Beispiel #1
0
function vbseo_can_moderation_linkback($pingid, $forumid = 0)
{
    global $db, $vbulletin, $vbseo_pback_in_use;
    if (!$forumid) {
        $vbseo_pback_in_use = $pback = $db->query_first("SELECT tb.*,t.forumid FROM " . vbseo_tbl_prefix('vbseo_linkback') . " tb\nLEFT JOIN " . vbseo_tbl_prefix('thread') . " t on tb.t_threadid=t.threadid\nWHERE t_id='{$pingid}'");
        $forumid = $pback['forumid'];
    }
    return $vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator'] || can_moderate($forumid, 'vbseo_linkbacks');
}
Beispiel #2
0
 /**
  * Processes miscellaneous post items at the end of the construction process.
  */
 function prep_post_end()
 {
     global $show;
     $this->post['editlink'] = can_moderate($this->forum['forumid'], 'canannounce') ? 'announcement.php?' . $this->registry->session->vars['sessionurl'] . 'do=edit&a=' . $this->post['announcementid'] : false;
     $this->post['replylink'] = false;
     $this->post['forwardlink'] = false;
     $show['postcount'] = false;
     $show['reputationlink'] = false;
     $show['reportlink'] = false;
 }
Beispiel #3
0
 protected function fetchCanViewAlbumPhoto($attachmentid)
 {
     if (!$this->fetchCanViewAlbums() or !($attachment = $this->content['album_attachment'][$attachmentid]) or !($album = $this->content['album'][$attachment['albumid']]) or !$this->fetchCanViewAlbum($album['albumid'])) {
         return false;
     }
     if ($attachment['state'] == 'moderation' and !can_moderate(0, 'canmoderatepictures') and $attachment['userid'] != vB::$vbulletin->userinfo['userid'] and !can_moderate(0, 'caneditalbumpicture')) {
         return false;
     }
     return true;
 }
Beispiel #4
0
/**
* Checks whether or not an administrator can post announcements
*
* @param	integer	Forum ID
*
* @return	integer	The return value of this function is really rubbish... who wrote this?
*/
function fetch_announcement_permission_error($forumid)
{
    global $vbulletin, $phrase;
    if ($forumid == -1 and !($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator'])) {
        return 1;
    } else {
        if ($forumid != -1 and !can_moderate($forumid, 'canannounce')) {
            return 2;
        }
    }
    return 0;
}
Beispiel #5
0
/**
* Check whether this search is flooding
*/
function check_pt_search_floodcheck()
{
    global $vbulletin, $db;
    if ($prevsearch = $db->query_first("\r\n\t\tSELECT issuesearchid, dateline\r\n\t\tFROM " . TABLE_PREFIX . "pt_issuesearch AS issuesearch\r\n\t\tWHERE " . (!$vbulletin->userinfo['userid'] ? "ipaddress = '" . $db->escape_string(IPADDRESS) . "'" : "userid = " . $vbulletin->userinfo['userid']) . "\r\n\t\tORDER BY dateline DESC LIMIT 1\r\n\t")) {
        if ($vbulletin->options['searchfloodtime'] > 0) {
            $timepassed = TIMENOW - $prevsearch['dateline'];
            $is_special_user = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate());
            if ($timepassed < $vbulletin->options['searchfloodtime'] and !$is_special_user) {
                standard_error(fetch_error('searchfloodcheck', $vbulletin->options['searchfloodtime'], $vbulletin->options['searchfloodtime'] - $timepassed));
            }
        }
    }
}
Beispiel #6
0
 protected function fetchCanViewCmsComment($postid)
 {
     if (!($post = $this->content['cms_post'][$postid]) or !($node = $this->content['cms_node'][$post['nodeid']]) or !$this->fetchCanViewCmsArticle($post['nodeid']) or !$node['comments_enabled']) {
         return false;
     }
     $forumid = $post['forumid'];
     $canviewothers = vB::$vbulletin->userinfo['forumpermissions']["{$forumid}"] & vB::$vbulletin->bf_ugp_forumpermissions['canviewothers'];
     $canviewthreads = vB::$vbulletin->userinfo['forumpermissions']["{$forumid}"] & vB::$vbulletin->bf_ugp_forumpermissions['canviewthreads'];
     $threadviewable = (($post['visible'] == 1 or $post['visible'] == 0 and can_moderate($forumid)) and $canviewthreads);
     if (!$threadviewable or !$this->fetchCanViewForum($forumid) or !$canviewothers and $post['postuserid'] != vB::$vbulletin->userinfo['userid']) {
         return false;
     }
     return true;
 }
Beispiel #7
0
 protected function fetchCanViewThread($threadid)
 {
     if (!($threadrecord = $this->content['thread'][$threadid])) {
         return false;
     }
     $forumid = $threadrecord['forumid'];
     $canviewothers = vB::$vbulletin->userinfo['forumpermissions']["{$forumid}"] & vB::$vbulletin->bf_ugp_forumpermissions['canviewothers'];
     $canviewthreads = vB::$vbulletin->userinfo['forumpermissions']["{$forumid}"] & vB::$vbulletin->bf_ugp_forumpermissions['canviewthreads'];
     $threadviewable = (($threadrecord['visible'] == 1 or can_moderate($forumid)) and $canviewthreads);
     if (!$threadviewable or !$this->fetchCanViewForum($forumid) or !$canviewothers and $threadrecord['postuserid'] != vB::$vbulletin->userinfo['userid']) {
         return false;
     } else {
         return true;
     }
 }
Beispiel #8
0
 protected function fetchCanViewSocialgroupPhoto($attachmentid)
 {
     if (!$this->fetchCanUseGroups()) {
         return false;
     }
     if (!($attachment = $this->content['socialgroup_attachment'][$attachmentid])) {
         return false;
     }
     if (!($group = $this->content['socialgroup'][$attachment['groupid']])) {
         return false;
     }
     if (!vB::$vbulletin->options['socnet_groups_pictures_enabled'] or !($group['options'] & vB::$vbulletin->bf_misc_socialgroupoptions['enable_group_albums']) or $group['membertype'] != 'member' and !can_moderate(0, 'caneditgrouppicture')) {
         return false;
     }
     return true;
 }
Beispiel #9
0
function do_get_profile()
{
    global $vbulletin;
    $userinfo = vB_Api::instance('user')->fetchUserInfo();
    $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('userid' => vB_Cleaner::TYPE_UINT));
    if (!$userinfo['userid'] && !$cleaned['userid']) {
        return json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
    }
    if (!$cleaned['userid']) {
        $cleaned['userid'] = $userinfo['userid'];
    }
    $profile = vB_Api::instance('user')->fetchProfileInfo($cleaned['userid']);
    if (empty($profile)) {
        return json_error(ERR_NO_PERMISSION);
    }
    $values = array();
    foreach ($profile['customFields']['default'] as $name => $value) {
        $value = $value['val'];
        if ($value === null) {
            $value = '';
        }
        $values[] = array('name' => (string) new vB_Phrase('cprofilefield', $name), 'value' => $value);
    }
    $groups = array();
    $groups[] = array('name' => 'about', 'values' => $values);
    $out = array('username' => prepare_utf8_string($profile['username']), 'joindate' => prepare_utf8_string(fr_date($profile['joindate'])), 'posts' => $profile['posts'], 'online' => fr_get_user_online($profile['lastactivity']), 'avatar_upload' => $profile['canuseavatar'] ? true : false, 'groups' => $groups);
    $avatarurl = vB_Library::instance('vb4_functions')->avatarUrl($cleaned['userid']);
    if ($avatarurl) {
        $out['avatarurl'] = $avatarurl;
    }
    cache_moderators();
    cache_permissions($vbulletin->userinfo);
    $canbanuser = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers'));
    if ($canbanuser) {
        $out['ban'] = true;
    }
    return $out;
}
Beispiel #10
0
 if (!$post['p_title']) {
     $post['p_title'] = '&laquo;' . $vbphrase['n_a'] . '&raquo;';
 }
 $post['counter'] = vb_number_format($post['counter']);
 $post['size'] = vb_number_format($post['size'], 1, true);
 $post['postdate'] = vbdate($vbulletin->options['dateformat'], $post['p_dateline'], true);
 $post['posttime'] = vbdate($vbulletin->options['timeformat'], $post['p_dateline']);
 $post['attachmentextension'] = strtolower(file_extension($post['filename']));
 $show['thumbnail'] = iif($post['hasthumbnail'] == 1 and $vbulletin->options['attachthumbs'] and $showthumbs, 1, 0);
 $show['inprogress'] = iif(!$post['postid'], true, false);
 $show['deletebox'] = false;
 if ($post['inprogress']) {
     $show['deletebox'] = true;
 } else {
     if ($post['open'] or $vbulletin->options['allowclosedattachdel'] or can_moderate($post['forumid'], 'canopenclose')) {
         if (can_moderate($post['forumid'], 'caneditposts')) {
             $show['deletebox'] = true;
         } else {
             $forumperms = fetch_permissions($post['forumid']);
             if ($forumperms & $vbulletin->bf_ugp_forumpermissions['caneditpost'] and $vbulletin->userinfo['userid'] == $post['userid']) {
                 if ($vbulletin->options['allowattachdel'] or !$vbulletin->options['edittimelimit'] or $post['p_dateline'] >= TIMENOW - $vbulletin->options['edittimelimit'] * 60) {
                     $show['deletebox'] = true;
                 }
             }
         }
     }
 }
 if ($show['deletebox']) {
     $show['deleteoption'] = true;
 }
 ($hook = vBulletinHook::fetch_hook('profile_editattachments_bit')) ? eval($hook) : false;
Beispiel #11
0
		$vbulletin->url = fetch_seo_url('member', $userinfo);
		eval(print_standard_redirect('visitormessagedelete'));
	}
	else
	{
		$vbulletin->url = fetch_seo_url('member', $userinfo);
		eval(print_standard_redirect('visitormessage_nodelete'));
	}
}

