : '0' + 'userid' => $userId, + 'skey' => $session, + 'started' => time(), + 'expire' => time() + 604800, + 'remember' => $remember ? '1' : '0', ]); // Return the session key @@ -50,77 +50,74 @@ class Session { } // Check session data (expiry, etc.) - public static function checkSession($userId, $sessionId) { + public static function checkSession($userId, $sessionId) + { // Get session from database $session = Database::fetch('sessions', true, ['userid' => [$userId, '='], 'skey' => [$sessionId, '=']]); // Check if we actually got something in return - if(!count($session)) { - + if (!count($session)) { return false; - - } else { - - $session = $session[0]; - } - // Check if the session expired - if($session['expire'] < time()) { + $session = $session[0]; + // Check if the session expired + if ($session['expire'] < time()) { // If it is delete the session... self::deleteSession($session['id']); // ...and return false return false; - } // Origin checking - if($ipCheck = Configuration::getConfig('session_check')) { - + if ($ipCheck = Configuration::getConfig('session_check')) { // Split both IPs up - $sessionIP = explode('.', $session['userip']); - $userIP = explode('.', Main::getRemoteIP()); + $sessionIP = explode('.', $session['userip']); + $userIP = explode('.', Main::getRemoteIP()); // Take 1 off the ipCheck variable so it's equal to the array keys $ipCheck = $ipCheck - 1; // Check if the user's IP is similar to the session's registered IP - switch($ipCheck) { - + switch ($ipCheck) { // 000.xxx.xxx.xxx case 3: - if($userIP[3] !== $sessionIP[3]) return false; + if ($userIP[3] !== $sessionIP[3]) { + return false; + } // xxx.000.xxx.xxx case 2: case 3: - if($userIP[2] !== $sessionIP[2]) return false; + if ($userIP[2] !== $sessionIP[2]) { + return false; + } // xxx.xxx.000.xxx case 1: case 2: case 3: - if($userIP[1] !== $sessionIP[1]) return false; + if ($userIP[1] !== $sessionIP[1]) { + return false; + } // xxx.xxx.xxx.000 case 0: case 1: case 2: case 3: - if($userIP[0] !== $sessionIP[0]) return false; - + if ($userIP[0] !== $sessionIP[0]) { + return false; + } } - } // If the remember flag is set extend the session time - if($session['remember']) { - + if ($session['remember']) { Database::update('sessions', [['expire' => time() + 604800], ['id' => [$session['id'], '=']]]); - } // Return 2 if the remember flag is set and return 1 if not @@ -129,13 +126,12 @@ class Session { } // Delete a session - public static function deleteSession($sessionId, $key = false) { + public static function deleteSession($sessionId, $key = false) + { // Check if the session exists - if(!Database::fetch('sessions', [($key ? 'skey' : 'id'), true, [$sessionId, '=']])) { - + if (!Database::fetch('sessions', [($key ? 'skey' : 'id'), true, [$sessionId, '=']])) { return false; - } // Run the query @@ -145,5 +141,4 @@ class Session { return true; } - } diff --git a/_sakura/components/Templates.php b/_sakura/components/Templates.php index ef7d453..422ecc4 100644 --- a/_sakura/components/Templates.php +++ b/_sakura/components/Templates.php @@ -5,41 +5,38 @@ namespace Sakura; -use Twig_Loader_Filesystem; use Twig_Environment; use Twig_Extension_StringLoader; +use Twig_Loader_Filesystem; -class Templates { - +class Templates +{ // Engine container, template folder name and options - public static $_ENG; - public static $_TPL; - public static $_CFG; + public static $engine; + public static $template; + public static $configuration; // Initialise templating engine and data - public static function init($template) { + public static function init($template) + { // Set template folder name - self::$_TPL = $template; + self::$template = $template; // Assign config path to a variable so we don't have to type it out twice - $confPath = ROOT .'_sakura/templates/'. self::$_TPL .'/template.ini'; + $confPath = ROOT . '_sakura/templates/' . self::$template . '/template.ini'; // Check if the configuration file exists - if(!file_exists($confPath)) { - + if (!file_exists($confPath)) { trigger_error('Template configuration does not exist', E_USER_ERROR); - } // Parse and store the configuration - self::$_CFG = parse_ini_file($confPath, true); + self::$configuration = parse_ini_file($confPath, true); // Make sure we're not using a manage template for the main site or the other way around - if(defined('SAKURA_MANAGE') && (bool)self::$_CFG['manage']['mode'] != (bool)SAKURA_MANAGE) { - + if (defined('SAKURA_MANAGE') && (bool) self::$configuration['manage']['mode'] != (bool) SAKURA_MANAGE) { trigger_error('Incorrect template type', E_USER_ERROR); - } // Start Twig @@ -48,42 +45,37 @@ class Templates { } // Twig Loader - private static function twigLoader() { + private static function twigLoader() + { // Initialise Twig Filesystem Loader - $twigLoader = new Twig_Loader_Filesystem(ROOT .'_sakura/templates/'. self::$_TPL); + $twigLoader = new Twig_Loader_Filesystem(ROOT . '_sakura/templates/' . self::$template); // Environment variable $twigEnv = []; // Enable caching - if(Configuration::getConfig('enable_tpl_cache')) { - - $twigEnv['cache'] = ROOT .'cache'; - + if (Configuration::getConfig('enable_tpl_cache')) { + $twigEnv['cache'] = ROOT . 'cache'; } // And now actually initialise the templating engine - self::$_ENG = new Twig_Environment($twigLoader, $twigEnv); + self::$engine = new Twig_Environment($twigLoader, $twigEnv); // Load String template loader - self::$_ENG->addExtension(new Twig_Extension_StringLoader()); + self::$engine->addExtension(new Twig_Extension_StringLoader()); } // Render template - public static function render($file, $tags) { + public static function render($file, $tags) + { try { - - return self::$_ENG->render($file, $tags); - - } catch(\Exception $e) { - + return self::$engine->render($file, $tags); + } catch (\Exception $e) { trigger_error($e->getMessage(), E_USER_ERROR); - } } - } diff --git a/_sakura/components/Urls.php b/_sakura/components/Urls.php index 3e3aaad..3a8d589 100644 --- a/_sakura/components/Urls.php +++ b/_sakura/components/Urls.php @@ -5,99 +5,97 @@ namespace Sakura; -class Urls { - +class Urls +{ // Unformatted links [0] = no mod_rewrite, [1] = mod_rewrite protected $urls = [ // General site sections - 'SITE_HOME' => ['/', '/'], - 'SITE_NEWS' => ['/news.php', '/news'], - 'SITE_NEWS_PAGE' => ['/news.php?page=%u', '/news/p%u'], - 'SITE_NEWS_POST' => ['/news.php?id=%u', '/news/%u'], - 'SITE_NEWS_RSS' => ['/news.php?xml=true', '/news.xml'], - 'SITE_SEARCH' => ['/search.php', '/search'], - 'SITE_PREMIUM' => ['/support.php', '/support'], - 'SITE_DONATE_TRACK' => ['/support.php?tracker=true', '/support/tracker'], - 'SITE_DONATE_TRACK_PAGE' => ['/support.php?tracker=true&page=%u', '/support/tracker/%u'], - 'SITE_FAQ' => ['/faq.php', '/faq'], - 'SITE_LOGIN' => ['/authenticate.php', '/login'], - 'SITE_LOGOUT' => ['/authenticate.php', '/logout'], - 'SITE_REGISTER' => ['/authenticate.php', '/register'], - 'SITE_FORGOT_PASSWORD' => ['/authenticate.php', '/forgotpassword'], - 'SITE_ACTIVATE' => ['/authenticate.php', '/activate'], - 'CHANGELOG' => ['/changelog.php', '/changelog'], - 'INFO_PAGE' => ['/index.php?p=%s', '/p/%s'], - 'AUTH_ACTION' => ['/authenticate.php', '/authenticate'], + 'SITE_HOME' => ['/', '/'], + 'SITE_NEWS' => ['/news.php', '/news'], + 'SITE_NEWS_PAGE' => ['/news.php?page=%u', '/news/p%u'], + 'SITE_NEWS_POST' => ['/news.php?id=%u', '/news/%u'], + 'SITE_NEWS_RSS' => ['/news.php?xml=true', '/news.xml'], + 'SITE_SEARCH' => ['/search.php', '/search'], + 'SITE_PREMIUM' => ['/support.php', '/support'], + 'SITE_DONATE_TRACK' => ['/support.php?tracker=true', '/support/tracker'], + 'SITE_DONATE_TRACK_PAGE' => ['/support.php?tracker=true&page=%u', '/support/tracker/%u'], + 'SITE_FAQ' => ['/faq.php', '/faq'], + 'SITE_LOGIN' => ['/authenticate.php', '/login'], + 'SITE_LOGOUT' => ['/authenticate.php', '/logout'], + 'SITE_REGISTER' => ['/authenticate.php', '/register'], + 'SITE_FORGOT_PASSWORD' => ['/authenticate.php', '/forgotpassword'], + 'SITE_ACTIVATE' => ['/authenticate.php', '/activate'], + 'CHANGELOG' => ['/changelog.php', '/changelog'], + 'INFO_PAGE' => ['/index.php?p=%s', '/p/%s'], + 'AUTH_ACTION' => ['/authenticate.php', '/authenticate'], // Memberlist - 'MEMBERLIST_INDEX' => ['/members.php', '/members'], - 'MEMBERLIST_SORT' => ['/members.php?sort=%s', '/members/%s'], - 'MEMBERLIST_RANK' => ['/members.php?rank=%u', '/members/%u'], - 'MEMBERLIST_PAGE' => ['/members.php?page=%u', '/members/p%u'], - 'MEMBERLIST_SORT_RANK' => ['/members.php?sort=%s&rank=%u', '/members/%s/%u'], - 'MEMBERLIST_RANK_PAGE' => ['/members.php?rank=%u&page=%u', '/members/%u/p%u'], - 'MEMBERLIST_SORT_PAGE' => ['/members.php?sort=%s&page=%u', '/members/%s/p%u'], - 'MEMBERLIST_ALL' => ['/members.php?sort=%s&rank=%u&page=%u', '/members/%s/%u/p%u'], + 'MEMBERLIST_INDEX' => ['/members.php', '/members'], + 'MEMBERLIST_SORT' => ['/members.php?sort=%s', '/members/%s'], + 'MEMBERLIST_RANK' => ['/members.php?rank=%u', '/members/%u'], + 'MEMBERLIST_PAGE' => ['/members.php?page=%u', '/members/p%u'], + 'MEMBERLIST_SORT_RANK' => ['/members.php?sort=%s&rank=%u', '/members/%s/%u'], + 'MEMBERLIST_RANK_PAGE' => ['/members.php?rank=%u&page=%u', '/members/%u/p%u'], + 'MEMBERLIST_SORT_PAGE' => ['/members.php?sort=%s&page=%u', '/members/%s/p%u'], + 'MEMBERLIST_ALL' => ['/members.php?sort=%s&rank=%u&page=%u', '/members/%s/%u/p%u'], // Forums - 'FORUM_INDEX' => ['/index.php?forum=true', '/forum'], - 'FORUM_SUB' => ['/viewforum.php?f=%u', '/forum/%u'], - 'FORUM_THREAD' => ['/viewtopic.php?t=%u', '/forum/thread/%u'], - 'FORUM_POST' => ['/viewtopic.php?p=%u', '/forum/post/%u'], - 'FORUM_REPLY' => ['/posting.php?t=%u', '/forum/thread/%u/reply'], - 'FORUM_NEW_THREAD' => ['/posting.php?f=%u', '/forum/%u/new'], - 'FORUM_EDIT_POST' => ['/posting.php?p=%1$u&edit=%1$u', '/forum/post/%u/edit'], - 'FORUM_DELETE_POST' => ['/posting.php?p=%1$u&delete=%1$u', '/forum/post/%u/delete'], - 'FORUM_QUOTE_POST' => ['/posting.php?p=%1$u"e=%1$u', '/forum/post/%u/quote'], + 'FORUM_INDEX' => ['/index.php?forum=true', '/forum'], + 'FORUM_SUB' => ['/viewforum.php?f=%u', '/forum/%u'], + 'FORUM_THREAD' => ['/viewtopic.php?t=%u', '/forum/thread/%u'], + 'FORUM_POST' => ['/viewtopic.php?p=%u', '/forum/post/%u'], + 'FORUM_REPLY' => ['/posting.php?t=%u', '/forum/thread/%u/reply'], + 'FORUM_NEW_THREAD' => ['/posting.php?f=%u', '/forum/%u/new'], + 'FORUM_EDIT_POST' => ['/posting.php?p=%1$u&edit=%1$u', '/forum/post/%u/edit'], + 'FORUM_DELETE_POST' => ['/posting.php?p=%1$u&delete=%1$u', '/forum/post/%u/delete'], + 'FORUM_QUOTE_POST' => ['/posting.php?p=%1$u"e=%1$u', '/forum/post/%u/quote'], // Image serve references - 'IMAGE_AVATAR' => ['/imageserve.php?m=avatar&u=%u', '/a/%u'], - 'IMAGE_BACKGROUND' => ['/imageserve.php?m=background&u=%u', '/bg/%u'], - 'IMAGE_HEADER' => ['/imageserve.php?m=header&u=%u', '/u/%u/header'], + 'IMAGE_AVATAR' => ['/imageserve.php?m=avatar&u=%u', '/a/%u'], + 'IMAGE_BACKGROUND' => ['/imageserve.php?m=background&u=%u', '/bg/%u'], + 'IMAGE_HEADER' => ['/imageserve.php?m=header&u=%u', '/u/%u/header'], // User actions - 'USER_LOGOUT' => ['/authenticate.php?mode=logout&time=%u&session=%s&redirect=%s', '/logout?mode=logout&time=%u&session=%s&redirect=%s'], - 'USER_REPORT' => ['/report.php?mode=user&u=%u', '/u/%u/report'], - 'USER_PROFILE' => ['/profile.php?u=%s', '/u/%s'], - 'USER_GROUP' => ['/group.php?g=%u', '/g/%u'], + 'USER_LOGOUT' => ['/authenticate.php?mode=logout&time=%u&session=%s&redirect=%s', '/logout?mode=logout&time=%u&session=%s&redirect=%s'], + 'USER_REPORT' => ['/report.php?mode=user&u=%u', '/u/%u/report'], + 'USER_PROFILE' => ['/profile.php?u=%s', '/u/%s'], + 'USER_GROUP' => ['/group.php?g=%u', '/g/%u'], // Settings urls - 'SETTINGS_INDEX' => ['/settings.php', '/settings'], - 'SETTING_CAT' => ['/settings.php?cat=%s', '/settings/%s'], - 'SETTING_MODE' => ['/settings.php?cat=%s&mode=%s', '/settings/%s/%s'], + 'SETTINGS_INDEX' => ['/settings.php', '/settings'], + 'SETTING_CAT' => ['/settings.php?cat=%s', '/settings/%s'], + 'SETTING_MODE' => ['/settings.php?cat=%s&mode=%s', '/settings/%s/%s'], // Friend Actions - 'FRIEND_ACTION' => ['/settings.php?friend-action=true', '/friends'], - 'FRIEND_ADD' => ['/settings.php?friend-action=true&add=%u&session=%s&time=%u&redirect=%s', '/friends?add=%u&session=%s&time=%u&redirect=%s'], - 'FRIEND_REMOVE' => ['/settings.php?friend-action=true&remove=%u&session=%s&time=%u&redirect=%s', '/friends?remove=%u&session=%s&time=%u&redirect=%s'], + 'FRIEND_ACTION' => ['/settings.php?friend-action=true', '/friends'], + 'FRIEND_ADD' => ['/settings.php?friend-action=true&add=%u&session=%s&time=%u&redirect=%s', '/friends?add=%u&session=%s&time=%u&redirect=%s'], + 'FRIEND_REMOVE' => ['/settings.php?friend-action=true&remove=%u&session=%s&time=%u&redirect=%s', '/friends?remove=%u&session=%s&time=%u&redirect=%s'], // Manage urls - 'MANAGE_INDEX' => ['/manage.php', '/manage'], - 'MANAGE_CAT' => ['/manage.php?cat=%s', '/manage/%s'], - 'MANAGE_MODE' => ['/manage.php?cat=%s&mode=%s', '/manage/%s/%s'] + 'MANAGE_INDEX' => ['/manage.php', '/manage'], + 'MANAGE_CAT' => ['/manage.php?cat=%s', '/manage/%s'], + 'MANAGE_MODE' => ['/manage.php?cat=%s&mode=%s', '/manage/%s/%s'], ]; // Get a formatted url - public function format($id, $args = [], $rewrite = null) { + public function format($lid, $args = [], $rewrite = null) + { // Check if the requested url exists - if(!array_key_exists($id, $this->urls)) { - + if (!array_key_exists($lid, $this->urls)) { return null; - } // Check if mod_rewrite is enabled $rewrite = ($rewrite === null ? Configuration::getConfig('url_rewrite') : $rewrite) ? 1 : 0; // Format urls - $formatted = vsprintf($this->urls[$id][$rewrite], $args); + $formatted = vsprintf($this->urls[$lid][$rewrite], $args); // Return the formatted url return $formatted; } - } diff --git a/_sakura/components/User.php b/_sakura/components/User.php index 673c514..8c855c1 100644 --- a/_sakura/components/User.php +++ b/_sakura/components/User.php @@ -5,32 +5,29 @@ namespace Sakura; -class User { - +class User +{ // User data - public $data = []; - public $ranks = []; - public $mainRank = []; + public $data = []; + public $ranks = []; + public $mainRank = []; // Initialise the user object - function __construct($id) { + public function __construct($uid) + { // Get the user database row - $this->data = Database::fetch('users', false, ['id' => [$id, '=', true], 'username_clean' => [Main::cleanString($id, true), '=', true]]); + $this->data = Database::fetch('users', false, ['id' => [$uid, '=', true], 'username_clean' => [Main::cleanString($uid, true), '=', true]]); // Check if anything like the username exists - if(empty($this->data)) { - - $this->data = Database::fetch('users', false, ['username_clean' => ['%'. Main::cleanString($id, true) .'%', 'LIKE']]); - + if (empty($this->data)) { + $this->data = Database::fetch('users', false, ['username_clean' => ['%' . Main::cleanString($uid, true) . '%', 'LIKE']]); } // Check if the user actually exists - if(empty($this->data)) { - + if (empty($this->data)) { // If not assign as the fallback user $this->data = Users::$emptyUser; - } // Decode the json in the userData column @@ -40,19 +37,15 @@ class User { $ranks = json_decode($this->data['ranks'], true); // Get the rows for all the ranks - foreach($ranks as $rank) { - + foreach ($ranks as $rank) { // Store the database row in the array $this->ranks[$rank] = Database::fetch('ranks', false, ['id' => [$rank, '=']]); - } // Check if ranks were set - if(empty($this->ranks)) { - + if (empty($this->ranks)) { // If not assign the fallback rank $this->ranks[0] = Users::$emptyRank; - } // Assign the user's main rank to a special variable since we'll use it a lot @@ -61,25 +54,20 @@ class User { } // Check if the user has the specified ranks - public function checkIfUserHasRanks($ranks) { + public function checkIfUserHasRanks($ranks) + { // Check if the main rank is the specified rank - if(in_array($this->mainRank['id'], $ranks)) { - + if (in_array($this->mainRank['id'], $ranks)) { return true; - } // If not go over all ranks and check if the user has them - foreach($ranks as $rank) { - + foreach ($ranks as $rank) { // We check if $rank is in $this->ranks and if yes return true - if(array_key_exists($rank, $this->ranks)) { - + if (array_key_exists($rank, $this->ranks)) { return true; - } - } // If all fails return false @@ -88,158 +76,153 @@ class User { } // Get the user's colour - public function colour() { + public function colour() + { return empty($this->data['name_colour']) ? $this->mainRank['colour'] : $this->data['name_colour']; } // Get the user's title - public function userTitle() { + public function userTitle() + { return empty($this->data['usertitle']) ? $this->mainRank['title'] : $this->data['usertitle']; } // Get the user's long and short country names - public function country() { + public function country() + { return [ - 'long' => Main::getCountryName($this->data['country']), - 'short' => $this->data['country'] + 'long' => Main::getCountryName($this->data['country']), + 'short' => $this->data['country'], ]; } // Check if a user is online - public function checkOnline() { + public function checkOnline() + { return $this->data['lastdate'] > (time() - Configuration::getConfig('max_online_time')); } // Get user's forum statistics - public function forumStats() { + public function forumStats() + { return Forum::getUserStats($this->data['id']); } // Check if the user is friends with the currently authenticated - public function checkFriends($with) { + public function checkFriends($with) + { return Users::checkFriend($this->data['id'], $with); } // Get all the friend of this user - public function getFriends($timestamps = false, $getData = false, $checkOnline = false) { + public function getFriends($timestamps = false, $getData = false, $checkOnline = false) + { return Users::getFriends($this->data['id'], $timestamps, $getData, $checkOnline); } // Check if the user is banned - public function checkBan() { + public function checkBan() + { return Bans::checkBan($this->data['id']); } // Check if the user has the proper permissions - public function checkPermission($layer, $action) { + public function checkPermission($layer, $action) + { return Permissions::check($layer, $action, $this->data['id'], 1); } // Get amount of time since user events - public function elapsed($append = ' ago', $none = 'Just now') { + public function elapsed($append = ' ago', $none = 'Just now') + { return [ - 'joined' => Main::timeElapsed($this->data['regdate'], $append, $none), - 'lastOnline' => Main::timeElapsed($this->data['lastdate'], $append, $none), - 'birth' => Main::timeElapsed(strtotime($this->data['birthday']), $append, $none) + 'joined' => Main::timeElapsed($this->data['regdate'], $append, $none), + 'lastOnline' => Main::timeElapsed($this->data['lastdate'], $append, $none), + 'birth' => Main::timeElapsed(strtotime($this->data['birthday']), $append, $none), ]; } // Get the user's profile fields - public function profileFields() { + public function profileFields() + { // Get profile fields $profileFields = Database::fetch('profilefields'); // If there's nothing just return null - if(!count($profileFields)) { - + if (!count($profileFields)) { return; - } // Once again if nothing was returned just return null - if(empty($this->data['userData']['profileFields'])) { - + if (empty($this->data['userData']['profileFields'])) { return; - } // Create output array $profile = []; // Check if profile fields aren't fake - foreach($profileFields as $field) { - + foreach ($profileFields as $field) { // Completely strip all special characters from the field name $fieldName = Main::cleanString($field['name'], true, true); // Check if the user has the current field set otherwise continue - if(!array_key_exists($fieldName, $this->data['userData']['profileFields'])) { - + if (!array_key_exists($fieldName, $this->data['userData']['profileFields'])) { continue; - } // Assign field to output with value - $profile[$fieldName] = array(); - $profile[$fieldName]['name'] = $field['name']; - $profile[$fieldName]['value'] = $this->data['userData']['profileFields'][$fieldName]; - $profile[$fieldName]['islink'] = $field['islink']; + $profile[$fieldName] = array(); + $profile[$fieldName]['name'] = $field['name']; + $profile[$fieldName]['value'] = $this->data['userData']['profileFields'][$fieldName]; + $profile[$fieldName]['islink'] = $field['islink']; // If the field is set to be a link add a value for that as well - if($field['islink']) { - + if ($field['islink']) { $profile[$fieldName]['link'] = str_replace('{{ VAL }}', $this->data['userData']['profileFields'][$fieldName], $field['linkformat']); - } // Check if we have additional options as well - if($field['additional'] != null) { - + if ($field['additional'] != null) { // Decode the json of the additional stuff $additional = json_decode($field['additional'], true); // Go over all additional forms - foreach($additional as $subName => $subField) { - + foreach ($additional as $subName => $subField) { // Check if the user has the current field set otherwise continue - if(!array_key_exists($subName, $this->data['userData']['profileFields'])) { - + if (!array_key_exists($subName, $this->data['userData']['profileFields'])) { continue; - } // Assign field to output with value $profile[$fieldName][$subName] = $this->data['userData']['profileFields'][$subName]; - } - } - } // Return appropiate profile data @@ -248,48 +231,39 @@ class User { } // Get the user's option fields - public function optionFields() { + public function optionFields() + { // Get option fields $optionFields = Database::fetch('optionfields'); // If there's nothing just return null - if(!count($optionFields)) { - + if (!count($optionFields)) { return; - } // Once again if nothing was returned just return null - if(empty($this->data['userData']['userOptions'])) { - + if (empty($this->data['userData']['userOptions'])) { return; - } // Create output array $options = []; // Check if profile fields aren't fake - foreach($optionFields as $field) { - + foreach ($optionFields as $field) { // Check if the user has the current field set otherwise continue - if(!array_key_exists($field['id'], $this->data['userData']['userOptions'])) { - + if (!array_key_exists($field['id'], $this->data['userData']['userOptions'])) { continue; - } // Make sure the user has the proper permissions to use this option - if(!$this->checkPermission('SITE', $field['require_perm'])) { - + if (!