Beispiel #1
0
 private function getforumId()
 {
     global $vbulletin, $db;
     $arrayResponse = array();
     $vbulletin->input->clean_array_gpc('r', array('threadid' => TYPE_STR));
     $vbulletin->GPC['threadid'] = convert_urlencoded_unicode($vbulletin->GPC['threadid']);
     $threadid = $vbulletin->GPC['threadid'];
     $forumid = $db->query_first("\n\t\t\t\tSELECT thread.forumid\n\t\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t\t\n\t\t\t\tWHERE thread.threadid = {$threadid}\n\t\t\t");
     return $forumid['forumid'];
 }
Beispiel #2
0
 private function getBreadCrumbsBits()
 {
     global $vbulletin, $db;
     $arrayResponse = array();
     $vbulletin->input->clean_array_gpc('p', array('type' => TYPE_STR, 'conceptid' => TYPE_STR));
     $vbulletin->GPC['type'] = convert_urlencoded_unicode($vbulletin->GPC['type']);
     $vbulletin->GPC['conceptid'] = convert_urlencoded_unicode($vbulletin->GPC['conceptid']);
     //error_log("facebookidList = " . $vbulletin->GPC['facebookidList'] . "\n", 3, "/var/www/html/facebook/error/error1.txt");
     $conceptId = $vbulletin->GPC['conceptid'];
     $type = $vbulletin->GPC['type'];
     if ($type == 't') {
         $threadInfo = $db->query_first("SELECT thread.forumid AS forumid FROM " . TABLE_PREFIX . "thread WHERE threadid={$conceptId}");
         $conceptId = $threadInfo['forumid'];
         $parents = $db->query_first("SELECT forum.parentlist AS parentlist FROM " . TABLE_PREFIX . "forum WHERE forumid={$conceptId}");
         //$parent = $db->fetch_array($parents)
         // error_log("parents = " . print_r($parents,true), 3, "/var/www/html/facebook/error/error2.txt");
         $parentsArray = explode(",", $parents['parentlist']);
         $parentsArray = array_reverse($parentsArray);
         $parents = implode(",", $parentsArray);
     }
     if ($type == 'f') {
         $parents = $db->query_first("SELECT forum.parentlist AS parentlist FROM " . TABLE_PREFIX . "forum WHERE forumid={$conceptId}");
         //$parent = $db->fetch_array($parents)
         // error_log("parents = " . print_r($parents,true), 3, "/var/www/html/facebook/error/error2.txt");
         $parentsArray = explode(",", $parents['parentlist']);
         array_shift($parentsArray);
         $parentsArray = array_reverse($parentsArray);
         $parents = implode(",", $parentsArray);
     }
     $forumInfo = $db->query_read_slave("SELECT forum.forumid AS forumid, forum.title AS title, forum.threadcount AS threadcount FROM forum WHERE forumid IN (" . $parents . ")");
     $breadCrumbsBits = array();
     while ($parentForumInfo = $db->fetch_array($forumInfo)) {
         $separator = ",";
         $breadCrumbsBits[$parentForumInfo['forumid']] = array('forumid' => $parentForumInfo['forumid'], 'title' => $parentForumInfo['title'], 'threadcount' => $parentForumInfo['threadcount']);
     }
     //error_log("parents = " . $parentsArray, 3, "/var/www/html/facebook/error/error2.txt");
     $arrayResponse = array();
     //$parentsArray = explode(",", $parentsArray);
     foreach ($parentsArray as $parent) {
         if (in_array($breadCrumbsBits[$parent], $breadCrumbsBits)) {
             $arrayResponse[] = $breadCrumbsBits[$parent];
         }
     }
     // $breadCrumbsBits = array_reverse($breadCrumbsBits);
     return $arrayResponse;
 }
Beispiel #3
0
 public function output()
 {
     global $vbulletin, $db;
     $vbulletin->input->clean_array_gpc('p', array('fragment' => TYPE_STR));
     $vbulletin->GPC['fragment'] = convert_urlencoded_unicode($vbulletin->GPC['fragment']);
     if ($vbulletin->GPC['fragment'] != '' and strlen($vbulletin->GPC['fragment']) >= 3) {
         $fragment = htmlspecialchars_uni($vbulletin->GPC['fragment']);
     } else {
         $fragment = '';
     }
     if ($fragment != '') {
         $users = $db->query_read_slave("\n\t\t\t\tSELECT user.userid, user.username FROM " . TABLE_PREFIX . "user\n\t\t\t\tAS user WHERE username LIKE('" . $db->escape_string_like($fragment) . "%')\n\t\t\t\tORDER BY username\n\t\t\t\tLIMIT 15\n\t\t\t");
         while ($user = $db->fetch_array($users)) {
             $data[$user['userid']] = $user['username'];
         }
     }
     return $data;
 }
Beispiel #4
0
 public function output()
 {
     global $vbulletin, $db;
     $vbulletin->input->clean_array_gpc('r', array('userids' => TYPE_STR, 'contenttypeids' => TYPE_STR));
     $vbulletin->GPC['userids'] = convert_urlencoded_unicode($vbulletin->GPC['userids']);
     $userids = $vbulletin->GPC['userids'];
     $vbulletin->GPC['contenttypeids'] = convert_urlencoded_unicode($vbulletin->GPC['contenttypeids']);
     $contenttypeids = $vbulletin->GPC['contenttypeids'];
     require_once DIR . "/vb/search/core.php";
     require_once DIR . "/vb/legacy/currentuser.php";
     require_once DIR . "/vb/search/resultsview.php";
     require_once DIR . "/vb/search/searchtools.php";
     $search_core = vB_Search_Core::get_instance();
     $current_user = new vB_Legacy_CurrentUser();
     if (!$vbulletin->options['enablesearches']) {
         return $this->error('searchdisabled');
     }
     $criteria = $search_core->create_criteria(vB_Search_Core::SEARCH_ADVANCED);
     $userids_a = explode(',', $userids);
     $contenttypeids_a = explode(',', $contenttypeids);
     if (empty($userids_a)) {
         return $this->error('invalidid');
     }
     $criteria->add_userid_filter($userids_a, vB_Search_Core::GROUP_NO);
     if (!empty($contenttypeids_a)) {
         $criteria->add_contenttype_filter($contenttypeids_a);
     }
     $results = null;
     if (!($vbulletin->debug or $vbulletin->GPC_exists['nocache'] and $vbulletin->GPC['nocache'])) {
         $results = vB_Search_Results::create_from_cache($current_user, $criteria);
     }
     if (!$results) {
         $results = vB_Search_Results::create_from_criteria($current_user, $criteria);
     }
     return array("response" => array("errormessage" => "search"), "show" => array("searchid" => $results->get_searchid()));
 }
Beispiel #5
0
 /**
  * Stuff to setup specific to Ajax upgrading - executes after upgrade has been established
  *
  */
 protected function init()
 {
     parent::init();
     $this->registry->input->clean_array_gpc('p', array('ajax' => TYPE_BOOL, 'jsfail' => TYPE_BOOL));
     if ($this->registry->GPC['jsfail']) {
         $this->startup_errors[] = $this->phrase['core']['javascript_disabled'];
     }
     $this->htmloptions['finalversion'] = end($this->versions);
     $this->htmloptions['setuptype'] = sprintf($this->phrase['core']['vb_' . $this->setuptype . '_system'], $this->htmloptions['finalversion']);
     $this->htmloptions['setuptypetitle'] = sprintf($this->phrase['core']['vb_' . $this->setuptype . '_system_title'], $this->htmloptions['finalversion']);
     $this->htmloptions['enter_system'] = $this->phrase['authenticate']['enter_' . $this->setuptype . '_system'];
     if ($this->registry->GPC['ajax']) {
         $this->registry->input->clean_array_gpc('p', array('step' => TYPE_UINT, 'startat' => TYPE_UINT, 'version' => TYPE_NOHTML, 'response' => TYPE_NOHTML, 'checktable' => TYPE_BOOL, 'status' => TYPE_BOOL, 'firstrun' => TYPE_BOOL, 'only' => TYPE_BOOL, 'htmlsubmit' => TYPE_BOOL, 'htmldata' => TYPE_ARRAY, 'options' => TYPE_ARRAY));
         $this->registry->GPC['response'] = convert_urlencoded_unicode($this->registry->GPC['response']);
         $this->registry->GPC['htmldata'] = convert_urlencoded_unicode($this->registry->GPC['htmldata']);
         if ($this->registry->GPC['status']) {
             $this->fetch_query_status();
         }
         $this->scriptinfo = array('version' => $this->fetch_short_version($this->registry->GPC['version']), 'startat' => $this->registry->GPC['startat'], 'step' => $this->registry->GPC['step'], 'only' => $this->registry->GPC['only']);
         $script = $this->load_script($this->scriptinfo['version']);
         $this->process_step($this->registry->GPC['version'], $this->registry->GPC['step'], $this->registry->GPC['startat'], $this->registry->GPC['checktable'], $this->registry->GPC_exists['response'] ? $this->registry->GPC['response'] : null, $this->registry->GPC['firstrun'], $this->registry->GPC['only'], $this->registry->GPC['htmlsubmit'], $this->registry->GPC['htmldata'], $this->registry->GPC['options']);
     } else {
         $this->registry->input->clean_array_gpc('r', array('version' => TYPE_NOHTML, 'startat' => TYPE_UINT, 'step' => TYPE_UINT, 'only' => TYPE_BOOL));
         $proceed = true;
         if ($proceed) {
             if ($this->registry->GPC['version'] and $this->versions[$this->registry->GPC['version']]) {
                 $this->scriptinfo = array('version' => $this->registry->GPC['version'], 'startat' => $this->registry->GPC['startat'], 'step' => $this->registry->GPC['step']);
             }
             $this->begin_upgrade($this->scriptinfo['version'], $this->registry->GPC['only']);
         }
         $this->print_html();
         // Begin processing
         if ($this->htmloptions['processlog']) {
         }
     }
 }
Beispiel #6
0
        }
        $xml->close_group();
    }
    $xml->close_group();
    $doc = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n\r\n";
    $doc .= $xml->output();
    $xml = null;
    require_once DIR . '/includes/functions_file.php';
    file_download($doc, 'vbulletin-settings.xml', 'text/xml');
}
// #############################################################################
// ajax setting value validation
if ($_POST['do'] == 'validate') {
    $vbulletin->input->clean_array_gpc('p', array('varname' => TYPE_STR, 'setting' => TYPE_ARRAY));
    $varname = convert_urlencoded_unicode($vbulletin->GPC['varname']);
    $value = convert_urlencoded_unicode($vbulletin->GPC['setting']["{$varname}"]);
    require_once DIR . '/includes/class_xml.php';
    $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
    $xml->add_group('setting');
    $xml->add_tag('varname', $varname);
    if ($setting = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "setting WHERE varname = '" . $db->escape_string($varname) . "'")) {
        $raw_value = $value;
        $value = validate_setting_value($value, $setting['datatype']);
        $valid = exec_setting_validation_code($setting['varname'], $value, $setting['validationcode'], $raw_value);
    } else {
        $valid = 1;
    }
    $xml->add_tag('valid', $valid);
    $xml->close_group();
    $xml->print_xml();
}
Beispiel #7
0
function do_post_edit()
{
    global $vbulletin, $db, $foruminfo, $forumperms, $threadinfo;
    global $postinfo, $vbphrase, $stylevar, $permissions;
    $checked = array();
    $edit = array();
    $postattach = array();
    $contenttype = 'vBForum_Post';
    if (!$postinfo['postid'] or $postinfo['isdeleted'] or !$postinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
        json_error(ERR_INVALID_TOP, RV_POST_ERROR);
    }
    if (!$threadinfo['threadid'] or $threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
        json_error(ERR_INVALID_TOP, RV_POST_ERROR);
    }
    if ($vbulletin->options['wordwrap']) {
        $threadinfo['title'] = fetch_word_wrapped_string($threadinfo['title']);
    }
    // get permissions info
    $_permsgetter_ = 'edit post';
    $forumperms = fetch_permissions($threadinfo['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
        json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
    }
    $foruminfo = fetch_foruminfo($threadinfo['forumid'], false);
    // check if there is a forum password and if so, ensure the user has it set
    verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
    // need to get last post-type information
    cache_ordered_forums(1);
    // determine if we are allowed to be updating the thread's info
    $can_update_thread = ($threadinfo['firstpostid'] == $postinfo['postid'] and (can_moderate($threadinfo['forumid'], 'caneditthreads') or $postinfo['dateline'] + $vbulletin->options['editthreadtitlelimit'] * 60 > TIMENOW));
    // otherwise, post is being edited
    if (!can_moderate($threadinfo['forumid'], 'caneditposts')) {
        // check for moderator
        if (!$threadinfo['open']) {
            $vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}";
            json_error(fetch_error('threadclosed'), RV_POST_ERROR);
        }
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['caneditpost'])) {
            json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
        } else {
            if ($vbulletin->userinfo['userid'] != $postinfo['userid']) {
                // check user owns this post
                json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
            } else {
                // check for time limits
                if ($postinfo['dateline'] < TIMENOW - $vbulletin->options['edittimelimit'] * 60 and $vbulletin->options['edittimelimit'] != 0) {
                    json_error(fetch_error('edittimelimit', $vbulletin->options['edittimelimit'], $vbulletin->options['contactuslink']), RV_POST_ERROR);
                }
            }
        }
    }
    // Variables reused in templates
    $poststarttime =& $vbulletin->input->clean_gpc('r', poststarttime, TYPE_UINT);
    $posthash = md5($vbulletin->GPC['poststarttime'] . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']);
    $vbulletin->input->clean_array_gpc('p', array('stickunstick' => TYPE_BOOL, 'openclose' => TYPE_BOOL, 'wysiwyg' => TYPE_BOOL, 'message' => TYPE_STR, 'title' => TYPE_STR, 'prefixid' => TYPE_NOHTML, 'iconid' => TYPE_UINT, 'parseurl' => TYPE_BOOL, 'signature' => TYPE_BOOL, 'disablesmilies' => TYPE_BOOL, 'reason' => TYPE_NOHTML, 'preview' => TYPE_STR, 'folderid' => TYPE_UINT, 'emailupdate' => TYPE_UINT, 'ajax' => TYPE_BOOL, 'advanced' => TYPE_BOOL, 'postcount' => TYPE_UINT, 'podcasturl' => TYPE_STR, 'podcastsize' => TYPE_UINT, 'podcastexplicit' => TYPE_BOOL, 'podcastkeywords' => TYPE_STR, 'podcastsubtitle' => TYPE_STR, 'podcastauthor' => TYPE_STR, 'quickeditnoajax' => TYPE_BOOL));
    if ($vbulletin->GPC['message']) {
        $vbulletin->GPC['message'] = prepare_remote_utf8_string($vbulletin->GPC['message']);
    }
    $vbulletin->GPC['signature'] = $vbulletin->GPC_exists['signature'] = true;
    // Make sure the posthash is valid
    ($hook = vBulletinHook::fetch_hook('editpost_update_start')) ? eval($hook) : false;
    if (md5($poststarttime . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $posthash) {
        $posthash = 'invalid posthash';
        // don't phrase me
    }
    // ### PREP INPUT ###
    if ($vbulletin->GPC['wysiwyg']) {
        require_once DIR . '/includes/functions_wysiwyg.php';
        $edit['message'] = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $foruminfo['allowhtml']);
    } else {
        $edit['message'] =& $vbulletin->GPC['message'];
    }
    $cansubscribe = true;
    // Are we editing someone else's post? If so load that users subscription info for this thread.
    if ($vbulletin->userinfo['userid'] != $postinfo['userid']) {
        if ($postinfo['userid']) {
            $userinfo = fetch_userinfo($postinfo['userid']);
            cache_permissions($userinfo);
        }
        $cansubscribe = ($userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview'] and $userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and ($threadinfo['postuserid'] == $userinfo['userid'] or $userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']));
        if ($cansubscribe and $otherthreadinfo = $db->query_first_slave("\n\t\t\tSELECT emailupdate, folderid\n\t\t\tFROM " . TABLE_PREFIX . "subscribethread\n\t\t\tWHERE threadid = {$threadinfo['threadid']} AND\n\t\t\t\tuserid = {$postinfo['userid']} AND\n\t\t\t\tcanview = 1")) {
            $threadinfo['issubscribed'] = true;
            $threadinfo['emailupdate'] = $otherthreadinfo['emailupdate'];
            $threadinfo['folderid'] = $otherthreadinfo['folderid'];
        } else {
            $threadinfo['issubscribed'] = false;
            // use whatever emailupdate setting came through
        }
    }
    if ($vbulletin->GPC['ajax'] or $vbulletin->GPC['quickeditnoajax']) {
        // quick edit
        $tmpmessage = $vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($edit['message']) : $edit['message'];
        $edit = $postinfo;
        $edit['message'] =& $tmpmessage;
        $edit['title'] = unhtmlspecialchars($edit['title']);
        $edit['signature'] =& $edit['showsignature'];
        $edit['enablesmilies'] =& $edit['allowsmilie'];
        $edit['disablesmilies'] = $edit['enablesmilies'] ? 0 : 1;
        $edit['parseurl'] = true;
        $edit['prefixid'] = $threadinfo['prefixid'];
        $edit['reason'] = fetch_censored_text($vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($vbulletin->GPC['reason']) : $vbulletin->GPC['reason']);
    } else {
        $edit['iconid'] =& $vbulletin->GPC['iconid'];
        $edit['title'] =& $vbulletin->GPC['title'];
        $edit['prefixid'] = ($vbulletin->GPC_exists['prefixid'] and can_use_prefix($vbulletin->GPC['prefixid'])) ? $vbulletin->GPC['prefixid'] : $threadinfo['prefixid'];
        $edit['podcasturl'] =& $vbulletin->GPC['podcasturl'];
        $edit['podcastsize'] =& $vbulletin->GPC['podcastsize'];
        $edit['podcastexplicit'] =& $vbulletin->GPC['podcastexplicit'];
        $edit['podcastkeywords'] =& $vbulletin->GPC['podcastkeywords'];
        $edit['podcastsubtitle'] =& $vbulletin->GPC['podcastsubtitle'];
        $edit['podcastauthor'] =& $vbulletin->GPC['podcastauthor'];
        // Leave this off for quickedit->advanced so that a post with unparsed links doesn't get parsed just by going to Advanced Edit
        $edit['parseurl'] = true;
        $edit['signature'] =& $vbulletin->GPC['signature'];
        $edit['disablesmilies'] =& $vbulletin->GPC['disablesmilies'];
        $edit['enablesmilies'] = $edit['allowsmilie'] = $edit['disablesmilies'] ? 0 : 1;
        $edit['stickunstick'] =& $vbulletin->GPC['stickunstick'];
        $edit['openclose'] =& $vbulletin->GPC['openclose'];
        $edit['reason'] = fetch_censored_text($vbulletin->GPC['reason']);
        $edit['preview'] =& $vbulletin->GPC['preview'];
        $edit['folderid'] =& $vbulletin->GPC['folderid'];
        if (!$vbulletin->GPC['advanced']) {
            if ($vbulletin->GPC_exists['emailupdate']) {
                $edit['emailupdate'] =& $vbulletin->GPC['emailupdate'];
            } else {
                $edit['emailupdate'] = array_pop($array = array_keys(fetch_emailchecked($threadinfo)));
            }
        }
    }
    $dataman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
    $dataman->set_existing($postinfo);
    ($hook = vBulletinHook::fetch_hook('editpost_update_process')) ? eval($hook) : false;
    // set info
    $dataman->set_info('parseurl', $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_URL and $foruminfo['allowbbcode'] and $edit['parseurl']);
    $dataman->set_info('posthash', $posthash);
    $dataman->set_info('forum', $foruminfo);
    $dataman->set_info('thread', $threadinfo);
    $dataman->set_info('show_title_error', true);
    $dataman->set_info('podcasturl', $edit['podcasturl']);
    $dataman->set_info('podcastsize', $edit['podcastsize']);
    $dataman->set_info('podcastexplicit', $edit['podcastexplicit']);
    $dataman->set_info('podcastkeywords', $edit['podcastkeywords']);
    $dataman->set_info('podcastsubtitle', $edit['podcastsubtitle']);
    $dataman->set_info('podcastauthor', $edit['podcastauthor']);
    if ($postinfo['userid'] == $vbulletin->userinfo['userid']) {
        $dataman->set_info('user', $vbulletin->userinfo);
    }
    // set options
    $dataman->setr('showsignature', $edit['signature']);
    $dataman->setr('allowsmilie', $edit['enablesmilies']);
    // set data
    /*$dataman->setr('userid', $vbulletin->userinfo['userid']);
    	if ($vbulletin->userinfo['userid'] == 0)
    	{
    		$dataman->setr('username', $post['username']);
    	}*/
    $dataman->setr('title', $edit['title']);
    $dataman->setr('pagetext', $edit['message']);
    if ($postinfo['userid'] != $vbulletin->userinfo['userid']) {
        $dataman->setr('iconid', $edit['iconid'], true, false);
    } else {
        $dataman->setr('iconid', $edit['iconid']);
    }
    $postusername = $vbulletin->userinfo['username'];
    $dataman->pre_save();
    if ($dataman->errors) {
        $errors = $dataman->errors;
    }
    if ($dataman->info['podcastsize']) {
        $edit['podcastsize'] = $dataman->info['podcastsize'];
    }
    if (sizeof($errors) > 0) {
        fr_standard_error($errors[0]);
    } else {
        if ($edit['preview']) {
            require_once DIR . '/packages/vbattach/attach.php';
            $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
            $postattach = $attach->fetch_postattach($posthash, $postinfo['postid']);
            // ### PREVIEW POST ###
            $postpreview = process_post_preview($edit, $postinfo['userid'], $postattach);
            $previewpost = true;
            $_REQUEST['do'] = 'editpost';
        } else {
            if ($vbulletin->GPC['advanced']) {
                // Don't display preview on QuickEdit->Advanced as parseurl is turned off and so the preview won't be correct unless the post originally had checked to not parse links
                // If you turn on parseurl then the opposite happens and you have to go unparse your links if that is what you want. Compromise
                $_REQUEST['do'] = 'editpost';
            } else {
                // ### POST HAS NO ERRORS ###
                $dataman->save();
                $update_edit_log = true;
                // don't show edited by AND reason unchanged - don't update edit log
                if (!($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['showeditedby']) and $edit['reason'] == $postinfo['edit_reason']) {
                    $update_edit_log = false;
                }
                if ($update_edit_log) {
                    // ug perm: show edited by
                    if ($postinfo['dateline'] < TIMENOW - $vbulletin->options['noeditedbytime'] * 60 or !empty($edit['reason'])) {
                        // save the postedithistory
                        if ($vbulletin->options['postedithistory']) {
                            // insert original post on first edit
                            if (!$db->query_first("SELECT postedithistoryid FROM " . TABLE_PREFIX . "postedithistory WHERE original = 1 AND postid = " . $postinfo['postid'])) {
                                $db->query_write("\n\t\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "postedithistory\n\t\t\t\t\t\t\t\t(postid, userid, username, title, iconid, dateline, reason, original, pagetext)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t\t\t" . $postinfo['userid'] . ",\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['username']) . "',\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['title']) . "',\n\t\t\t\t\t\t\t\t{$postinfo['iconid']},\n\t\t\t\t\t\t\t\t" . $postinfo['dateline'] . ",\n\t\t\t\t\t\t\t\t'',\n\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['pagetext']) . "')\n\t\t\t\t\t\t");
                            }
                            // insert the new version
                            $db->query_write("\n\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "postedithistory\n\t\t\t\t\t\t\t(postid, userid, username, title, iconid, dateline, reason, pagetext)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t\t" . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['title']) . "',\n\t\t\t\t\t\t\t{$edit['iconid']},\n\t\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['reason']) . "',\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['message']) . "')\n\t\t\t\t\t");
                        }
                        /*insert query*/
                        $db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "editlog\n\t\t\t\t\t\t(postid, userid, username, dateline, reason, hashistory)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t" . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t'" . $db->escape_string($edit['reason']) . "',\n\t\t\t\t\t\t" . ($vbulletin->options['postedithistory'] ? 1 : 0) . ")\n\t\t\t\t");
                    }
                }
                $date = vbdate($vbulletin->options['dateformat'], TIMENOW);
                $time = vbdate($vbulletin->options['timeformat'], TIMENOW);
                // initialize thread / forum update clauses
                $forumupdate = false;
                $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
                $threadman->set_existing($threadinfo);
                $threadman->set_info('pagetext', $edit['message']);
                if ($can_update_thread and $edit['title'] != '') {
                    // need to update thread title and iconid
                    if (!can_moderate($threadinfo['forumid'])) {
                        $threadman->set_info('skip_moderator_log', true);
                    }
                    $threadman->set_info('skip_first_post_update', true);
                    if ($edit['title'] != $postinfo['title']) {
                        $threadman->set('title', unhtmlspecialchars($edit['title']));
                    }
                    if ($edit['iconid'] != $postinfo['iconid']) {
                        $threadman->set('iconid', $edit['iconid']);
                    }
                    if ($vbulletin->GPC_exists['prefixid'] and can_use_prefix($vbulletin->GPC['prefixid'])) {
                        $threadman->set('prefixid', $vbulletin->GPC['prefixid']);
                        if ($threadman->thread['prefixid'] === '' and $foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
                            // the prefix wasn't valid or was set to an empty one, but that's not allowed
                            $threadman->do_unset('prefixid');
                        }
                    }
                    // do we need to update the forum counters?
                    $forumupdate = $foruminfo['lastthreadid'] == $threadinfo['threadid'] ? true : false;
                }
                // can this user open/close this thread if they want to?
                if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
                    $threadman->set('open', $threadman->fetch_field('open') == 1 ? 0 : 1);
                }
                if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
                    $threadman->set('sticky', $threadman->fetch_field('sticky') == 1 ? 0 : 1);
                }
                ($hook = vBulletinHook::fetch_hook('editpost_update_thread')) ? eval($hook) : false;
                $threadman->save();
                // if this is a mod edit, then log it
                if ($vbulletin->userinfo['userid'] != $postinfo['userid'] and can_moderate($threadinfo['forumid'], 'caneditposts')) {
                    $modlog = array('threadid' => $threadinfo['threadid'], 'forumid' => $threadinfo['forumid'], 'postid' => $postinfo['postid']);
                    log_moderator_action($modlog, 'post_x_edited', $postinfo['title']);
                }
                require_once DIR . '/includes/functions_databuild.php';
                // do forum update if necessary
                if ($forumupdate) {
                    build_forum_counters($threadinfo['forumid']);
                }
                // don't do thread subscriptions if we are doing quick edit
                if (!$vbulletin->GPC['ajax'] and !$vbulletin->GPC['quickeditnoajax']) {
                    // ### DO THREAD SUBSCRIPTION ###
                    // We use $postinfo[userid] so that we update the user who posted this, not the user who is editing this
                    if (!$threadinfo['issubscribed'] and $edit['emailupdate'] != 9999) {
                        // user is not subscribed to this thread so insert it
                        /*insert query*/
                        $db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES ({$postinfo['userid']}, {$threadinfo['threadid']}, {$edit['emailupdate']}, {$edit['folderid']}, 1)\n\t\t\t\t");
                    } else {
                        // User is subscribed, see if they changed the settings for this thread
                        if ($edit['emailupdate'] == 9999) {
                            // Remove this subscription, user chose 'No Subscription'
                            /*insert query*/
                            $db->query_write("\n\t\t\t\t\t\tDELETE FROM " . TABLE_PREFIX . "subscribethread\n\t\t\t\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\t\t\t\tAND userid = {$postinfo['userid']}\n\t\t\t\t\t");
                        } else {
                            if ($threadinfo['emailupdate'] != $edit['emailupdate'] or $threadinfo['folderid'] != $edit['folderid']) {
                                // User changed the settings so update the current record
                                /*insert query*/
                                $db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\t\tVALUES ({$postinfo['userid']}, {$threadinfo['threadid']}, {$edit['emailupdate']}, {$edit['folderid']}, 1)\n\t\t\t\t\t");
                            }
                        }
                    }
                }
                ($hook = vBulletinHook::fetch_hook('editpost_update_complete')) ? eval($hook) : false;
            }
        }
    }
    return array('success' => true);
}
Beispiel #8
0
}

