flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

further updates to indenting

Browse source
This commit is contained in:
flash 2015-09-14 23:41:43 +02:00
parent 26572dbd71
commit 415a8d642e
20 changed files with 688 additions and 307 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
_sakura/components/Configuration.php
View file

@ -28,7 +28,11 @@ class Configuration
self::$local = $local;
} else {
// Otherwise trigger an error
trigger_error('Failed to load local configuration file, check the structure of the file to see if you made mistake somewhere', E_USER_ERROR);
trigger_error(
'Failed to load local configuration file,' .
' check the structure of the file to see if you made mistake somewhere',
E_USER_ERROR
);
}
}
@ -73,7 +77,10 @@ class Configuration
}
// If it doesn't exist trigger an error to avoid explosions
trigger_error('Unable to get local configuration value "' . $key . '"', E_USER_ERROR);
trigger_error(
'Unable to get local configuration value "' . $key . '"',
E_USER_ERROR
);
}
@ -111,7 +118,10 @@ class Configuration
}
// Then return the value
trigger_error('Unable to get configuration value "' . $key . '"', E_USER_ERROR);
trigger_error(
'Unable to get configuration value "' . $key . '"',
E_USER_ERROR
);
}
}

27
_sakura/components/Forum.php
View file

@ -44,12 +44,14 @@ class Forum
$return[$forum['forum_category']]['forums'][$forum['forum_id']] = $forum;
// Get the topic count
$return[$forum['forum_category']]['forums'][$forum['forum_id']]['topic_count'] = Database::count('topics', [
$return[$forum['forum_category']]['forums'][$forum['forum_id']]['topic_count'] =
Database::count('topics', [
'forum_id' => [$forum['forum_id'], '='],
])[0];
// Get the post count
$return[$forum['forum_category']]['forums'][$forum['forum_id']]['post_count'] = Database::count('posts', [
$return[$forum['forum_category']]['forums'][$forum['forum_id']]['post_count'] =
Database::count('posts', [
'forum_id' => [$forum['forum_id'], '='],
])[0];
@ -264,7 +266,12 @@ class Forum
'is_online' => Users::checkUserOnline($_POSTER['id']),
'is_friend' => Users::checkFriend($_POSTER['id']),
'parsed_post' => self::parseMarkUp($post['post_text'], $post['parse_mode'], $post['enable_emotes']),
'signature' => empty($_POSTER['userData']['signature']) ? '' : self::parseMarkUp($_POSTER['userData']['signature']['text'], $_POSTER['userData']['signature']['mode']),
'signature' => empty($_POSTER['userData']['signature']) ?
'' :
self::parseMarkUp(
$_POSTER['userData']['signature']['text'],
$_POSTER['userData']['signature']['mode']
),
]);
// Just in case
@ -328,8 +335,18 @@ class Forum
// Collect the stats
return [
'posts' => Database::count('posts', ['poster_id' => [$uid, '=']])[0],
'topics' => count(Database::fetch('posts', true, ['poster_id' => [$uid, '=']], ['post_time'], null, ['topic_id'])),
'posts' => Database::count(
'posts',
['poster_id' => [$uid, '=']]
)[0],
'topics' => Database::count(
'posts',
true,
['poster_id' => [$uid, '=']],
['post_time'],
null,
['topic_id']
)[0],
];
}

55
_sakura/components/Hashing.php
View file

@ -34,43 +34,36 @@ namespace Sakura;
class Hashing
{
// These variables can be changed without break the existing hashes
private static $_PBKDF2_HASH_ALGORITHM = 'sha256';
private static $_PBKDF2_ITERATIONS = 1000;
private static $_PBKDF2_SALT_BYTES = 24;
private static $_PBKDF2_HASH_BYTES = 24;
// Changing these will break them though
private static $_HASH_ALGORITHM_INDEX = 0;
private static $_HASH_ITERATION_INDEX = 1;
private static $_HASH_SALT_INDEX = 2;
private static $_HASH_PBKDF2_INDEX = 3;
private static $_HASH_SECTIONS = 4;
private static $hashAlgorithm = 'sha256';
private static $iterations = 1000;
private static $saltBytes = 24;
private static $hashBytes = 24;
// Returns an array formatted like: [algorithm, iterations, salt, hash]
public static function create_hash($pass)
public static function createHash($pass)
{
$salt = base64_encode(
\mcrypt_create_iv(
self::$_PBKDF2_SALT_BYTES,
self::$saltBytes,
MCRYPT_DEV_URANDOM
)
);
$hash = base64_encode(
self::pbkdf2(
self::$_PBKDF2_HASH_ALGORITHM,
self::$hashAlgorithm,
$pass,
$salt,
self::$_PBKDF2_ITERATIONS,
self::$_PBKDF2_HASH_BYTES,
self::$iterations,
self::$hashBytes,
true
)
);
$passwordData = array(
self::$_PBKDF2_HASH_ALGORITHM,
self::$_PBKDF2_ITERATIONS,
self::$hashAlgorithm,
self::$iterations,
$salt,
$hash,
);
@ -80,22 +73,22 @@ class Hashing
}
// Validates hashed password
public static function validate_password($password, $params)
public static function validatePassword($password, $params)
{
if (count($params) < self::$_HASH_SECTIONS) {
if (count($params) < 4) {
return false;
}
$pbkdf2 = base64_decode($params[self::$_HASH_PBKDF2_INDEX]);
$pbkdf2 = base64_decode($params[3]);
$validate = self::slow_equals(
$validate = self::slowEquals(
$pbkdf2,
$dick = self::pbkdf2(
$params[self::$_HASH_ALGORITHM_INDEX],
$params[0],
$password,
$params[self::$_HASH_SALT_INDEX],
(int) $params[self::$_HASH_ITERATION_INDEX],
$params[2],
(int) $params[1],
strlen($pbkdf2),
true
)
@ -106,7 +99,7 @@ class Hashing
}
// Compares two strings $a and $b in length-constant time.
public static function slow_equals($a, $b)
public static function slowEquals($a, $b)
{
$diff = strlen($a) ^ strlen($b);
@ -141,11 +134,17 @@ class Hashing
$algorithm = strtolower($algorithm);
if (!in_array($algorithm, hash_algos(), true)) {
trigger_error('PBKDF2 ERROR: Invalid hash algorithm.', E_USER_ERROR);
trigger_error(
'PBKDF2 ERROR: Invalid hash algorithm.',
E_USER_ERROR
);
}
if ($count <= 0 || $key_length <= 0) {
trigger_error('PBKDF2 ERROR: Invalid parameters.', E_USER_ERROR);
trigger_error(
'PBKDF2 ERROR: Invalid parameters.',
E_USER_ERROR
);
}
if (function_exists('hash_pbkdf2')) {