$this->checkPermission('SITE', $field['require_perm'])) { continue; - } // Assign field to output with value $options[$field['id']] = $this->data['userData']['userOptions'][$field['id']]; - } // Return appropiate profile data @@ -298,36 +272,29 @@ class User { } // Check if user has Premium - public function checkPremium() { + public function checkPremium() + { // Check if the user has static premium - if(Permissions::check('SITE', 'STATIC_PREMIUM', $this->data['id'], 1)) { - + if (Permissions::check('SITE', 'STATIC_PREMIUM', $this->data['id'], 1)) { return [2, 0, time() + 1]; - } // Attempt to retrieve the premium record from the database $getRecord = Database::fetch('premium', false, [ - - 'uid' => [$this->data['id'], '='] - + 'uid' => [$this->data['id'], '='], ]); // If nothing was returned just return false - if(empty($getRecord)) { - + if (empty($getRecord)) { return [0]; - } // Check if the Tenshi hasn't expired - if($getRecord['expiredate'] < time()) { - + if ($getRecord['expiredate'] < time()) { Users::removeUserPremium($this->data['id']); Users::updatePremiumMeta($this->data['id']); return [0, $getRecord['startdate'], $getRecord['expiredate']]; - } // Else return the start and expiration date @@ -336,16 +303,16 @@ class User { } // Get all warnings issued to the user - public function getWarnings() { + public function getWarnings() + { // Do the database query $warnings = Database::fetch('warnings', true, [ - 'uid' => [$this->data['id'], '='] + 'uid' => [$this->data['id'], '='], ]); // Return all the warnings return $warnings; } - } diff --git a/_sakura/components/Users.php b/_sakura/components/Users.php index 2d14dbc..c6dfee0 100644 --- a/_sakura/components/Users.php +++ b/_sakura/components/Users.php @@ -5,107 +5,95 @@ namespace Sakura; -class Users { +class Users +{ // Empty user template public static $emptyUser = [ - 'id' => 0, - 'username' => 'Sakura User', - 'username_clean' => 'sakura user', - 'password_hash' => '', - 'password_salt' => '', - 'password_algo' => 'nologin', - 'password_iter' => 1000, - 'password_chan' => 0, - 'password_new' => '', - 'email' => 'sakura@localhost', - 'rank_main' => 0, - 'ranks' => '[0]', - 'name_colour' => '', - 'register_ip' => '127.0.0.1', - 'last_ip' => '127.0.0.1', - 'usertitle' => 'Internal fallback account', - 'regdate' => 0, - 'lastdate' => 0, - 'lastunamechange' => 0, - 'birthday' => '', - 'posts' => 0, - 'country' => 'XX', - 'userData' => '[]' + 'id' => 0, + 'username' => 'Sakura User', + 'username_clean' => 'sakura user', + 'password_hash' => '', + 'password_salt' => '', + 'password_algo' => 'nologin', + 'password_iter' => 1000, + 'password_chan' => 0, + 'password_new' => '', + 'email' => 'sakura@localhost', + 'rank_main' => 0, + 'ranks' => '[0]', + 'name_colour' => '', + 'register_ip' => '127.0.0.1', + 'last_ip' => '127.0.0.1', + 'usertitle' => 'Internal fallback account', + 'regdate' => 0, + 'lastdate' => 0, + 'lastunamechange' => 0, + 'birthday' => '', + 'posts' => 0, + 'country' => 'XX', + 'userData' => '[]', ]; // Empty rank template public static $emptyRank = [ - 'id' => 0, - 'rankname' => 'Sakura Rank', - 'multi' => 0, - 'colour' => '#444', - 'description' => 'A hardcoded dummy rank for fallback.' + 'id' => 0, + 'rankname' => 'Sakura Rank', + 'multi' => 0, + 'colour' => '#444', + 'description' => 'A hardcoded dummy rank for fallback.', ]; // Check if a user is logged in - public static function checkLogin($uid = null, $sid = null, $bypassCookies = false) { + public static function checkLogin($uid = null, $sid = null, $bypassCookies = false) + { // Set $uid and $sid if they're null - if($uid == null) { - + if ($uid == null) { $uid = Session::$userId; - } // ^ - if($sid == null) { - + if ($sid == null) { $sid = Session::$sessionId; - } // Check if cookie bypass is false - if(!$bypassCookies) { - + if (!$bypassCookies) { // Check if the cookies are set - if(!isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id']) || !isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session'])) { - + if (!isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'id']) || !isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'session'])) { return false; - } - } // Check if the session exists - if(!$session = Session::checkSession($uid, $sid)) { - + if (!$session = Session::checkSession($uid, $sid)) { return false; - } // Check if the user is activated - if(Permissions::check('SITE', 'DEACTIVATED', $uid, 1)) { - + if (Permissions::check('SITE', 'DEACTIVATED', $uid, 1)) { return false; - } // Extend the cookie times if the remember flag is set - if($session == 2 && !$bypassCookies) { - - setcookie(Configuration::getConfig('cookie_prefix') .'id', $uid, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); - setcookie(Configuration::getConfig('cookie_prefix') .'session', $sid, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); - + if ($session == 2 && !$bypassCookies) { + setcookie(Configuration::getConfig('cookie_prefix') . 'id', $uid, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); + setcookie(Configuration::getConfig('cookie_prefix') . 'session', $sid, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); } // Update last online Database::update('users', [ [ - 'lastdate' => time() + 'lastdate' => time(), ], [ - 'id' => [$uid, '='] - ] + 'id' => [$uid, '='], + ], ]); // Update the premium meta - Users::updatePremiumMeta($uid); + self::updatePremiumMeta($uid); // If everything went through return true return true; @@ -113,63 +101,53 @@ class Users { } // Log a user in - public static function login($username, $password, $remember = false, $cookies = true) { + public static function login($username, $password, $remember = false, $cookies = true) + { // Check if authentication is disallowed - if(Configuration::getConfig('lock_authentication')) { - + if (Configuration::getConfig('lock_authentication')) { return [0, 'AUTH_LOCKED']; - } // Check if the user that's trying to log in actually exists - if(!$uid = self::userExists($username, false)) { - + if (!$uid = self::userExists($username, false)) { return [0, 'USER_NOT_EXIST']; - } // Get account data $user = self::getUser($uid); // Validate password - switch($user['password_algo']) { - + switch ($user['password_algo']) { // Abyssing case 'nologin': return [0, 'NO_LOGIN']; // Default hashing method default: - if(!Hashing::validate_password($password, [ + if (!Hashing::validate_password($password, [ $user['password_algo'], $user['password_iter'], $user['password_salt'], - $user['password_hash'] + $user['password_hash'], ])) { - return [0, 'INCORRECT_PASSWORD', $user['password_chan']]; - } } // Check if the user has the required privs to log in - if(Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { - + if (Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { return [0, 'NOT_ALLOWED']; - } // Create a new session $sessionKey = Session::newSession($user['id'], $remember); // Set cookies - if($cookies) { - - setcookie(Configuration::getConfig('cookie_prefix') .'id', $user['id'], time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); - setcookie(Configuration::getConfig('cookie_prefix') .'session', $sessionKey, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); - + if ($cookies) { + setcookie(Configuration::getConfig('cookie_prefix') . 'id', $user['id'], time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); + setcookie(Configuration::getConfig('cookie_prefix') . 'session', $sessionKey, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); } // Successful login! (also has a thing for the legacy password system) @@ -178,25 +156,22 @@ class Users { } // Logout and kill the session - public static function logout() { + public static function logout() + { // Check if user is logged in - if(!self::checkLogin()) { - + if (!self::checkLogin()) { return false; - } // Remove the active session from the database - if(!Session::deleteSession(Session::$sessionId, true)) { - + if (!Session::deleteSession(Session::$sessionId, true)) { return false; - } // Set cookies - setcookie(Configuration::getConfig('cookie_prefix') .'id', 0, time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); - setcookie(Configuration::getConfig('cookie_prefix') .'session', '', time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); + setcookie(Configuration::getConfig('cookie_prefix') . 'id', 0, time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); + setcookie(Configuration::getConfig('cookie_prefix') . 'session', '', time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain')); // Return true indicating a successful logout return true; @@ -204,146 +179,115 @@ class Users { } // Register user - public static function register($username, $password, $confirmpass, $email, $tos, $captcha = null, $regkey = null) { + public static function register($username, $password, $confirmpass, $email, $tos, $captcha = null, $regkey = null) + { // Check if authentication is disallowed - if(Configuration::getConfig('lock_authentication')) { - + if (Configuration::getConfig('lock_authentication')) { return [0, 'AUTH_LOCKED']; - } // Check if registration is even enabled - if(Configuration::getConfig('disable_registration')) { - + if (Configuration::getConfig('disable_registration')) { return [0, 'DISABLED']; - } // Check if registration codes are required - if(Configuration::getConfig('require_registration_code')) { - + if (Configuration::getConfig('require_registration_code')) { // Check if the code is valid - if(!self::checkRegistrationCode($regkey)) { - + if (!self::checkRegistrationCode($regkey)) { return [0, 'INVALID_REG_KEY']; - } - } // Check if the user agreed to the ToS - if(!$tos) { - + if (!$tos) { return [0, 'TOS']; - } // Verify the captcha if it's enabled - if(Configuration::getConfig('recaptcha')) { - - if(!Main::verifyCaptcha($captcha)['success']) { - + if (Configuration::getConfig('recaptcha')) { + if (!Main::verifyCaptcha($captcha)['success']) { return [0, 'CAPTCHA_FAIL']; - } - } // Check if the username already exists - if(self::userExists($username, false)) { - + if (self::userExists($username, false)) { return [0, 'USER_EXISTS']; - } // Username too short - if(strlen($username) < Configuration::getConfig('username_min_length')) { - + if (strlen($username) < Configuration::getConfig('username_min_length')) { return [0, 'NAME_TOO_SHORT']; - } // Username too long - if(strlen($username) > Configuration::getConfig('username_max_length')) { - + if (strlen($username) > Configuration::getConfig('username_max_length')) { return [0, 'NAME_TOO_LONG']; - } // Check if the given email address is formatted properly - if(!filter_var($email, FILTER_VALIDATE_EMAIL)) { - + if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { return [0, 'INVALID_EMAIL']; - } // Check the MX record of the email - if(!Main::checkMXRecord($email)) { - + if (!Main::checkMXRecord($email)) { return [0, 'INVALID_MX']; - } // Check password entropy - if(Main::pwdEntropy($password) < Configuration::getConfig('min_entropy')) { - + if (Main::pwdEntropy($password) < Configuration::getConfig('min_entropy')) { return [0, 'PASS_TOO_SHIT']; - } // Passwords do not match - if($password != $confirmpass) { - + if ($password != $confirmpass) { return [0, 'PASS_NOT_MATCH']; - } // Set a few variables - $usernameClean = Main::cleanString($username, true); - $emailClean = Main::cleanString($email, true); - $password = Hashing::create_hash($password); - $requireActive = Configuration::getConfig('require_activation'); - $userRank = $requireActive ? [1] : [2]; - $userRankJson = json_encode($userRank); + $usernameClean = Main::cleanString($username, true); + $emailClean = Main::cleanString($email, true); + $password = Hashing::create_hash($password); + $requireActive = Configuration::getConfig('require_activation'); + $userRank = $requireActive ? [1] : [2]; + $userRankJson = json_encode($userRank); // Insert the user into the database Database::insert('users', [ - 'username' => $username, - 'username_clean' => $usernameClean, - 'password_hash' => $password[3], - 'password_salt' => $password[2], - 'password_algo' => $password[0], - 'password_iter' => $password[1], - 'email' => $emailClean, - 'rank_main' => $userRank[0], - 'ranks' => $userRankJson, - 'register_ip' => Main::getRemoteIP(), - 'last_ip' => Main::getRemoteIP(), - 'regdate' => time(), - 'lastdate' => 0, - 'lastunamechange' => time(), - 'country' => Main::getCountryCode(), - 'userData' => '[]' + 'username' => $username, + 'username_clean' => $usernameClean, + 'password_hash' => $password[3], + 'password_salt' => $password[2], + 'password_algo' => $password[0], + 'password_iter' => $password[1], + 'email' => $emailClean, + 'rank_main' => $userRank[0], + 'ranks' => $userRankJson, + 'register_ip' => Main::getRemoteIP(), + 'last_ip' => Main::getRemoteIP(), + 'regdate' => time(), + 'lastdate' => 0, + 'lastunamechange' => time(), + 'country' => Main::getCountryCode(), + 'userData' => '[]', ]); // Get userid of the new user $uid = Database::fetch('users', false, ['username_clean' => [$usernameClean, '=']])['id']; // Check if we require e-mail activation - if($requireActive) { - + if ($requireActive) { // Send activation e-mail to user self::sendActivationMail($uid); - } // Check if registration codes are required - if(Configuration::getConfig('require_registration_code')) { - + if (Configuration::getConfig('require_registration_code')) { // If we do mark the registration code that was used as used self::markRegistrationCodeUsed($regkey, $uid); - } // Return true with a specific message if needed @@ -352,62 +296,57 @@ class Users { } // Check if a user exists and then send the password forgot email - public static function sendPasswordForgot($username, $email) { + public static function sendPasswordForgot($username, $email) + { // Check if authentication is disallowed - if(Configuration::getConfig('lock_authentication')) { - + if (Configuration::getConfig('lock_authentication')) { return [0, 'AUTH_LOCKED']; - } // Clean username string - $usernameClean = Main::cleanString($username, true); - $emailClean = Main::cleanString($email, true); + $usernameClean = Main::cleanString($username, true); + $emailClean = Main::cleanString($email, true); // Do database request $user = Database::fetch('users', false, [ - 'username_clean' => [$usernameClean, '='], - 'email' => [$emailClean, '='] + 'username_clean' => [$usernameClean, '='], + 'email' => [$emailClean, '='], ]); // Check if user exists - if(count($user) < 2) { - + if (count($user) < 2) { return [0, 'USER_NOT_EXIST']; - } // Check if the user has the required privs to log in - if(Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { - + if (Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { return [0, 'NOT_ALLOWED']; - } // Generate the verification key $verk = Main::newActionCode('LOST_PASS', $user['id'], [ 'meta' => [ - 'password_change' => 1 - ] + 'password_change' => 1, + ], ]); // Create new urls object $urls = new Urls(); // Build the e-mail - $message = "Hello ". $user['username'] .",\r\n\r\n"; - $message .= "You are receiving this notification because you have (or someone pretending to be you has) requested a password reset link to be sent for your account on \"". Configuration::getConfig('sitename') ."\". If you did not request this notification then please ignore it, if you keep receiving it please contact the site administrator.\r\n\r\n"; + $message = "Hello " . $user['username'] . ",\r\n\r\n"; + $message .= "You are receiving this notification because you have (or someone pretending to be you has) requested a password reset link to be sent for your account on \"" . Configuration::getConfig('sitename') . "\". If you did not request this notification then please ignore it, if you keep receiving it please contact the site administrator.\r\n\r\n"; $message .= "To use this password reset key you need to go to a special page. To do this click the link provided below.\r\n\r\n"; - $message .= "http://". Configuration::getConfig('url_main') . $urls->format('SITE_FORGOT_PASSWORD') ."?pw=true&uid=". $user['id'] ."&key=". $verk ."\r\n\r\n"; + $message .= "http://" . Configuration::getConfig('url_main') . $urls->format('SITE_FORGOT_PASSWORD') . "?pw=true&uid=" . $user['id'] . "&key=" . $verk . "\r\n\r\n"; $message .= "If successful you should be able to change your password here.\r\n\r\n"; - $message .= "Alternatively if the above method fails for some reason you can go to http://". Configuration::getConfig('url_main') . $urls->format('SITE_FORGOT_PASSWORD') ."?pw=true&uid=". $user['id'] ." and use the key listed below:\r\n\r\n"; - $message .= "Verification key: ". $verk ."\r\n\r\n"; + $message .= "Alternatively if the above method fails for some reason you can go to http://" . Configuration::getConfig('url_main') . $urls->format('SITE_FORGOT_PASSWORD') . "?pw=true&uid=" . $user['id'] . " and use the key listed below:\r\n\r\n"; + $message .= "Verification key: " . $verk . "\r\n\r\n"; $message .= "You can of course change this password yourself via the profile page. If you have any difficulties please contact the site administrator.\r\n\r\n"; - $message .= "--\r\n\r\nThanks\r\n\r\n". Configuration::getConfig('mail_signature'); + $message .= "--\r\n\r\nThanks\r\n\r\n" . Configuration::getConfig('mail_signature'); // Send the message - Main::sendMail([$user['email'] => $user['username']], Configuration::getConfig('sitename') .' password restoration', $message); + Main::sendMail([$user['email'] => $user['username']], Configuration::getConfig('sitename') . ' password restoration', $message); // Return success return [1, 'SUCCESS']; @@ -415,42 +354,35 @@ class Users { } // Reset password with key - public static function resetPassword($verk, $uid, $newpass, $verpass) { + public static function resetPassword($verk, $uid, $newpass, $verpass) + { // Check if authentication is disallowed - if(Configuration::getConfig('lock_authentication')) { - + if (Configuration::getConfig('lock_authentication')) { return [0, 'AUTH_LOCKED']; - } // Check password entropy - if(Main::pwdEntropy($newpass) < Configuration::getConfig('min_entropy')) { - + if (Main::pwdEntropy($newpass) < Configuration::getConfig('min_entropy')) { return [0, 'PASS_TOO_SHIT']; - } // Passwords do not match - if($newpass != $verpass) { - + if ($newpass != $verpass) { return [0, 'PASS_NOT_MATCH']; - } // Check the verification key $action = Main::useActionCode('LOST_PASS', $verk, $uid); // Check if we got a negative return - if(!$action[0]) { - + if (!$action[0]) { return [0, $action[1]]; - } // Hash the password - $password = Hashing::create_hash($newpass); - $time = time(); + $password = Hashing::create_hash($newpass); + $time = time(); // Update the user Database::update('users', [ @@ -459,11 +391,11 @@ class Users { 'password_salt' => $password[2], 'password_algo' => $password[0], 'password_iter' => $password[1], - 'password_chan' => $time + 'password_chan' => $time, ], [ - 'id' => [$uid, '='] - ] + 'id' => [$uid, '='], + ], ]); // Return success @@ -472,37 +404,32 @@ class Users { } // Check if a user exists and then resend the activation e-mail - public static function resendActivationMail($username, $email) { + public static function resendActivationMail($username, $email) + { // Check if authentication is disallowed - if(Configuration::getConfig('lock_authentication')) { - + if (Configuration::getConfig('lock_authentication')) { return [0, 'AUTH_LOCKED']; - } // Clean username string - $usernameClean = Main::cleanString($username, true); - $emailClean = Main::cleanString($email, true); + $usernameClean = Main::cleanString($username, true); + $emailClean = Main::cleanString($email, true); // Do database request $user = Database::fetch('users', false, [ - 'username_clean' => [$usernameClean, '='], - 'email' => [$emailClean, '='] + 'username_clean' => [$usernameClean, '='], + 'email' => [$emailClean, '='], ]); // Check if user exists - if(count($user) < 2) { - + if (count($user) < 2) { return [0, 'USER_NOT_EXIST']; - } // Check if a user is activated - if(!Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { - + if (!Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { return [0, 'USER_ALREADY_ACTIVE']; - } // Send activation e-mail @@ -514,45 +441,44 @@ class Users { } // Send the activation e-mail and do other required stuff - public static function sendActivationMail($uid, $customKey = null) { + public static function sendActivationMail($uid, $customKey = null) + { // Get the user data $user = Database::fetch('users', false, ['id' => [$uid, '=']]); // User is already activated or doesn't even exist - if(count($user) < 2 || !Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { - + if (count($user) < 2 || !Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { return false; - } // Generate activation key $activate = ($customKey ? $customKey : Main::newActionCode('ACTIVATE', $uid, [ 'user' => [ 'rank_main' => 2, - 'ranks' => json_encode([2]) - ] + 'ranks' => json_encode([2]), + ], ])); // Create new urls object $urls = new Urls(); // Build the e-mail - $message = "Welcome to ". Configuration::getConfig('sitename') ."!\r\n\r\n"; + $message = "Welcome to " . Configuration::getConfig('sitename') . "!\r\n\r\n"; $message .= "Please keep this e-mail for your records. Your account intormation is as follows:\r\n\r\n"; $message .= "----------------------------\r\n\r\n"; - $message .= "Username: ". $user['username'] ."\r\n\r\n"; - $message .= "Your profile: http://". Configuration::getConfig('url_main') . $urls->format('USER_PROFILE', [$user['id']]) ."\r\n\r\n"; + $message .= "Username: " . $user['username'] . "\r\n\r\n"; + $message .= "Your profile: http://" . Configuration::getConfig('url_main') . $urls->format('USER_PROFILE', [$user['id']]) . "\r\n\r\n"; $message .= "----------------------------\r\n\r\n"; $message .= "Please visit the following link in order to activate your account:\r\n\r\n"; - $message .= "http://". Configuration::getConfig('url_main') . $urls->format('SITE_ACTIVATE') ."?mode=activate&u=". $user['id'] ."&k=". $activate ."\r\n\r\n"; + $message .= "http://" . Configuration::getConfig('url_main') . $urls->format('SITE_ACTIVATE') . "?mode=activate&u=" . $user['id'] . "&k=" . $activate . "\r\n\r\n"; $message .= "Your password has been securely stored in our database and cannot be retrieved. "; $message .= "In the event that it is forgotten, you will be able to reset it using the email address associated with your account.\r\n\r\n"; $message .= "Thank you for registering.\r\n\r\n"; - $message .= "--\r\n\r\nThanks\r\n\r\n". Configuration::getConfig('mail_signature'); + $message .= "--\r\n\r\nThanks\r\n\r\n" . Configuration::getConfig('mail_signature'); // Send the message - Main::sendMail([$user['email'] => $user['username']], Configuration::getConfig('sitename') .' Activation Mail', $message); + Main::sendMail([$user['email'] => $user['username']], Configuration::getConfig('sitename') . ' Activation Mail', $message); // Return true indicating that the things have been sent return true; @@ -560,58 +486,51 @@ class Users { } // Activating a user - public static function activateUser($uid, $requireKey = false, $key = null) { + public static function activateUser($uid, $requireKey = false, $key = null) + { // Get the user data $user = Database::fetch('users', false, ['id' => [$uid, '=']]); // Check if user exists - if(!count($user) > 1) { - + if (!count($user) > 1) { return [0, 'USER_NOT_EXIST']; - } // Check if user is already activated - if(!Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { - + if (!Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { return [0, 'USER_ALREADY_ACTIVE']; - } // Set default values for activation - $rank = 2; - $ranks = json_encode([2]); + $rank = 2; + $ranks = json_encode([2]); // Check if a key is set (there's an option to not set one for user management reasons but you can't really get around this anyway) - if($requireKey) { - + if ($requireKey) { // Check the action code $action = Main::useActionCode('ACTIVATE', $key, $uid); // Check if we got a negative return - if(!$action[0]) { - + if (!