($hook = vBulletinHook::fetch_hook('reputation_start')) ? eval($hook) : false;

if ($_POST['do'] == 'addreputation')
{  // adjust reputation ratings

	$vbulletin->input->clean_array_gpc('p', array(
		'reputation' => TYPE_NOHTML,
		'reason'     => TYPE_STR,
		'ajax'       => TYPE_BOOL,
	));

	if ($vbulletin->GPC['ajax'])
	{
		$vbulletin->GPC['reason'] = convert_urlencoded_unicode($vbulletin->GPC['reason']);
	}

	if ($userid == $vbulletin->userinfo['userid'])
	{
		eval(standard_error(fetch_error('reputationownpost')));
	}

	$score = fetch_reppower($vbulletin->userinfo, $permissions, $vbulletin->GPC['reputation']);
	if ($score < 0 AND empty($vbulletin->GPC['reason']))
	{
		eval(standard_error(fetch_error('reputationreason')));
	}

	// Check if the user has already reputation this post
	if ($repeat = $db->query_first("
Beispiel #9
0
if ($_POST['do'] == 'autosave') {
    $vbulletin->input->clean_array_gpc('p', array('contenttypeid' => TYPE_NOHTML, 'contentid' => TYPE_UINT, 'parentcontentid' => TYPE_UINT, 'pagetext' => TYPE_STR, 'title' => TYPE_NOHTML, 'posthash' => TYPE_NOHTML, 'poststarttime' => TYPE_UINT, 'wysiwyg' => TYPE_BOOL, 'parsetype' => TYPE_STR));
    if (!$vbulletin->userinfo['userid']) {
        echo 'NO USERID';
        exit;
    }
    if (!vB_Types::instance()->getContentTypeID($vbulletin->GPC['contenttypeid'])) {
        echo 'INVALID CONTENTTYPEID';
        exit;
    }
    if (!$vbulletin->GPC['pagetext']) {
        echo 'NO PAGETEXT';
        exit;
    }
    $vbulletin->GPC['pagetext'] = convert_urlencoded_unicode($vbulletin->GPC['pagetext']);
    $vbulletin->GPC['title'] = convert_urlencoded_unicode($vbulletin->GPC['title']);
    if ($vbulletin->GPC['wysiwyg']) {
        require_once DIR . '/includes/class_wysiwygparser.php';
        if ($vbulletin->GPC['parsetype'] == 'calendar') {
            require_once DIR . '/includes/functions_calendar.php';
            $vbulletin->input->clean_gpc('p', 'calendarid', TYPE_UINT);
            $calendarinfo = verify_id('calendar', $vbulletin->GPC['calendarid'], 0, 1);
            if ($calendarinfo) {
                $getoptions = convert_bits_to_array($calendarinfo['options'], $_CALENDAROPTIONS);
                $geteaster = convert_bits_to_array($calendarinfo['holidays'], $_CALENDARHOLIDAYS);
                $calendarinfo = array_merge($calendarinfo, $getoptions, $geteaster);
            }
        }
        if ($vbulletin->GPC['parsetype'] == 'announcement') {
            // oh this is a kludge but there is no simple way to changing the bbcode parser from using global $post with announcements without changing function arguments
            $post = array('announcementoptions' => $vbulletin->GPC['allowbbcode'] ? $vbulletin->bf_misc_announcementoptions['allowbbcode'] : 0);
Beispiel #10
0
	/**
	 * Returns the config view for the widget.
	 *
	 * @return vBCms_View_Widget				- The view result
	 */
	public function getConfigView($widget = false)
	{
		global $vbulletin, $messagearea, $vbphrase;

		$this->assertWidget();

		require_once DIR . '/includes/functions_editor.php';
		require_once DIR . '/packages/vbcms/wysiwyghtmlparser.php';
		require_once DIR . '/packages/vbcms/editor/override.php';
		require_once DIR . '/packages/vbcms/bbcode/html.php';
		require_once DIR . '/packages/vbcms/bbcode/wysiwyg.php';
		require_once DIR . '/includes/functions_databuild.php';
		fetch_phrase_group('posting');

		vB::$vbulletin->input->clean_array_gpc('r', array(
			'do'      => vB_Input::TYPE_STR,
			'message' => vB_Input::TYPE_STR,
			'wysiwyg' => vB_Input::TYPE_BOOL,
			'template_name'    => vB_Input::TYPE_STR
		));

		$view = new vB_View_AJAXHTML('cms_widget_config');
		$view->title = new vB_Phrase('vbcms', 'configuring_widget_x', $this->widget->getTitle());

		$config = $this->widget->getConfig();

		if ((vB::$vbulletin->GPC['do'] == 'config') AND $this->verifyPostId())
		{
			if (vB::$vbulletin->GPC['wysiwyg'])
			{
				$html_parser = new vBCms_WysiwygHtmlParser(vB::$vbulletin);
				$message = $html_parser->parse(vB::$vbulletin->GPC['message']);
			}
			else
			{
				$message = convert_urlencoded_unicode(vB::$vbulletin->GPC['message']);
			}

			$widgetdm = new vBCms_DM_Widget($this->widget);
			if (vB::$vbulletin->GPC_exists['template_name'])
			{
				$config['template_name'] = vB::$vbulletin->GPC['template_name'];
			}

			$widgetdm->set('config', $config);

			if ($this->content)
			{
				$widgetdm->setConfigNode($this->content->getNodeId());
			}

