function doAction($action) { if ($action == 'use') { global $vbulletin; $itemtypeids = explode(',', $this->itemtype->data['options']['itemtypeids']); $newitemids = array(); if (count($itemtypeids)) { foreach ($itemtypeids as $itemtypeid) { $itemtypes[] = newItemType($itemtypeid); } foreach ($itemtypes as $itemtype_obj) { if ($itemtype_obj) { $itemtype = $itemtype_obj->data; $itemoptions = array(); if ($itemtype_obj->options['use_duration']) { $itemoptions['duration'] = $this->data['options']['duration']; } $item_new = array('type' => $itemtype['itemtypeid'], 'name' => "{$itemtype['name']}", 'description' => $vbulletin->db->escape_string($this->data['description']), 'price' => $this->data['price'], 'userid' => $vbulletin->userinfo['userid'], 'creator' => $vbulletin->userinfo['userid'], 'create_time' => TIMENOW, 'expire_time' => $this->data['expire_time'], 'status' => KBANK_ITEM_AVAILABLE, 'options' => serialize($itemoptions)); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items')); $newitemids[] = $vbulletin->db->insert_id(); } } } $item_new = array('status' => KBANK_ITEM_USED, 'expire_time' => TIMENOW); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); if (count($newitemids)) { $itemid = $newitemids[count($newitemids) - 1]; //get the last new itemid $vbulletin->url = $vbulletin->kbank['phpfile'] . '?' . $vbulletin->session->vars['sessionurl'] . "do=myitems&itemid={$itemid}#item{$itemid}"; } } return parent::doAction($action); }
function doAction($action) { global $kbank, $vbulletin, $bbuserinfo, $permissions, $KBANK_HOOK_NAME; if ($action == 'enable') { $item = $this->data; eval('$tmp = "' . fetch_template('kbank_template_announce_enable') . '";'); eval(standard_error($tmp)); } if ($action == 'do_enable') { if ($this->ready2Enable()) { $vbulletin->input->clean_array_gpc('r', array('url' => TYPE_NOHTML, 'text' => TYPE_NOHTML)); if (strlen($vbulletin->GPC['text']) > $this->itemtypedata['options']['text_max']) { $vbulletin->GPC['text'] = substr($vbulletin->GPC['text'], 0, $this->itemtypedata['options']['text_max']) . '..'; } $url_cutoff = array('javascript:', 'ftp://'); $vbulletin->GPC['url'] = str_replace($url_cutoff, '', $vbulletin->GPC['url']); if (substr($vbulletin->GPC['url'], 0, 7) != 'http://') { $vbulletin->GPC['url'] = 'http://' . $vbulletin->GPC['url']; } $item_new = array('status' => KBANK_ITEM_ENABLED, 'expire_time' => iif(!$this->data['options']['enabled'], iif($this->data['options']['duration'] > 0, TIMENOW + $this->data['options']['duration'] * 24 * 60 * 60, -1), $this->data['expire_time']), 'options' => serialize(array('url' => $vbulletin->GPC['url'], 'text' => $vbulletin->GPC['text'], 'enabled' => 1))); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data['itemid']}")); //Update datastore updateAnnounceCache(); } } if ($this->data['status'] == KBANK_ITEM_ENABLED and ($action == 'sell' or $action == 'gift')) { //Update datastore updateAnnounceCache(); } if ($action == 'disable') { if ($this->ready2Disable()) { $item_new = array('status' => KBANK_ITEM_AVAILABLE); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); //Update datastore updateAnnounceCache(); } } if ($action == 'work_real' && $KBANK_HOOK_NAME == KBANK_GLOBAL_START) { global $kbank_announces; $kbank_announces[] = array('url' => $this->data['options']['url'], 'text' => $vbulletin->kbankBBCodeParser->parse_bbcode($this->data['options']['text'], true), 'owner' => getUsername($this->data)); } return parent::doAction($action); }
/** * Everything that comes after the install - no reason to break this up into chunks at present * */ public function post_install() { // dependencies checked, install code run. Now clear out the old product info; // settings should be retained in memory already delete_product($this->productinfo['productid'], false, true); $codes =& $this->productobj['codes']['code']; if (!isset($codes[0])) { $codes = array($codes); } if (is_array($codes)) { // we've now run all the codes, if execution is still going // then it's going to complete fully, so insert the codes foreach ($codes as $code) { /* insert query */ $this->db->query_write("\n\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "productcode\n\t\t\t\t\t\t(productid, version, installcode, uninstallcode)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t('" . $this->db->escape_string($this->productinfo['productid']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($code['version']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($code['installcode']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($code['uninstallcode']) . "')\n\t\t\t\t"); } } if (is_array($this->productobj['dependencies']['dependency'])) { $dependencies =& $this->productobj['dependencies']['dependency']; if (!isset($dependencies[0])) { $dependencies = array($dependencies); } // dependencies met, codes run -- now we can insert the dependencies into the DB foreach ($dependencies as $dependency) { /* insert query */ $this->db->query_write("\n\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "productdependency\n\t\t\t\t\t\t(productid, dependencytype, parentproductid, minversion, maxversion)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t('" . $this->db->escape_string($this->productinfo['productid']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($dependency['dependencytype']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($dependency['parentproductid']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($dependency['minversion']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($dependency['maxversion']) . "')\n\t\t\t\t"); } } /* insert query */ $this->db->query_write("\n\t\t\tINSERT INTO " . TABLE_PREFIX . "product\n\t\t\t\t(productid, title, description, version, active, url, versioncheckurl)\n\t\t\tVALUES\n\t\t\t\t('" . $this->db->escape_string($this->productinfo['productid']) . "',\n\t\t\t\t'" . $this->db->escape_string($this->productinfo['title']) . "',\n\t\t\t\t'" . $this->db->escape_string($this->productinfo['description']) . "',\n\t\t\t\t'" . $this->db->escape_string($this->productinfo['version']) . "',\n\t\t\t\t" . intval($this->active) . ",\n\t\t\t\t'" . $this->db->escape_string($this->productinfo['url']) . "',\n\t\t\t\t'" . $this->db->escape_string($this->productinfo['versioncheckurl']) . "')\n\t\t"); // ############## import templates if (!empty($this->productobj['templates']['template']) and is_array($this->productobj['templates']['template'])) { $querybits = array(); $querytemplates = 0; $templates =& $this->productobj['templates']['template']; if (!isset($templates[0])) { $templates = array($templates); } foreach ($templates as $template) { $title = $this->db->escape_string($template['name']); $template['template'] = $this->db->escape_string($template['value']); $template['username'] = $this->db->escape_string($template['username']); $template['templatetype'] = $this->db->escape_string($template['templatetype']); $template['date'] = intval($template['date']); if ($template['templatetype'] != 'template') { // template is a special template $querybits[] = "(-1, '{$template['templatetype']}', '{$title}', '{$template['template']}', '', {$template['date']}, '{$template['username']}', '" . $this->db->escape_string($template['version']) . "', '" . $this->db->escape_string($this->productinfo['productid']) . "')"; } else { // template is a standard template $querybits[] = "(-1, '{$template['templatetype']}', '{$title}', '" . $this->db->escape_string(compile_template($template['value'])) . "', '{$template['template']}', {$template['date']}, '{$template['username']}', '" . $this->db->escape_string($template['version']) . "', '" . $this->db->escape_string($this->productinfo['productid']) . "')"; } if (++$querytemplates % 20 == 0) { /*insert query*/ $this->db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "template\n\t\t\t\t\t\t\t(styleid, templatetype, title, template, template_un, dateline, username, version, product)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t" . implode(',', $querybits) . "\n\t\t\t\t\t"); $querybits = array(); } if (!defined('SUPPRESS_KEEPALIVE_ECHO')) { echo ' '; vbflush(); } } // insert any remaining templates if (!empty($querybits)) { /*insert query*/ $this->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "template\n\t\t\t\t\t\t(styleid, templatetype, title, template, template_un, dateline, username, version, product)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t" . implode(',', $querybits) . "\n\t\t\t\t"); } unset($querybits); $rebuild['templates'] = true; } if (is_array($this->productobj['templates_mobile']['template'])) { $querybits = array(); $querytemplates = 0; $templates =& $this->productobj['templates_mobile']['template']; if (!isset($templates[0])) { $templates = array($templates); } foreach ($templates as $template) { $title = $this->db->escape_string($template['name']); $template['template'] = $this->db->escape_string($template['value']); $template['username'] = $this->db->escape_string($template['username']); $template['templatetype'] = $this->db->escape_string($template['templatetype']); $template['date'] = intval($template['date']); if ($template['templatetype'] != 'template') { // template is a special template $querybits[] = "(-2, '{$template['templatetype']}', '{$title}', '{$template['template']}', '', {$template['date']}, '{$template['username']}', '" . $this->db->escape_string($template['version']) . "', '" . $this->db->escape_string($this->productinfo['productid']) . "')"; } else { // template is a standard template $querybits[] = "(-2, '{$template['templatetype']}', '{$title}', '" . $this->db->escape_string(compile_template($template['value'])) . "', '{$template['template']}', {$template['date']}, '{$template['username']}', '" . $this->db->escape_string($template['version']) . "', '" . $this->db->escape_string($this->productinfo['productid']) . "')"; } if (++$querytemplates % 20 == 0) { /*insert query*/ $this->db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "template\n\t\t\t\t\t\t\t(styleid, templatetype, title, template, template_un, dateline, username, version, product)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t" . implode(',', $querybits) . "\n\t\t\t\t\t"); $querybits = array(); } if (!defined('SUPPRESS_KEEPALIVE_ECHO')) { echo ' '; vbflush(); } } // insert any remaining templates if (!empty($querybits)) { /*insert query*/ $this->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "template\n\t\t\t\t\t\t(styleid, templatetype, title, template, template_un, dateline, username, version, product)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t" . implode(',', $querybits) . "\n\t\t\t\t"); } unset($querybits); $rebuild['templates'] = true; } // ############## import stylevars if (!empty($this->productobj['stylevardfns']['stylevargroup']) and is_array($this->productobj['stylevardfns']['stylevargroup'])) { xml_import_stylevar_definitions($this->productobj['stylevardfns'], $this->productinfo['productid'], -1); } if (!empty($this->productobj['stylevars']['stylevar']) and is_array($this->productobj['stylevars']['stylevar'])) { xml_import_stylevars($this->productobj['stylevars'], -1); } if (is_array($this->productobj['stylevardfns_mobile']['stylevargroup'])) { xml_import_stylevar_definitions($this->productobj['stylevardfns_mobile'], $this->productinfo['productid'], -2); } if (is_array($this->productobj['stylevars_mobile']['stylevar'])) { xml_import_stylevars($this->productobj['stylevars_mobile'], -2); } // ############## import hooks/plugins if (is_array($this->productobj['plugins']['plugin'])) { $plugins =& $this->productobj['plugins']['plugin']; if (!isset($plugins[0])) { $plugins = array($plugins); } foreach ($plugins as $plugin) { $plugin['product'] = $this->productinfo['productid']; unset($plugin['devkey']); $this->db->query_write(fetch_query_sql($plugin, 'plugin')); } $rebuild['plugins'] = true; } // ############## import phrases if (is_array($this->productobj['phrases']['phrasetype'])) { require_once DIR . '/includes/adminfunctions_language.php'; $master_phrasetypes = array(); $master_phrasefields = array(); foreach (fetch_phrasetypes_array(false) as $phrasetype) { $master_phrasefields["{$phrasetype['fieldname']}"] = true; } $phrasetypes =& $this->productobj['phrases']['phrasetype']; if (!isset($phrasetypes[0])) { $phrasetypes = array($phrasetypes); } foreach ($phrasetypes as $phrasetype) { if (empty($phrasetype['phrase'])) { continue; } if ($phrasetype['fieldname'] == '' or !preg_match('#^[a-z0-9_]+$#i', $phrasetype['fieldname'])) { continue; } $fieldname = $master_phrasefields["{$phrasetype['fieldname']}"]; if (!$fieldname) { $this->db->query_write("\n\t\t\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "phrasetype\n\t\t\t\t\t\t\t(fieldname, title, editrows, product)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t('" . $this->db->escape_string($phrasetype['fieldname']) . "',\n\t\t\t\t\t\t\t'" . $this->db->escape_string($phrasetype['name']) . "',\n\t\t\t\t\t\t\t3,\n\t\t\t\t\t\t\t'" . $this->db->escape_string($this->productinfo['productid']) . "')\n\t\t\t\t\t"); // need to add the column to the language table as well require_once DIR . '/includes/class_dbalter.php'; $this->db_alter = new vB_Database_Alter_MySQL($this->db); if ($this->db_alter->fetch_table_info('language')) { $this->db_alter->add_field(array('name' => "phrasegroup_{$phrasetype['fieldname']}", 'type' => 'mediumtext')); } } $phrases =& $phrasetype['phrase']; if (!isset($phrases[0])) { $phrases = array($phrases); } $sql = array(); foreach ($phrases as $phrase) { $sql[] = "\n\t\t\t\t\t\t(-1,\n\t\t\t\t\t\t'" . $this->db->escape_string($phrasetype['fieldname']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($phrase['name']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($phrase['value']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($this->productinfo['productid']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($phrase['username']) . "',\n\t\t\t\t\t\t" . intval($phrase['date']) . ",\n\t\t\t\t\t\t'" . $this->db->escape_string($phrase['version']) . "')\n\t\t\t\t\t"; } /*insert query*/ $this->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "phrase\n\t\t\t\t\t\t(languageid, fieldname, varname, text, product, username, dateline, version)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t" . implode(',', $sql)); } $rebuild['phrases'] = true; } // ############## import settings if (is_array($this->productobj['options']['settinggroup'])) { $settinggroups =& $this->productobj['options']['settinggroup']; if (!isset($settinggroups[0])) { $settinggroups = array($settinggroups); } foreach ($settinggroups as $group) { if (empty($group['setting'])) { continue; } // create the setting group if it doesn't already exist /*insert query*/ $this->db->query_write("\n\t\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "settinggroup\n\t\t\t\t\t\t(grouptitle, displayorder, volatile, product)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t('" . $this->db->escape_string($group['name']) . "',\n\t\t\t\t\t\t" . intval($group['displayorder']) . ",\n\t\t\t\t\t\t1,\n\t\t\t\t\t\t'" . $this->db->escape_string($this->productinfo['productid']) . "')\n\t\t\t\t"); $settings =& $group['setting']; if (!isset($settings[0])) { $settings = array($settings); } $setting_bits = array(); foreach ($settings as $setting) { if (isset($this->registry->options["{$setting['varname']}"])) { $newvalue = $this->registry->options["{$setting['varname']}"]; } else { $newvalue = $setting['defaultvalue']; } $setting_bits[] = "(\n\t\t\t\t\t\t'" . $this->db->escape_string($setting['varname']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($group['name']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string(trim($newvalue)) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string(trim($setting['defaultvalue'])) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string(trim($setting['datatype'])) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($setting['optioncode']) . "',\n\t\t\t\t\t\t" . intval($setting['displayorder']) . ",\n\t\t\t\t\t\t" . intval($setting['advanced']) . ",\n\t\t\t\t\t\t1,\n\t\t\t\t\t\t'" . $this->db->escape_string($setting['validationcode']) . "',\n\t\t\t\t\t\t" . intval($setting['blacklist']) . ",\n\t\t\t\t\t\t'" . $this->db->escape_string($this->productinfo['productid']) . "'\n\t)"; } /*insert query*/ $this->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "setting\n\t\t\t\t\t\t(varname, grouptitle, value, defaultvalue, datatype, optioncode, displayorder, advanced, volatile, validationcode, blacklist, product)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t" . implode(",\n\t", $setting_bits)); } $rebuild['options'] = true; } // ############## import admin help if (!empty($this->productobj['helptopics']['helpscript']) and is_array($this->productobj['helptopics']['helpscript'])) { $help_scripts =& $this->productobj['helptopics']['helpscript']; if (!isset($help_scripts[0])) { $help_scripts = array($help_scripts); } foreach ($help_scripts as $help_script) { // Deal