index.php 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443
  1. <?php
  2. error_reporting(E_ERROR);
  3. header('Content-type: application/json');
  4. header('Access-Control-Allow-Origin: *');
  5. require_once("../../header.php");
  6. if(!isset($_GET['action'])){
  7. $opts = getopt('a:',array('action:'));
  8. $_GET['action'] = isset($opts['action'])?$opts['action']:(isset($opts['a'])?$opts['a']:'');
  9. }
  10. $u = is_logged_in();
  11. switch($_GET['action']){
  12. case 'test':
  13. //$u or die();
  14. //print_r(atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'topic','#omnimaga'));
  15. //echo mkpasswd('root');
  16. break;
  17. case 'lang':
  18. echo file_get_contents(DIR.'/lang/'.LOCALE.'/C/LC_MESSAGES/omninet.po');
  19. die();
  20. break;
  21. case 'login':
  22. isset($_GET['username']) && isset($_GET['password']) or die('{"code":2,"message":"'.__('Missing username and/or password').'"}');
  23. isset($_GET['type']) or die('{"code":2,"message":"'.__('Missing user type').'"}');
  24. $r = login($_GET['username'],$_GET['password'],$_GET['type']);
  25. if($r !== true){
  26. die('{"code":2,"message":'.json_encode($r).'}');
  27. }else{
  28. die('{"code":0}');
  29. }
  30. break;
  31. case 'verify':
  32. isset($_GET['token']) or die('{"code":1,"message":"'.__('No token set').'"}');
  33. $r = verify($_GET['token']);
  34. if($r !== true){
  35. die('{"code":2,"message":"'.$r.'"}');
  36. }
  37. die('{"code":0,"message":"'.$r.'"}');
  38. break;
  39. case 'logout':
  40. logout();
  41. die('{"code":0}');
  42. break;
  43. case 'get-memos':
  44. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  45. $u['type'] = 'user' && isset($_COOKIE['user']) && isset($_SESSION['password']) or die('{"code":0}');
  46. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'MemoServ','list');
  47. if($res[0]){
  48. $res = explode('&#10;',$res[1]);
  49. $memos = array();
  50. foreach($res as $k => $row){
  51. if($k != 0 && $k != 1){
  52. $row = preg_split('/^-\s/',$row);
  53. if(isset($row[1])){
  54. $row = explode(' ',$row[1]);
  55. $memo = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'MemoServ','read',array($row[0]));
  56. $memo = explode('&#10;',$memo[1]);
  57. array_push($memos,array(
  58. 'id'=>$row[0],
  59. 'from'=>$row[2],
  60. 'date'=>array(
  61. 'month'=>$row[4],
  62. 'day'=>$row[5],
  63. 'time'=>$row[6],
  64. 'year'=>$row[7]
  65. ),
  66. 'body'=>$memo[2]
  67. ));
  68. }
  69. }
  70. }
  71. die('{"code":0,"memos":'.json_encode($memos).'}');
  72. }else{
  73. die('{"code":1,"message":"'.__('Cannot fetch memos').'"}');
  74. }
  75. break;
  76. case 'get-news':
  77. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  78. $u['type'] = 'user' && isset($_COOKIE['user']) && isset($_SESSION['password']) or die('{"code":0}');
  79. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'InfoServ','list');
  80. if($res[0]){
  81. $res = explode('&#10;',$res[1]);
  82. $news = array();
  83. foreach($res as $k => $row){
  84. if($k != count($res)-1){
  85. array_push($news,array(
  86. 'id'=>preg_replace('/^(\d)+:.+$/i','\1',$row),
  87. 'title'=>preg_replace('/^\d+: \[(.+)\] .+/i','\1',$row),
  88. 'from'=>preg_replace('/^\d+: \[.+\] by (.+) at \d\d?:\d\d? on (\d\d)\/\d\d\/\d\d\d\d: .+/i','\1',$row),
  89. 'date'=>array(