			$widgetdm->save();

			if (!$widgetdm->hasErrors())
			{
				if ($this->content)
				{
					$segments = array('node' => $this->content->getNodeURLSegment(),
										'action' => vB_Router::getUserAction('vBCms_Controller_Content', 'EditPage'));
					$view->setUrl(vB_View_AJAXHTML::URL_FINISHED, vBCms_Route_Content::getURL($segments));
				}

				$view->setStatus(vB_View_AJAXHTML::STATUS_FINISHED, new vB_Phrase('vbcms', 'configuration_saved'));
			}
			else
			{
				if (vB::$vbulletin->debug)
				{
					$view->addErrors($widgetdm->getErrors());
				}

				// only send a message
				$view->setStatus(vB_View_AJAXHTML::STATUS_MESSAGE, new vB_Phrase('vbcms', 'configuration_failed'));
			}
		}
		else
		{
			// add the config content
			$configview = $this->createView('config');

			if (!isset($config['template_name']) OR ($config['template_name'] == '') )
			{
				$config['template_name'] = 'vbcms_widget_staticbb_page';
			}
			// add the config content
			$configview->template_name = $config['template_name'];

			//make the editor
			$configview->editorid = construct_edit_toolbar(
				$pagetext,
				false,
				new vBCms_Editor_Override(vB::$vbulletin),
				true,
				true,
				true,
				'cms_article',
				'',
				array()
			);

			$templater = vB_Template::create('vbcms_widgetcontent_editor');

			$templater->register('values', $values);
			$templater->register('widgetid', $this->widget->getId());

			$templater->register('disablesmiliesoption', true);
			$templater->register('editorid', $configview->editorid);
			$templater->register('messagearea', $messagearea);
			$configview->editor = $templater->render();
//			$configview->editor = $this->getConfigEditorView();
			// item id to ensure form is submitted to us
			$this->addPostId($configview);

			$view->setContent($configview);

			// send the view
			$view->setStatus(vB_View_AJAXHTML::STATUS_VIEW, new vB_Phrase('vbcms', 'configuring_widget'));
		}

		return $view;
	}
Beispiel #11
0
         $threadinfo['issubscribed'] = false;
         // use whatever emailupdate setting came through
     }
 }
 if ($vbulletin->GPC['ajax'] or $vbulletin->GPC['quickeditnoajax']) {
     // quick edit
     $tmpmessage = $vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($edit['message']) : $edit['message'];
     $edit = $postinfo;
     $edit['message'] =& $tmpmessage;
     $edit['title'] = unhtmlspecialchars($edit['title']);
     $edit['signature'] =& $edit['showsignature'];
     $edit['enablesmilies'] =& $edit['allowsmilie'];
     $edit['disablesmilies'] = $edit['enablesmilies'] ? 0 : 1;
     $edit['parseurl'] = true;
     $edit['prefixid'] = $threadinfo['prefixid'];
     $edit['reason'] = fetch_censored_text($vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($vbulletin->GPC['reason']) : $vbulletin->GPC['reason']);
 } else {
     $edit['iconid'] =& $vbulletin->GPC['iconid'];
     $edit['title'] =& $vbulletin->GPC['title'];
     $edit['prefixid'] = $vbulletin->GPC_exists['prefixid'] ? $vbulletin->GPC['prefixid'] : $threadinfo['prefixid'];
     $edit['podcasturl'] =& $vbulletin->GPC['podcasturl'];
     $edit['podcastsize'] =& $vbulletin->GPC['podcastsize'];
     $edit['podcastexplicit'] =& $vbulletin->GPC['podcastexplicit'];
     $edit['podcastkeywords'] =& $vbulletin->GPC['podcastkeywords'];
     $edit['podcastsubtitle'] =& $vbulletin->GPC['podcastsubtitle'];
     $edit['podcastauthor'] =& $vbulletin->GPC['podcastauthor'];
     // Leave this off for quickedit->advanced so that a post with unparsed links doesn't get parsed just by going to Advanced Edit
     if ($vbulletin->GPC['advanced']) {
         $edit['parseurl'] = false;
     } else {
         $edit['parseurl'] =& $vbulletin->GPC['parseurl'];
Beispiel #12
0
 } else {
     $photoplog_file_info['catid'] = $photoplog['fileid'] - 10864246810;
     // catid
 }
 $do_html = 0;
 $do_imgcode = 0;
 if ($photoplog_file_info) {
     $photoplog['catid'] = intval($photoplog_file_info['catid']);
     if (in_array($photoplog['catid'], array_keys($photoplog_ds_catopts))) {
         $photoplog_categorybit = $photoplog_ds_catopts[$photoplog['catid']]['options'];
         $photoplog_catoptions = convert_bits_to_array($photoplog_categorybit, $photoplog_categoryoptions);
         $do_html = $photoplog_catoptions['allowhtml'] ? 1 : 0;
         $do_imgcode = $photoplog_catoptions['allowimgcode'] ? 1 : 0;
     }
 }
 $vbulletin->GPC['message'] = convert_urlencoded_unicode($vbulletin->GPC['message']);
 if ($photoplog_fileversion == 6) {
     $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
 }
 require_once DIR . '/includes/functions_wysiwyg.php';
 if ($vbulletin->GPC['towysiwyg']) {
     if ($do_imgcode) {
         $vbulletin->GPC['message'] = preg_replace("/\\[img\\]/i", "photoplog_front_vb_bb_img_tag", $vbulletin->GPC['message']);
         $vbulletin->GPC['message'] = preg_replace("/\\[\\/img\\]/i", "photoplog_back_vb_bb_img_tag", $vbulletin->GPC['message']);
     }
     ob_start();
     echo parse_wysiwyg_html(htmlspecialchars_uni($vbulletin->GPC['message']), false, $vbulletin->GPC['parsetype'], $vbulletin->GPC['allowsmilie']);
     $photoplog_html_output = ob_get_contents();
     ob_end_clean();
     if ($do_imgcode) {
         $photoplog_html_output = str_replace(array('photoplog_front_vb_bb_img_tag', 'photoplog_back_vb_bb_img_tag'), array('<img src="', '">'), $photoplog_html_output);
Beispiel #13
0
/**
* Converts Unicode entities of the format %uHHHH where each H is a hexadecimal
* character to &#DDDD; or the appropriate UTF-8 character based on current charset.
*
* @param	Mixed		array or text
*
* @return	string	Decoded text
*/
function convert_urlencoded_unicode($text)
{
    if (is_array($text)) {
        foreach ($text as $key => $value) {
            $text["{$key}"] = convert_urlencoded_unicode($value);
        }
        return $text;
    }
    if (!($charset = vB_Template_Runtime::fetchStyleVar('charset'))) {
        global $vbulletin;
        $charset = $vbulletin->userinfo['lang_charset'];
    }
    $return = preg_replace('#%u([0-9A-F]{1,4})#ie', "convert_unicode_char_to_charset(hexdec('\\1'), \$charset)", $text);
    $lower_charset = strtolower($charset);
    if ($lower_charset != 'utf-8' and function_exists('html_entity_decode')) {
        // this converts certain &#123; entities to their actual character
        // set values; don't do this if using UTF-8 as it's already done above.
        // note: we don't want to convert &gt;, etc as that undoes the effects of STR_NOHTML
        $return = preg_replace('#&([a-z]+);#i', '&amp;$1;', $return);
        if ($lower_charset == 'windows-1251') {
            // there's a bug in PHP5 html_entity_decode that decodes some entities that
            // it shouldn't. So double encode them to ensure they don't get decoded.
            $return = preg_replace('/&#(128|129|1[3-9][0-9]|2[0-4][0-9]|25[0-5]);/', '&amp;#$1;', $return);
        }
        $return = @html_entity_decode($return, ENT_NOQUOTES, $charset);
    }
    return $return;
}
Beispiel #14
0
/**
 * check_save_prefs()
 * This function checks to see if we should save the search preferences,
 *  and takes appropriate action
 * @param integer $typeid
 * @return : no return
 */
function check_save_prefs($current_user, $typeid = vB_Search_Core::TYPE_COMMON)
{
    global $vbulletin, $prefs;
    if (is_array($typeid)) {
        $typeid = vB_Search_Core::TYPE_COMMON;
    }
    if ($vbulletin->GPC_exists['saveprefs'] and $vbulletin->GPC['saveprefs']) {
        $stored_prefs = $current_user->getSearchPrefs();
        foreach ($prefs as $key => $value) {
            if (isset($vbulletin->GPC[$key])) {
                $prefs[$key] = convert_urlencoded_unicode($vbulletin->GPC[$key]);
            }
        }
        $stored_prefs[$typeid] = $prefs;
    } else {
        if (isset($stored_prefs[$typeid])) {
            unset($stored_prefs[$typeid]);
        }
    }
    $current_user->saveSearchPrefs($stored_prefs);
}
Beispiel #15
0
<?php

require '../../model/MensagemChat.php';
$curdir = getcwd();
chdir('/home/ccvteam/public_html/forum');
require_once '/home/ccvteam/public_html/forum/global.php';
require_once '/home/ccvteam/public_html/forum/includes/class_bbcode.php';
require_once '/home/ccvteam/public_html/forum/includes/functions_newpost.php';
chdir($curdir);
$userid = $vbulletin->userinfo['userid'];
if ($userid != '0') {
    $shouter = utf8_encode($vbulletin->userinfo['musername']);
    // clean input
    $vbulletin->input->clean_array_gpc('p', array('message' => TYPE_STR));
    $shout = $vbulletin->GPC['message'];
    // trata aspas
    $shout = addslashes($shout);
    // trata ajax urlencoded
    $shout = convert_urlencoded_unicode($shout);
    // convert links
    $shout = convert_url_to_bbcode($shout);
    // parseador de bbCode
    $parser =& new vB_BbCodeParser($vbulletin, fetch_tag_list());
    // do_parse($text, $do_html = false, $do_smilies = true, $do_bbcode = true , $do_imgcode = true, $do_nl2br = true, $cachable = false)
    $shout = $parser->do_parse($shout, false, true, true, false, false, false);
    $timestamp = date("Y-m-d H:i:s");
    $msg = new MensagemChat($shout, $shouter, $timestamp, $userid);
    $msg->Save();
}
Beispiel #16
0
	/**
	 * Returns the config view for the widget.
	 *
	 * @return vBCms_View_Widget				- The view result
	 */
	public function getConfigView()
	{
		global $vbphrase;
		$this->assertWidget();
		require_once DIR . '/includes/functions_databuild.php';
		fetch_phrase_group('contenttypes');

		vB::$vbulletin->input->clean_array_gpc('r', array(
			'do'      => vB_Input::TYPE_STR,
			'days' => vB_Input::TYPE_UINT,
			'count' => vB_Input::TYPE_UINT,
			'rb_type' => vB_Input::TYPE_UINT,
			'username' => vB_Input::TYPE_STR,
			'friends' => vB_Input::TYPE_BOOL,
			'childforums' => vB_Input::TYPE_BOOL,
			'keywords' => vB_Input::TYPE_STR,
			'template_name'  => vB_Input::TYPE_STR,
			'contenttypeid'   => vB_Input::TYPE_UINT,
			'group_text' =>  vB_Input::TYPE_STR,
			'forumchoice' =>  vB_Input::TYPE_ARRAY,
			'cat' =>  vB_Input::TYPE_ARRAY,
			'prefixchoice' =>  vB_Input::TYPE_ARRAY,
			'srch_tag_text' => vB_Input::TYPE_STR
			));

		$view = new vB_View_AJAXHTML('cms_widget_config');
		$view->title = new vB_Phrase('vbcms', 'configuring_widget_x', $this->widget->getTitle());

		$config = $this->widget->getConfig();

		if ((vB::$vbulletin->GPC['do'] == 'config') AND $this->verifyPostId())
		{
			if (vB::$vbulletin->GPC_exists['days'])
			{
				$config['days'] = vB::$vbulletin->GPC['days'];
			}

			if (vB::$vbulletin->GPC_exists['template_name'])
			{
				$config['template_name'] = vB::$vbulletin->GPC['template_name'];
			}

			if (vB::$vbulletin->GPC_exists['count'])
			{
				$config['count'] =  vB::$vbulletin->GPC['count'];
			}

			$config['username'] = vB::$vbulletin->GPC_exists['username']?
				convert_urlencoded_unicode(vB::$vbulletin->GPC['username']) : null;

			$config['friends'] =  vB::$vbulletin->GPC_exists['friends'];
			$config['childforums'] =  vB::$vbulletin->GPC_exists['childforums'];


			$config['keywords'] =  convert_urlencoded_unicode(vB::$vbulletin->GPC['keywords']);

			//the contenttype array gets special handling.
			$type_info = array() ;

			if ( vB::$vbulletin->GPC_exists['rb_type'] AND intval(vB::$vbulletin->GPC['rb_type']))
			{
				$config['contenttypeid'] = vB::$vbulletin->GPC['rb_type'];
				vB::$vbulletin->input->clean_array_gpc('p', array(
					'template_' .  vB::$vbulletin->GPC['rb_type'] => vB_Input::TYPE_STR));

				$config['template'] =
				(vB::$vbulletin->GPC_exists['template_' . vB::$vbulletin->GPC['rb_type']] ?
				vB::$vbulletin->GPC['template_' . vB::$vbulletin->GPC['rb_type']] :
				'vbcms_searchresult_' . vB_Types::instance()->getPackageClass(vB::$vbulletin->GPC['rb_type']) );
			}
			else
			{
				$config['contenttypeid'] = vB_Types::instance()->getContentTypeID('vBForum_Post');
				$config[ 'template'] =	'vbcms_searchresult_post';
			}

			$config['group'] = vB::$vbulletin->GPC_exists['group_text']?
				convert_urlencoded_unicode(vB::$vbulletin->GPC['group_text']) : null;

			$config['forumchoice'] = vB::$vbulletin->GPC_exists['forumchoice']?
				vB::$vbulletin->GPC['forumchoice'] : null;

			$config['cat'] = vB::$vbulletin->GPC_exists['cat']?
				vB::$vbulletin->GPC['cat'] : null;

			$config['prefixchoice'] = vB::$vbulletin->GPC_exists['prefixchoice']?
				vB::$vbulletin->GPC['prefixchoice'] : null;

			$config['tag'] = vB::$vbulletin->GPC_exists['srch_tag_text']?
				convert_urlencoded_unicode(vB::$vbulletin->GPC['srch_tag_text']) : null;

			$widgetdm = $this->widget->getDM();
			$widgetdm->set('config', $config);

			if ($this->content)
			{
				$widgetdm->setConfigNode($this->content->getNodeId());
			}

			$widgetdm->save();

			if (!$widgetdm->hasErrors())
			{
				if ($this->content)
				{
					$segments = array('node' => $this->content->getNodeURLSegment(),
										'action' => vB_Router::getUserAction('vBCms_Controller_Content', 'EditPage'));
					$view->setUrl(vB_View_AJAXHTML::URL_FINISHED, vBCms_Route_Content::getURL($segments));
				}

				$view->setStatus(vB_View_AJAXHTML::STATUS_FINISHED, new vB_Phrase('vbcms', 'configuration_saved'));
				vB_Cache::instance()->event($this->getCacheEvent());
			}
			else
			{
				if (vB::$vbulletin->debug)
				{
					$view->addErrors($widgetdm->getErrors());
				}

				// only send a message
				$view->setStatus(vB_View_AJAXHTML::STATUS_MESSAGE, new vB_Phrase('vbcms', 'configuration_failed'));
			}
		}
		else
		{
			$configview = $this->createView('config');

			// Contenttype multiselect
			$contenttypes = array() ;
			require_once DIR . '/includes/functions_databuild.php';
			fetch_phrase_group('search');

			foreach (vB_Search_Core::get_instance()->get_indexed_types() as $type)
			{
				$phrasekey = 'contenttype_' . strtolower($type['package']) . '_' . strtolower($type['class']);
				$contenttypes[$type['contenttypeid']] = array('name' => $vbphrase[$phrasekey] ,
					'contenttypeid' => $type['contenttypeid'],
					'template' => ((intval($type['contenttypeid']) == intval($config['contenttypeid'])) and
								isset($config['template'])) ?
							$config['template'] : 'vbcms_searchresult_' . strtolower($type['class']),
					'checked' => intval($type['contenttypeid']) == intval($config['contenttypeid']) ? 'checked="checked"' : '')  ;
			}

			$configview->contenttypes = $contenttypes;
			$configview->days = (isset($config['days']) ? $config['days'] : 14);
			$configview->count = $config['count'];
			$configview->username = $config['username'] ? $config['username'] : '';
			$configview->friendschecked = ($config['friends'] ? 'checked="checked"' : '');
			$configview->childforumschecked = ($config['childforums'] ? 'checked="checked"' : '');
			$configview->keywords = $config['keywords'];
			$configview->template_name = ($config['template_name'] ? $config['template_name'] : 'vbcms_widget_searchwidget_page');
			$configview->group = $config['group'];
			$configview->tag = $config['tag'];
			$configview->type_select = $select_types;
			$configview->cat_select = $this->getGroupCategories($config);
			$configview->prefixchoice_select = $this->getPrefixes($config) . '</select>';
			$configview->forumchoice_select = $this->getForums($config);