$action[0]) { return [0, $action[1]]; - } // Assign the special values - $instructionData = json_decode($action[2], true); - $rank = $instructionData['user']['rank_main']; - $ranks = $instructionData['user']['ranks']; - + $instructionData = json_decode($action[2], true); + $rank = $instructionData['user']['rank_main']; + $ranks = $instructionData['user']['ranks']; } // Activate the account Database::update('users', [ [ 'rank_main' => $rank, - 'ranks' => $ranks + 'ranks' => $ranks, ], [ - 'id' => [$uid, '='] - ] + 'id' => [$uid, '='], + ], ]); // Return success @@ -620,20 +539,21 @@ class Users { } // Deactivating a user - public static function deactivateUser($uid) { + public static function deactivateUser($uid) + { // Get the user data $user = Database::fetch('users', false, ['id' => [$uid, '=']]); // Check if user exists - if(!count($user) > 1) { + if (!count($user) > 1) { return [0, 'USER_NOT_EXIST']; } // Check if user is already deactivated - if(Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { + if (Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { return [0, 'USER_ALREADY_DEACTIVE']; @@ -643,11 +563,11 @@ class Users { Database::update('users', [ [ 'rank_main' => 2, - 'ranks' => json_encode([2]) + 'ranks' => json_encode([2]), ], [ - 'id' => [$uid, '='] - ] + 'id' => [$uid, '='], + ], ]); // Return success @@ -656,7 +576,8 @@ class Users { } // Check if registration code is valid - public static function checkRegistrationCode($code) { + public static function checkRegistrationCode($code) + { // Get registration key $keyRow = Database::fetch('regcodes', true, ['code' => [$code, '='], 'key_used' => [0, '=']]); @@ -667,10 +588,11 @@ class Users { } // Mark registration code as used - public static function markRegistrationCodeUsed($code, $uid = 0) { + public static function markRegistrationCodeUsed($code, $uid = 0) + { // Check if the code exists - if(!$id = self::checkRegistrationCode($code)) { + if (!$id = self::checkRegistrationCode($code)) { return false; @@ -679,12 +601,12 @@ class Users { // Mark it as used Database::update('regcodes', [ [ - 'used_by' => $uid, - 'key_used' => 1 + 'used_by' => $uid, + 'key_used' => 1, ], [ - 'id' => [$id, '='] - ] + 'id' => [$id, '='], + ], ]); // Return true because yeah @@ -693,31 +615,32 @@ class Users { } // Create new registration code - public static function createRegistrationCode() { + public static function createRegistrationCode() + { // Check if we're logged in - if(!self::checkLogin()) { + if (!self::checkLogin()) { return false; } // Check if the user is not exceeding the maximum registration key amount - if(count(Database::fetch('regcodes', true, ['uid' => [Session::$userId, '=']])) >= Configuration::getConfig('max_reg_keys')) { + if (count(Database::fetch('regcodes', true, ['uid' => [Session::$userId, '=']])) >= Configuration::getConfig('max_reg_keys')) { return false; } // Generate a code by MD5'ing some random bullshit - $code = md5('SAKURA'. rand(0, 99999999) . Session::$userId .'NOOKLSISGOD'); + $code = md5('SAKURA' . rand(0, 99999999) . Session::$userId . 'NOOKLSISGOD'); // Insert the key into the database Database::insert('regcodes', [ - 'code' => $code, - 'created_by' => Session::$userId, - 'used_by' => 0, - 'key_used' => 0 + 'code' => $code, + 'created_by' => Session::$userId, + 'used_by' => 0, + 'key_used' => 0, ]); // Return the code @@ -726,7 +649,8 @@ class Users { } // Set the default rank of a user - public static function setDefaultRank($uid, $rid, $userIdIsUserData = false) { + public static function setDefaultRank($uid, $rid, $userIdIsUserData = false) + { // Get the specified user $user = $userIdIsUserData ? $uid : self::getUser($uid); @@ -735,7 +659,7 @@ class Users { $ranks = json_decode($user['ranks'], true); // Check if the rank we're trying to set is actually there - if(!in_array($rid, $ranks)) { + if (!in_array($rid, $ranks)) { return false; @@ -744,11 +668,11 @@ class Users { // Update the row Database::update('users', [ [ - 'rank_main' => $rid + 'rank_main' => $rid, ], [ - 'id' => [$uid, '='] - ] + 'id' => [$uid, '='], + ], ]); // Return true if everything was successful @@ -757,7 +681,8 @@ class Users { } // Add a rank to a user - public static function addRanksToUser($ranks, $uid, $userIdIsUserData = false) { + public static function addRanksToUser($ranks, $uid, $userIdIsUserData = false) + { // Get the specified user $user = $userIdIsUserData ? $uid : self::getUser($uid); @@ -766,11 +691,12 @@ class Users { $current = json_decode($user['ranks'], true); // Go over all the new ranks - foreach($ranks as $rank) { + foreach ($ranks as $rank) { // Check if the user already has this rank and set it if not - if(!in_array($rank, $current)) - $current[] = (int)$rank; + if (!in_array($rank, $current)) { + $current[] = (int) $rank; + } } @@ -780,11 +706,11 @@ class Users { // Update the row Database::update('users', [ [ - 'ranks' => $current + 'ranks' => $current, ], [ - 'id' => [$uid, '='] - ] + 'id' => [$uid, '='], + ], ]); // Return true because @@ -793,7 +719,8 @@ class Users { } // Removing ranks from a user - public static function removeRanksFromUser($ranks, $uid, $userIdIsUserData = false) { + public static function removeRanksFromUser($ranks, $uid, $userIdIsUserData = false) + { // Get the specified user $user = $userIdIsUserData ? $uid : self::getUser($uid); @@ -802,11 +729,12 @@ class Users { $current = json_decode($user['ranks'], true); // Check the current ranks for ranks in the set array - foreach($current as $key => $rank) { + foreach ($current as $key => $rank) { // Unset the rank - if(in_array($rank, $ranks)) + if (in_array($rank, $ranks)) { unset($current[$key]); + } } @@ -816,11 +744,11 @@ class Users { // Update the row Database::update('users', [ [ - 'ranks' => $current + 'ranks' => $current, ], [ - 'id' => [$uid, '='] - ] + 'id' => [$uid, '='], + ], ]); // Return true @@ -829,13 +757,14 @@ class Users { } // Check if a user has these ranks - public static function checkIfUserHasRanks($ranks, $userid, $userIdIsUserData = false) { + public static function checkIfUserHasRanks($ranks, $userid, $userIdIsUserData = false) + { // Get the specified user $user = $userIdIsUserData ? $userid : self::getUser($userid); // Check if the main rank is the specified rank - if(in_array($user['rank_main'], $ranks)) { + if (in_array($user['rank_main'], $ranks)) { return true; @@ -845,11 +774,12 @@ class Users { $uRanks = json_decode($user['ranks'], true); // If not go over all ranks and check if the user has them - foreach($ranks as $rank) { + foreach ($ranks as $rank) { // We check if $rank is in $user['ranks'] and if yes return true - if(in_array($rank, $uRanks)) + if (in_array($rank, $uRanks)) { return true; + } } @@ -859,7 +789,8 @@ class Users { } // Check if a user exists - public static function userExists($user, $id = true) { + public static function userExists($user, $id = true) + { // Clean string $user = Main::cleanString($user, true); @@ -873,13 +804,14 @@ class Users { } // Get the available profile fields - public static function getProfileFields() { + public static function getProfileFields() + { // Get profile fields $profileFields = Database::fetch('profilefields'); // If there's nothing just return null - if(!count($profileFields)) { + if (!count($profileFields)) { return null; @@ -889,11 +821,11 @@ class Users { $fields = []; // Iterate over the fields and clean them up - foreach($profileFields as $field) { + foreach ($profileFields as $field) { - $fields[$field['id']] = $field; - $fields[$field['id']]['ident'] = Main::cleanString($field['name'], true, true); - $fields[$field['id']]['addit'] = json_decode($field['additional'], true); + $fields[$field['id']] = $field; + $fields[$field['id']]['ident'] = Main::cleanString($field['name'], true, true); + $fields[$field['id']]['addit'] = json_decode($field['additional'], true); } @@ -903,13 +835,14 @@ class Users { } // Get the available option fields - public static function getOptionFields() { + public static function getOptionFields() + { // Get option fields $optionFields = Database::fetch('optionfields'); // If there's nothing just return null - if(!count($optionFields)) { + if (!count($optionFields)) { return null; @@ -919,9 +852,9 @@ class Users { $fields = []; // Iterate over the fields and clean them up - foreach($optionFields as $field) { + foreach ($optionFields as $field) { - if(!Permissions::check('SITE', $field['require_perm'], Session::$userId, 1)) { + if (!Permissions::check('SITE', $field['require_perm'], Session::$userId, 1)) { continue; @@ -937,13 +870,14 @@ class Users { } // Get user's profile fields - public static function getUserProfileFields($id, $inputIsData = false) { + public static function getUserProfileFields($id, $inputIsData = false) + { // Get profile fields $profileFields = Database::fetch('profilefields'); // If there's nothing just return null - if(!count($profileFields)) { + if (!count($profileFields)) { return null; @@ -953,7 +887,7 @@ class Users { $profileData = ($inputIsData ? $id : self::getUser($id)['userData']); // Once again if nothing was returned just return null - if(count($profileData) < 1 || $profileData == null || empty($profileData['profileFields'])) { + if (count($profileData) < 1 || $profileData == null || empty($profileData['profileFields'])) { return null; @@ -966,42 +900,42 @@ class Users { $profile = []; // Check if profile fields aren't fake - foreach($profileFields as $field) { + foreach ($profileFields as $field) { // Completely strip all special characters from the field name $fieldName = Main::cleanString($field['name'], true, true); // Check if the user has the current field set otherwise continue - if(!array_key_exists($fieldName, $profileData)) { + if (!array_key_exists($fieldName, $profileData)) { continue; } // Assign field to output with value - $profile[$fieldName] = array(); - $profile[$fieldName]['name'] = $field['name']; - $profile[$fieldName]['value'] = $profileData[$fieldName]; - $profile[$fieldName]['islink'] = $field['islink']; + $profile[$fieldName] = array(); + $profile[$fieldName]['name'] = $field['name']; + $profile[$fieldName]['value'] = $profileData[$fieldName]; + $profile[$fieldName]['islink'] = $field['islink']; // If the field is set to be a link add a value for that as well - if($field['islink']) { + if ($field['islink']) { $profile[$fieldName]['link'] = str_replace('{{ VAL }}', $profileData[$fieldName], $field['linkformat']); } // Check if we have additional options as well - if($field['additional'] != null) { + if ($field['additional'] != null) { // Decode the json of the additional stuff $additional = json_decode($field['additional'], true); // Go over all additional forms - foreach($additional as $subName => $subField) { + foreach ($additional as $subName => $subField) { // Check if the user has the current field set otherwise continue - if(!array_key_exists($subName, $profileData)) { + if (!array_key_exists($subName, $profileData)) { continue; @@ -1022,7 +956,8 @@ class Users { } // Updating the profile data of a user - public static function updateUserDataField($id, $data) { + public static function updateUserDataField($id, $data) + { // We retrieve the current content from the database $current = self::getUser($id)['userData']; @@ -1036,23 +971,24 @@ class Users { // Store it in the database Database::update('users', [ [ - 'userData' => $data + 'userData' => $data, ], [ - 'id' => [$id, '='] - ] + 'id' => [$id, '='], + ], ]); } // Check if a user is online - public static function checkUserOnline($id) { + public static function checkUserOnline($id) + { // Get user $user = self::getUser($id); // Return false if the user doesn't exist because a user that doesn't exist can't be online - if(empty($user)) { + if (empty($user)) { return false; @@ -1064,7 +1000,8 @@ class Users { } // Get all online users - public static function checkAllOnline() { + public static function checkAllOnline() + { // Assign time - 500 to a variable $time = time() - 500; @@ -1078,35 +1015,36 @@ class Users { } // Add premium to a user - public static function addUserPremium($id, $seconds) { + public static function addUserPremium($id, $seconds) + { // Check if there's already a record of premium for this user in the database $getUser = Database::fetch('premium', false, [ - 'uid' => [$id, '='] + 'uid' => [$id, '='], ]); // Calculate the (new) start and expiration timestamp - $start = isset($getUser['startdate']) ? $getUser['startdate'] : time(); + $start = isset($getUser['startdate']) ? $getUser['startdate'] : time(); $expire = isset($getUser['expiredate']) ? $getUser['expiredate'] + $seconds : time() + $seconds; // If the user already exists do an update call, otherwise an insert call - if(empty($getUser)) { + if (empty($getUser)) { Database::insert('premium', [ - 'uid' => $id, - 'startdate' => $start, - 'expiredate' => $expire + 'uid' => $id, + 'startdate' => $start, + 'expiredate' => $expire, ]); } else { Database::update('premium', [ [ - 'expiredate' => $expire + 'expiredate' => $expire, ], [ - 'uid' => [$id, '='] - ] + 'uid' => [$id, '='], + ], ]); } @@ -1117,19 +1055,21 @@ class Users { } // Remove the premium status of a user - public static function removeUserPremium($id) { + public static function removeUserPremium($id) + { Database::delete('premium', [ - 'uid' => [$id, '='] + 'uid' => [$id, '='], ]); } // Check if user has Premium - public static function checkUserPremium($id) { + public static function checkUserPremium($id) + { // Check if the user has static premium - if(Permissions::check('SITE', 'STATIC_PREMIUM', $id, 1)) { + if (Permissions::check('SITE', 'STATIC_PREMIUM', $id, 1)) { return [2, 0, time() + 1]; @@ -1137,18 +1077,18 @@ class Users { // Attempt to retrieve the premium record from the database $getRecord = Database::fetch('premium', false, [ - 'uid' => [$id, '='] + 'uid' => [$id, '='], ]); // If nothing was returned just return false - if(empty($getRecord)) { + if (empty($getRecord)) { return [0]; } // Check if the Tenshi hasn't expired - if($getRecord['expiredate'] < time()) { + if ($getRecord['expiredate'] < time()) { self::removeUserPremium($id); self::updatePremiumMeta($id); @@ -1162,7 +1102,8 @@ class Users { } // Update the premium data - public static function updatePremiumMeta($id) { + public static function updatePremiumMeta($id) + { // Get the ID for the premium user rank from the database $premiumRank = Configuration::getConfig('premium_rank_id'); @@ -1171,19 +1112,19 @@ class Users { $check = self::checkUserPremium($id); // Check if the user has premium - if($check[0] == 1) { + if ($check[0] == 1) { // If so add the rank to them self::addRanksToUser([$premiumRank], $id); // Check if the user's default rank is standard user and update it to premium - if(self::getUser($id)['rank_main'] == 2) { + if (self::getUser($id)['rank_main'] == 2) { self::setDefaultRank($id, $premiumRank); } - } elseif($check[0] == 0 && count($check) > 1) { + } elseif ($check[0] == 0 && count($check) > 1) { // Else remove the rank from them self::removeRanksFromUser([$premiumRank], $id); @@ -1193,7 +1134,8 @@ class Users { } // Get user data by id - public static function getUser($id) { + public static function getUser($id) + { // If user was found return user data return (new User($id))->data; @@ -1201,13 +1143,14 @@ class Users { } // Get rank data by id - public static function getRank($id) { + public static function getRank($id) + { // Execute query $rank = Database::fetch('ranks', false, ['id' => [$id, '=']]); // Return false if no rank was found - if(empty($rank)) { + if (empty($rank)) { return self::$emptyRank; @@ -1219,7 +1162,8 @@ class Users { } // Get user(s) by IP - public static function getUsersByIP($ip) { + public static function getUsersByIP($ip) + { // Get users by registration IP $registeredFrom = Database::fetch('users', true, ['register_ip' => [$ip, '=']]); @@ -1236,10 +1180,11 @@ class Users { } // Get users in rank - public static function getUsersInRank($rankId, $users = null, $excludeAbyss = true) { + public static function getUsersInRank($rankId, $users = null, $excludeAbyss = true) + { // Get all users (or use the supplied user list to keep server load down) - if(!$users) { + if (!$users) { $users = self::getAllUsers(); @@ -1249,10 +1194,10 @@ class Users { $rank = array(); // Go over all users and check if they have the rank id - foreach($users as $user) { + foreach ($users as $user) { // If so store the user's row in the array - if(self::checkIfUserHasRanks([$rankId], $user, true) && ($excludeAbyss ? $user['password_algo'] != 'nologin' : true)) { + if (self::checkIfUserHasRanks([$rankId], $user, true) && ($excludeAbyss ? $user['password_algo'] != 'nologin' : true)) { $rank[] = $user; @@ -1266,7 +1211,8 @@ class Users { } // Get all users - public static function getAllUsers($includeInactive = true, $includeAbyss = false) { + public static function getAllUsers($includeInactive = true, $includeAbyss = false) + { // Execute query $getUsers = Database::fetch('users', true); @@ -1275,17 +1221,17 @@ class Users { $users = []; // Reorder shit - foreach($getUsers as $user) { + foreach ($getUsers as $user) { // Skip abyss - if(!$includeAbyss && $user['password_algo'] == 'nologin') { + if (!$includeAbyss && $user['password_algo'] == 'nologin') { continue; } // Skip if inactive and not include deactivated users - if(!$includeInactive && Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { + if (!$includeInactive && Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) { continue; @@ -1301,7 +1247,8 @@ class Users { } // Get all ranks - public static function getAllRanks() { + public static function getAllRanks() + { // Execute query $getRanks = Database::fetch('ranks', true); @@ -1310,7 +1257,7 @@ class Users { $ranks = []; // Reorder shit - foreach($getRanks as $rank) { + foreach ($getRanks as $rank) { $ranks[$rank['id']] = $rank; @@ -1322,11 +1269,12 @@ class Users { } // Get all warnings issued to a user (or all warnings a user issued) - public static function getWarnings($uid = 0, $iid = false) { + public static function getWarnings($uid = 0, $iid = false) + { // Do the database query $warnings = Database::fetch('warnings', true, ($uid ? [ - ($iid ? 'iid' : 'uid') => [$uid, '='] + ($iid ? 'iid' : 'uid') => [$uid, '='], ] : null)); // Return all the warnings @@ -1335,19 +1283,20 @@ class Users { } // Get a user's notifications - public static function getNotifications($uid = null, $timediff = 0, $excludeRead = true, $markRead = false) { + public static function getNotifications($uid = null, $timediff = 0, $excludeRead = true, $markRead = false) + { // Prepare conditions $conditions = array(); $conditions['uid'] = [($uid ? $uid : Session::$userId), '=']; - if($timediff) { + if ($timediff) { $conditions['timestamp'] = [time() - $timediff, '>']; } - if($excludeRead) { + if ($excludeRead) { $conditions['notif_read'] = [0, '=']; @@ -1357,13 +1306,13 @@ class Users { $notifications = Database::fetch('notifications', true, $conditions); // Mark the notifications as read - if($markRead) { + if ($markRead) { // Iterate over all entries - foreach($notifications as $notification) { + foreach ($notifications as $notification) { // If the notifcation is already read skip - if($notification['notif_read']) { + if ($notification['notif_read']) { continue; @@ -1382,63 +1331,66 @@ class Users { } // Marking notifications as read - public static function markNotificationRead($id, $mode = true) { + public static function markNotificationRead($id, $mode = true) + { // Execute an update statement Database::update('notifications', [ [ - 'notif_read' => ($mode ? 1 : 0) + 'notif_read' => ($mode ? 1 : 0), ], [ - 'id' => [$id, '='] - ] + 'id' => [$id, '='], + ], ]); } // Adding a new notification - public static function createNotification($user, $title, $text, $timeout = 60000, $img = 'FONT:fa-info-circle', $link = '', $sound = 0) { + public static function createNotification($user, $title, $text, $timeout = 60000, $img = 'FONT:fa-info-circle', $link = '', $sound = 0) + { // Get current timestamp $time = time(); // Insert it into the database Database::insert('notifications', [ - 'uid' => $user, - 'timestamp' => $time, - 'notif_read' => 0, - 'notif_sound' => ($sound ? 1 : 0), - 'notif_title' => $title, - 'notif_text' => $text, - 'notif_link' => $link, - 'notif_img' => $img, - 'notif_timeout' => $timeout + 'uid' => $user, + 'timestamp' => $time, + 'notif_read' => 0, + 'notif_sound' => ($sound ? 1 : 0), + 'notif_title' => $title, + 'notif_text' => $text, + 'notif_link' => $link, + 'notif_img' => $img, + 'notif_timeout' => $timeout, ]); } // Getting a user's PMs - public static function getPrivateMessages($from = false) { + public static function getPrivateMessages($from = false) + { // Get all messages from the database $messages = Database::fetch('messages', true, [ - ($from ? 'from_user' : 'to_user') => [Session::$userId, '='] + ($from ? 'from_user' : 'to_user') => [Session::$userId, '='], ]); // Prepare a storage array $store = array(); // Go over each message and check if they are for the current user - foreach($messages as $message) { + foreach ($messages as $message) { // Store the message $store[$message['id']] = $message; // Store user data as well - $store[$message['id']]['data']['from']['user'] = ($_MSG_USR = self::getUser($message['from_user'])); - $store[$message['id']]['data']['from']['rank'] = self::getRank($_MSG_USR['rank_main']); - $store[$message['id']]['data']['to']['user'] = ($_MSG_USR = self::getUser($message['to_user'])); - $store[$message['id']]['data']['to']['rank'] = self::getRank($_MSG_USR['rank_main']); + $store[$message['id']]['data']['from']['user'] = ($_MSG_USR = self::getUser($message['from_user'])); + $store[$message['id']]['data']['from']['rank'] = self::getRank($_MSG_USR['rank_main']); + $store[$message['id']]['data']['to']['user'] = ($_MSG_USR = self::getUser($message['to_user'])); + $store[$message['id']]['data']['to']['rank'] = self::getRank($_MSG_USR['rank_main']); } @@ -1448,10 +1400,11 @@ class Users { } // Get friends - public static function getFriends($uid = null, $timestamps = false, $getData = false, $checkOnline = false) { + public static function getFriends($uid = null, $timestamps = false, $getData = false, $checkOnline = false) + { // Assign $uid - if(!$uid) { + if (!$uid) { $uid = Session::$userId; @@ -1459,30 +1412,30 @@ class Users { // Get all friends $getFriends = Database::fetch('friends', true, [ - 'uid' => [$uid, '='] + 'uid' => [$uid, '='], ]); // Create the friends array $friends = []; // Iterate over the raw database return - foreach($getFriends as $key => $friend) { + foreach ($getFriends as $key => $friend) { // Add friend to array $friends[($timestamps ? $friend['fid'] : $key)] = $getData ? ([ 'user' => ($_UDATA = self::getUser($friend['fid'])), - 'rank' => self::getRank($_UDATA['rank_main']) + 'rank' => self::getRank($_UDATA['rank_main']), ]) : $friend[($timestamps ? 'timestamp' : 'fid')]; } // Check who is online and who isn't - if($checkOnline) { + if ($checkOnline) { // Check each user - foreach($friends as $key => $friend) { + foreach ($friends as $key => $friend) { $friends[self::checkUserOnline($getData ? $friend['user']['id'] : $friend) ? 'online' : 'offline'][] = $friend; @@ -1496,10 +1449,11 @@ class Users { } // Get non-mutual friends - public static function getPendingFriends($uid = null, $getData = false) { + public static function getPendingFriends($uid = null, $getData = false) + { // Assign $of automatically if it's not set - if(!$uid) { + if (!$uid) { $uid = Session::$userId; @@ -1507,22 +1461,22 @@ class Users { // Get all friend entries from other people involved the current user $friends = Database::fetch('friends', true, [ - 'fid' => [$uid, '='] + 'fid' => [$uid, '='], ]); // Create pending array $pending = []; // Check if the friends are mutual - foreach($friends as $friend) { + foreach ($friends as $friend) { // Check if the friend is mutual - if(!self::checkFriend($friend['uid'], $uid)) { + if (!self::checkFriend($friend['uid'], $uid)) { $pending[] = $getData ? ([ 'user' => ($_UDATA = self::getUser($friend['uid'])), - 'rank' => self::getRank($_UDATA['rank_main']) + 'rank' => self::getRank($_UDATA['rank_main']), ]) : $friend; @@ -1536,10 +1490,11 @@ class Users { } // Check if a friend is mutual - public static function checkFriend($fid, $uid = null) { + public static function checkFriend($fid, $uid = null) + { // Assign $uid - if(!$uid) { + if (!