with single entry if (!is_array($help_script['helptopic'][0])) { $help_script['helptopic'] = array($help_script['helptopic']); } $help_sql = array(); foreach ($help_script['helptopic'] as $topic) { $helpsql[] = "\n\t\t\t\t\t\t('" . $this->db->escape_string($help_script['name']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($topic['act']) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($topic['opt']) . "',\n\t\t\t\t\t\t" . intval($topic['disp']) . ",\n\t\t\t\t\t\t1,\n\t\t\t\t\t\t'" . $this->db->escape_string($this->productinfo['productid']) . "')\n\t\t\t\t\t"; } if (!empty($helpsql)) { /*insert query*/ $this->db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "adminhelp\n\t\t\t\t\t\t\t(script, action, optionname, displayorder, volatile, product)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t" . implode(",\n\t", $helpsql)); } } } // ############## import cron if (!empty($this->productobj['cronentries']['cron']) and is_array($this->productobj['cronentries']['cron'])) { require_once DIR . '/includes/functions_cron.php'; $cron_entries =& $this->productobj['cronentries']['cron']; if (!isset($cron_entries[0])) { $cron_entries = array($cron_entries); } foreach ($cron_entries as $cron) { $cron['varname'] = preg_replace('#[^a-z0-9_]#i', '', $cron['varname']); if (!$cron['varname']) { continue; } $cron['active'] = $cron['active'] ? 1 : 0; $cron['loglevel'] = $cron['loglevel'] ? 1 : 0; $scheduling = $cron['scheduling']; $scheduling['weekday'] = intval($scheduling['weekday']); $scheduling['day'] = intval($scheduling['day']); $scheduling['hour'] = intval($scheduling['hour']); $scheduling['minute'] = explode(',', preg_replace('#[^0-9,-]#i', '', $scheduling['minute'])); if (count($scheduling['minute']) == 0) { $scheduling['minute'] = array(0); } else { $scheduling['minute'] = array_map('intval', $scheduling['minute']); } /*insert query*/ $this->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "cron\n\t\t\t\t\t\t(weekday, day, hour, minute, filename, loglevel, active, varname, volatile, product)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t({$scheduling['weekday']},\n\t\t\t\t\t\t{$scheduling['day']},\n\t\t\t\t\t\t{$scheduling['hour']},\n\t\t\t\t\t\t'" . $this->db->escape_string(serialize($scheduling['minute'])) . "',\n\t\t\t\t\t\t'" . $this->db->escape_string($cron['filename']) . "',\n\t\t\t\t\t\t{$cron['loglevel']},\n\t\t\t\t\t\t{$cron['active']},\n\t\t\t\t\t\t'" . $this->db->escape_string($cron['varname']) . "',\n\t\t\t\t\t\t1,\n\t\t\t\t\t\t'" . $this->db->escape_string($this->productinfo['productid']) . "')\n\t\t\t\t"); $cronid = $this->db->insert_id(); // replace either inserts, or deletes+inserts if ($cronid) { build_cron_item($cronid); } $rebuild['cron'] = true; } } // ############## import faq if (!empty($this->productobj['faqentries']['faq']) and is_array($this->productobj['faqentries']['faq'])) { $faq_entries =& $this->productobj['faqentries']['faq']; if (!isset($faq_entries[0])) { $faq_entries = array($faq_entries); } $sql = array(); foreach ($faq_entries as $faq) { $sql[] = "\n\t\t\t\t\t('" . $this->db->escape_string($faq['faqname']) . "',\n\t\t\t\t\t'" . $this->db->escape_string($faq['faqparent']) . "',\n\t\t\t\t\t" . intval($faq['displayorder']) . ",\n\t\t\t\t\t1,\n\t\t\t\t\t'" . $this->db->escape_string($this->productinfo['productid']) . "')\n\t\t\t\t"; } if ($sql) { /*insert query*/ $this->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "faq\n\t\t\t\t\t\t(faqname, faqparent, displayorder, volatile, product)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t" . implode(',', $sql) . "\n\t\t\t\t"); } } $this->productinfo['process'] = VB_AREA; $this->productinfo['username'] = '******' . VB_AREA; import_navigation($this->productobj, $this->productinfo); $products = fetch_product_list(true); // Check if the plugin system is disabled. If it is, enable it if this product isn't installed. if (!$this->registry->options['enablehooks'] and !$products[$this->productinfo['productid']]) { $this->db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "setting\n\t\t\t\tSET value = '1'\n\t\t\t\tWHERE varname = 'enablehooks'\n\t\t\t"); $rebuild['options'] = true; } // Now rebuild everything we need... if ($rebuild['plugins']) { vBulletinHook::build_datastore($this->db); if ($this->active) { $plugin_data = $this->db->query_read("\n\t\t\t\t\tSELECT *\n\t\t\t\t\tFROM " . TABLE_PREFIX . "datastore\n\t\t\t\t\tWHERE title IN ('pluginlist', 'pluginlistadmin')\n\t\t\t\t"); while ($plugin_info = $this->db->fetch_array($plugin_data)) { if ($plugin_info['title'] == 'pluginlist') { $this->registry->pluginlist = unserialize($plugin_info['data']); } else { if ($plugin_info['title'] == 'pluginlistadmin') { $this->registry->pluginlistadmin = unserialize($plugin_info['data']); } } } // enable any hooks -- this is mainly necessary for importing templates (template_safe_functions hook) if (!defined('DISABLE_HOOKS') and VB_AREA != 'Upgrade') { if (!empty($this->registry->pluginlistadmin) and is_array($this->registry->pluginlistadmin)) { $this->registry->pluginlist = array_merge($this->registry->pluginlist, $this->registry->pluginlistadmin); unset($this->registry->pluginlistadmin); } vBulletinHook::set_pluginlist($this->registry->pluginlist, $vbulletin->options['hookerrors']); } } } if ($rebuild['templates']) { if ($error = build_all_styles(0, 0, '', false, 'standard')) { return $error; } if ($error = build_all_styles(0, 0, '', false, 'mobile')) { return $error; } } if ($rebuild['phrases']) { require_once DIR . '/includes/adminfunctions_language.php'; build_language(); } if ($rebuild['options']) { build_options(); } if ($rebuild['cron']) { require_once DIR . '/includes/functions_cron.php'; build_cron_next_run(); } build_product_datastore(); build_activitystream_datastore(); // build bitfields to remove/add this products bitfields vB_Bitfield_Builder::save($this->db); // reload block types $blockmanager = vB_BlockManager::create($this->registry); $blockmanager->reloadBlockTypes(); print_dots_stop(); $this->productinfo['need_merge'] = ($rebuild['templates'] and $installed_version); return $this->productinfo; }
$mimetype["{$index}"] = trim($value); } } else { $mimetype = array('Content-type: unknown/unknown'); } $vbulletin->GPC['type']['mimetype'] = serialize($mimetype); $contenttypes = array(); foreach ($vbulletin->GPC['default'] as $contenttypeid => $contenttype) { foreach ($contenttype as $key => $value) { $contenttypes["{$contenttypeid}"]["{$key}"] = intval($vbulletin->GPC['contenttype']["{$contenttypeid}"]["{$key}"]); } } $vbulletin->GPC['type']['contenttypes'] = serialize($contenttypes); define('CP_REDIRECT', 'attachment.php?do=types'); if ($vbulletin->GPC['extension']) { $db->query_write(fetch_query_sql($vbulletin->GPC['type'], 'attachmenttype', 'WHERE extension = \'' . $db->escape_string($vbulletin->GPC['extension']) . '\'')); build_attachment_permissions(); } else { /*insert query*/ $db->query_write("\n\t\t\tINSERT INTO " . TABLE_PREFIX . "attachmenttype\n\t\t\t(\n\t\t\t\textension,\n\t\t\t\tsize,\n\t\t\t\theight,\n\t\t\t\twidth,\n\t\t\t\tmimetype,\n\t\t\t\tcontenttypes\n\t\t\t)\n\t\t\tVALUES\n\t\t\t(\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['type']['extension']) . "',\n\t\t\t\t" . intval($vbulletin->GPC['type']['size']) . ",\n\t\t\t\t" . intval($vbulletin->GPC['type']['height']) . ",\n\t\t\t\t" . intval($vbulletin->GPC['type']['width']) . ",\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['type']['mimetype']) . "',\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['type']['contenttype']) . "'\n\t\t\t)\n\t\t"); build_attachment_permissions(); } print_stop_message('saved_attachment_type_x_successfully', $vbulletin->GPC['type']['extension']); } // ###################### Remove File Type #################### if ($_REQUEST['do'] == 'removetype') { $vbulletin->input->clean_array_gpc('r', array('extension' => TYPE_STR)); print_form_header('attachment', 'killtype', 0, 1, '', '75%'); construct_hidden_code('extension', $vbulletin->GPC['extension']); print_table_header(construct_phrase($vbphrase['confirm_deletion_of_attachment_type_x'], $vbulletin->GPC['extension'])); print_description_row("\n\t\t<blockquote><br />" . construct_phrase($vbphrase['are_you_sure_you_want_to_delete_the_attachment_type_x'], $vbulletin->GPC['extension']) . "\n\t\t<br /></blockquote>\n\t");