// ############################### start retrieve ip ###############################
if ($_REQUEST['do'] == 'viewip')
{
	// check moderator permissions for getting ip
	if (!can_moderate(0, 'canviewips'))
	{
		print_no_permission();
	}

	if (!$messageinfo['vmid'])
	{
		eval(standard_error(fetch_error('invalidid', $vbphrase['message'], $vbulletin->options['contactuslink'])));
	}

	$messageinfo['hostaddress'] = @gethostbyaddr(long2ip($messageinfo['ipaddress']));

	($hook = vBulletinHook::fetch_hook('visitor_message_getip')) ? eval($hook) : false;

	eval(standard_error(fetch_error('thread_displayip', long2ip($messageinfo['ipaddress']), htmlspecialchars_uni($messageinfo['hostaddress'])), '', 0));
}
Beispiel #12
0
function construct_online_bit($userinfo, $doall = 0)
{
    global $vbulletin, $limitlower, $limitupper, $stylevar, $vbphrase, $ipclass, $show;
    global $wol_album, $wol_attachment, $wol_calendar, $wol_event, $wol_inf, $wol_pm, $wol_post, $wol_search, $wol_socialgroup, $wol_thread, $wol_user;
    static $count;
    $count++;
    $show['nopermission'] = false;
    $show['lockedout'] = false;
    $show['errormessage'] = false;
    if ($doall == 1 and ($count > $limitupper or $count < $limitlower)) {
        return '';
    }
    if ($userinfo['attachmentid']) {
        $postid = $wol_attachment["{$userinfo['attachmentid']}"];
    } else {
        $postid = $userinfo['postid'];
    }
    if ($postid) {
        $threadid = $wol_post["{$postid}"];
    } else {
        $threadid = $userinfo['threadid'];
    }
    $forumid = $userinfo['forumid'];
    $calendarid = $userinfo['calendarid'];
    $eventid = $userinfo['eventid'];
    $searchid = $userinfo['searchid'];
    $groupid = $userinfo['socialgroupid'];
    $albumid = $userinfo['albumid'];
    if ($albumid) {
        require_once DIR . '/includes/functions_album.php';
        $albumname = fetch_censored_text($wol_album["{$albumid}"]['title']);
        $canviewalbum = true;
        if ($wol_album["{$albumid}"]['state'] == 'profile' and !can_view_profile_albums($wol_album["{$albumid}"]['userid'])) {
            $canviewalbum = false;
        } else {
            if ($wol_album["{$albumid}"]['state'] == 'private' and !can_view_private_albums($wol_album["{$albumid}"]['userid'])) {
                $canviewalbum = false;
            }
        }
    }
    if ($groupid) {
        $groupname = fetch_censored_text($wol_socialgroup["{$groupid}"]['name']);
        $canviewgroup = true;
    }
    if ($searchid) {
        $searchquery = $wol_search["{$searchid}"]['query'];
        $searchuser = $wol_search["{$searchid}"]['searchuser'];
        $searchuserid = $wol_search["{$searchid}"]['userid'];
    }
    if (!$forumid and isset($wol_thread["{$threadid}"]['forumid'])) {
        $forumid = $wol_thread["{$threadid}"]['forumid'];
    } else {
        if (!$forumid and isset($wol_thread["{$wol_post[$postid]}"]['forumid'])) {
            $forumid = $wol_thread["{$wol_post[$postid]}"]['forumid'];
        }
    }
    $threadtitle = fetch_censored_text($wol_thread["{$threadid}"]['title']);
    $threadprefix = $wol_thread["{$threadid}"]['prefixid'] ? $vbphrase['prefix_' . $wol_thread["{$threadid}"]['prefixid'] . '_title_rich'] . ' ' : '';
    $canview = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canview'];
    $canviewothers = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers'];
    $canviewthreads = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads'];
    $postuserid = $wol_thread["{$threadid}"]['postuserid'];
    $forumtitle = $vbulletin->forumcache["{$forumid}"]['title'];
    $threadpreview = $wol_thread["{$threadid}"]['preview'];
    if (!$calendarid and isset($wol_event["{$eventid}"]['calendarid'])) {
        $calendarid = $wol_event["{$eventid}"]['calendarid'];
    }
    $eventtitle = htmlspecialchars_uni($wol_event["{$eventid}"]['title']);
    $eventpostuserid = $wol_event["{$eventid}"]['postuserid'];
    $calendartitle = $wol_calendar["{$calendarid}"];
    $canviewcalendar = $vbulletin->userinfo['calendarpermissions']["{$calendarid}"] & $vbulletin->bf_ugp_calendarpermissions['canviewcalendar'];
    $canviewothersevent = $vbulletin->userinfo['calendarpermissions']["{$calendarid}"] & $vbulletin->bf_ugp_calendarpermissions['canviewothersevent'];
    if (($wol_thread["{$threadid}"]['isdeleted'] or !$wol_thread["{$threadid}"]['visible']) and !can_moderate($forumid)) {
        $threadviewable = 0;
    } else {
        $threadviewable = 1;
    }
    if ($threadviewable and $threadtitle and $canview and ($canviewothers or $postuserid == $vbulletin->userinfo['userid']) and verify_forum_password($forumid, $vbulletin->forumcache["{$forumid}"]['password'], false)) {
        $seetitle = 1;
    }
    if ($forumtitle and ($canview or $vbulletin->forumcache["{$forumid}"]['showprivate'] > 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and $vbulletin->options['showprivateforums'])) {
        $seeforum = 1;
    }
    if ($eventtitle and $canviewcalendar and ($canviewothersevent or $eventpostuserid == $vbulletin->userinfo['userid'])) {
        $seeevent = 1;
    }
    if ($calendartitle and $canviewcalendar) {
        $seecalendar = 1;
    }
    if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) {
        if ($userinfo['pmid']) {
            $seeuserid = $wol_pm["{$userinfo['pmid']}"];
        } else {
            if ($userinfo['searchid']) {
                $seeuserid = $wol_search["{$searchid}"]['targetuserid'];
            } else {
                if ($userinfo['infractionid']) {
                    $seeuserid = $wol_inf["{$userinfo['infractionid']}"]['userid'];
                } else {
                    $seeuserid = $userinfo['targetuserid'];
                }
            }
        }
    }
    switch ($userinfo['activity']) {
        case 'visitormessage_posting':
            $userinfo['action'] = $vbphrase['posting_visitor_message'];
            break;
        case 'visitormessage_delete':
            $userinfo['action'] = $vbphrase['deleting_visitor_message'];
            break;
        case 'viewingipaddress':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>';
            if (can_moderate()) {
                $userinfo['action'] = $vbphrase['viewing_ip_address'];
            }
            break;
        case 'visitormessage_reporting':
            $userinfo['action'] = $vbphrase['reporting_visitor_message'];
            break;
        case 'posthistory':
            $userinfo['action'] = $vbphrase['viewing_post_history'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'tags':
            $userinfo['action'] = $vbphrase['managing_tags'];
            break;
        case 'tag_list':
            $userinfo['action'] = $vbphrase['viewing_tag_list'];
            break;
        case 'socialgroups_join':
            $userinfo['action'] = $vbphrase['joining_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_leave':
            $userinfo['action'] = $vbphrase['leaving_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_edit':
            $userinfo['action'] = $vbphrase['editing_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_view':
            $userinfo['action'] = $vbphrase['viewing_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_memberlist':
            $userinfo['action'] = $vbphrase['viewing_social_group_memberlist'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_delete':
            $userinfo['action'] = $vbphrase['deleting_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_create':
            $userinfo['action'] = $vbphrase['creating_social_group'];
            break;
        case 'socialgroups_list':
            $userinfo['action'] = $vbphrase['viewing_social_group_list'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'group_inlinemod':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
            break;
        case 'showthread':
            $userinfo['action'] = $vbphrase['viewing_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'showpost':
            $userinfo['action'] = $vbphrase['viewing_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'forumdisplay':
            $userinfo['action'] = $vbphrase['viewing_forum'];
            if ($seeforum) {
                if ($vbulletin->forumcache["{$forumid}"]['link']) {
                    $userinfo['action'] = $vbphrase['followed_forum_link'];
                }
                $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
            }
            break;
        case 'newthread':
            $userinfo['action'] = $vbphrase['creating_thread'];
            if ($seeforum) {
                $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
            }
            break;
        case 'newreply':
            $userinfo['action'] = $vbphrase['replying_to_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'attachments':
            $userinfo['action'] = $vbphrase['viewing_attachments'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="misc.php?' . $vbulletin->session->vars['sessionurl'] . "do=attachments&amp;u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'manageattachment':
            $userinfo['action'] = $vbphrase['managing_attachments'];
            break;
        case 'attachment':
            $userinfo['action'] = $vbphrase['viewing_attachment'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'index':
            $userinfo['action'] = $vbphrase['viewing_index'];
            $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . '</a>';
            break;
        case 'online':
            $userinfo['action'] = $vbphrase['viewing_whos_online'];
            break;
        case 'searchnew':
            $userinfo['action'] = $vbphrase['viewing_new_posts'];
            $userinfo['where'] = '<a href="search.php?' . $vbulletin->session->vars['sessionurl'] . "do=getnew\">{$vbphrase['new_posts']}</a>";
            break;
        case 'search':
            $userinfo['action'] = $vbphrase['searching_forums'];
            if ($searchid and $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) {
                if ($searchquery) {
                    $userinfo['where'] = construct_phrase($vbphrase['query_x'], htmlspecialchars_uni($searchquery));
                }
                if ($searchuser and $wol_search["{$searchid}"]['targetuserid']) {
                    if ($searchquery) {
                        $userinfo['where'] .= '<br />';
                    }
                    $userinfo['where'] .= construct_phrase($vbphrase['user_x'], '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>");
                }
            }
            break;
        case 'mail':
            $userinfo['action'] = $vbphrase['emailing'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'getinfo':
            $userinfo['action'] = $vbphrase['viewing_user_profile'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'converse':
            $userinfo['action'] = $vbphrase['viewing_conversation'];
            if ($seeuserid and $wol_user["{$userinfo['guestuserid']}"]) {
                $userinfo['where'] = construct_phrase($vbphrase['x_and_y_converse'], '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>", '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['guestuserid']}\">" . $wol_user["{$userinfo['guestuserid']}"] . "</a>");
            }
            break;
        case 'editprofile':
            $userinfo['action'] = $vbphrase['modifying_profile'];
            break;
        case 'editoptions':
            $userinfo['action'] = $vbphrase['modifying_options'];
            break;
        case 'lostpw':
        case 'editpassword':
            $userinfo['action'] = $vbphrase['modifying_password'];
            break;
        case 'editavatar':
            $userinfo['action'] = $vbphrase['modifying_avatar'];
            break;
        case 'editprofilepic':
            $userinfo['action'] = $vbphrase['modifying_profilepic'];
            break;
        case 'editsignature':
            $userinfo['action'] = $vbphrase['modifying_signature'];
            break;
        case 'markread':
