function exec_postvar_call_back()
{
global $vbulletin;
$vbulletin->input->clean_array_gpc('r', array('forumid' => TYPE_STR));
$goto = '';
$url = '';
// jump from forumjump
switch ($vbulletin->GPC['forumid']) {
case 'search':
$goto = 'search';
break;
case 'pm':
$goto = 'private';
break;
case 'wol':
$goto = 'online';
break;
case 'cp':
$goto = 'usercp';
break;
case 'subs':
$goto = 'subscription';
break;
case 'home':
case '-1':
$url = fetch_seo_url('forumhome|js', array());
break;
}
// intval() forumid since having text in it is not expected anywhere else and it can't be "cleaned" a second time
$vbulletin->GPC['forumid'] = intval($vbulletin->GPC['forumid']);
if ($goto != '') {
$url = "{$goto}.php?";
if (!empty($vbulletin->session->vars['sessionurl_js'])) {
$url .= $vbulletin->session->vars['sessionurl_js'];
}
}
if ($url != '') {
exec_header_redirect($url);
}
// end forumjump redirects
}
/**
* Verify Friendly URL
* Ensures the requested URL was in the correct format according to the
* friendlyurl option. If not, throw a 301 to the correct route.
*/
public function assertFriendlyUrl()
{
// API don't need to redirect
if (defined('VB_API') and VB_API === true) {
return;
}
// Only redirect on GET
if ('GET' != $_SERVER['REQUEST_METHOD']) {
return;
}
// If this route isn't valid then we'll be 404'ing anyway
if (!$this->isValid()) {
return;
}
// If we don't have an entry path then there's nothing to do
if (!($request_path = vB_Router::getEntryPath())) {
return;
}
// Allow hooks to handle non canonical urls
($hook = vBulletinHook::fetch_hook('friendlyurl_redirect_canonical_route')) ? eval($hook) : false;
// Check if we should be enforcing the canonical url
if (vB_Friendly_Url::CANON_OFF == vB::$vbulletin->options['friendlyurl_canonical']) {
return;
}
// Only redirect guests and search engines
if (vB::$vbulletin->userinfo['userid'] and !vB::$vbulletin->options['friendlyurl_canonical_registered']) {
return;
}
// Get the canonical path
if (!isset($canonical_path)) {
$canonical_path = $this->getRoutePath(false, vB_Friendly_Url::CANON_STRICT == vB::$vbulletin->options['friendlyurl_canonical'], true);
}
// Whether the request was canonical
$canonical = true;
// If no route path is specified then only rewrite can differ
if ($request_path == VB_ROUTER_SEGMENT) {
//This looks like a bug. The second "==" should be an "AND". This is based on the fact that how its written doesn't
//make a lot of sense and the behavior with the change is more consistant. However its a bug with senority at this
//point and fixing it will change how urls behave. For the time being leaving it alone is better than the risk of
//changing it.
if ((FRIENDLY_URL == FRIENDLY_URL_REWRITE) == (vB::$vbulletin->options['friendlyurl'] == FRIENDLY_URL_REWRITE)) {
return;
}
}
// Check the Friendly URL method
if (FRIENDLY_URL !== intval(vB::$vbulletin->options['friendlyurl'])) {
$canonical = false;
}
// Check URI
if ($canonical and vB_Friendly_URL::CANON_STRICT == vB::$vbulletin->options['friendlyurl_canonical']) {
if ($request_path != $canonical_path) {
// request may have been in the current charset, try utf-8
$request_path = to_utf8($request_path, vB::$vbulletin->userinfo['lang_charset']);
if ($request_path != $canonical_path) {
$canonical = false;
}
}
}
// Redirect if incorrect
if (!$canonical) {
// Get the raw redirect url
$url = $this->getCurrentURL(null, null, '', false, true);
// add any query vars
$vars = $_GET;
unset($vars[vB::$vbulletin->options['route_requestvar']]);
unset($vars['pagenumber']);
// Remove duplicate created by shortvar code
if (!empty($vars)) {
$url .= (strpos($url, '?') ? '&' : '?') . urlimplode($vars, false, true);
}
//do a quick check to ensure that we aren't trying to redirect to the url
//we came in on. This is needed primarily because of a special case where the
//friendly url logic doesn't correctly detect the rewrite URL version of the
//incoming link and will attempt to redirect because they don't match.
$url = create_full_url($url);
$cleaned_url = vB::$vbulletin->input->xss_clean(vB::$vbulletin->input->strip_sessionhash($url));
$cleaned_url = $this->domain_to_lower($cleaned_url);
//if ($url != VB_URL_CLEAN)
if (urldecode($cleaned_url) != urldecode($this->domain_to_lower(VB_URL_CLEAN))) {
// redirect to the canonical url
exec_header_redirect($url, 301);
}
}
}
$userdata->verify_useremail($vbulletin->userinfo['email']);
}
($hook = vBulletinHook::fetch_hook('profile_updatepassword_complete')) ? eval($hook) : false;
// save the data
$userdata->save();
if ($activate) {
$vbulletin->url = 'usercp.php' . $vbulletin->session->vars['sessionurl_q'];
eval(print_standard_redirect('redirect_updatethanks_newemail', true, true));
} else {
$vbulletin->url = 'usercp.php' . $vbulletin->session->vars['sessionurl_q'];
eval(print_standard_redirect('redirect_updatethanks'));
}
} else {
if ($_GET['do'] == 'updatepassword') {
// add consistency with previous behavior
exec_header_redirect('profile.php?do=editpassword');
}
}
// ############################################################################
// ######################### EDIT BUDDY/IGNORE LISTS ##########################
// ############################################################################
if ($_REQUEST['do'] == 'addlist') {
$vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT, 'userlist' => TYPE_NOHTML));
if ($vbulletin->GPC['userlist'] == 'friend' and (!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends']) or !($vbulletin->userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends']))) {
$vbulletin->GPC['userlist'] = 'buddy';
}
$show['friend_checkbox'] = false;
$userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true, FETCH_USERINFO_ISFRIEND);
cache_permissions($userinfo);
if ($vbulletin->GPC['userlist'] == 'buddy' or $vbulletin->GPC['userlist'] == 'friend') {
// No slave here
// get special data templates from the datastore
$specialtemplates = array();
// pre-cache templates used by all actions
$globaltemplates = array();
// pre-cache templates used by specific actions
$actiontemplates = array('buddylist' => array('BUDDYLIST', 'buddylistbit'), 'whoposted' => array('WHOPOSTED', 'whopostedbit'), 'showattachments' => array('ATTACHMENTS', 'attachmentbit'), 'showavatars' => array('help_avatars', 'help_avatars_avatar', 'help_avatars_category', 'help_avatars_row'), 'bbcode' => array('help_bbcodes', 'help_bbcodes_bbcode', 'help_bbcodes_link', 'bbcode_code', 'bbcode_html', 'bbcode_php', 'bbcode_quote'), 'getsmilies' => array('smiliepopup', 'smiliepopup_category', 'smiliepopup_row', 'smiliepopup_smilie', 'smiliepopup_straggler'), 'showsmilies' => array('help_smilies', 'help_smilies_smilie', 'help_smilies_category'));
$actiontemplates['none'] =& $actiontemplates['showsmilies'];
// allows proper template caching for the default action (showsmilies) if no valid action is specified
if (!empty($_REQUEST['do']) and !isset($actiontemplates["{$_REQUEST['do']}"])) {
$actiontemplates["{$_REQUEST['do']}"] =& $actiontemplates['showsmilies'];
}
// ######################### REQUIRE BACK-END ############################
require_once './global.php';
// redirect in case anyone has linked to it
if ($_REQUEST['do'] == 'attachments') {
exec_header_redirect('profile.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=editattachments');
}
// #######################################################################
// ######################## START MAIN SCRIPT ############################
// #######################################################################
($hook = vBulletinHook::fetch_hook('misc_start')) ? eval($hook) : false;
// ############################### start buddylist ###############################
if ($_REQUEST['do'] == 'buddylist') {
if (!$vbulletin->userinfo['userid']) {
print_no_permission();
}
($hook = vBulletinHook::fetch_hook('misc_buddylist_start')) ? eval($hook) : false;
$buddies =& $vbulletin->input->clean_gpc('r', 'buddies', TYPE_STR);
$datecut = TIMENOW - $vbulletin->options['cookietimeout'];
$buddys = $db->query_read_slave("\n\t\tSELECT\n\t\tuser.username, (user.options & " . $vbulletin->bf_misc_useroptions['invisible'] . ") AS invisible, user.userid, session.lastactivity\n\t\tFROM " . TABLE_PREFIX . "userlist AS userlist\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = userlist.relationid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "session AS session ON(session.userid = user.userid)\n\t\tWHERE userlist.userid = {$vbulletin->userinfo['userid']} AND userlist.relationid = user.userid AND type = 'buddy'\n\t\tORDER BY username ASC, session.lastactivity DESC\n\t");
$onlineusers = '';
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
}
$db->free_result($posts);
unset($post);
if ($postbits == '' and $vbulletin->GPC['pagenumber'] > 1) {
$pageinfo = array('page' => $vbulletin->GPC['pagenumber'] - 1);
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo['pp'] = $perpage;
}
if (!empty($vbulletin->GPC['highlight'])) {
$pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
}
exec_header_redirect(fetch_seo_url('thread|js', $threadinfo, $pageinfo));
}
DEVDEBUG("First Post: {$FIRSTPOSTID}; Last Post: {$LASTPOSTID}");
$pageinfo = array();
if ($vbulletin->GPC['highlight']) {
$pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
}
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo['pp'] = $perpage;
}
$pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $totalposts, '', '', '', 'thread', $threadinfo, $pageinfo);
if ($thread['lastpost'] > $threadview) {
if ($firstnew) {
$firstunread = fetch_seo_url('thread', $threadinfo, array('page' => $vbulletin->GPC['pagenumber'])) . '#post' . $firstnew;
$show['firstunreadlink'] = true;
} else {
(attachmentid, settings)
VALUES (" . $vbulletin->GPC['attachmentid'] . ", '" . $db->escape_string(serialize($settings)) . "')
ON DUPLICATE KEY UPDATE settings = '" . $db->escape_string(serialize($settings)) . "'
");
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_tag('ok', 1);
$xml->print_xml();
}
if ($_REQUEST['do'] == 'rss')
{
//we just replace "ajax.php" with "external.php"
$redirect_url = 'external.php?' . $_SERVER['QUERY_STRING'];
exec_header_redirect($redirect_url , 301);
}
if ($_REQUEST['do'] == 'get_comments')
{
$current_user = new vB_Legacy_CurrentUser();
$vbulletin->input->clean_array_gpc('r', array(
'per_page' => TYPE_UINT,
'page' => TYPE_UINT,
'comments_previous' => TYPE_STR,
'comments_next' => TYPE_STR,
'nodeid' => TYPE_UINT,
'this_url' => TYPE_STR));
if (! $vbulletin->GPC_exists['page'])
{
}
++$versionkey;