} unset($vbulletin->GPC['promotion']['reputationtype']); if (!empty($vbulletin->GPC['userpromotionid'])) { // update if ($vbulletin->GPC['usergroupid'] == $vbulletin->GPC['promotion']['joinusergroupid']) { print_stop_message('promotion_join_same_group'); } $db->query_write(fetch_query_sql($vbulletin->GPC['promotion'], 'userpromotion', "WHERE userpromotionid=" . $vbulletin->GPC['userpromotionid'])); } else { // insert $vbulletin->GPC['usergroupid'] = $vbulletin->GPC['promotion']['usergroupid']; if ($vbulletin->GPC['usergroupid'] == $vbulletin->GPC['promotion']['joinusergroupid']) { print_stop_message('promotion_join_same_group'); } /*insert query*/ $db->query_write(fetch_query_sql($vbulletin->GPC['promotion'], 'userpromotion')); } // $title = $db->query_first("SELECT title FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . $vbulletin->GPC['usergroupid']); // $message = str_replace('{title}', $title['title'], $message); define('CP_REDIRECT', "usergroup.php?do=modifypromotion" . ($vbulletin->GPC['returnug'] ? "&returnug=1&usergroupid=" . $vbulletin->GPC['usergroupid'] : '')); print_stop_message('saved_promotion_successfully'); } // ###################### Start Remove ####################### if ($_REQUEST['do'] == 'removepromotion') { $vbulletin->input->clean_array_gpc('r', array('userpromotionid' => TYPE_INT, 'returnug' => TYPE_BOOL)); print_delete_confirmation('userpromotion', $vbulletin->GPC['userpromotionid'], 'usergroup', 'killpromotion', 'promotion_usergroup', array('returnug' => $vbulletin->GPC['returnug'])); } // ###################### Start Kill ####################### if ($_POST['do'] == 'killpromotion') { $vbulletin->input->clean_array_gpc('p', array('userpromotionid' => TYPE_INT, 'returnug' => TYPE_BOOL)); $promotion = $db->query_first_slave("SELECT usergroupid FROM " . TABLE_PREFIX . "userpromotion WHERE userpromotionid = " . $vbulletin->GPC['userpromotionid']);
if (isset($api['currency'])) { if (empty($api['currency'])) { print_stop_message('please_complete_required_fields'); } } if (isset($api['recurring'])) { $api['recurring'] = intval($api['recurring']); } if (empty($api['title'])) { print_stop_message('please_complete_required_fields'); } if (empty($vbulletin->GPC['paymentapiid'])) { /*insert query*/ $db->query_write(fetch_query_sql($api, 'paymentapi')); } else { $db->query_write(fetch_query_sql($api, 'paymentapi', "WHERE paymentapiid=" . $vbulletin->GPC['paymentapiid'])); } toggle_subs(); define('CP_REDIRECT', 'subscriptions.php?do=api'); print_stop_message('saved_paymentapi_x_successfully', $api['title']); } // ###################### Start api ####################### if ($_REQUEST['do'] == 'api') { $options = array('edit' => $vbphrase['edit']); if ($vbulletin->debug) { $options['remove'] = $vbphrase['delete']; } ?> <script type="text/javascript"> function js_forum_jump(pid) {
$querydata = array('usergroupid' => $vbulletin->GPC['forumpermission']['usergroupid'], 'forumpermissions' => convert_array_to_bits($vbulletin->GPC['forumpermission'], $vbulletin->bf_ugp_forumpermissions, 1)); ($hook = vBulletinHook::fetch_hook('admin_fperms_save')) ? eval($hook) : false; if ($vbulletin->GPC['forumid']) { $querydata['forumid'] = $vbulletin->GPC['forumid']; $query = fetch_query_sql($querydata, 'forumpermission'); /*insert query*/ $db->query_write($query); $info['forumid'] = $vbulletin->GPC['forumid']; $foruminfo = $db->query_first("\n\t\t\t\tSELECT title\n\t\t\t\tFROM " . TABLE_PREFIX . "forum\n\t\t\t\tWHERE forumid = " . $vbulletin->GPC['forumid']); $groupinfo = $db->query_first("\n\t\t\t\tSELECT title\n\t\t\t\tFROM " . TABLE_PREFIX . "usergroup\n\t\t\t\tWHERE usergroupid = " . $vbulletin->GPC['forumpermission']['usergroupid']); build_forum_permissions(); define('CP_REDIRECT', "forumpermission.php?do=modify&f=" . $vbulletin->GPC['forumid']); print_stop_message('saved_forum_permissions_successfully'); } else { unset($querydata['usergroupid']); $query = fetch_query_sql($querydata, 'forumpermission', "WHERE forumpermissionid = " . $vbulletin->GPC['forumpermissionid']); $db->query_write($query); build_forum_permissions(); $info = $db->query_first($infoquery); define('CP_REDIRECT', "forumpermission.php?do=modify&f={$info['forumid']}#forum{$info['forumid']}"); print_stop_message('saved_forum_permissions_successfully'); } } } // ###################### Start duplicator ####################### if ($_REQUEST['do'] == 'duplicate') { $permgroups = $db->query_read("\n\t\tSELECT usergroup.usergroupid, title, COUNT(forumpermission.forumpermissionid) AS permcount\n\t\tFROM " . TABLE_PREFIX . "usergroup AS usergroup\n\t\tLEFT JOIN " . TABLE_PREFIX . "forumpermission AS forumpermission ON (usergroup.usergroupid = forumpermission.usergroupid)\n\t\tGROUP BY usergroup.usergroupid\n\t\tHAVING permcount > 0\n\t\tORDER BY title\n\t"); $ugarr = array(); while ($group = $db->fetch_array($permgroups)) { $ugarr["{$group['usergroupid']}"] = $group['title']; }
} else { if ($apiobj->type == 2) { // transaction is a reversal / refund $subobj->delete_user_subscription($apiobj->paymentinfo['subscriptionid'], $apiobj->paymentinfo['userid'], $apiobj->paymentinfo['subscriptionsubid']); } else { // its most likely a re-post of a payment, if we've already dealt with it serve up a redirect if ($apiobj->display_feedback) { $vbulletin->url = $vbulletin->options['bburl'] . '/payments.php'; eval(print_standard_redirect('payment_complete', true, true)); } } } } else { // something went horribly wrong, get $apiobj->error $trans = array('state' => 0, 'dateline' => TIMENOW, 'paymentapiid' => $api['paymentapiid'], 'request' => serialize(array('vb_error_code' => $apiobj->error_code, 'GET' => serialize($_GET), 'POST' => serialize($_POST)))); $db->query_write(fetch_query_sql($trans, 'paymenttransaction')); if ($apiobj->display_feedback and !empty($apiobj->error)) { //die("<p>{$apiobj->error}</p>"); // we dont load header / footer, so just show the LITE template define('VB_ERROR_LITE', true); standard_error($apiobj->error); } } } } else { exec_header_redirect($vbulletin->options['forumhome'] . '.php'); } /*======================================================================*\ || #################################################################### || # Downloaded: 22:41, Fri Oct 10th 2008 || # CVS: $RCSfile$ - $Revision: 26399 $
function doAction($action) { global $vbulletin, $vbphrase, $KBANK_HOOK_NAME; if ($action == 'use') { if ($this->ready2Enable()) { $item_new = array('status' => KBANK_ITEM_USED_WAITING, 'expire_time' => iif($this->data['options']['duration'] > 0, TIMENOW + $this->data['options']['duration'] * 24 * 60 * 60, -1)); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); if ($this->isAvatarItem and !$this->isSigPicItem) { $vbulletin->url = "profile.php?" . $vbulletin->session->vars['sessionurl'] . "do=editavatar"; } else { if (!$this->isAvatarItem and $this->isSigPicItem) { $vbulletin->url = "profile.php?" . $vbulletin->session->vars['sessionurl'] . "do=editsignature"; } else { $vbulletin->url = "profile.php?" . $vbulletin->session->vars['sessionurl']; } } eval(print_standard_redirect('kbank_use_successful')); } } if ($action == 'work' && $KBANK_HOOK_NAME == KBANK_GLOBAL_START && THIS_SCRIPT == 'profile') { global $permissions; $this->do_permissions($permissions, $this->itemtypedata['options']); //Update for later use (?) $vbulletin->userinfo['permissions'] = $permissions; } if ($action == 'work_expired') { global $vbphrase, $kbank_profile_images; $donow = true; $actionStatus = true; echo "Processing item ID#{$this->data[itemid]}<br/>"; //Search for activating item if (!isset($kbank_profile_images[$this->data['userid']])) { $kbank_profile_images[$this->data['userid']] = array(); $itemtypes = $vbulletin->db->query_read("\n\t\t\t\t\t\tSELECT \n\t\t\t\t\t\t\titems.itemid AS itemid\n\t\t\t\t\t\t\t, itemtypes.options AS itemtypeoptions\n\t\t\t\t\t\tFROM `" . TABLE_PREFIX . "kbank_items` AS items\n\t\t\t\t\t\tINNER JOIN `" . TABLE_PREFIX . "kbank_itemtypes` AS itemtypes ON (itemtypes.itemtypeid = items.type)\n\t\t\t\t\t\tWHERE itemtypes.filename = 'profile_images.kbank.php'\n\t\t\t\t\t\t\tAND items.status = " . KBANK_ITEM_USED_WAITING . "\n\t\t\t\t\t\t\tAND (items.expire_time > " . TIMENOW . "\n\t\t\t\t\t\t\t\tOR items.expire_time < 0)\n\t\t\t\t\t\t\tAND items.userid = {$this->data['userid']}\n\t\t\t\t\t"); while ($itemtype = $vbulletin->db->fetch_array($itemtypes)) { $tmp = unserialize($itemtype['itemtypeoptions']); foreach ($this->vars as $var) { $kbank_profile_images[$this->data['userid']][$var] = max($kbank_profile_images[$this->data['userid']][$var], $tmp[$var]); } } } //Check for activating item $donow = false; foreach ($this->vars as $var) { if ($kbank_profile_images[$this->data['userid']][$var] < $this->itemtypedata['options'][$var]) { $donow = true; } } if (!