$uid) { $uid = Session::$userId; @@ -1549,7 +1504,7 @@ class Users { $self = self::getFriends($uid); // Check if the friend is actually in the user's array - if(!in_array($fid, $self)) { + if (!in_array($fid, $self)) { return 0; @@ -1559,7 +1514,7 @@ class Users { $friend = self::getFriends($fid); // Check if the friend is actually in the user's array - if(in_array($uid, $friend)) { + if (in_array($uid, $friend)) { return 2; @@ -1571,17 +1526,18 @@ class Users { } // Adding a friend - public static function addFriend($uid) { + public static function addFriend($uid) + { // Validate that the user exists - if(!self::getUser($uid)) { + if (!self::getUser($uid)) { return [0, 'USER_NOT_EXIST']; } // Check if the user already has this user a friend - if(Database::fetch('friends', false, ['fid' => [$uid, '='], 'uid' => [Session::$userId, '=']])) { + if (Database::fetch('friends', false, ['fid' => [$uid, '='], 'uid' => [Session::$userId, '=']])) { return [0, 'ALREADY_FRIENDS']; @@ -1589,9 +1545,9 @@ class Users { // Add friend Database::insert('friends', [ - 'uid' => Session::$userId, - 'fid' => $uid, - 'timestamp' => time() + 'uid' => Session::$userId, + 'fid' => $uid, + 'timestamp' => time(), ]); // Return true because yay @@ -1600,10 +1556,11 @@ class Users { } // Removing a friend - public static function removeFriend($uid, $deleteRequest = false) { + public static function removeFriend($uid, $deleteRequest = false) + { // Check if the user has this user a friend - if(!Database::fetch('friends', false, ['fid' => [$uid, '='], 'uid' => [Session::$userId, '=']])) { + if (!Database::fetch('friends', false, ['fid' => [$uid, '='], 'uid' => [Session::$userId, '=']])) { return [0, 'ALREADY_REMOVED']; @@ -1612,15 +1569,15 @@ class Users { // Remove friend Database::delete('friends', [ 'uid' => [Session::$userId, '='], - 'fid' => [$uid, '='] + 'fid' => [$uid, '='], ]); // Attempt to remove the request - if($deleteRequest) { + if ($deleteRequest) { Database::delete('friends', [ 'fid' => [Session::$userId, '='], - 'uid' => [$uid, '='] + 'uid' => [$uid, '='], ]); } @@ -1631,7 +1588,8 @@ class Users { } // Get the ID of the newest user - public static function getNewestUserId() { + public static function getNewestUserId() + { return Database::fetch('users', false, ['password_algo' => ['nologin', '!=']], ['id', true], ['1'])['id']; diff --git a/_sakura/components/Whois.php b/_sakura/components/Whois.php index aa06ace..8682eec 100644 --- a/_sakura/components/Whois.php +++ b/_sakura/components/Whois.php @@ -5,7 +5,7 @@ * Released under the MIT-License * * The MIT License (MIT) - * + * * Copyright (c) 2015 Flashwave * * Permission is hereby granted, free of charge, to any person obtaining a copy @@ -29,27 +29,31 @@ namespace Sakura; -class Whois { - +class Whois +{ // Variables public static $servers; // Set the whois servers list - public static function setServers($serversFile) { + public static function setServers($serversFile) + { // Check if the file exists and if it does get contents. - if(file_exists($serversFile)) + if (file_exists($serversFile)) { $servers = utf8_encode(file_get_contents($serversFile)); - else + } else { trigger_error('Failed to load whois servers file', E_USER_ERROR); + } // Parse json - if(($servers = json_decode($servers, true)) != true) + if (($servers = json_decode($servers, true)) != true) { trigger_error('Error while parsing whois servers file JSON', E_USER_ERROR); + } // Check for neccesary keys - if(!array_key_exists('tld', $servers) || !array_key_exists('ip', $servers)) + if (!array_key_exists('tld', $servers) || !array_key_exists('ip', $servers)) { trigger_error('One or more of the required whois lists isn\'t set, please check your whois servers file', E_USER_ERROR); + } // If everything is gucci set self::$servers self::$servers = $servers; @@ -57,35 +61,37 @@ class Whois { } // Query the whois servers - public static function query($address) { + public static function query($address) + { // Call validate to use the right whois type - switch(self::validateAddress($address)) { - + switch (self::validateAddress($address)) { case 1: // validateAddress returns 1 for a domain... return self::lookupDomain($address); case 2: // ...and 2 for both IPv4 and IPv6 (should be fine)... return self::lookupIP($address); - case 0: // ...and 0 in case the type is invalid in which case... + case 0: // ...and 0 in case the type is invalid in which case... default: // ...a false is returned by this function return false; - } } // Validates an address - private static function validateAddress($address) { + private static function validateAddress($address) + { // Check if the given address is an IP address - if(filter_var($address, FILTER_VALIDATE_IP)) + if (filter_var($address, FILTER_VALIDATE_IP)) { return 2; + } // Check if given address is a domain name - if(preg_match("/^([-a-z0-9]{2,100})\.([a-z\.]{2,8})$/i", $address)) + if (preg_match("/^([-a-z0-9]{2,100})\.([a-z\.]{2,8})$/i", $address)) { return 1; + } // If unsuccessful return 0 return 0; @@ -93,7 +99,8 @@ class Whois { } // Look up a domain - private static function lookupDomain($address) { + private static function lookupDomain($address) + { // Get list of servers $servers = self::$servers['tld']; @@ -105,37 +112,30 @@ class Whois { $tld = strtolower(array_pop($addressParts)); // Get proper whois server address - if(!$server = $servers[$tld]) - return 'Error: No appropriate whois server found for the TLD '. $tld .', check if the given address is correct.'; + if (!$server = $servers[$tld]) { + return 'Error: No appropriate whois server found for the TLD ' . $tld . ', check if the given address is correct.'; + } // Get results from whois server - if(!$result = self::queryWhois($server, $address)) { - + if (!$result = self::queryWhois($server, $address)) { // Return an error if there's no results were retrieved. - return 'Error: No results retrieved from '. $server .' for '. $address .'.'; - + return 'Error: No results retrieved from ' . $server . ' for ' . $address . '.'; } else { - // Assign result with heading text to return variable - $return = $address ." domain lookup results from ". $server .":\r\n\r\n". $result; - + $return = $address . " domain lookup results from " . $server . ":\r\n\r\n" . $result; + // Check if there's a secondary whois server - while(strpos($result, "Whois Server:") !== FALSE) { - + while (strpos($result, "Whois Server:") !== false) { preg_match("/Whois Server: (.*)/", $return, $matches); - - // If there is call it... - if(isset($matches[1])) { + // If there is call it... + if (isset($matches[1])) { $result = self::queryWhois(($server = $matches[1]), $address); // ...and append the retrieved values to the return variable - $return .= "\r\n-------------\r\n\r\n". $address ." domain lookup results from ". $server .":\r\n". $result; - + $return .= "\r\n-------------\r\n\r\n" . $address . " domain lookup results from " . $server . ":\r\n" . $result; } - } - } // If all is good return the return variable @@ -144,7 +144,8 @@ class Whois { } // Look up an IP - private static function lookupIP($address) { + private static function lookupIP($address) + { // Get list of servers $servers = self::$servers['ip']; @@ -153,31 +154,28 @@ class Whois { $results = array(); // Query servers - foreach($servers as $server) { - + foreach ($servers as $server) { // Get results $result = self::queryWhois($server, $address); // Assign result to results array if not in it yet - if($result && !in_array($result, $results)) + if ($result && !in_array($result, $results)) { $results[$server] = $result; - + } } // Create variable to keep return value - $return = "RESULTS FOUND: ". count($results); + $return = "RESULTS FOUND: " . count($results); // Append results - foreach($results as $server => $result) { - + foreach ($results as $server => $result) { $return .= "\r\n\r\n-------------" - . "\r\nLookup results for " - . $address - . " from " - . $server - . " server:\r\n\r\n" - . $result; - + . "\r\nLookup results for " + . $address + . " from " + . $server + . " server:\r\n\r\n" + . $result; } // Return results @@ -186,25 +184,26 @@ class Whois { } // Query whois server - private static function queryWhois($server, $address, $port = 43, $timeout = 10) { + private static function queryWhois($server, $address, $port = 43, $timeout = 10) + { // Open socket - $query = @fsockopen($server, $port, $errno, $errstr, $timeout) or trigger_error('Failed to open socket: '. $errno .' - '. $errstr, E_USER_ERROR); + $query = @fsockopen($server, $port, $errno, $errstr, $timeout) or trigger_error('Failed to open socket: ' . $errno . ' - ' . $errstr, E_USER_ERROR); // Send address - fputs($query, $address ."\r\n"); + fputs($query, $address . "\r\n"); // Await output $out = null; - while(!feof($query)) + while (!feof($query)) { $out .= fgets($query); + } // Close socket fclose($query); - // Return results + // Return results return $out; } - } diff --git a/_sakura/components/database/mysql.php b/_sakura/components/database/mysql.php index 747a5f7..a21cc8e 100644 --- a/_sakura/components/database/mysql.php +++ b/_sakura/components/database/mysql.php @@ -7,20 +7,20 @@ namespace Sakura\DBWrapper; use PDO; use PDOException; -use PDOStatement; use \Sakura\Configuration; -class MySQL { - +class MySQL +{ // Variable that will contain the SQL connection // Please refrain from referring to this, unless it's for your personal branch/purpose, despite it being public // it sort of defeats the "dynamic database system" I want to go for. public $sql; // Constructor - function __construct() { + public function __construct() + { - if(!extension_loaded('PDO')) { + if (!extension_loaded('PDO')) { // Return error and die trigger_error('PDO extension not loaded.', E_USER_ERROR); } @@ -50,67 +50,68 @@ class MySQL { } // Regular IP/Hostname connection method prepare function - private function prepareHost($dbHost, $dbName, $dbPort = 3306) { + private function prepareHost($dbHost, $dbName, $dbPort = 3306) + { - $DSN = 'mysql:host=' . $dbHost . ';port=' . $dbPort . ';dbname=' . $dbName; + $dsn = 'mysql:host=' . $dbHost . ';port=' . $dbPort . ';dbname=' . $dbName; - return $DSN; + return $dsn; } // Unix Socket connection method prepare function - private function prepareSock($dbHost, $dbName) { + private function prepareSock($dbHost, $dbName) + { - $DSN = 'mysql:unix_socket=' . $dbHost . ';dbname=' . $dbName; + $dsn = 'mysql:unix_socket=' . $dbHost . ';dbname=' . $dbName; - return $DSN; + return $dsn; } // Initialise connection using default PDO stuff - private function initConnect($DSN, $dbUname, $dbPword) { + private function initConnect($dsn, $dbUname, $dbPword) + { try { // Connect to SQL server using PDO - $this->sql = new PDO($DSN, $dbUname, $dbPword, array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING)); - } catch(PDOException $e) { + $this->sql = new PDO($dsn, $dbUname, $dbPword, [ + PDO::ATTR_EMULATE_PREPARES => false, + PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING, + ]); + } catch (PDOException $e) { // Catch connection errors - trigger_error('SQL Driver: '. $e->getMessage(), E_USER_ERROR); + trigger_error('SQL Driver: ' . $e->getMessage(), E_USER_ERROR); } return true; } - public function select($table, $data = null, $order = null, $limit = null, $group = null, $distinct = false, $column = '*', $prefix = null) { + public function select($table, $data = null, $order = null, $limit = null, $group = null, $distinct = false, $column = '*', $prefix = null) + { // Begin preparation of the statement - $prepare = 'SELECT '. ($distinct ? 'DISTINCT ' : '') . ($column == '*' ? '' : '`') . $column . ($column == '*' ? '' : '`') .' FROM `' . ($prefix ? $prefix : Configuration::getLocalConfig('database', 'prefix')) . $table . '`'; + $prepare = 'SELECT ' . ($distinct ? 'DISTINCT ' : '') . ($column == '*' ? '' : '`') . $column . ($column == '*' ? '' : '`') . ' FROM `' . ($prefix ? $prefix : Configuration::getLocalConfig('database', 'prefix')) . $table . '`'; // If $data is set and is an array continue - if(is_array($data)) { - + if (is_array($data)) { $prepare .= ' WHERE'; - foreach($data as $key => $value) { - + foreach ($data as $key => $value) { // Check if there's multiple statements - if(!is_array($value[0])) { - + if (!is_array($value[0])) { $temp = $value; unset($value); $value[0] = $temp; - } // Go over each data thing - foreach($value as $sub => $val) { - - $prepare .= ' `'. $key .'` '. $val[1] .' :'. $key .'_'. $sub . ($key == key(array_slice($data, -1, 1, true)) && $sub == key(array_slice($value, -1, 1, true)) ? '' : ' '. (isset($val[2]) && $val[2] ? 'OR' : 'AND')); + foreach ($value as $sub => $val) { + $prepare .= ' `' . $key . '` ' . $val[1] . ' :' . $key . '_' . $sub . ($key == key(array_slice($data, -1, 1, true)) && $sub == key(array_slice($value, -1, 1, true)) ? '' : ' ' . (isset($val[2]) && $val[2] ? 'OR' : 'AND')); unset($sub); unset($val); - } // Unset variables to be safe @@ -122,40 +123,34 @@ class MySQL { } // If $group is set and is an array continue - if(is_array($group)) { - + if (is_array($group)) { $prepare .= ' GROUP BY'; - foreach($group as $key => $value) { - $prepare .= ' `'. $value .'`'. ($key == key(array_slice($group, -1, 1, true)) ? '' : ','); + foreach ($group as $key => $value) { + $prepare .= ' `' . $value . '`' . ($key == key(array_slice($group, -1, 1, true)) ? '' : ','); // Unset variables to be safe unset($key); unset($value); } - } // If $order is set and is an array continue - if(is_array($order)) { - - $prepare .= ' ORDER BY `'. $order[0] .'`'. (!empty($order[1]) && $order[1] ? ' DESC' : ''); - + if (is_array($order)) { + $prepare .= ' ORDER BY `' . $order[0] . '`' . (!empty($order[1]) && $order[1] ? ' DESC' : ''); } // If $limit is set and is an array continue - if(is_array($limit)) { - + if (is_array($limit)) { $prepare .= ' LIMIT'; - foreach($limit as $key => $value) { - $prepare .= ' '. $value . ($key == key(array_slice($limit, -1, 1, true)) ? '' : ','); + foreach ($limit as $key => $value) { + $prepare .= ' ' . $value . ($key == key(array_slice($limit, -1, 1, true)) ? '' : ','); // Unset variables to be safe unset($key); unset($value); } - } // Add the finishing semicolon @@ -165,35 +160,27 @@ class MySQL { $query = $this->sql->prepare($prepare); // Bind those parameters if $data is an array that is - if(is_array($data)) { - - foreach($data as $key => $value) { - + if (is_array($data)) { + foreach ($data as $key => $value) { // Check if there's multiple statements - if(!is_array($value[0])) { - + if (!is_array($value[0])) { $temp = $value; unset($value); $value[0] = $temp; - } // Go over each data thing - foreach($value as $sub => $val) { - - $query->bindParam(':'. $key .'_'. $sub, $val[0]); + foreach ($value as $sub => $val) { + $query->bindParam(':' . $key . '_' . $sub, $val[0]); unset($sub); unset($val); - } // Unset variables to be safe unset($key); unset($value); - } - } // Execute the prepared statements with parameters bound @@ -205,10 +192,11 @@ class MySQL { } // Fetch array from database - public function fetch($table, $fetchAll = true, $data = null, $order = null, $limit = null, $group = null, $distinct = false, $column = '*', $prefix = null) { + public function fetch($table, $fetchAll = true, $data = null, $order = null, $limit = null, $group = null, $distinct = false, $column = '*', $prefix = null) + { // Run a select statement - $query = $this->select($table, $data, $order, $limit , $group, $distinct, $column, $prefix); + $query = $this->select($table, $data, $order, $limit, $group, $distinct, $column, $prefix); // Return the output return $fetchAll ? $query->fetchAll(PDO::FETCH_ASSOC) : $query->fetch(PDO::FETCH_ASSOC); @@ -216,33 +204,34 @@ class MySQL { } // Insert data to database - public function insert($table, $data, $prefix = null) { + public function insert($table, $data, $prefix = null) + { // Begin preparation of the statement $prepare = 'INSERT INTO `' . ($prefix ? $prefix : Configuration::getLocalConfig('database', 'prefix')) . $table . '` '; // Run the foreach statement twice for (`stuff`) VALUES (:stuff) - for($i = 0; $i < 2; $i++) { - + for ($i = 0; $i < 2; $i++) { $prepare .= '('; - // Do more shit, don't feel like describing this so yeah - foreach($data as $key => $value) { - if(strlen($value)) + foreach ($data as $key => $value) { + if (strlen($value)) { $prepare .= ($i ? ':' : '`') . $key . ($i ? '' : '`') . ($key == key(array_slice($data, -1, 1, true)) ? '' : ', '); + } + } $prepare .= ')' . ($i ? ';' : ' VALUES '); - } // Actually prepare the preration $query = $this->sql->prepare($prepare); // Bind those parameters - foreach($data as $key => $value) { - if(strlen($value)) - $query->bindParam(':'. $key, $value); + foreach ($data as $key => $value) { + if (strlen($value)) { + $query->bindParam(':' . $key, $value); + } // Unset variables to be safe unset($key); @@ -258,21 +247,21 @@ class MySQL { } // Update data in the database - public function update($table, $data, $prefix = null) { + public function update($table, $data, $prefix = null) + { // Begin preparation of the statement $prepare = 'UPDATE `' . ($prefix ? $prefix : Configuration::getLocalConfig('database', 'prefix')) . $table . '`'; // Run a foreach on $data and complete the statement - foreach($data as $key => $values) { - + foreach ($data as $key => $values) { // Append WHERE or SET depending on where we are - $prepare .= ' '. ($key ? 'WHERE' : 'SET'); + $prepare .= ' ' . ($key ? 'WHERE' : 'SET'); // Do this complicated shit, I barely know what's going on anymore but it works - foreach($values as $column => $column_data) - $prepare .= ' `'. $column .'` '. ($key ? $column_data[1] : '=') .' :'. ($key ? 'w' : 's') .'_'. $column . ($column == key(array_slice($values, -1, 1, true)) ? ($key ? ';' : '') : ($key ? ' '. (isset($value[2]) && $value[2] ? 'OR' : 'AND') : ',')); - + foreach ($values as $column => $column_data) { + $prepare .= ' `' . $column . '` ' . ($key ? $column_data[1] : '=') . ' :' . ($key ? 'w' : 's') . '_' . $column . ($column == key(array_slice($values, -1, 1, true)) ? ($key ? ';' : '') : ($key ? ' ' . (isset($value[2]) && $value[2] ? 'OR' : 'AND') : ',')); + } } // Actually prepare the preration @@ -280,31 +269,27 @@ class MySQL { // Seperate the foreaches for the SET and WHERE clauses because it's fucking it up for some odd reason // Bind Set Clauses - foreach($data[0] as $key => $value) { - + foreach ($data[0] as $key => $value) { // Do the binding - $query->bindParam(':s_'. $key, $value); + $query->bindParam(':s_' . $key, $value); // Unset variables to be safe unset($key); unset($value); - } // Bind Where Clauses - foreach($data[1] as $key => $values) { - + foreach ($data[1] as $key => $values) { // Assign the array entry to a variable because fuck strict standards $value = $values[0]; // Binding two electrifying memes - $query->bindParam(':w_'. $key, $value); + $query->bindParam(':w_' . $key, $value); // Unset variables to be safe unset($key); unset($value); unset($values); - } // Execute the prepared statements with parameters bound @@ -316,32 +301,31 @@ class MySQL { } // Delete data from the database - public function delete($table, $data, $prefix = null) { + public function delete($table, $data, $prefix = null) + { // Begin preparation of the statement $prepare = 'DELETE FROM `' . ($prefix ? $prefix : Configuration::getLocalConfig('database', 'prefix')) . $table . '`'; // If $data is set and is an array continue - if(is_array($data)) { - + if (is_array($data)) { $prepare .= ' WHERE'; - foreach($data as $key => $value) { - $prepare .= ' `'. $key .'` '. $value[1] .' :'. $key . ($key == key(array_slice($data, -1, 1, true)) ? '' : ' '. (isset($value[2]) && $value[2] ? 'OR' : 'AND')); + foreach ($data as $key => $value) { + $prepare .= ' `' . $key . '` ' . $value[1] . ' :' . $key . ($key == key(array_slice($data, -1, 1, true)) ? '' : ' ' . (isset($value[2]) && $value[2] ? 'OR' : 'AND')); // Unset variables to be safe unset($key); unset($value); } - } // Actually prepare the preration $query = $this->sql->prepare($prepare); // Bind those parameters - foreach($data as $key => $value) { - $query->bindParam(':'. $key, $value[0]); + foreach ($data as $key => $value) { + $query->bindParam(':' . $key, $value[0]); // Unset variables to be safe unset($key); @@ -357,24 +341,23 @@ class MySQL { } // Count data from the database - public function count($table, $data = null, $prefix = null) { + public function count($table, $data = null, $prefix = null) + { // Begin preparation of the statement $prepare = 'SELECT COUNT(*) FROM `' . ($prefix ? $prefix : Configuration::getLocalConfig('database', 'prefix')) . $table . '`'; // If $data is set and is an array continue - if(is_array($data)) { - + if (is_array($data)) { $prepare .= ' WHERE'; - foreach($data as $key => $value) { - $prepare .= ' `'. $key .'` '. $value[1] .' :'. $key . ($key == key(array_slice($data, -1, 1, true)) ? '' : ' '. (isset($value[2]) && $value[2] ? 'OR' : 'AND')); + foreach ($data as $key => $value) { + $prepare .= ' `' . $key . '` ' . $value[1] . ' :' . $key . ($key == key(array_slice($data, -1, 1, true)) ? '' : ' ' . (isset($value[2]) && $value[2] ? 'OR' : 'AND')); // Unset variables to be safe unset($key); unset($value); } - } // Add the finishing semicolon @@ -384,16 +367,14 @@ class MySQL { $query = $this->sql->prepare($prepare); // Bind those parameters if $data is an array that is - if(is_array($data)) { - - foreach($data as $key => $value) { - $query->bindParam(':'. $key, $value[0]); + if (is_array($data)) { + foreach ($data as $key => $value) { + $query->bindParam(':' . $key, $value[0]); // Unset variables to be safe unset($key); unset($value); } - } // Execute the prepared statements with parameters bound @@ -403,5 +384,4 @@ class MySQL { return $query->fetch(PDO::FETCH_BOTH); } - } diff --git a/_sakura/cron.php b/_sakura/cron.php index 012aaa7..3a99540 100644 --- a/_sakura/cron.php +++ b/_sakura/cron.php @@ -6,12 +6,48 @@ // Declare Namespace namespace Sakura; +// Check if the script isn't executed by root +if (function_exists('posix_getuid')) { + if (posix_getuid() === 0) { + trigger_error('Running cron as root is disallowed for security reasons.', E_USER_ERROR); + exit; + } +} + // Define that this page won't require templating define('SAKURA_NO_TPL', true); // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Override expiration variables ignore_user_abort(true); set_time_limit(0); + +// Clean expired sessions +Database::delete('sessions', [ + + 'expire' => [time(), '<'], + 'remember' => ['1', '!='], + +]); + +// Delete notifications that are older than a month but not unread +Database::delete('notifications', [ + + 'timestamp' => [(time() - 109500), '<'], + 'notif_read' => ['1', '='], + +]); + +// Get expired premium accounts +$expiredPremium = Database::fetch('premium', true, [ + + 'expiredate' => [time(), '<'], + +]); + +// Process expired premium accounts +foreach ($expiredPremium as $expired) { + Users::updatePremiumMeta($expired['uid']); +} diff --git a/_sakura/sakura.php b/_sakura/sakura.php index 41851b4..521fe97 100644 --- a/_sakura/sakura.php +++ b/_sakura/sakura.php @@ -8,10 +8,10 @@ namespace Sakura; // Define Sakura version -define('SAKURA_VERSION', '20150912'); -define('SAKURA_VLABEL', 'Eminence'); -define('SAKURA_COLOUR', '#6C3082'); -define('SAKURA_STABLE', false); +define('SAKURA_VERSION', '20150914'); +define('SAKURA_VLABEL', 'Eminence'); +define('SAKURA_COLOUR', '#6C3082'); +define('SAKURA_STABLE', false); // Define Sakura Path define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__))); @@ -23,79 +23,67 @@ error_reporting(SAKURA_STABLE ? 0 : -1); mb_internal_encoding('utf-8'); // Stop the execution if the PHP Version is older than 5.4.0 -if(version_compare(phpversion(), '5.4.0', '<')) { - +if (version_compare(phpversion(), '5.4.0', '<')) { die('

Sakura requires at least PHP 5.4.0, please upgrade to a newer PHP version.