			// item id to ensure form is submitted to us
			$this->addPostId($configview);

			$view->setContent($configview);

			// send the view
			$view->setStatus(vB_View_AJAXHTML::STATUS_VIEW, new vB_Phrase('vbcms', 'configuring_widget'));
		}

		return $view;
	}
Beispiel #17
0
	if ($vbulletin->GPC['ajax'] OR $vbulletin->GPC['quickeditnoajax'])
	{
		// quick edit
		$tmpmessage = ($vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($edit['message']) : $edit['message']);

		$edit = $postinfo;
		$edit['message'] =& $tmpmessage;
		$edit['title'] = unhtmlspecialchars($edit['title']);
		$edit['signature'] =& $edit['showsignature'];
		$edit['enablesmilies'] =& $edit['allowsmilie'];
		$edit['disablesmilies'] = $edit['enablesmilies'] ? 0 : 1;
		$edit['parseurl'] = true;
		$edit['prefixid'] = $threadinfo['prefixid'];

		$edit['reason'] = fetch_censored_text(
			$vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($vbulletin->GPC['reason']) : $vbulletin->GPC['reason']
		);
	}
	else
	{
		$edit['iconid'] =& $vbulletin->GPC['iconid'];
		$edit['title'] =& $vbulletin->GPC['title'];
		$edit['prefixid'] = (($vbulletin->GPC_exists['prefixid'] AND can_use_prefix($vbulletin->GPC['prefixid'])) ? $vbulletin->GPC['prefixid'] : $threadinfo['prefixid']);

		$edit['podcasturl'] =& $vbulletin->GPC['podcasturl'];
		$edit['podcastsize'] =& $vbulletin->GPC['podcastsize'];
		$edit['podcastexplicit'] =& $vbulletin->GPC['podcastexplicit'];
		$edit['podcastkeywords'] =& $vbulletin->GPC['podcastkeywords'];
		$edit['podcastsubtitle'] =& $vbulletin->GPC['podcastsubtitle'];
		$edit['podcastauthor'] =& $vbulletin->GPC['podcastauthor'];
Beispiel #18
0
     eval('print_output("' . fetch_template('kbank_award_main') . '");');
     exit;
 }
 if ($_REQUEST['do'] == 'RemoveClicked') {
     //display remove awarded form
     if (!($postid > 0) || $postid == '' || !can_moderate($forumid) || !$vbulletin->userinfo['canRemoveAwarded']) {
         //outputError($vbphrase['kbank_award_mes_noperm']);
         print_no_permission();
     }
     eval('print_output("' . fetch_template('kbank_award_confirm') . '");');
 }
 if ($_REQUEST['do'] == 'add') {
     //do award/thank
     $vbulletin->input->clean_array_gpc('p', array('userid' => TYPE_INT, 'points' => TYPE_INT, 'reason' => TYPE_STR));
     $points = $vbulletin->GPC['points'];
     $reason = htmlspecialchars_uni(convert_urlencoded_unicode($vbulletin->GPC['reason']));
     //decode reason
     $permAward = fetchPerm($vbulletin->userinfo, $postinfo, $threadinfo);
     if ($vbulletin->GPC['userid'] == 0) {
         //trying to award
         if ($permAward['award']) {
             //enough permission
             if (is_numeric($points) and ($vbulletin->userinfo['minAward'] <= $points and $points <= $vbulletin->userinfo['maxAward'] or $vbulletin->userinfo['maxAward'] == 0)) {
                 //valid amount range
                 if ($points != 0 && $reason != "") {
                     //valid amount/reason value
                     $cur = $vbulletin->db->query_first("\n\t\t\t\t\t\t\tSELECT SUM(ABS(amount)) AS total\n\t\t\t\t\t\t\tFROM `" . TABLE_PREFIX . "kbank_donations`\n\t\t\t\t\t\t\tWHERE (time + 24*60*60) >= " . TIMENOW . "\n\t\t\t\t\t\t");
                     $cur = $cur['total'];
                     if (ap_inLimit($points, $cur, $maxp_24h)) {
                         //check for 24h limit
                         $messages = array();
Beispiel #19
0
    // thread is closed and can't be opened by this person
    $show['add_option'] = false;
    $show['manage_existing_option'] = can_moderate($threadinfo['forumid'], 'caneditthreads');
} else {
    $show['add_option'] = ($forumperms & $vbulletin->bf_ugp_forumpermissions['cantagown'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] or $forumperms & $vbulletin->bf_ugp_forumpermissions['cantagothers']);
    $show['manage_existing_option'] = ($show['add_option'] or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletetagown'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] or can_moderate($threadinfo['forumid'], 'caneditthreads'));
}
($hook = vBulletinHook::fetch_hook('threadtag_start')) ? eval($hook) : false;
if (!$show['add_option'] and !$show['manage_existing_option']) {
    print_no_permission();
}
// ##############################################################################
if ($_POST['do'] == 'managetags') {
    $vbulletin->input->clean_array_gpc('p', array('tagskept' => TYPE_ARRAY_UINT, 'tagsshown' => TYPE_ARRAY_UINT, 'taglist' => TYPE_NOHTML, 'ajax' => TYPE_BOOL));
    if ($vbulletin->GPC['ajax']) {
        $vbulletin->GPC['taglist'] = convert_urlencoded_unicode($vbulletin->GPC['taglist']);
    }
    if ($vbulletin->GPC['tagsshown'] and $show['manage_existing_option']) {
        $tags_sql = $db->query_read("\n\t\t\tSELECT tag.*, tagthread.userid\n\t\t\tFROM " . TABLE_PREFIX . "tagthread AS tagthread\n\t\t\tINNER JOIN " . TABLE_PREFIX . "tag AS tag ON (tag.tagid = tagthread.tagid)\n\t\t\tWHERE tagthread.threadid = {$threadinfo['threadid']}\n\t\t\t\tAND tagthread.tagid IN (" . implode(',', $vbulletin->GPC['tagsshown']) . ")\n\t\t");
        $delete = array();
        while ($tag = $db->fetch_array($tags_sql)) {
            if ($tag['userid'] == $vbulletin->userinfo['userid'] or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletetagown'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] or can_moderate($threadinfo['forumid'], 'caneditthreads')) {
                if (!in_array($tag['tagid'], $vbulletin->GPC['tagskept'])) {
                    $delete[] = $tag['tagid'];
                }
            }
        }
        ($hook = vBulletinHook::fetch_hook('threadtag_domanage_delete')) ? eval($hook) : false;
        if ($delete) {
            $db->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "tagthread\n\t\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\t\tAND tagid IN (" . implode(',', $delete) . ")\n\t\t\t");
            $threadinfo['taglist'] = rebuild_thread_taglist($threadinfo['threadid']);
Beispiel #20
0
	/**
	* Recursively converts unicode entities for AJAX saving
	*
	* @param	mixed	Item to be converted
	*
	* @return	mixed	Converted item
	*/
	function convert_urlencoded_unicode_recursive($item)
	{
		if (is_array($item))
		{
			foreach ($item AS $key => $value)
			{
				$item["$key"] = convert_urlencoded_unicode_recursive($value);
			}
		}
		else
		{
			$item = convert_urlencoded_unicode(trim($item));
		}