// to handle the case when we are running the version before a wildcard version
while (strpos($_versions["{$versionkey}"], '*') !== false) {
++$versionkey;
}
if ($versionkey !== false and isset($_versions[$versionkey])) {
// we know what script this version needs to go to
$link = 'upgrade_' . $_versions[$versionkey] . '.php';
} else {
if (intval($vbulletin->versionnumber) == 3) {
// assume we are finished
$link = 'finalupgrade.php';
} else {
// no log and invalid version, so assume it's 2.x
$link = 'upgrade_300b3.php';
}
}
}
if ($vbulletin->GPC['show']) {
echo "<p><a href=\"{$link}\">{$link}</a></p>";
echo "<p><a href=\"upgrade.php\">[{$vbphrase['refresh']}]</a></p>";
} else {
exec_header_redirect($link);
}
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 09:39, Wed Nov 5th 2008
|| # CVS: $RCSfile$ - $Revision: 28279 $
|| ####################################################################
\*======================================================================*/
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);
chdir('./../');
// ##################### DEFINE IMPORTANT CONSTANTS #######################
define('VB_AREA', 'Install');
define('TIMENOW', time());
header('Expires: ' . gmdate("D, d M Y H:i:s", TIMENOW) . ' GMT');
header("Last-Modified: " . gmdate("D, d M Y H:i:s", TIMENOW) . ' GMT');
// ########################## REQUIRE BACK-END ############################
require_once './install/includes/class_upgrade.php';
require_once './install/init.php';
require_once DIR . '/includes/functions.php';
require_once DIR . '/includes/functions_misc.php';
$db->hide_errors();
$db->query_first("SELECT * FROM " . TABLE_PREFIX . "datastore");
if ($db->errno()) {
exec_header_redirect('install.php');
} else {
exec_header_redirect('upgrade.php');
}
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 03:13, Sat Sep 7th 2013
|| # CVS: $RCSfile$ - $Revision: 32287 $
|| ####################################################################
\*======================================================================*/
}
$phraseids = array_keys($vbulletin->GPC['replace']);
$phrases = $db->query_read("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "phrase\n\t\tWHERE phraseid IN (" . implode(',', $phraseids) . ")\n\t");
while ($phrase = $db->fetch_array($phrases)) {
$phrase['product'] = empty($phrase['product']) ? 'vbulletin' : $phrase['product'];
$phrase['text'] = str_replace($vbulletin->GPC['searchstring'], $vbulletin->GPC['replacestring'], $phrase['text']);
if ($phrase['languageid'] == $vbulletin->GPC['languageid']) {
// update
$db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "phrase SET\n\t\t\t\t\ttext = '" . $db->escape_string($phrase['text']) . "',\n\t\t\t\t\tusername = '******'username']) . "',\n\t\t\t\t\tdateline = " . TIMENOW . ",\n\t\t\t\t\tversion = '" . $db->escape_string($full_product_info["{$phrase['product']}"]['version']) . "'\n\t\t\t\tWHERE phraseid = {$phrase['phraseid']}\n\t\t\t");
} else {
// insert
/*insert query*/
$db->query_write("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "phrase\n\t\t\t\t\t(languageid, varname, text, fieldname, product, username, dateline, version)\n\t\t\t\tVALUES\n\t\t\t\t\t(" . $vbulletin->GPC['languageid'] . ",\n\t\t\t\t\t'" . $db->escape_string($phrase['varname']) . "',\n\t\t\t\t\t'" . $db->escape_string($phrase['text']) . "',\n\t\t\t\t\t'" . $db->escape_string($phrase['fieldname']) . "',\n\t\t\t\t\t'" . $db->escape_string($phrase['product']) . "',\n\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t'" . $db->escape_string($full_product_info["{$phrase['product']}"]['version']) . "')\n\t\t\t");
}
}
exec_header_redirect("language.php?" . $vbulletin->session->vars['sessionurl'] . "do=rebuild&goto=" . urlencode("phrase.php?" . $vbulletin->session->vars['sessionurl'] . "do=search"));
}
// #############################################################################
if ($_POST['do'] == 'replace') {
$vbulletin->input->clean_array_gpc('p', array('searchstring' => TYPE_STR, 'replacestring' => TYPE_STR, 'languageid' => TYPE_INT));
if (empty($vbulletin->GPC['searchstring']) or empty($vbulletin->GPC['replacestring'])) {
print_stop_message('please_complete_required_fields');
}
// do a rather clever query to find what phrases to display
$phraseids = '0';
$phrases = $db->query_read("\n\t\tSELECT\n\t\t\tIF(pcust.phraseid IS NULL, pmast.phraseid, pcust.phraseid) AS phraseid,\n\t\t\tIF(pcust.phraseid IS NULL, pmast.text, pcust.text) AS xtext\n\t\tFROM " . TABLE_PREFIX . "phrase AS pmast\n\t\tLEFT JOIN " . TABLE_PREFIX . "phrase AS pcust ON (\n\t\t\tpcust.varname = pmast.varname AND\n\t\t\tpcust.fieldname = pmast.fieldname AND\n\t\t\tpcust.languageid = " . $vbulletin->GPC['languageid'] . "\n\t\t)\n\t\tWHERE pmast.languageid = -1\n\t\tHAVING " . fetch_field_like_sql($vbulletin->GPC['searchstring'], 'xtext', false, true) . "\n\t");
while ($phrase = $db->fetch_array($phrases)) {
$phraseids .= ",{$phrase['phraseid']}";
}
$db->free_result($phrases);
// now do a simple query to actually fetch the data
}
// #############################################################################
if ($_POST['do'] == 'updatestatus') {
$vbulletin->input->clean_gpc('p', 'enabled', TYPE_ARRAY_UINT);
$feeds_result = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "rssfeed ORDER BY title");
while ($feed = $db->fetch_array($feeds_result)) {
$old = $feed['options'] & $vbulletin->bf_misc_feedoptions['enabled'] ? 1 : 0;
$new = $vbulletin->GPC['enabled']["{$feed['rssfeedid']}"] ? 1 : 0;
if ($old != $new) {
$feeddata =& datamanager_init('RSSFeed', $vbulletin, ERRTYPE_ARRAY);
$feeddata->set_existing($feed);
$feeddata->set_bitfield('options', 'enabled', $new);
$feeddata->save();
}
}
exec_header_redirect('rssposter.php');
}
print_cp_header($vbphrase['rss_feed_manager']);
// #############################################################################
if ($_POST['do'] == 'kill') {
$vbulletin->input->clean_gpc('p', 'rssfeedid', TYPE_UINT);
if ($vbulletin->GPC['rssfeedid'] and $feed = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "rssfeed WHERE rssfeedid = " . $vbulletin->GPC['rssfeedid'])) {
$feeddata =& datamanager_init('RSSFeed', $vbulletin, ERRTYPE_ARRAY);
$feeddata->set_existing($feed);
$feeddata->delete();
define('CP_REDIRECT', 'rssposter.php');
print_stop_message('deleted_rssfeed_x_successfully', $feeddata->fetch_field('title'));
} else {
echo "Kill oops";
}
}
eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])));
}
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) OR !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']))
{
print_no_permission();
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) AND ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] OR $vbulletin->userinfo['userid'] == 0))
{
print_no_permission();
}
if ($threadinfo['open'] == 10)
{
exec_header_redirect('printthread.php?' . $vbulletin->session->vars['sessionurl_js'] . "t=$threadinfo[pollid]");
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
// split thread over pages if necessary
$countposts = $db->query_first_slave("
SELECT COUNT(*) AS total
FROM " . TABLE_PREFIX . "post AS post
WHERE threadid=$threadinfo[threadid] AND visible=1
");
$totalposts = $countposts['total'];
$vbulletin->GPC['perpage'] = sanitize_maxposts($vbulletin->GPC['perpage']);
$maxperpage = sanitize_maxposts(-1);
/**
* Halts execution and redirects to the address specified
*
* If the 'useheaderredirect' option is on, the system will attempt to redirect invisibly using header('Location...
* However, 'useheaderredirect' is overridden by setting $forceredirect to a true value.
*
* @param string Redirect message
* @param string URL to which to redirect the browser
*/
function standard_redirect($message = '', $forceredirect = false)
{
global $header, $footer, $headinclude, $headinclude_bottom, $forumjump;
global $timezone, $vbulletin, $vbphrase;
static
$str_find = array('"', '<', '>'),
$str_replace = array('"', '<', '>');
if ($vbulletin->db->explain)
{
$totaltime = microtime(true) - TIMESTART;
$vartext .= "<!-- Page generated in " . vb_number_format($totaltime, 5) . " seconds with " . $vbulletin->db->querycount . " queries -->";
$querytime = $vbulletin->db->time_total;
echo "\n<b>Page generated in $totaltime seconds with " . $vbulletin->db->querycount . " queries,\nspending $querytime doing MySQL queries and " . ($totaltime - $querytime) . " doing PHP things.\n\n<hr />Shutdown Queries:</b>" . (defined('NOSHUTDOWNFUNC') ? " <b>DISABLED</b>" : '') . "<hr />\n\n";
exit;
}
if ($vbulletin->options['useheaderredirect'] AND !$forceredirect AND !headers_sent() AND !$vbulletin->GPC['postvars'])
{
exec_header_redirect(unhtmlspecialchars($vbulletin->url, true));
}
$title = $vbulletin->options['bbtitle'];
$pagetitle = $title;
$errormessage = $message;
$url = unhtmlspecialchars($vbulletin->url, true);
$url = str_replace(chr(0), '', $url);
$url = create_full_url($url);
$url = str_replace($str_find, $str_replace, $url);
$js_url = addslashes_js($url, '"'); // " has been replaced by "
$url = preg_replace(
array('/�*59;?/', '/�*3B;?/i', '#;#'),
'%3B',
$url
);
$url = preg_replace('#&%3B#i', '&', $url);
define('NOPMPOPUP', 1); // No footer here
require_once(DIR . '/includes/functions_misc.php');
$postvars = construct_hidden_var_fields(verify_client_string($vbulletin->GPC['postvars']));
$formfile =& $url;
($hook = vBulletinHook::fetch_hook('redirect_generic')) ? eval($hook) : false;
$templater = vB_Template::create('STANDARD_REDIRECT');
$templater->register('errormessage', $errormessage);
$templater->register('formfile', $formfile);
$templater->register('headinclude', $headinclude);
$templater->register('headinclude_bottom', $headinclude_bottom);
$templater->register('js_url', $js_url);
$templater->register('pagetitle', $pagetitle);
$templater->register('postvars', $postvars);
$templater->register('url', $url);
print_output($templater->render());
exit;
}
// get first and last post ids for this page (for big reply buttons)
if (!isset($FIRSTPOSTID)) {
$FIRSTPOSTID = $post['postid'];
}
$LASTPOSTID = $post['postid'];
if ($post['dateline'] > $displayed_dateline) {
$displayed_dateline = $post['dateline'];
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
}
$db->free_result($posts);
unset($post);
if ($postbits == '' and $vbulletin->GPC['pagenumber'] > 1) {
exec_header_redirect('showthread.php?' . $vbulletin->session->vars['sessionurl_js'] . "t={$threadid}&page=" . ($vbulletin->GPC['pagenumber'] - 1) . (!empty($vbulletin->GPC['perpage']) ? "&pp={$perpage}" : "") . "{$highlightwords}");
}