71
_sakura/components/Main.php
View file

@ -86,7 +86,11 @@ class Main
// Do the replacements
foreach ($emotes as $emote) {
$text = str_replace($emote['emote_string'], '<img src="' . $emote['emote_path'] . '" class="emoticon" alt="' . $emote['emote_string'] . '" />', $text);
$text = str_replace(
$emote['emote_string'],
'<img src="' . $emote['emote_path'] . '" class="emoticon" alt="' . $emote['emote_string'] . '" />',
$text
);
}
// Return the parsed text
@ -99,7 +103,12 @@ class Main
{
// Attempt to get the response
$resp = @file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=' . Configuration::getConfig('recaptcha_private') . '&response=' . $response);
$resp = @file_get_contents(
'https://www.google.com/recaptcha/api/siteverify?secret='
. Configuration::getConfig('recaptcha_private')
. '&response='
. $response
);
// In the highly unlikely case that it failed to get anything forge a false
if (!$resp) {
@ -128,7 +137,12 @@ class Main
$backtrace = base64_encode(json_encode(debug_backtrace()));
// Check if this error has already been logged in the past
if ($past = Database::fetch('error_log', false, ['backtrace' => [$backtrace, '=', true], 'error_string' => [$errstr, '=']])) {
if ($past = Database::fetch(
'error_log',
false,
['backtrace' => [$backtrace, '=', true],
'error_string' => [$errstr, '=']]
)) {
// If so assign the errid
$errid = $past['id'];
} else {
@ -169,7 +183,8 @@ class Main
break;
default:
$error = '<b>Unknown error type</b> [' . $errno . ']: ' . $errstr . ' on line ' . $errline . ' in ' . $errfile;
$error = '<b>Unknown error type</b> [' . $errno . ']: ' . $errstr . ' on line ' . $errline
. ' in ' . $errfile;
}
// Truncate all previous outputs
@ -183,13 +198,18 @@ class Main
<meta charset="utf-8" />
<title>Sakura Internal Error</title>
<style type="text/css">
body { margin: 0; padding: 0; background: #EEE; color: #000; font: 12px/20px Verdana, Arial, Helvetica, sans-serif; }
h1, h2 { font-weight: 100; background: #CAA; padding: 8px 5px 10px; margin: 0; font-style: italic; font-family: serif; }
body { margin: 0; padding: 0; background: #EEE; color: #000;
font: 12px/20px Verdana, Arial, Helvetica, sans-serif; }
h1, h2 { font-weight: 100; background: #CAA; padding: 8px 5px 10px;
margin: 0; font-style: italic; font-family: serif; }
h1 { border-radius: 8px 8px 0 0; }
h2 { margin: 0 -10px; }
.container { border: 1px solid #CAA; margin: 10px auto; background: #FFF; box-shadow: 2px 2px 1em #888; max-width: 1024px; border-radius: 10px; }
.container { border: 1px solid #CAA; margin: 10px auto; background: #FFF;
box-shadow: 2px 2px 1em #888; max-width: 1024px; border-radius: 10px; }
.container .inner { padding: 0px 10px; }
.container .inner .error { background: #555; color: #EEE; border-left: 5px solid #C22; padding: 4px 6px; text-shadow: 0px 1px 1px #888; white-space: pre-wrap; word-wrap: break-word; margin: 12px 0; border-radius: 5px; box-shadow: inset 0 0 1em #333; }
.container .inner .error { background: #555; color: #EEE; border-left: 5px solid #C22;
padding: 4px 6px; text-shadow: 0px 1px 1px #888; white-space: pre-wrap;
word-wrap: break-word; margin: 12px 0; border-radius: 5px; box-shadow: inset 0 0 1em #333; }
.container .footer { border-top: 1px solid #CAA; font-size: x-small; padding: 0px 5px 1px; }
a { color: #77E; text-decoration: none; }
a:hover { text-decoration: underline; }
@ -204,9 +224,13 @@ class Main
if (isset($errid)) {
$errorPage .= '<p>The error and surrounding data has been logged.</p>
<h2>' . (SAKURA_STABLE ? 'Report the following text to a staff member' : 'Logged as') . '</h2><pre class="error">' . $errid . '</pre>';
<h2>' . (SAKURA_STABLE ? 'Report the following text to a staff member' : 'Logged as') . '</h2>
<pre class="error">' . $errid . '</pre>';
} else {
$errorPage .= '<p>Sakura was not able to log this error which could mean that there was an error with the database connection. If you\'re the system administrator check the database credentials and make sure the server is running and if you\'re not please let the system administrator know about this error if it occurs again.</p>';
$errorPage .= '<p>Sakura was not able to log this error which could mean that there was an error
with the database connection. If you\'re the system administrator check the database credentials
and make sure the server is running and if you\'re not please let the system administrator
know about this error if it occurs again.</p>';
}
if (!SAKURA_STABLE) {
@ -218,7 +242,15 @@ class Main
$errorPage .= '<h3>#' . $num . '</h3><pre class="error">';
foreach ($trace as $key => $val) {
$errorPage .= str_pad('[' . $key . ']', 12) . '=> ' . (is_array($val) || is_object($val) ? json_encode($val) : $val) . "\r\n";
$errorPage .=
str_pad(
'[' . $key . ']',
12
) . '=> ' . (
is_array($val) || is_object($val) ?
json_encode($val) :
$val
) . "\r\n";
}
$errorPage .= '</pre>';
@ -306,9 +338,7 @@ class Main
// If we got an error return the error
if (!$send) {
return $mail->ErrorInfo;
}
// Else just return whatever
@ -463,7 +493,9 @@ class Main
{
// Get CloudFlare Subnet list
$cfhosts = file_get_contents(ROOT . '_sakura/' . Configuration::getLocalConfig('data', 'cfipv' . (self::ipVersion($ip))));
$cfhosts = file_get_contents(
ROOT . '_sakura/' . Configuration::getLocalConfig('data', 'cfipv' . (self::ipVersion($ip)))
);
// Replace \r\n with \n
$cfhosts = str_replace("\r\n", "\n", $cfhosts);
@ -600,7 +632,14 @@ class Main
{
// Parse JSON file
$iso3166 = json_decode(utf8_encode(file_get_contents(ROOT . '_sakura/' . Configuration::getLocalConfig('data', 'iso3166'))), true);
$iso3166 = json_decode(
utf8_encode(
file_get_contents(
ROOT . '_sakura/' . Configuration::getLocalConfig('data', 'iso3166')
)
),
true
);
// Check if key exists
if (array_key_exists($code, $iso3166)) {
@ -830,9 +869,7 @@ class Main
// Add userdata to table
if (!array_key_exists($row['uid'], $data['users'])) {
$data['users'][$row['uid']] = new User($row['uid']);
}
}

2
_sakura/components/Payments.php
View file

@ -82,7 +82,7 @@ class Payments
// Create transaction
$trans = new Transaction();
// Set transaction data (aka shit we already set but whatever who cares we need to set it again 500 times over again anyway, YAY TECHNOLOGY!)
// Set transaction data
$trans->setAmount($amount)
->setItemList($list)
->setDescription($transDescription)

14
_sakura/components/Sessions.php
View file

@ -20,9 +20,17 @@ class Session
session_start();
}
// Assign user and session IDs
self::$userId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'id']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') . 'id'] : 0;
self::$sessionId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'session']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') . 'session'] : '';
// Assign user ID
self::$userId =
isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'id']) ?
$_COOKIE[Configuration::getConfig('cookie_prefix') . 'id'] :
0;
// Assign session ID
self::$sessionId =
isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'session']) ?
$_COOKIE[Configuration::getConfig('cookie_prefix') . 'session'] :
'';
}