		return $item;
	}
Beispiel #21
0
function vbseo_complete_sec($sec, $dat_proc = '')
{
    global $vboptions, $forum, $vbulletin, $vbphrase, $postcache, $stylevar, $vbseo_gcache, $vbseo_linkbacks_no, $bbuserinfo;
    if (!VBSEO_ENABLED) {
        return;
    }
    if (defined('VBSEO_UNREG_EXPIRED')) {
        return $newtext;
    }
    if (VBSEO_IGNOREPAGES && preg_match('#(' . VBSEO_IGNOREPAGES . ')#i', VBSEO_REQURL)) {
        return;
    }
    if (VBSEO_REWRITE_THREADS_ADDTITLE && ($sec == 'newpost_preview' || $sec == 'postbit_display_complete')) {
        global $vbseo_previewmessage, $vbseo_cutbburl;
        if ($GLOBALS['post'] && $GLOBALS['post']['message']) {
            $ptext =& $GLOBALS['post']['message'];
        } else {
            $ptext =& $vbseo_previewmessage;
        }
        vbseo_reverse_formats();
        $matchfull = preg_quote('http://' . VBSEO_HTTP_HOST, '#');
        if (VBSEO_REWRITE_THREADS_ADDTITLE_POST) {
            $ptext = preg_replace('#(href=")(' . $matchfull . '[^"]*?' . VBSEO_FIND_P_FORMAT . '[^/"]*")#eis', 'vbseo_replace_urls_mini_post("$1","$2","$3")', $ptext);
            $ptext = preg_replace('#(href=")(' . $matchfull . '[^"]*?showpost\\.' . VBSEO_VB_EXT . '\\?[^"]*?p(?:ostid)?=(\\d+)[^/"]*")#eis', 'vbseo_replace_urls_mini_post("$1","$2","$3")', $ptext);
        }
        $ptext = preg_replace('#(href=")(' . $matchfull . '[^"]*?' . VBSEO_FIND_MT_FORMAT . '[^/"]*")#eis', 'vbseo_replace_urls_mini("$1","$2","$3","m")', $ptext);
        $ptext = preg_replace('#(href=")(' . $matchfull . '[^"]*?' . VBSEO_FIND_T_FORMAT . '[^/"]*")#eis', 'vbseo_replace_urls_mini("$1","$2","$3")', $ptext);
        $ptext = preg_replace('#(href=")(' . $matchfull . '[^"]*?(?:show|print)thread\\.' . VBSEO_VB_EXT . '\\?[^"]*?t(?:hreadid)?=(\\d+)[^/"]*")#eis', 'vbseo_replace_urls_mini("$1","$2","$3")', $ptext);
    }
    if (isset($vbulletin) && !$vbseo_cutbburl) {
        $vbseo_cutbburl = preg_replace('#/$#', '', $vbulletin->options['bburl']);
    }
    if ($sec == 'init_startup' && $vbseo_cutbburl) {
        vbseo_check_stripsids();
        vbseo_prepare_seo_replace();
        if (VBSEO_IN_PINGBACK && THIS_SCRIPT == 'showthread') {
            @header('X-Pingback: ' . $vbseo_cutbburl . '/vbseo-xmlrpc/');
        }
        if (THIS_SCRIPT != 'search') {
            vbseo_prepare_cat_anchors();
        }
        if (THIS_SCRIPT == 'newreply' || THIS_SCRIPT == 'editpost' || THIS_SCRIPT == 'newthread') {
            $vbseo_ref = $_SERVER['HTTP_REFERER'];
            $pre_repl = '';
            $q = $_POST['message'];
            if ($vbseo_ref && strstr(strtolower($vbseo_ref), VBSEO_HTTP_HOST)) {
                $pre_repl = preg_replace('#/[^/]*$#', '/', $vbseo_ref);
            }
            if ($pre_repl && $pre_repl != $vbseo_cutbburl . '/') {
                $rs = '#((?:<a[^>]*?href="|\\[url="|\\[url\\]|<img[^>]*?src="|\\[img="|\\[img\\]))';
                $_POST['message'] = preg_replace($rs . '(' . preg_quote($vbseo_cutbburl) . '/)?([^:"\\[\\]]*?\\.\\.[^:"\\[\\]]*?["\\[])#i', '$1' . $pre_repl . '$3', $_POST['message']);
                do {
                    $_pmsg = $_POST['message'];
                    $_POST['message'] = preg_replace('#(://[^\\"\\]]*?/)([^/\\"\\]]*/)\\.\\./#', '$1', $_POST['message']);
                } while ($_POST['message'] != $_pmsg);
            }
        }
    }
    $newpost_name = '';
    if ($sec == 'blog_fpdata_presave' || $sec == 'blog_textdata_start' || $sec == 'blog_data_start') {
        $newpost_name = 'blog';
    }
    if ($sec == 'newpost_process' || $sec == 'newpost_complete') {
        $newpost_name = 'newpost';
    }
    if ($sec == 'visitormessagedata_start') {
        $newpost_name = 'message';
    }
    $clean_redir = $newpost_name ? 1 : 0;
    if (!$newpost_name && $sec == 'postdata_presave') {
        $newpost_name = 'edit';
    }
    $may_addttl = $clean_redir && (!isset($_POST['vbseo_is_retrtitle']) || isset($_POST['vbseo_retrtitle']));
    $force_addttl = $newpost_name && (isset($_POST['vbseo_is_retrtitle']) && isset($_POST['vbseo_retrtitle']));
    $addttl = VBSEO_REWRITE_EXT_ADDTITLE && ($force_addttl || $may_addttl);
    global ${$newpost_name};
    if (isset(${$newpost_name})) {
        $pmsg_a =& ${$newpost_name};
        if (isset($pmsg_a['message'])) {
            $pmsg =& $pmsg_a['message'];
        }
    }
    if ($clean_redir) {
        vbseo_get_options();
        $redurl = $vboptions['bburl2'] . '/' . VBSEO_REDIRECT_URI . '?redirect=';
        $pmsg = preg_replace('#' . preg_quote($redurl, '#') . '([^"\\]\\[]*)#eis', 'urldecode(\'$1\')', $pmsg);
    }
    if ($addttl) {
        preg_match_all('#\\[url=?\\"?(.*?)\\"?\\](.+?)\\[\\/url\\]#is', $pmsg, $lmatch);
        for ($i = 0; $i < count($lmatch[0]); $i++) {
            $ul = trim($lmatch[1][$i]);
            $ulin = trim($lmatch[2][$i]);
            if ($ul && !@strstr($ulin, $ul)) {
                continue;
            }
            if (!@strstr($ulin, '://')) {
                $ulin = 'http://' . $ulin;
            }
            if (!$ul) {
                $ul = $ulin;
            }
            if (preg_match('#^http://#', $ulin) && (!VBSEO_REWRITE_EXT_ADDTITLE_BLACKLIST || !preg_match('#' . VBSEO_REWRITE_EXT_ADDTITLE_BLACKLIST . '#i', $ulin))) {
                vbseo_reverse_formats();
                $matchfull = preg_quote('http://' . VBSEO_HTTP_HOST, '#');
                $ismatch = false;
                if (VBSEO_REWRITE_THREADS_ADDTITLE_POST) {
                    $ismatch |= preg_match('#' . $matchfull . '[^"]*?/' . VBSEO_FIND_P_FORMAT . '#is', $ulin);
                }
                $ismatch |= preg_match('#' . $matchfull . '[^"]*?/' . VBSEO_FIND_MT_FORMAT . '#is', $ulin);
                $ismatch |= preg_match('#' . $matchfull . '[^"]*?/' . VBSEO_FIND_T_FORMAT . '#is', $ulin);
                $ulin_shot = str_replace(VBSEO_TOPREL_FULL, '', $ulin);
                if (($arr = vbseo_check_url('VBSEO_URL_FORUM_PAGENUM', $ulin_shot)) || ($arr = vbseo_check_url('VBSEO_URL_FORUM', $ulin_shot))) {
                    if (!isset($arr['forum_id']) && (isset($arr['forum_path']) || isset($arr['forum_title']))) {
                        $arr['forum_id'] = vbseo_reverse_forumtitle($arr);
                    }
                    vbseo_get_forum_info();
                    if (!vbseo_forum_is_public($vbseo_gcache['forum'][$arr['forum_id']])) {
                        $ismatch = true;
                    }
                }
                if (!$ismatch) {
                    $pret = vbseo_http_query_full($ulin);
                    $ptitle = vbseo_get_page_title($pret['content'], defined('VBSEO_MAX_TITLE_LENGTH') ? VBSEO_MAX_TITLE_LENGTH : 0);
                    $pcharset = vbseo_get_page_charset($pret['content'], $pret['headers']);
                    $ptitle = vbseo_convert_charset($ptitle, $pcharset);
                    if ($ptitle && $ptitle != $vboptions['bbtitle']) {
                        $pmsg = str_replace($lmatch[0][$i], '[url=' . $ulin . ']' . $ptitle . '[/url]', $pmsg);
                    }
                }
            }
        }
    }
    $trackback = VBSEO_EXT_TRACKBACK && ($sec == 'newpost_complete' || $sec == 'threadmanage_update');
    $pingback = VBSEO_EXT_PINGBACK && $sec == 'newpost_complete';
    if ($pingback || $trackback) {
        global $found_object_ids;
        if (!$vboptions['bburl2'] || !$vbseo_gcache['forum']) {
            vbseo_get_options();
            vbseo_prepare_seo_replace();
            vbseo_get_forum_info();
        }
        $r_post_id = $pmsg_a['postid'];
        if (!$r_post_id && $GLOBALS['threadinfo']) {
            $r_post_id = $GLOBALS['threadinfo']['firstpostid'];
        }
        unset($vbseo_gcache['post'][$r_post_id]);
        $found_object_ids['prepostthread_ids'] = array($r_post_id);
        vbseo_get_post_thread_info($r_post_id);
        $threadid = $vbseo_gcache['post'][$r_post_id]['threadid'];
        vbseo_get_thread_info($threadid);
        $forumid = $vbseo_gcache['thread'][$threadid]['forumid'];
        $vbseo_url_ = vbseo_thread_url_postid($r_post_id);
        $vbseo_url_t = vbseo_thread_url($threadid);
        if (!strstr($vbseo_url_, '://')) {
            $vbseo_url_ = $vboptions['bburl2'] . '/' . $vbseo_url_;
        }
        if (!strstr($vbseo_url_t, '://')) {
            $vbseo_url_t = $vboptions['bburl2'] . '/' . $vbseo_url_t;
        }
        if (THIS_SCRIPT == 'newthread') {
            $vbulletin->db->query_write("INSERT INTO " . vbseo_tbl_prefix('vbseo_serviceupdate') . "\n(s_threadid, s_updated)\nVALUES\n('{$threadid}', 0)\n");
        }
    }
    if ($sec == 'blog_fpdata_postsave') {
        global $blogman;
        if ($blogman && ($bid = $blogman->blog['blogid'])) {
            $vbulletin->db->query_write("INSERT INTO " . vbseo_tbl_prefix('vbseo_serviceupdate') . "\n(s_threadid, s_updated, s_type)\nVALUES\n('{$bid}', 0, 1)\n");
        }
    }
    if ($trackback && $_REQUEST['sendtrackbacks']) {
        $tracurls = explode(' ', $_REQUEST['sendtrackbacks']);
        $tdetails = vbseo_get_thread_details($r_post_id);
        $tdetails['pagetext'] = preg_replace('#\\[.+?\\]#', '', $tdetails['pagetext']);
        vbseo_extra_inc('linkback');
        foreach ($tracurls as $turl) {
            if (trim($turl)) {
                $turl = trim($turl);
                if (!preg_match('#^http://#', $turl)) {
                    continue;
                }
                if (vbseo_pingback_exists($turl, $threadid)) {
                    continue;
                }
                $snippet = vbseo_utf8_substr($tdetails['pagetext'], 0, VBSEO_SNIPPET_LENGTH);
                $res_success = vbseo_do_trackback($turl, $vbseo_url_t, $vbseo_gcache['thread'][$threadid]['title'], $vboptions['bbtitle'], $snippet . '...');
                vbseo_store_pingback($vbseo_url_, $turl, 1, $r_postid, 0, $threadid, 0, $_REQUEST['subject'], $snippet, 0, $res_success, 1, false);
            }
        }
    }
    if ($pingback && vbseo_forum_is_public($vbseo_gcache['forum'][$forumid])) {
        vbseo_extra_inc('linkback');
        preg_match_all('#\\[url=?\\"?(.*?)\\"?\\]#is', $pmsg, $lmatch);
        for ($i = 0; $i < count($lmatch[0]); $i++) {
            $ulin = $lmatch[1][$i];
            if (preg_match('#^http://#', $ulin) && !strstr($ulin, VBSEO_HTTP_HOST) && (!VBSEO_REWRITE_EXT_ADDTITLE_BLACKLIST || !preg_match('#' . VBSEO_REWRITE_EXT_ADDTITLE_BLACKLIST . '#i', $ulin))) {
                if (vbseo_pingback_exists($ulin, $threadid)) {
                    continue;
                }
                $res_success = vbseo_do_pingback($vbseo_url_, $ulin);
                if ($res_success >= 0) {
                    vbseo_store_pingback($vbseo_url_, $ulin, 0, $r_postid, 0, $threadid, 0, $_REQUEST['subject'], $snippet, 0, $res_success, 1);
                }
            }
        }
    }
    switch ($sec) {
        case 'blog_entry_start':
            vbseo_prepend_template('blog_show_entry', '".(($blog[message] = vbseo_process_content_area($blog[message])) ? "":"")."');
            vbseo_prepend_template('blog_comment', '".(($response[message] = vbseo_process_content_area($response[message])) ? "":"")."');
            break;
        case 'blog_entry_complete':
            if (VBSEO_BOOKMARK_BLOG && vbseo_tpl_exists('blog_show_entry')) {
                $vbseo_url_b = vbseo_http_s_url('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['VBSEO_URI']);
                $book_t = urlencode($GLOBALS['blog']['title']);
                $bmlist = vbseo_get_bookmarks();
                $vbseo_post_bookmarks = '';
                foreach ($bmlist as $bm) {
                    $blink = str_replace('%url%', urlencode($vbseo_url_b), str_replace('%title%', $book_t, $bm[0]));
                    eval('$vbseo_post_bookmarks .= "' . fetch_template('vbseo_blog_bmarkentry') . '";');
                }
                $vbseo_post_bookmarks = str_replace('"', '\\"', $vbseo_post_bookmarks);
                $bsection_tpl = str_replace('<!--VBSEO_BOOKMARKS-->', $vbseo_post_bookmarks, fetch_template('vbseo_blog_bmarksection'));
                if (VBSEO_BOOKMARK_BLOG == 1) {
                    $snr = '#(\\"\\.\\(\\(\\$show\\[\'blograting\'\\]\\) \\? \\(\\".*?)(<[^>]*?id=\\\\"blog_title)#is';
                    $pm = vbseo_tpl_match('blog_show_entry', $snr);
                    $pm[1] = str_replace('id=\\"blograting\\" style=\\"float:$stylevar[right]\\">', 'id=\\"blograting\\" style=\\"text-align:center\\">', $pm[1]);
                    $bsection = str_replace('<!--BLOG_RATING-->', $pm[1], $bsection_tpl);
                    vbseo_modify_template('blog_show_entry', $snr, $bsection . '$2');
                } else {
                    vbseo_modify_template('blog_show_entry', '#("\\.\\(\\(\\$' . 'categorybits)#is', $bsection_tpl . '$1', false, '<!--VBSEO_BOOKMARKS-->');
                }
                vbseo_modify_template('blog_show_entry', '#(<div id=\\\\"blog_message\\\\" style=\\\\")(.*?</div>)#', "\$1min-height:60px;\$2\n<br style=\\\"clear:both\\\" />");
            }
            break;
        case 'global_start':
            if (!$vbulletin->userinfo['userid'] && VBSEO_CODE_CLEANUP_PREVIEW && THIS_SCRIPT == 'forumdisplay') {
                $vbulletin->options['threadpreview'] = 0;
                $vbseo_gcache['var']['vboptchanged'] = true;
            }
            if (!$vbulletin->userinfo['userid'] && VBSEO_FORUMJUMP_OFF && $vbulletin && (THIS_SCRIPT == 'forumdisplay' || THIS_SCRIPT == 'showthread')) {
                $vbulletin->options['useforumjump'] = 0;
                $vbseo_gcache['var']['vboptchanged'] = true;
            }
            if (VBSEO_CATEGORY_ANCHOR_LINKS) {
                vbseo_modify_template('forumhome_forumbit_level1_nopost', 'href=\\"forumdisplay', 'id=\\"".$forum[\'nametitle\']."\\" name=\\"".$forum[\'nametitle\']."\\" href=\\"forumdisplay');
            }
            if (VBSEO_IN_REFBACK && (THIS_SCRIPT == 'showthread' || THIS_SCRIPT == 'showpost')) {
                $vbseo_ref = $_SERVER['HTTP_REFERER'];
                if ($vbseo_ref && !strstr(strtolower($vbseo_ref), VBSEO_HTTP_HOST) && !strstr(strtolower($vbseo_ref), str_replace('www.', '', VBSEO_HTTP_HOST))) {
                    if (!defined('VBSEO_REFBACK_BLACKLIST') || !preg_match('#' . VBSEO_REFBACK_BLACKLIST . '#i', $vbseo_ref)) {
                        vbseo_extra_inc('linkback');
                        vbseo_ping_proc($vbseo_ref, VBSEO_TOPREL_FULL . VBSEO_REQURL, 2);
                    }
                }
            }
            break;
        case 'memberlist_bit':
            global $userinfo, $usercache;
            $usercache[$userinfo['userid']] = array('userid' => $userinfo['userid'], 'username' => $userinfo['username']);
            break;
        case 'ajax_start':
            if ($_POST['do'] == 'linkbackmod' && ($linkid = addslashes($_POST['id']))) {
                $ilink = $vbulletin->db->query_first("\nSELECT l.*, t.forumid\nFROM " . vbseo_tbl_prefix('vbseo_linkback') . " l\nLEFT JOIN " . vbseo_tbl_prefix('thread') . " t ON t.threadid = l.t_threadid\nWHERE t_id='{$linkid}'");
                $ismod = can_moderate($ilink['forumid'], 'vbseo_linkbacks') || $vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator'];
                if ($ismod) {
                    vbseo_extra_inc('linkback');
                    if ($_POST['action'] == 'mod') {
                        $vbulletin->db->query_write("\nUPDATE " . vbseo_tbl_prefix('vbseo_linkback') . "\nSET t_approve=IF(t_approve,0,1)\nWHERE t_id='{$linkid}'");
                        if (!$ilink['t_approve']) {
                            vbseo_send_notification_pingback($ilink['t_threadid'], $ilink['t_postid'], $ilink['t_src_url'], $ilink['t_title'], $ilink['t_text'], 1, 0);
                        }
                    }
                    if ($_POST['action'] == 'ban') {
                        $purl = parse_url($ilink['t_src_url']);
                        if ($purl['host']) {
                            $bdom = str_replace('www.', '', $purl['host']);
                            vbseo_linkback_bandomain($bdom, 1);
                            $vbulletin->db->query_write("\nUPDATE " . vbseo_tbl_prefix('vbseo_linkback') . "\nSET t_deleted = 1\nWHERE t_src_url LIKE 'http%" . addslashes($bdom) . "/%'");
                        }
                    }
                    if ($_POST['action'] == 'del') {
                        $vbulletin->db->query_write("\nUPDATE " . vbseo_tbl_prefix('vbseo_linkback') . "\nSET t_deleted = 1\nWHERE t_id = '{$linkid}'");
                    }
                    vbseo_linkback_approve($linkid);
                    header('Content-Type: text/plain;');
                    header('Connection: Close');
                    echo $ilink['t_approve'] ? '0' : '1';
                }
                exit;
            }
            if ($_POST['do'] == 'updatelinkback') {
                $vbulletin->input->clean_array_gpc('p', array('linkid' => TYPE_UINT, 'title' => TYPE_STR));
                $linkid = $vbulletin->GPC['linkid'];
                $ilink = $vbulletin->db->query_first("\nSELECT *\nFROM " . vbseo_tbl_prefix('vbseo_linkback') . " l\nWHERE t_id='" . addslashes($linkid) . "'");
                $ismod = can_moderate($ilink['forumid'], 'vbseo_linkbacks') || $vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator'];
                if ($ismod) {
                    $ltitle = convert_urlencoded_unicode($vbulletin->GPC['title']);
                    $vbulletin->db->query_write("\nUPDATE " . vbseo_tbl_prefix('vbseo_linkback') . " l\nSET t_title = '" . addslashes($ltitle) . "'\nWHERE t_id = '" . addslashes($linkid) . "'");
                }
                $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
                $xml->add_tag('linkhtml', $ltitle);
                $xml->print_xml();
            }
            break;
        case 'forumadmin_update_save':
            global $vboptions, $forumcache;
            vbseo_get_options();
            vbseo_prepare_seo_replace();
            $vboptions['vbseo_opt'] = array();
            $forumcache2 = $forumcache;
            $forumcache = '';
            vbseo_get_forum_info(true);
            $forumcache = $forumcache2;
            vbseo_check_datastore(true);
            break;
        case 'private_insertpm_process':
            global $pmdm;
            if (is_object($pmdm) && strstr($pmdm->pmtext['message'], '[post]')) {
                vbseo_startup();
                $pmdm->pmtext['message'] = preg_replace('#\\[post\\](\\d+)\\[\\/post\\]#', '[url]' . $vboptions['bburl2'] . '/showthread.php?p=$1#post$1[/url]', $pmdm->pmtext['message']);
                $GLOBALS['VBSEO_REWRITE_TEXTURLS'] = 1;
                $pmdm->pmtext['message'] = make_crawlable($pmdm->pmtext['message']);
                unset($GLOBALS['VBSEO_REWRITE_TEXTURLS']);
            }
            break;
        case 'cache_templates':
            global $globaltemplates, $show, $bbuserinfo;
            if ($_REQUEST['ajax']) {
                if (THIS_SCRIPT == 'blog_post') {
                    $globaltemplates[] = 'blog_comment';
                }
                if (THIS_SCRIPT == 'group') {
                    $globaltemplates[] = 'socialgroups_message';
                }
                if (THIS_SCRIPT == 'album') {
                    $globaltemplates[] = 'picturecomment_message';
                }
                if (THIS_SCRIPT == 'visitormessage') {
                    $globaltemplates[] = 'memberinfo_visitormessage';
                }
            }
            if (THIS_SCRIPT == 'blog' && $_REQUEST['do'] == 'blog') {
                $globaltemplates[] = 'vbseo_blog_bmarkentry';
                $globaltemplates[] = 'vbseo_blog_bmarksection';
            }
            if (THIS_SCRIPT == 'moderation') {
                $globaltemplates[] = 'vbseo_linkbacks';
                $globaltemplates[] = 'vbseo_linkbackbit';
            }
            if (THIS_SCRIPT == 'showthread' && (VBSEO_IN_PINGBACK || VBSEO_IN_TRACKBACK || VBSEO_IN_REFBACK)) {
                $globaltemplates[] = 'vbseo_linkbacks';
                $globaltemplates[] = 'vbseo_linkbackbit';
                $globaltemplates[] = 'vbseo_linkbackmenu';
                $globaltemplates[] = 'vbseo_linkbackmenu_entry';
            }
            if (THIS_SCRIPT == 'misc' && $_REQUEST['do'] == 'pingtrackback') {
                vbseo_safe_redirect('misc.' . VBSEO_VB_EXT . '?do=linkbacks', array('do'));
            }
            if (THIS_SCRIPT == 'misc' && $_REQUEST['do'] == 'linkbacks') {
                $globaltemplates[] = 'vbseo_help_linkback';
            }
            break;
        case 'member_infractionbit':
            $GLOBALS['vbseo_gcache']['post'][$dat_proc['postid']] = $dat_proc;
            break;
        case 'parse_templates':
            vbseo_modify_template('socialgroups_grouplist_bit', '#.$#s', '$0".(($GLOBALS[\'vbseo_gcache\'][\'groups\'][$group[\'groupid\']]=$group)?\'\':\'\')."');
            vbseo_modify_template('memberinfo_socialgroupbit', '#.$#s', '$0".(($GLOBALS[\'vbseo_gcache\'][\'groups\'][$socialgroup[\'groupid\']]=$socialgroup)?\'\':\'\')."');
            vbseo_modify_template('blog_entry_profile', '#.$#s', '$0".(($GLOBALS[\'vbseo_gcache\'][\'blog\'][$this->blog[\'blogid\']]=$this->blog)?\'\':\'\')."');
            vbseo_modify_template('blog_entry_profile', '#.$#s', '$0".(($GLOBALS[\'vblog_categories\']=$this->categories)?\'\':\'\')."');
            vbseo_modify_template('album_picturebit', '#.$#s', '$0".(($GLOBALS[\'vbseo_gcache\'][\'pic\'][$picture[\'pictureid\']]=$picture)?\'\':\'\')."');
            vbseo_modify_template('albumbit', '#.$#s', '$0".(($GLOBALS[\'vbseo_gcache\'][\'album\'][$album[\'albumid\']]=$album)?\'\':\'\')."');
            vbseo_modify_template('memberinfo_albumbit', '#.$#s', '$0".(($GLOBALS[\'vbseo_gcache\'][\'album\'][$album[\'albumid\']]=$album)?\'\':\'\')."');
            vbseo_prepend_template('memberinfo_visitormessage', '".(($message[message] = vbseo_process_content_area($message[message])) ? "":"")."');
            vbseo_prepend_template('socialgroups_message', '".(($message[message] = vbseo_process_content_area($message[message])) ? "":"")."');
            vbseo_prepend_template('picturecomment_message', '".(($message[message] = vbseo_process_content_area($message[message])) ? "":"")."');
            vbseo_prepend_template('pt_issuenotebit_user', '".(($note[message] = vbseo_process_content_area($note[message])) ? "":"")."');
            vbseo_prepend_template('newpost_preview', '".(($previewmessage = vbseo_process_content_area($previewmessage)) ? "":"")."');
            if ((THIS_SCRIPT == 'blog' || THIS_SCRIPT == 'blog_post') && VBSEO_PERMALINK_BLOG > 0) {
                vbseo_modify_template('blog_comment', '#(blogipaddress.*?)(</div>)#s', '$1 <a href=\\"#comment$response[blogtextid]\\"><img src=\\"$stylevar[imagesfolder]/vbseo/anchor.png\\" border=\\"0\\" alt=\\"$vbphrase[vbseo_permalink]\\" class=\\"inlineimg\\" /></a> $2', 0);
                vbseo_modify_template('blog_comment', '#(OR \\$show\\[\\\'reportlink\\\'\\])#s', '$1 OR 1', 0);
            }
            if (THIS_SCRIPT == 'member' || THIS_SCRIPT == 'visitormessage') {
                $vmurl = $_GET['tab'] && $_GET['tab'] != 'visitor_messaging' ? 'member.php?u=' . $_GET['u'] : '';
                $vmurl .= '#vmessage$message[vmid]';
                if (VBSEO_PERMALINK_PROFILE == 2) {
                    vbseo_modify_template('memberinfo_visitormessage', '#\\$message\\[date\\]#s', '<a href=\\"' . $vmurl . '\\">$0</a>', 0);
                } else {
                    if (VBSEO_PERMALINK_PROFILE == 1) {
                        vbseo_modify_template('memberinfo_visitormessage', '#message\\[time\\].*?\\)\\)\\.\\"#s', '$0 - <a href=\\"' . $vmurl . '\\">$vbphrase[vbseo_permalink]</a>', 0);
                    }
                }
                vbseo_modify_template('MEMBERINFO', '#(vBulletin\\.register_control\\(\\\\"vB_TabCtrl\\\\", \\\\"profile_tabs\\\\", \\\\"\\$selected_tab\\\\")#s', "var vbseo_opentab=document.location.hash;\nvbseo_opentab = vbseo_opentab.substring(1,vbseo_opentab.length);\n" . '$1 ? \\"$selected_tab\\" : vbseo_opentab');
            }
            if (THIS_SCRIPT == 'album') {
                if (VBSEO_PERMALINK_ALBUM == 2) {
                    vbseo_modify_template('picturecomment_message', '#\\$message\\[date\\]#s', '<a href=\\"#picturecomment$message[commentid]\\">$0</a>', 0);
                } else {
                    if (VBSEO_PERMALINK_ALBUM == 1) {
                        vbseo_modify_template('picturecomment_message', '#message\\[time\\].*?\\)\\)\\.\\"#s', '$0 - <a href=\\"#picturecomment$message[commentid]\\">$vbphrase[vbseo_permalink]</a>', 0);
                    }
                }
            }
            if (THIS_SCRIPT == 'group') {
                $_plink = 'group.' . VBSEO_VB_EXT . '?groupid=' . $_REQUEST['groupid'] . '#gmessage$message[gmid]';
                if (VBSEO_PERMALINK_GROUPS == 2) {