            $userinfo['where'] = $vbphrase['marking_forums_read'];
            break;
        case 'whoposted':
            if ($seetitle) {
                $userinfo['action'] = $vbphrase['viewing_who_posted'];
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            } else {
                $userinfo['action'] = $vbphrase['viewing_thread'];
            }
            break;
        case 'showattachments':
            if ($seetitle) {
                $userinfo['action'] = $vbphrase['viewing_attachment_list'];
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            } else {
                $userinfo['action'] = $vbphrase['viewing_thread'];
            }
            break;
        case 'showgroups':
            $userinfo['action'] = $vbphrase['viewing_forum_leaders'];
            break;
        case 'login':
            $userinfo['action'] = $vbphrase['logging_in'];
            break;
        case 'logout':
            if ($userinfo['badlocation']) {
                $userinfo['action'] = $vbphrase['logging_out'];
            }
            break;
        case 'archive':
            $userinfo['action'] = $vbphrase['viewing_archives'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . "<a href=\"archive/index.php/t-{$threadid}.html\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            } else {
                if ($seeforum) {
                    $userinfo['where'] = "<a href=\"archive/index.php/f-{$forumid}.html\">{$forumtitle}</a>";
                }
            }
            break;
        case 'pm':
            $userinfo['action'] = $vbphrase['private_messaging'];
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) {
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
                }
                if ($userinfo['values']['do'] == 'newpm' or $userinfo['values']['do'] == 'insertpm' or $userinfo['values']['do'] == 'newmessage') {
                    $userinfo['action'] = $vbphrase['creating_private_message'];
                } else {
                    if ($userinfo['values']['do'] == 'editfolders' or $userinfo['action']['do'] == 'updatefolders') {
                        $userinfo['action'] = $vbphrase['modifying_private_message_folders'];
                    } else {
                        if ($userinfo['values']['do'] == 'trackpm' or $userinfo['values']['do'] == 'deletepmreceipt') {
                            $userinfo['action'] = $vbphrase['tracking_private_messages'];
                        } else {
                            if ($userinfo['values']['do'] == 'showpm') {
                                $userinfo['action'] = $vbphrase['viewing_private_message'];
                            } else {
                                if ($userinfo['values']['do'] == 'downloadpm') {
                                    $userinfo['action'] = $vbphrase['downloading_private_messages'];
                                }
                            }
                        }
                    }
                }
            }
            break;
        case 'addbuddy':
        case 'addignore':
        case 'buddyignore':
            $userinfo['action'] = $vbphrase['modifying_contact_ignore_list'];
            break;
        case 'subfolders':
            $userinfo['action'] = $vbphrase['modifying_subscription_folders'];
            break;
        case 'subscription':
            $userinfo['action'] = $vbphrase['viewing_subscribed_threads'];
            break;
        case 'addsubforum':
            $userinfo['action'] = $vbphrase['subscribing_to_forum'];
            if ($seeforum) {
                $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
            }
            break;
        case 'addsubthread':
            $userinfo['action'] = $vbphrase['subscribing_to_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'remsubthread':
            $userinfo['action'] = $vbphrase['deleting_subscribed_threads'];
            break;
        case 'remsubforum':
            $userinfo['action'] = $vbphrase['deleting_subscribed_forums'];
            break;
        case 'usercp':
            $userinfo['action'] = $vbphrase['viewing_user_control_panel'];
            break;
        case 'memberlistsearch':
            $userinfo['action'] = $vbphrase['searching_member_list'];
            break;
        case 'memberlist':
            $userinfo['action'] = $vbphrase['viewing_member_list'];
            break;
        case 'member_inlinemod':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
            if (can_moderate()) {
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
                }
            }
            break;
        case 'inlinemod':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
            if (can_moderate()) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
                switch ($userinfo['values']['do']) {
                    case 'open':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_opening_threads'] . '</i>';
                        break;
                    case 'close':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_closing_threads'] . '</i>';
                        break;
                    case 'stick':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_sticking_threads'] . '</i>';
                        break;
                    case 'unstick':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unsticking_threads'] . '</i>';
                        break;
                    case 'deletethread':
                    case 'dodeletethreads':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_threads'] . '</i>';
                        break;
                    case 'undeletethread':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_threads'] . '</i>';
                        break;
                    case 'approvethread':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_threads'] . '</i>';
                        break;
                    case 'unapprovethread':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_threads'] . '</i>';
                        break;
                    case 'movethread':
                    case 'domovethreads':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_threads'] . '</i>';
                        break;
                    case 'mergethread':
                    case 'domergethreads':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_threads'] . '</i>';
                        break;
                    case 'deleteposts':
                    case 'dodeleteposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_posts'] . '</i>';
                        break;
                    case 'undeleteposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_posts'] . '</i>';
                        break;
                    case 'approveposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_posts'] . '</i>';
                        break;
                    case 'unapproveposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_posts'] . '</i>';
                        break;
                    case 'mergeposts':
                    case 'domergeposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_posts'] . '</i>';
                        break;
                    case 'moveposts':
                    case 'domoveposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_posts'] . '</i>';
                        break;
                    case 'clearthread':
                    case 'clearpost':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_clear'] . '</i>';
                        break;
                    case 'spampost':
                    case 'dodeletespam':
                    case 'spamconfirm':
                        $userinfo['action'] = '<i>' . $vbphrase['managing_spam'] . '</i>';
                        break;
                }
            }
            break;
        case 'postings':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>';
            if (can_moderate($forumid) and $threadtitle and $canview and ($canviewothers or $postuserid == $vbulletin->userinfo['userid'])) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
                switch ($userinfo['values']['do']) {
                    case 'editthread':
                    case 'updatethread':
                        $userinfo['action'] = '<i>' . $vbphrase['modifying_thread'] . '</i>';
                        break;
                    case 'openclosethread':
                        $userinfo['action'] = '<i>' . $vbphrase['open_close_thread'] . '</i>';
                        break;
                    case 'movethread':
                        $userinfo['action'] = '<i>' . $vbphrase['choosing_forum_to_move_thread_to'] . '</i>';
                        break;
                    case 'domovethread':
                        switch ($userinfo['values']['method']) {
                            case 'copy':
                                $userinfo['action'] = '<i>' . $vbphrase['copying_thread_to_forum'] . '</i>';
                                break;
                            case 'move':
                                $userinfo['action'] = '<i>' . $vbphrase['moving_thread_to_forum'] . '</i>';
                                break;
                            case 'movered':
                                $userinfo['action'] = '<i>' . $vbphrase['moving_thread_with_redirect_to_forum'] . '</i>';
                                break;
                        }
                        $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a><br />" . '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
                        break;
                    case 'deletethread':
                    case 'dodeletethread':
                        $userinfo['action'] = '<i>' . $vbphrase['deleting_thread'] . '</i>';
                        break;
                    case 'deleteposts':
                    case 'dodeleteposts':
                        $userinfo['where'] = '<i>' . $vbphrase['deleting_posts'] . '</i>';
                        break;
                    case 'merge':
                    case 'domergethread':
                        $userinfo['where'] = '<i>' . $vbphrase['merging_threads'] . '</i>';
                        break;
                    case 'stick':
                        $userinfo['where'] = '<i>' . $vbphrase['stick_unstick_thread'] . '</i>';
                        break;
                    case 'getip':
                        $userinfo['where'] = '<i>' . $vbphrase['viewing_ip_address'] . '</i>';
                        break;
                    case 'removeredirect':
                        $userinfo['where'] = '<i>' . $vbphrase['deleting_redirect'] . '</i>';
                        break;
                }
            }
            break;
        case 'register':
            $userinfo['action'] = $vbphrase['registering'];
            break;
        case 'requestemail':
            $userinfo['action'] = $vbphrase['request_activation_code'];
            break;
        case 'activate':
            $userinfo['action'] = $vbphrase['activating_registration'];
            break;
        case 'announcement':
            $userinfo['action'] = $vbphrase['viewing_announcement'];
            if ($seeforum) {
                $userinfo['where'] = '<a href="announcement.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
            }
            break;
        case 'usergroup':
            $userinfo['action'] = $vbphrase['modifying_usergroups'];
            break;
        case 'polls':
            switch ($userinfo['values']['do']) {
                case 'showresults':
                    $userinfo['action'] = $vbphrase['viewing_poll'];
                    break;
                case '':
                case 'newpoll':
                case 'postpoll':
                    $userinfo['action'] = $vbphrase['creating_poll'];
                    if ($seeforum) {
                        $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
                    }
                    break;
                case 'polledit':