  90. 'time'=>preg_replace('/^\d+: \[.+\] by .+ at (\d\d?:\d\d?) on .+/','\1',$row),
  91. 'day'=>preg_replace('/^\d+: \[.+\] by .+ at \d\d?:\d\d? on (\d\d)\/\d\d\/\d\d\d\d: .+/i','\1',$row),
  92. 'month'=>preg_replace('/^\d+: \[.+\] by .+ at \d\d?:\d\d? on \d\d\/(\d\d)\/\d\d\d\d: .+/i','\1',$row),
  93. 'year'=>preg_replace('/^\d+: \[.+\] by .+ at \d\d?:\d\d? on \d\d\/\d\d\/(\d\d\d\d): .+/i','\1',$row)
  94. ),
  95. 'body'=>preg_replace('/^\d+: \[.+\] by .+ at \d\d?:\d\d? on \d\d\/\d\d\/\d\d\d\d: (.+)/i','\1',$row)
  96. ));
  97. }
  98. }
  99. die('{"code":0,"news":'.json_encode($news).'}');
  100. }else{
  101. die('{"code":1,"message":"'.__('Cannot fetch news').'"}');
  102. }
  103. break;
  104. case 'get-channels':
  105. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  106. $u['type'] = 'user' && isset($_COOKIE['user']) && isset($_SESSION['password']) or die('{"code":0}');
  107. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'NickServ','listchans');
  108. if($res[0]){
  109. $res = explode('&#10;',$res[1]);
  110. $channels = array();
  111. $flags = array();
  112. foreach($res as $k => $row){
  113. if($k != count($res)-1){
  114. $flags_list = str_split(preg_replace('/^Access flag\(s\) \+(.+) in .+$/i','\1',$row));
  115. $name = preg_replace('/^Access flag\(s\) \+.+ in (.+)$/i','\1',$row);
  116. $chan = array(
  117. 'name'=>$name
  118. );
  119. if(in_array('F',$flags_list)){
  120. $chan['candrop'] = true;
  121. $chan['canaccess'] = true;
  122. }
  123. if(in_array('f',$flags_list)){
  124. $chan['canaccess'] = true;
  125. }
  126. $res2 = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'ChanServ','flags',array($name));
  127. $users = array();
  128. if($res2[0]){
  129. $res2 = explode('&#10;',$res2[1]);
  130. foreach($res2 as $kk => $row2){
  131. if($kk > 1 && $kk < count($res2)-2){
  132. $user = array(
  133. 'id'=>preg_replace('/^(\d+)\b.+$/','\1',$row2),
  134. 'name'=>trim(preg_replace('/^\d+\s+(.+)\s+\+.+/','\1',$row2)),
  135. 'flags'=>array()
  136. );
  137. $flags_list = str_split(preg_replace('/^\d+\s+.+\s+\+(.+)\s+\[.+/i','\1',$row2));
  138. foreach($flags_list as $kk => $flag){
  139. if($flag!=' '){
  140. array_push($user['flags'],$flag);
  141. $name = channel_flag_name($flag);
  142. if(!isset($flags[$flag])){
  143. $flags[$flag] = $name;
  144. }
  145. }
  146. }
  147. array_push($users,$user);
  148. }
  149. }
  150. }
  151. $chan['users'] = $users;
  152. array_push($channels,$chan);
  153. }
  154. }
  155. die('{"code":0,"channels":'.json_encode($channels).',"flags": '.json_encode($flags).'}');
  156. }else{
  157. die('{"code":1,"message":"'.__('Cannot fetch channels').'"}');
  158. }
  159. break;
  160. case 'send-memo':
  161. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  162. isset($_GET['to']) && isset($_GET['message']) or die('{"code":1,"message":"'.__('No message or user entered').'"}');
  163. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'MemoServ','send',array($_GET['to'],$_GET['message']));
  164. if($res[0]){
  165. if(substr($res[1],-19) == ' is not registered.'){
  166. die('{"code":1,"message":"'.__('User').' '.$_GET['to'].' '.__('does not exist').'"}');
  167. }else{
  168. die('{"code":0,"message":"'.__('Memo Sent').'"}');
  169. }
  170. }else{
  171. die('{"code":1,"message":"'.__('Cannot send memo').': '.$res[1].'"}');