                    vbseo_modify_template('socialgroups_message', '#\\$message\\[date\\]#s', '<a href=\\"' . $_plink . '\\">$0</a>', 0);
                } else {
                    if (VBSEO_PERMALINK_GROUPS == 1) {
                        vbseo_modify_template('socialgroups_message', '#message\\[time\\].*?\\)\\)\\.\\"#s', '$0 - <a href=\\"' . $_plink . '\\">$vbphrase[vbseo_permalink]</a>', 0);
                    }
                }
            }
            if (VBSEO_IN_PINGBACK || VBSEO_IN_TRACKBACK || VBSEO_IN_REFBACK) {
                if (can_moderate(0, 'vbseo_linkbacks')) {
                    vbseo_modify_template('USERCP_SHELL', '#(do=viewposts&amp;type=moderated.*?</tr>)#is', '$1
<tr>
<td class=\\"".($navclass[moderatedlinkbacks]?$navclass[moderatedlinkbacks]:"alt2")."\\"><a class=\\"smallfont\\" href=\\"moderation.php?$session[sessionurl]do=viewlinkbacks\\">$vbphrase[vbseo_moderated_linkbacks]</a></td>
</tr>');
                }
            }
            if (!$vbulletin->userinfo['userid']) {
                if (VBSEO_CODE_CLEANUP_MEMBER_DROPDOWN) {
                    if (THIS_SCRIPT == 'showthread') {
                        $tplpostbit = vbseo_get_postbit_tpl();
                        vbseo_modify_template($tplpostbit, '#<script[^>]+?>[^<]*?postmenu_\\$post.*?</script>#is', '');
                        vbseo_modify_template($tplpostbit, '#<div class=\\\\"vbmenu_popup.*?</div>#is', '');
                    }
                    if (THIS_SCRIPT == 'blog') {
                        $blog_tpls = array('blog_sidebar_user', 'blog_entry_with_userinfo', 'blog_entry_without_userinfo', 'blog_list_blogs_blog');
                        foreach ($blog_tpls as $_btpl) {
                            vbseo_modify_template($_btpl, '#<script[^>]+?>[^<]*?blogusermenu.*?</script>#is', '');
                            vbseo_modify_template($_btpl, '#<div class=\\\\"vbmenu_popup.*?</div>#is', '');
                        }
                    }
                }
                if (THIS_SCRIPT == 'index') {
                    if (VBSEO_CODE_CLEANUP_LASTPOST == 2) {
                        vbseo_modify_template('FORUMHOME', '#<td[^<]+?vbphrase\\[last_post\\]</td>#is', '');
                        vbseo_modify_template('forumhome_forumbit_level1_nopost', '#<td[^<]+?vbphrase\\[last_post\\].*?</td>#is', '');
                        vbseo_modify_template('FORUMDISPLAY', '#<td[^<]+?(<span[^<]+?)?(<a[^<]+?)?vbphrase\\[last_post\\].*?</td>#is', '');
                        vbseo_modify_template('forumhome_forumbit_level2_post', '#<td[^<]+?forum\\[lastpostinfo\\].*?</td>#is', '');
                        vbseo_modify_template('forumhome_forumbit_level1_post', '#<td[^<]+?forum\\[lastpostinfo\\].*?</td>#is', '');
                        vbseo_modify_template('threadbit', '#\\(\\(\\$show\\[\'threadmoved\'.*?/td>\\s*"\\)\\)\\.#is', '');
                    }
                    if (VBSEO_CODE_CLEANUP_LASTPOST == 1) {
                        vbseo_modify_template('threadbit', '#<a href=[^>]*?->[^>]*?->[^>]*?lastpostid.*?</a>#is', '');
                        vbseo_modify_template('forumhome_lastpostby', '#<a href=[^>]*?->[^>]*?->[^>]*?lastpostid.*?</a>#is', '');
                        $vbphrase['by_x'] = strip_tags($vbphrase['by_x']);
                    }
                    vbseo_modify_template('threadbit', '#<a href=\\\\"misc\\.php\\?do=whoposted.*?>(.*?)</a>#is', '$1');
                }
            }
            break;
        case 'moderation_start':
            if ($_REQUEST['do'] == 'viewlinkbacks') {
                global $navbar, $navclass, $HTML, $navbits, $headinclude, $header, $footer, $db, $show, $navclass, $notices, $pmbox, $notifications_total;
                if (!can_moderate(0, 'vbseo_linkbacks')) {
                    print_no_permission();
                }
                vbseo_startup();
                $vbseolinkbackbits = '';
                $perpage = 20;
                $pagenumber = $_GET['page'] ? $_GET['page'] : 1;
                $vbseodb = vbseo_get_db();
                $tp = $vbseodb->vbseodb_query_first("\nSELECT COUNT(*) as cnt\nFROM " . vbseo_tbl_prefix('vbseo_linkback') . "\nWHERE t_incoming=1 AND t_deleted=0 AND t_approve=0");
                $totalposts = $tp['cnt'];
                $vbseopings = $vbseodb->vbseodb_query($q = "\nSELECT t_id, t_time, t_src_url, t_dest_url, t_type, t_postid, t_postcount, t_threadid, t_page, t_title, t_text, t_approve, forumid\nFROM " . vbseo_tbl_prefix('vbseo_linkback') . "\nLEFT JOIN " . vbseo_tbl_prefix('thread') . " on threadid=t_threadid\nWHERE t_incoming=1 AND t_deleted=0 AND t_approve=0\nORDER BY t_time " . (preg_match('#^(asc|desc)$#i', VBSEO_DEFAULT_LINKBACKS_ORDER) ? VBSEO_DEFAULT_LINKBACKS_ORDER : "DESC") . " LIMIT " . ($pagenumber - 1) * $perpage . "," . $perpage);
                $pagenav = construct_page_nav($pagenumber, $perpage, $totalposts, "moderation.php?do=viewlinkbacks");
                while ($vbseoping = @$vbseodb->funcs['fetch_assoc']($vbseopings)) {
                    if (can_moderate($vbseoping['forumid'], 'vbseo_linkbacks')) {
                        $vbseoping['postno'] = $vbseoping['t_postcount'];
                        $vbseoping['ismod'] = 1;
                        $vbseoping['date'] = vbdate($vbulletin->options['dateformat'], $vbseoping['t_time'], true);
                        $vbseoping['time'] = vbdate($vbulletin->options['timeformat'], $vbseoping['t_time'], true);
                        $vbseoping['t_src_url'] = htmlentities($vbseoping['t_src_url']);
                        $vbseoping['t_dest_url'] = htmlentities($vbseoping['t_dest_url']);
                        $vbseoping['t_text_nohtml'] = htmlspecialchars(strip_tags($vbseoping['t_text']));
                        $vbseoping['t_title_html'] = htmlspecialchars($vbseoping['t_title']);
                        eval('$vbseolinkbackbits .= "' . fetch_template('vbseo_linkbackbit') . '";');
                    }
                }
                if ($vbseolinkbackbits) {
                    eval('$HTML = "' . fetch_template('vbseo_linkbacks') . '";');
                } else {
                    $HTML = $vbphrase['vbseo_no_linkbacks_found'];
                }
                unset($vbseolinkbackbits);
                $navbits[''] = $vbphrase['moderation'];
                $navbits = construct_navbits($navbits);
                construct_usercp_nav('moderatedlinkbacks');
                eval('$navbar = "' . fetch_template('navbar') . '";');
                eval('print_output("' . fetch_template('USERCP_SHELL') . '");');
            }
            break;
        case 'misc_start':
            if ($_REQUEST['do'] == 'linkbacks') {
                global $navbits, $headinclude, $header, $footer;
                $navbits = construct_navbits(array('faq.' . VBSEO_VB_EXT . $vbulletin->session->vars['sessionurl_q'] => $vbphrase['faq'], '' => $vbphrase['vbseo_linkbacks']));
                @extract($GLOBALS);
                @eval('$navbar = "' . fetch_template('navbar') . '";');
                @eval('print_output("' . fetch_template('vbseo_help_linkback') . '");');
            }
            break;
        case 'archive_forum_thread':
            if ($GLOBALS['pda'] == 'vbseo') {
                $GLOBALS['pda'] = false;
            }
            break;
        case 'archive_navigation':
            if (VBSEO_ARCHIVE_ORDER_DESC && !$GLOBALS['pda']) {
                $GLOBALS['pda'] = 'vbseo';
            }
            break;
        case 'forumrules':
            $pingrules = '<div>" . construct_phrase("$vbphrase[vbseo_trackback_is_x]", "misc.".VBSEO_VB_EXT."?do=linkbacks#trackbacks", "' . iif(VBSEO_EXT_TRACKBACK, $vbphrase['on'], $vbphrase['off']) . '") . "</div>
<div>" . construct_phrase("$vbphrase[vbseo_pingback_is_x]", "misc.".VBSEO_VB_EXT."?do=linkbacks#pingbacks", "' . iif(VBSEO_EXT_PINGBACK, $vbphrase['on'], $vbphrase['off']) . '") . "</div>
<div>" . construct_phrase("$vbphrase[vbseo_refback_is_x]", "misc.".VBSEO_VB_EXT."?do=linkbacks#refbacks", "' . iif(VBSEO_IN_REFBACK, $vbphrase['on'], $vbphrase['off']) . '") . "</div>';
            vbseo_modify_template('forumrules', '#(html_code_is_x.*?</div>)#s', '$1' . $pingrules, 0, '<!--LINKBACK_POSTRULES-->');
            break;
        case 'showthread_complete':
            global $onload;
            if (!$onload) {
                $onload = "if (is_ie || is_moz) { var cpost=document.location.hash;if(cpost){ if(cobj = fetch_object(cpost.substring(1,cpost.length)))cobj.scrollIntoView(true); }}";
            }
            if (VBSEO_IN_PINGBACK || VBSEO_IN_TRACKBACK || VBSEO_IN_REFBACK) {
                global $vbseo_bookmarks, $vbseo_linkback_menu, $vbseo_linkback_menu_list, $show, $vbseo_linkback_uri, $thread;
                $vbseo_url_t = urlencode($vboptions['bburl2'] . '/' . vbseo_thread_url($thread['threadid']));
                $book_t = urlencode($thread['title']);
                $is_public = vbseo_forum_is_public($GLOBALS['forum'], $GLOBALS['foruminfo'], false, true);
                if ($is_public && VBSEO_BOOKMARK_THREAD) {
                    $bmlist = vbseo_get_bookmarks();
                    $vbseo_bookmarks = '';
                    $bmno = 0;
                    foreach ($bmlist as $bm) {
                        $vbseo_bookmarks .= '<tr><td class="vbmenu_option"><img class="inlineimg" src="' . $bm[1] . '" alt="' . $bm[2] . '" /> <a href="' . str_replace('%url%', $vbseo_url_t, str_replace('%title%', $book_t, $bm[0])) . '" target="_blank">' . $bm[2] . '</a><a name="vbseodm_' . $bmno++ . '"></a></td></tr>';
                    }
                }
                eval('$vbseo_linkback_menu = "' . fetch_template('vbseo_linkbackmenu_entry') . '";');
                vbseo_modify_template('SHOWTHREAD', '#(<td[^>]*?threadtools)#i', '\\$vbseo_linkback_menu$1', 0, '<!--LINKBACK_MENU-->');
                eval('$vbseo_linkback_menu_list = "' . fetch_template('vbseo_linkbackmenu') . '";');
                if (!vbseo_tpl_search('SHOWTHREAD', '$vbseo_linkback_menu_list')) {
                    vbseo_modify_template('SHOWTHREAD', '#(</body>)#is', '\\$vbseo_linkback_menu_list' . '$1');
                }
                if ($_GET['nojs']) {
                    preg_match('#<table.*?>(.*?)</table>#is', $vbseo_linkback_menu, $vbseo_m);
                    $vbseo_m[1] = str_replace('vbmenu_option', 'alt1', $vbseo_m[1]);
                    $vbseo_m[1] = str_replace('<td', '<td colspan="2"', $vbseo_m[1]);
                    vbseo_modify_template('SHOWTHREAD', "#(sendtofriend\\.gif.*?sendtofriend\\.gif.*?</tr>)#is", "\$1" . addslashes($vbseo_m[1]));
                }
            }
            break;
        case 'showthread_post_start':
            global $vbseolinkbacks, $vbcollapse, $vbseo_linkback_uri, $thread, $db, $show, $found_object_ids;
            if (defined('VBSEO_PRIVATE_REDIRECT_POSTID')) {
                vbseo_get_options();
                if (!($mode_nonlinear = vbseo_is_threadedmode())) {
                    vbseo_get_forum_info();
                    $r_post_id = VBSEO_PRIVATE_REDIRECT_POSTID;
                    $found_object_ids['prepostthread_ids'] = array($r_post_id);
                    $parr = vbseo_get_post_thread_info($r_post_id, true);
                    $threadid = $parr[$r_post_id]['threadid'];
                    vbseo_get_thread_info($threadid);
                    $excpars = array('p', 'page');
                    $vbse_rurl = vbseo_thread_url_postid($r_post_id, isset($_GET['page']) ? $_GET['page'] : 1, $mode_nonlinear);
                    if ($vbse_rurl) {
                        vbseo_url_autoadjust($vbse_rurl, $excpars, false);
                    }
                }
            }
            if (VBSEO_IN_PINGBACK || VBSEO_IN_TRACKBACK || VBSEO_IN_REFBACK) {
                $vbseolinkbacks = '';
                vbseo_get_options();
                vbseo_get_forum_info();
                $vbseo_gcache['thread'][$thread['threadid']] = $thread;
                $vbseo_linkback_uri = vbseo_thread_url($thread['threadid']);
                if (!strstr($vbseo_linkback_uri, '://')) {
                    $vbseo_linkback_uri = preg_replace('#/$#', '', $vbulletin->options['bburl']) . '/' . $vbseo_linkback_uri;
                }
                $showactusers = $vboptions['showthreadusers'] == 1 || $vboptions['showthreadusers'] == 2 || ($vboptions['showthreadusers'] > 2 and $vbulletin->userinfo['userid']);
                if (!vbseo_tpl_search('SHOWTHREAD', '$vbseolinkbacks')) {
                    $search_for = $showactusers ? '".(($show[\'activeusers\']' : '$similarthreads';
                    if (!vbseo_tpl_search('SHOWTHREAD', $search_for)) {
                        $search_for = '<!-- currently active users -->';
                    }
                    vbseo_modify_template('SHOWTHREAD', $search_for, "\$vbseolinkbacks\n{$search_for}");
                }
                $vbseolinkbackbits = '';
                $vbseo_linkbacks_no = 0;
                $ismod = can_moderate($thread['forumid'], 'vbseo_linkbacks') || $vbulletin && $vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator'];
                if ($thread['vbseo_linkbacks_no'] || $ismod) {
                    $vbseodb = vbseo_get_db();
                    $vbseopings = $vbseodb->vbseodb_query("\nSELECT t_id, t_time, t_src_url, t_dest_url, t_type, t_postid, t_postcount, t_threadid, t_page, t_title, t_text, t_approve\nFROM " . vbseo_tbl_prefix('vbseo_linkback') . "\nWHERE t_incoming=1 AND t_deleted=0 AND t_wait=0\nAND " . ($ismod ? '' : 't_approve>0 AND ') . "t_threadid = '" . $thread['threadid'] . "' " . "ORDER BY t_time " . (preg_match('#^(asc|desc)$#i', VBSEO_DEFAULT_LINKBACKS_ORDER) ? VBSEO_DEFAULT_LINKBACKS_ORDER : "DESC"));
                    while ($vbseoping = @$vbseodb->funcs['fetch_assoc']($vbseopings)) {
                        $vbseoping['postno'] = $vbseoping['t_postcount'];
                        $vbseoping['ismod'] = $ismod;
                        $vbseoping['date'] = vbdate($vbulletin->options['dateformat'], $vbseoping['t_time'], true);
                        $vbseoping['time'] = vbdate($vbulletin->options['timeformat'], $vbseoping['t_time'], true);
                        $vbseoping['t_text_nohtml'] = htmlspecialchars(strip_tags($vbseoping['t_text']));
                        $vbseoping['t_title_html'] = htmlspecialchars($vbseoping['t_title']);
                        if ($vbseoping['t_postid']) {
                            $vbseo_gcache['postpings'][$vbseoping['t_postid']]++;
                        } else {
                            $vbseo_gcache['postcounts'][vbseo_thread_pagenum($vbseoping['t_page'] - 1, 0) + 1]++;
                        }
                        eval('$vbseolinkbackbits .= "' . fetch_template('vbseo_linkbackbit') . '";');
                        $vbseo_linkbacks_no++;
                    }
                    if ($vbseo_linkbacks_no) {
                        eval('$vbseolinkbacks = "' . fetch_template('vbseo_linkbacks') . '";');
                        if ($showactusers) {
                            $vbseolinkbacks = '<br />' . $vbseolinkbacks;
                        } else {
                            $vbseolinkbacks = $vbseolinkbacks . '<br />';
                        }
                    }
                    unset($vbseolinkbackbits);
                }
            }
            break;
        case 'postbit_display_complete':
            global $thread, $vbseo_lastmod;
            if (!isset($vbseo_lastmod) || $dat_proc['dateline'] > $vbseo_lastmod) {
                $vbseo_lastmod = $dat_proc['dateline'];
            }
            $dat_proc['preposts'] = $dat_proc['postcount'];
            $postcache[$dat_proc['postid']] = $dat_proc;
            $vbseo_gcache['thread'][$thread['threadid']] = $thread;
            $vbseo_postbit_pingback = VBSEO_POSTBIT_PINGBACK > 0 && THIS_SCRIPT != 'private' && THIS_SCRIPT != 'member';
            $vbseo_bookmark = VBSEO_BOOKMARK_POST;
            if ($vbseo_postbit_pingback || $vbseo_bookmark) {
                if (!$vboptions['bburl2']) {
                    vbseo_get_options();
                    vbseo_prepare_seo_replace();
                    vbseo_get_forum_info();
                }
                $GLOBALS['post']['linkbacksno'] = $vbseo_gcache['postpings'][$GLOBALS['post']['postid']] + $vbseo_gcache['postcounts'][$GLOBALS['post']['postcount']];
                $tplpostbit = vbseo_get_postbit_tpl();
                if (!defined('VBSEO_POSTBIT_PINGBACK_CHG_' . $tplpostbit) && vbseo_tpl_exists($tplpostbit)) {
                    define('VBSEO_POSTBIT_PINGBACK_CHG_' . $tplpostbit, 1);
                    $is_public = vbseo_forum_is_public($GLOBALS['forum'], $GLOBALS['foruminfo'], false, true);
                    if ($is_public && $vbseo_bookmark && THIS_SCRIPT == 'showthread' && ($bmlist = vbseo_get_bookmarks())) {
                        $vbseo_url_t = urlencode($vboptions['bburl2'] . '/' . vbseo_thread_url($thread['threadid'], $_GET['page']) . '#') . '$post[postid]';
                        $vbseo_url_t_iis = urlencode($vboptions['bburl2'] . '/' . vbseo_thread_url($thread['threadid'], $_GET['page']));
                        $book_t = urlencode($thread['title']);
                        $vbseo_post_bookmarks = '';
                        foreach ($bmlist as $bm) {
                            $vbseo_post_bookmarks .= '<a href=\\"' . str_replace('%url%', $vbseo_url_t, str_replace('%title%', $book_t, $bm[0])) . '\\" target=\\"_blank\\"><img src=\\"' . $bm[1] . '\\" alt=\\"' . $bm[3] . '\\" border=\\"0\\" /></a>';
                        }
                        $search_for = '<!--VBSEO_BOOKMARKS-->';
                        if (!vbseo_tpl_search($tplpostbit, $search_for)) {
                            $search_for = '".(($post[\'editlink\'])';
                        }
                        vbseo_modify_template($tplpostbit, $search_for, '<div style=\\"float:$stylevar[left]\\">' . $vbseo_post_bookmarks . "</div>\n" . $search_for);
                    }
                    if ($vbseo_postbit_pingback) {
                        $pingtpl = '".($post[\'linkbacksno\']?"<a href=\\"' . ($_POST['ajax'] || THIS_SCRIPT != 'showthread' ? 'showthread.' . VBSEO_VB_EXT . '?p=$post[postid]' : "") . '#linkbacks\\"><img class=\\"inlineimg\\" src=\\"images/vbseo/post_linkback.gif\\" alt=\\"".construct_phrase("$vbphrase[vbseo_no_links_to_this_post]",$post[linkbacksno])."\\" border=\\"0\\" /></a> ":"")."';
                        $pingtpl2 = '<a href=\\"' . ($_POST['ajax'] || THIS_SCRIPT != 'showthread' ? 'showthread.' . VBSEO_VB_EXT . '?p=$post[postid]' : '#post$post[postid]') . '\\" title=\\"".$vbphrase[\'vbseo_link_to_this_post\']."\\">".$vbphrase[\'vbseo_permalink\']."</a>';
                        if (VBSEO_POSTBIT_PINGBACK == 1) {
                            $pingtpl .= $pingtpl2;
                        }
                        if (vbseo_tpl_search($tplpostbit, '<!--PERMALINK_INFO-->')) {
                            vbseo_modify_template($tplpostbit, '<!--PERMALINK_INFO-->', $pingtpl);
                        } else {
                            if (VBSEO_POSTBIT_PINGBACK == 1) {
                                vbseo_modify_template($tplpostbit, '#(\\$show\\[\'messageicon\'\\] OR \\$post\\[\'title\'\\])(.*?)(<div.*?</div>)#s', '$1 OR 1$2<table cellspacing=\\"0\\" cellpadding=\\"0\\" width=\\"100%\\" border=\\"0\\">
<tr><td>$3</td>
<td><div class=\\"smallfont\\" style=\\"float:right\\">' . $pingtpl . '</div></td>
</tr></table>');
                            } else {
                                vbseo_modify_template($tplpostbit, '#("\\.\\(\\(\\$show\\[\'postcount\'\\])#s', $pingtpl . '$1');
                            }
                            if (VBSEO_POSTBIT_PINGBACK == 3) {
                                vbseo_modify_template($tplpostbit, '#("\\.\\(\\(\\$show\\[\'postcount\'\\].*?</a>)#s', '$1 (<b>' . $pingtpl2 . '</b>)');
                            }
                        }
                    }
                }
            }
            break;
        case 'forumhome_complete':
            global $vbseo_onload;
            if (!$onload) {
                $vbseo_onload = " onload=\"if (is_ie || is_moz) { var cpost=document.location.hash;if(cpost){ if(cobj = fetch_object(cpost.substring(1,cpost.length)))cobj.scrollIntoView(true); }}\"";
                vbseo_modify_template('FORUMHOME', '<body>', '<body$vbseo_onload>');
            }
            if (!is_array($GLOBALS['birthdays'])) {
                preg_match_all('#<a href="[^"]*?member\\.php\\?u=(\\d+)".*?>(.+?)<#', $GLOBALS['birthdays'], $birthm);
                foreach ($birthm[1] as $k => $v) {
                    $GLOBALS['usercache'][$v] = array('userid' => $v, 'username' => $birthm[2][$k]);
                }
            }
            break;
        case 'threadmanage_update':
            global $threadinfo;
            if ($threadinfo['title'] != $_REQUEST['title']) {
                $vbseodb = vbseo_get_db();
                $vbseodb->vbseodb_query("UPDATE " . vbseo_tbl_prefix('post') . "\nSET title = '" . $vbseodb->vbseodb_escape_string('re: ' . $_REQUEST['title']) . "'\nWHERE threadid = " . intval($threadinfo['threadid']) . " AND\ntitle = '" . $vbseodb->vbseodb_escape_string('re: ' . $threadinfo['title']) . "'");
            }
            break;
        case 'editpost_edit_complete':
        case 'newreply_form_complete':
        case 'newthread_form_complete':
        case 'threadmanage_complete':
            global $db, $disablesmiliesoption, $threadmanagement, $posticons;
            if (VBSEO_REWRITE_EXT_ADDTITLE) {
                $disablesmiliesoption = '<div><label for="qr_retrtitle"><input type="checkbox" name="vbseo_retrtitle" value="1" id="qr_retrtitle" ' . ($_POST['vbseo_retrtitle'] || !isset($_POST['vbseo_is_retrtitle']) ? ' checked' : '') . '/>' . $vbphrase['vbseo_auto_retrieve_titles'] . '</label>
<input type="hidden" name="vbseo_is_retrtitle" value="1" /></div>' . $disablesmiliesoption;
            }
            if (VBSEO_EXT_TRACKBACK && in_array($sec, array('newthread_form_complete', 'threadmanage_complete', 'newreply_form_complete')) && (!$GLOBALS['threadinfo']['threadid'] || $GLOBALS['threadinfo']['open'] == 1)) {
                $vbseodb = vbseo_get_db();
                $vbseopings = $vbseodb->vbseodb_query("\nSELECT t_time, t_dest_url, t_approve\nFROM " . vbseo_tbl_prefix('vbseo_linkback') . "\nWHERE t_incoming=0 AND t_type=1 AND t_threadid = '" . (isset($GLOBALS['threadinfo']) ? $GLOBALS['threadinfo']['threadid'] : $thread['threadid']) . "'\nORDER BY t_time DESC");
                $plist = '';
                while ($vbseoping = @$vbseodb->funcs['fetch_assoc']($vbseopings)) {
                    $plist .= '<li><strong>' . (strlen($vbseoping['t_dest_url']) > 50 ? substr($vbseoping['t_dest_url'], 0, 50) . '...' : $vbseoping['t_dest_url']) . '</strong></li>';
                }
                if ($plist) {
                    $plist = "<div>" . $vbphrase[vbseo_already_pinged] . ":<ul type=\"disc\">{$plist}</ul></div>";
                }
                $tracklegend = '
<fieldset class="fieldset">
<legend>' . $vbphrase['vbseo_trackback'] . '</legend>
<div style="padding:' . $stylevar['formspacer'] . 'px">
' . $vbphrase['vbseo_send_trackbacks_to'] . ':
<div><label for="trackbackto"><input type="text" class="bginput" size="50" name="sendtrackbacks" value="' . $_REQUEST['sendtrackbacks'] . '" id="trackbackto" tabindex="1" /></label> </div>
' . $plist . '
</div>
</fieldset>
';
                if (in_array($sec, array('threadmanage_complete', 'newreply_form_complete', 'newthread_form_complete'))) {
                    $posticons = $tracklegend . $posticons;
                }
            }
            break;
    }
    if (VBSEO_GOOGLE_AD_SEC) {
        $sps = $usps = array();
        switch ($sec) {
            case 'forumdisplay_complete':
                $sps[] =& $GLOBALS['threadbits'];
                break;
            case 'forumbit_display':
                $sps[] =& $GLOBALS['forum']['title'];
                break;
            case 'forumhome_complete':
                $sps[] =& $GLOBALS['forumbits'];
                break;
            case 'postbit_display_complete':
                $GLOBALS['post']['title_original'] = $GLOBALS['post']['title'];
                $GLOBALS['post']['message_original'] = $GLOBALS['post']['message'];
                $sps[] =& $GLOBALS['post']['message'];
                $sps[] =& $GLOBALS['post']['title'];
                $usps[] =& $GLOBALS['post']['signature'];
                $usps[] =& $GLOBALS['post']['musername'];
                break;
        }
        for ($i = 0; $i < count($sps); $i++) {
            if ($sps[$i]) {
                $sps[$i] = vbseo_google_ad_section($sps[$i]);
            }
        }
        for ($i = 0; $i < count($usps); $i++) {
            if ($usps[$i]) {
                $usps[$i] = vbseo_google_ad_section($usps[$i], true);
            }
        }
    }
}
Beispiel #22
0
		{
			require_once(DIR . '/includes/functions_newpost.php');
			$vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']);
		}