                case 'updatepoll':
                    $userinfo['action'] = $vbphrase['modifying_poll'];
                    break;
                case 'pollvote':
                    $userinfo['action'] = $vbphrase['voting'];
                    break;
            }
            break;
        case 'showsmilies':
            $userinfo['action'] = $vbphrase['viewing_smilies'];
            break;
        case 'showavatars':
            $userinfo['action'] = $vbphrase['viewing_avatars'];
            break;
        case 'bbcode':
            $userinfo['action'] = $vbphrase['viewing_bb_code'];
            break;
        case 'faq':
            $userinfo['action'] = $vbphrase['viewing_faq'];
            break;
        case 'edit':
            $userinfo['action'] = $vbphrase['modifying_post'];
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'sendto':
            $userinfo['action'] = $vbphrase['sending_thread_to_friend'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'contactus':
            $userinfo['action'] = $vbphrase['sending_forum_feedback'];
            break;
        case 'aim':
            $userinfo['action'] = $vbphrase['sending_aim_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'msn':
            $userinfo['action'] = $vbphrase['sending_msn_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'yahoo':
            $userinfo['action'] = $vbphrase['sending_yahoo_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'icq':
            $userinfo['action'] = $vbphrase['sending_icq_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'skype':
            $userinfo['action'] = $vbphrase['sending_skype_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'report':
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            $userinfo['action'] = $vbphrase['reporting_post'];
            break;
        case 'printthread':
            $userinfo['action'] = $vbphrase['viewing_printable_version'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'calendarweek':
            $userinfo['action'] = $vbphrase['viewing_calendar'];
            if ($seecalendar) {
                if ($userinfo['week']) {
                    $week = "&amp;week={$userinfo['week']}";
                }
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayweek&amp;c={$calendarid}{$week}\">{$calendartitle}</a>";
            }
            break;
        case 'calendarmonth':
            $userinfo['action'] = $vbphrase['viewing_calendar'];
            if ($seecalendar) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displaymonth&amp;c={$calendarid}&amp;month={$userinfo['month']}&amp;year={$userinfo['year']}\">{$calendartitle}</a>";
            }
            break;
        case 'calendaryear':
            $userinfo['action'] = $vbphrase['viewing_calendar'];
            if ($seecalendar) {
                if ($userinfo['year']) {
                    $year = "&amp;year={$userinfo['year']}";
                }
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayyear&amp;c={$calendarid}{$year}\">{$calendartitle}</a>";
            }
            break;
        case 'calendarday':
            $userinfo['action'] = $vbphrase['viewing_calendar'];
            if ($seecalendar) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getday&amp;c={$calendarid}&amp;day={$userinfo['day']}\">{$calendartitle}</a>";
            }
            break;
        case 'calendarevent':
            $userinfo['action'] = $vbphrase['viewing_event'];
            if ($seeevent) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e={$eventid}\">{$eventtitle}</a>";
            }
            break;
        case 'calendaradd':
        case 'calendaraddrecur':
            $userinfo['action'] = $vbphrase['creating_event'];
            if ($seecalendar) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "c={$calendarid}\">{$calendartitle}</a>";
            }
            break;
        case 'calendaredit':
            $userinfo['action'] = $vbphrase['modifying_event'];
            if ($seeevent) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e={$eventid}\">{$eventtitle}</a>";
            }
            break;
        case 'calreminder':
            $userinfo['action'] = $vbphrase['managing_reminder'];
            if ($seeevent) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e={$eventid}\">{$eventtitle}</a>";
            }
            break;
        case 'newusernote':
            $userinfo['action'] = $vbphrase['creating_user_note'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&amp;u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'usernote':
            $userinfo['action'] = $vbphrase['viewing_user_note'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&amp;u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'reputation':
            $userinfo['action'] = $vbphrase['giving_reputation'];
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'joinrequests':
            $userinfo['action'] = $vbphrase['processing_joinrequests'];
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $vbulletin->usergroupcache["{$userinfo['usergroupid']}"]['title']) {
                $userinfo['where'] = construct_phrase($vbphrase['viewing_x'], $vbulletin->usergroupcache["{$userinfo['usergroupid']}"]['title']);
            }
            break;
        case 'threadrate':
            $userinfo['action'] = $vbphrase['rating_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'infractionreport':
            if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) {
                $userinfo['action'] = $vbphrase['giving_infraction'];
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
                } else {
                    if ($seetitle) {
                        $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
                    }
                }
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'infractionreverse':
            if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) {
                $userinfo['action'] = $vbphrase['reversing_infraction'];
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;infractionid={$userinfo['infractionid']}\">{$wol_user[$seeuserid]}</a>";
                }
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'infractionview':
            if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) {
                $userinfo['action'] = $vbphrase['viewing_infraction'];
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;infractionid={$userinfo['infractionid']}\">{$wol_user[$seeuserid]}</a>";
                }
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedthreads':
            if (can_moderate()) {
                $userinfo['action'] = $vbphrase['viewing_deleted_threads'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedposts':
            if (can_moderate()) {
                $userinfo['action'] = $vbphrase['viewing_deleted_posts'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedvms':
            if (can_moderate(0, 'canmoderatevisitormessages')) {
                $userinfo['action'] = $vbphrase['viewing_deleted_visitor_messages'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedgms':
            if (can_moderate(0, 'canmoderategroupmessages')) {
                $userinfo['action'] = $vbphrase['viewing_deleted_social_group_messages'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedpcs':
            if (can_moderate(0, 'canmoderatepicturecomments')) {
                $userinfo['action'] = $vbphrase['viewing_deleted_picture_comments'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedthreads':
            if (can_moderate(0, 'canmoderateposts')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_threads'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedposts':
            if (can_moderate(0, 'canmoderateposts')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_posts'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedvms':
            if (can_moderate(0, 'canmoderatevisitormessages')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_visitor_messages'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedgms':
            if (can_moderate(0, 'canmoderategroupmessages')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_social_group_messages'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedpcs':
            if (can_moderate(0, 'canmoderatepicturecomments')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_picture_comments'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedpictures':
            if (can_moderate(0, 'canmoderatepictures')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_pictures'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'payments':
            $userinfo['action'] = $vbphrase['viewing_paid_subscriptions'];
            break;
        case 'spider':
            $userinfo['action'] = $vbphrase['search_engine_spider'];
            break;
        case 'admincp':
            $userinfo['action'] = $vbphrase['admin_control_panel'];
            break;
        case 'admincplogin':
            $userinfo['action'] = $vbphrase['admin_control_panel_login'];
            break;
        case 'modcp':
            $userinfo['action'] = $vbphrase['moderator_control_panel'];
            break;
        case 'modcplogin':
            $userinfo['action'] = $vbphrase['moderator_control_panel_login'];
            break;
        case 'album_delete':
            $userinfo['action'] = $vbphrase['deleting_album'];
            break;
        case 'album_edit_album':
            $userinfo['action'] = $vbphrase['editing_album'];
            if ($canviewalbum) {
                $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
            }
            break;
        case 'album_new_album':
            $userinfo['action'] = $vbphrase['creating_album'];
            break;
        case 'album_edit_picture':
            $userinfo['action'] = $vbphrase['editing_pictures'];
            if ($canviewalbum) {
                if (!empty($userinfo['pictureid'])) {
                    $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}&amp;pictureid=" . $userinfo['pictureid'] . "\">{$albumname}</a>";
                } else {
                    $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
                }
            }
            break;
        case 'album_upload':
            $userinfo['action'] = $vbphrase['uploading_pictures'];
            if ($canviewalbum) {
                $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
            }
            break;
        case 'album_picture':
            $userinfo['action'] = $vbphrase['viewing_picture'];
            if ($canviewalbum) {
                if (!empty($userinfo['pictureid'])) {
                    $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}&amp;pictureid=" . $userinfo['pictureid'] . "\">{$albumname}</a>";
                } else {
                    $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
                }
            }
            break;
        case 'album_album':
            $userinfo['action'] = $vbphrase['viewing_album'];
            if ($canviewalbum) {
                $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
            }
            break;
        case 'album_user':
            $userinfo['action'] = $vbphrase['viewing_users_album'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "userid={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'album_unread_comments':
            $userinfo['action'] = $vbphrase['viewing_unread_picture_comments'];
            break;
        case 'album_moderated_comments':
            $userinfo['action'] = $vbphrase['viewing_picture_comments_awaiting_approval'];
            break;
        case 'picturecomment_posting':
            $userinfo['action'] = $vbphrase['posting_picture_comment'];
            break;
        case 'picturecomment_delete':
            $userinfo['action'] = $vbphrase['deleting_picture_comment'];
            break;
        case 'picturecomment_reporting':
            $userinfo['action'] = $vbphrase['reporting_picture_comment'];