255
_sakura/components/Urls.php
View file

@ -11,71 +11,224 @@ class Urls
protected $urls = [
// General site sections
'SITE_HOME' => ['/', '/'],
'SITE_NEWS' => ['/news.php', '/news'],
'SITE_NEWS_PAGE' => ['/news.php?page=%u', '/news/p%u'],
'SITE_NEWS_POST' => ['/news.php?id=%u', '/news/%u'],
'SITE_NEWS_RSS' => ['/news.php?xml=true', '/news.xml'],
'SITE_SEARCH' => ['/search.php', '/search'],
'SITE_PREMIUM' => ['/support.php', '/support'],
'SITE_DONATE_TRACK' => ['/support.php?tracker=true', '/support/tracker'],
'SITE_DONATE_TRACK_PAGE' => ['/support.php?tracker=true&page=%u', '/support/tracker/%u'],
'SITE_FAQ' => ['/faq.php', '/faq'],
'SITE_LOGIN' => ['/authenticate.php', '/login'],
'SITE_LOGOUT' => ['/authenticate.php', '/logout'],
'SITE_REGISTER' => ['/authenticate.php', '/register'],
'SITE_FORGOT_PASSWORD' => ['/authenticate.php', '/forgotpassword'],
'SITE_ACTIVATE' => ['/authenticate.php', '/activate'],
'CHANGELOG' => ['/changelog.php', '/changelog'],
'INFO_PAGE' => ['/index.php?p=%s', '/p/%s'],
'AUTH_ACTION' => ['/authenticate.php', '/authenticate'],
'SITE_HOME' => [
'/',
'/',
],
'SITE_NEWS' => [
'/news.php',
'/news',
],
'SITE_NEWS_PAGE' => [
'/news.php?page=%u',
'/news/p%u',
],
'SITE_NEWS_POST' => [
'/news.php?id=%u',
'/news/%u',
],
'SITE_NEWS_RSS' => [
'/news.php?xml=true',
'/news.xml',
],
'SITE_SEARCH' => [
'/search.php',
'/search',
],
'SITE_PREMIUM' => [
'/support.php',
'/support',
],
'SITE_DONATE_TRACK' => [
'/support.php?tracker=true',
'/support/tracker',
],
'SITE_DONATE_TRACK_PAGE' => [
'/support.php?tracker=true&page=%u',
'/support/tracker/%u',
],
'SITE_FAQ' => [
'/faq.php',
'/faq',
],
'SITE_LOGIN' => [
'/authenticate.php',
'/login',
],
'SITE_LOGOUT' => [
'/authenticate.php',
'/logout',
],
'SITE_REGISTER' => [
'/authenticate.php',
'/register',
],
'SITE_FORGOT_PASSWORD' => [
'/authenticate.php',
'/forgotpassword',
],
'SITE_ACTIVATE' => [
'/authenticate.php',
'/activate',
],
'CHANGELOG' => [
'/changelog.php',
'/changelog',
],
'INFO_PAGE' => [
'/index.php?p=%s',
'/p/%s',
],
'AUTH_ACTION' => [
'/authenticate.php',
'/authenticate',
],
// Memberlist
'MEMBERLIST_INDEX' => ['/members.php', '/members'],
'MEMBERLIST_SORT' => ['/members.php?sort=%s', '/members/%s'],
'MEMBERLIST_RANK' => ['/members.php?rank=%u', '/members/%u'],
'MEMBERLIST_PAGE' => ['/members.php?page=%u', '/members/p%u'],
'MEMBERLIST_SORT_RANK' => ['/members.php?sort=%s&rank=%u', '/members/%s/%u'],
'MEMBERLIST_RANK_PAGE' => ['/members.php?rank=%u&page=%u', '/members/%u/p%u'],
'MEMBERLIST_SORT_PAGE' => ['/members.php?sort=%s&page=%u', '/members/%s/p%u'],
'MEMBERLIST_ALL' => ['/members.php?sort=%s&rank=%u&page=%u', '/members/%s/%u/p%u'],
'MEMBERLIST_INDEX' => [
'/members.php',
'/members',
],
'MEMBERLIST_SORT' => [
'/members.php?sort=%s',
'/members/%s',
],
'MEMBERLIST_RANK' => [
'/members.php?rank=%u',
'/members/%u',
],
'MEMBERLIST_PAGE' => [
'/members.php?page=%u',
'/members/p%u',
],
'MEMBERLIST_SORT_RANK' => [
'/members.php?sort=%s&rank=%u',
'/members/%s/%u',
],
'MEMBERLIST_RANK_PAGE' => [
'/members.php?rank=%u&page=%u',
'/members/%u/p%u',
],
'MEMBERLIST_SORT_PAGE' => [
'/members.php?sort=%s&page=%u',
'/members/%s/p%u',
],
'MEMBERLIST_ALL' => [
'/members.php?sort=%s&rank=%u&page=%u',
'/members/%s/%u/p%u',
],
// Forums
'FORUM_INDEX' => ['/index.php?forum=true', '/forum'],
'FORUM_SUB' => ['/viewforum.php?f=%u', '/forum/%u'],
'FORUM_THREAD' => ['/viewtopic.php?t=%u', '/forum/thread/%u'],
'FORUM_POST' => ['/viewtopic.php?p=%u', '/forum/post/%u'],
'FORUM_REPLY' => ['/posting.php?t=%u', '/forum/thread/%u/reply'],
'FORUM_NEW_THREAD' => ['/posting.php?f=%u', '/forum/%u/new'],
'FORUM_EDIT_POST' => ['/posting.php?p=%1$u&edit=%1$u', '/forum/post/%u/edit'],
'FORUM_DELETE_POST' => ['/posting.php?p=%1$u&delete=%1$u', '/forum/post/%u/delete'],
'FORUM_QUOTE_POST' => ['/posting.php?p=%1$u&quote=%1$u', '/forum/post/%u/quote'],
'FORUM_INDEX' => [
'/index.php?forum=true',
'/forum',
],
'FORUM_SUB' => [
'/viewforum.php?f=%u',
'/forum/%u',
],
'FORUM_THREAD' => [
'/viewtopic.php?t=%u',
'/forum/thread/%u',
],
'FORUM_POST' => [
'/viewtopic.php?p=%u',
'/forum/post/%u',
],
'FORUM_REPLY' => [
'/posting.php?t=%u',
'/forum/thread/%u/reply',
],
'FORUM_NEW_THREAD' => [
'/posting.php?f=%u',
'/forum/%u/new',
],
'FORUM_EDIT_POST' => [
'/posting.php?p=%1$u&edit=%1$u',
'/forum/post/%u/edit',
],
'FORUM_DELETE_POST' => [
'/posting.php?p=%1$u&delete=%1$u',
'/forum/post/%u/delete',
],
'FORUM_QUOTE_POST' => [
'/posting.php?p=%1$u&quote=%1$u',
'/forum/post/%u/quote',
],
// Image serve references
'IMAGE_AVATAR' => ['/imageserve.php?m=avatar&u=%u', '/a/%u'],
'IMAGE_BACKGROUND' => ['/imageserve.php?m=background&u=%u', '/bg/%u'],
'IMAGE_HEADER' => ['/imageserve.php?m=header&u=%u', '/u/%u/header'],
'IMAGE_AVATAR' => [
'/imageserve.php?m=avatar&u=%u',
'/a/%u',
],
'IMAGE_BACKGROUND' => [
'/imageserve.php?m=background&u=%u',
'/bg/%u',
],
'IMAGE_HEADER' => [
'/imageserve.php?m=header&u=%u',
'/u/%u/header',
],
// User actions
'USER_LOGOUT' => ['/authenticate.php?mode=logout&time=%u&session=%s&redirect=%s', '/logout?mode=logout&time=%u&session=%s&redirect=%s'],
'USER_REPORT' => ['/report.php?mode=user&u=%u', '/u/%u/report'],
'USER_PROFILE' => ['/profile.php?u=%s', '/u/%s'],
'USER_GROUP' => ['/group.php?g=%u', '/g/%u'],
'USER_LOGOUT' => [
'/authenticate.php?mode=logout&time=%u&session=%s&redirect=%s',
'/logout?mode=logout&time=%u&session=%s&redirect=%s',
],
'USER_REPORT' => [
'/report.php?mode=user&u=%u',
'/u/%u/report',
],
'USER_PROFILE' => [
'/profile.php?u=%s',
'/u/%s',
],
'USER_GROUP' => [
'/group.php?g=%u',
'/g/%u',
],
// Settings urls
'SETTINGS_INDEX' => ['/settings.php', '/settings'],
'SETTING_CAT' => ['/settings.php?cat=%s', '/settings/%s'],
'SETTING_MODE' => ['/settings.php?cat=%s&mode=%s', '/settings/%s/%s'],
'SETTINGS_INDEX' => [
'/settings.php',
'/settings',
],
'SETTING_CAT' => [
'/settings.php?cat=%s',
'/settings/%s',
],
'SETTING_MODE' => [
'/settings.php?cat=%s&mode=%s',
'/settings/%s/%s',
],
// Friend Actions
'FRIEND_ACTION' => ['/settings.php?friend-action=true', '/friends'],
'FRIEND_ADD' => ['/settings.php?friend-action=true&add=%u&session=%s&time=%u&redirect=%s', '/friends?add=%u&session=%s&time=%u&redirect=%s'],
'FRIEND_REMOVE' => ['/settings.php?friend-action=true&remove=%u&session=%s&time=%u&redirect=%s', '/friends?remove=%u&session=%s&time=%u&redirect=%s'],
'FRIEND_ACTION' => [
'/settings.php?friend-action=true',
'/friends',
],
'FRIEND_ADD' => [
'/settings.php?friend-action=true&add=%u&session=%s&time=%u&redirect=%s',
'/friends?add=%u&session=%s&time=%u&redirect=%s',
],
'FRIEND_REMOVE' => [
'/settings.php?friend-action=true&remove=%u&session=%s&time=%u&redirect=%s',
'/friends?remove=%u&session=%s&time=%u&redirect=%s',
],
// Manage urls
'MANAGE_INDEX' => ['/manage.php', '/manage'],
'MANAGE_CAT' => ['/manage.php?cat=%s', '/manage/%s'],
'MANAGE_MODE' => ['/manage.php?cat=%s&mode=%s', '/manage/%s/%s'],
'MANAGE_INDEX' => [
'/manage.php',
'/manage',
],
'MANAGE_CAT' => [
'/manage.php?cat=%s',
'/manage/%s',
],
'MANAGE_MODE' => [
'/manage.php?cat=%s&mode=%s',
'/manage/%s/%s',
],
];

29
_sakura/components/User.php
View file

@ -17,11 +17,24 @@ class User
{
// Get the user database row
$this->data = Database::fetch('users', false, ['id' => [$uid, '=', true], 'username_clean' => [Main::cleanString($uid, true), '=', true]]);
$this->data = Database::fetch(
'users',
false,
[
'id' => [$uid, '=', true],
'username_clean' => [Main::cleanString($uid, true), '=', true],
]
);
// Check if anything like the username exists
if (empty($this->data)) {
$this->data = Database::fetch('users', false, ['username_clean' => ['%' . Main::cleanString($uid, true) . '%', 'LIKE']]);
$this->data = Database::fetch(
'users',
false,
[
'username_clean' => ['%' . Main::cleanString($uid, true) . '%', 'LIKE'],
]
);
}
// Check if the user actually exists
@ -49,7 +62,11 @@ class User
}
// Assign the user's main rank to a special variable since we'll use it a lot
$this->mainRank = $this->ranks[array_key_exists($this->data['rank_main'], $this->ranks) ? $this->data['rank_main'] : array_keys($this->ranks)[0]];
$this->mainRank = $this->ranks[
array_key_exists($this->data['rank_main'], $this->ranks) ?
$this->data['rank_main'] :
array_keys($this->ranks)[0]
];
}
@ -204,7 +221,11 @@ class User
// If the field is set to be a link add a value for that as well
if ($field['islink']) {
$profile[$fieldName]['link'] = str_replace('{{ VAL }}', $this->data['userData']['profileFields'][$fieldName], $field['linkformat']);
$profile[$fieldName]['link'] = str_replace(
'{{ VAL }}',
$this->data['userData']['profileFields'][$fieldName],
$field['linkformat']
);
}
// Check if we have additional options as well