		$message = array(
			'message'        =>& $vbulletin->GPC['message'],
			'userid'         =>& $userinfo['userid'],
			'postuserid'     =>& $vbulletin->userinfo['userid'],
			'disablesmilies' =>& $vbulletin->GPC['disablesmilies'],
			'parseurl'       =>& $vbulletin->GPC['parseurl'],
		);

		if ($vbulletin->GPC['ajax'])
		{
			$message['message'] = convert_urlencoded_unicode($message['message']);
		}

		$dataman =& datamanager_init('VisitorMessage', $vbulletin, ERRTYPE_ARRAY);

		if ($messageinfo)
		{
			$show['edit'] = true;
			$dataman->set_existing($messageinfo);
		}
		else
		{
			// Don't allow mods to create new messages
			if (!$userinfo['vm_enable'])
			{
				print_no_permission();
Beispiel #23
0
	/**
	 * Gets editor in the selected mode.
	 *
	 * @return string
	 */
	public function actionSwitchMode()
	{
		// Set up the style info - we need charset to be set for convert_urlencoded_unicode
		$this->bootstrap->force_styleid(0);
		$this->bootstrap->load_style();


		require_once DIR . '/includes/class_xml.php';

		vB::$vbulletin->input->clean_array_gpc('r', array(
			'towysiwyg' => vB_Input::TYPE_BOOL,
			'allowsmilie' => vB_Input::TYPE_BOOL,
			'message' => vB_Input::TYPE_STR,
		));

		vB::$vbulletin->GPC['message'] = convert_urlencoded_unicode(vB::$vbulletin->GPC['message']);

		$xml = new vB_AJAX_XML_Builder(vB::$vbulletin, 'text/xml');

		if (vB::$vbulletin->GPC['towysiwyg'])
		{
			$wysiwyg_parser = new vBCms_BBCode_Wysiwyg(vB::$vbulletin, vBCms_BBCode_Wysiwyg::fetchCmsTags());

			// todo: options
			$wysiwyg_html = $wysiwyg_parser->do_parse(vB::$vbulletin->GPC['message'], false, vB::$vbulletin->GPC['allowsmilie'], true, true, true);

			$xml->add_tag('message', process_replacement_vars($wysiwyg_html));
		}
		else
		{
			$html_parser = new vBCms_WysiwygHtmlParser(vB::$vbulletin);
			$do_html = false; // todo: option
			$message = $html_parser->parse(vB::$vbulletin->GPC['message'], $do_html);