$donow) { //Found other stuff can handle everything echo 'User have other item(s), nothing to do now!<br/>'; } $status = array(); $message = array(); if ($donow) { $owner = fetch_userinfo($this->data['userid']); cache_permissions($owner, false); //Apply activating options to owner permissions; $this->do_permissions($owner['permissions'], $kbank_profile_images[$this->data['userid']]); foreach (array('Avatar', 'SigPic') as $type) { //If this item is this type eval('$work = iif($this->is' . $type . 'Item,true,false);'); switch ($type) { case 'Avatar': $table = 'customavatar'; $fullname = 'avatar'; $bits = $vbulletin->bf_ugp_genericpermissions; $permkey = 'genericpermissions'; $canuse = 'canuseavatar'; $dm = 'Userpic_Avatar'; break; case 'SigPic': $table = 'sigpic'; $fullname = 'sigpic'; $bits = $vbulletin->bf_ugp_signaturepermissions; $permkey = 'signaturepermissions'; $canuse = 'cansigpic'; $dm = 'Userpic_Sigpic'; break; } if ($work) { $removenow = false; $updatedone = false; $message[$type] = ''; $status[$type] = 'none'; //Check if user using system avatar if ($type == 'Avatar' and $owner['avatarid'] != 0) { //Check for System Avatar (only check with type = avatar) echo 'User using System Avatar, do nothing!<br/>'; } else { //Check for custom image if ($customimg = $vbulletin->db->query_first("\n\t\t\t\t\t\t\t\t\tSELECT filedata, dateline, filename, filesize\n\t\t\t\t\t\t\t\t\tFROM `" . TABLE_PREFIX . $table . "`\n\t\t\t\t\t\t\t\t\tWHERE userid = " . intval($owner['userid']) . "\n\t\t\t\t\t\t\t\t\tORDER BY dateline DESC\n\t\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t\t")) { $extension = trim(substr(strrchr(strtolower($customimg['filename']), '.'), 1)); $tmp_filename = DIR . "/includes/tmp_profile_images_{$customimg['dateline']}.{$extension}"; $tmp_file = fopen($tmp_filename, 'w'); fwrite($tmp_file, $customimg['filedata']); fclose($tmp_file); require_once DIR . '/includes/class_image.php'; $image =& vB_Image::fetch_library($vbulletin); $imginfo = $image->fetch_image_info($tmp_filename); if (!($owner['permissions'][$permkey] & $bits[$canuse])) { //Check if user can use Avatar/SigPic echo "User doesn't have permission to use {$type}<br/>"; $removenow = true; } else { if (!($owner['permissions'][$permkey] & $bits['cananimate' . $fullname]) and $imginfo['scenes'] > 1) { //gif, we will not process this one! remove now echo "GIF image found! Remove now!<br/>"; $removenow = true; } else { if ($owner['permissions'][$fullname . 'maxwidth'] < $imginfo[0] or $owner['permissions'][$fullname . 'maxheight'] < $imginfo[1] or $owner['permissions'][$fullname . 'maxsize'] < $customimg['filesize']) { //Check if current custom image exceed user permission options echo "{$type} need to be updated/removed!<br/>"; if ($newimg = $image->fetch_thumbnail(basename($tmp_filename), $tmp_filename, $owner['permissions'][$fullname . 'maxwidth'], $owner['permissions'][$fullname . 'maxheight'], $vbulletin->options['thumbquality'])) { //Trying to update with smaller size echo 'Updating with smaller size! ' . $owner['permissions'][$fullname . 'maxwidth'] . 'x' . $owner['permissions'][$fullname . 'maxheight'] . '<br/>'; $status[$type] = 'update'; $data =& datamanager_init($dm, $vbulletin, ERRTYPE_STANDARD, 'userpic'); $data->set('userid', $owner['userid']); $data->set('dateline', TIMENOW); $data->set('filename', $customimg['filename']); $data->set('width', $newimg['width']); $data->set('height', $newimg['height']); $data->setr('filedata', $newimg['filedata']); if ($newimg['width'] <= $owner['permissions'][$fullname . 'maxwidth'] and $newimg['height'] <= $owner['permissions'][$fullname . 'maxheight'] and $newimg['filesize'] <= $owner['permissions'][$fullname . 'maxsize'] and $data->save()) { $updatedone = true; } else { $removenow = true; } } else { $removenow = true; } } else { echo "{$type} Size Is Okie, do nothing!<br/>"; } } } //Send PM if ($updatedone) { $message[$type] = construct_phrase($vbphrase['kbank_pm_profile_images_message_update'], $newimg['width'], $newimg['height'], $type); } if ($removenow) { //Just remove record echo 'Just remove!<br/>'; $status[$type] = 'remove'; $vbulletin->db->query_write("\n\t\t\t\t\t\t\t\t\t\t\tDELETE FROM `" . TABLE_PREFIX . $table . "`\n\t\t\t\t\t\t\t\t\t\t\tWHERE userid = " . intval($owner['userid']) . "\n\t\t\t\t\t\t\t\t\t\t"); $message[$type] = construct_phrase($vbphrase['kbank_pm_profile_images_message_remove'], $type); } @unlink($tmp_filename); } else { echo "No Custom {$type} found, do nothing!<br/>"; } } } } if (isset($message['Avatar']) or isset($message['SigPic'])) { //Send PM $from = array('userid' => 1, 'username' => $vbphrase['kbank'], 'permissions' => array('pmsendmax' => 5)); $to =& $owner; $subject = $vbphrase['kbank_pm_profile_images_subject']; $message = construct_phrase($vbphrase['kbank_pm_profile_images_message'], $this->data['name'], vbdate($vbulletin->options['dateformat'] . ' ' . $vbulletin->options['timeformat'], $this->data['expire_time']), implode(', ', $message), $vbulletin->options['bburl'] . '/' . $vbulletin->kbank['phpfile'] . '?do=myitems', $vbulletin->options['bburl'] . '/usercp.php'); $result = kbank_sendPM($from, $to, $subject, $message, false); } } $vbulletin->db->query_write("\n\t\t\t\t\tUPDATE `" . TABLE_PREFIX . "kbank_items`\n\t\t\t\t\tSET status = " . KBANK_ITEM_USED . "\n\t\t\t\t\tWHERE itemid = {$this->data['itemid']}\n\t\t\t\t"); if (count($status) == 2) { //Really? Item with both options for Avatar & SigPic. Nothing's impossible! return "Avatar: {$status['Avatar']}; SigPic: {$status['SigPic']}"; } else { foreach ($status as $tmp) { return $tmp; } } } return parent::doAction($action); }
function logTransfer($from, $to, $amount, $comment_org, $autopm = true, $tax = 0, $postid = 0) { global $vbulletin, $vbphrase; $result = true; if (is_array($comment_org)) { $comment = serialize($comment_org); } else { $comment = $comment_org; } $donation = array('from' => intval($from), 'to' => intval($to), 'amount' => intval($amount), 'tax' => intval($tax), 'time' => TIMENOW, 'comment' => $comment, 'postid' => intval($postid)); $vbulletin->db->query_write(fetch_query_sql($donation, 'kbank_donations')); if ($to > 0 and $autopm and $vbulletin->kbank['PMLimit'] != 0 and abs($amount) > $vbulletin->kbank['PMLimit'] and $userto = $vbulletin->db->query_first("\n\t\t\tSELECT username\n\t\t\tFROM `" . TABLE_PREFIX . "user`\n\t\t\tWHERE userid = {$to}")) { //send PM $from = $vbulletin->userinfo; if (is_array($comment_org)) { $comment = $comment_org['comment']; } $message = construct_phrase($vbphrase['kbank_donate_pm_message'], $amount, $comment, $vbulletin->options['bburl'] . '/' . $vbulletin->kbank['phpfile'] . '?do=history'); $subject = $vbphrase['kbank_donate_pm_subject']; $result = kbank_sendPM($from, $userto, $subject, $message, false); } return $result; }
} else { $found = false; } $changed = false; foreach ($vbulletin->GPC['points'] as $key => $val) { if ($points[$key] != $val) { $points[$key] = $vbulletin->input->do_clean($val, TYPE_UNUM); $changed = true; } } if ($changed) { $datastore_rec = array('title' => 'kbank_salary_options', 'data' => serialize($points), 'unserialize' => 1); if ($found) { $vbulletin->db->query_write(fetch_query_sql($datastore_rec, 'datastore', "WHERE title = 'kbank_salary_options'")); } else { $vbulletin->db->query_write(fetch_query_sql($datastore_rec, 'datastore')); } } } if ($vbulletin->GPC['from'] and $vbulletin->GPC['to']) { $vbulletin->GPC['from'] = vbmktime($vbulletin->GPC['from']['hour'], $vbulletin->GPC['from']['minute'], 0, $vbulletin->GPC['from']['month'], $vbulletin->GPC['from']['day'], $vbulletin->GPC['from']['year']); $vbulletin->GPC['to'] = vbmktime($vbulletin->GPC['to']['hour'], $vbulletin->GPC['to']['minute'], 0, $vbulletin->GPC['to']['month'], $vbulletin->GPC['to']['day'], $vbulletin->GPC['to']['year']); if ($vbulletin->GPC['from'] == $vbulletin->GPC['to']) { print_stop_message('kbank_salary_calc_samelog'); } include_once DIR . '/includes/functions_forumlist.php'; cache_moderators(); $mod_activity = array(); foreach ($imodcache as $forumid => $forummods) { if ($forumid > 0) { foreach ($forummods as $mod) {
/** * Finalizes the cache data by replacing the posthash with the postid after it * has been posted. * * @param integer Postid * @param string Posthash */ public function set_postid($postid, $posthash) { $this->registry->db->query_write(fetch_query_sql(array('postid' => $postid, 'posthash' => ''), 'gb_media', "WHERE posthash = '{$posthash}'")); }