211
_sakura/components/Users.php
View file

@ -61,7 +61,8 @@ class Users
// Check if cookie bypass is false
if (!$bypassCookies) {
// Check if the cookies are set
if (!isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'id']) || !isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'session'])) {
if (!isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'id']) ||
!isset($_COOKIE[Configuration::getConfig('cookie_prefix') . 'session'])) {
return false;
}
}
@ -78,8 +79,23 @@ class Users
// Extend the cookie times if the remember flag is set
if ($session == 2 && !$bypassCookies) {
setcookie(Configuration::getConfig('cookie_prefix') . 'id', $uid, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
setcookie(Configuration::getConfig('cookie_prefix') . 'session', $sid, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
// User ID cookie
setcookie(
Configuration::getConfig('cookie_prefix') . 'id',
$uid,
time() + 604800,
Configuration::getConfig('cookie_path'),
Configuration::getConfig('cookie_domain')
);
// Session ID cookie
setcookie(
Configuration::getConfig('cookie_prefix') . 'session',
$sid,
time() + 604800,
Configuration::getConfig('cookie_path'),
Configuration::getConfig('cookie_domain')
);
}
// Update last online
@ -125,7 +141,7 @@ class Users
// Default hashing method
default:
if (!Hashing::validate_password($password, [
if (!Hashing::validatePassword($password, [
$user['password_algo'],
$user['password_iter'],
$user['password_salt'],
@ -146,8 +162,23 @@ class Users
// Set cookies
if ($cookies) {
setcookie(Configuration::getConfig('cookie_prefix') . 'id', $user['id'], time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
setcookie(Configuration::getConfig('cookie_prefix') . 'session', $sessionKey, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
// User ID cookie
setcookie(
Configuration::getConfig('cookie_prefix') . 'id',
$user['id'],
time() + 604800,
Configuration::getConfig('cookie_path'),
Configuration::getConfig('cookie_domain')
);
// Session ID cookie
setcookie(
Configuration::getConfig('cookie_prefix') . 'session',
$sessionKey,
time() + 604800,
Configuration::getConfig('cookie_path'),
Configuration::getConfig('cookie_domain')
);
}
// Successful login! (also has a thing for the legacy password system)
@ -170,8 +201,23 @@ class Users
}
// Set cookies
setcookie(Configuration::getConfig('cookie_prefix') . 'id', 0, time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
setcookie(Configuration::getConfig('cookie_prefix') . 'session', '', time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
// User ID
setcookie(
Configuration::getConfig('cookie_prefix') . 'id',
0,
time() - 60,
Configuration::getConfig('cookie_path'),
Configuration::getConfig('cookie_domain')
);
// Session ID
setcookie(
Configuration::getConfig('cookie_prefix') . 'session',
'',
time() - 60,
Configuration::getConfig('cookie_path'),
Configuration::getConfig('cookie_domain')
);
// Return true indicating a successful logout
return true;
@ -250,7 +296,7 @@ class Users
// Set a few variables
$usernameClean = Main::cleanString($username, true);
$emailClean = Main::cleanString($email, true);
$password = Hashing::create_hash($password);
$password = Hashing::createHash($password);
$requireActive = Configuration::getConfig('require_activation');
$userRank = $requireActive ? [1] : [2];
$userRankJson = json_encode($userRank);
@ -381,7 +427,7 @@ class Users
}
// Hash the password
$password = Hashing::create_hash($newpass);
$password = Hashing::createHash($newpass);
$time = time();
// Update the user
@ -478,7 +524,13 @@ class Users
$message .= "--\r\n\r\nThanks\r\n\r\n" . Configuration::getConfig('mail_signature');
// Send the message
Main::sendMail([$user['email'] => $user['username']], Configuration::getConfig('sitename') . ' Activation Mail', $message);
Main::sendMail(
[
$user['email'] => $user['username'],
],
Configuration::getConfig('sitename') . ' Activation Mail',
$message
);
// Return true indicating that the things have been sent
return true;
@ -506,7 +558,8 @@ class Users
$rank = 2;
$ranks = json_encode([2]);
// Check if a key is set (there's an option to not set one for user management reasons but you can't really get around this anyway)
/* Check if a key is set (there's an option to not set one for user
management reasons but you can't really get around this anyway) */
if ($requireKey) {
// Check the action code
$action = Main::useActionCode('ACTIVATE', $key, $uid);
@ -547,16 +600,12 @@ class Users
// Check if user exists
if (!count($user) > 1) {
return [0, 'USER_NOT_EXIST'];
}
// Check if user is already deactivated
if (Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) {
return [0, 'USER_ALREADY_DEACTIVE'];
}
// Deactivate the account
@ -593,9 +642,7 @@ class Users
// Check if the code exists
if (!$id = self::checkRegistrationCode($code)) {
return false;
}
// Mark it as used
@ -620,16 +667,16 @@ class Users
// Check if we're logged in
if (!self::checkLogin()) {
return false;
}
// Check if the user is not exceeding the maximum registration key amount
if (count(Database::fetch('regcodes', true, ['uid' => [Session::$userId, '=']])) >= Configuration::getConfig('max_reg_keys')) {
if (Database::count(
'regcodes',
true,
['uid' => [Session::$userId, '=']]
)[0] >= Configuration::getConfig('max_reg_keys')) {
return false;
}
// Generate a code by MD5'ing some random bullshit
@ -660,9 +707,7 @@ class Users
// Check if the rank we're trying to set is actually there
if (!in_array($rid, $ranks)) {
return false;
}
// Update the row
@ -692,12 +737,10 @@ class Users
// Go over all the new ranks
foreach ($ranks as $rank) {
// Check if the user already has this rank and set it if not
if (!in_array($rank, $current)) {
$current[] = (int) $rank;
}
}
// Encode the array
@ -730,12 +773,10 @@ class Users
// Check the current ranks for ranks in the set array
foreach ($current as $key => $rank) {
// Unset the rank
if (in_array($rank, $ranks)) {
unset($current[$key]);
}
}
// Encode the array
@ -765,9 +806,7 @@ class Users
// Check if the main rank is the specified rank
if (in_array($user['rank_main'], $ranks)) {
return true;
}
// Decode the json for the user's ranks
@ -775,12 +814,10 @@ class Users
// If not go over all ranks and check if the user has them
foreach ($ranks as $rank) {
// We check if $rank is in $user['ranks'] and if yes return true
if (in_array($rank, $uRanks)) {
return true;
}
}
// If all fails return false
@ -812,9 +849,7 @@ class Users
// If there's nothing just return null
if (!count($profileFields)) {
return null;
}
// Create output array
@ -822,11 +857,9 @@ class Users
// Iterate over the fields and clean them up
foreach ($profileFields as $field) {
$fields[$field['id']] = $field;
$fields[$field['id']]['ident'] = Main::cleanString($field['name'], true, true);
$fields[$field['id']]['addit'] = json_decode($field['additional'], true);
}
// Return the yeahs
@ -843,9 +876,7 @@ class Users
// If there's nothing just return null
if (!count($optionFields)) {
return null;
}
// Create output array
@ -853,15 +884,11 @@ class Users
// Iterate over the fields and clean them up
foreach ($optionFields as $field) {
if (!Permissions::check('SITE', $field['require_perm'], Session::$userId, 1)) {
continue;
}
$fields[$field['id']] = $field;
}
// Return the yeahs
@ -878,9 +905,7 @@ class Users
// If there's nothing just return null
if (!count($profileFields)) {
return null;
}
// Assign the profileData variable
@ -888,9 +913,7 @@ class Users
// Once again if nothing was returned just return null
if (count($profileData) < 1 || $profileData == null || empty($profileData['profileFields'])) {
return null;
}
// Redeclare profileData
@ -901,15 +924,12 @@ class Users
// Check if profile fields aren't fake
foreach ($profileFields as $field) {
// Completely strip all special characters from the field name
$fieldName = Main::cleanString($field['name'], true, true);
// Check if the user has the current field set otherwise continue
if (!array_key_exists($fieldName, $profileData)) {
continue;
}
// Assign field to output with value
@ -920,34 +940,25 @@ class Users
// If the field is set to be a link add a value for that as well
if ($field['islink']) {
$profile[$fieldName]['link'] = str_replace('{{ VAL }}', $profileData[$fieldName], $field['linkformat']);
}
// Check if we have additional options as well
if ($field['additional'] != null) {
// Decode the json of the additional stuff
$additional = json_decode($field['additional'], true);
// Go over all additional forms
foreach ($additional as $subName => $subField) {
// Check if the user has the current field set otherwise continue
if (!array_key_exists($subName, $profileData)) {
continue;
}
// Assign field to output with value
$profile[$fieldName][$subName] = $profileData[$subName];
}
}
}
// Return appropiate profile data
@ -989,9 +1000,7 @@ class Users
// Return false if the user doesn't exist because a user that doesn't exist can't be online
if (empty($user)) {
return false;
}
// Return true if the user was online in the last 5 minutes
@ -1029,15 +1038,12 @@ class Users
// If the user already exists do an update call, otherwise an insert call
if (empty($getUser)) {
Database::insert('premium', [
'uid' => $id,
'startdate' => $start,
'expiredate' => $expire,
]);
} else {
Database::update('premium', [
[
'expiredate' => $expire,
@ -1046,7 +1052,6 @@ class Users
'uid' => [$id, '='],
],
]);
}
// Return the expiration timestamp
@ -1070,9 +1075,7 @@ class Users
// Check if the user has static premium
if (Permissions::check('SITE', 'STATIC_PREMIUM', $id, 1)) {
return [2, 0, time() + 1];
}
// Attempt to retrieve the premium record from the database
@ -1082,18 +1085,14 @@ class Users
// If nothing was returned just return false
if (empty($getRecord)) {
return [0];
}
// Check if the Tenshi hasn't expired
if ($getRecord['expiredate'] < time()) {
self::removeUserPremium($id);
self::updatePremiumMeta($id);
return [0, $getRecord['startdate'], $getRecord['expiredate']];
}
// Else return the start and expiration date
@ -1113,22 +1112,16 @@ class Users
// Check if the user has premium
if ($check[0] == 1) {
// If so add the rank to them
self::addRanksToUser([$premiumRank], $id);
// Check if the user's default rank is standard user and update it to premium
if (self::getUser($id)['rank_main'] == 2) {
self::setDefaultRank($id, $premiumRank);
}
} elseif ($check[0] == 0 && count($check) > 1) {
// Else remove the rank from them
self::removeRanksFromUser([$premiumRank], $id);
}
}
@ -1151,9 +1144,7 @@ class Users
// Return false if no rank was found
if (empty($rank)) {
return self::$emptyRank;
}
// If rank was found return rank data
@ -1185,9 +1176,7 @@ class Users
// Get all users (or use the supplied user list to keep server load down)
if (!$users) {
$users = self::getAllUsers();
}
// Make output array
@ -1195,14 +1184,11 @@ class Users
// Go over all users and check if they have the rank id
foreach ($users as $user) {
// If so store the user's row in the array
if (self::checkIfUserHasRanks([$rankId], $user, true) && ($excludeAbyss ? $user['password_algo'] != 'nologin' : true)) {
if (self::checkIfUserHasRanks([$rankId], $user, true)
&& ($excludeAbyss ? $user['password_algo'] != 'nologin' : true)) {
$rank[] = $user;
}
}
// Then return the array with the user rows
@ -1222,23 +1208,17 @@ class Users
// Reorder shit
foreach ($getUsers as $user) {
// Skip abyss
if (!$includeAbyss && $user['password_algo'] == 'nologin') {
continue;
}
// Skip if inactive and not include deactivated users
if (!$includeInactive && Permissions::check('SITE', 'DEACTIVATED', $user['id'], 1)) {
continue;
}
$users[$user['id']] = $user;
}
// and return an array with the users
@ -1258,9 +1238,7 @@ class Users
// Reorder shit
foreach ($getRanks as $rank) {
$ranks[$rank['id']] = $rank;
}
// and return an array with the ranks
@ -1291,15 +1269,11 @@ class Users
$conditions['uid'] = [($uid ? $uid : Session::$userId), '='];
if ($timediff) {
$conditions['timestamp'] = [time() - $timediff, '>'];
}
if ($excludeRead) {
$conditions['notif_read'] = [0, '='];
}
// Get notifications for the database
@ -1307,22 +1281,16 @@ class Users
// Mark the notifications as read
if ($markRead) {
// Iterate over all entries
foreach ($notifications as $notification) {
// If the notifcation is already read skip
if ($notification['notif_read']) {
continue;
}
// Mark them as read
self::markNotificationRead($notification['id']);
}
}
// Return the notifications
@ -1382,7 +1350,6 @@ class Users
// Go over each message and check if they are for the current user
foreach ($messages as $message) {
// Store the message
$store[$message['id']] = $message;
@ -1391,7 +1358,6 @@ class Users
$store[$message['id']]['data']['from']['rank'] = self::getRank($_MSG_USR['rank_main']);
$store[$message['id']]['data']['to']['user'] = ($_MSG_USR = self::getUser($message['to_user']));
$store[$message['id']]['data']['to']['rank'] = self::getRank($_MSG_USR['rank_main']);
}
// Return store array
@ -1405,9 +1371,7 @@ class Users
// Assign $uid
if (!$uid) {
$uid = Session::$userId;
}
// Get all friends
@ -1420,7 +1384,6 @@ class Users
// Iterate over the raw database return
foreach ($getFriends as $key => $friend) {
// Add friend to array
$friends[($timestamps ? $friend['fid'] : $key)] = $getData ? ([
@ -1428,19 +1391,16 @@ class Users
'rank' => self::getRank($_UDATA['rank_main']),
]) : $friend[($timestamps ? 'timestamp' : 'fid')];
}
// Check who is online and who isn't
if ($checkOnline) {
// Check each user
foreach ($friends as $key => $friend) {
$friends[self::checkUserOnline($getData ? $friend['user']['id'] : $friend) ? 'online' : 'offline'][] = $friend;
$friends[
self::checkUserOnline($getData ? $friend['user']['id'] : $friend) ? 'online' : 'offline'
][] = $friend;
}
}
// Return formatted array
@ -1454,9 +1414,7 @@ class Users
// Assign $of automatically if it's not set
if (!$uid) {
$uid = Session::$userId;
}
// Get all friend entries from other people involved the current user
@ -1469,19 +1427,15 @@ class Users
// Check if the friends are mutual
foreach ($friends as $friend) {
// Check if the friend is mutual
if (!self::checkFriend($friend['uid'], $uid)) {
$pending[] = $getData ? ([
'user' => ($_UDATA = self::getUser($friend['uid'])),
'rank' => self::getRank($_UDATA['rank_main']),
]) : $friend;
}
}
// Return the pending friends
@ -1495,9 +1449,7 @@ class Users
// Assign $uid
if (!$uid) {
$uid = Session::$userId;
}
// Get the user's friends
@ -1505,9 +1457,7 @@ class Users
// Check if the friend is actually in the user's array
if (!in_array($fid, $self)) {
return 0;
}
// Get the friend's friends
@ -1515,9 +1465,7 @@ class Users
// Check if the friend is actually in the user's array
if (in_array($uid, $friend)) {
return 2;
}
// Return true if all went through
@ -1531,16 +1479,12 @@ class Users
// Validate that the user exists
if (!self::getUser($uid)) {
return [0, 'USER_NOT_EXIST'];
}
// Check if the user already has this user a friend
if (Database::fetch('friends', false, ['fid' => [$uid, '='], 'uid' => [Session::$userId, '=']])) {
return [0, 'ALREADY_FRIENDS'];
}
// Add friend
@ -1561,9 +1505,7 @@ class Users
// Check if the user has this user a friend
if (!Database::fetch('friends', false, ['fid' => [$uid, '='], 'uid' => [Session::$userId, '=']])) {
return [0, 'ALREADY_REMOVED'];
}
// Remove friend
@ -1574,12 +1516,10 @@ class Users
// Attempt to remove the request
if ($deleteRequest) {
Database::delete('friends', [
'fid' => [Session::$userId, '='],
'uid' => [$uid, '='],
]);
}
// Return true because yay
@ -1594,5 +1534,4 @@ class Users
return Database::fetch('users', false, ['password_algo' => ['nologin', '!=']], ['id', true], ['1'])['id'];
}
}