'); - } // Include libraries -require_once ROOT .'_sakura/vendor/autoload.php'; -require_once ROOT .'_sakura/components/Main.php'; -require_once ROOT .'_sakura/components/Hashing.php'; -require_once ROOT .'_sakura/components/Configuration.php'; -require_once ROOT .'_sakura/components/Database.php'; -require_once ROOT .'_sakura/components/Urls.php'; -require_once ROOT .'_sakura/components/Templates.php'; -require_once ROOT .'_sakura/components/Permissions.php'; -require_once ROOT .'_sakura/components/Sessions.php'; -require_once ROOT .'_sakura/components/User.php'; -require_once ROOT .'_sakura/components/Users.php'; -require_once ROOT .'_sakura/components/Forum.php'; -require_once ROOT .'_sakura/components/News.php'; -require_once ROOT .'_sakura/components/Comments.php'; -require_once ROOT .'_sakura/components/Manage.php'; -require_once ROOT .'_sakura/components/Bans.php'; -require_once ROOT .'_sakura/components/Whois.php'; -require_once ROOT .'_sakura/components/Payments.php'; +require_once ROOT . '_sakura/vendor/autoload.php'; +require_once ROOT . '_sakura/components/Main.php'; +require_once ROOT . '_sakura/components/Hashing.php'; +require_once ROOT . '_sakura/components/Configuration.php'; +require_once ROOT . '_sakura/components/Database.php'; +require_once ROOT . '_sakura/components/Urls.php'; +require_once ROOT . '_sakura/components/Templates.php'; +require_once ROOT . '_sakura/components/Permissions.php'; +require_once ROOT . '_sakura/components/Sessions.php'; +require_once ROOT . '_sakura/components/User.php'; +require_once ROOT . '_sakura/components/Users.php'; +require_once ROOT . '_sakura/components/Forum.php'; +require_once ROOT . '_sakura/components/News.php'; +require_once ROOT . '_sakura/components/Comments.php'; +require_once ROOT . '_sakura/components/Manage.php'; +require_once ROOT . '_sakura/components/Bans.php'; +require_once ROOT . '_sakura/components/Whois.php'; +require_once ROOT . '_sakura/components/Payments.php'; // Include database extensions -foreach(glob(ROOT .'_sakura/components/database/*.php') as $driver) { - +foreach (glob(ROOT . '_sakura/components/database/*.php') as $driver) { require_once $driver; - } // Set Error handler set_error_handler(array('Sakura\Main', 'errorHandler')); // Initialise Main Class -Main::init(ROOT .'_sakura/config/config.ini'); +Main::init(ROOT . '_sakura/config/config.ini'); // Assign servers file to whois class -Whois::setServers(ROOT .'_sakura/'. Configuration::getLocalConfig('data', 'whoisservers')); +Whois::setServers(ROOT . '_sakura/' . Configuration::getLocalConfig('data', 'whoisservers')); // Check if we the system has a cron service -if(Configuration::getConfig('no_cron_service')) { - +if (Configuration::getConfig('no_cron_service')) { // If not do an "asynchronous" call to the cron.php script - if(Configuration::getConfig('no_cron_last') < (time() - Configuration::getConfig('no_cron_interval'))) { - + if (Configuration::getConfig('no_cron_last') < (time() - Configuration::getConfig('no_cron_interval'))) { // Check OS - if(substr(strtolower(PHP_OS), 0, 3) == 'win') { - - pclose(popen('start /B '. PHP_BINDIR .'\php.exe '. addslashes(ROOT .'_sakura\cron.php'), 'r')); - + if (substr(strtolower(PHP_OS), 0, 3) == 'win') { + pclose(popen('start /B ' . PHP_BINDIR . '\php.exe ' . addslashes(ROOT . '_sakura\cron.php'), 'r')); } else { - - pclose(popen(PHP_BINDIR .'/php '. ROOT .'_sakura/cron.php > /dev/null 2>/dev/null &', 'r')); - + pclose(popen(PHP_BINDIR . '/php ' . ROOT . '_sakura/cron.php > /dev/null 2>/dev/null &', 'r')); } // Update last execution time Database::update('config', [ - [ - 'config_value' => time() + 'config_value' => time(), ], [ - 'config_name' => ['no_cron_last', '='] - - ] + 'config_name' => ['no_cron_last', '='], + ], ]); } @@ -112,10 +100,12 @@ $currentUser = new User(Session::$userId); $urls = new Urls(); // Prepare the name of the template to load (outside of SAKURA_NO_TPL because it's used in imageserve.php) -$templateName = defined('SAKURA_MANAGE') ? Configuration::getConfig('manage_style') : Configuration::getConfig('site_style'); - -if(!defined('SAKURA_NO_TPL')) { +$templateName = +defined('SAKURA_MANAGE') ? +Configuration::getConfig('manage_style') : +Configuration::getConfig('site_style'); +if (!defined('SAKURA_NO_TPL')) { // Initialise templating engine Templates::init($templateName); @@ -135,89 +125,86 @@ if(!defined('SAKURA_NO_TPL')) { 'versionInfo' => [ - 'version' => SAKURA_VERSION, - 'label' => SAKURA_VLABEL, - 'colour' => SAKURA_COLOUR, - 'stable' => SAKURA_STABLE + 'version' => SAKURA_VERSION, + 'label' => SAKURA_VLABEL, + 'colour' => SAKURA_COLOUR, + 'stable' => SAKURA_STABLE, ], 'cookie' => [ - 'prefix' => Configuration::getConfig('cookie_prefix'), - 'domain' => Configuration::getConfig('cookie_domain'), - 'path' => Configuration::getConfig('cookie_path'), + 'prefix' => Configuration::getConfig('cookie_prefix'), + 'domain' => Configuration::getConfig('cookie_domain'), + 'path' => Configuration::getConfig('cookie_path'), ], - 'urlMain' => Configuration::getConfig('url_main'), - 'urlApi' => Configuration::getConfig('url_api'), + 'urlMain' => Configuration::getConfig('url_main'), + 'urlApi' => Configuration::getConfig('url_api'), - 'contentPath' => Configuration::getConfig('content_path'), - 'resources' => Configuration::getConfig('content_path') .'/data/'. strtolower(Templates::$_TPL), + 'contentPath' => Configuration::getConfig('content_path'), + 'resources' => Configuration::getConfig('content_path') . '/data/' . strtolower(Templates::$template), - 'charset' => Configuration::getConfig('charset'), - 'siteName' => Configuration::getConfig('sitename'), - 'siteDesc' => Configuration::getConfig('sitedesc'), - 'siteTags' => implode(", ", json_decode(Configuration::getConfig('sitetags'), true)), - 'dateFormat' => Configuration::getConfig('date_format'), - 'currentPage' => '//'. $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'], + 'charset' => Configuration::getConfig('charset'), + 'siteName' => Configuration::getConfig('sitename'), + 'siteDesc' => Configuration::getConfig('sitedesc'), + 'siteTags' => implode(", ", json_decode(Configuration::getConfig('sitetags'), true)), + 'dateFormat' => Configuration::getConfig('date_format'), + 'currentPage' => '//' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'], - 'recaptchaPublic' => Configuration::getConfig('recaptcha_public'), - 'recaptchaEnabled' => Configuration::getConfig('recaptcha'), + 'recaptchaPublic' => Configuration::getConfig('recaptcha_public'), + 'recaptchaEnabled' => Configuration::getConfig('recaptcha'), - 'disableRegistration' => Configuration::getConfig('disable_registration'), - 'lockSite' => Configuration::getConfig('lock_site'), - 'lockSiteReason' => Configuration::getConfig('lock_site_reason'), - 'lockAuth' => Configuration::getConfig('lock_authentication'), - 'requireRegCodes' => Configuration::getConfig('require_registration_code'), - 'requireActivation' => Configuration::getConfig('require_activation'), - 'minPwdEntropy' => Configuration::getConfig('min_entropy'), - 'minUsernameLength' => Configuration::getConfig('username_min_length'), - 'maxUsernameLength' => Configuration::getConfig('username_max_length') + 'disableRegistration' => Configuration::getConfig('disable_registration'), + 'lockSite' => Configuration::getConfig('lock_site'), + 'lockSiteReason' => Configuration::getConfig('lock_site_reason'), + 'lockAuth' => Configuration::getConfig('lock_authentication'), + 'requireRegCodes' => Configuration::getConfig('require_registration_code'), + 'requireActivation' => Configuration::getConfig('require_activation'), + 'minPwdEntropy' => Configuration::getConfig('min_entropy'), + 'minUsernameLength' => Configuration::getConfig('username_min_length'), + 'maxUsernameLength' => Configuration::getConfig('username_max_length'), ], 'php' => [ 'sessionid' => \session_id(), - 'time' => \time(), - 'self' => $_SERVER['PHP_SELF'] + 'time' => \time(), + 'self' => $_SERVER['PHP_SELF'], ], 'session' => [ - 'checkLogin' => Users::checkLogin(), - 'sessionId' => Session::$sessionId, - 'userId' => Session::$userId + 'checkLogin' => Users::checkLogin(), + 'sessionId' => Session::$sessionId, + 'userId' => Session::$userId, ], 'user' => $currentUser, - 'urls' => $urls + 'urls' => $urls, ]; // Ban checking - if(Users::checkLogin() && $ban = Bans::checkBan(Session::$userId)) { - + if (Users::checkLogin() && $ban = Bans::checkBan(Session::$userId)) { // Additional render data $renderData = array_merge($renderData, [ 'ban' => [ - 'reason' => $ban['reason'], - 'issued' => $ban['issued'], - 'expires' => $ban['expires'], - 'issuer' => Users::getUser($ban['issuer']) - ] + 'reason' => $ban['reason'], + 'issued' => $ban['issued'], + 'expires' => $ban['expires'], + 'issuer' => Users::getUser($ban['issuer']), + ], ]); Users::logout(); print Templates::render('main/banned.tpl', $renderData); exit; - } - } diff --git a/api/api.php b/api/api.php index d1444d2..877c45e 100644 --- a/api/api.php +++ b/api/api.php @@ -10,7 +10,7 @@ namespace Sakura; define('SAKURA_NO_TPL', true); // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Change to content type to text/plain and set the charset to UTF-8 header('Content-Type: text/plain; charset=utf-8'); @@ -22,8 +22,7 @@ $path = ltrim($_SERVER['REQUEST_URI'], '/'); $elems = explode('/', $path); // Correct the path if mod_rewrite isn't used -if($elems[0] == explode('/', ltrim($_SERVER['PHP_SELF'], '/'))[0]) { - +if ($elems[0] == explode('/', ltrim($_SERVER['PHP_SELF'], '/'))[0]) { // Remove the entry unset($elems[0]); @@ -31,53 +30,45 @@ if($elems[0] == explode('/', ltrim($_SERVER['PHP_SELF'], '/'))[0]) { $elems = array_values($elems); // Make sure there's at least one entry (even if empty) - if(!isset($elems[0])) + if (!isset($elems[0])) { $elems[] = ""; - + } } // Make sure the GET requests aren't present in the last entry -if(strpos($elems[max(array_keys($elems))], '?')) { - +if (strpos($elems[max(array_keys($elems))], '?')) { // If there are cut them all $elems[max(array_keys($elems))] = strstr($elems[max(array_keys($elems))], '?', true); - } // Predefine the return variable $return = []; // Select API version -switch(isset($elems[0]) ? $elems[0] : false) { - +switch (isset($elems[0]) ? $elems[0] : false) { // API Version 1 case 'v1': - switch(isset($elems[1]) ? $elems[1] : false) { - + switch (isset($elems[1]) ? $elems[1] : false) { // Authentication case 'authenticate': - switch(isset($elems[2]) ? $elems[2] : false) { - + switch (isset($elems[2]) ? $elems[2] : false) { case 'login': $return = ['success' => 'LOGIN_PROCESS_HERE']; break; default: $return = ['error' => ['NO_DATA_REQ']]; - } break; default: $return = ['error' => ['NO_DATA_REQ']]; - } break; // Default fallback default: $return = ['error' => ['NO_API_VERSION']]; - } echo isset($_GET['pretty']) ? Main::jsonPretty(json_encode([$return])) : json_encode([$return]); diff --git a/integrations/SockChat.php b/integrations/SockChat.php index 4067e53..6753610 100644 --- a/integrations/SockChat.php +++ b/integrations/SockChat.php @@ -10,54 +10,42 @@ // You can also create a PHP file including this SockChat.php // file so it's always up-to-date! Don't forget to include the // variable below in the file __BEFORE__ the include! -if(!isset($sockSakuraPath)) { - +if (!isset($sockSakuraPath)) { $sockSakuraPath = ''; - } /* * * DON'T EDIT ANYTHING BELOW THIS LINE * * */ // Include Sakura -require_once $sockSakuraPath .'/sakura.php'; +require_once $sockSakuraPath . '/sakura.php'; -use sockchat\Auth; -use Sakura\Session; -use Sakura\Users; use Sakura\Permissions; +use Sakura\Session; use Sakura\User; +use Sakura\Users; +use sockchat\Auth; -if(Auth::getPageType() == AUTH_FETCH) { - +if (Auth::getPageType() == AUTH_FETCH) { // Check if user is logged into the Sakura backend if not deny - if(Users::checkLogin()) { - + if (Users::checkLogin()) { // If so append the required arguments and accept Auth::AppendArguments([Session::$userId, Session::$sessionId]); Auth::Accept(); - } else { - Auth::Deny(); - } - } else { - // Get arguments $uid = $_REQUEST['arg1']; $sid = $_REQUEST['arg2']; // Check if session is active else deny - if(Session::checkSession($uid, $sid)) { - + if (Session::checkSession($uid, $sid)) { // Check if they can access the chat - if(Permissions::check('SITE', 'DEACTIVATED', $uid, 1) && Permissions::check('SITE', 'RESTRICTED', $uid, 1)) { - + if (Permissions::check('SITE', 'DEACTIVATED', $uid, 1) && Permissions::check('SITE', 'RESTRICTED', $uid, 1)) { Auth::Deny(); Auth::Serve(); exit; - } // Create a user object @@ -73,22 +61,18 @@ if(Auth::getPageType() == AUTH_FETCH) { // Set the common permissions Auth::SetCommonPermissions( bindec(Permissions::getUserPermissions($uid)['SITE']), - Permissions::check('MANAGE', 'USE_MANAGE', $uid, 1) ? 1 : 0, - Permissions::check('SITE', 'CREATE_BACKGROUND', $uid, 1) ? 1 : 0, - Permissions::check('SITE', 'CHANGE_USERNAME', $uid, 1) ? 1 : 0, - Permissions::check('SITE', 'MULTIPLE_GROUPS', $uid, 1) ? 2 : ( - Permissions::check('SITE', 'CREATE_GROUP', $uid, 1) ? 1 : 0 + Permissions::check('MANAGE', 'USE_MANAGE', $uid, 1) ? 1 : 0, + Permissions::check('SITE', 'CREATE_BACKGROUND', $uid, 1) ? 1 : 0, + Permissions::check('SITE', 'CHANGE_USERNAME', $uid, 1) ? 1 : 0, + Permissions::check('SITE', 'MULTIPLE_GROUPS', $uid, 1) ? 2 : ( + Permissions::check('SITE', 'CREATE_GROUP', $uid, 1) ? 1 : 0 ) ); Auth::Accept(); - } else { - Auth::Deny(); - } - } // Serve the authentication data diff --git a/public/404.php b/public/404.php index 2482725..31848c6 100644 --- a/public/404.php +++ b/public/404.php @@ -7,7 +7,7 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Set 404 header header('HTTP/1.0 404 Not Found'); diff --git a/public/authenticate.php b/public/authenticate.php index 4971234..af1b511 100644 --- a/public/authenticate.php +++ b/public/authenticate.php @@ -7,205 +7,183 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Page actions -if(isset($_REQUEST['mode'])) { - +if (isset($_REQUEST['mode'])) { // Continue $continue = true; // Make sure we're not in activate mode since adding a timestamp and accessing the PHP session id is kind of hard when you're in an e-mail client - if(!isset($_REQUEST['mode']) || $_REQUEST['mode'] != 'activate') { - + if (!isset($_REQUEST['mode']) || $_REQUEST['mode'] != 'activate') { // Compare time and session so we know the link isn't forged - if(!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) { - + if (!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) { $renderData['page'] = [ - 'redirect' => $urls->format('AUTH_ACTION'), - 'message' => 'Timestamps differ too much, refresh the page and try again.', - 'success' => 0 + 'redirect' => $urls->format('AUTH_ACTION'), + 'message' => 'Timestamps differ too much, refresh the page and try again.', + 'success' => 0, ]; // Prevent $continue = false; - } // Match session ids for the same reason - if(!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) { - + if (!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) { $renderData['page'] = [ - 'redirect' => $urls->format('AUTH_ACTION'), - 'message' => 'Invalid session, please try again.', - 'success' => 0 + 'redirect' => $urls->format('AUTH_ACTION'), + 'message' => 'Invalid session, please try again.', + 'success' => 0, ]; // Prevent $continue = false; - } - } // Login check - if(Users::checkLogin()) { - - if(!in_array($_REQUEST['mode'], ['logout'])) { + if (Users::checkLogin()) { + if (!in_array($_REQUEST['mode'], ['logout'])) { $continue = false; // Add page specific things $renderData['page'] = [ - 'redirect' => $urls->format('SITE_HOME'), - 'message' => 'You are already authenticated. Redirecting...', - 'success' => 1 + 'redirect' => $urls->format('SITE_HOME'), + 'message' => 'You are already authenticated. Redirecting...', + 'success' => 1, ]; } - } - if($continue) { - - switch($_REQUEST['mode']) { - + if ($continue) { + switch ($_REQUEST['mode']) { case 'logout': - // Attempt logout $logout = Users::logout(); // Add page specific data $renderData['page'] = [ - 'redirect' => ($logout ? $_REQUEST['redirect'] : $urls->format('SITE_LOGIN')), - 'message' => $logout ? 'You are now logged out.' : 'An unknown error occurred.', - 'success' => $logout ? 1 : 0 + 'redirect' => ($logout ? $_REQUEST['redirect'] : $urls->format('SITE_LOGIN')), + 'message' => $logout ? 'You are now logged out.' : 'An unknown error occurred.', + 'success' => $logout ? 1 : 0, ]; - break; case 'changepassword': - // Attempt change $passforget = Users::resetPassword($_REQUEST['verk'], $_REQUEST['uid'], $_REQUEST['newpw'], $_REQUEST['verpw']); // Array containing "human understandable" messages $messages = [ - 'INVALID_VERK' => 'The verification key supplied was invalid!', - 'INVALID_CODE' => 'Invalid verification key, if you think this is an error contact the administrator.', - 'INVALID_USER' => 'The used verification key is not designated for this user.', - 'VERK_TOO_SHIT' => 'Your verification code is too weak, try adding some special characters.', - 'PASS_TOO_SHIT' => 'Your password is too weak, try adding some special characters.', - 'PASS_NOT_MATCH' => 'Passwords do not match.', - 'SUCCESS' => 'Successfully changed your password, you may now log in.' + 'INVALID_VERK' => 'The verification key supplied was invalid!', + 'INVALID_CODE' => 'Invalid verification key, if you think this is an error contact the administrator.', + 'INVALID_USER' => 'The used verification key is not designated for this user.', + 'VERK_TOO_SHIT' => 'Your verification code is too weak, try adding some special characters.', + 'PASS_TOO_SHIT' => 'Your password is too weak, try adding some special characters.', + 'PASS_NOT_MATCH' => 'Passwords do not match.', + 'SUCCESS' => 'Successfully changed your password, you may now log in.', ]; // Add page specific things $renderData['page'] = [ - 'redirect' => ($passforget[0] ? $urls->format('SITE_LOGIN') : $_SERVER['PHP_SELF'] .'?pw=true&uid='. $_REQUEST['uid'] .'&verk='. $_REQUEST['verk']), - 'message' => $messages[$passforget[1]], - 'success' => $passforget[0] + 'redirect' => ($passforget[0] ? $urls->format('SITE_LOGIN') : $_SERVER['PHP_SELF'] . '?pw=true&uid=' . $_REQUEST['uid'] . '&verk=' . $_REQUEST['verk']), + 'message' => $messages[$passforget[1]], + 'success' => $passforget[0], ]; - break; // Activating accounts case 'activate': - // Attempt activation $activate = Users::activateUser($_REQUEST['u'], true, $_REQUEST['k']); // Array containing "human understandable" messages $messages = [ - 'USER_NOT_EXIST' => 'The user you tried to activate does not exist.', - 'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.', - 'INVALID_CODE' => 'Invalid activation code, if you think this is an error contact the administrator.', - 'INVALID_USER' => 'The used activation code is not designated for this user.', - 'SUCCESS' => 'Successfully activated your account, you may now log in.' + 'USER_NOT_EXIST' => 'The user you tried to activate does not exist.', + 'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.', + 'INVALID_CODE' => 'Invalid activation code, if you think this is an error contact the administrator.', + 'INVALID_USER' => 'The used activation code is not designated for this user.', + 'SUCCESS' => 'Successfully activated your account, you may now log in.', ]; // Add page specific things $renderData['page'] = [ - 'redirect' => $urls->format('SITE_LOGIN'), - 'message' => $messages[$activate[1]], - 'success' => $activate[0] + 'redirect' => $urls->format('SITE_LOGIN'), + 'message' => $messages[$activate[1]], + 'success' => $activate[0], ]; - break; // Resending the activation e-mail case 'resendactivemail': - // Attempt send $resend = Users::resendActivationMail($_REQUEST['username'], $_REQUEST['email']); // Array containing "human understandable" messages $messages = [ - 'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.', - 'USER_NOT_EXIST' => 'The user you tried to activate does not exist (confirm the username/email combination).', - 'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.', - 'SUCCESS' => 'The activation e-mail has been sent to the address associated with your account.' + 'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.', + 'USER_NOT_EXIST' => 'The user you tried to activate does not exist (confirm the username/email combination).', + 'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.', + 'SUCCESS' => 'The activation e-mail has been sent to the address associated with your account.', ]; // Add page specific things $renderData['page'] = [ - 'redirect' => $urls->format('SITE_HOME'), - 'message' => $messages[$resend[1]], - 'success' => $resend[0] + 'redirect' => $urls->format('SITE_HOME'), + 'message' => $messages[$resend[1]], + 'success' => $resend[0], ]; - break; // Login processing case 'login': - // Attempt login $login = Users::login($_REQUEST['username'], $_REQUEST['password'], isset($_REQUEST['remember'])); // Array containing "human understandable" messages $messages = [ - 'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.', - 'USER_NOT_EXIST' => 'The user you tried to log into does not exist.', - 'INCORRECT_PASSWORD' => 'The password you entered was invalid.', - 'NOT_ALLOWED' => 'Your account does not have the required permissions to log in.', - 'NO_LOGIN' => 'Logging into this account is disabled.', - 'LOGIN_SUCESS' => 'Login successful!' + 'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.', + 'USER_NOT_EXIST' => 'The user you tried to log into does not exist.', + 'INCORRECT_PASSWORD' => 'The password you entered was invalid.', + 'NOT_ALLOWED' => 'Your account does not have the required permissions to log in.', + 'NO_LOGIN' => 'Logging into this account is disabled.', + 'LOGIN_SUCESS' => 'Login successful!', ]; // Add page specific things $renderData['page'] = [ - 'redirect' => $login[0] ? $_REQUEST['redirect'] : $urls->format('SITE_LOGIN'), - 'message' => $messages[$login[1]], - 'success' => $login[0] + 'redirect' => $login[0] ? $_REQUEST['redirect'] : $urls->format('SITE_LOGIN'), + 'message' => $messages[$login[1]], + 'success' => $login[0], ]; - break; // Registration processing case 'register': - // Attempt registration $register = Users::register( $_REQUEST['username'], @@ -228,59 +206,56 @@ if(isset($_REQUEST['mode'])) { // Array containing "human understandable" messages $messages = [ - 'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.', - 'DISABLED' => 'Registration is currently disabled.', - 'INVALID_REG_KEY' => 'The given registration code was invalid.', - 'TOS' => 'You are required to agree to the Terms of Service.', - 'CAPTCHA_FAIL' => 'Captcha verification failed, please try again.', - 'USER_EXISTS' => 'A user with this username already exists, if you lost your password try using the Lost Password form.', - 'NAME_TOO_SHORT' => 'Your name must be at least 3 characters long.', - 'NAME_TOO_LONG' => 'Your name can\'t be longer than 16 characters.', - 'PASS_TOO_SHIT' => 'Your password is too weak, try adding some special characters.', - 'PASS_NOT_MATCH' => 'Passwords do not match.', - 'INVALID_EMAIL' => 'Your e-mail address is formatted incorrectly.', - 'INVALID_MX' => 'No valid MX-Record found on the e-mail address you supplied.', - 'EMAILSENT' => 'Your registration went through! An activation e-mail has been sent.', - 'SUCCESS' => 'Your registration went through! Welcome to '. Configuration::getConfig('sitename') .'