			$xml->add_tag('message', process_replacement_vars($message));
		}

		if (!vB::contentHeadersSent())
		{
			$xml->send_content_type_header();
			$xml->send_content_length_header();

			vB::contentHeadersSent(true);
		}

		return $xml->fetch_xml();
	}
Beispiel #24
0
 private function is_command(&$message)
 {
     if (trim($message) == '/prune' && $this->can_admin()) {
         $this->vbulletin->db->query("\n                TRUNCATE TABLE " . TABLE_PREFIX . "jb_firebolt_shout\n            ");
         $message = 'Shoutbox pruned successfully.';
         $this->command_output = true;
         return true;
     }
     if (preg_match("#^(/prune\\s+?)#i", $message, $matches) && $this->can_mod()) {
         $user = htmlspecialchars_uni(addslashes(trim(str_replace($matches[0], '', $message))));
         if ($user = $this->vbulletin->db->query_first("SELECT userid, username, usergroupid, membergroupids FROM " . TABLE_PREFIX . "user WHERE userid = '{$user}' OR username = '******'")) {
             $message = 'Pruned all shouts by ' . $user['username'] . ' successfully.';
             $this->command_output = true;
             $this->vbulletin->db->query("\n                    DELETE FROM " . TABLE_PREFIX . "jb_firebolt_shout\n                    WHERE userid = '" . intval($user['userid']) . "'\n                ");
         }
         return true;
     }
     if (preg_match("#^(/ban\\s+?)#i", $message, $matches) && $this->can_mod()) {
         $user = htmlspecialchars_uni(addslashes(trim(str_replace($matches[0], '', $message))));
         if ($user = $this->vbulletin->db->query_first("SELECT userid, username, usergroupid, membergroupids FROM " . TABLE_PREFIX . "user WHERE userid = '{$user}' OR username = '******'")) {
             $this->check_user_in_table($user['userid']);
             if (!$this->is_banned($user['userid'])) {
                 $message = 'User ' . $user['username'] . ' banned from the shoutbox successfully.';
                 $this->command_output = true;
                 $this->vbulletin->db->query("\n                        UPDATE " . TABLE_PREFIX . "jb_firebolt_users\n                        SET\n                            is_banned = '1'\n                        WHERE userid = '" . intval($user['userid']) . "'\n                    ");
             } else {
                 $this->keep_shouting = false;
             }
         }
         return true;
     }
     if (preg_match("#^(/unban\\s+?)#i", $message, $matches) && $this->can_mod()) {
         $user = htmlspecialchars_uni(addslashes(trim(str_replace($matches[0], '', $message))));
         if ($user = $this->vbulletin->db->query_first("SELECT userid, username, usergroupid, membergroupids FROM " . TABLE_PREFIX . "user WHERE userid = '{$user}' OR username = '******'")) {
             $this->check_user_in_table($user['userid']);
             if ($this->is_banned($user['userid'])) {
                 $message = 'User ' . $user['username'] . ' unbanned from the shoutbox successfully.';
                 $this->command_output = true;
                 $this->vbulletin->db->query("\n                        UPDATE " . TABLE_PREFIX . "jb_firebolt_users\n                        SET\n                            is_banned = '0'\n                        WHERE userid = '" . intval($user['userid']) . "'\n                    ");
             } else {
                 $this->keep_shouting = false;
             }
         }
         return true;
     }
     if ((preg_match("#^(/notice\\s+?)#i", $message, $matches) || trim($message) == '/removenotice') && $this->can_mod()) {
         if (trim($message) != '/removenotice') {
             $message = addslashes(convert_urlencoded_unicode(trim(str_replace($matches[0], '', $message))));
         } else {
             $message = '';
         }
         $this->vbulletin->db->query("\n                UPDATE " . TABLE_PREFIX . "setting\n                SET\n                    value = '" . $message . "'\n                WHERE varname = 'jb_firebolt_notice'\n            ");
         $this->keep_shouting = false;
         $this->fetch_shouts();
         $this->build_options();
         return true;
     }
 }
Beispiel #25
0
 // ########### MILESTONE ###########
 case 'milestoneid':
     if (!($issueperms['generalpermissions'] & $vbulletin->pt_bitfields['general']['canviewmilestone']) or !($issueperms['postpermissions'] & $vbulletin->pt_bitfields['post']['canchangemilestone'])) {
         throw_ajax_error('');
     }
     $issuedata->set('milestoneid', $vbulletin->GPC['value']);
     break;
     // #### COMPLEX MULTI SELECTS ####
 // #### COMPLEX MULTI SELECTS ####
 case 'tags':
     if (!$posting_perms['tags_edit']) {
         throw_ajax_error('');
     }
     $vbulletin->input->clean_array_gpc('p', array('value' => TYPE_ARRAY_NOHTML));
     foreach ($vbulletin->GPC['value'] as $key => $value) {
         $vbulletin->GPC['value']["{$key}"] = convert_urlencoded_unicode($value);
     }
     $issuedata->set_info('allow_tag_creation', $posting_perms['can_custom_tag']);
     // existing tags
     $existing_tags = array();
     $tag_data = $db->query_read("\r\n\t\t\t\tSELECT tag.tagtext\r\n\t\t\t\tFROM " . TABLE_PREFIX . "pt_issuetag AS issuetag\r\n\t\t\t\tINNER JOIN " . TABLE_PREFIX . "pt_tag AS tag ON (issuetag.tagid = tag.tagid)\r\n\t\t\t\tWHERE issuetag.issueid = {$issue['issueid']}\r\n\t\t\t\tORDER BY tag.tagtext\r\n\t\t\t");
     while ($tag = $db->fetch_array($tag_data)) {
         $existing_tags[] = $tag['tagtext'];
     }
     $tag_add = array_diff($vbulletin->GPC['value'], $existing_tags);
     $tag_remove = array_diff($existing_tags, $vbulletin->GPC['value']);
     foreach ($tag_add as $tag) {
         $issuedata->add_tag($tag);
     }
     foreach ($tag_remove as $tag) {
         $issuedata->remove_tag($tag);
Beispiel #26
0
 // Update posthash for all actions beyond node loading (except if this is the first node, see "loadnode")
 $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
 $userdm->set_existing($userinfo);
 $userdm->set('assetposthash', $vbulletin->GPC['posthash']);
 $userdm->save();
 if ($_POST['do'] == 'updatelabel') {
     $vbulletin->input->clean_array_gpc('p', array('categoryid' => TYPE_UINT, 'title' => TYPE_NOHTML));
     $db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "attachmentcategory\n\t\t\tSET title = '" . $db->escape_string(convert_urlencoded_unicode($vbulletin->GPC['title'])) . "'\n\t\t\tWHERE\n\t\t\t\tuserid = {$userinfo['userid']}\n\t\t\t\t\tAND\n\t\t\t\tcategoryid = {$vbulletin->GPC['categoryid']}\n\t\t");
     exit;
 }
 if ($_POST['do'] == 'insertnode') {
     $vbulletin->input->clean_array_gpc('p', array('parentid' => TYPE_UINT, 'title' => TYPE_NOHTML, 'returnall' => TYPE_BOOL));
     if (!($maxdo = $db->query_first("\n\t\t\tSELECT MAX(displayorder) AS maxdo\n\t\t\tFROM " . TABLE_PREFIX . "attachmentcategory\n\t\t\tWHERE\n\t\t\t\tuserid = {$userinfo['userid']}\n\t\t\t\t\tAND\n\t\t\t\tparentid = {$vbulletin->GPC['parentid']}\n\t\t\t"))) {
         eval(standard_error(fetch_error('invalidid', 'categoryid', $vbulletin->options['contactuslink'])));
     }
     $db->query_write("\n\t\t\tINSERT INTO " . TABLE_PREFIX . "attachmentcategory\n\t\t\t\t(parentid, userid, title, displayorder)\n\t\t\tVALUES\n\t\t\t\t(\n\t\t\t\t\t{$vbulletin->GPC['parentid']},\n\t\t\t\t\t{$userinfo['userid']},\n\t\t\t\t\t'" . $db->escape_string(convert_urlencoded_unicode($vbulletin->GPC['title'])) . "',\n\t\t\t\t\t" . ($maxdo['maxdo'] + 1) . "\n\t\t\t\t)\n\t\t");
     $categoryid = $db->insert_id();
     $xml->add_group('categories');
     if ($vbulletin->GPC['returnall']) {
         $categories = $db->query_read_slave("\n\t\t\t\tSELECT categoryid, title\n\t\t\t\tFROM " . TABLE_PREFIX . "attachmentcategory\n\t\t\t\tWHERE\n\t\t\t\t\tuserid = {$userinfo['userid']}\n\t\t\t\t\t\tAND\n\t\t\t\t\tparentid = {$vbulletin->GPC['parentid']}\n\t\t\t\tORDER BY displayorder\n\t\t\t");
         while ($category = $db->fetch_array($categories)) {
             $xml->add_tag('category', $category['title'], array('categoryid' => $category['categoryid']));
         }
     } else {
         $xml->add_tag('categoryid', $categoryid);
     }
     $xml->close_group();
     $xml->print_xml();
 }
 if ($_POST['do'] == 'removenode') {
     $vbulletin->input->clean_array_gpc('p', array('categoryid' => TYPE_UINT));
Beispiel #27
0
	/**
	 * Returns the config view for the widget.
	 *
	 * @return vBCms_View_Widget				- The view result
	 */
	public function getConfigView()
	{
		require_once DIR . '/includes/functions_databuild.php';
		fetch_phrase_group('cpcms');
		$this->assertWidget();

		vB::$vbulletin->input->clean_array_gpc('r', array(
			'do'            => vB_Input::TYPE_STR,
			'url'           => vB_Input::TYPE_STR,
			'template_name' => vB_Input::TYPE_STR,
			'use_rss_title' => vB_Input::TYPE_BOOL,
			'max_items'		 => vB_Input::TYPE_INT,
		));

		$view = new vB_View_AJAXHTML('cms_widget_config');
		$view->title = new vB_Phrase('vbcms', 'configuring_widget_x', $this->widget->getTitle());
		$config = $this->widget->getConfig();

		if ((vB::$vbulletin->GPC['do'] == 'config') AND $this->verifyPostId())
		{
			$config['url'] = convert_urlencoded_unicode(vB::$vbulletin->GPC['url']);
			$config['use_rss_title'] = vB::$vbulletin->GPC['use_rss_title'];

			if (vB::$vbulletin->GPC_exists['template_name'])
			{
				$config['template_name'] = vB::$vbulletin->GPC['template_name'];
			}

			if (vB::$vbulletin->GPC_exists['max_items'])
			{
				$config['max_items'] = vB::$vbulletin->GPC['max_items'];
			}
			$widgetdm = $this->widget->getDM();
			$widgetdm->set('config', $config);

			if ($this->content)
			{
				$widgetdm->setConfigNode($this->content->getNodeId());
			}

			$widgetdm->save();

			if (!$widgetdm->hasErrors())
			{
				if ($this->content)
				{
					$segments = array('node' => $this->content->getNodeURLSegment(),
										'action' => vB_Router::getUserAction('vBCms_Controller_Content', 'EditPage'));
					$view->setUrl(vB_View_AJAXHTML::URL_FINISHED, vBCms_Route_Content::getURL($segments));
				}

				$view->setStatus(vB_View_AJAXHTML::STATUS_FINISHED, new vB_Phrase('vbcms', 'configuration_saved'));
			}
			else
			{
				if (vB::$vbulletin->debug)
				{
					$view->addErrors($widgetdm->getErrors());
				}

				// only send a message
				$view->setStatus(vB_View_AJAXHTML::STATUS_MESSAGE, new vB_Phrase('vbcms', 'configuration_failed'));
			}
		}
		else
		{
			// add the config content
			$configview = $this->createView('config');

			if (!isset($config['template_name']) OR ($config['template_name'] == '') )
			{
				$config['template_name'] = 'vbcms_widget_rss_page';
			}
			// add the config content
			$configview->use_rss_title = $config['use_rss_title'];
			$configview->template_name = $config['template_name'];
			$configview->max_items = $config['max_items'];
			$configview->url = $config['url'] ? htmlspecialchars_uni($config['url']) : $config['url'];

			// item id to ensure form is submitted to us
			$this->addPostId($configview);

			$view->setContent($configview);

			// send the view
			$view->setStatus(vB_View_AJAXHTML::STATUS_VIEW, new vB_Phrase('vbcms', 'configuring_widget'));
		}

		return $view;
	}
Beispiel #28
0
     // User was logged in when writing post but isn't now. If we got this
     // far, guest posts are allowed, but they didn't enter a username so
     // they'll get an error. Force them to log back in.
     standard_error(fetch_error('session_timed_out_login'), '', false, 'STANDARD_ERROR_LOGIN');
 }
 ($hook = vBulletinHook::fetch_hook('newreply_post_start')) ? eval($hook) : false;
 // ### PREP INPUT ###
 if ($vbulletin->GPC['wysiwyg']) {
     require_once DIR . '/includes/functions_wysiwyg.php';
     $newpost['message'] = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $foruminfo['allowhtml']);
 } else {
     $newpost['message'] = $vbulletin->GPC['message'];
 }
 if ($vbulletin->GPC['ajax']) {
     // posting via ajax so we need to handle those %u0000 entries
     $newpost['message'] = convert_urlencoded_unicode($newpost['message']);
 }
 if ($vbulletin->GPC['quickreply']) {
     $originalposter = fetch_quote_username($postinfo['username'] . ";{$postinfo['postid']}");
     $pagetext = trim(strip_quotes($postinfo['pagetext']));
     ($hook = vBulletinHook::fetch_hook('newreply_post_quote')) ? eval($hook) : false;
     eval('$quotemessage = "' . fetch_template('newpost_quote', 0, false) . '";');
     $newpost['message'] = trim($quotemessage) . "\n{$newpost['message']}";
 }
 if ($vbulletin->GPC['fromquickreply']) {
     // We only add notifications to threads that don't have one if the user defaults to it, do nothing else!
     if ($vbulletin->userinfo['autosubscribe'] != -1 and !$threadinfo['issubscribed']) {
         $vbulletin->GPC['folderid'] = 0;
         $vbulletin->GPC['emailupdate'] = $vbulletin->userinfo['autosubscribe'];
     } else {
         if ($threadinfo['issubscribed']) {
Beispiel #29
0
             if ($vbulletin->GPC['incomingaction'] == 'accept') {
                 $add['approvals']["{$userid}"] = $userid;
             } else {
                 $remove['approvals']["{$userid}"] = $userid;
             }
         }
     }
 } else {
     // IGNORE LIST
     $vbulletin->GPC['userlist'] = 'ignore';
     if (!empty($clean_lists['ignore_original'])) {
         $remove['ignore'] = array_merge($remove['ignore'], array_diff($clean_lists['ignore_original'], is_array($clean_lists['ignore']) ? $clean_lists['ignore'] : array()));
     }
     if (!empty($vbulletin->GPC['username'])) {
         if ($vbulletin->GPC['ajax']) {
             $vbulletin->GPC['username'] = convert_urlencoded_unicode($vbulletin->GPC['username']);
         }
         if ($userinfo = $db->query_first("\n\t\t\t\tSELECT userid, username, usergroupid, membergroupids\n\t\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\t\tWHERE username = '******'username'])) . "'\n\t\t\t")) {
             $uglist = $userinfo['usergroupid'] . iif(trim($userinfo['membergroupids']), ",{$userinfo['membergroupids']}");
             if (!$vbulletin->options['ignoremods'] and can_moderate(0, '', $userinfo['userid'], $uglist) and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
                 eval(standard_error(fetch_error('listignoreuser', $userinfo['username'])));
             } else {
                 if ($vbulletin->userinfo['userid'] == $userinfo['userid']) {
                     eval(standard_error(fetch_error('cantlistself_ignore')));
                 }
             }
             $add['ignore']["{$userinfo['userid']}"] = $userinfo;
         } else {
             eval(standard_error(fetch_error('listbaduser', $vbulletin->GPC['username'], $vbulletin->session->vars['sessionurl_q'])));
         }
     }
Beispiel #30
0
	$newpost['folderid']       =& $vbulletin->GPC['folderid'];
	$newpost['quickreply']     =& $vbulletin->GPC['quickreply'];
	$newpost['poststarttime']  =& $poststarttime;
	$newpost['posthash']       =& $posthash;
	$newpost['humanverify']    =& $vbulletin->GPC['humanverify'];
	// moderation options
	$newpost['stickunstick']   =& $vbulletin->GPC['stickunstick'];
	$newpost['openclose']      =& $vbulletin->GPC['openclose'];
	$newpost['subscribe']      =& $vbulletin->GPC['subscribe'];
	$newpost['ajaxqrfailed']   = $vbulletin->GPC['ajaxqrfailed'];

	if ($vbulletin->GPC['ajax'] AND $newpost['username'])
	{
		if ($newpost['username'])
		{
			$newpost['username'] = convert_urlencoded_unicode($newpost['username']);
		}
	}

	if ($foruminfo['allowhtml'])
	{
		$htmlchecked = fetch_htmlchecked($vbulletin->GPC['htmlstate']);
		$newpost['htmlstate'] = array_pop($array = array_keys(fetch_htmlchecked($vbulletin->GPC['htmlstate'])));
	}
	else
	{
		$newpost['htmlstate'] = 'on_nl2br';
	}

	if ($vbulletin->GPC_exists['emailupdate'])
	{