DEVDEBUG("First Post: {$FIRSTPOSTID}; Last Post: {$LASTPOSTID}");
$pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $totalposts, "showthread.php?" . $vbulletin->session->vars['sessionurl'] . "t={$threadid}", "" . (!empty($vbulletin->GPC['perpage']) ? "&pp={$perpage}" : "") . "{$highlightwords}");
if ($thread['lastpost'] > $threadview) {
if ($firstnew) {
$firstunread = '#post' . $firstnew;
$show['firstunreadlink'] = true;
} else {
$firstunread = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . 't=' . $threadid . '&goto=newpost';
$show['firstunreadlink'] = true;
}
} else {
$firstunread = '';
$show['firstunreadlink'] = false;
}
}
if ((!$threadinfo['visible'] or $threadinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) {
eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])));
}
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
print_no_permission();
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
print_no_permission();
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
if ($_SERVER['REQUEST_METHOD'] != 'POST' or !$vbulletin->GPC['ajax']) {
// redirect to showthread with a 301
exec_header_redirect(fetch_seo_url('thread|js', $threadinfo, array('p' => $postinfo['postid'])) . "#post{$postinfo['postid']}", 301);
}
$hook_query_fields = $hook_query_joins = '';
($hook = vBulletinHook::fetch_hook('showpost_start')) ? eval($hook) : false;
$post = $db->query_first_slave("\n\tSELECT\n\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t\tuser.*, userfield.*, usertextfield.*,\n\t\t" . iif($foruminfo['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,\n\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline, editlog.reason AS edit_reason, editlog.hashistory,\n\t\tpostparsed.pagetext_html, postparsed.hasimages,\n\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n\t\t{$hook_query_fields}\n\tFROM " . TABLE_PREFIX . "post AS post\n\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t" . iif($foruminfo['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t{$hook_query_joins}\n\tWHERE post.postid = {$postid}\n");
// Tachy goes to coventry
if (in_coventry($threadinfo['postuserid']) and !can_moderate($threadinfo['forumid'])) {
// do not show post if part of a thread from a user in Coventry and bbuser is not mod
eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])));
}
if (in_coventry($post['userid']) and !can_moderate($threadinfo['forumid'])) {
// do not show post if posted by a user in Coventry and bbuser is not mod
eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
}
// check for attachments
if ($post['attach']) {
}
cache_ordered_forums(1);
$datecutoff = $vbulletin->forumcache["{$foruminfo['forumid']}"]['lastpost'] - 30;
$thread = $db->query_first_slave("\n\t\tSELECT thread.threadid\n\t\t\t" . ($tachyjoin ? ', IF(tachythreadpost.lastpost > thread.lastpost, tachythreadpost.lastpost, thread.lastpost) AS lastpost' : '') . "\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t{$tachyjoin}\n\t\tWHERE thread.forumid IN ({$forumslist})\n\t\t\tAND thread.visible = 1\n\t\t\tAND thread.sticky IN (0,1)\n\t\t\tAND thread.open <> 10\n\t\t\t" . (!$tachyjoin ? "AND lastpost > {$datecutoff}" : '') . "\n\t\t\t{$globalignore_thread}\n\t\tORDER BY lastpost DESC\n\t\tLIMIT 1\n\t");
if (!$thread) {
eval(standard_error(fetch_error('invalidid', $vbphrase['user'], $vbulletin->options['contactuslink'])));
}
$getuserid = $db->query_first_slave("\n\t\tSELECT post.userid\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tWHERE threadid = {$thread['threadid']}\n\t\t\tAND visible = 1\n\t\t\t{$globalignore_post}\n\t\tORDER BY dateline DESC\n\t\tLIMIT 1\n\t");
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($getuserid['userid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
print_no_permission();
}
exec_header_redirect('member.php?' . $vbulletin->session->vars['sessionurl_js'] . "u={$getuserid['userid']}");
} else {
if ($vbulletin->GPC['find'] == 'moderator' and $vbulletin->GPC['moderatorid']) {
$moderatorinfo = verify_id('moderator', $vbulletin->GPC['moderatorid'], 1, 1);
exec_header_redirect('member.php?' . $vbulletin->session->vars['sessionurl_js'] . "u={$moderatorinfo['userid']}");
} else {
if ($vbulletin->GPC['username'] != '' and !$vbulletin->GPC['userid']) {
$user = $db->query_first_slave("SELECT userid FROM " . TABLE_PREFIX . "user WHERE username = '******'username']) . "'");
$vbulletin->GPC['userid'] = $user['userid'];
}
}
}
}
}
if (!$vbulletin->GPC['userid']) {
eval(standard_error(fetch_error('unregistereduser')));
}
$fetch_userinfo_options = FETCH_USERINFO_AVATAR | FETCH_USERINFO_LOCATION | FETCH_USERINFO_PROFILEPIC | FETCH_USERINFO_SIGPIC | FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND;
($hook = vBulletinHook::fetch_hook('member_start_fetch_user')) ? eval($hook) : false;
$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, $fetch_userinfo_options);
// #############################################################################
// ### CACHE PERMISSIONS AND GRAB $permissions
// get the combined permissions for the current user
// this also creates the $fpermscache containing the user's forum permissions
$permissions = cache_permissions($vbulletin->userinfo);
$vbulletin->userinfo['permissions'] =& $permissions;
// #############################################################################
// check that board is active - if not admin, then display error
if (!$vbulletin->options['bbactive'] and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) or !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview'])) {
exec_header_redirect($vbulletin->options['bburl'] . '/' . $vbulletin->options['forumhome'] . '.php');
}
// if password is expired, deny access
if ($vbulletin->userinfo['userid'] and $permissions['passwordexpires']) {
$passworddaysold = floor((TIMENOW - $vbulletin->userinfo['passworddate']) / 86400);
if ($passworddaysold >= $permissions['passwordexpires']) {
exec_header_redirect($vbulletin->options['bburl'] . '/' . $vbulletin->options['forumhome'] . '.php');
}
}
verify_ip_ban();
$cache_templates = array('ad_archive_above_content1', 'ad_archive_above_content2', 'ad_archive_below_content');
($hook = vBulletinHook::fetch_hook('archive_global')) ? eval($hook) : false;
cache_templates($cache_templates, $style['templatelist']);
unset($cache_templates);
// #########################################################################################
// ###################### ARCHIVE FUNCTIONS ################################################
// function to list forums in their correct order and nesting
function print_archive_forum_list($parentid = -1, $indent = '')
{
global $vbulletin;
$output = '';
if (empty($vbulletin->iforumcache)) {
if ($vbulletin->bf_ugp === null)
{
echo '<div>vBulletin datastore error caused by one or more of the following:
<ol>
' . (function_exists('mmcache_get') ? '<li>Turck MMCache has been detected on your server, first try disabling Turck MMCache or replacing it with eAccelerator</li>' : '') . '
<li>You may have uploaded vBulletin files without also running the vBulletin upgrade script. If you have not run the upgrade script, do so now.</li>
<li>The datastore cache may have been corrupted. Run <em>Rebuild Bitfields</em> from <em>tools.php</em>, which you can upload from the <em>do_not_upload</em> folder of the vBulletin package.</li>
</ol>
</div>';
trigger_error('vBulletin datastore cache incomplete or corrupt', E_USER_ERROR);
}
if (defined('VB_PRODUCT') AND (!isset($vbulletin->products[VB_PRODUCT]) OR !($vbulletin->products[VB_PRODUCT])))
{
exec_header_redirect(trim($vbulletin->options['bburl'], '/') . '/' . $vbulletin->options['forumhome'] . '.php', 302);
}
if (!empty($db->explain))
{
$db->timer_stop(false);
}
if ($vbulletin->options['cookietimeout'] < 60)
{
// values less than 60 will probably break things, so prevent that
$vbulletin->options['cookietimeout'] = 60;
}
// #############################################################################
/**
$_permsgetter_ = 'forumdisplay';
$forumperms = fetch_permissions($forumid);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
print_no_permission();
}
// add session hash to local links if necessary
if (preg_match('#^([a-z0-9_]+\\.php)(\\?.*$)?#i', $foruminfo['link'], $match)) {
if ($match[2]) {
// we have a ?xyz part, put session url at beginning if necessary
$query_string = preg_replace('/([^a-z0-9])(s|sessionhash)=[a-z0-9]{32}(&|&)?/', '\\1', $match[2]);
$foruminfo['link'] = $match[1] . '?' . $vbulletin->session->vars['sessionurl_js'] . substr($query_string, 1);
} else {
$foruminfo['link'] .= $vbulletin->session->vars['sessionurl_q'];
}
}
exec_header_redirect($foruminfo['link'], true);
}
// #############################################################################
// Check for pm popup
if ($shownewpm) {
if ($vbulletin->userinfo['pmunread'] == 1) {
$pmpopupurl = 'private.php?' . $vbulletin->session->vars['sessionurl_js'] . "do=showpm&pmid={$newpm['pmid']}";
} else {
if (!empty($vbulletin->session->vars['sessionurl_js'])) {
$pmpopupurl = 'private.php?' . $vbulletin->session->vars['sessionurl_js'];
} else {
$pmpopupurl = 'private.php';
}
}
eval('$footer .= "' . fetch_template('pm_popup_script') . '";');
}
($hook = vBulletinHook::fetch_hook('sendmessage_im_start')) ? eval($hook) : false;
if (empty($userinfo["$type"]))
{
// user does not have this messaging medium defined
eval(standard_error(fetch_error('immethodnotdefined', $userinfo['username'])));
}
if ($type == 'icq')
{
// ICQ's API for paging doesn't seem to work right now, but they have a URL that does
$vbulletin->url = 'http://www.icq.com/people/webmsg.ph' . 'p?to=' . urlencode($userinfo['icq'])
. '&from=' . urlencode(unhtmlspecialchars($vbulletin->userinfo['username']))
. '&fromemail=' . urlencode($vbulletin->userinfo['email']);
exec_header_redirect($vbulletin->url);
exit;
}
// shouldn't be a problem hard-coding this text, as they are all commercial names
$typetext = array(
'msn' => 'MSN',
'icq' => 'ICQ',
'aim' => 'AIM',
'yahoo' => 'Yahoo!',
'skype' => 'Skype'
);
// add language suffix to SkypeWeb graphic if possible
$userinfo['skype_suffix'] = '';
if ($vbulletin->options['skypeweb_gfx'] == 2 AND $type == 'skype')
function do_get_thread()
{
global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vault, $vbphrase;
$vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'password' => TYPE_STR, 'signature' => TYPE_BOOL));
if (empty($threadinfo['threadid'])) {
json_error(ERR_INVALID_THREAD);
}
$threadedmode = 0;
$threadid = $vbulletin->GPC['threadid'];
// Goto first unread post?