$cron_logs[] = $message; } } else { if ($message !== false) { log_cron_action($message, $nextitem); } } } // ######################################################################## // ######################### START MAIN SCRIPT ############################ // ######################################################################## $vbulletin->db->hide_errors(); //Get statistics $money = getStatistics(true); $log = array('type' => KBANK_LOGTYPE_STAT, 'userid' => 0, 'timeline' => TIMENOW, 'text1' => '', 'int1' => $money['member'], 'detail' => serialize($money)); $vbulletin->db->query_write(fetch_query_sql($log, 'kbank_logs')); // log the cron action kbank_log_cron_action('Cached kBank Information'); //Any KBANK_ITEM_USED_WAITING items? $items = $vbulletin->db->query_read("\n\tSELECT *\n\tFROM `" . TABLE_PREFIX . "kbank_items` AS items\n\tWHERE items.status = " . KBANK_ITEM_USED_WAITING . "\n\t\tAND items.expire_time <= " . TIMENOW . "\n\t\t\tAND items.expire_time > 0\n"); if (!$vbulletin->kbank_itemtypes) { $vbulletin->kbank_itemtypes = updateItemTypeCache(); } if ($vbulletin->db->num_rows($items)) { $itemids = array(); while ($itemdata = $vbulletin->db->fetch_array($items)) { if ($item =& newItem($itemdata['itemid'], $itemdata)) { if ($status = $item->doAction('work_expired')) { $itemids[] = "#{$itemdata['itemid']} ({$status})"; } $item->destroy();
$sell_done[$itemid] = array('itemid' => $itemid, 'name' => $item['name']); } //Stop sell items foreach ($stop_sell_ids as $itemid) { $item_obj =& newItem($itemid); if (!$item_obj) { $errors[$itemid][] = KBANK_ERROR_NO_PERM; continue; } $item = $item_obj->data; if (!havePerm($vbulletin->userinfo, $item) or $item['status'] != KBANK_ITEM_SELLING) { $errors[$itemid][] = KBANK_ERROR_NO_PERM; continue; } $item_new = array('status' => KBANK_ITEM_AVAILABLE); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$item['itemid']}")); $stop_sell_done[$itemid] = array('itemid' => $itemid, 'name' => $item['name']); } //Place bid for items foreach ($bid_ids as $itemid) { if ($vbulletin->GPC['bid'][$itemid] == 0) { if (count($itemids) == 1) { //get here from sell template $errors[$itemid][] = fetch_error('kbank_bid_invalid'); } continue; } $item_obj =& newItem($itemid); if (!$item_obj) { $errors[$itemid][] = KBANK_ERROR_NO_PERM; continue;
if ($vbulletin->GPC['orig']['product'] != $vbulletin->GPC['help']['product']) { // haven't changed the text, but we changed the product, // so we need to reflect that $q[] = "\n\t\t\t\tUPDATE " . TABLE_PREFIX . "phrase SET\n\t\t\t\t\tproduct = '" . $db->escape_string($vbulletin->GPC['help']['product']) . "',\n\t\t\t\t\tusername = '******'username']) . "',\n\t\t\t\t\tdateline = " . TIMENOW . ",\n\t\t\t\t\tversion = '" . $db->escape_string($product_version) . "'\n\t\t\t\tWHERE fieldname = 'cphelptext'\n\t\t\t\t\tAND varname = '{$newphrasename}_text'\n\t\t\t"; } } } else { $sql = "\n\t\tSELECT * FROM " . TABLE_PREFIX . "adminhelp\n\t\tWHERE script = '" . $db->escape_string($vbulletin->GPC['help']['script']) . "'\n\t\t\tAND action = '" . $db->escape_string($vbulletin->GPC['help']['action']) . "'\n\t\t\tAND optionname = '" . $db->escape_string($vbulletin->GPC['help']['optionname']) . "'"; if ($check = $db->query_first($sql)) { // error message, this already exists // why phrase when its only available in debug mode and its meant for us? print_cp_message('This help item already exists.'); } unset($sql); // insert help item $q[] = fetch_query_sql($vbulletin->GPC['help'], 'adminhelp'); // insert new phrases $q[] = "\n\t\t\t### INSERT NEW HELP PHRASES ###\n\t\t\tINSERT INTO " . TABLE_PREFIX . "phrase\n\t\t\t\t(languageid, fieldname, varname, text, product, username, dateline, version)\n\t\t\tVALUES\n\t\t\t\t(\n\t\t\t\t\t{$languageid},\n\t\t\t\t\t'cphelptext',\n\t\t\t\t\t'{$newphrasename}" . "_title',\n\t\t\t\t\t'" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\t\t\t'" . $db->escape_string($vbulletin->GPC['help']['product']) . "',\n\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t'" . $db->escape_string($product_version) . "'\n\t\t\t\t),\n\t\t\t\t(\n\t\t\t\t\t{$languageid},\n\t\t\t\t\t'cphelptext',\n\t\t\t\t\t'{$newphrasename}" . "_text',\n\t\t\t\t\t'" . $db->escape_string($vbulletin->GPC['text']) . "',\n\t\t\t\t\t'" . $db->escape_string($vbulletin->GPC['help']['product']) . "',\n\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t'" . $db->escape_string($product_version) . "'\n\t\t\t\t)\n\t\t"; } foreach ($q as $sql) { //echo "<pre>" . htmlspecialchars($sql) . "</pre>"; /*insert query*/ $db->query_write($sql); //echo $db->affected_rows(); } define('CP_REDIRECT', 'help.php?do=manage&script=' . $vbulletin->GPC['help']['script']); print_stop_message('saved_topic_x_successfully', $title); } // ############################### start confirmation for deleting a help topic ############## if ($_REQUEST['do'] == 'delete') { $vbulletin->input->clean_array_gpc('r', array('adminhelpid' => TYPE_INT));
/** * Logs the moderation actions that are being performed on the blog * * @param array Array of information indicating on what data the action was performed * @param integer This value corresponds to the action that was being performed * @param string Other moderator parameters */ function blog_moderator_action(&$loginfo, $logtype, $action = '') { global $vbulletin; $modlogsql = array(); if ($result = fetch_modlogtypes($logtype)) { $logtype =& $result; } ($hook = vBulletinHook::fetch_hook('log_moderator_action')) ? eval($hook) : false; if (is_array($loginfo[0])) { foreach ($loginfo AS $index => $log) { if (is_array($action)) { $action = serialize($action); } else if ($log['username'] OR $log['title']) { $action = serialize(array($log['title'], $log['username'])); } $log['id1'] = $log['blog_userid'] ? $log['blog_userid'] : $log['id1']; $log['id2'] = $log['blogid'] ? $log['blogid'] : $log['id2']; $log['id3'] = $log['blogtextid'] ? $log['blogtextid'] : $log['id3']; $log['id4'] = $log['attachmentid'] ? $log['attachmentid'] : $log['id4']; $log['id5'] = $log['blogtracbackid'] ? $log['blogtrackbackid'] : $log['id5']; $modlogsql[] = "(" . intval($logtype) . ", " . intval($log['userid']) . ", " . TIMENOW . ", " . intval($log['id1']) . ", " . intval($log['id2']) . ", " . intval($log['id3']) . ", " . intval($log['id4']) . ", " . intval($log['id5']) . ", '" . $vbulletin->db->escape_string($action) . "', '" . $vbulletin->db->escape_string(IPADDRESS) . "', 'vbblog')"; } $vbulletin->db->query_write("INSERT INTO " . TABLE_PREFIX . "moderatorlog (type, userid, dateline, id1, id2, id3, id4, id5, action, ipaddress, product) VALUES " . implode(', ', $modlogsql)); } else { $moderatorlog['userid'] =& $vbulletin->userinfo['userid']; $moderatorlog['dateline'] = TIMENOW; $moderatorlog['type'] = intval($logtype); $moderatorlog['id1'] = $loginfo['blog_userid'] ? $loginfo['blog_userid'] : ($loginfo['userid'] ? intval($loginfo['userid']) : intval($loginfo['id1'])); $moderatorlog['id2'] = $loginfo['blogid'] ? intval($loginfo['blogid']) : intval($loginfo['id2']); $moderatorlog['id3'] = $loginfo['blogtextid'] ? intval($loginfo['blogtextid']) : intval($loginfo['id3']); $moderatorlog['id4'] = $loginfo['attachmentid'] ? intval($loginfo['attachmentid']) : intval($loginfo['id4']); $moderatorlog['id5'] = $loginfo['blogtrackbackid'] ? intval($loginfo['blogtrackbackid']) : intval($loginfo['id5']); $moderatorlog['product'] = 'vbblog'; $moderatorlog['ipaddress'] = IPADDRESS; if (is_array($action)) { $action = serialize($action); } $moderatorlog['action'] = $action; /*insert query*/ $vbulletin->db->query_write(fetch_query_sql($moderatorlog, 'moderatorlog')); } }