  172. }
  173. break;
  174. case 'delete-memo':
  175. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  176. isset($_GET['id']) or die('{"code":1,"message":"'.__('No id given').'"}');
  177. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'MemoServ','delete',array($_GET['id']));
  178. if(!$res[0]){
  179. die('{"code":1,"message":"'.__('Cannot delete memo').': '.$res[1].'"}');
  180. }
  181. die('{"code":0}');
  182. break;
  183. case 'delete-channel':
  184. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  185. isset($_GET['channel']) or die('{"code":1,"message":"'.__('No channel given').'"}');
  186. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'ChanServ','drop',array($_GET['channel']));
  187. if(!$res[0]){
  188. die('{"code":1,"message":"'.__('Cannot drop channel').': '.$res[1].'"}');
  189. }
  190. die('{"code":0}');
  191. break;
  192. case 'channel-flags':
  193. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  194. isset($_GET['channel']) or die('{"code":1,"message":"'.__('No channel given').'"}');
  195. isset($_GET['user']) or die('{"code":1,"message":"'.__('No user given').'"}');
  196. if(isset($_GET['flags'])){
  197. $flags = $_GET['flags'];
  198. }else{
  199. $flags = array();
  200. }
  201. $flags_on = '';
  202. $flags_off = '';
  203. $flags = sanitize_channel_flags($flags);
  204. foreach($flags as $flag => $val){
  205. if($val){
  206. $flags_on .= ' '.$flag;
  207. }else{
  208. $flags_off .= ' '.$flag;
  209. }
  210. }
  211. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'ChanServ','flags',array($_GET['channel'],$_GET['user'],'+'.$flags_on));
  212. if(!$res[0] && $res[2] != 12){
  213. die('{"code":1,"message":"'.__('Cannot change flag').': '.$res[1].'"}');
  214. }
  215. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'ChanServ','flags',array($_GET['channel'],$_GET['user'],'-'.$flags_off));
  216. if(!$res[0] && $res[2] != 12){
  217. die('{"code":1,"message":"'.__('Cannot change flag').': '.$res[1].'"}');
  218. }
  219. die('{"code":0,"flags":'.json_encode($flags).'}');
  220. break;
  221. case 'register-channel':
  222. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  223. isset($_GET['channel']) or die('{"code":1,"message":"'.__('No channel given').'"}');
  224. $channel = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$_COOKIE['user'],$_SESSION['password'],'ChanServ','info',Array($_GET['channel']));
  225. if(!$channel[0]){
  226. $ret = irccommands(array(
  227. 'join '.$_GET['channel'],
  228. 'samode '.$_GET['channel'].' +o RehashServ',
  229. 'cs register '.$_GET['channel'],
  230. 'cs set '.$_GET['channel'].' keeptopic on',
  231. 'cs set '.$_GET['channel'].' founder '.$_COOKIE['user']
  232. ));
  233. if($ret['code'] !== 0){
  234. die(json_encode($ret));
  235. }
  236. $ret2 = irccommands(array(
  237. 'join '.$_GET['channel'],
  238. 'cs set '.$_GET['channel'].' founder '.$_COOKIE['user'],
  239. 'cs flags '.$_GET['channel'].' RehashServ -AORafhioqrstv'
  240. ),$_COOKIE['user']);
  241. if($ret2['code'] !== 0){
  242. $ret2['message'] = 'Failed to register channel. See log for information.';
  243. }
  244. @$ret2['log'] = $ret['log']."\r\n".$ret2['log'];
  245. }else{
  246. $ret = array(
  247. 'code'=>1,
  248. 'message'=>'Channel '.$_GET['channel'].' already exists.'