30
_sakura/components/Whois.php
View file

@ -52,7 +52,10 @@ class Whois
// Check for neccesary keys
if (!array_key_exists('tld', $servers) || !array_key_exists('ip', $servers)) {
trigger_error('One or more of the required whois lists isn\'t set, please check your whois servers file', E_USER_ERROR);
trigger_error(
'One or more of the required whois lists isn\'t set, please check your whois servers file',
E_USER_ERROR
);
}
// If everything is gucci set self::$servers
@ -113,7 +116,9 @@ class Whois
// Get proper whois server address
if (!$server = $servers[$tld]) {
return 'Error: No appropriate whois server found for the TLD ' . $tld . ', check if the given address is correct.';
return 'Error: No appropriate whois server found for the TLD '
. $tld
. ', check if the given address is correct.';
}
// Get results from whois server
@ -133,7 +138,12 @@ class Whois
$result = self::queryWhois(($server = $matches[1]), $address);
// ...and append the retrieved values to the return variable
$return .= "\r\n-------------\r\n\r\n" . $address . " domain lookup results from " . $server . ":\r\n" . $result;
$return .= "\r\n-------------\r\n\r\n"
. $address
. " domain lookup results from "
. $server
. ":\r\n"
. $result;
}
}
}
@ -188,7 +198,19 @@ class Whois
{
// Open socket
$query = @fsockopen($server, $port, $errno, $errstr, $timeout) or trigger_error('Failed to open socket: ' . $errno . ' - ' . $errstr, E_USER_ERROR);
$query = @fsockopen(
$server,
$port,
$errno,
$errstr,
$timeout
) or trigger_error(
'Failed to open socket: '
. $errno
. ' - '
. $errstr,
E_USER_ERROR
);
// Send address
fputs($query, $address . "\r\n");

1
public/.htaccess
View file

@ -41,6 +41,7 @@ RewriteRule ^settings/([a-z]+)/?$ settings.php?cat=$1 [L,QSA]
RewriteRule ^settings/([a-z]+)/([a-z]+)/?$ settings.php?cat=$1&mode=$2 [L,QSA]
RewriteRule ^settings/([a-z]+)/([a-z]+)/p([0-9]+)/?$ settings.php?cat=$1&mode=$2&page=$3 [L,QSA]
RewriteRule ^friends/?$ settings.php?friend-action=true [L,QSA]
RewriteRule ^notifications/?$ settings.php?request-notifications=true [L,QSA]
# Members
RewriteRule ^members/?$ members.php [L,QSA]