/** * Removes user subscription * * @param int The id of the subscription * @param int The userid the subscription is to be removed from * @param int The id of the sub-subscriptionid * @param bool Update user.adminoptions from subscription.adminoption (keep avatars) * */ function delete_user_subscription($subscriptionid, $userid, $subid = -1, $adminoption = false) { $subscriptionid = intval($subscriptionid); $userid = intval($userid); $this->cache_user_subscriptions(); $sub =& $this->subscriptioncache["{$subscriptionid}"]; $user = $this->registry->db->query_first("\n\t\t\tSELECT user.*, subscriptionlog.pusergroupid, subscriptionlog.expirydate,\n\t\t\tIF (user.displaygroupid=0, user.usergroupid, user.displaygroupid) AS displaygroupid,\n\t\t\tIF (usergroup.genericoptions & " . $this->registry->bf_ugp_genericoptions['isnotbannedgroup'] . ", 0, 1) AS isbanned,\n\t\t\tuserban.usergroupid AS busergroupid, userban.displaygroupid AS bandisplaygroupid\n\t\t\t" . (($this->registry->options['avatarenabled'] and $adminoption) ? ",IF(avatar.avatarid = 0 AND NOT ISNULL(customavatar.userid), 1, 0) AS hascustomavatar" : "") . "\n\t\t\t" . ($adminoption ? ",NOT ISNULL(customprofilepic.userid) AS hasprofilepic" : "") . "\n\t\t\tFROM " . TABLE_PREFIX . "subscriptionlog AS subscriptionlog\n\t\t\tINNER JOIN " . TABLE_PREFIX . "user AS user USING (userid)\n\t\t\tINNER JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "userban AS userban ON (userban.userid = user.userid)\n\t\t\t" . (($this->registry->options['avatarenabled'] and $adminoption) ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t" . ($adminoption ? "LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)" : "") . "\n\t\t\tWHERE subscriptionlog.userid = {$userid} AND\n\t\t\t\tsubscriptionlog.subscriptionid = {$subscriptionid}\n\t\t"); if ($user['userid'] and $sub['subscriptionid']) { $this->cache_user_subscriptions(); $sub =& $this->subscriptioncache["{$subscriptionid}"]; $tmp = unserialize($sub['cost']); if ($subid != -1 and is_array($tmp["{$subid}"])) { $sub = array_merge($sub, $tmp["{$subid}"]); $units_full = array('D' => 'day', 'W' => 'week', 'M' => 'month', 'Y' => 'year'); switch ($sub['units']) { case 'D': $new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']) - $sub['length'], date('Y', $user['expirydate'])); break; case 'W': $new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']) - $sub['length'] * 7, date('Y', $user['expirydate'])); break; case 'M': $new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']) - $sub['length'], date('j', $user['expirydate']), date('Y', $user['expirydate'])); break; case 'Y': $new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']), date('Y', $user['expirydate']) - $sub['length']); break; } if ($new_expires > TIMENOW) { // new expiration is still after today so just decremement and return $this->registry->db->query_write("\n\t\t\t\t\t\tUPDATE " . TABLE_PREFIX . "subscriptionlog\n\t\t\t\t\t\tSET expirydate = {$new_expires}\n\t\t\t\t\t\tWHERE subscriptionid = {$subscriptionid}\n\t\t\t\t\t\t\tAND userid = {$userid}\n\t\t\t\t\t"); return; } } unset($tmp); $userdm =& datamanager_init('User', $this->registry, ERRTYPE_SILENT); $userdm->set_existing($user); if ($adminoption) { if ($user['hascustomavatar'] and $sub['adminavatar']) { $userdm->set_bitfield('adminoptions', 'adminavatar', 1); } if ($user['hasprofilepic'] and $sub['adminprofilepic']) { $userdm->set_bitfield('adminoptions', 'adminprofilepic', 1); } } //access masks if (!empty($sub['forums']) and @unserialize($sub['forums']) !== NULL) { $this->registry->db->query_write("\n\t\t\t\t\tDELETE FROM " . TABLE_PREFIX . "access\n\t\t\t\t\tWHERE forumid IN ({$sub['forums']}) AND\n\t\t\t\t\t\tuserid = {$userid}\n\t\t\t\t"); } $countaccess = $this->registry->db->query_first("\n\t\t\t\tSELECT COUNT(*) AS masks\n\t\t\t\tFROM " . TABLE_PREFIX . "access\n\t\t\t\tWHERE userid = {$userid}\n\t\t\t"); $membergroupids = array_diff(fetch_membergroupids_array($user, false), fetch_membergroupids_array($sub, false)); $update_userban = false; if ($sub['nusergroupid'] == $user['usergroupid'] and $user['usergroupid'] != $user['pusergroupid']) { // check if there are other active subscriptions that set the same primary usergroup foreach ($this->subscriptioncache as $subcheck) { if ($subcheck['nusergroupid'] == $user['usergroupid'] and $subcheck['subscriptionid'] != $subscriptionid) { $subids .= ",{$subcheck['subscriptionid']}"; } } if (!empty($subids)) { $activesub = $this->registry->db->query_first("\n\t\t\t\t\t\tSELECT * FROM " . TABLE_PREFIX . "subscriptionlog\n\t\t\t\t\t\tWHERE userid = {$userid}\n\t\t\t\t\t\t\tAND subscriptionid IN (0{$subids})\n\t\t\t\t\t\t\tAND status = 1\n\t\t\t\t\t\tORDER BY expirydate DESC\n\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t"); } if ($activesub) { // there is at least one active subscription with the same primary usergroup, so alter its resetgroup $this->registry->db->query_write("UPDATE " . TABLE_PREFIX . "subscriptionlog SET pusergroupid = {$user['pusergroupid']} WHERE subscriptionlogid = {$activesub['subscriptionlogid']}"); // don't touch usertitle/displaygroup $user['pusergroupid'] = $user['usergroupid']; $sub['nusergroupid'] = 0; } else { $userdm->set('usergroupid', $user['pusergroupid']); } } else { if ($user['isbanned'] and $user['busergroupid'] == $sub['nusergroupid']) { $update_userban = true; $userbansql['usergroupid'] = $user['pusergroupid']; } } $groups = iif(!empty($sub['membergroupids']), $sub['membergroupids'] . ',') . $sub['nusergroupid']; if (in_array($user['displaygroupid'], explode(',', $groups))) { // they're displaying as one of the usergroups in the subscription $user['displaygroupid'] = 0; } else { if ($user['isbanned'] and in_array($user['bandisplaygroupid'], explode(',', $groups))) { $update_userban = true; $userbansql['displaygroupid'] = 0; } } // do their old groups still allow custom titles? $reset_title = false; if ($user['customtitle'] == 2) { $groups = (empty($membergroupids) ? '' : implode($membergroupids, ',') . ',') . $user['pusergroupid']; $usergroup = $this->registry->db->query_first_slave("\n\t\t\t\t\tSELECT usergroupid\n\t\t\t\t\tFROM " . TABLE_PREFIX . "usergroup\n\t\t\t\t\tWHERE (genericpermissions & " . $this->registry->bf_ugp_genericpermissions['canusecustomtitle'] . ")\n\t\t\t\t\t\tAND usergroupid IN ({$groups})\n\t\t\t\t"); if (empty($usergroup['usergroupid'])) { // no custom group any more lets set it back to the default $reset_title = true; } } if ($sub['nusergroupid'] > 0 and $user['customtitle'] == 0 or $reset_title) { // they need a default title $usergroup = $this->registry->db->query_first_slave("\n\t\t\t\t\tSELECT usertitle\n\t\t\t\t\tFROM " . TABLE_PREFIX . "usergroup\n\t\t\t\t\tWHERE usergroupid = {$user['pusergroupid']}\n\t\t\t\t"); if (empty($usergroup['usertitle'])) { // should be a title based on minposts it seems then $usergroup = $this->registry->db->query_first_slave("\n\t\t\t\t\t\tSELECT title AS usertitle\n\t\t\t\t\t\tFROM " . TABLE_PREFIX . "usertitle\n\t\t\t\t\t\tWHERE minposts <= {$user['posts']}\n\t\t\t\t\t\tORDER BY minposts DESC\n\t\t\t\t\t"); } if ($user['isbanned']) { $update_userban = true; $userbansql['customtitle'] = 0; $userbansql['usertitle'] = $usergroup['usertitle']; } else { $userdm->set('customtitle', 0); $userdm->set('usertitle', $usergroup['usertitle']); } } $userdm->set('membergroupids', implode($membergroupids, ',')); $userdm->set_bitfield('options', 'hasaccessmask', $countaccess['masks'] ? true : false); $userdm->set('displaygroupid', $user['displaygroupid']); $userdm->save(); unset($userdm); $this->registry->db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "subscriptionlog\n\t\t\t\tSET status = 0\n\t\t\t\tWHERE subscriptionid = {$subscriptionid} AND\n\t\t\t\tuserid = {$userid}\n\t\t\t"); if ($update_userban) { $this->registry->db->query_write(fetch_query_sql($userbansql, 'userban', "WHERE userid = {$user['userid']}")); } $mysubs = $this->registry->db->query_read("SELECT * FROM " . TABLE_PREFIX . "subscriptionlog WHERE status = 1 AND userid = {$userid}"); while ($mysub = $this->registry->db->fetch_array($mysubs)) { $this->build_user_subscription($mysub['subscriptionid'], -1, $userid, $mysub['regdate'], $mysub['expirydate']); } ($hook = vBulletinHook::fetch_hook('paidsub_delete')) ? eval($hook) : false; } }