  249. );
  250. }
  251. die(json_encode($ret));
  252. break;
  253. case 'persona-login':
  254. if($u){
  255. $register = true;
  256. }else{
  257. $register = false;
  258. }
  259. $url = get_conf('persona-endpoint');
  260. $assert = filter_input(
  261. INPUT_POST,
  262. 'assertion',
  263. FILTER_UNSAFE_RAW,
  264. FILTER_FLAG_STRIP_LOW|FILTER_FLAG_STRIP_HIGH
  265. );
  266. $params = 'assertion='.urlencode($assert).'&audience='.urlencode(get_conf('persona-audience'));
  267. $ch = curl_init();
  268. $options = array(
  269. CURLOPT_URL => $url,
  270. CURLOPT_RETURNTRANSFER => TRUE,
  271. CURLOPT_POST => 2,
  272. CURLOPT_SSL_VERIFYPEER => 0,
  273. CURLOPT_SSL_VERIFYHOST => 2,
  274. CURLOPT_POSTFIELDS => $params
  275. );
  276. curl_setopt_array($ch, $options);
  277. $result = curl_exec($ch);
  278. curl_close($ch);
  279. $result = json_decode($result);
  280. if($result->status == 'okay'){
  281. if($register && !add_email($u['id'],$result->email)){
  282. die('{"code":1,"message":"'.__('Failed to add email').' '.$result->email.' '.__('to user').' '.$u['nick'].'"}');
  283. }elseif(!$register && !$u = get_user_for_email($result->email)){
  284. die('{"code":1,"message":"'.__('Email does not match any users').'"}');
  285. }
  286. setcookie('personaUser',$result->email,null,'/');
  287. $pass = null;
  288. if(isset($_SESSION['password']) && !is_null($_SESSION['password']) && $_SESSION['password'] != ''){
  289. $pass = $_SESSION['password'];
  290. }
  291. $types = get_user_types($u['id']);
  292. $r = login($u['nick'],$pass,'persona',$types[0]);
  293. if($r !== true){
  294. if($r){
  295. die('{"code":2,"message":"'.$r.'"}');
  296. }else{
  297. die('{"code":2}');
  298. }
  299. }else{
  300. die('{"code":0,"assertion":'.json_encode($result).'}');
  301. }
  302. }else{
  303. die('{"code":1,"message":"'.$result->reason.'"}');
  304. }
  305. break;
  306. case 'persona-remove':
  307. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  308. isset($_GET['id']) or die('{"code":1,"message":"'.__('No ID set').'"}');
  309. if(!remove_email($u['id'],$_GET['id'],true)){
  310. die('{"code":1,"message":"'.__('Could not remove email address').'"}');
  311. }
  312. die('{"code":0}');
  313. break;
  314. case '2-factor-register':
  315. $r = register_token();
  316. if($r !== true){
  317. die('{"code":1,"message":"'.$r.'"}');
  318. }
  319. die('{"code":0}');
  320. break;
  321. case '2-factor-delete':
  322. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  323. $r = delete_token($u['id']);
  324. if($r !== true){
  325. die('{"code":1,"message":"'.$r.'"}');
  326. }
  327. die('{"code":0,"message":"'.__('2-factor disabled.').'"}');
  328. break;
  329. case 'ping':
  330. $u or die('{"code":1,"message":"'.__('You have been logged out').'"}');
  331. die('{"code":0}');
  332. break;
  333. case 'newpass':
  334. $u && isset($_GET['password']) && isset($_GET['newpass']) or die('{"code":2,"message":"'.__('Make sure that everything is filled in. Try reloading if it is.').'"}');
  335. $u['password'] == mkpasswd($_GET['password'],$u['salt']) or die('{"code":2,"message":"'.__('Invalid password').'"}');
  336. $u['api_key'] == $_COOKIE['key'] or die('{"code":3,"message":"Not Logged in to use '.$u['nick'].' with key '.$u['api_key'].' != '.$_COOKIE['key'].'."}');