!' + 'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.', + 'DISABLED' => 'Registration is currently disabled.', + 'INVALID_REG_KEY' => 'The given registration code was invalid.', + 'TOS' => 'You are required to agree to the Terms of Service.', + 'CAPTCHA_FAIL' => 'Captcha verification failed, please try again.', + 'USER_EXISTS' => 'A user with this username already exists, if you lost your password try using the Lost Password form.', + 'NAME_TOO_SHORT' => 'Your name must be at least 3 characters long.', + 'NAME_TOO_LONG' => 'Your name can\'t be longer than 16 characters.', + 'PASS_TOO_SHIT' => 'Your password is too weak, try adding some special characters.', + 'PASS_NOT_MATCH' => 'Passwords do not match.', + 'INVALID_EMAIL' => 'Your e-mail address is formatted incorrectly.', + 'INVALID_MX' => 'No valid MX-Record found on the e-mail address you supplied.', + 'EMAILSENT' => 'Your registration went through! An activation e-mail has been sent.', + 'SUCCESS' => 'Your registration went through! Welcome to ' . Configuration::getConfig('sitename') . '!', ]; // Add page specific things $renderData['page'] = [ - 'redirect' => ($register[0] ? $urls->format('SITE_LOGIN') : $urls->format('SITE_REGISTER')), - 'message' => $messages[$register[1]], - 'success' => $register[0] + 'redirect' => ($register[0] ? $urls->format('SITE_LOGIN') : $urls->format('SITE_REGISTER')), + 'message' => $messages[$register[1]], + 'success' => $register[0], ]; - break; // Unforgetting passwords case 'forgotpassword': - // Attempt send $passforgot = Users::sendPasswordForgot($_REQUEST['username'], $_REQUEST['email']); // Array containing "human understandable" messages $messages = [ - 'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.', - 'USER_NOT_EXIST' => 'The requested user does not exist (confirm the username/email combination).', - 'NOT_ALLOWED' => 'Your account does not have the required permissions to change your password.', - 'SUCCESS' => 'The password reset e-mail has been sent to the address associated with your account.' + 'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.', + 'USER_NOT_EXIST' => 'The requested user does not exist (confirm the username/email combination).', + 'NOT_ALLOWED' => 'Your account does not have the required permissions to change your password.', + 'SUCCESS' => 'The password reset e-mail has been sent to the address associated with your account.', ]; // Add page specific things $renderData['page'] = [ - 'redirect' => $urls->format('SITE_FORGOT_PASSWORD'), - 'message' => $messages[$passforgot[1]], - 'success' => $passforgot[0] + 'redirect' => $urls->format('SITE_FORGOT_PASSWORD'), + 'message' => $messages[$passforgot[1]], + 'success' => $passforgot[0], ]; - break; } @@ -288,13 +263,13 @@ if(isset($_REQUEST['mode'])) { } // Print page contents or if the AJAX request is set only display the render data - print isset($_REQUEST['ajax']) ? - ( - $renderData['page']['message'] .'|'. - $renderData['page']['success'] .'|'. - $renderData['page']['redirect'] - ) : - Templates::render('global/information.tpl', $renderData); + print isset($_REQUEST['ajax']) ? + ( + $renderData['page']['message'] . '|' . + $renderData['page']['success'] . '|' . + $renderData['page']['redirect'] + ) : + Templates::render('global/information.tpl', $renderData); exit; } @@ -305,52 +280,47 @@ $renderData['auth'] = [ 'redirect' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $urls->format('SITE_HOME'), 'blockRegister' => [ - 'do' => false + 'do' => false, - ] + ], ]; // Check if the user is already logged in -if(Users::checkLogin()) { - +if (Users::checkLogin()) { // Add page specific things $renderData['page'] = [ - 'redirect' => $urls->format('SITE_HOME'), - 'message' => 'You are already logged in, log out to access this page.' + 'redirect' => $urls->format('SITE_HOME'), + 'message' => 'You are already logged in, log out to access this page.', ]; print Templates::render('global/information.tpl', $renderData); exit; - } // Check if a user has already registered from the current IP address -if(count($regUserIP = Users::getUsersByIP(Main::getRemoteIP()))) { - +if (count($regUserIP = Users::getUsersByIP(Main::getRemoteIP()))) { $renderData['auth']['blockRegister'] = [ - 'do' => true, - 'username' => $regUserIP[array_rand($regUserIP)]['username'] + 'do' => true, + 'username' => $regUserIP[array_rand($regUserIP)]['username'], ]; - } // If password forgot things are set display password forget thing -if(isset($_REQUEST['pw']) && $_REQUEST['pw']) { - +if (isset($_REQUEST['pw']) && $_REQUEST['pw']) { $renderData['auth']['changingPass'] = true; - $renderData['auth']['userId'] = $_REQUEST['uid']; + $renderData['auth']['userId'] = $_REQUEST['uid']; - if(isset($_REQUEST['key'])) + if (isset($_REQUEST['key'])) { $renderData['auth']['forgotKey'] = $_REQUEST['key']; + } print Templates::render('main/forgotpassword.tpl', $renderData); exit; - } // Print page contents diff --git a/public/changelog.php b/public/changelog.php index e4421b8..b62d84a 100644 --- a/public/changelog.php +++ b/public/changelog.php @@ -10,29 +10,26 @@ namespace Sakura; define('SAKURA_NO_TPL', true); // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Path the changelog JSON -$changelog = json_decode(file_get_contents(ROOT .'_sakura/changelog.json'), true); +$changelog = json_decode(file_get_contents(ROOT . '_sakura/changelog.json'), true); // Create variable to store HTML in $changelogHTML = null; // Format HTML -foreach(array_reverse($changelog['changelog'], true) as $revisionId => $revisionData) { +foreach (array_reverse($changelog['changelog'], true) as $revisionId => $revisionData) { + $changelogHTML .= '
'; - $changelogHTML .= '
'; - - $changelogHTML .= 'Revision '. $revisionId .' ('. ucfirst($revisionData[0]) .')'; + $changelogHTML .= 'Revision ' . $revisionId . ' (' . ucfirst($revisionData[0]) . ')'; unset($revisionData[0]); - foreach(array_reverse($revisionData) as $id => $changeData) { - - $changelogHTML .= '
'; - - switch($changeData['type']) { + foreach (array_reverse($revisionData) as $id => $changeData) { + $changelogHTML .= '
'; + switch ($changeData['type']) { case 'ADD': $changelogHTML .= 'Added'; break; @@ -51,34 +48,31 @@ foreach(array_reverse($changelog['changelog'], true) as $revisionId => $revision default: $changelogHTML .= 'Unknown'; - } $changelogHTML .= ''; $changelogHTML .= $changeData['change']; $changelogHTML .= ''; - $changelogHTML .= ''; + $changelogHTML .= ''; $changelogHTML .= $changeData['user']; $changelogHTML .= ''; $changelogHTML .= '
'; - } $changelogHTML .= '
'; - } // Get special template file -$tpl = file_get_contents(ROOT .'_sakura/templates/changeLog.tpl'); +$tpl = file_get_contents(ROOT . '_sakura/templates/changeLog.tpl'); // Parse tags -$tpl = str_replace('{{ version }}', SAKURA_VERSION, $tpl); -$tpl = str_replace('{{ version_label }}', SAKURA_VLABEL, $tpl); -$tpl = str_replace('{{ version_type }}', SAKURA_STABLE ? 'Stable' : 'Development', $tpl); -$tpl = str_replace('{{ colour }}', SAKURA_COLOUR, $tpl); -$tpl = str_replace('{{ changeloghtml }}', $changelogHTML, $tpl); +$tpl = str_replace('{{ version }}', SAKURA_VERSION, $tpl); +$tpl = str_replace('{{ version_label }}', SAKURA_VLABEL, $tpl); +$tpl = str_replace('{{ version_type }}', SAKURA_STABLE ? 'Stable' : 'Development', $tpl); +$tpl = str_replace('{{ colour }}', SAKURA_COLOUR, $tpl); +$tpl = str_replace('{{ changeloghtml }}', $changelogHTML, $tpl); // Print template print $tpl; diff --git a/public/faq.php b/public/faq.php index 58b697a..2edd3cf 100644 --- a/public/faq.php +++ b/public/faq.php @@ -7,13 +7,13 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Add page specific things $renderData['page'] = [ - 'title' => 'Frequently Asked Questions', - 'questions' => Main::getFaqData() + 'title' => 'Frequently Asked Questions', + 'questions' => Main::getFaqData(), ]; diff --git a/public/group.php b/public/group.php index c609990..4e9e770 100644 --- a/public/group.php +++ b/public/group.php @@ -7,8 +7,7 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Print page contents print Templates::render('group/index.tpl', $renderData); - diff --git a/public/imageserve.php b/public/imageserve.php index 6e6a1d6..1256eb4 100644 --- a/public/imageserve.php +++ b/public/imageserve.php @@ -10,7 +10,7 @@ namespace Sakura; define('SAKURA_NO_TPL', true); // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Set Content type //header('Content-Type: application/octet-stream'); @@ -19,49 +19,39 @@ require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sak $userDirPath = ROOT . Configuration::getConfig('user_uploads') . '/'; // Check if the m(ode) GET request is set -if(isset($_GET['m'])) { - - switch($_GET['m']) { - +if (isset($_GET['m'])) { + switch ($_GET['m']) { case 'avatar': // Set paths - $noAvatar = ROOT . str_replace('{{ TPL }}', $templateName, Configuration::getConfig('no_avatar_img')); + $noAvatar = ROOT . str_replace('{{ TPL }}', $templateName, Configuration::getConfig('no_avatar_img')); $deactiveAvatar = ROOT . str_replace('{{ TPL }}', $templateName, Configuration::getConfig('deactivated_avatar_img')); - $bannedAvatar = ROOT . str_replace('{{ TPL }}', $templateName, Configuration::getConfig('banned_avatar_img')); + $bannedAvatar = ROOT . str_replace('{{ TPL }}', $templateName, Configuration::getConfig('banned_avatar_img')); // If ?u= isn't set or if it isn't numeric - if(!isset($_GET['u']) || !is_numeric($_GET['u']) || $_GET['u'] == 0) { - + if (!isset($_GET['u']) || !is_numeric($_GET['u']) || $_GET['u'] == 0) { $serveImage = $noAvatar; break; - } // Get user data $user = new User($_GET['u']); // If user is deactivated use deactive avatar - if($user->checkIfUserHasRanks([0, 1])) { - + if ($user->checkIfUserHasRanks([0, 1])) { $serveImage = $deactiveAvatar; break; - } // Check if user is banned - if($user->checkBan()) { - + if ($user->checkBan()) { $serveImage = $bannedAvatar; break; - } // Check if user has an avatar set - if(empty($user->data['userData']['userAvatar']) || !file_exists($userDirPath . $user->data['userData']['userAvatar'])) { - + if (empty($user->data['userData']['userAvatar']) || !file_exists($userDirPath . $user->data['userData']['userAvatar'])) { $serveImage = $noAvatar; break; - } // Check if the avatar exist and assign it to a value @@ -73,38 +63,30 @@ if(isset($_GET['m'])) { $noBackground = ROOT . Configuration::getConfig('no_background_img'); // If ?u= isn't set or if it isn't numeric - if(!isset($_GET['u']) || !is_numeric($_GET['u'])) { - + if (!isset($_GET['u']) || !is_numeric($_GET['u'])) { $serveImage = $noBackground; break; - } // Get user data $user = new User($_GET['u']); // If user is deactivated use deactive avatar - if($user->checkIfUserHasRanks([0, 1])) { - + if ($user->checkIfUserHasRanks([0, 1])) { $serveImage = $noBackground; break; - } // Check if user is banned - if(Bans::checkBan($_GET['u'])) { - + if (Bans::checkBan($_GET['u'])) { $serveImage = $noBackground; break; - } // Check if user has a background set - if(empty($user->data['userData']['profileBackground']) || !file_exists($userDirPath . $user->data['userData']['profileBackground'])) { - + if (empty($user->data['userData']['profileBackground']) || !file_exists($userDirPath . $user->data['userData']['profileBackground'])) { $serveImage = $noBackground; break; - } // Check if the avatar exist and assign it to a value @@ -116,7 +98,7 @@ if(isset($_GET['m'])) { $noHeader = ROOT . Configuration::getConfig('no_header_img'); // If ?u= isn't set or if it isn't numeric - if(!isset($_GET['u']) || !is_numeric($_GET['u'])) { + if (!isset($_GET['u']) || !is_numeric($_GET['u'])) { $serveImage = $noHeader; break; } @@ -125,27 +107,21 @@ if(isset($_GET['m'])) { $user = new User($_GET['u']); // If user is deactivated use deactive avatar - if($user->checkIfUserHasRanks([0, 1])) { - + if ($user->checkIfUserHasRanks([0, 1])) { $serveImage = $noHeader; break; - } // Check if user is banned - if(Bans::checkBan($_GET['u'])) { - + if (Bans::checkBan($_GET['u'])) { $serveImage = $noHeader; break; - } // Check if user has a background set - if(empty($user->data['userData']['profileHeader']) || !file_exists($userDirPath . $user->data['userData']['profileHeader'])) { - + if (empty($user->data['userData']['profileHeader']) || !file_exists($userDirPath . $user->data['userData']['profileHeader'])) { $serveImage = $noHeader; break; - } // Check if the avatar exist and assign it to a value @@ -156,15 +132,12 @@ if(isset($_GET['m'])) { $serveImage = ROOT . Configuration::getConfig('pixel_img'); } - } else { - $serveImage = ROOT . Configuration::getConfig('pixel_img'); - } $serveImage = file_get_contents($serveImage); -header('Content-Type: '. getimagesizefromstring($serveImage)['mime']); +header('Content-Type: ' . getimagesizefromstring($serveImage)['mime']); print $serveImage; diff --git a/public/index.php b/public/index.php index eb30302..61f8ab5 100644 --- a/public/index.php +++ b/public/index.php @@ -7,15 +7,14 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Info pages -if(isset($_GET['p'])) { - +if (isset($_GET['p'])) { // Set default variables $renderData['page'] = [ - 'content' => Main::mdParse("# Unable to load the requested info page.\r\n\r\nCheck the URL and try again.") + 'content' => Main::mdParse("# Unable to load the requested info page.\r\n\r\nCheck the URL and try again."), ]; @@ -23,23 +22,20 @@ if(isset($_GET['p'])) { $pageId = isset($_GET['p']) ? strtolower($_GET['p']) : ''; // Get info page data from the database - if($ipData = Main::loadInfoPage($pageId)) { - + if ($ipData = Main::loadInfoPage($pageId)) { // Assign new proper variable $renderData['page'] = [ - 'id' => $pageId, - 'title' => $ipData['pagetitle'], - 'content' => Main::mdParse($ipData['content']) + 'id' => $pageId, + 'title' => $ipData['pagetitle'], + 'content' => Main::mdParse($ipData['content']), ]; - } // Print page contents print Templates::render('main/infopage.tpl', $renderData); exit; - } // Are we in forum mode? @@ -50,23 +46,23 @@ $renderData['news'] = ($forumMode ? null : (new News(Configuration::getConfig('s $renderData['newsCount'] = Configuration::getConfig('front_page_news_posts'); $renderData['page'] = [ - 'friend_req' => Users::getPendingFriends() + 'friend_req' => Users::getPendingFriends(), ]; $renderData['board'] = [ - 'forums' => ($forumMode ? Forum::getForumList() : null), + 'forums' => ($forumMode ? Forum::getForumList() : null), 'viewforum' => false, - 'viewtopic' => false + 'viewtopic' => false, ]; $renderData['stats'] = [ - 'userCount' => Database::count('users', ['password_algo' => ['nologin', '!='], 'rank_main' => ['1', '!=']])[0], - 'newestUser' => ($_INDEX_NEWEST_USER = new User(Users::getNewestUserId())), - 'lastRegDate' => ($_INDEX_LAST_REGDATE = date_diff(date_create(date('Y-m-d', $_INDEX_NEWEST_USER->data['regdate'])), date_create(date('Y-m-d')))->format('%a')) .' day'. ($_INDEX_LAST_REGDATE == 1 ? '' : 's'), - 'topicCount' => Database::count('topics')[0], - 'postCount' => Database::count('posts')[0], - 'onlineUsers' => Users::checkAllOnline() + 'userCount' => Database::count('users', ['password_algo' => ['nologin', '!='], 'rank_main' => ['1', '!=']])[0], + 'newestUser' => ($_INDEX_NEWEST_USER = new User(Users::getNewestUserId())), + 'lastRegDate' => ($_INDEX_LAST_REGDATE = date_diff(date_create(date('Y-m-d', $_INDEX_NEWEST_USER->data['regdate'])), date_create(date('Y-m-d')))->format('%a')) . ' day' . ($_INDEX_LAST_REGDATE == 1 ? '' : 's'), + 'topicCount' => Database::count('topics')[0], + 'postCount' => Database::count('posts')[0], + 'onlineUsers' => Users::checkAllOnline(), ]; // Print page contents -print Templates::render(($forumMode ? 'forum' : 'main') .'/index.tpl', $renderData); +print Templates::render(($forumMode ? 'forum' : 'main') . '/index.tpl', $renderData); diff --git a/public/manage.php b/public/manage.php index 2344f71..3b2098c 100644 --- a/public/manage.php +++ b/public/manage.php @@ -10,14 +10,12 @@ namespace Sakura; define('SAKURA_MANAGE', true); // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Make sure user has the permissions to view this -if(!Permissions::check('MANAGE', 'USE_MANAGE', Session::$userId, 1)) { - +if (!Permissions::check('MANAGE', 'USE_MANAGE', Session::$userId, 1)) { header('Location: /'); exit; - } // Management pages @@ -25,129 +23,129 @@ $managePages = [ 'index' => [ 'desc' => 'Index', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'reports' => [ 'desc' => 'Reports', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'banning' => [ 'desc' => 'Banning', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'warnings' => [ 'desc' => 'Warnings', - 'subs' => [ + 'subs' => [ 'front-thing' => [ - 'desc' => 'thing' - ] - ] + 'desc' => 'thing', + ], + ], ], 'user-notes' => [ 'desc' => 'User notes', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'action-logs' => [ 'desc' => 'Action logs', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'action-logs' => [ 'desc' => 'Action logs', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'statistics' => [ 'desc' => 'Statistics', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'general-settings' => [ 'desc' => 'General Settings', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'users' => [ 'desc' => 'Users', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'ranks' => [ 'desc' => 'Ranks', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'permissions' => [ 'desc' => 'Permissions', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'info-pages' => [ 'desc' => 'Info pages', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] + 'desc' => 'Front Page', + ], + ], ], 'system' => [ 'desc' => 'System', - 'subs' => [ + 'subs' => [ 'front-page' => [ - 'desc' => 'Front Page' - ] - ] - ] + 'desc' => 'Front Page', + ], + ], + ], ]; @@ -174,9 +172,9 @@ $renderData['page'] = [ key($_MANAGE_SUBS) ) : key($_MANAGE_SUBS) - ) + ), ]; // Print page contents -print Templates::render('pages/'. $_MANAGE_ACTIVE_PAGE .'/'. $_MANAGE_ACTIVE_SUB .'.tpl', $renderData); +print Templates::render('pages/' . $_MANAGE_ACTIVE_PAGE . '/' . $_MANAGE_ACTIVE_SUB . '.tpl', $renderData); diff --git a/public/members.php b/public/members.php index 44468a4..dcadd37 100644 --- a/public/members.php +++ b/public/members.php @@ -7,30 +7,26 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // CHeck if the user is logged in -if(Users::checkLogin()) { - +if (Users::checkLogin()) { // Add page specific things $renderData['page'] = [ - 'ranks' => ($_MEMBERLIST_RANKS = Users::getAllRanks()), - 'active' => ($_MEMBERLIST_ACTIVE = (isset($_GET['rank']) && $_GET['rank'] && array_key_exists($_GET['rank'], $_MEMBERLIST_RANKS) ? $_GET['rank'] : 0)), - 'notfound' => ($_MEMBERLIST_NFOUND = (isset($_GET['rank']) && !array_key_exists($_GET['rank'], $_MEMBERLIST_RANKS) && $_GET['rank'] != 0)), - 'sorts' => ($_MEMBERLIST_SORTS = ['boxes', 'rectangles', 'list']), - 'sort' => isset($_GET['sort']) && $_GET['sort'] && in_array($_GET['sort'], $_MEMBERLIST_SORTS) ? $_GET['sort'] : $_MEMBERLIST_SORTS[0], - 'page' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0, - 'users' => array_chunk($_MEMBERLIST_ACTIVE && !$_MEMBERLIST_NFOUND ? Users::getUsersInRank($_MEMBERLIST_ACTIVE, null, true, true) : Users::getAllUsers(), Configuration::getConfig('members_per_page'), true) + 'ranks' => ($_MEMBERLIST_RANKS = Users::getAllRanks()), + 'active' => ($_MEMBERLIST_ACTIVE = (isset($_GET['rank']) && $_GET['rank'] && array_key_exists($_GET['rank'], $_MEMBERLIST_RANKS) ? $_GET['rank'] : 0)), + 'notfound' => ($_MEMBERLIST_NFOUND = (isset($_GET['rank']) && !array_key_exists($_GET['rank'], $_MEMBERLIST_RANKS) && $_GET['rank'] != 0)), + 'sorts' => ($_MEMBERLIST_SORTS = ['boxes', 'rectangles', 'list']), + 'sort' => isset($_GET['sort']) && $_GET['sort'] && in_array($_GET['sort'], $_MEMBERLIST_SORTS) ? $_GET['sort'] : $_MEMBERLIST_SORTS[0], + 'page' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0, + 'users' => array_chunk($_MEMBERLIST_ACTIVE && !$_MEMBERLIST_NFOUND ? Users::getUsersInRank($_MEMBERLIST_ACTIVE, null, true, true) : Users::getAllUsers(), Configuration::getConfig('members_per_page'), true), ]; // Print page contents print Templates::render('main/memberlist.tpl', $renderData); - } else { - // Else return the restricted page print Templates::render('global/restricted.tpl', $renderData); - } diff --git a/public/news.php b/public/news.php index ab8222f..33686b9 100644 --- a/public/news.php +++ b/public/news.php @@ -10,39 +10,38 @@ namespace Sakura; use DOMDocument; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Create a new News object $news = new News(isset($_GET['cat']) ? $_GET['cat'] : Configuration::getConfig('site_news_category')); // News XML feed -if(isset($_GET['xml'])) { - +if (isset($_GET['xml'])) { // Get the news posts $posts = $news->getPosts(); // Meta data attributes $metaData = [ - 'title' => ($_FEED_TITLE = Configuration::getConfig('sitename')) .' News', - 'link' => ($_FEED_URL = 'http://'. Configuration::getConfig('url_main')), - 'description' => 'News about '. $_FEED_TITLE, - 'language' => 'en-gb', - 'webMaster' => (new User(1))->data['email'] .' ('. $_FEED_TITLE .' Webmaster)', - 'pubDate' => ($_FEED_DATE = date('r', $posts[array_keys($posts)[0]]['date'])), - 'lastBuildDate' => $_FEED_DATE + 'title' => ($_FEED_TITLE = Configuration::getConfig('sitename')) . ' News', + 'link' => ($_FEED_URL = 'http://' . Configuration::getConfig('url_main')), + 'description' => 'News about ' . $_FEED_TITLE, + 'language' => 'en-gb', + 'webMaster' => (new User(1))->data['email'] . ' (' . $_FEED_TITLE . ' Webmaster)', + 'pubDate' => ($_FEED_DATE = date('r', $posts[array_keys($posts)[0]]['date'])), + 'lastBuildDate' => $_FEED_DATE, ]; // Item attributes $itemData = [ - 'title' => ['text' => '{EVAL}', 'eval' => '$post["title"]'], - 'link' => ['text' => $_FEED_URL .'/news/{EVAL}', 'eval' => '$post["id"]'], - 'guid' => ['text' => $_FEED_URL .'/news/{EVAL}', 'eval' => '$post["id"]'], - 'pubDate' => ['text' => '{EVAL}', 'eval' => 'date("D, d M Y G:i:s O", $post["date"])'], - 'dc:publisher' => ['text' => '{EVAL}', 'eval' => '$post["poster"]->data["username"]'], - 'description' => ['cdata' => '{EVAL}', 'eval' => '$post["content_parsed"]'] + 'title' => ['text' => '{EVAL}', 'eval' => '$post["title"]'], + 'link' => ['text' => $_FEED_URL . '/news/{EVAL}', 'eval' => '$post["id"]'], + 'guid' => ['text' => $_FEED_URL . '/news/{EVAL}', 'eval' => '$post["id"]'], + 'pubDate' => ['text' => '{EVAL}', 'eval' => 'date("D, d M Y G:i:s O", $post["date"])'], + 'dc:publisher' => ['text' => '{EVAL}', 'eval' => '$post["poster"]->data["username"]'], + 'description' => ['cdata' => '{EVAL}', 'eval' => '$post["content_parsed"]'], ]; @@ -53,63 +52,57 @@ if(isset($_GET['xml'])) { $fRss = $feed->createElement('rss'); // Set attributes - $fRss->setAttribute('version', '2.0'); - $fRss->setAttribute('xmlns:atom', 'http://www.w3.org/2005/Atom'); - $fRss->setAttribute('xmlns:dc', 'http://purl.org/dc/elements/1.1'); + $fRss->setAttribute('version', '2.0'); + $fRss->setAttribute('xmlns:atom', 'http://www.w3.org/2005/Atom'); + $fRss->setAttribute('xmlns:dc', 'http://purl.org/dc/elements/1.1'); // Create the channel element $fChannel = $feed->createElement('channel'); // Build meta elements - foreach($metaData as $name => $value) { - + foreach ($metaData as $name => $value) { // Create the elements - $mElem = $feed->createElement($name); - $mElemText = $feed->createTextNode($value); + $mElem = $feed->createElement($name); + $mElemText = $feed->createTextNode($value); // Append them - $mElem ->appendChild($mElemText); - $fChannel ->appendChild($mElem); + $mElem->appendChild($mElemText); + $fChannel->appendChild($mElem); // Unset the working vars unset($mElem); unset($mElemText); - } // Add all the posts - foreach($posts as $post) { - + foreach ($posts as $post) { // Create item element $fPost = $feed->createElement('item'); // Create post attributes - foreach($itemData as $tag => $valueData) { - + foreach ($itemData as $tag => $valueData) { // Create the element $pElem = $feed->createElement($tag); // Create value - eval('$value = '. $valueData['eval'] .';'); + eval('$value = ' . $valueData['eval'] . ';'); $value = str_replace('{EVAL}', $value, $valueData[(array_key_exists('cdata', $valueData) ? 