            break;
        case 'picture_inlinemod':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
            break;
        default:
            $handled = false;
            ($hook = vBulletinHook::fetch_hook('online_location_unknown')) ? eval($hook) : false;
            if ($handled == false) {
                if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad']) {
                    require_once DIR . '/includes/functions_login.php';
                    $userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location']));
                    $userinfo['where'] = "<a href=\"{$userinfo['location']}\">{$userinfo['location']}</a>";
                    $userinfo['action'] = '<b>' . $vbphrase['unknown_location'] . '</b>';
                } else {
                    // We were unable to parse the location
                    $userinfo['action'] = $vbphrase['viewing_index'];
                    $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
                }
            }
    }
    if ($userinfo['badlocation'] == 1) {
        // User received 'no permissions screen'
        if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] or $userinfo['userid'] == $vbulletin->userinfo['userid']) {
            $show['nopermission'] = true;
        } else {
            $userinfo['action'] = $vbphrase['viewing_index'];
            $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
        }
    } else {
        if ($userinfo['badlocation'] == 2) {
            // Forum is locked
            $show['lockedout'] = true;
        } else {
            if ($userinfo['badlocation'] == 3) {
                // User received error screen
                if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] or $userinfo['userid'] == $vbulletin->userinfo['userid']) {
                    $show['errormessage'] = true;
                } else {
                    $userinfo['action'] = $vbphrase['viewing_index'];
                    $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
                }
            }
        }
    }
    if (!($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinelocation'])) {
        unset($userinfo['location']);
    }
    $userinfo['host_encoded'] = urlencode($userinfo['host']);
    if ($vbulletin->options['yestoday'] == 2) {
        $userinfo['time'] = vbdate($vbulletin->options['dateformat'], $userinfo['lastactivity'], 1);
    } else {
        $userinfo['time'] = vbdate($vbulletin->options['timeformat'], $userinfo['lastactivity']);
    }
    $wol_post['userid'] = $userinfo['userid'];
    $wol_post['username'] = $userinfo['realname'];
    ($hook = vBulletinHook::fetch_hook('online_bit_complete')) ? eval($hook) : false;
    if ($doall) {
        $show['loggedinuser'] = iif($userinfo['userid'], true, false);
        $show['buddy'] = iif($userinfo['buddy'], true, false);
        if ($userinfo['spider']) {
            $show['spider'] = true;
            if (!$userinfo['spidertype'] or !($spidertype = construct_phrase($vbphrase["x_spider_{$userinfo['spidertype']}"], $userinfo['spider']))) {
                $spidertype = construct_phrase($vbphrase['x_spider_searchspider'], $userinfo['spider']);
            }
        } else {
            $show['spider'] = false;
        }
        $show['reallocation'] = iif($userinfo['location'], true, false);
        $show['subscribed'] = iif($wol_thread["{$threadid}"]['issubscribed'] and $seetitle, true, false);
        $show['where'] = iif($userinfo['where'], true, false);
        eval('$onlinebits = "' . fetch_template('whosonlinebit') . '";');
        return $onlinebits;
    } else {
        return $userinfo;
    }
}
Beispiel #13
0
/**
* Fetches and prepares posts for quoting. Returned text is BB code.
*
* @param	array	Array of post IDs to pull from
* @param	integer	The ID of the thread that is being quoted into
* @param	integer	Returns the number of posts that were unquoted because of the value of the next argument
* @param	array	Returns the IDs of the posts that were actually quoted
* @param	string	Controls what posts are successfully quoted: all, only (only the thread ID), other (only other thread IDs)
* @param	boolean	Whether to undo the htmlspecialchars calls; useful when returning HTML to be entered via JS
*/
function fetch_quotable_posts($quote_postids, $threadid, &$unquoted_posts, &$quoted_post_ids, $limit_thread = 'only', $unhtmlspecialchars = false)
{
    global $vbulletin;
    $unquoted_posts = 0;
    $quoted_post_ids = array();
    $quote_postids = array_diff_assoc(array_unique(array_map('intval', $quote_postids)), array(0));
    // limit to X number of posts
    if ($vbulletin->options['mqlimit'] > 0) {
        $quote_postids = array_slice($quote_postids, 0, $vbulletin->options['mqlimit']);
    }
    if (empty($quote_postids)) {
        // nothing to quote
        return '';
    }
    $hook_query_fields = $hook_query_joins = '';
    ($hook = vBulletinHook::fetch_hook('quotable_posts_query')) ? eval($hook) : false;
    $quote_post_data = $vbulletin->db->query_read_slave("\n\t\tSELECT post.postid, post.title, post.pagetext, post.dateline, post.userid, post.visible AS postvisible,\n\t\t\tIF(user.username <> '', user.username, post.username) AS username,\n\t\t\tthread.threadid, thread.title AS threadtitle, thread.postuserid, thread.visible AS threadvisible,\n\t\t\tforum.forumid, forum.password\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid)\n\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid)\n\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON (thread.forumid = forum.forumid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid IN (" . implode(',', $quote_postids) . ")\n\t");
    $quote_posts = array();
    while ($quote_post = $vbulletin->db->fetch_array($quote_post_data)) {
        if ((!$quote_post['postvisible'] or $quote_post['postvisible'] == 2) and !can_moderate($quote_post['forumid']) or (!$quote_post['threadvisible'] or $quote_post['threadvisible'] == 2) and !can_moderate($quote_post['forumid'])) {
            // no permission to view this post
            continue;
        }
        $forumperms = fetch_permissions($quote_post['forumid']);
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($quote_post['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($quote_post['forumid'], $quote_post['password'], false) or in_coventry($quote_post['postuserid']) and !can_moderate($quote_post['forumid']) or in_coventry($quote_post['userid']) and !can_moderate($quote_post['forumid'])) {
            // no permission to view this post
            continue;
        }
        if ($limit_thread == 'only' and $quote_post['threadid'] != $threadid or $limit_thread == 'other' and $quote_post['threadid'] == $threadid or $limit_thread == 'all') {
            $unquoted_posts++;
            continue;
        }
        $skip_post = false;
        ($hook = vBulletinHook::fetch_hook('quotable_posts_logic')) ? eval($hook) : false;
        if ($skip_post) {
            continue;
        }
        $quote_posts["{$quote_post['postid']}"] = $quote_post;
    }
    $message = '';
    foreach ($quote_postids as $quote_postid) {
        if (!isset($quote_posts["{$quote_postid}"])) {
            continue;
        }
        $quote_post =& $quote_posts["{$quote_postid}"];
        $originalposter = fetch_quote_username($quote_post['username'] . ";{$quote_post['postid']}");
        $postdate = vbdate($vbulletin->options['dateformat'], $quote_post['dateline']);
        $posttime = vbdate($vbulletin->options['timeformat'], $quote_post['dateline']);
        $pagetext = htmlspecialchars_uni($quote_post['pagetext']);
        $pagetext = trim(strip_quotes($pagetext));
        ($hook = vBulletinHook::fetch_hook('newreply_quote')) ? eval($hook) : false;
        eval('$message .= "' . fetch_template('newpost_quote', 0, false) . '\\n";');
        $quoted_post_ids[] = $quote_postid;
    }
    if ($unhtmlspecialchars) {
        $message = unhtmlspecialchars($message);
    }
    return $message;
}
Beispiel #14
0
         // insert username(s) of specified recipients
         if ($vbulletin->GPC['userid']) {
             $recipients = array();
             if (is_array($vbulletin->GPC['userid'])) {
                 foreach ($vbulletin->GPC['userid'] as $recipient) {
                     $recipients[] = intval($recipient);
                 }
             } else {
                 $recipients[] = intval($vbulletin->GPC['userid']);
             }
             $users = $db->query_read_slave("\n\t\t\t\t\tSELECT usertextfield.*, user.*, userlist.type\n\t\t\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid=user.userid)\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON(user.userid = userlist.userid AND userlist.relationid = " . $vbulletin->userinfo['userid'] . " AND userlist.type = 'buddy')\n\t\t\t\t\tWHERE user.userid IN(" . implode(', ', $recipients) . ")\n\t\t\t\t");
             $recipients = array();
             while ($user = $db->fetch_array($users)) {
                 $user = array_merge($user, convert_bits_to_array($user['options'], $vbulletin->bf_misc_useroptions));
                 cache_permissions($user, false);
                 if (!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) and (!$user['receivepm'] or !$user['permissions']['pmquota'] or $user['receivepmbuddies'] and !can_moderate() and $user['type'] != 'buddy')) {
                     eval(standard_error(fetch_error('pmrecipturnedoff', $user['username'])));
                 }
                 $recipients[] = $user['username'];
             }
             if (empty($recipients)) {
                 $pm['recipients'] = '';
             } else {
                 $pm['recipients'] = implode(' ; ', $recipients);
             }
         }
         ($hook = vBulletinHook::fetch_hook('private_newpm_blank')) ? eval($hook) : false;
     }
     construct_checkboxes(array('savecopy' => true, 'parseurl' => true, 'signature' => iif($vbulletin->userinfo['signature'] !== '', true)));
     $show['bcclink'] = true;
 }
Beispiel #15
0
    }
    ($hook = vBulletinHook::fetch_hook('misc_showattachments_start')) ? eval($hook) : false;
    $forumperms = fetch_permissions($threadinfo['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
        print_no_permission();
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or !$vbulletin->userinfo['userid'])) {
        print_no_permission();
    }
    $attachs = $db->query_read_slave("\n\t\tSELECT attachment.*\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tINNER JOIN " . TABLE_PREFIX . "attachment AS attachment ON (attachment.postid=post.postid AND attachment.visible=1)\n\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\tAND post.visible = 1\n\t\tORDER BY filename DESC\n\t");
    if ($db->num_rows($attachs)) {
        require_once DIR . '/includes/functions_bigthree.php';
        while ($attachment = $db->fetch_array($attachs)) {
            // hide users in Coventry
            $ast = '';
            if (in_coventry($attachment['userid']) and !can_moderate($threadinfo['forumid'])) {
                continue;
            }
            $attachment['filename'] = fetch_censored_text(htmlspecialchars_uni($attachment['filename']));
            $attachment['attachmentextension'] = strtolower(file_extension($attachment['filename']));
            $attachment['filesize'] = vb_number_format($attachment['filesize'], 1, true);
            exec_switch_bg();
            eval('$attachments .= "' . fetch_template('attachmentbit') . '";');
        }
        ($hook = vBulletinHook::fetch_hook('misc_showattachments_complete')) ? eval($hook) : false;
        eval('print_output("' . fetch_template('ATTACHMENTS') . '");');
    } else {
        eval(standard_error(fetch_error('noattachments')));
    }
}
// ############################### start show avatars ###############################
Beispiel #16
0
			AND dateline > " . iif($vbulletin->options['timeoutcontrolpanel'], intval(TIMENOW - $vbulletin->options['cookietimeout']), intval(TIMENOW - 3600))
	);