  337. if($_COOKIE['type'] == 'user'){
  338. $res = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,$u['nick'],$_GET['password'],'NickServ','set',array('password',trim($_GET['newpass'])));
  339. if($res[0] === false){
  340. die('{"code":2,"message":"'.__('Could not update password with nickserv').': '.$res[1].'"}');
  341. }else{
  342. $_SESSION['password'] = $_GET['newpass'];
  343. }
  344. }
  345. query("UPDATE users u SET u.password='%s' WHERE u.id=%d",array(mkpasswd($_GET['newpass']),$u['id']));
  346. die('{"code":0}');
  347. break;
  348. case 'sync-pass':
  349. $u && isset($_SESSION['password'])or die('{"code":2,"message":"'.__('Not logged in').'"}');
  350. $u['api_key'] == $_COOKIE['key'] or die('{"code":3,"message":"'.__('Not Logged in to use').' '.$u['nick'].' '.__('with key').' '.$u['api_key'].' != '.$_COOKIE['key'].'."}');
  351. $_COOKIE['type'] == 'user' or die('{"code":3,"message":"'.__('Must be logged in with type user to sync pass').'"}');
  352. $res = atheme_login(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),$u['nick'],$_SESSION['password']);
  353. if($res[0] === false){
  354. die('{"code":2,"message":"'.__('Could not verify with nickserv').': '.$res[1].'"}');
  355. }
  356. query("UPDATE users u SET u.password='%s' WHERE u.id=%d",array(mkpasswd($_SESSION['password']),$u['id']));
  357. die('{"code":0,"message":"'.__('Nickserv password synchronized with main account').'"}');
  358. break;
  359. case 'sync-groups':
  360. $u && isset($_SESSION['password'])or die('{"code":2,"message":"'.__('Make sure that everything is filled in. Try reloading if it is.').'"}');
  361. $u['api_key'] == $_COOKIE['key'] or die('{"code":3,"message":"'.__('Not Logged in to use').' '.$u['nick'].' '.__('with key').' '.$u['api_key'].' != '.$_COOKIE['key'].'."}');
  362. $res = atheme_login(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),$u['nick'],$_SESSION['password']);
  363. if($res[0] === false){
  364. die('{"code":2,"message":"'.__('Could not verify with nickserv').': '.$res[1].'"}');
  365. }
  366. require_once(get_conf('smf-path').'/SSI.php');
  367. $res = $smcFunc['db_query']('',"SELECT id_group,additional_groups
  368. FROM {db_prefix}members
  369. WHERE id_member = {int:id_member}
  370. ",array(
  371. 'id_member'=>$user_info['id']
  372. ));
  373. while($row = $smcFunc['db_fetch_assoc']($res)){
  374. $groups = explode(',',$row['additional_groups']);
  375. if(!is_null($row['id_group'])){
  376. array_push($groups,$row['id_group']);
  377. }
  378. foreach($groups as $k => $group){
  379. $res2 = query("SELECT irc_name FROM smf_groups WHERE id_group = %d",array($group));
  380. if($res2 && $res2->num_rows > 0){
  381. $res2 = $res2->fetch_assoc();
  382. $res3 = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,'RehashServ',get_conf('rehash-pass'),'GroupServ','flags',array('!'.$res2['irc_name'],$_COOKIE['user'],'+cvi'));
  383. if(!$res3[0]){
  384. die('{"code":'.$res3[2].',"message":"'.__('Unable to sync groups').': '.$res3[1].'"}');
  385. }
  386. }
  387. }
  388. $res3 = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,'RehashServ',get_conf('rehash-pass'),'GroupServ','flags',array('!Members',$_COOKIE['user'],'+cvi'));
  389. if(!$res3[0]){