'cdata' : 'text')]); // Create text node or cdata container $pElemText = (array_key_exists('cdata', $valueData)) ? $feed->createCDATASection($value) : $feed->createTextNode($value); // Append them - $pElem ->appendChild($pElemText); - $fPost ->appendChild($pElem); + $pElem->appendChild($pElemText); + $fPost->appendChild($pElem); // Unset the working vars unset($pElem); unset($pElemText); unset($value); - } // Append the item to the channel $fChannel->appendChild($fPost); - } // Append the channel element to RSS @@ -121,16 +114,15 @@ if(isset($_GET['xml'])) { // Return the feed print $feed->saveXML(); exit; - } $renderData = array_merge($renderData, [ - 'news' => $news, - 'postsPerPage' => Configuration::getConfig('news_posts_per_page'), - 'viewPost' => isset($_GET['id']), - 'postExists' => $news->postExists(isset($_GET['id']) ? $_GET['id'] : 0), - 'currentPage' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0 + 'news' => $news, + 'postsPerPage' => Configuration::getConfig('news_posts_per_page'), + 'viewPost' => isset($_GET['id']), + 'postExists' => $news->postExists(isset($_GET['id']) ? $_GET['id'] : 0), + 'currentPage' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0, ]); diff --git a/public/posting.php b/public/posting.php index 31752b6..d0288d7 100644 --- a/public/posting.php +++ b/public/posting.php @@ -7,11 +7,11 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Set location -$locId = isset($_GET['f']) ? $_GET['f'] : (isset($_GET['t']) ? $_GET['t'] : (isset($_GET['p']) ? Forum::getTopicIdFromPostId($_GET['p']) : 0)); -$locMode = isset($_GET['f']) ? 'f' : (isset($_GET['t']) || isset($_GET['p']) ? 't' : null); +$locId = isset($_GET['f']) ? $_GET['f'] : (isset($_GET['t']) ? $_GET['t'] : (isset($_GET['p']) ? Forum::getTopicIdFromPostId($_GET['p']) : 0)); +$locMode = isset($_GET['f']) ? 'f' : (isset($_GET['t']) || isset($_GET['p']) ? 't' : null); // Set additional render data $renderData = array_merge($renderData, [ @@ -19,9 +19,9 @@ $renderData = array_merge($renderData, [ 'posting' => [ 'emoticons' => Main::getEmotes(), - 'bbcodes' => Main::getBBcodes() + 'bbcodes' => Main::getBBcodes(), - ] + ], ]); diff --git a/public/profile.php b/public/profile.php index 5f757d3..0a80b08 100644 --- a/public/profile.php +++ b/public/profile.php @@ -7,8 +7,7 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; - +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Get the user's context $profile = new User(isset($_GET['u']) ? $_GET['u'] : 0); diff --git a/public/report.php b/public/report.php index 238d155..bbc30be 100644 --- a/public/report.php +++ b/public/report.php @@ -7,6 +7,6 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; print Templates::render('main/report.tpl', $renderData); diff --git a/public/search.php b/public/search.php index 443e5ca..26360e0 100644 --- a/public/search.php +++ b/public/search.php @@ -7,12 +7,12 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Add page specific things $renderData['page'] = [ - 'title' => 'Search' + 'title' => 'Search', ]; diff --git a/public/settings.php b/public/settings.php index 04ab294..cb18e11 100644 --- a/public/settings.php +++ b/public/settings.php @@ -7,18 +7,15 @@ namespace Sakura; // If this we're requesting notifications this page won't require templating -if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications']) { - +if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications']) { define('SAKURA_NO_TPL', true); - } // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Notifications -if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications']) { - +if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications']) { // Set CORS header header('Access-Control-Allow-Origin: *'); @@ -26,38 +23,32 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications $notifications = array(); // Check if the user is logged in - if(Users::checkLogin() && isset($_REQUEST['time']) && $_REQUEST['time'] > (time() - 1000) && isset($_REQUEST['session']) && $_REQUEST['session'] == session_id()) { - + if (Users::checkLogin() && isset($_REQUEST['time']) && $_REQUEST['time'] > (time() - 1000) && isset($_REQUEST['session']) && $_REQUEST['session'] == session_id()) { // Get the user's notifications from the past forever but exclude read notifications $userNotifs = Users::getNotifications(null, 0, true, true); // Add the proper values to the array - foreach($userNotifs as $notif) { - + foreach ($userNotifs as $notif) { // Add the notification to the display array $notifications[$notif['timestamp']] = [ - 'read' => $notif['notif_read'], - 'title' => $notif['notif_title'], - 'text' => $notif['notif_text'], - 'link' => $notif['notif_link'], - 'img' => $notif['notif_img'], - 'timeout' => $notif['notif_timeout'], - 'sound' => $notif['notif_sound'] + 'read' => $notif['notif_read'], + 'title' => $notif['notif_title'], + 'text' => $notif['notif_text'], + 'link' => $notif['notif_link'], + 'img' => $notif['notif_img'], + 'timeout' => $notif['notif_timeout'], + 'sound' => $notif['notif_sound'], ]; - } - } // Set header, convert the array to json, print it and exit print json_encode($notifications); exit; - -// Friends -} elseif(isset($_REQUEST['friend-action']) && $_REQUEST['friend-action'] && Users::checkLogin()) { - +} elseif (isset($_REQUEST['friend-action']) && $_REQUEST['friend-action'] && Users::checkLogin()) { + // Friends // Continue $continue = true; @@ -65,115 +56,103 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications $redirect = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $urls->format('SITE_INDEX')); // Compare time and session so we know the link isn't forged - if(!isset($_REQUEST['add']) && !isset($_REQUEST['remove'])) { - - if(!isset($_REQUEST['ajax'])) { - - header('Location: '. $redirect); + if (!isset($_REQUEST['add']) && !isset($_REQUEST['remove'])) { + if (!isset($_REQUEST['ajax'])) { + header('Location: ' . $redirect); exit; - } $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'One of the required operators isn\'t set.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'One of the required operators isn\'t set.', + 'success' => 0, ]; // Prevent $continue = false; - } // Compare time and session so we know the link isn't forged - if($continue && $_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')] == Session::$userId) { - + if ($continue && $_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')] == Session::$userId) { $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'You can\'t be friends with yourself, stop trying to bend reality.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'You can\'t be friends with yourself, stop trying to bend reality.', + 'success' => 0, ]; // Prevent $continue = false; - } // Compare time and session so we know the link isn't forged - if(!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) { - + if (!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) { $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Timestamps differ too much, refresh the page and try again.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'Timestamps differ too much, refresh the page and try again.', + 'success' => 0, ]; // Prevent $continue = false; - } // Match session ids for the same reason - if(!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) { - + if (!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) { $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Invalid session, please try again.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'Invalid session, please try again.', + 'success' => 0, ]; // Prevent $continue = false; - } // Continue if nothing fucked up - if($continue) { - + if ($continue) { // Execute the action - $action = (isset($_REQUEST['add']) ? Users::addFriend($_REQUEST['add']) : Users::removeFriend($_REQUEST['remove'], true)); + $action = (isset($_REQUEST['add']) ? Users::addFriend($_REQUEST['add']) : Users::removeFriend($_REQUEST['remove'], true)); // Set the messages $messages = [ - 'USER_NOT_EXIST' => 'The user you tried to add doesn\'t exist.', - 'ALREADY_FRIENDS' => 'You are already friends with this person!', - 'FRIENDS' => 'You are now mutual friends!', - 'NOT_MUTUAL' => 'A friend request has been sent to this person.', - 'ALREADY_REMOVED' => 'You aren\'t friends with this person.', - 'REMOVED' => 'Removed this person from your friends list.' + 'USER_NOT_EXIST' => 'The user you tried to add doesn\'t exist.', + 'ALREADY_FRIENDS' => 'You are already friends with this person!', + 'FRIENDS' => 'You are now mutual friends!', + 'NOT_MUTUAL' => 'A friend request has been sent to this person.', + 'ALREADY_REMOVED' => 'You aren\'t friends with this person.', + 'REMOVED' => 'Removed this person from your friends list.', ]; // Notification strings $notifStrings = [ - 'FRIENDS' => ['%s accepted your friend request!', 'You can now do mutual friend things!'], - 'NOT_MUTUAL' => ['%s added you as a friend!', 'Click here to add them as well.'], - 'REMOVED' => ['%s removed you from their friends.', 'You can no longer do friend things now ;_;'] + 'FRIENDS' => ['%s accepted your friend request!', 'You can now do mutual friend things!'], + 'NOT_MUTUAL' => ['%s added you as a friend!', 'Click here to add them as well.'], + 'REMOVED' => ['%s removed you from their friends.', 'You can no longer do friend things now ;_;'], ]; // Add page specific things $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => $messages[$action[1]], - 'success' => $action[0] + 'redirect' => $redirect, + 'message' => $messages[$action[1]], + 'success' => $action[0], ]; // Create a notification - if(array_key_exists($action[1], $notifStrings)) { - + if (array_key_exists($action[1], $notifStrings)) { // Get the current user's profile data $user = new User(Session::$userId); @@ -182,135 +161,116 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications sprintf($notifStrings[$action[1]][0], $user->data['username']), $notifStrings[$action[1]][1], 60000, - '//'. Configuration::getConfig('url_main') .'/a/'. $user->data['id'], - '//'. Configuration::getConfig('url_main') .'/u/'. $user->data['id'], + '//' . Configuration::getConfig('url_main') . '/a/' . $user->data['id'], + '//' . Configuration::getConfig('url_main') . '/u/' . $user->data['id'], '1' ); - } - } // Print page contents or if the AJAX request is set only display the render data - print isset($_REQUEST['ajax']) ? - ( - $renderData['page']['message'] .'|'. - $renderData['page']['success'] .'|'. - $renderData['page']['redirect'] - ) : - Templates::render('global/information.tpl', $renderData); + print isset($_REQUEST['ajax']) ? + ( + $renderData['page']['message'] . '|' . + $renderData['page']['success'] . '|' . + $renderData['page']['redirect'] + ) : + Templates::render('global/information.tpl', $renderData); exit; - -} elseif(isset($_POST['submit']) && isset($_POST['submit'])) { - +} elseif (isset($_POST['submit']) && isset($_POST['submit'])) { $continue = true; // Set redirector $redirect = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $urls->format('SETTINGS_INDEX'); // Check if the user is logged in - if(!Users::checkLogin() || !$continue) { - + if (!Users::checkLogin() || !$continue) { $renderData['page'] = [ - 'redirect' => '/authenticate', - 'message' => 'You must be logged in to edit your settings.', - 'success' => 0 + 'redirect' => '/authenticate', + 'message' => 'You must be logged in to edit your settings.', + 'success' => 0, ]; break; - } // Check session variables - if(!isset($_REQUEST['timestamp']) || $_REQUEST['timestamp'] < time() - 1000 || !isset($_REQUEST['sessid']) || $_REQUEST['sessid'] != session_id() || !$continue) { - + if (!isset($_REQUEST['timestamp']) || $_REQUEST['timestamp'] < time() - 1000 || !isset($_REQUEST['sessid']) || $_REQUEST['sessid'] != session_id() || !$continue) { $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Your session has expired, please refresh the page and try again.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'Your session has expired, please refresh the page and try again.', + 'success' => 0, ]; break; - } // Change settings - if($continue) { - + if ($continue) { // Switch to the correct mode - switch($_POST['mode']) { - + switch ($_POST['mode']) { // Avatar & Background case 'avatar': case 'background': - // Assign $_POST['mode'] to a $mode variable because I ain't typin that more than once $mode = $_POST['mode']; // Assign the correct userData key to a variable and correct title - switch($mode) { - + switch ($mode) { case 'background': - $userDataKey = 'profileBackground'; - $msgTitle = 'Background'; - $permission = (!empty($currentUser->data['userData'][$userDataKey]) && $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND')) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND'); + $userDataKey = 'profileBackground'; + $msgTitle = 'Background'; + $permission = (!empty($currentUser->data['userData'][$userDataKey]) && $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND')) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND'); break; case 'avatar': default: - $userDataKey = 'userAvatar'; - $msgTitle = 'Avatar'; - $permission = $currentUser->checkPermission('SITE', 'CHANGE_AVATAR'); - + $userDataKey = 'userAvatar'; + $msgTitle = 'Avatar'; + $permission = $currentUser->checkPermission('SITE', 'CHANGE_AVATAR'); } // Check if the user has the permissions to go ahead - if(!$permission) { - + if (!$permission) { // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'You are not allowed to alter your '. strtolower($msgTitle) .'.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'You are not allowed to alter your ' . strtolower($msgTitle) . '.', + 'success' => 0, ]; break; - } // Set path variables - $filepath = ROOT . Configuration::getConfig('user_uploads') .'/'; - $filename = $filepath . $mode .'_'. Session::$userId; + $filepath = ROOT . Configuration::getConfig('user_uploads') . '/'; + $filename = $filepath . $mode . '_' . Session::$userId; $currfile = isset($currentUser->data['userData'][$userDataKey]) && !empty($_OLDFILE = $currentUser->data['userData'][$userDataKey]) ? $_OLDFILE : null; // Check if $_FILES is set - if(!isset($_FILES[$mode]) && empty($_FILES[$mode])) { - + if (!isset($_FILES[$mode]) && empty($_FILES[$mode])) { // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'No file was uploaded.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'No file was uploaded.', + 'success' => 0, ]; break; - } // Check if the upload went properly - if($_FILES[$mode]['error'] !== UPLOAD_ERR_OK && $_FILES[$mode]['error'] !== UPLOAD_ERR_NO_FILE) { - + if ($_FILES[$mode]['error'] !== UPLOAD_ERR_OK && $_FILES[$mode]['error'] !== UPLOAD_ERR_NO_FILE) { // Get the error in text - switch($_FILES[$mode]['error']) { - + switch ($_FILES[$mode]['error']) { case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: $msg = 'The uploaded file exceeds the maximum filesize!'; @@ -329,143 +289,121 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications default: $msg = 'An unknown exception occurred!'; break; - } // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => $msg, - 'success' => 0 + 'redirect' => $redirect, + 'message' => $msg, + 'success' => 0, ]; break; - } // Check if we're not in removal mode - if($_FILES[$mode]['error'] != UPLOAD_ERR_NO_FILE) { - + if ($_FILES[$mode]['error'] != UPLOAD_ERR_NO_FILE) { // Get the meta data $metadata = getimagesize($_FILES[$mode]['tmp_name']); // Check if the image is actually an image - if($metadata == false) { - + if ($metadata == false) { // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Uploaded file is not an image.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'Uploaded file is not an image.', + 'success' => 0, ]; break; - } // Check if the image is an allowed filetype - if((($metadata[2] !== IMAGETYPE_GIF) && ($metadata[2] !== IMAGETYPE_JPEG) && ($metadata[2] !== IMAGETYPE_PNG))) { - + if ((($metadata[2] !== IMAGETYPE_GIF) && ($metadata[2] !== IMAGETYPE_JPEG) && ($metadata[2] !== IMAGETYPE_PNG))) { // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'This filetype is not allowed.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'This filetype is not allowed.', + 'success' => 0, ]; break; - } // Check if the image is too large - if(($metadata[0] > Configuration::getConfig($mode .'_max_width') || $metadata[1] > Configuration::getConfig($mode .'_max_height'))) { - + if (($metadata[0] > Configuration::getConfig($mode . '_max_width') || $metadata[1] > Configuration::getConfig($mode . '_max_height'))) { // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'The resolution of this picture is too big.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'The resolution of this picture is too big.', + 'success' => 0, ]; break; - } // Check if the image is too small - if(($metadata[0] < Configuration::getConfig($mode .'_min_width') || $metadata[1] < Configuration::getConfig($mode .'_min_height'))) { - + if (($metadata[0] < Configuration::getConfig($mode . '_min_width') || $metadata[1] < Configuration::getConfig($mode . '_min_height'))) { // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'The resolution of this picture is too small.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'The resolution of this picture is too small.', + 'success' => 0, ]; break; - } // Check if the file is too large - if((filesize($_FILES[$mode]['tmp_name']) > Configuration::getConfig($mode .'_max_fsize'))) { - + if ((filesize($_FILES[$mode]['tmp_name']) > Configuration::getConfig($mode . '_max_fsize'))) { // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'The filesize of this file is too large.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'The filesize of this file is too large.', + 'success' => 0, ]; break; - } - } // Delete old avatar - if($currfile && file_exists($currfile)) { - + if ($currfile && file_exists($currfile)) { unlink($filepath . $currfile); - } - if($_FILES[$mode]['error'] != UPLOAD_ERR_NO_FILE) { - + if ($_FILES[$mode]['error'] != UPLOAD_ERR_NO_FILE) { // Append extension to filename $filename .= image_type_to_extension($metadata[2]); - if(!move_uploaded_file($_FILES[$mode]['tmp_name'], $filename)) { - + if (!move_uploaded_file($_FILES[$mode]['tmp_name'], $filename)) { // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Something went wrong, please try again.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'Something went wrong, please try again.', + 'success' => 0, ]; - } // Create new array $updated = [$userDataKey => basename($filename)]; - } else { - // Remove entry $updated = [$userDataKey => null]; - } // Update database @@ -474,9 +412,9 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Updated your '. strtolower($msgTitle) .'!', - 'success' => 1 + 'redirect' => $redirect, + 'message' => 'Updated your ' . strtolower($msgTitle) . '!', + 'success' => 1, ]; @@ -484,37 +422,28 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications // Profile case 'profile': - // Get profile fields and create storage var $fields = Users::getProfileFields(); - $store = []; + $store = []; // Go over each field - foreach($fields as $field) { - + foreach ($fields as $field) { // Add to the store array - if(isset($_POST['profile_'. $field['ident']]) && !empty($_POST['profile_'. $field['ident']])) { - - $store[$field['ident']] = $_POST['profile_'. $field['ident']]; - + if (isset($_POST['profile_' . $field['ident']]) && !empty($_POST['profile_' . $field['ident']])) { + $store[$field['ident']] = $_POST['profile_' . $field['ident']]; } // Check if there's additional values we should keep in mind - if(isset($field['additional']) && !empty($field['additional'])) { - + if (isset($field['additional']) && !empty($field['additional'])) { // Decode the json $field['additional'] = json_decode($field['additional'], true); // Go over each additional value - foreach($field['additional'] as $addKey => $addVal) { - + foreach ($field['additional'] as $addKey => $addVal) { // Add to the array - $store[$addKey] = (isset($_POST['profile_additional_'. $addKey]) || !empty($_POST['profile_additional_'. $addKey])) ? $_POST['profile_additional_'. $addKey] : false; - + $store[$addKey] = (isset($_POST['profile_additional_' . $addKey]) || !empty($_POST['profile_additional_' . $addKey])) ? $_POST['profile_additional_' . $addKey] : false; } - } - } // Update database @@ -523,51 +452,44 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Your profile has been updated!', - 'success' => 1 + 'redirect' => $redirect, + 'message' => 'Your profile has been updated!', + 'success' => 1, ]; // Birthdays - if(isset($_POST['birthday_day']) && isset($_POST['birthday_month']) && isset($_POST['birthday_year'])) { - + if (isset($_POST['birthday_day']) && isset($_POST['birthday_month']) && isset($_POST['birthday_year'])) { // Check if the values aren't fucked with - if($_POST['birthday_day'] < 0 || $_POST['birthday_day'] > 31 || $_POST['birthday_month'] < 0 || $_POST['birthday_month'] > 12 || ($_POST['birthday_year'] != 0 && $_POST['birthday_year'] < (date("Y") - 100)) || $_POST['birthday_year'] > date("Y")) { - + if ($_POST['birthday_day'] < 0 || $_POST['birthday_day'] > 31 || $_POST['birthday_month'] < 0 || $_POST['birthday_month'] > 12 || ($_POST['birthday_year'] != 0 && $_POST['birthday_year'] < (date("Y") - 100)) || $_POST['birthday_year'] > date("Y")) { $renderData['page']['message'] = 'Your birthdate is invalid.'; $renderData['page']['success'] = 0; break; - } // Check if the values aren't fucked with - if(($_POST['birthday_day'] < 1 && $_POST['birthday_month'] > 0) || ($_POST['birthday_day'] > 0 && $_POST['birthday_month'] < 1)) { - + if (($_POST['birthday_day'] < 1 && $_POST['birthday_month'] > 0) || ($_POST['birthday_day'] > 0 && $_POST['birthday_month'] < 1)) { $renderData['page']['message'] = 'Only setting a day or month is disallowed.'; $renderData['page']['success'] = 0; break; - } // Check if the values aren't fucked with - if($_POST['birthday_year'] > 0 && ($_POST['birthday_day'] < 1 || $_POST['birthday_month'] < 1)) { - + if ($_POST['birthday_year'] > 0 && ($_POST['birthday_day'] < 1 || $_POST['birthday_month'] < 1)) { $renderData['page']['message'] = 'Only setting a year is disallowed.'; $renderData['page']['success'] = 0; break; - } $birthdate = implode('-', [$_POST['birthday_year'], $_POST['birthday_month'], $_POST['birthday_day']]); Database::update('users', [ [ - 'birthday' => $birthdate + 'birthday' => $birthdate, ], [ - 'id' => [Session::$userId, '='] - ] + 'id' => [Session::$userId, '='], + ], ]); } @@ -576,24 +498,19 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications // Profile case 'options': - // Get profile fields and create storage var $fields = Users::getOptionFields(); - $store = []; + $store = []; // Go over each field - foreach($fields as $field) { - + foreach ($fields as $field) { // Make sure the user has sufficient permissions to complete this action - if(!$currentUser->checkPermission('SITE', $field['require_perm'])) { - + if (!$currentUser->checkPermission('SITE', $field['require_perm'])) { $store[$field['id']] = false; continue; - } - $store[$field['id']] = isset($_POST['option_'. $field['id']]) && !empty($_POST['option_'. $field['id']]) ? $_POST['option_'. $field['id']] : null; - + $store[$field['id']] = isset($_POST['option_' . $field['id']]) && !empty($_POST['option_' . $field['id']]) ? $_POST['option_' . $field['id']] : null; } // Update database @@ -602,9 +519,9 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Changed your options!', - 'success' => 1 + 'redirect' => $redirect, + 'message' => 'Changed your options!', + 'success' => 1, ]; @@ -613,35 +530,33 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications // Userpage /*case 'userpage': - // Base64 encode the userpage - $userPage = base64_encode($_POST['userpage']); + // Base64 encode the userpage + $userPage = base64_encode($_POST['userpage']); - // Update database - Users::updateUserDataField(Session::$userId, ['userPage' => [$userPage, 0]]); + // Update database + Users::updateUserDataField(Session::$userId, ['userPage' => [$userPage, 0]]); - // Set render data - $renderData['page'] = [ + // Set render data + $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'Your userpage has been updated!', - 'success' => 1 + 'redirect' => $redirect, + 'message' => 'Your userpage has been updated!', + 'success' => 1 - ]; + ]; - break;*/ + break;*/ // Fallback default: - // Set render data $renderData['page'] = [ - 'redirect' => $redirect, - 'message' => 'The requested method does not exist.', - 'success' => 0 + 'redirect' => $redirect, + 'message' => 'The requested method does not exist.', + 'success' => 0, ]; - break; } @@ -649,19 +564,18 @@ if(isset($_REQUEST['request-notifications']) && $_REQUEST['request-notifications } // Print page contents or if the AJAX request is set only display the render data - print isset($_REQUEST['ajax']) ? - ( - $renderData['page']['message'] .'