	if (!empty($cpsession))
	{
		$db->shutdown_query("
			UPDATE LOW_PRIORITY " . TABLE_PREFIX . "cpsession
			SET dateline = " . TIMENOW . "
			WHERE userid = " . $vbulletin->userinfo['userid'] . "
				AND hash = '" . $db->escape_string($vbulletin->GPC[COOKIE_PREFIX . 'cpsession']) . "'
		");
	}
}

define('CP_SESSIONHASH', $cpsession['hash']);

if ((!can_moderate() AND !can_moderate_calendar()) OR ($vbulletin->options['timeoutcontrolpanel'] AND !$vbulletin->session->vars['loggedin']) OR empty($vbulletin->GPC[COOKIE_PREFIX . 'cpsession']) OR $vbulletin->GPC[COOKIE_PREFIX . 'cpsession'] != $cpsession['hash'] OR empty($cpsession))
{
	print_cp_login();
}

($hook = vBulletinHook::fetch_hook('mod_global')) ? eval($hook) : false;

/*======================================================================*\
|| ####################################################################
|| # 
|| # CVS: $RCSfile$ - $Revision: 33812 $
|| ####################################################################
\*======================================================================*/
?>
Beispiel #17
0
 /**
  * pre_delete function - extend if the contenttype needs to do anything
  *
  * @param	array		list of deleted attachment ids to delete
  * @param	boolean	verify permission to delete
  *
  * @return	boolean
  */
 public function pre_delete($list, $checkperms = true)
 {
     @ignore_user_abort(true);
     // init lists
     $this->lists = array('postlist' => array(), 'threadlist' => array());
     if ($checkperms) {
         // Verify that we have permission to view these attachmentids
         $attachmultiple = new vB_Attachment_Display_Multiple($this->registry);
         $attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(", ", $list) . ")");
         if (count($list) != count($attachments)) {
             return false;
         }
     }
     $ids = $this->registry->db->query_read("\n\t\t\tSELECT\n\t\t\t\ta.attachmentid, a.userid, IF(a.contentid = 0, 1, 0) AS inprogress,\n\t\t\t\tpost.postid, post.threadid, post.dateline AS p_dateline, post.userid AS post_userid,\n\t\t\t\tthread.forumid, thread.threadid, thread.open,\n\t\t\t\teditlog.hashistory\n\t\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = a.contentid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON (editlog.postid = post.postid)\n\t\t\tWHERE a.attachmentid IN (" . implode(", ", $list) . ")\n\t\t");
     while ($id = $this->registry->db->fetch_array($ids)) {
         if (!$id['inprogress'] and $checkperms) {
             if (!$id['open'] and !can_moderate($id['forumid'], 'canopenclose') and !$this->registry->options['allowclosedattachdel']) {
                 return false;
             } else {
                 if (!can_moderate($id['forumid'], 'caneditposts')) {
                     $forumperms = fetch_permissions($id['forumid']);
                     if (!($forumperms & $this->registry->bf_ugp_forumpermissions['caneditpost']) or $this->registry->userinfo['userid'] != $id['userid']) {
                         return false;
                     } else {
                         if (!$this->registry->options['allowattachdel'] and $this->registry->options['edittimelimit'] and $id['p_dateline'] < TIMENOW - $this->registry->options['edittimelimit'] * 60) {
                             return false;
                         }
                     }
                 }
             }
         }
         if ($id['postid']) {
             $this->lists['postlist']["{$id['postid']}"]++;
             if ($this->log) {
                 if ($this->registry->userinfo['permissions']['genericoptions'] & $this->registry->bf_ugp_genericoptions['showeditedby'] and $id['p_dateline'] < TIMENOW - $this->registry->options['noeditedbytime'] * 60) {
                     if (empty($replaced["{$id['postid']}"])) {
                         /*insert query*/
                         $this->registry->db->query_write("\n\t\t\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "editlog\n\t\t\t\t\t\t\t\t\t\t(postid, userid, username, dateline, hashistory)\n\t\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t\t({$id['postid']},\n\t\t\t\t\t\t\t\t\t" . $this->registry->userinfo['userid'] . ",\n\t\t\t\t\t\t\t\t\t'" . $this->registry->db->escape_string($this->registry->userinfo['username']) . "',\n\t\t\t\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t\t\t\t" . intval($id['hashistory']) . ")\n\t\t\t\t\t\t\t");
                         $replaced["{$id['postid']}"] = true;
                     }
                 }
                 if ($this->registry->userinfo['userid'] != $id['post_userid'] and can_moderate($id['forumid'], 'caneditposts')) {
                     $postinfo = array('postid' => &$id['postid'], 'threadid' => &$id['threadid'], 'forumid' => &$id['forumid'], 'attachmentid' => &$id['attachmentid']);
                     require_once DIR . '/includes/functions_log_error.php';
                     log_moderator_action($postinfo, 'attachment_removed');
                 }
             }
         }
         if ($id['threadid']) {
             $this->lists['threadlist']["{$id['threadid']}"]++;
         }
     }
     return true;
 }
Beispiel #18
0
			$show['emaillink'] = false;
		}

		construct_im_icons($userinfo, true);

		if ($userinfo['homepage'] != '' AND $userinfo['homepage'] != 'http://')
		{
			$show['homepagelink'] = true;
		}
		else
		{
			$show['homepagelink'] = false;
		}
		if ($vbulletin->options['enablepms'] AND $vbulletin->userinfo['permissions']['pmquota'] AND ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']
	 					OR ($userinfo['receivepm'] AND $userinfo['permissions']['pmquota']
	 						AND (!$userinfo['receivepmbuddies'] OR can_moderate() OR strpos(" $userinfo[buddylist] ", ' ' . $vbulletin->userinfo['userid'] . ' ') !== false))
	 				))
	 	{
			$show['pmlink'] = true;
		}
		else
		{
			$show['pmlink'] = false;
		}
		if ($show['birthdaycol'] OR $show['agecol'])
		{
			if (empty($userinfo['birthday']) OR !$userinfo['showbirthday'])
			{
				$userinfo['birthday'] = '&nbsp;';
			}
			else
Beispiel #19
0
function do_subscribe_thread()
{
    global $vbulletin, $db, $foruminfo, $threadinfo;
    if (!$vbulletin->userinfo['userid']) {
        json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
    }
    $vbulletin->input->clean_array_gpc('r', array('emailupdate' => TYPE_UINT, 'folderid' => TYPE_INT));
    $vbulletin->GPC['folderid'] = 0;
    if (!$foruminfo['forumid']) {
        json_error(ERR_INVALID_THREAD);
    }
    $forumperms = fetch_permissions($foruminfo['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
        json_error(ERR_INVALID_THREAD);
    }
    if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
        json_error(ERR_CANNOT_SUB_FORUM_CLOSED);
    }
    // check if there is a forum password and if so, ensure the user has it set
    if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
        json_error(ERR_CANNOT_SUB_PASSWORD);
    }
    if ($threadinfo['threadid']) {
        if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts')) {
            json_error(ERR_INVALID_THREAD);
        }
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or ($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
            json_error(ERR_INVALID_THREAD);
        }
        /*insert query*/
        $db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['folderid'] . ", 1)\n\t\t");
    } else {
        if ($foruminfo['forumid']) {
            /*insert query*/
            $db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribeforum (userid, emailupdate, forumid)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['forumid'] . ")\n\t\t");
        }
    }
    return array('success' => true);
}
Beispiel #20
0
 /**
  * Prepares $show varaiables
  *
  */
 function prepare_show_variables()
 {
     global $show;
     if (!isset($this->prepared['show'])) {
         $show['email'] = ($this->userinfo['showemail'] and $this->registry->options['enableemail'] and $this->registry->options['displayemails'] and $this->registry->userinfo['permissions']['genericpermissions'] & $this->registry->bf_ugp_genericpermissions['canemailmember'] and $this->registry->userinfo['userid']);
         $show['pm'] = ($this->registry->options['enablepms'] and $this->registry->userinfo['permissions']['pmquota'] and $this->registry->userinfo['userid'] and ($this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'] or $this->userinfo['receivepm'] and $this->prepared['userperms']['pmquota'] and (!$this->userinfo['receivepmbuddies'] or can_moderate() or strpos(" {$this->userinfo[buddylist]} ", ' ' . $this->registry->userinfo['userid'] . ' ') !== false)));
         if (!$this->registry->options['showimicons']) {
             $show['textimicons'] = true;
         }
         if ($this->registry->userinfo['userid'] and $this->registry->options['socnet'] & $this->registry->bf_misc_socnet['enable_visitor_messaging'] and $this->userinfo['vm_enable'] and $this->prepared['userperms']['genericpermissions'] & $this->registry->bf_ugp_genericpermissions['canviewmembers'] and (!$this->userinfo['vm_contactonly'] or $this->userinfo['userid'] == $this->registry->userinfo['userid'] or $this->userinfo['bbuser_iscontact_of_user'] or can_moderate(0, 'canmoderatevisitormessages')) and ($this->userinfo['userid'] == $this->registry->userinfo['userid'] and $this->registry->userinfo['permissions']['visitormessagepermissions'] & $this->registry->bf_ugp_visitormessagepermissions['canmessageownprofile'] or $this->userinfo['userid'] != $this->registry->userinfo['userid'] and $this->registry->userinfo['permissions']['visitormessagepermissions'] & $this->registry->bf_ugp_visitormessagepermissions['canmessageothersprofile'])) {
             $show['post_visitor_message'] = true;
         }
         $buddylist = explode(' ', trim($this->registry->userinfo['buddylist']));
         $ignorelist = explode(' ', trim($this->registry->userinfo['ignorelist']));
         $show['addbuddylist'] = ($this->registry->userinfo['userid'] and !in_array($this->userinfo['userid'], $buddylist) and !$this->prepared['myprofile']);
         $show['removebuddylist'] = (in_array($this->userinfo['userid'], $buddylist) and !$this->prepared['isfriend']);
         $show['addignorelist'] = ($this->registry->userinfo['userid'] and !in_array($this->userinfo['userid'], $ignorelist) and !$this->prepared['myprofile']);
         $show['removeignorelist'] = in_array($this->userinfo['userid'], $ignorelist);
         $show['userlists'] = ($this->prepared['canbefriend'] or $this->prepared['isfriend'] or $show['addbuddylist'] or $show['removebuddylist'] or $show['addignorelist'] or $show['removeignorelist']);
         $show['messagelinks'] = ($show['post_visitor_message'] or $show['email'] or $show['pm']);
         $show['contactlinks'] = ($show['messagelinks'] or $show['hasimicons']);
         $cssperms_user = $this->prepared['userperms']['usercsspermissions'];
         $cssperms_bits = $this->registry->bf_ugp_usercsspermissions;
         $show['can_customize_profile'] = ($this->prepared['myprofile'] and $this->registry->options['socnet'] & $this->registry->bf_misc_socnet['enable_profile_styling'] and ($cssperms_user & $cssperms_bits['caneditfontfamily'] or $cssperms_user & $cssperms_bits['caneditfontsize'] or $cssperms_user & $cssperms_bits['caneditcolors'] or $cssperms_user & $cssperms_bits['caneditbgimage'] or $cssperms_user & $vcssperms_bits['caneditborders']));
         $this->prepared['show'] = true;
     }
 }
Beispiel #21
0
	function construct_banned_user_row($user)
	{
		global $vbulletin, $vbphrase;

		if ($user['liftdate'] == 0)
		{
			$user['banperiod'] = $vbphrase['permanent'];
			$user['banlift'] = $vbphrase['never'];
			$user['banremaining'] = $vbphrase['forever'];
		}
		else
		{
			$user['banlift'] = vbdate($vbulletin->options['dateformat'] . ', ~' . $vbulletin->options['timeformat'], $user['liftdate']);
			$user['banperiod'] = ceil(($user['liftdate'] - $user['bandate']) / 86400);
			if ($user['banperiod'] == 1)
			{
				$user['banperiod'] .= " $vbphrase[day]";
			}
			else
			{
				$user['banperiod'] .= " $vbphrase[days]";
			}