if ($vbulletin->GPC['pagenumber'] == FR_LAST_POST) {
$threadinfo = verify_id('thread', $threadid, 1, 1);
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
if (($tview = intval(fetch_bbarray_cookie('thread_lastview', $threadid))) > $vbulletin->userinfo['lastvisit']) {
$vbulletin->userinfo['lastvisit'] = $tview;
}
}
$coventry = fetch_coventry('string');
$posts = $db->query_first("\n\t SELECT MIN(postid) AS postid\n\t FROM " . TABLE_PREFIX . "post\n\t WHERE threadid = {$threadinfo['threadid']}\n\t AND visible = 1\n\t AND dateline > " . intval($vbulletin->userinfo['lastvisit']) . "\n\t " . ($coventry ? "AND userid NOT IN ({$coventry})" : "") . "\n\t LIMIT 1\n\t");
if ($posts['postid']) {
$postid = $posts['postid'];
} else {
$postid = $threadinfo['lastpostid'];
}
}
// *********************************************************************************
// workaround for header redirect issue from forms with enctype in IE
// (use a scrollIntoView javascript call in the <body> onload event)
$onload = '';
// *********************************************************************************
// set $perpage
$perpage = max(FR_MIN_PERPAGE, min($vbulletin->GPC['perpage'], FR_MAX_PERPAGE));
// FRNR
//$perpage = sanitize_maxposts($vbulletin->GPC['perpage']);
// *********************************************************************************
// set post order
if ($vbulletin->userinfo['postorder'] == 0) {
$postorder = '';
} else {
$postorder = 'DESC';
}
// *********************************************************************************
// get thread info
$thread = verify_id('thread', $threadid, 1, 1);
$threadinfo =& $thread;
($hook = vBulletinHook::fetch_hook('showthread_getinfo')) ? eval($hook) : false;
// *********************************************************************************
// check for visible / deleted thread
if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts') or $thread['isdeleted'] and !can_moderate($thread['forumid'])) {
json_error(ERR_INVALID_THREAD);
}
// *********************************************************************************
// Tachy goes to coventry
if (in_coventry($thread['postuserid']) and !can_moderate($thread['forumid'])) {
json_error(ERR_INVALID_THREAD);
}
// FRNR Start
// Check the forum password (set necessary cookies)
if ($vbulletin->GPC['password'] && $foruminfo['password'] == $vbulletin->GPC['password']) {
// set a temp cookie for guests
if (!$vbulletin->userinfo['userid']) {
set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']));
} else {
set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']), 1);
}
}
// FRNR End
// *********************************************************************************
// do word wrapping for the thread title
if ($vbulletin->options['wordwrap'] != 0) {
$thread['title'] = fetch_word_wrapped_string($thread['title']);
}
$thread['title'] = fetch_censored_text($thread['title']);
$thread['meta_description'] = strip_bbcode(strip_quotes($thread['description']), false, true);
$thread['meta_description'] = htmlspecialchars_uni(fetch_censored_text(fetch_trimmed_title($thread['meta_description'], 500, false)));
// *********************************************************************************
// words to highlight from the search engine
if (!empty($vbulletin->GPC['highlight'])) {
$highlight = preg_replace('#\\*+#s', '*', $vbulletin->GPC['highlight']);
if ($highlight != '*') {
$regexfind = array('\\*', '\\<', '\\>');
$regexreplace = array('[\\w.:@*/?=]*?', '<', '>');
$highlight = preg_quote(strtolower($highlight), '#');
$highlight = explode(' ', $highlight);
$highlight = str_replace($regexfind, $regexreplace, $highlight);
foreach ($highlight as $val) {
if ($val = trim($val)) {
$replacewords[] = htmlspecialchars_uni($val);
}
}
}
}
// *********************************************************************************
// make the forum jump in order to fill the forum caches
$navpopup = array('id' => 'showthread_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('thread', $threadinfo));
construct_quick_nav($navpopup);
// *********************************************************************************
// get forum info
$forum = fetch_foruminfo($thread['forumid']);
$foruminfo =& $forum;
// *********************************************************************************
// check forum permissions
$forumperms = fetch_permissions($thread['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
json_error(ERR_NO_PERMISSION);
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
json_error(ERR_NO_PERMISSION);
}
// *********************************************************************************
// check if there is a forum password and if so, ensure the user has it set
if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'])) {
// FRNR
json_error(ERR_NEED_PASSWORD, RV_NEED_FORUM_PASSWORD);
}
// verify that we are at the canonical SEO url
// and redirect to this if not
//verify_seo_url('thread|js', $threadinfo, array('pagenumber' => $_REQUEST['pagenumber']));
// *********************************************************************************
// jump page if thread is actually a redirect
if ($thread['open'] == 10) {
$destthreadinfo = fetch_threadinfo($threadinfo['pollid']);
exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo));
}
// *********************************************************************************
// get ignored users
$ignore = array();
if (trim($vbulletin->userinfo['ignorelist'])) {
$ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
foreach ($ignorelist as $ignoreuserid) {
$ignore["{$ignoreuserid}"] = 1;
}
}
DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore)));
// *********************************************************************************
// filter out deletion notices if can't be seen
if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'] or can_moderate($threadinfo['forumid'])) {
$deljoin = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(post.postid = deletionlog.primaryid AND deletionlog.type = 'post')";
} else {
$deljoin = '';
}
$show['viewpost'] = can_moderate($threadinfo['forumid']) ? true : false;
$show['managepost'] = iif(can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts'), true, false);
$show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false;
$show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false;
$show['approveattachment'] = can_moderate($threadinfo['forumid'], 'canmoderateattachments') ? true : false;
$show['inlinemod'] = (!$show['threadedmode'] and ($show['managethread'] or $show['managepost'] or $show['approvepost'])) ? true : false;
$show['spamctrls'] = ($show['inlinemod'] and $show['managepost']);
$url = $show['inlinemod'] ? SCRIPTPATH : '';
// build inline moderation popup
if ($show['popups'] and $show['inlinemod']) {
$threadadmin_imod_menu_post = vB_Template::create('threadadmin_imod_menu_post')->render();
} else {
$threadadmin_imod_menu_post = '';
}
// *********************************************************************************
// find the page that we should be on to display this post
if (!empty($postid) and $threadedmode == 0) {
$postinfo = verify_id('post', $postid, 1, 1);
$threadid = $postinfo['threadid'];
$getpagenum = $db->query_first("\n \t\tSELECT COUNT(*) AS posts\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tWHERE threadid = {$threadid} AND visible = 1\n \t\tAND dateline " . iif(!$postorder, '<=', '>=') . " {$postinfo['dateline']}\n \t");
$vbulletin->GPC['pagenumber'] = ceil($getpagenum['posts'] / $perpage);
}
// *********************************************************************************
// update views counter
if ($vbulletin->options['threadviewslive']) {
// doing it as they happen; for optimization purposes, this cannot use a DM!
$db->shutdown_query("\n \t\tUPDATE " . TABLE_PREFIX . "thread\n \t\tSET views = views + 1\n \t\tWHERE threadid = " . intval($threadinfo['threadid']));
} else {
// or doing it once an hour
$db->shutdown_query("\n \t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n \t\tVALUES (" . intval($threadinfo['threadid']) . ')');
}
// *********************************************************************************
// display ratings if enabled
$show['rating'] = false;
if ($forum['allowratings'] == 1) {
if ($thread['votenum'] > 0) {
$thread['voteavg'] = vb_number_format($thread['votetotal'] / $thread['votenum'], 2);
$thread['rating'] = intval(round($thread['votetotal'] / $thread['votenum']));
if ($thread['votenum'] >= $vbulletin->options['showvotes']) {
$show['rating'] = true;
}
}
devdebug("threadinfo[vote] = {$threadinfo['vote']}");
if ($threadinfo['vote']) {
$voteselected["{$threadinfo['vote']}"] = 'selected="selected"';
$votechecked["{$threadinfo['vote']}"] = 'checked="checked"';
} else {
$voteselected[0] = 'selected="selected"';
$votechecked[0] = 'checked="checked"';
}
}
// *********************************************************************************
// set page number
if ($vbulletin->GPC['pagenumber'] < 1) {
$vbulletin->GPC['pagenumber'] = 1;
} else {
if ($vbulletin->GPC['pagenumber'] > ceil(($thread['replycount'] + 1) / $perpage)) {
$vbulletin->GPC['pagenumber'] = ceil(($thread['replycount'] + 1) / $perpage);
}
}
// *********************************************************************************
// initialise some stuff...
$limitlower = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
$limitupper = $vbulletin->GPC['pagenumber'] * $perpage;
$counter = 0;
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview) {
$threadview = $vbulletin->userinfo['lastvisit'];
}
}
$threadinfo['threadview'] = intval($threadview);
$displayed_dateline = 0;
################################################################################
############################### SHOW POLL ######################################
################################################################################
$poll = '';
if ($thread['pollid']) {
$pollbits = '';
$counter = 1;
$pollid = $thread['pollid'];
$show['editpoll'] = iif(can_moderate($threadinfo['forumid'], 'caneditpoll'), true, false);
// get poll info
$pollinfo = $db->query_first_slave("\n \t\tSELECT *\n \t\tFROM " . TABLE_PREFIX . "poll\n \t\tWHERE pollid = {$pollid}\n \t");
require_once DIR . '/includes/class_bbcode.php';
$bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$pollinfo['question'] = $bbcode_parser->parse(unhtmlspecialchars($pollinfo['question']), $forum['forumid'], true);
$splitoptions = explode('|||', $pollinfo['options']);
$splitoptions = array_map('rtrim', $splitoptions);
$splitvotes = explode('|||', $pollinfo['votes']);
$showresults = 0;
$uservoted = 0;
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) {
$nopermission = 1;
}
if (!$pollinfo['active'] or !$thread['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0 or $nopermission) {
//thread/poll is closed, ie show results no matter what
$showresults = 1;
} else {
//get userid, check if user already voted
$voted = intval(fetch_bbarray_cookie('poll_voted', $pollid));
if ($voted) {
$uservoted = 1;
}
}
($hook = vBulletinHook::fetch_hook('showthread_poll_start')) ? eval($hook) : false;
if ($pollinfo['timeout'] and !$showresults) {
$pollendtime = vbdate($vbulletin->options['timeformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400);
$pollenddate = vbdate($vbulletin->options['dateformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400);
$show['pollenddate'] = true;
} else {
$show['pollenddate'] = false;
}
foreach ($splitvotes as $index => $value) {
$pollinfo['numbervotes'] += $value;
}
if ($vbulletin->userinfo['userid'] > 0) {
$pollvotes = $db->query_read_slave("\n \t\t\tSELECT voteoption\n \t\t\tFROM " . TABLE_PREFIX . "pollvote\n \t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . " AND pollid = {$pollid}\n \t\t");