16
public/authenticate.php
View file

@ -14,7 +14,8 @@ if (isset($_REQUEST['mode'])) {
// Continue
$continue = true;
// Make sure we're not in activate mode since adding a timestamp and accessing the PHP session id is kind of hard when you're in an e-mail client
// Make sure we're not in activate mode since adding a timestamp
// and accessing the PHP session id is kind of hard when you're in an e-mail client
if (!isset($_REQUEST['mode']) || $_REQUEST['mode'] != 'activate') {
// Compare time and session so we know the link isn't forged
if (!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) {
@ -79,7 +80,12 @@ if (isset($_REQUEST['mode'])) {
case 'changepassword':
// Attempt change
$passforget = Users::resetPassword($_REQUEST['verk'], $_REQUEST['uid'], $_REQUEST['newpw'], $_REQUEST['verpw']);
$passforget = Users::resetPassword(
$_REQUEST['verk'],
$_REQUEST['uid'],
$_REQUEST['newpw'],
$_REQUEST['verpw']
);
// Array containing "human understandable" messages
$messages = [
@ -97,7 +103,11 @@ if (isset($_REQUEST['mode'])) {
// Add page specific things
$renderData['page'] = [
'redirect' => ($passforget[0] ? $urls->format('SITE_LOGIN') : $_SERVER['PHP_SELF'] . '?pw=true&uid=' . $_REQUEST['uid'] . '&verk=' . $_REQUEST['verk']),
'redirect' => (
$passforget[0] ?
$urls->format('SITE_LOGIN') :
$_SERVER['PHP_SELF'] . '?pw=true&uid=' . $_REQUEST['uid'] . '&verk=' . $_REQUEST['verk']
),
'message' => $messages[$passforget[1]],
'success' => $passforget[0],

14
public/changelog.php
View file

@ -22,7 +22,15 @@ $changelogHTML = null;
foreach (array_reverse($changelog['changelog'], true) as $revisionId => $revisionData) {
$changelogHTML .= '<div class="release" id="r' . $revisionId . '">';
$changelogHTML .= '<a href="#r' . $revisionId . '" class="title" style="color: ' . $changelog['versions'][$revisionData[0]] . ';">Revision ' . $revisionId . ' (' . ucfirst($revisionData[0]) . ')</a>';
$changelogHTML .= '<a href="#r'
. $revisionId
. '" class="title" style="color: '
. $changelog['versions'][$revisionData[0]]
. ';">Revision '
. $revisionId
. ' ('
. ucfirst($revisionData[0])
. ')</a>';
unset($revisionData[0]);
@ -54,7 +62,9 @@ foreach (array_reverse($changelog['changelog'], true) as $revisionId => $revisio
$changelogHTML .= $changeData['change'];
$changelogHTML .= '</span>';
$changelogHTML .= '<a class="changeuser" target="_blank" href="http://bitbucket.org/' . strtolower($changeData['user']) . '">';
$changelogHTML .= '<a class="changeuser" target="_blank" href="http://bitbucket.org/'
. strtolower($changeData['user'])
. '">';
$changelogHTML .= $changeData['user'];
$changelogHTML .= '</a>';

24
public/imageserve.php
View file

@ -23,9 +23,21 @@ if (isset($_GET['m'])) {
switch ($_GET['m']) {
case 'avatar':
// Set paths
$noAvatar = ROOT . str_replace('{{ TPL }}', $templateName, Configuration::getConfig('no_avatar_img'));
$deactiveAvatar = ROOT . str_replace('{{ TPL }}', $templateName, Configuration::getConfig('deactivated_avatar_img'));
$bannedAvatar = ROOT . str_replace('{{ TPL }}', $templateName, Configuration::getConfig('banned_avatar_img'));
$noAvatar = ROOT . str_replace(
'{{ TPL }}',
$templateName,
Configuration::getConfig('no_avatar_img')
);
$deactiveAvatar = ROOT . str_replace(
'{{ TPL }}',
$templateName,
Configuration::getConfig('deactivated_avatar_img')
);
$bannedAvatar = ROOT . str_replace(
'{{ TPL }}',
$templateName,
Configuration::getConfig('banned_avatar_img')
);
// If ?u= isn't set or if it isn't numeric
if (!isset($_GET['u']) || !is_numeric($_GET['u']) || $_GET['u'] == 0) {
@ -84,7 +96,8 @@ if (isset($_GET['m'])) {
}
// Check if user has a background set
if (empty($user->data['userData']['profileBackground']) || !file_exists($userDirPath . $user->data['userData']['profileBackground'])) {
if (empty($user->data['userData']['profileBackground'])
|| !file_exists($userDirPath . $user->data['userData']['profileBackground'])) {
$serveImage = $noBackground;
break;
}
@ -119,7 +132,8 @@ if (isset($_GET['m'])) {
}
// Check if user has a background set
if (empty($user->data['userData']['profileHeader']) || !file_exists($userDirPath . $user->data['userData']['profileHeader'])) {
if (empty($user->data['userData']['profileHeader'])
|| !file_exists($userDirPath . $user->data['userData']['profileHeader'])) {
$serveImage = $noHeader;
break;
}

12
public/index.php
View file

@ -58,7 +58,17 @@ $renderData['board'] = [
$renderData['stats'] = [
'userCount' => Database::count('users', ['password_algo' => ['nologin', '!='], 'rank_main' => ['1', '!=']])[0],
'newestUser' => ($_INDEX_NEWEST_USER = new User(Users::getNewestUserId())),
'lastRegDate' => ($_INDEX_LAST_REGDATE = date_diff(date_create(date('Y-m-d', $_INDEX_NEWEST_USER->data['regdate'])), date_create(date('Y-m-d')))->format('%a')) . ' day' . ($_INDEX_LAST_REGDATE == 1 ? '' : 's'),
'lastRegDate' => ($_INDEX_LAST_REGDATE = date_diff(
date_create(
date(
'Y-m-d',
$_INDEX_NEWEST_USER->data['regdate']
)
),
date_create(
date('Y-m-d')
)
)->format('%a')) . ' day' . ($_INDEX_LAST_REGDATE == 1 ? '' : 's'),
'topicCount' => Database::count('topics')[0],
'postCount' => Database::count('posts')[0],
'onlineUsers' => Users::checkAllOnline(),

19
public/members.php
View file

@ -15,12 +15,23 @@ if (Users::checkLogin()) {
$renderData['page'] = [
'ranks' => ($_MEMBERLIST_RANKS = Users::getAllRanks()),
'active' => ($_MEMBERLIST_ACTIVE = (isset($_GET['rank']) && $_GET['rank'] && array_key_exists($_GET['rank'], $_MEMBERLIST_RANKS) ? $_GET['rank'] : 0)),
'notfound' => ($_MEMBERLIST_NFOUND = (isset($_GET['rank']) && !array_key_exists($_GET['rank'], $_MEMBERLIST_RANKS) && $_GET['rank'] != 0)),
'active' => ($_MEMBERLIST_ACTIVE = (
isset($_GET['rank'])
&& $_GET['rank']
&& array_key_exists($_GET['rank'], $_MEMBERLIST_RANKS) ? $_GET['rank'] : 0
)),
'notfound' => ($_MEMBERLIST_NFOUND = (
isset($_GET['rank'])
&& !array_key_exists($_GET['rank'], $_MEMBERLIST_RANKS) && $_GET['rank'] != 0
)),
'sorts' => ($_MEMBERLIST_SORTS = ['boxes', 'rectangles', 'list']),
'sort' => isset($_GET['sort']) && $_GET['sort'] && in_array($_GET['sort'], $_MEMBERLIST_SORTS) ? $_GET['sort'] : $_MEMBERLIST_SORTS[0],
'sort' => isset($_GET['sort']) && $_GET['sort'] && in_array($_GET['sort'], $_MEMBERLIST_SORTS) ?
$_GET['sort'] :
$_MEMBERLIST_SORTS[0],
'page' => isset($_GET['page']) && ($_GET['page'] - 1) >= 0 ? $_GET['page'] - 1 : 0,
'users' => array_chunk($_MEMBERLIST_ACTIVE && !$_MEMBERLIST_NFOUND ? Users::getUsersInRank($_MEMBERLIST_ACTIVE, null, true, true) : Users::getAllUsers(), Configuration::getConfig('members_per_page'), true),
'users' => array_chunk($_MEMBERLIST_ACTIVE && !$_MEMBERLIST_NFOUND ?
Users::getUsersInRank($_MEMBERLIST_ACTIVE, null, true, true) :
Users::getAllUsers(), Configuration::getConfig('members_per_page'), true),
];

10
public/news.php
View file

@ -86,10 +86,16 @@ if (isset($_GET['xml'])) {
// Create value
eval('$value = ' . $valueData['eval'] . ';');
$value = str_replace('{EVAL}', $value, $valueData[(array_key_exists('cdata', $valueData) ? 'cdata' : 'text')]);
$value = str_replace(
'{EVAL}',
$value,
$valueData[(array_key_exists('cdata', $valueData) ? 'cdata' : 'text')]
);
// Create text node or cdata container
$pElemText = (array_key_exists('cdata', $valueData)) ? $feed->createCDATASection($value) : $feed->createTextNode($value);
$pElemText = (array_key_exists('cdata', $valueData)) ?
$feed->createCDATASection($value) :
$feed->createTextNode($value);
// Append them
$pElem->appendChild($pElemText);