			$remain = $user['liftdate'] - TIMENOW;
			$remain_days = floor($remain / 86400);
			$remain_hours = ceil(($remain - ($remain_days * 86400)) / 3600);
			if ($remain_hours == 24)
			{
				$remain_days += 1;
				$remain_hours = 0;
			}

			if ($remain_days < 0)
			{
				$user['banremaining'] = "<i>$vbphrase[will_be_lifted_soon]</i>";
			}
			else
			{
				if ($remain_days == 1)
				{
					$day_word = $vbphrase['day'];
				}
				else
				{
					$day_word = $vbphrase['days'];
				}
				if ($remain_hours == 1)
				{
					$hour_word = $vbphrase['hour'];
				}
				else
				{
					$hour_word = $vbphrase['hours'];
				}
				$user['banremaining'] = "$remain_days $day_word, $remain_hours $hour_word";
			}
		}
		$cell = array("<a href=\"" . iif(($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']), '../' . $vbulletin->config['Misc']['admincpdir'] . '/') . 'user.php?' . $vbulletin->session->vars['sessionurl'] . "do=edit&amp;u=$user[userid]\"><b>$user[username]</b></a>");
		if ($user['bandate'])
		{
			$cell[] = iif($user['adminid'], "<a href=\"" . iif(($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']), '../' . $vbulletin->config['Misc']['admincpdir'] . '/') . 'user.php?' . $vbulletin->session->vars['sessionurl'] . "do=edit&amp;u=$user[adminid]\">$user[adminname]</a>", $vbphrase['n_a']);
			$cell[] = vbdate($vbulletin->options['dateformat'], $user['bandate']);
		}
		else
		{
			$cell[] = $vbphrase['n_a'];
			$cell[] = $vbphrase['n_a'];
		}
		$cell[] = $user['banperiod'];
		$cell[] = $user['banlift'];
		$cell[] = $user['banremaining'];
		if (($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) OR can_moderate(0, 'canunbanusers'))
		{
			$cell[] = construct_link_code($vbphrase['lift_ban'], 'banning.php?' . $vbulletin->session->vars['sessionurl'] . "do=liftban&amp;u=$user[userid]");
		}

		$cell[] = construct_link_code(!empty($user['reason']) ? $user['reason'] : $vbphrase['n_a'], 'banning.php?' . $vbulletin->session->vars['sessionurl'] . "do=editreason&amp;userid=" . $user['userid']);