if ($db->num_rows($pollvotes) > 0) {
$uservoted = 1;
}
}
if ($showresults or $uservoted) {
if ($uservoted) {
$uservote = array();
while ($pollvote = $db->fetch_array($pollvotes)) {
$uservote["{$pollvote['voteoption']}"] = 1;
}
}
}
$left = vB_Template_Runtime::fetchStyleVar('left');
$right = vB_Template_Runtime::fetchStyleVar('right');
$option['open'] = $left[0];
$option['close'] = $right[0];
foreach ($splitvotes as $index => $value) {
$arrayindex = $index + 1;
$option['uservote'] = iif($uservote["{$arrayindex}"], true, false);
$option['question'] = $bbcode_parser->parse($splitoptions["{$index}"], $forum['forumid'], true);
// public link
if ($pollinfo['public'] and $value) {
$option['votes'] = '<a href="poll.php?' . $vbulletin->session->vars['sessionurl'] . 'do=showresults&pollid=' . $pollinfo['pollid'] . '">' . vb_number_format($value) . '</a>';
} else {
$option['votes'] = vb_number_format($value);
//get the vote count for the option
}
$option['number'] = $counter;
//number of the option
//Now we check if the user has voted or not
if ($showresults or $uservoted) {
// user did vote or poll is closed
if ($value <= 0) {
$option['percentraw'] = 0;
} else {
if ($pollinfo['multiple']) {
$option['percentraw'] = $value < $pollinfo['voters'] ? $value / $pollinfo['voters'] * 100 : 100;
} else {
$option['percentraw'] = $value < $pollinfo['numbervotes'] ? $value / $pollinfo['numbervotes'] * 100 : 100;
}
}
$option['percent'] = vb_number_format($option['percentraw'], 2);
$option['graphicnumber'] = $option['number'] % 6 + 1;
$option['barnumber'] = round($option['percent']) * 2;
$option['remainder'] = 201 - $option['barnumber'];
// Phrase parts below
if ($nopermission) {
$pollstatus = $vbphrase['you_may_not_vote_on_this_poll'];
} else {
if ($showresults) {
$pollstatus = $vbphrase['this_poll_is_closed'];
} else {
if ($uservoted) {
$pollstatus = $vbphrase['you_have_already_voted_on_this_poll'];
}
}
}
($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false;
$templater = vB_Template::create('pollresult');
$templater->register('names', $names);
$templater->register('option', $option);
$pollbits .= $templater->render();
} else {
($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false;
if ($pollinfo['multiple']) {
$templater = vB_Template::create('polloption_multiple');
$templater->register('option', $option);
$pollbits .= $templater->render();
} else {
$templater = vB_Template::create('polloption');
$templater->register('option', $option);
$pollbits .= $templater->render();
}
}
$counter++;
}
if ($pollinfo['multiple']) {
$pollinfo['numbervotes'] = $pollinfo['voters'];
$show['multiple'] = true;
}
if ($pollinfo['public']) {
$show['publicwarning'] = true;
} else {
$show['publicwarning'] = false;
}
$displayed_dateline = $threadinfo['lastpost'];
($hook = vBulletinHook::fetch_hook('showthread_poll_complete')) ? eval($hook) : false;
if ($showresults or $uservoted) {
$templater = vB_Template::create('pollresults_table');
$templater->register('pollbits', $pollbits);
$templater->register('pollenddate', $pollenddate);
$templater->register('pollendtime', $pollendtime);
$templater->register('pollinfo', $pollinfo);
$templater->register('pollstatus', $pollstatus);
$poll = $templater->render();
} else {
$templater = vB_Template::create('polloptions_table');
$templater->register('pollbits', $pollbits);
$templater->register('pollenddate', $pollenddate);
$templater->register('pollendtime', $pollendtime);
$templater->register('pollinfo', $pollinfo);
$poll = $templater->render();
}
}
// work out if quickreply should be shown or not
if ($vbulletin->options['quickreply'] and !$thread['isdeleted'] and !is_browser('netscape') and $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'] or $vbulletin->userinfo['userid'] != $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']) and ($thread['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and !fetch_require_hvcheck('post')) {
$show['quickreply'] = true;
} else {
$show['quickreply'] = false;
$show['wysiwyg'] = 0;
$quickreply = '';
}
$show['largereplybutton'] = (!$thread['isdeleted'] and !$show['threadedmode'] and $forum['allowposting'] and !$show['search_engine']);
if (!$forum['allowposting']) {
$show['quickreply'] = false;
}
$show['multiquote_global'] = ($vbulletin->options['multiquote'] and $vbulletin->userinfo['userid']);
if ($show['multiquote_global']) {
$vbulletin->input->clean_array_gpc('c', array('vbulletin_multiquote' => TYPE_STR));
$vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']);
}
// post is cachable if option is enabled, last post is newer than max age, and this user
// isn't showing a sessionhash
$post_cachable = ($vbulletin->options['cachemaxage'] > 0 and TIMENOW - $vbulletin->options['cachemaxage'] * 60 * 60 * 24 <= $thread['lastpost'] and $vbulletin->session->vars['sessionurl'] == '');
$saveparsed = '';
$save_parsed_sigs = '';
($hook = vBulletinHook::fetch_hook('showthread_post_start')) ? eval($hook) : false;
################################################################################
####################### SHOW THREAD IN LINEAR MODE #############################
################################################################################
if ($threadedmode == 0) {
// allow deleted posts to not be counted in number of posts displayed on the page;
// prevents issue with page count on forum display being incorrect
$ids = array();
$lastpostid = 0;
$hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('showthread_query_postids')) ? eval($hook) : false;
if (empty($deljoin) and !$show['approvepost']) {
$totalposts = $threadinfo['replycount'] + 1;
if (can_moderate($thread['forumid'])) {
$coventry = '';
} else {
$coventry = fetch_coventry('string');
}
$getpostids = $db->query_read("\n \t\t\tSELECT post.postid\n \t\t\tFROM " . TABLE_PREFIX . "post AS post\n \t\t\t{$hook_query_joins}\n \t\t\tWHERE post.threadid = {$threadid}\n \t\t\t\tAND post.visible = 1\n \t\t\t\t" . ($coventry ? "AND post.userid NOT IN ({$coventry})" : '') . "\n \t\t\t\t{$hook_query_where}\n \t\t\tORDER BY post.dateline {$postorder}\n \t\t\tLIMIT {$limitlower}, {$perpage}\n \t\t");
while ($post = $db->fetch_array($getpostids)) {
if (!isset($qrfirstpostid)) {
$qrfirstpostid = $post['postid'];
}
$qrlastpostid = $post['postid'];
$ids[] = $post['postid'];
}
$db->free_result($getpostids);
$lastpostid = $qrlastpostid;
} else {
$getpostids = $db->query_read("\n \t\t\tSELECT post.postid, post.visible, post.userid\n \t\t\tFROM " . TABLE_PREFIX . "post AS post\n \t\t\t{$hook_query_joins}\n \t\t\tWHERE post.threadid = {$threadid}\n \t\t\t\tAND post.visible IN (1\n \t\t\t\t" . (!empty($deljoin) ? ",2" : "") . "\n \t\t\t\t" . ($show['approvepost'] ? ",0" : "") . "\n \t\t\t\t)\n \t\t\t\t{$hook_query_where}\n \t\t\tORDER BY post.dateline {$postorder}\n \t\t");
$totalposts = 0;
if ($limitlower != 0) {
$limitlower++;
}
while ($post = $db->fetch_array($getpostids)) {
if (!isset($qrfirstpostid)) {
$qrfirstpostid = $post['postid'];
}
$qrlastpostid = $post['postid'];
if ($post['visible'] == 1 and !in_coventry($post['userid']) and !$ignore[$post['userid']]) {
$totalposts++;
}
if ($totalposts < $limitlower or $totalposts > $limitupper) {
continue;
}
// remember, these are only added if they're going to be displayed
$ids[] = $post['postid'];
$lastpostid = $post['postid'];
}
$db->free_result($getpostids);
}
// '0' inside parenthesis in unlikely case we have no ids for this page
// (this could happen if the replycount is wrong in the db)
$postids = "post.postid IN (0" . implode(',', $ids) . ")";
// load attachments
if ($thread['attach']) {
require_once DIR . '/packages/vbattach/attach.php';
$attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
$postattach = $attach->fetch_postattach(0, $ids);
}
$hook_query_fields = $hook_query_joins = '';
($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false;
$posts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*, usertextfield.*,\n \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n \t\t\t" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n \t\t\t{$deljoin}\n \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n \t\t\t{$hook_query_joins}\n \t\tWHERE {$postids}\n \t\tORDER BY post.dateline {$postorder}\n \t");
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
$vbulletin->options['attachthumbs'] = 0;
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
$vbulletin->options['viewattachedimages'] = 0;
}
$postcount = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
if ($postorder) {
// Newest first
$postcount = $totalposts - $postcount + 1;
}
$counter = 0;
$postbits = '';
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry =& $vbulletin;
$postbit_factory->forum =& $foruminfo;
$postbit_factory->thread =& $thread;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
while ($post = $db->fetch_array($posts)) {
if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
continue;
}
if ($post['visible'] == 1 and !$tachyuser) {
++$counter;
if ($postorder) {
$post['postcount'] = --$postcount;
} else {
$post['postcount'] = ++$postcount;
}
}
if ($tachyuser) {
$fetchtype = 'post_global_ignore';
} else {
if ($ignore["{$post['userid']}"]) {
$fetchtype = 'post_ignore';
} else {
if ($post['visible'] == 2) {
$fetchtype = 'post_deleted';
} else {
$fetchtype = 'post';
}
}
}
if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
$fetchtype = 'post';
}
if ($fetchtype != 'post' && $fetchtype != 'post_deleted') {
continue;
}
($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
$postbit_obj =& $postbit_factory->fetch_postbit($fetchtype);
if ($fetchtype == 'post') {
$postbit_obj->highlight =& $replacewords;
}
$postbit_obj->cachable = $post_cachable;
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1);
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['attachments'] = $postattach["{$post['postid']}"];
$parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);
$postbits .= $postbit_obj->construct_postbit($post);
// Only show after the first post, counter isn't incremented for deleted/moderated posts
if ($post['isfirstshown']) {
$postbits .= vB_Template::create('ad_showthread_firstpost')->render();
}
if ($post_cachable and $post['pagetext_html'] == '') {
if (!empty($saveparsed)) {
$saveparsed .= ',';
}
$saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if (!empty($postbit_obj->sig_cache) and $post['userid']) {
if (!empty($save_parsed_sigs)) {
$save_parsed_sigs .= ',';
}
$save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
}
// get first and last post ids for this page (for big reply buttons)
if (!isset($FIRSTPOSTID)) {
$FIRSTPOSTID = $post['postid'];
}
$LASTPOSTID = $post['postid'];
if ($post['dateline'] > $displayed_dateline) {
$displayed_dateline = $post['dateline'];
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
// FRNR Start
// find out if first post
$getpost = $db->query_first("\n SELECT firstpostid\n FROM " . TABLE_PREFIX . "thread\n WHERE threadid = {$threadinfo['threadid']}\n ");
$isfirstpost = $getpost['firstpostid'] == $post['postid'];
$candelete = false;
if ($isfirstpost and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
$candelete = true;
} else {
if (!$isfirstpost and can_moderate($threadinfo['forumid'], 'candeleteposts')) {
$candelete = true;
} else {
if (($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and !$isfirstpost or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $isfirstpost) and $vbulletin->userinfo['userid'] == $post['userid']) {
$candelete = true;
}
}
}
// Get post date/time
$postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1);
$posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']);
$fr_images = array();
$docattach = array();
// Attachments (images).