12
public/posting.php
View file

@ -10,7 +10,17 @@ namespace Sakura;
require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php';
// Set location
$locId = isset($_GET['f']) ? $_GET['f'] : (isset($_GET['t']) ? $_GET['t'] : (isset($_GET['p']) ? Forum::getTopicIdFromPostId($_GET['p']) : 0));
$locId = isset($_GET['f']) ?
$_GET['f'] :
(
isset($_GET['t']) ?
$_GET['t'] :
(
isset($_GET['p']) ?
Forum::getTopicIdFromPostId($_GET['p']) :
0
)
);
$locMode = isset($_GET['f']) ? 'f' : (isset($_GET['t']) || isset($_GET['p']) ? 't' : null);
// Set additional render data

133
public/settings.php
View file

@ -23,7 +23,10 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
$notifications = array();
// Check if the user is logged in
if (Users::checkLogin() && isset($_REQUEST['time']) && $_REQUEST['time'] > (time() - 1000) && isset($_REQUEST['session']) && $_REQUEST['session'] == session_id()) {
if (Users::checkLogin()
&& isset($_REQUEST['time'])
&& $_REQUEST['time'] > (time() - 1000)
&& isset($_REQUEST['session']) && $_REQUEST['session'] == session_id()) {
// Get the user's notifications from the past forever but exclude read notifications
$userNotifs = Users::getNotifications(null, 0, true, true);
@ -119,7 +122,9 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
// Continue if nothing fucked up
if ($continue) {
// Execute the action
$action = (isset($_REQUEST['add']) ? Users::addFriend($_REQUEST['add']) : Users::removeFriend($_REQUEST['remove'], true));
$action = (isset($_REQUEST['add']) ?
Users::addFriend($_REQUEST['add']) :
Users::removeFriend($_REQUEST['remove'], true));
// Set the messages
$messages = [
@ -197,7 +202,11 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Check session variables
if (!isset($_REQUEST['timestamp']) || $_REQUEST['timestamp'] < time() - 1000 || !isset($_REQUEST['sessid']) || $_REQUEST['sessid'] != session_id() || !$continue) {
if (!isset($_REQUEST['timestamp'])
|| $_REQUEST['timestamp'] < time() - 1000
|| !isset($_REQUEST['sessid'])
|| $_REQUEST['sessid'] != session_id()
|| !$continue) {
$renderData['page'] = [
'redirect' => $redirect,
@ -224,7 +233,10 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
case 'background':
$userDataKey = 'profileBackground';
$msgTitle = 'Background';
$permission = (!empty($currentUser->data['userData'][$userDataKey]) && $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND')) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND');
$permission = (
!empty($currentUser->data['userData'][$userDataKey])
&& $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND')
) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND');
break;
case 'avatar':
@ -251,7 +263,8 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
// Set path variables
$filepath = ROOT . Configuration::getConfig('user_uploads') . '/';
$filename = $filepath . $mode . '_' . Session::$userId;
$currfile = isset($currentUser->data['userData'][$userDataKey]) && !empty($_OLDFILE = $currentUser->data['userData'][$userDataKey]) ? $_OLDFILE : null;
$currfile = isset($currentUser->data['userData'][$userDataKey])
&& !empty($_OLDFILE = $currentUser->data['userData'][$userDataKey]) ? $_OLDFILE : null;
// Check if $_FILES is set
if (!isset($_FILES[$mode]) && empty($_FILES[$mode])) {
@ -323,7 +336,9 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Check if the image is an allowed filetype
if ((($metadata[2] !== IMAGETYPE_GIF) && ($metadata[2] !== IMAGETYPE_JPEG) && ($metadata[2] !== IMAGETYPE_PNG))) {
if ((($metadata[2] !== IMAGETYPE_GIF)
&& ($metadata[2] !== IMAGETYPE_JPEG)
&& ($metadata[2] !== IMAGETYPE_PNG))) {
// Set render data
$renderData['page'] = [
@ -337,7 +352,8 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Check if the image is too large
if (($metadata[0] > Configuration::getConfig($mode . '_max_width') || $metadata[1] > Configuration::getConfig($mode . '_max_height'))) {
if (($metadata[0] > Configuration::getConfig($mode . '_max_width')
|| $metadata[1] > Configuration::getConfig($mode . '_max_height'))) {
// Set render data
$renderData['page'] = [
@ -351,7 +367,8 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
}
// Check if the image is too small
if (($metadata[0] < Configuration::getConfig($mode . '_min_width') || $metadata[1] < Configuration::getConfig($mode . '_min_height'))) {
if (($metadata[0] < Configuration::getConfig($mode . '_min_width')
|| $metadata[1] < Configuration::getConfig($mode . '_min_height'))) {
// Set render data
$renderData['page'] = [
@ -441,7 +458,10 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
// Go over each additional value
foreach ($field['additional'] as $addKey => $addVal) {
// Add to the array
$store[$addKey] = (isset($_POST['profile_additional_' . $addKey]) || !empty($_POST['profile_additional_' . $addKey])) ? $_POST['profile_additional_' . $addKey] : false;
$store[$addKey] = (isset($_POST['profile_additional_' . $addKey])
|| !empty($_POST['profile_additional_' . $addKey])) ?
$_POST['profile_additional_' . $addKey] :
false;
}
}
}
@ -459,29 +479,54 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
];
// Birthdays
if (isset($_POST['birthday_day']) && isset($_POST['birthday_month']) && isset($_POST['birthday_year'])) {
if (isset($_POST['birthday_day'])
&& isset($_POST['birthday_month'])
&& isset($_POST['birthday_year'])) {
// Check if the values aren't fucked with
if ($_POST['birthday_day'] < 0 || $_POST['birthday_day'] > 31 || $_POST['birthday_month'] < 0 || $_POST['birthday_month'] > 12 || ($_POST['birthday_year'] != 0 && $_POST['birthday_year'] < (date("Y") - 100)) || $_POST['birthday_year'] > date("Y")) {
if ($_POST['birthday_day'] < 0
|| $_POST['birthday_day'] > 31
|| $_POST['birthday_month'] < 0
|| $_POST['birthday_month'] > 12
|| (
$_POST['birthday_year'] != 0
&& $_POST['birthday_year'] < (date("Y") - 100)
)
|| $_POST['birthday_year'] > date("Y")) {
$renderData['page']['message'] = 'Your birthdate is invalid.';
$renderData['page']['success'] = 0;
break;
}
// Check if the values aren't fucked with
if (($_POST['birthday_day'] < 1 && $_POST['birthday_month'] > 0) || ($_POST['birthday_day'] > 0 && $_POST['birthday_month'] < 1)) {
if ((
$_POST['birthday_day'] < 1
&& $_POST['birthday_month'] > 0
)
|| (
$_POST['birthday_day'] > 0
&& $_POST['birthday_month'] < 1)
) {
$renderData['page']['message'] = 'Only setting a day or month is disallowed.';
$renderData['page']['success'] = 0;
break;
}
// Check if the values aren't fucked with
if ($_POST['birthday_year'] > 0 && ($_POST['birthday_day'] < 1 || $_POST['birthday_month'] < 1)) {
if ($_POST['birthday_year'] > 0
&& (
$_POST['birthday_day'] < 1
|| $_POST['birthday_month'] < 1
)
) {
$renderData['page']['message'] = 'Only setting a year is disallowed.';
$renderData['page']['success'] = 0;
break;
}
$birthdate = implode('-', [$_POST['birthday_year'], $_POST['birthday_month'], $_POST['birthday_day']]);
$birthdate = implode(
'-',
[$_POST['birthday_year'], $_POST['birthday_month'], $_POST['birthday_day']]
);
Database::update('users', [
[
@ -510,7 +555,10 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
continue;
}
$store[$field['id']] = isset($_POST['option_' . $field['id']]) && !empty($_POST['option_' . $field['id']]) ? $_POST['option_' . $field['id']] : null;
$store[$field['id']] = isset($_POST['option_' . $field['id']])
&& !empty($_POST['option_' . $field['id']]) ?
$_POST['option_' . $field['id']] :
null;
}
// Update database
@ -590,7 +638,8 @@ if (Users::checkLogin()) {
'title' => 'Home',
'description' => [
'Welcome to the Settings Panel. From here you can monitor, view and update your profile and preferences.',
'Welcome to the Settings Panel.
From here you can monitor, view and update your profile and preferences.',
],
'access' => !$currentUser->checkPermission('SITE', 'DEACTIVATED'),
@ -602,7 +651,8 @@ if (Users::checkLogin()) {
'title' => 'Edit Profile',
'description' => [
'These are the external account links etc. on your profile, shouldn\'t need any additional explanation for this one.',
'These are the external account links etc.
on your profile, shouldn\'t need any additional explanation for this one.',
],
'access' => $currentUser->checkPermission('SITE', 'ALTER_PROFILE'),
@ -763,7 +813,9 @@ if (Users::checkLogin()) {
'description' => [
'Your avatar which is displayed all over the site and on your profile.',
'Maximum image size is {{ avatar.max_width }}x{{ avatar.max_height }}, minimum image size is {{ avatar.min_width }}x{{ avatar.min_height }}, maximum file size is {{ avatar.max_size_view }}.',
'Maximum image size is {{ avatar.max_width }}x{{ avatar.max_height }},
minimum image size is {{ avatar.min_width }}x{{ avatar.min_height }},
maximum file size is {{ avatar.max_size_view }}.',
],
'access' => $currentUser->checkPermission('SITE', 'CHANGE_AVATAR'),
@ -776,10 +828,15 @@ if (Users::checkLogin()) {
'description' => [
'The background that is displayed on your profile.',
'Maximum image size is {{ background.max_width }}x{{ background.max_height }}, minimum image size is {{ background.min_width }}x{{ background.min_height }}, maximum file size is {{ background.max_size_view }}.',
'Maximum image size is {{ background.max_width }}x{{ background.max_height }},
minimum image size is {{ background.min_width }}x{{ background.min_height }},
maximum file size is {{ background.max_size_view }}.',
],
'access' => (isset($currentUser->data['userData']['profileBackground']) && $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND')) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND'),
'access' => (
isset($currentUser->data['userData']['profileBackground'])
&& $currentUser->checkPermission('SITE', 'CHANGE_BACKGROUND')
) || $currentUser->checkPermission('SITE', 'CREATE_BACKGROUND'),
'menu' => true,
],
@ -791,7 +848,10 @@ if (Users::checkLogin()) {
'The custom text that is displayed on your profile.',
],
'access' => (isset($currentUser->data['userData']['userPage']) && $currentUser->checkPermission('SITE', 'CHANGE_USERPAGE')) || $currentUser->checkPermission('SITE', 'CREATE_USERPAGE'),
'access' => (
isset($currentUser->data['userData']['userPage'])
&& $currentUser->checkPermission('SITE', 'CHANGE_USERPAGE')
) || $currentUser->checkPermission('SITE', 'CREATE_USERPAGE'),
'menu' => true,
],
@ -859,7 +919,9 @@ if (Users::checkLogin()) {
'title' => 'Ranks',
'description' => [
'Manage what ranks you\'re in and what is set as your main rank. Your main rank is highlighted. You get the permissions of all of the ranks you\'re in combined.',
'Manage what ranks you\'re in and what is set as your main rank.
Your main rank is highlighted.
You get the permissions of all of the ranks you\'re in combined.',
],
'access' => $currentUser->checkPermission('SITE', 'ALTER_RANKS'),
@ -881,9 +943,13 @@ if (Users::checkLogin()) {
'title' => 'Sessions',
'description' => [
'Session keys are a way of identifying yourself with the system without keeping your password in memory.',
'If someone finds one of your session keys they could possibly compromise your account, if you see any sessions here that shouldn\'t be here hit the Kill button to kill the selected session.',
'If you get logged out after clicking one you\'ve most likely killed your current session, to make it easier to avoid this from happening your current session is highlighted.',
'Session keys are a way of identifying yourself with the system without keeping
your password in memory.',
'If someone finds one of your session keys they could possibly compromise your account,
if you see any sessions here that shouldn\'t be here hit the Kill button to kill the
selected session.',
'If you get logged out after clicking one you\'ve most likely killed your current session,
to make it easier to avoid this from happening your current session is highlighted.',
],
'access' => $currentUser->checkPermission('SITE', 'MANAGE_SESSIONS'),
@ -895,7 +961,8 @@ if (Users::checkLogin()) {
'title' => 'Registration Keys',
'description' => [
'Sometimes we activate the registration key system which means that users can only register using your "referer" keys, this means we can keep unwanted people from registering.',
'Sometimes we activate the registration key system which means that users can only
register using your "referer" keys,this means we can keep unwanted people from registering.',
'Each user can generate 5 of these keys, bans and deactivates render these keys useless.',
],
@ -923,16 +990,24 @@ if (Users::checkLogin()) {
];
// Current settings page
$category = isset($_GET['cat']) ? (array_key_exists($_GET['cat'], $pages) ? $_GET['cat'] : false) : array_keys($pages)[0];
$category = isset($_GET['cat']) ? (
array_key_exists($_GET['cat'], $pages) ? $_GET['cat'] : false
) : array_keys($pages)[0];
$mode = false;
// Only continue setting mode if $category is true
if ($category) {
$mode = isset($_GET['mode']) && $category ? (array_key_exists($_GET['mode'], $pages[$category]['modes']) ? $_GET['mode'] : false) : array_keys($pages[$category]['modes'])[0];
$mode = isset($_GET['mode']) && $category ? (
array_key_exists($_GET['mode'], $pages[$category]['modes']) ? $_GET['mode'] : false
) : array_keys($pages[$category]['modes'])[0];
}
// Not found
if (!$category || empty($category) || !$mode || empty($mode) || !$pages[$category]['modes'][$mode]['access']) {
if (!$category
|| empty($category)
|| !$mode
|| empty($mode)
|| !$pages[$category]['modes'][$mode]['access']) {
header('HTTP/1.0 404 Not Found');
print Templates::render('global/notfound.tpl', $renderData);
exit;