		return $cell;
	}
Beispiel #22
0
         $infractioninfo['expired_date'] = vbdate($vbulletin->options['dateformat'], $infractioninfo['actiondateline']);
     } else {
         if ($infractioninfo['action'] == 2) {
             $show['reversed'] = true;
             $infractioninfo['reversed_time'] = vbdate($vbulletin->options['timeformat'], $infractioninfo['actiondateline']);
             $infractioninfo['reversed_date'] = vbdate($vbulletin->options['dateformat'], $infractioninfo['actiondateline']);
         }
     }
 }
 if ($infractioninfo['note'] and $userinfo['userid'] != $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canreverseinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'])) {
     $show['note'] = true;
 }
 $show['postinfo'] = ($infractioninfo['postid'] and $threadinfo);
 if ($infractioninfo['threadid'] and $disthreadinfo = fetch_threadinfo($infractioninfo['threadid'])) {
     $show['disthread'] = true;
     if ((!$disthreadinfo['visible'] or $disthreadinfo['isdeleted']) and !can_moderate($disthreadinfo['forumid'])) {
         $show['disthread'] = false;
     }
     $forumperms = fetch_permissions($disthreadinfo['forumid']);
     if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
         $show['disthread'] = false;
     }
     if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($disthreadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
         $show['disthread'] = false;
     }
     // check if there is a forum password and if so, ensure the user has it set
     if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
         $show['disthread'] = false;
     }
 } else {
     $show['disthread'] = false;
Beispiel #23
0
    }
    foreach ($grouplist as $groupid => $foo) {
        build_group_counters($groupid);
    }
    foreach ($messagearray as $message) {
        if (!$message['is_group_owner']) {
            log_moderator_action($message, $physicaldel ? 'gm_by_x_for_y_removed' : 'gm_by_x_for_y_soft_deleted', array($message['postusername'], $message['group_name']));
        }
    }
    // empty cookie
    setcookie('vbulletin_inlinegmessage', '', TIMENOW - 3600, '/');
    ($hook = vBulletinHook::fetch_hook('group_inlinemod_dodelete')) ? eval($hook) : false;
    eval(print_standard_redirect('redirect_inline_deletedmessages', true, $forceredirect));
}
if ($_POST['do'] == 'inlineundelete') {
    if (!can_moderate(0, 'candeletegroupmessages')) {
        standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_messages'));
    }
    // Validate Messages
    $messages = $db->query_read_slave("\n\t\tSELECT gm.gmid, gm.state, gm.groupid, gm.dateline, gm.postuserid, gm.postusername,\n\t\t\tsocialgroup.name AS group_name, socialgroup.creatoruserid\n\t\tFROM " . TABLE_PREFIX . "groupmessage AS gm\n\t\tLEFT JOIN " . TABLE_PREFIX . "socialgroup AS socialgroup ON (socialgroup.groupid = gm.groupid)\n\t\tWHERE gmid IN ({$messageids})\n\t\t\tAND state = 'deleted'\n\t");
    while ($message = $db->fetch_array($messages)) {
        $message['is_group_owner'] = $message['creatoruserid'] == $vbulletin->userinfo['userid'];
        $messagearray["{$message['gmid']}"] = $message;
        $grouplist["{$message['groupid']}"] = true;
    }
    if (empty($messagearray)) {
        standard_error(fetch_error('you_did_not_select_any_valid_messages'));
    }
    $db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "deletionlog\n\t\tWHERE type = 'groupmessage' AND\n\t\t\tprimaryid IN(" . implode(',', array_keys($messagearray)) . ")\n\t");
    $db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "groupmessage\n\t\tSET state = 'visible'\n\t\tWHERE gmid IN(" . implode(',', array_keys($messagearray)) . ")\n\t");
    foreach ($grouplist as $groupid => $foo) {
Beispiel #24
0
    }
    if ($sortfield != 'dateline') {
        $pagenavbits[] = "sortfield={$sortfield}";
    }
    if ($vbulletin->GPC['sortorder'] == 'asc') {
        $pagenavbits[] = 'order=' . $vbulletin->GPC['sortorder'];
    }
    if ($type == 'deleted') {
        $pagenavbits[] = 'type=deleted';
    }
    $pagenavurl = 'moderation.php?' . $vbulletin->session->vars['sessionurl'] . implode('&amp;', $pagenavbits);
    $pagenav = construct_page_nav($pagenumber, $perpage, $picturetotal, $pagenavurl);
    $show['havepictures'] = $picturetotal ? true : false;
    $first = $picturetotal ? ($pagenumber - 1) * $perpage + 1 : 0;
    $last = ($last = $perpage * $pagenumber) > $picturetotal ? $picturetotal : $last;
    $show['delete'] = can_moderate(0, 'candeletealbumpicture');
    $hook_query_fields = $hook_query_joins = $hook_query_where = '';
    unset($sqlsortfield, $sqlsortorder);
    $navbits[''] = $vbphrase['moderation'];
    $navbits = construct_navbits($navbits);
    construct_usercp_nav('moderatedpics');
    ($hook = vBulletinHook::fetch_hook('moderation_picture_complete')) ? eval($hook) : false;
    eval('$headinclude .= "' . fetch_template('picturecomment_css') . '";');
    eval('$moderation_filter = "' . fetch_template('moderation_filter') . '";');
    eval('$navbar = "' . fetch_template('navbar') . '";');
    eval('$HTML = "' . fetch_template('moderation_pictures') . '";');
    eval('print_output("' . fetch_template('USERCP_SHELL') . '");');
}
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 09:39, Wed Nov 5th 2008
Beispiel #25
0
 function can_override()
 {
     if (in_array(THIS_SCRIPT, array('editpost', 'newthread')) or THIS_SCRIPT == 'newreply' and !$this->vars['postid'] or $this->registry->userinfo['userid'] and $this->registry->userinfo['userid'] == $this->vars['userid'] or can_moderate($this->vars['forumid'], 'caneditposts')) {
         return true;
     }
     return false;
 }
Beispiel #26
0
/**
* Fetches proper ajax query depending on post from a single user's messages or from a wall to wall page
*
* @param	array		Userinfo of user that this is being posted to
* @param	string	Source Page
* @param	int			The comment that was made during this ajax call
* @param	array		Userinfo of the other user of the wall to wall view
*
* @return	string
*/
function fetch_vm_ajax_query($userinfo, $vmid, $type = 'wall', $userinfo2 = null)
{
    global $vbulletin;
    $hook_query_fields = $hook_query_joins = $hook_query_where = '';
    $hook_query_fields2 = $hook_query_joins2 = $hook_query_where2 = '';
    ($hook = vBulletinHook::fetch_hook('visitor_message_post_ajax')) ? eval($hook) : false;
    if ($type != 'wall') {
        $state = array('visible');
        if (can_moderate(0, 'canmoderatevisitormessages') or $vbulletin->userinfo['userid'] == $userinfo['userid']) {
            $state[] = 'moderation';
        }
        if (can_moderate(0, 'canmoderatevisitormessages') or $vbulletin->userinfo['userid'] == $userinfo['userid'] and $vbulletin->userinfo['permissions']['visitormessagepermissions'] & $vbulletin->bf_ugp_visitormessagepermissions['canmanageownprofile']) {
            $state[] = 'deleted';
            $deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
        } else {
            $deljoinsql = '';
        }
        $state_or = array("visitormessage.state IN ('" . implode("','", $state) . "')");
        // Get the viewing user's moderated posts
        if ($vbulletin->userinfo['userid'] and !can_moderate(0, 'canmoderatevisitormessages') and $vbulletin->userinfo['userid'] != $userinfo['userid']) {
            $state_or[] = "(visitormessage.postuserid = " . $vbulletin->userinfo['userid'] . " AND state = 'moderation')";
        }
        $sql = "\n\t\t\tSELECT\n\t\t\t\tvisitormessage.*, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t\t" . ($vbulletin->userinfo['userid'] ? ",IF(userlist.userid IS NOT NULL, 1, 0) AS bbuser_iscontact_of_user" : "") . "\n\t\t\t\t" . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, customavatar.filedata_thumb" : "") . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.userid = user.userid AND userlist.type = 'buddy' AND userlist.relationid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t{$deljoinsql}\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE visitormessage.userid = {$userinfo['userid']}\n\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\tAND " . (($lastviewed = $vbulletin->GPC['lastcomment']) ? "(visitormessage.dateline > {$lastviewed} OR visitormessage.vmid = {$vmid})" : "visitormessage.vmid = {$vmid}") . "\n\t\t\t\t{$hook_query_where}\n\t\t\tORDER BY visitormessage.dateline ASC\n\t\t";
    } else {
        $sql1 = $sql2 = array();
        $state1 = array('visible');
        if ($viewself or fetch_visitor_message_perm('canmoderatevisitormessages', $userinfo)) {
            $state1[] = 'moderation';
        }
        if (can_moderate(0, 'canmoderatevisitormessages')) {
            $state1[] = 'deleted';
            $delsql1 = ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason";
            $deljoinsql1 = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
        } else {
            if ($deljoinsql2) {
                $delsql1 = ",0 AS del_userid, '' AS del_username, '' AS del_reason";
            }
        }
        $sql1[] = "visitormessage.userid = {$userinfo['userid']}";
        $sql1[] = "visitormessage.postuserid = {$userinfo2['userid']}";
        $sql1[] = "visitormessage.state IN ('" . implode("','", $state1) . "')";
        $sql1[] = "(visitormessage.dateline > " . $vbulletin->GPC['lastcomment'] . " OR visitormessage.vmid = {$vmid})";
        $state2 = array('visible');
        if (fetch_visitor_message_perm('canmoderatevisitormessages', $userinfo2)) {
            $state2[] = 'moderation';
        }
        if (can_moderate(0, 'canmoderatevisitormessages') or $viewself and $vbulletin->userinfo['permissions']['visitormessagepermissions'] & $vbulletin->bf_ugp_visitormessagepermissions['canmanageownprofile']) {
            $state2[] = 'deleted';
            $deljoinsql2 = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
        } else {
            $deljoinsql2 = '';
        }
        $sql2[] = "visitormessage.userid = {$userinfo2['userid']}";
        $sql2[] = "visitormessage.postuserid = {$userinfo['userid']}";
        $sql2[] = "visitormessage.state IN ('" . implode("','", $state2) . "')";
        $sql2[] = "visitormessage.dateline > " . $vbulletin->GPC['lastcomment'];
        $sql = "\n\t\t\t(\n\t\t\t\tSELECT\n\t\t\t\t\tvisitormessage.*, visitormessage.dateline AS pmdateline, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t\t\t{$delsql1}\n\t\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t\t\t{$hook_query_fields}\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t\t{$deljoinsql1}\n\t\t\t\t{$hook_query_joins}\n\t\t\t\tWHERE " . implode(" AND ", $sql1) . "\n\t\t\t\t{$hook_query_where}\n\t\t\t)\n\t\t\tUNION\n\t\t\t(\n\t\t\t\tSELECT\n\t\t\t\t\tvisitormessage.*, visitormessage.dateline AS pmdateline, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t\t\t" . ($deljoinsql2 ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t\t\t{$hook_query_fields2}\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t\t{$deljoinsql2}\n\t\t\t\t{$hook_query_joins2}\n\t\t\t\tWHERE " . implode(" AND ", $sql2) . "\n\t\t\t\t{$hook_query_where2}\n\t\t\t)\n\t\t\tORDER BY pmdateline ASC\n\t\t\t";
    }
    return $sql;
}
Beispiel #27
0
 function insert_moderator_log()
 {
     if ($this->modlog) {
         require_once DIR . '/includes/functions_log_error.php';
         $threadid = intval(($tid = $this->fetch_field('threadid')) ? $tid : $this->info['thread']['threadid']);
         $forumid = intval(($fid = $this->fetch_field('forumid')) ? $fid : $this->info['forum']['forumid']);
         if (can_moderate($forumid)) {
             foreach ($this->modlog as $entry) {
                 $entry['forumid'] = $forumid;
                 $entry['threadid'] = $threadid;
                 log_moderator_action($entry, $entry['type'], $entry['action']);
             }
         }
         $this->modlog = array();
     }
 }
Beispiel #28
0
function goto_nextthread($threadid, $throwerror = true)
{
    global $vbulletin;
    $thread = verify_id('thread', $threadid, $throwerror, 1);
    $forumperms = fetch_permissions($thread['forumid']);
    // remove threads from users on the global ignore list if user is not a moderator
    if ($coventry = fetch_coventry('string') and !can_moderate($thread['forumid'])) {
        $globalignore = "AND postuserid NOT IN ({$coventry})";
    } else {
        $globalignore = '';
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
        $limitothers = "AND postuserid = " . $vbulletin->userinfo['userid'] . " AND " . $vbulletin->userinfo['userid'] . " <> 0";
    } else {
        $limitothers = '';
    }
    if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
        $lastpost_info = ",IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost";
        $tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')';
        $lastpost_having = "HAVING lastpost > {$thread['lastpost']}";
    } else {
        $lastpost_info = "";
        $tachyjoin = "";
        $lastpost_having = "AND lastpost > {$thread['lastpost']}";
    }
    if ($getnextnewest = $vbulletin->db->query_first_slave("\n\t\tSELECT thread.threadid, thread.title\n\t\t\t{$lastpost_info}\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t{$tachyjoin}\n\t\tWHERE forumid = {$thread['forumid']}\n\t\t\tAND visible = 1\n\t\t\tAND open <> 10\n\t\t\t{$globalignore}\n\t\t\t{$limitothers}\n\t\t{$lastpost_having}\n\t\tORDER BY lastpost\n\t\tLIMIT 1\n\t")) {
        $threadid = $getnextnewest['threadid'];
        unset($thread);
    } else {
        if ($throwerror) {
            eval(standard_error(fetch_error('nonextnewest')));
        }
    }
    return $getnextnewest;
}
Beispiel #29
0
        if (can_moderate($forumid, 'canmassprune')) {
            exec_header_redirect($vbulletin->config['Misc']['modcpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('thread.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=prune'));
        } else {
            print_no_permission();
        }
    }
}
// #############################################################################
if ($_REQUEST['do'] == 'modposts') {
    if (can_moderate(0, 'canmoderateposts')) {
        exec_header_redirect($vbulletin->config['Misc']['modcpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('moderate.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=posts'));
    } else {
        print_no_permission();
    }
}
// #############################################################################
if ($_REQUEST['do'] == 'modattach') {
    if (can_moderate(0, 'canmoderateattachments')) {
        exec_header_redirect($vbulletin->config['Misc']['modcpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('moderate.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=attachments'));
    } else {
        print_no_permission();
    }
}
print_no_permission();
//setup redirects for other options in moderators cp
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 22:41, Fri Oct 10th 2008
|| # CVS: $RCSfile$ - $Revision: 26399 $
|| ####################################################################
\*======================================================================*/
Beispiel #30
0
 /**
  * Code to run before saving
  *
  * @param	boolean Do the query?
  *
  * @return	boolean	Whether this code executed correctly
  *
  */
 function pre_save($doquery = true)
 {
     if ($this->presave_called !== null) {
         return $this->presave_called;
     }
     if (!$this->fetch_field('idhash')) {
         $this->set('idhash', md5(TIMENOW . SESSION_IDHASH . SESSION_HOST . rand(1, 1000000)));
     }
     if (!$this->fetch_field('thumbnail_dateline')) {
         $this->set('thumbnail_dateline', TIMENOW);
     }
     // Set picture moderated if need be
     if (!$this->condition and !$this->fetch_field('state')) {
         $should_moderate = ($this->registry->options['albums_pictures_moderation'] or !($this->registry->userinfo['permissions']['albumpermissions'] & $this->registry->bf_ugp_albumpermissions['picturefollowforummoderation']));
         if ($should_moderate and !can_moderate(0, 'canmoderatepictures')) {
             $this->set('state', 'moderation');
         } else {
             $this->set('state', 'visible');
         }
     }
     $return_value = true;
     ($hook = vBulletinHook::fetch_hook('picturedata_presave')) ? eval($hook) : false;
     $this->presave_called = $return_value;
     return $return_value;
 }