if (is_array($post['attachments']) && count($post['attachments']) > 0) {
foreach ($post['attachments'] as $attachment) {
$lfilename = strtolower($attachment['filename']);
if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
$tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']);
if ($vbulletin->options['attachthumbs']) {
$tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1';
}
$fr_images[] = $tmp;
}
if (strpos($lfilename, '.pdf') !== false) {
$docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'];
}
}
}
// Parse the post for quotes and inline images
list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies);
if (count($fr_images) > 0) {
$text .= "<br/>";
foreach ($fr_images as $attachment) {
$text .= "<img src=\"{$attachment['img']}\"/>";
}
}
foreach ($images as $image) {
$fr_images[] = array('img' => $image);
}
$avatarurl = '';
// Avatar work
if ($post['avatarurl']) {
$avatarurl = process_avatarurl($post['avatarurl']);
}
$tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'online' => fetch_online_status(fetch_userinfo($post['userid']), false), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images);
if ($candelete) {
$tmp['candelete'] = true;
}
// Soft Deleted
if ($post['visible'] == 2) {
$tmp['deleted'] = true;
$tmp['del_username'] = prepare_utf8_string($post['del_username']);
if ($post['del_reason']) {
$tmp['del_reason'] = prepare_utf8_string($post['del_reason']);
}
} else {
$tmp['text'] = $text;
$tmp['quotable'] = $nuked_quotes;
if ($post['editlink']) {
$tmp['canedit'] = true;
$tmp['edittext'] = prepare_utf8_string($post['pagetext']);
}
}
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
if (count($docattach) > 0) {
$tmp['docattach'] = $docattach;
}
if ($vbulletin->GPC['signature']) {
$sig = trim(remove_bbcode(strip_tags($post['signatureparsed']), true, true), '<a>');
$sig = str_replace(array("\t", "\r"), array('', ''), $sig);
$sig = str_replace("\n\n", "\n", $sig);
$tmp['sig'] = prepare_utf8_string($sig);
}
// Begin Support for Post Thanks Hack - http://www.vbulletin.org/forum/showthread.php?t=122944
if ($vbulletin->userinfo['userid'] && function_exists('post_thanks_off') && function_exists('can_thank_this_post') && function_exists('thanked_already') && function_exists('fetch_thanks')) {
if (!post_thanks_off($thread['forumid'], $post, $thread['firstpostid'], THIS_SCRIPT)) {
global $ids;
if (can_thank_this_post($post, $thread['isdeleted'])) {
$tmp['canlike'] = true;
}
if (thanked_already($post, 0, true)) {
$tmp['likes'] = true;
if (!$vbulletin->options['post_thanks_delete_own']) {
$tmp['canlike'] = $tmp['likes'] = false;
}
}
$thanks = fetch_thanks($post['postid']);
$thank_users = array();
if (is_array($thanks)) {
foreach ($thanks as $thank) {
$thank_users[] = $thank['username'];
}
}
if (count($thank_users)) {
$tmp['likestext'] = prepare_utf8_string($vbphrase['fr_thanked_by'] . ': ' . join(', ', $thank_users));
$tmp['likesusers'] = join(', ', $thank_users);
}
}
}
// End Support for Post Thanks Hack
$posts_out[] = $tmp;
// FRNR End
}
$db->free_result($posts);
unset($post);
if ($postbits == '' and $vbulletin->GPC['pagenumber'] > 1) {
$pageinfo = array('page' => $vbulletin->GPC['pagenumber'] - 1);
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo['pp'] = $perpage;
}
if (!empty($vbulletin->GPC['highlight'])) {
$pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
}
exec_header_redirect(fetch_seo_url('thread|js', $threadinfo, $pageinfo));
}
DEVDEBUG("First Post: {$FIRSTPOSTID}; Last Post: {$LASTPOSTID}");
$pageinfo = array();
if ($vbulletin->GPC['highlight']) {
$pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
}
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo['pp'] = $perpage;
}
$pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $totalposts, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo);
if ($thread['lastpost'] > $threadview) {
if ($firstnew) {
$firstunread = fetch_seo_url('thread', $threadinfo, array('page' => $vbulletin->GPC['pagenumber'])) . '#post' . $firstnew;
$show['firstunreadlink'] = true;
} else {
$firstunread = fetch_seo_url('thread', $threadinfo, array('goto' => 'newpost'));
$show['firstunreadlink'] = true;
}
} else {
$firstunread = '';
$show['firstunreadlink'] = false;
}
if ($vbulletin->userinfo['postorder']) {
// disable ajax qr when displaying linear newest first
$show['allow_ajax_qr'] = 0;
} else {
// only allow ajax on the last page of a thread when viewing oldest first
$show['allow_ajax_qr'] = $vbulletin->GPC['pagenumber'] == ceil($totalposts / $perpage) ? 1 : 0;
}
################################################################################
################ SHOW THREAD IN THREADED OR HYBRID MODE ########################
################################################################################
} else {
// ajax qr doesn't work with threaded controls
$show['allow_ajax_qr'] = 0;
require_once DIR . '/includes/functions_threadedmode.php';
// save data
$ipostarray = array();
$postarray = array();
$userarray = array();
$postparent = array();
$postorder = array();
$hybridposts = array();
$deletedparents = array();
$totalposts = 0;
$links = '';
$cache_postids = '';
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('showthread_query_postids_threaded')) ? eval($hook) : false;
// get all posts
$listposts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\t{$hook_query_joins}\n \t\tWHERE threadid = {$threadid}\n \t\t\t{$hook_query_where}\n \t\tORDER BY postid\n \t");
// $toppostid is the first post in the thread
// $curpostid is the postid passed from the URL, or if not specified, the first post in the thread
$ids = array();
while ($post = $db->fetch_array($listposts)) {
if ($post['visible'] == 2 and !$deljoin or $post['visible'] == 0 and !$show['approvepost'] or in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
$deletedparents["{$post['postid']}"] = iif(isset($deletedparents["{$post['parentid']}"]), $deletedparents["{$post['parentid']}"], $post['parentid']);
continue;
}
if (empty($toppostid)) {
$toppostid = $post['postid'];
}
if (empty($postid)) {
if (empty($curpostid)) {
$curpostid = $post['postid'];
if ($threadedmode == 2 and empty($vbulletin->GPC['postid'])) {
$vbulletin->GPC['postid'] = $curpostid;
}
$curpostparent = $post['parentid'];
}
} else {
if ($post['postid'] == $postid) {
$curpostid = $post['postid'];
$curpostparent = $post['parentid'];
}
}
$postparent["{$post['postid']}"] = $post['parentid'];
$ipostarray["{$post['parentid']}"][] = $post['postid'];
$postarray["{$post['postid']}"] = $post;
$userarray["{$post['userid']}"] = $db->escape_string($post['username']);
$totalposts++;
$ids[] = $post['postid'];
}
$db->free_result($listposts);
// hooks child posts up to new parent if actual parent has been deleted or hidden
if (count($deletedparents) > 0) {
foreach ($deletedparents as $dpostid => $dparentid) {
if (is_array($ipostarray[$dpostid])) {
foreach ($ipostarray[$dpostid] as $temppostid) {
$postparent[$temppostid] = $dparentid;
$ipostarray[$dparentid][] = $temppostid;
$postarray[$temppostid]['parentid'] = $dparentid;
}
unset($ipostarray[$dpostid]);
}
if ($curpostparent == $dpostid) {
$curpostparent = $dparentid;
}
}
}
unset($post, $listposts, $deletedparents);
if ($thread['attach']) {
require_once DIR . '/packages/vbattach/attach.php';
$attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
$postattach = $attach->fetch_postattach(0, $ids);
}
// get list of usernames from post list
$userjs = '';
foreach ($userarray as $userid => $username) {
if ($userid) {
$userjs .= "pu[{$userid}] = \"" . addslashes_js($username) . "\";\n";
}
}
unset($userarray, $userid, $username);
$parent_postids = fetch_post_parentlist($curpostid);
if (!$parent_postids) {
$currentdepth = 0;
} else {
$currentdepth = sizeof(explode(',', $parent_postids));
}
sort_threaded_posts();
if (empty($curpostid)) {
eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
}
if ($threadedmode == 2) {
$numhybrids = sizeof($hybridposts);
if ($vbulletin->GPC['pagenumber'] < 1) {
$vbulletin->GPC['pagenumber'] = 1;
}
$startat = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
if ($startat > $numhybrids) {
$vbulletin->GPC['pagenumber'] = 1;
$startat = 0;
}
$endat = $startat + $perpage;
for ($i = $startat; $i < $endat; $i++) {
if (isset($hybridposts["{$i}"])) {
if (!isset($FIRSTPOSTID)) {
$FIRSTPOSTID = $hybridposts["{$i}"];
}
$cache_postids .= ",{$hybridposts[$i]}";
$LASTPOSTID = $hybridposts["{$i}"];
}
}
$pageinfo = array('p' => $vbulletin->GPC['postid']);
if ($vbulletin->GPC['highlight']) {
$pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
}
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo['pp'] = $perpage;
}
$pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $numhybrids, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo);
} else {
$FIRSTPOSTID = $curpostid;
$LASTPOSTID = $curpostid;
// sort out which posts to cache:
if (!$vbulletin->options['threaded_maxcache']) {
$vbulletin->options['threaded_maxcache'] = 999999;
}
// cache $vbulletin->options['threaded_maxcache'] posts
// take 0.25 from above $curpostid
// and take 0.75 below
if (sizeof($postorder) <= $vbulletin->options['threaded_maxcache']) {
$startat = 0;
} else {
if ($curpostidkey + $vbulletin->options['threaded_maxcache'] * 0.75 > sizeof($postorder)) {
$startat = sizeof($postorder) - $vbulletin->options['threaded_maxcache'];
} else {
if ($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25 < 0) {
$startat = 0;
} else {
$startat = intval($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25);
}
}
}
unset($curpostidkey);
foreach ($postorder as $postkey => $pid) {
if ($postkey > $startat + $vbulletin->options['threaded_maxcache']) {
break;
}
if ($postkey >= $startat and empty($morereplies["{$pid}"])) {
$cache_postids .= ',' . $pid;
}
}
// get next/previous posts for each post in the list
// key: NAVJS[postid][0] = prev post, [1] = next post
$NAVJS = array();
$prevpostid = 0;
foreach ($postorder as $pid) {
$NAVJS["{$pid}"][0] = $prevpostid;
$NAVJS["{$prevpostid}"][1] = $pid;
$prevpostid = $pid;
}
$NAVJS["{$toppostid}"][0] = $pid;
//prev button for first post
$NAVJS["{$pid}"][1] = $toppostid;
//next button for last post
$navjs = '';
foreach ($NAVJS as $pid => $info) {
$navjs .= "pn[{$pid}] = \"{$info['0']},{$info['1']}\";\n";
}
}
unset($ipostarray, $postparent, $postorder, $NAVJS, $postid, $info, $prevpostid, $postkey);
$cache_postids = substr($cache_postids, 1);
if (empty($cache_postids)) {
// umm... something weird happened. Just prevent an error.
eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false;
$cacheposts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*, usertextfield.*,\n \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,') . "\n \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n \t\t\t" . iif($deljoin, "deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,") . "\n \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n \t\t\t{$deljoin}\n \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n \t\t\t{$hook_query_joins}\n \t\tWHERE post.postid IN (" . $cache_postids . ") {$hook_query_where}\n \t");
// re-initialise the $postarray variable
$postarray = array();
while ($post = $db->fetch_array($cacheposts)) {
$postarray["{$post['postid']}"] = $post;
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
$vbulletin->options['viewattachedimages'] = 0;
$vbulletin->options['attachthumbs'] = 0;
}
// init
$postcount = 0;
$postbits = '';
$saveparsed = '';
$jspostbits = '';
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry =& $vbulletin;
$postbit_factory->forum =& $foruminfo;
$postbit_factory->thread =& $thread;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
foreach (explode(',', $cache_postids) as $id) {
// get the post from the post array
if (!isset($postarray["{$id}"])) {
continue;
}
$post = $postarray["{$id}"];
if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
continue;
}
if ($tachyuser) {
$fetchtype = 'post_global_ignore';
} else {
if ($ignore["{$post['userid']}"]) {
$fetchtype = 'post_ignore';
} else {
if ($post['visible'] == 2) {
$fetchtype = 'post_deleted';
} else {
$fetchtype = 'post';
}
}
}
if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
$fetchtype = 'post';
}
($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
$postbit_obj =& $postbit_factory->fetch_postbit($fetchtype);
if ($fetchtype == 'post') {
$postbit_obj->highlight =& $replacewords;
}
$postbit_obj->cachable = $post_cachable;
$post['postcount'] = ++$postcount;
$post['attachments'] =& $postattach["{$post['postid']}"];
$parsed_postcache = array('text' => '', 'images' => 1);
$bgclass = 'alt2';
if ($threadedmode == 2) {
$postbits .= $postbit_obj->construct_postbit($post);
} else {
$postbit = $postbit_obj->construct_postbit($post);
if ($curpostid == $post['postid']) {
$curpostdateline = $post['dateline'];
$curpostbit = $postbit;
}
$postbit = preg_replace('#</script>#i', "<\\/scr' + 'ipt>", addslashes_js($postbit));
$jspostbits .= "pd[{$post['postid']}] = '{$postbit}';\n";
}
// end threaded mode
if ($post_cachable and $post['pagetext_html'] == '') {
if (!empty($saveparsed)) {
$saveparsed .= ',';
}
$saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "'," . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if (!empty($postbit_obj->sig_cache) and $post['userid']) {
if (!empty($save_parsed_sigs)) {
$save_parsed_sigs .= ',';
}
$save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
}
if ($post['dateline'] > $displayed_dateline) {
$displayed_dateline = $post['dateline'];
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
}
// end while ($post)
$db->free_result($cacheposts);
if ($threadedmode == 1) {
$postbits = $curpostbit;
}
$templater = vB_Template::create('showthread_list');
$templater->register('curpostid', $curpostid);
$templater->register('highlightwords', $highlightwords);
$templater->register('jspostbits', $jspostbits);
$templater->register('links', $links);
$templater->register('navjs', $navjs);
$templater->register('threadedmode', $threadedmode);
$templater->register('userjs', $userjs);
$threadlist = $templater->render();
unset($curpostbit, $post, $cacheposts, $parsed_postcache, $postbit);
}
################################################################################
########################## END LINEAR / THREADED ###############################
################################################################################
$effective_lastpost = max($displayed_dateline, $thread['lastpost']);
// *********************************************************************************
//set thread last view
if ($thread['pollid'] and $vbulletin->options['updatelastpost'] and ($displayed_dateline == $thread['lastpost'] or $threadview == $thread['lastpost']) and $pollinfo['lastvote'] > $thread['lastpost']) {
$displayed_dateline = $pollinfo['lastvote'];
}
if ((!$vbulletin->GPC['posted'] or $updatethreadcookie) and $displayed_dateline and $displayed_dateline > $threadview) {
mark_thread_read($threadinfo, $foruminfo, $vbulletin->userinfo['userid'], $displayed_dateline);
}
// FRNR Below
fr_update_subsent($threadinfo['threadid'], $displayed_dateline);
if (!is_array($posts_out)) {
$posts_out = array();
}
// Figure out if we can post
$canpost = true;
if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
$canpost = false;
}
if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
$canpost = false;
}
if (!$threadinfo['open']) {
if (!can_moderate($threadinfo['forumid'], 'canopenclose')) {
$canpost = false;
}
}
if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
$canpost = false;
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) {
$canpost = false;
}
$mod = 0;
if (can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts')) {
$mod |= MOD_DELETEPOST;
}
if (can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
if ($threadinfo['sticky']) {
$mod |= MOD_UNSTICK;
} else {
$mod |= MOD_STICK;
}
}
if ($threadinfo['visible'] != 2 and can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts') or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and ($vbulletin->options['edittimelimit'] == 0 or $threadinfo['dateline'] > TIMENOW - $vbulletin->options['edittimelimit'] * 60)) {
$mod |= MOD_DELETETHREAD;
}
if (can_moderate($threadinfo['forumid'], 'canopenclose') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) {
if ($threadinfo['open']) {
$mod |= MOD_CLOSE;
} else {
$mod |= MOD_OPEN;
}
}
if (can_moderate($threadinfo['forumid'], 'canmanagethreads') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) {
$mod |= MOD_MOVETHREAD;
}
if ($show['spamctrls']) {
$mod |= MOD_SPAM_CONTROLS;
}
$out = array('posts' => $posts_out, 'total_posts' => $totalposts, 'page' => $vbulletin->GPC['pagenumber'], 'canpost' => $canpost ? 1 : 0, 'mod' => $mod, 'pollid' => $thread['pollid'], 'subscribed' => $threadinfo['issubscribed'] ? 1 : 0, 'title' => prepare_utf8_string($thread['title']), 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid']);
if ($postid) {
$out['gotopostid'] = $postid;
}
return $out;
}
if (empty($vbulletin->GPC['limitstart'])) {
$vbulletin->GPC['limitstart'] = 0;
} else {
$vbulletin->GPC['limitstart']--;
}
if (empty($vbulletin->GPC['limitnumber']) or $vbulletin->GPC['limitnumber'] == 0) {
$vbulletin->GPC['limitnumber'] = 25;
}
$searchquery = "\n\t\tSELECT\n\t\tuser.userid, reputation, username, usergroupid, birthday_search, email,\n\t\tparentemail,(options & " . $vbulletin->bf_misc_useroptions['coppauser'] . ") AS coppauser, homepage, icq, aim, yahoo, msn, skype, signature,\n\t\tusertitle, joindate, lastpost, posts, ipaddress, lastactivity, userfield.*\n\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\tWHERE {$condition}\n\t\tORDER BY " . $db->escape_string($vbulletin->GPC['orderby']) . " " . $db->escape_string($vbulletin->GPC['direction']) . "\n\t\tLIMIT " . $vbulletin->GPC['limitstart'] . ", " . $vbulletin->GPC['limitnumber'];
$countusers = $db->query_first("\n\t\tSELECT COUNT(*) AS users\n\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\tWHERE {$condition}\n\t");
$users = $db->query_read($searchquery);
if ($countusers['users'] == 1) {
// show a user if there is just one found
$user = $db->fetch_array($users);
// instant redirect
exec_header_redirect("user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u={$user['userid']}");
} else {
if ($countusers['users'] == 0) {
// no users found!
print_stop_message('no_users_matched_your_query');
}
}
define('DONEFIND', true);
$_REQUEST['do'] = 'find2';
}
// #############################################################################
print_cp_header($vbphrase['user_manager']);
if (empty($_REQUEST['do'])) {
$_REQUEST['do'] = 'modify';
}
// ###################### Start email password #######################
$vbulletin->input->clean_array_gpc('r', array('redirect' => TYPE_NOHTML));
# Not sure where this comes from
if (!empty($vbulletin->GPC['redirect'])) {
define('CP_REDIRECT', $vbulletin->GPC['redirect']);
print_stop_message('redirecting_please_wait');
}
// #############################################################################
// ############################### LOG OUT OF CP ###############################
// #############################################################################
if ($_REQUEST['do'] == 'cplogout') {
vbsetcookie('cpsession', '', false, true, true);
$db->query_write("DELETE FROM " . TABLE_PREFIX . "cpsession WHERE userid = " . $vbulletin->userinfo['userid'] . " AND hash = '" . $db->escape_string($vbulletin->GPC[COOKIE_PREFIX . 'cpsession']) . "'");
if (!empty($vbulletin->session->vars['sessionurl_js'])) {
exec_header_redirect('index.php?' . $vbulletin->session->vars['sessionurl_js']);
} else {
exec_header_redirect('index.php');
}
}
if (empty($_REQUEST['do'])) {
$_REQUEST['do'] = 'frames';
}
if ($_REQUEST['do'] == 'frames') {
$vbulletin->input->clean_array_gpc('r', array('loc' => TYPE_NOHTML));
$navframe = '<frame src="index.php?' . $vbulletin->session->vars['sessionurl'] . "do=nav" . iif($cpnavjs, '&cpnavjs=1') . "\" name=\"nav\" scrolling=\"yes\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" border=\"no\" />\n";
$headframe = '<frame src="index.php?' . $vbulletin->session->vars['sessionurl'] . "do=head\" name=\"head\" scrolling=\"no\" noresize=\"noresize\" frameborder=\"0\" marginwidth=\"10\" marginheight=\"0\" border=\"no\" />\n";
$mainframe = '<frame src="' . iif(!empty($vbulletin->GPC['loc']), $vbulletin->GPC['loc'], 'index.php?' . $vbulletin->session->vars['sessionurl'] . 'do=home') . "\" name=\"main\" scrolling=\"yes\" frameborder=\"0\" marginwidth=\"10\" marginheight=\"10\" border=\"no\" />\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="<?php
echo $stylevar['textdirection'];
?>
// #############################################################################
// check that board is active - if not admin, then display error
if ((!$vbulletin->options['bbactive'] AND !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) OR !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']))
{
exec_header_redirect($vbulletin->options['bburl'] . '/' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']);
}
// if password is expired, deny access
if ($vbulletin->userinfo['userid'] AND $permissions['passwordexpires'])
{
$passworddaysold = floor((TIMENOW - $vbulletin->userinfo['passworddate']) / 86400);
if ($passworddaysold >= $permissions['passwordexpires'])
{
exec_header_redirect($vbulletin->options['bburl'] . '/' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']);
}
}
verify_ip_ban();
$cache_templates = array('ad_archive_above_content1', 'ad_archive_above_content2', 'ad_archive_below_content');
($hook = vBulletinHook::fetch_hook('archive_global')) ? eval($hook) : false;
cache_templates($cache_templates, $style['templatelist']);
unset($cache_templates);
// #########################################################################################
// ###################### ARCHIVE FUNCTIONS ################################################
),
);
$actiontemplates['dosearch'] =& $actiontemplates['search'];
if (empty($_REQUEST['do']))
{
$_REQUEST['do'] = 'search';
}
// ######################### REQUIRE BACK-END ############################
require_once('./global.php');
// Temporarily disabling this entry point. This will be revisited. Bug #33021
exec_header_redirect('search.php?' . $vbulletin->session->vars['sessionurl'] . 'search_type=1#ads=15', 301);
require_once(DIR . '/includes/functions_bigthree.php');
require_once(DIR . '/includes/blog_init.php');
require_once(DIR . '/includes/blog_functions_search.php');
// ### STANDARD INITIALIZATIONS ###
$navbits = array();
/* Check they can view a blog, any blog */
if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
{
if (!$vbulletin->userinfo['userid'] OR !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']))
{
print_no_permission();
}
*/
// #######################################################################
if ($_REQUEST['do'] == 'cloud') {
$vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT));
if ($vbulletin->GPC['userid']) {
$userinfo = fetch_userinfo($vbulletin->GPC['userid']);
if (!$userinfo['canviewmyblog']) {
print_no_permission();
}
if ($vbulletin->userinfo['userid'] == $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) {
print_no_permission();
}
if ($vbulletin->userinfo['userid'] != $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) {
// Can't view other's entries so off you go to your own blog.