44
public/support.php
View file

@ -10,7 +10,9 @@ namespace Sakura;
require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) . '_sakura/sakura.php';
// Switch between modes (we only allow this to be used by logged in user)
if (isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE', 'OBTAIN_PREMIUM', Session::$userId, 1)) {
if (isset($_REQUEST['mode'])
&& Users::checkLogin()
&& Permissions::check('SITE', 'OBTAIN_PREMIUM', Session::$userId, 1)) {
// Initialise Payments class
if (!Payments::init()) {
header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true');
@ -19,19 +21,24 @@ if (isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE'
// Create the purchase
case 'purchase':
// Compare time and session so we know the link isn't forged
if (!isset($_REQUEST['time']) || $_REQUEST['time'] < time() - 1000) {
if (!isset($_REQUEST['time'])
|| $_REQUEST['time'] < time() - 1000) {
header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true');
break;
}
// Match session ids for the same reason
if (!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) {
if (!isset($_REQUEST['session'])
|| $_REQUEST['session'] != session_id()) {
header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true');
break;
}
// Half if shit isn't gucci
if (!isset($_POST['months']) || !is_numeric($_POST['months']) || (int) $_POST['months'] < 1 || (int) $_POST['months'] > Configuration::getConfig('premium_amount_max')) {
if (!isset($_POST['months'])
|| !is_numeric($_POST['months'])
|| (int) $_POST['months'] < 1
|| (int) $_POST['months'] > Configuration::getConfig('premium_amount_max')) {
header('Location: ' . $urls->format('SITE_PREMIUM') . '?fail=true');
} else {
// Calculate the total
@ -39,10 +46,19 @@ if (isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE'
$total = number_format($total, 2, '.', '');
// Generate item name
$itemName = Configuration::getConfig('sitename') . ' Premium - ' . (string) $_POST['months'] . ' month' . ((int) $_POST['months'] == 1 ? '' : 's');
$itemName = Configuration::getConfig('sitename')
. ' Premium - '
. (string) $_POST['months']
. ' month'
. ((int) $_POST['months'] == 1 ? '' : 's');
// Attempt to create a transaction
if ($transaction = Payments::createTransaction($total, $itemName, Configuration::getConfig('sitename') . ' Premium Purchase', 'http://' . Configuration::getConfig('url_main') . $urls->format('SITE_PREMIUM'))) {
if ($transaction = Payments::createTransaction(
$total,
$itemName,
Configuration::getConfig('sitename') . ' Premium Purchase',
'http://' . Configuration::getConfig('url_main') . $urls->format('SITE_PREMIUM')
)) {
// Store the amount of months in the global session array
$_SESSION['premiumMonths'] = (int) $_POST['months'];
@ -59,7 +75,10 @@ if (isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE'
// Finalising the purchase
case 'finish':
// Check if the success GET request is set and is true
if (isset($_GET['success']) && isset($_GET['paymentId']) && isset($_GET['PayerID']) && isset($_SESSION['premiumMonths'])) {
if (isset($_GET['success'])
&& isset($_GET['paymentId'])
&& isset($_GET['PayerID'])
&& isset($_SESSION['premiumMonths'])) {
// Attempt to complete the transaction
try {
$finalise = Payments::completeTransaction($_GET['paymentId'], $_GET['PayerID']);
@ -72,7 +91,16 @@ if (isset($_REQUEST['mode']) && Users::checkLogin() && Permissions::check('SITE'
// Make the user premium
$expiration = Users::addUserPremium(Session::$userId, (2628000 * $_SESSION['premiumMonths']));
Users::updatePremiumMeta(Session::$userId);
Main::updatePremiumTracker(Session::$userId, ((float) Configuration::getConfig('premium_price_per_month') * $_SESSION['premiumMonths']), $currentUser->data['username'] . ' bought premium for ' . $_SESSION['premiumMonths'] . ' month' . ($_SESSION['premiumMonths'] == 1 ? '' : 's') . '.');
Main::updatePremiumTracker(
Session::$userId,
((float) Configuration::getConfig('premium_price_per_month') * $_SESSION['premiumMonths']),
$currentUser->data['username']
. ' bought premium for '
. $_SESSION['premiumMonths']
. ' month'
. ($_SESSION['premiumMonths'] == 1 ? '' : 's')
. '.'
);
// Redirect to the complete
header('Location: ' . $urls->format('SITE_PREMIUM') . '?mode=complete');