  390. die('{"code":'.$res3[2].',"message":"'.__('Unable to sync groups').': '.$res3[1].'"}');
  391. }
  392. }
  393. $res3 = atheme_command(get_conf('xmlrpc-server'),get_conf('xmlrpc-port'),get_conf('xmlrpc-path'),USER_IP,'RehashServ',get_conf('rehash-pass'),'NickServ','hold',array($_COOKIE['user'],'on'));
  394. if(!$res3[0]){
  395. die('{"code":'.$res3[2].',"message":"'.__('Unable to sync groups').': '.$res3[1].'"}');
  396. }
  397. die('{"code":0,"message":"'.__('Groups synced with SMF').'"}');
  398. break;
  399. case 'role':
  400. $u && isset($_GET['type']) or die('{"code":2,"message":"'.__('Not logged in').'"}');
  401. setcookie('type',$_GET['type'],null,'/');
  402. die('{"code":0}');
  403. break;
  404. case 'user':
  405. $u or die('{"code":10,"message":"'.__('Not logged in').'"}');
  406. isset($_GET['id']) or die('{"code":2,"message":"'.__('No user set.').'"}');
  407. isset($_GET['email']) or die('{"code":2,"message":"'.__('No email set.').'"}');
  408. isset($_GET['real_name']) or die('{"code":2,"message":"'.__('No real name set.').'"}');
  409. isset($_GET['nick']) or die('{"code":2,"message":"'.__('No nick set.').'"}');
  410. $user = get_user_from_id_obj($_GET['id']) or die('{"code":2,"message":"'.__('User with id').' '.$_GET['id'].' '.__('does not exist. You should reload the page.').'"}');
  411. if($u['id'] == $user['id']){
  412. setcookie('user',$_GET['nick'],null,'/');
  413. }
  414. query("UPDATE users u SET u.nick='%s', u.real_name='%s', u.email='%s' WHERE u.id=%d",array($_GET['nick'],$_GET['real_name'],$_GET['email'],$_GET['id'])) or die('{"code":2,"message":"'.__('Unable to update user').'"}');
  415. die(ircrehash());
  416. break;
  417. case 'oper':
  418. $u or die('{"code":10,"message":"'.__('Not logged in').'"}');
  419. isset($_GET['id']) or die('{"code":2,"message":"'.__('No user set.').'"}');
  420. isset($_GET['nick']) or die('{"code":2,"message":"'.__('No nick set.').'"}');
  421. isset($_GET['swhois']) or die('{"code":2,"message":"'.__('No profile set.').'"}');
  422. $oper = get_oper_from_id_obj($_GET['id']) or die('{"code":2,"message":"'.__('Oper with id').' '.$_GET['id'].' '.__('does not exist. You should reload the page.').'"}');
  423. if(isset($_GET['password']) && $_GET['password'] != ""){
  424. query("UPDATE opers o SET o.nick='%s', o.swhois='%s', o.password='%s', o.password_type_id=2 WHERE o.id=%d",array($_GET['nick'],$_GET['swhois'],mkpasswd($_GET['password']),$_GET['id'])) or die('{"code":2,"message":"'.__('Unable to update oper').'"}');
  425. }else{
  426. query("UPDATE opers o SET o.nick='%s', o.swhois='%s' WHERE o.id=%d",array($_GET['nick'],$_GET['swhois'],$_GET['id'])) or die('{"code":2,"message":"'.__('Unable to update oper').'"}');
  427. }
  428. die(ircrehash());
  429. break;
  430. case 'config':
  431. foreach($_GET as $key => $val){
  432. set_conf($key,$val,get_conf_type($key)) or die('{"code":1,"message":"'.__('Failed to update setting').': '.$key.' '.__('with value').': '.$val.'"}');
  433. }
  434. die('{"code":0}');
  435. break;
  436. case 'rehash':
  437. $u or die('{"code":10,"message":"'.__('Not logged in').'"}');
  438. die(ircrehash());
  439. break;
  440. default:
  441. die('{"code":1,"message":"'.__('Invalid Action').': '.$_GET['action'].'"}');
  442. }
  443. ?>