exec_header_redirect("blog.php?{$session['sessionurl']}u=" . $vbulletin->userinfo['userid']);
}
$show['usercloud'] = true;
$tag_cloud = fetch_blog_tagcloud('usage', false, $userinfo['userid']);
} else {
$tag_cloud = fetch_blog_tagcloud('usage');
}
$navbits = construct_navbits(array('blog.php' . $vbulletin->session->vars['sessionurl_q'] => $vbphrase['blogs'], '' => $vbphrase['tags']));
$navbar = render_navbar_template($navbits);
($hook = vBulletinHook::fetch_hook('blog_tags_cloud_complete')) ? eval($hook) : false;
if ($userinfo) {
$sidebar =& build_user_sidebar($userinfo);
} else {
$sidebar =& build_overview_sidebar();
}
$templater = vB_Template::create('blog_tag_cloud');
$anncdata->set_existing($announcementinfo);
$anncdata->delete();
if ($announcementinfo['forumid'] == -1)
{
$vbulletin->url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'];
}
else
{
$vbulletin->url = fetch_seo_url('forum', array('forumid' => $announcementinfo['forumid'], 'title' => $vbulletin->forumcache["$announcementinfo[forumid]"]));
}
eval(print_standard_redirect('deleted_announcement'));
}
else
{
exec_header_redirect('announcement.php?' . $vbulletin->session->vars['sessionurl'] . "do=edit&a=$announcementinfo[announcementid]");
}
}
// #############################################################################
// insert or update an announcement
if ($_POST['do'] == 'update')
{
$vbulletin->input->clean_array_gpc('p', array(
'wysiwyg' => TYPE_BOOL,
'preview' => TYPE_STR,
'title' => TYPE_STR,
'message' => TYPE_STR,
'forumid' => TYPE_INT,
'startdate' => TYPE_ARRAY_UINT,
'enddate' => TYPE_ARRAY_UINT,
($hook = vBulletinHook::fetch_hook('photoplog_edit_sqlreplace')) ? eval($hook) : false;
if ($db->query_write("REPLACE INTO " . PHOTOPLOG_PREFIX . "photoplog_fileuploads\r\n\t\t\t(fileid, userid, username, title, description, filename, filesize, dateline, views, catid, moderate, dimensions, setid, \r\n\t\t\tfielddata, num_comments0, num_comments1, num_ratings0, num_ratings1, sum_ratings0, sum_ratings1,\r\n\t\t\tlast_comment_dateline0, last_comment_dateline1, last_comment_id0, last_comment_id1, albumids, exifinfo)\r\n\t\t\tVALUES (\r\n\t\t\t\t" . intval($photoplog_file_id) . ",\r\n\t\t\t\t" . intval($photoplog_file_userid) . ",\r\n\t\t\t\t'" . $db->escape_string($photoplog_file_username) . "',\r\n\t\t\t\t'" . $db->escape_string($photoplog_file_title) . "',\r\n\t\t\t\t'" . $db->escape_string($photoplog_file_description) . "',\r\n\t\t\t\t'" . $db->escape_string($photoplog_replace_name) . "',\r\n\t\t\t\t" . intval($photoplog_file_size) . ",\r\n\t\t\t\t" . intval($photoplog_file_dateline) . ",\r\n\t\t\t\t" . intval($photoplog_file_views) . ",\r\n\t\t\t\t" . intval($photoplog_file_catid) . ",\r\n\t\t\t\t" . intval($photoplog_file_moderate) . ",\r\n\t\t\t\t'" . $db->escape_string($photoplog['dimensions']) . "',\r\n\t\t\t\t" . intval($photoplog_file_setid) . ",\r\n\t\t\t\t'" . $db->escape_string($photoplog_fielddata) . "',\r\n\t\t\t\t" . intval($photoplog_file_nc0) . ",\r\n\t\t\t\t" . intval($photoplog_file_nc1) . ",\r\n\t\t\t\t" . intval($photoplog_file_nr0) . ",\r\n\t\t\t\t" . intval($photoplog_file_nr1) . ",\r\n\t\t\t\t" . intval($photoplog_file_sr0) . ",\r\n\t\t\t\t" . intval($photoplog_file_sr1) . ",\r\n\t\t\t\t" . intval($photoplog_file_lcd0) . ",\r\n\t\t\t\t" . intval($photoplog_file_lcd1) . ",\r\n\t\t\t\t" . intval($photoplog_file_lci0) . ",\r\n\t\t\t\t" . intval($photoplog_file_lci1) . ",\r\n\t\t\t\t'" . $db->escape_string($photoplog_albumids) . "',\r\n\t\t\t\t'" . $db->escape_string($photoplog_exifinfo) . "'\r\n\t\t\t)\r\n\t\t")) {
if ($photoplog_file_catid_default >= 0 && $photoplog_file_catid != $photoplog_file_catid_default) {
$db->query_write("UPDATE " . PHOTOPLOG_PREFIX . "photoplog_ratecomment\r\n\t\t\t\t\t\tSET catid = " . intval($photoplog_file_catid) . "\r\n\t\t\t\t\t\tWHERE fileid = " . intval($photoplog_file_id) . "\r\n\t\t\t");
photoplog_update_counts_table($photoplog_file_catid_default);
}
photoplog_update_counts_table($photoplog_file_catid);
if ($photoplog_file_moderate == 1 && $vbulletin->options['photoplog_admin_email']) {
$photoplog_subject = $photoplog_message = '';
eval(fetch_email_phrases('photoplog_mod_file', -1, '', 'photoplog_'));
vbmail($vbulletin->options['webmasteremail'], $photoplog_subject, $photoplog_message, true);
}
if ($photoplog_file_old && $photoplog_file_edit) {
@unlink($photoplog_directory_name . "/" . $photoplog_file_old);
@unlink($photoplog_directory_name . "/large/" . $photoplog_file_old);
@unlink($photoplog_directory_name . "/medium/" . $photoplog_file_old);
@unlink($photoplog_directory_name . "/small/" . $photoplog_file_old);
}
($hook = vBulletinHook::fetch_hook('photoplog_edit_doedit_complete')) ? eval($hook) : false;
$photoplog_id = intval($photoplog_file_id);
$photoplog_url = $photoplog['location'] . '/index.php?' . $vbulletin->session->vars['sessionurl'] . 'n=' . $photoplog_id;
exec_header_redirect($photoplog_url);
exit;
} else {
photoplog_output_page('photoplog_error_page', $vbphrase['photoplog_error'], $vbphrase['photoplog_bad_luck']);
}
}
($hook = vBulletinHook::fetch_hook('photoplog_edit_complete')) ? eval($hook) : false;
if ($_REQUEST['do'] != 'edit' && $_POST['do'] != 'doedit') {
photoplog_index_bounce();
}
}
}
}
$output .= "</ol>\n</div>\n";
} else {
$output .= "<div id=\"content\">\n";
$output .= print_archive_forum_list($f);
$output .= "</div>\n";
}
}
// ********************************************************************************************
// display thread
if ($do == 'thread') {
if (!$vbulletin->options['archive_threadtype']) {
// if we are not using the archive threadtype, invisibly redirect to the full thread view
exec_header_redirect($vbulletin->options['bburl'] . "/showthread.php?" . $vbulletin->session->vars['sessionurl_js'] . "t={$threadinfo['threadid']}");
}
if ($vbulletin->options['wordwrap'] != 0) {
$threadinfo['title'] = fetch_word_wrapped_string($threadinfo['title']);
}
$threadinfo['title'] = fetch_censored_text($threadinfo['title']);
$output .= print_archive_navigation($foruminfo, $threadinfo);
$output .= "<p class=\"largefont\">{$vbphrase['view_full_version']} : " . ($threadinfo['prefix_plain_html'] ? "{$threadinfo['prefix_plain_html']} " : '') . "<a href=\"" . $vbulletin->options['bburl'] . "/showthread.php?t={$threadinfo['threadid']}\">{$threadinfo['title']}</a></p>\n<hr />\n";
if ($p == 0) {
$p = 1;
}
$output .= print_archive_page_navigation($threadinfo['replycount'] + 1, $vbulletin->options['archive_postsperpage'], "t-{$threadinfo['threadid']}");
$posts = $db->query_read_slave("\n\t\tSELECT post.postid, post.pagetext, IFNULL( user.username , post.username ) AS username, dateline\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = post.userid)\n\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\tAND visible = 1\n\t\t\t{$globalignore}\n\t\tORDER BY dateline ASC\n\t\tLIMIT " . ($p - 1) * $vbulletin->options['archive_postsperpage'] . ',' . $vbulletin->options[archive_postsperpage]);
if ($pda and false) {
$output .= "<span id=\"posting\"><a href=\"?message=1\" rel=\"nofollow\">New Reply</a></span>";
}
if (can_moderate($forumid, 'canmassprune')) {
exec_header_redirect($vbulletin->config['Misc']['modcpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('thread.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=prune'));
} else {
print_no_permission();
}
}
}
// #############################################################################
if ($_REQUEST['do'] == 'modposts') {
if (can_moderate(0, 'canmoderateposts')) {
exec_header_redirect($vbulletin->config['Misc']['modcpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('moderate.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=posts'));
} else {
print_no_permission();
}
}
// #############################################################################
if ($_REQUEST['do'] == 'modattach') {
if (can_moderate(0, 'canmoderateattachments')) {
exec_header_redirect($vbulletin->config['Misc']['modcpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('moderate.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=attachments'));
} else {
print_no_permission();
}
}
print_no_permission();
//setup redirects for other options in moderators cp
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 22:41, Fri Oct 10th 2008
|| # CVS: $RCSfile$ - $Revision: 26399 $
|| ####################################################################
\*======================================================================*/
if ($show['max_pic_limit'] or $show['max_totalsize_limit'] or $show['max_picsize_limit'] or $show['max_dim_limit']) {
$show['limit_info'] = true;
$limit_info = array('pic_remain' => vb_number_format($pics_remain), 'totalsize_remain' => vb_number_format($size_overage * -1, 0, true), 'width_limit' => $userinfo['permissions']['albumpicmaxwidth'] ? vb_number_format($userinfo['permissions']['albumpicmaxwidth']) : $vbphrase['unlimited'], 'height_limit' => $userinfo['permissions']['albumpicmaxheight'] ? vb_number_format($userinfo['permissions']['albumpicmaxheight']) : $vbphrase['unlimited'], 'picsize_limit' => vb_number_format($userinfo['permissions']['albumpicmaxsize'], 0, true));
}
$show['moderation'] = $moderatedpictures;
($hook = vBulletinHook::fetch_hook('album_picture_add')) ? eval($hook) : false;
// navbar and final output
$navbits = construct_navbits(array('member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}" => construct_phrase($vbphrase['xs_profile'], $userinfo['username']), 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}" => $vbphrase['albums'], 'album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albuminfo['albumid']}" => $albuminfo['title_html'], '' => $vbphrase['upload_pictures']));
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('album_picture_upload') . '");');
}
// #######################################################################
if ($_POST['do'] == 'doaddgroupmult') {
$vbulletin->input->clean_array_gpc('p', array('groupid' => TYPE_UINT, 'pictureids' => TYPE_ARRAY_UINT, 'cancel' => TYPE_STR, 'pagenumber' => TYPE_UINT));
if ($vbulletin->GPC['cancel']) {
exec_header_redirect('album.php?' . $vbulletin->session->vars['sessionurl'] . 'albumid=' . $albuminfo['albumid'] . ($vbulletin->GPC['pagenumber'] > 1 ? '&page=' . $vbulletin->GPC['pagenumber'] : ''));
}
if (empty($albuminfo)) {
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
}
if ($userinfo['userid'] != $vbulletin->userinfo['userid'] or !($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_groups']) or !$vbulletin->options['socnet_groups_albums_enabled'] or !($vbulletin->userinfo['permissions']['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canviewgroups'])) {
print_no_permission();
}
if (!$vbulletin->GPC['groupid']) {
standard_error(fetch_error('must_select_valid_group_add_pictures'));
}
if (empty($vbulletin->GPC['pictureids'])) {
standard_error(fetch_error('must_select_valid_pictures_add_group'));
}
require_once DIR . '/includes/functions_socialgroup.php';
$group = fetch_socialgroupinfo($vbulletin->GPC['groupid']);