|'. - $renderData['page']['success'] .'|'. - $renderData['page']['redirect'] - ) : - Templates::render('global/information.tpl', $renderData); + print isset($_REQUEST['ajax']) ? + ( + $renderData['page']['message'] . '|' . + $renderData['page']['success'] . '|' . + $renderData['page']['redirect'] + ) : + Templates::render('global/information.tpl', $renderData); exit; } -if(Users::checkLogin()) { - +if (Users::checkLogin()) { // Settings page list $pages = [ @@ -676,11 +590,11 @@ if(Users::checkLogin()) { 'title' => 'Home', 'description' => [ - 'Welcome to the Settings Panel. From here you can monitor, view and update your profile and preferences.' + 'Welcome to the Settings Panel. From here you can monitor, view and update your profile and preferences.', ], 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), - 'menu' => true + 'menu' => true, ], 'profile' => [ @@ -688,11 +602,11 @@ if(Users::checkLogin()) { 'title' => 'Edit Profile', 'description' => [ - 'These are the external account links etc. on your profile, shouldn\'t need any additional explanation for this one.' + 'These are the external account links etc. on your profile, shouldn\'t need any additional explanation for this one.', ], 'access' => $currentUser->checkPermission('SITE', 'ALTER_PROFILE'), - 'menu' => true + 'menu' => true, ], 'options' => [ @@ -700,27 +614,27 @@ if(Users::checkLogin()) { 'title' => 'Site Options', 'description' => [ - 'These are a few personalisation options for the site while you\'re logged in.' + 'These are a few personalisation options for the site while you\'re logged in.', ], 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), - 'menu' => true + 'menu' => true, - ]/*, - 'groups' => [ + ], /*, + 'groups' => [ - 'title' => 'Groups', - 'description' => [ + 'title' => 'Groups', + 'description' => [ - '{{ user.colour }}' + '{{ user.colour }}' - ], - 'access' => $currentUser->checkPermission('SITE', 'JOIN_GROUPS'), - 'menu' => true + ], + 'access' => $currentUser->checkPermission('SITE', 'JOIN_GROUPS'), + 'menu' => true - ]*/ + ]*/ - ] + ], ], 'friends' => [ @@ -734,11 +648,11 @@ if(Users::checkLogin()) { 'title' => 'Listing', 'description' => [ - 'Manage your friends.' + 'Manage your friends.', ], 'access' => $currentUser->checkPermission('SITE', 'MANAGE_FRIENDS'), - 'menu' => true + 'menu' => true, ], 'requests' => [ @@ -746,15 +660,15 @@ if(Users::checkLogin()) { 'title' => 'Requests', 'description' => [ - 'Handle friend requests.' + 'Handle friend requests.', ], 'access' => $currentUser->checkPermission('SITE', 'MANAGE_FRIENDS'), - 'menu' => true + 'menu' => true, - ] + ], - ] + ], ], 'messages' => [ @@ -768,11 +682,11 @@ if(Users::checkLogin()) { 'title' => 'Inbox', 'description' => [ - 'The list of messages you\'ve received.' + 'The list of messages you\'ve received.', ], 'access' => $currentUser->checkPermission('SITE', 'USE_MESSAGES'), - 'menu' => true + 'menu' => true, ], 'sent' => [ @@ -780,11 +694,11 @@ if(Users::checkLogin()) { 'title' => 'Sent', 'description' => [ - 'The list of messages you\'ve sent to other users.' + 'The list of messages you\'ve sent to other users.', ], 'access' => $currentUser->checkPermission('SITE', 'USE_MESSAGES'), - 'menu' => true + 'menu' => true, ], 'compose' => [ @@ -792,11 +706,11 @@ if(Users::checkLogin()) { 'title' => 'Compose', 'description' => [ - 'Write a new message.' + 'Write a new message.', ], 'access' => $currentUser->checkPermission('SITE', 'SEND_MESSAGES'), - 'menu' => true + 'menu' => true, ], 'read' => [ @@ -804,15 +718,15 @@ if(Users::checkLogin()) { 'title' => 'Read', 'description' => [ - 'Read a message.' + 'Read a message.', ], 'access' => $currentUser->checkPermission('SITE', 'USE_MESSAGES'), - 'menu' => false + 'menu' => false, - ] + ], - ] + ], ], 'notifications' => [ @@ -826,15 +740,15 @@ if(Users::checkLogin()) { 'title' => 'History', 'description' => [ - 'The history of notifications that have been sent to you.' + 'The history of notifications that have been sent to you in the last month.', ], 'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'), - 'menu' => true + 'menu' => true, - ] + ], - ] + ], ], 'appearance' => [ @@ -849,12 +763,11 @@ if(Users::checkLogin()) { 'description' => [ 'Your avatar which is displayed all over the site and on your profile.', - 'Maximum image size is {{ avatar.max_width }}x{{ avatar.max_height }}, minimum image size is {{ avatar.min_width }}x{{ avatar.min_height }}, maximum file size is {{ avatar.max_size_view }}.' - + 'Maximum image size is {{ avatar.max_width }}x{{ avatar.max_height }}, minimum image size is {{ avatar.min_width }}x{{ avatar.min_height }}, maximum file size is {{ avatar.max_size_view }}.', ], 'access' => $currentUser->checkPermission('SITE', 'CHANGE_AVATAR'), - 'menu' => true + 'menu' => true, ], 'background' => [ @@ -863,11 +776,11 @@ if(Users::checkLogin()) { 'description' => [ 'The background that is displayed on your profile.', - 'Maximum image size is {{ background.max_width }}x{{ background.max_height }}, minimum image size is {{ background.min_width }}x{{ background.min_height }}, maximum file size is {{ background.max_size_view }}.' + 'Maximum image size is {{ background.max_width }}x{{ background.max_height }}, minimum image size is {{ background.min_width }}x{{ background.min_height }}, maximum file size is {{ background.max_size_view }}.', ], 'access' => (isset($currentUser->data['userData']['profileBackground']) && $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND')) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND'), - 'menu' => true + 'menu' => true, ], 'userpage' => [ @@ -875,15 +788,15 @@ if(Users::checkLogin()) { 'title' => 'Userpage', 'description' => [ - 'The custom text that is displayed on your profile.' + 'The custom text that is displayed on your profile.', ], 'access' => (isset($currentUser->data['userData']['userPage']) && $currentUser->checkPermission('SITE', 'CHANGE_USERPAGE')) || $currentUser->checkPermission('SITE', 'CREATE_USERPAGE'), - 'menu' => true + 'menu' => true, - ] + ], - ] + ], ], 'account' => [ @@ -897,11 +810,11 @@ if(Users::checkLogin()) { 'title' => 'E-mail Address', 'description' => [ - 'You e-mail address is used for password recovery and stuff like that, we won\'t spam you ;).' + 'You e-mail address is used for password recovery and stuff like that, we won\'t spam you ;).', ], 'access' => $currentUser->checkPermission('SITE', 'CHANGE_EMAIL'), - 'menu' => true + 'menu' => true, ], 'username' => [ @@ -910,11 +823,11 @@ if(Users::checkLogin()) { 'description' => [ 'Probably the biggest part of your identity on a site.', - 'You can only change this once every 30 days so choose wisely.' + 'You can only change this once every 30 days so choose wisely.', ], 'access' => $currentUser->checkPermission('SITE', 'CHANGE_USERNAME'), - 'menu' => true + 'menu' => true, ], 'usertitle' => [ @@ -922,11 +835,11 @@ if(Users::checkLogin()) { 'title' => 'Username', 'description' => [ - 'That little piece of text displayed under your username on your profile.' + 'That little piece of text displayed under your username on your profile.', ], 'access' => $currentUser->checkPermission('SITE', 'CHANGE_USERTITLE'), - 'menu' => true + 'menu' => true, ], 'password' => [ @@ -934,11 +847,11 @@ if(Users::checkLogin()) { 'title' => 'Password', 'description' => [ - 'Used to authenticate with the site and certain related services.' + 'Used to authenticate with the site and certain related services.', ], 'access' => $currentUser->checkPermission('SITE', 'CHANGE_PASSWORD'), - 'menu' => true + 'menu' => true, ], 'ranks' => [ @@ -946,15 +859,15 @@ if(Users::checkLogin()) { 'title' => 'Ranks', 'description' => [ - 'Manage what ranks you\'re in and what is set as your main rank. Your main rank is highlighted. You get the permissions of all of the ranks you\'re in combined.' + 'Manage what ranks you\'re in and what is set as your main rank. Your main rank is highlighted. You get the permissions of all of the ranks you\'re in combined.', ], 'access' => $currentUser->checkPermission('SITE', 'ALTER_RANKS'), - 'menu' => true + 'menu' => true, - ] + ], - ] + ], ], 'advanced' => [ @@ -970,11 +883,11 @@ if(Users::checkLogin()) { 'Session keys are a way of identifying yourself with the system without keeping your password in memory.', 'If someone finds one of your session keys they could possibly compromise your account, if you see any sessions here that shouldn\'t be here hit the Kill button to kill the selected session.', - 'If you get logged out after clicking one you\'ve most likely killed your current session, to make it easier to avoid this from happening your current session is highlighted.' + 'If you get logged out after clicking one you\'ve most likely killed your current session, to make it easier to avoid this from happening your current session is highlighted.', ], 'access' => $currentUser->checkPermission('SITE', 'MANAGE_SESSIONS'), - 'menu' => true + 'menu' => true, ], 'registrationkeys' => [ @@ -983,11 +896,11 @@ if(Users::checkLogin()) { 'description' => [ 'Sometimes we activate the registration key system which means that users can only register using your "referer" keys, this means we can keep unwanted people from registering.', - 'Each user can generate 5 of these keys, bans and deactivates render these keys useless.' + 'Each user can generate 5 of these keys, bans and deactivates render these keys useless.', ], 'access' => $currentUser->checkPermission('SITE', 'CREATE_REGKEYS'), - 'menu' => true + 'menu' => true, ], 'deactivate' => [ @@ -995,42 +908,38 @@ if(Users::checkLogin()) { 'title' => 'Deactivate Account', 'description' => [ - 'You can deactivate your account here if you want to leave :(.' + 'You can deactivate your account here if you want to leave :(.', ], 'access' => $currentUser->checkPermission('SITE', 'DEACTIVATE_ACCOUNT'), - 'menu' => true + 'menu' => true, - ] + ], - ] + ], - ] + ], ]; // Current settings page - $category = isset($_GET['cat']) ? (array_key_exists($_GET['cat'], $pages) ? $_GET['cat'] : false) : array_keys($pages)[0]; - $mode = false; + $category = isset($_GET['cat']) ? (array_key_exists($_GET['cat'], $pages) ? $_GET['cat'] : false) : array_keys($pages)[0]; + $mode = false; // Only continue setting mode if $category is true - if($category) { - + if ($category) { $mode = isset($_GET['mode']) && $category ? (array_key_exists($_GET['mode'], $pages[$category]['modes']) ? $_GET['mode'] : false) : array_keys($pages[$category]['modes'])[0]; - } // Not found - if(!$category || empty($category) || !$mode || empty($mode) || !$pages[$category]['modes'][$mode]['access']) { - + if (!$category || empty($category) || !$mode || empty($mode) || !$pages[$category]['modes'][$mode]['access']) { header('HTTP/1.0 404 Not Found'); print Templates::render('global/notfound.tpl', $renderData); exit; - } // Render data - $renderData['current'] = $category .'.'. $mode; + $renderData['current'] = $category . '.' . $mode; // Settings pages $renderData['pages'] = $pages; @@ -1038,38 +947,36 @@ if(Users::checkLogin()) { // Page data $renderData['page'] = [ - 'category' => $pages[$category]['title'], - 'mode' => $pages[$category]['modes'][$mode]['title'], - 'currentPage' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0, - 'description' => $pages[$category]['modes'][$mode]['description'] + 'category' => $pages[$category]['title'], + 'mode' => $pages[$category]['modes'][$mode]['title'], + 'currentPage' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0, + 'description' => $pages[$category]['modes'][$mode]['description'], ]; - // Section specific - switch($category .'.'. $mode) { - + switch ($category . '.' . $mode) { // Profile case 'general.profile': $renderData['profile'] = [ - 'fields' => Users::getProfileFields(), - 'months' => [ + 'fields' => Users::getProfileFields(), + 'months' => [ - 1 => 'January', - 2 => 'February', - 3 => 'March', - 4 => 'April', - 5 => 'May', - 6 => 'June', - 7 => 'July', - 8 => 'August', - 9 => 'September', - 10 => 'October', - 11 => 'November', - 12 => 'December' + 1 => 'January', + 2 => 'February', + 3 => 'March', + 4 => 'April', + 5 => 'May', + 6 => 'June', + 7 => 'July', + 8 => 'August', + 9 => 'September', + 10 => 'October', + 11 => 'November', + 12 => 'December', - ] + ], ]; break; @@ -1078,7 +985,7 @@ if(Users::checkLogin()) { case 'general.options': $renderData['options'] = [ - 'fields' => Users::getOptionFields() + 'fields' => Users::getOptionFields(), ]; break; @@ -1108,29 +1015,24 @@ if(Users::checkLogin()) { case 'appearance.background': $renderData[$mode] = [ - 'max_width' => Configuration::getConfig($mode .'_max_width'), - 'max_height' => Configuration::getConfig($mode .'_max_height'), - 'min_width' => Configuration::getConfig($mode .'_min_width'), - 'min_height' => Configuration::getConfig($mode .'_min_height'), - 'max_size' => Configuration::getConfig($mode .'_max_fsize'), - 'max_size_view' => Main::getByteSymbol(Configuration::getConfig($mode .'_max_fsize')) + 'max_width' => Configuration::getConfig($mode . '_max_width'), + 'max_height' => Configuration::getConfig($mode . '_max_height'), + 'min_width' => Configuration::getConfig($mode . '_min_width'), + 'min_height' => Configuration::getConfig($mode . '_min_height'), + 'max_size' => Configuration::getConfig($mode . '_max_fsize'), + 'max_size_view' => Main::getByteSymbol(Configuration::getConfig($mode . '_max_fsize')), ]; break; // Profile case 'appearance.userpage': - break; - } // Print page contents print Templates::render('main/settings.tpl', $renderData); - } else { - // If not allowed print the restricted page print Templates::render('global/restricted.tpl', $renderData); - } diff --git a/public/support.php b/public/support.php index 5b1d179..8c55452 100644 --- a/public/support.php +++ b/public/support.php @@ -7,66 +7,49 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Switch between modes (we only allow this to be used by logged in user) -if(isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE', 'OBTAIN_PREMIUM', Session::$userId, 1)) { - +if (isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE', 'OBTAIN_PREMIUM', Session::$userId, 1)) { // Initialise Payments class - if(!Payments::init()) { - - header('Location: '. $urls->format('SITE_PREMIUM') .'?fail=true'); - + if (!Payments::init()) { + header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true'); } else { - - switch($_REQUEST['mode']) { - + switch ($_REQUEST['mode']) { // Create the purchase case 'purchase': - // Compare time and session so we know the link isn't forged - if(!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) { - - header('Location: '. $urls->format('SITE_PREMIUM') .'?fail=true'); + if (!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) { + header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true'); break; - } // Match session ids for the same reason - if(!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) { - - header('Location: '. $urls->format('SITE_PREMIUM') .'?fail=true'); + if (!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) { + header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true'); break; - } // Half if shit isn't gucci - if(!isset($_POST['months']) || !is_numeric($_POST['months']) || (int)$_POST['months'] < 1 || (int)$_POST['months'] > Configuration::getConfig('premium_amount_max')) { - - header('Location: '. $urls->format('SITE_PREMIUM') .'?fail=true'); - + if (!isset($_POST['months']) || !is_numeric($_POST['months']) || (int) $_POST['months'] < 1 || (int) $_POST['months'] > Configuration::getConfig('premium_amount_max')) { + header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true'); } else { - // Calculate the total - $total = (float)Configuration::getConfig('premium_price_per_month') * (int)$_POST['months']; + $total = (float) Configuration::getConfig('premium_price_per_month') * (int) $_POST['months']; $total = number_format($total, 2, '.', ''); // Generate item name - $itemName = Configuration::getConfig('sitename') .' Premium - '. (string)$_POST['months'] .' month'. ((int)$_POST['months'] == 1 ? '' : 's'); + $itemName = Configuration::getConfig('sitename') . ' Premium - ' . (string) $_POST['months'] . ' month' . ((int) $_POST['months'] == 1 ? '' : 's'); // Attempt to create a transaction - if($transaction = Payments::createTransaction($total, $itemName, Configuration::getConfig('sitename') .' Premium Purchase', 'http://'. Configuration::getConfig('url_main') . $urls->format('SITE_PREMIUM'))) { - + if ($transaction = Payments::createTransaction($total, $itemName, Configuration::getConfig('sitename') . ' Premium Purchase', 'http://' . Configuration::getConfig('url_main') . $urls->format('SITE_PREMIUM'))) { // Store the amount of months in the global session array - $_SESSION['premiumMonths'] = (int)$_POST['months']; + $_SESSION['premiumMonths'] = (int) $_POST['months']; - header('Location: '. $transaction); + header('Location: ' . $transaction); exit; - } else { - - header('Location: '. $urls->format('SITE_PREMIUM') .'?fail=true'); - + header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true'); } } @@ -75,32 +58,29 @@ if(isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE', // Finalising the purchase case 'finish': - // Check if the success GET request is set and is true - if(isset($_GET['success']) && isset($_GET['paymentId']) && isset($_GET['PayerID']) && isset($_SESSION['premiumMonths'])) { - + if (isset($_GET['success']) && isset($_GET['paymentId']) && isset($_GET['PayerID']) && isset($_SESSION['premiumMonths'])) { // Attempt to complete the transaction - try{ + try { $finalise = Payments::completeTransaction($_GET['paymentId'], $_GET['PayerID']); - } catch(Exception $e) {} + } catch (Exception $e) { + trigger_error('Something went horribly wrong.', E_USER_ERROR); + } // Attempt to complete the transaction - if($finalise) { - + if ($finalise) { // Make the user premium $expiration = Users::addUserPremium(Session::$userId, (2628000 * $_SESSION['premiumMonths'])); Users::updatePremiumMeta(Session::$userId); - Main::updatePremiumTracker(Session::$userId, ((float)Configuration::getConfig('premium_price_per_month') * $_SESSION['premiumMonths']), $currentUser->data['username'] .' bought premium for '. $_SESSION['premiumMonths'] .' month'. ($_SESSION['premiumMonths'] == 1 ? '' : 's') .'.'); + Main::updatePremiumTracker(Session::$userId, ((float) Configuration::getConfig('premium_price_per_month') * $_SESSION['premiumMonths']), $currentUser->data['username'] . ' bought premium for ' . $_SESSION['premiumMonths'] . ' month' . ($_SESSION['premiumMonths'] == 1 ? '' : 's') . '.'); // Redirect to the complete - header('Location: '. $urls->format('SITE_PREMIUM') .'?mode=complete'); + header('Location: ' . $urls->format('SITE_PREMIUM') . '?mode=complete'); exit; - } - } - header('Location: '. $urls->format('SITE_PREMIUM') .'?fail=true'); + header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true'); break; case 'complete': @@ -108,15 +88,15 @@ if(isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE', 'page' => [ - 'expiration' => ($prem = Users::checkUserPremium(Session::$userId)[2]) !== null ? $prem : 0 + 'expiration' => ($prem = Users::checkUserPremium(Session::$userId)[2]) !== null ? $prem : 0, - ] + ], - ], $renderData)); + ], $renderData)); break; default: - header('Location: '. $urls->format('SITE_PREMIUM')); + header('Location: ' . $urls->format('SITE_PREMIUM')); break; } @@ -128,28 +108,26 @@ if(isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE', } // Premium tracker -if(isset($_GET['tracker'])) { - +if (isset($_GET['tracker'])) { $renderData['page'] = [ - 'currentPage' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0, - 'premiumData' => ($_PREMIUM = Main::getPremiumTrackerData()), - 'premiumTable' => array_chunk($_PREMIUM['table'], 20, true) + 'currentPage' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0, + 'premiumData' => ($_PREMIUM = Main::getPremiumTrackerData()), + 'premiumTable' => array_chunk($_PREMIUM['table'], 20, true), ]; print Templates::render('main/supporttracker.tpl', $renderData); exit; - } // Set default variables $renderData['page'] = [ - 'fail' => isset($_GET['fail']), - 'price' => Configuration::getConfig('premium_price_per_month'), - 'current' => $currentUser->checkPremium(), - 'amount_max' => Configuration::getConfig('premium_amount_max') + 'fail' => isset($_GET['fail']), + 'price' => Configuration::getConfig('premium_price_per_month'), + 'current' => $currentUser->checkPremium(), + 'amount_max' => Configuration::getConfig('premium_amount_max'), ]; diff --git a/public/viewforum.php b/public/viewforum.php index 4d94eda..b4077b7 100644 --- a/public/viewforum.php +++ b/public/viewforum.php @@ -7,56 +7,52 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Get the forum's data $forum = Forum::getForum(isset($_GET['f']) ? $_GET['f'] : 0); // Check if the forum exists -if(!$forum) { - +if (!$forum) { // Set render data $renderData['page'] = [ - 'title' => 'Information', - 'message' => 'The subforum you tried to access does not exist.' + 'title' => 'Information', + 'message' => 'The subforum you tried to access does not exist.', ]; // Print template print Templates::render('global/information.tpl', $renderData); exit; - } // Check if the forum isn't a link -if($forum['forum']['forum_type'] === 2) { - +if ($forum['forum']['forum_type'] === 2) { // Set render data $renderData['page'] = [ - 'title' => 'Information', - 'message' => 'The forum you tried to access is a link. You\'re being redirected.', - 'redirect' => $forum['forum']['forum_link'] + 'title' => 'Information', + 'message' => 'The forum you tried to access is a link. You\'re being redirected.', + 'redirect' => $forum['forum']['forum_link'], ]; // Print template print Templates::render('global/information.tpl', $renderData); exit; - } $renderData['board'] = [ 'forums' => [ - $forum + $forum, ], 'topics' => Forum::getTopics($forum['forum']['forum_id']), 'viewforum' => true, - 'viewtopic' => false + 'viewtopic' => false, ]; diff --git a/public/viewtopic.php b/public/viewtopic.php index b5efe04..790db19 100644 --- a/public/viewtopic.php +++ b/public/viewtopic.php @@ -7,25 +7,23 @@ namespace Sakura; // Include components -require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php'; +require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php'; // Attempt to get a topic $topic = Forum::getTopic(isset($_GET['p']) ? Forum::getTopicIdFromPostId($_GET['p']) : (isset($_GET['t']) ? $_GET['t'] : 0)); // Check if the forum exists -if(!$topic) { - +if (!$topic) { // Set render data $renderData['page'] = [ - 'message' => 'The topic you tried to access does not exist.' + 'message' => 'The topic you tried to access does not exist.', ]; // Print template print Templates::render('global/information.tpl', $renderData); exit; - } // Set additional render data @@ -36,7 +34,7 @@ $renderData = array_merge($renderData, $topic, [ 'viewforum' => false, 'viewtopic' => true, - ] + ], ]);