function doAction($action) { global $kbank, $vbulletin, $bbuserinfo, $vbphrase, $KBANK_HOOK_NAME; $vbulletin->kbank['errors'][$this->data['itemid']] = array(); //Reset errors if ($action == 'enable') { $item = $this->data; $username_max = $this->itemtypedata['options']['username_max']; $username_colors_options = $this->buildOptions($item['options']['username_color']); $username_strong = $this->itemtypedata['options']['username_strong']; $usertitle_max = $this->itemtypedata['options']['usertitle_max']; $usertitle_colors_options = $this->buildOptions($item['options']['usertitle_color'], 'usertitle_colors', 'usertitle_color'); if ($this->bypassEnableForm() or !$this->canEdit()) { $action = 'do_enable'; } else { eval('$tmp = "' . fetch_template('kbank_template_customize_userinfo_enable') . '";'); eval(standard_error($tmp)); } } if ($action == 'do_enable') { if ($this->ready2Enable()) { if (!$this->bypassEnableForm() and $this->canEdit()) { $vbulletin->input->clean_array_gpc('p', array('itemid' => TYPE_UINT, 'username' => TYPE_NOHTML, 'username_color' => TYPE_NOHTML, 'username_strong' => TYPE_UINT, 'usertitle' => TYPE_NOTHML, 'usertitle_color' => TYPE_NOHTML, 'confirm' => TYPE_STR)); if (strlen($vbulletin->GPC['username']) > $this->itemtypedata['options']['username_max']) { $vbulletin->GPC['username'] = substr($vbulletin->GPC['username'], 0, $this->itemtypedata['options']['username_max']); } if (strlen($vbulletin->GPC['username']) > 0) { //Check for illegal username $usernames = explode(',', $vbulletin->options['illegalusernames']); $illegal_found = array(); foreach ($usernames as $username) { $username = trim($username); if ($username and strpos(strtolower($vbulletin->GPC['username']), strtolower($username)) !== false) { $illegal_found[] = trim($username); } } if (count($illegal_found) > 0) { //Found something illegal.... eval(standard_error(construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_username_illegal'], $vbulletin->GPC['username'], implode(', ', $illegal_found)))); } //Check for duplicate username //Real usernames if ($old_found = $vbulletin->db->query_first("\n\t\t\t\t\t\t\t\tSELECT userid, username\n\t\t\t\t\t\t\t\tFROM `" . TABLE_PREFIX . "user`\n\t\t\t\t\t\t\t\tWHERE LOWER(username) = '" . $vbulletin->db->escape_string(strtolower($vbulletin->GPC['username'])) . "'\n\t\t\t\t\t\t\t")) { eval(standard_error(construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_username_duplicate_realusername'], $vbulletin->GPC['username'], getUsername($old_found['userid'])))); } //Our usernames $old_found = false; $old_userid = 0; $old_items = $vbulletin->db->query_read("\n\t\t\t\t\t\t\t\tSELECT \n\t\t\t\t\t\t\t\t\titems.itemid as itemid,\n\t\t\t\t\t\t\t\t\titems.userid as userid,\n\t\t\t\t\t\t\t\t\titems.options as options\n\t\t\t\t\t\t\t\tFROM `" . TABLE_PREFIX . "kbank_items` as items\n\t\t\t\t\t\t\t\tINNER JOIN `" . TABLE_PREFIX . "kbank_itemtypes` as itemtypes ON (itemtypes.itemtypeid = items.type)\n\t\t\t\t\t\t\t\tWHERE itemtypes.filename = 'customize_userinfo.kbank.php'\n\t\t\t\t\t\t\t\t\tAND items.status > " . KBANK_ITEM_AVAILABLE . "\n\t\t\t\t\t\t\t\t\tAND (items.expire_time > " . TIMENOW . "\n\t\t\t\t\t\t\t\t\t\tOR items.expire_time < 0)\n\t\t\t\t\t\t\t\t\tAND items.itemid <> {$this->data['itemid']}\n\t\t\t\t\t\t\t"); while ($old_item = $vbulletin->db->fetch_array($old_items)) { $old_item['options'] = unserialize($old_item['options']); if (strtolower($old_item['options']['username']) == strtolower($vbulletin->GPC['username']) and $old_item['userid'] != $vbulletin->userinfo['userid']) { $old_found = true; $old_userid = $old_item['userid']; break; } } unset($old_item); $vbulletin->db->free_result($old_items); if ($old_found) { eval(standard_error(construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_username_duplicate'], $vbulletin->GPC['username'], getUsername($old_userid)))); } } $username_colors = explode(',', $this->itemtypedata['options']['username_colors']); if (!count($username_colors) || !in_array($vbulletin->GPC['username_color'], $username_colors)) { $vbulletin->GPC['username_color'] = 0; } if (!$this->itemtypedata['options']['username_strong']) { $vbulletin->GPC['username_strong'] = 0; } if (strlen($vbulletin->GPC['usertitle']) > $this->itemtypedata['options']['usertitle_max']) { $vbulletin->GPC['usertitle'] = substr($vbulletin->GPC['usertitle'], 0, $this->itemtypedata['options']['usertitle_max']); } if (strlen($vbulletin->GPC['usertitle']) > 0) { //Check for illegal usertitle $usertitles = explode(' ', $vbulletin->options['ctCensorWords']); $illegal_found = array(); foreach ($usertitles as $usertitle) { $usertitle = trim($usertitle); if ($usertitle and strpos(strtolower($vbulletin->GPC['usertitle']), strtolower($usertitle)) !== false) { $illegal_found[] = trim($usertitle); } } if (count($illegal_found) > 0) { //Found something illegal.... eval(standard_error(construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_usertitle_illegal'], $vbulletin->GPC['usertitle'], implode(', ', $illegal_found)))); } } $usertitle_colors = explode(',', $this->itemtypedata['options']['usertitle_colors']); if (!count($usertitle_colors) || !in_array($vbulletin->GPC['usertitle_color'], $usertitle_colors)) { $vbulletin->GPC['usertitle_color'] = 0; } $this->data['options']['username'] = $vbulletin->GPC['username']; if ($vbulletin->GPC['username']) { //cache original username $this->data['options']['username_original'] = $vbulletin->userinfo['username']; } $this->data['options']['username_color'] = $vbulletin->GPC['username_color']; $this->data['options']['username_strong'] = $vbulletin->GPC['username_strong']; $this->data['options']['usertitle'] = $vbulletin->GPC['usertitle']; $this->data['options']['usertitle_color'] = $vbulletin->GPC['usertitle_color']; $this->data['options']['enabled'] = 1; $this->data['options']['edit_time']++; $confirmstr = md5($this->data['itemid'] . $vbulletin->userinfo['userid']); if ($this->itemtypedata['options']['edit_time'] != 0 and $this->data['options']['edit_time'] >= $this->itemtypedata['options']['edit_time'] and $vbulletin->GPC['confirm'] != $confirmstr) { //This is the last time member can edit options ~> Display confirmation, skip $item =& $this->data; $userinfo_bak = $vbulletin->userinfo; $newusername = $newusertitle = ''; $this->work($userinfo_bak); if ($this->data['options']['username'] or $this->data['options']['username_color'] or $this->data['options']['username_strong']) { $newusername = construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_username'], $userinfo_bak['musername']); } if ($this->data['options']['usertitle'] or $this->data['options']['usertitle_color']) { $newusertitle = construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_usertitle'], $userinfo_bak['usertitle']); } eval('$tmp = "' . fetch_template('kbank_template_customize_userinfo_confirm') . '";'); eval(standard_error($tmp)); } } $this->data['expire_time'] = iif(!$this->data['options']['enabled'], iif($this->data['options']['duration'] > 0, TIMENOW + $this->data['options']['duration'] * 24 * 60 * 60, -1), $this->data['expire_time']); //Optimizing.... $options = array(); foreach ($this->data['options'] as $key => $val) { if ($val) { $options[$key] = $val; } } $item_new = array('status' => KBANK_ITEM_ENABLED, 'expire_time' => $this->data['expire_time'], 'options' => serialize($options)); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); if ($this->itemtypedata['options']['username_max'] > 0) { //only store cache if this item allow customizing username updateCustomizedUsernameCache(); } } } if ($action == 'disable') { if ($this->ready2Disable()) { $item_new = array('status' => KBANK_ITEM_AVAILABLE); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); if ($this->itemtypedata['options']['username_max'] > 0) { //only store cache if this item allow customizing username updateCustomizedUsernameCache(); } } } if ($action == 'work' and !$this->skip) { //Check for running hook switch ($KBANK_HOOK_NAME) { case KBANK_GLOBAL_START: if ($this->itemtypedata['options']['reveal_invi']) { //Invisible Revealing if (!($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehidden'])) { global $permissions; $permissions['genericpermissions'] = $vbulletin->userinfo['permissions']['genericpermissions'] ^= $vbulletin->bf_ugp_genericpermissions['canseehidden']; } } if ($vbulletin->userinfo['userid'] == $this->data['userid']) { global $customize_userinfo_users; //Real username Revealing if ($this->itemtypedata['options']['reveal_username']) { $customize_userinfo_users['disable_username'] = true; } //Real usertitle Revealing if ($this->itemtypedata['options']['reveal_usertitle']) { $customize_userinfo_users['disable_usertitle'] = true; } } if ($this->bypassEnableForm()) { $this->skip = true; } break; case KBANK_FETCH_MUSERNAME: global $kbank_userinfo_tmp; $this->work($kbank_userinfo_tmp); break; } } return parent::doAction($action); }
$pfcs_result = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "profilefieldcategory"); while ($pfc = $db->fetch_array($pfcs_result)) { $pfcs[] = $pfc['profilefieldcategoryid']; } if (!in_array($vbulletin->GPC['profilefield']['profilefieldcategoryid'], $pfcs)) { $vbulletin->GPC['profilefield']['profilefieldcategoryid'] = 0; } if (empty($vbulletin->GPC['profilefieldid'])) { // insert /*insert query*/ $db->query_write(fetch_query_sql($vbulletin->GPC['profilefield'], 'profilefield')); $vbulletin->GPC['profilefieldid'] = $db->insert_id(); $db->query_write("ALTER TABLE " . TABLE_PREFIX . "userfield ADD field{$vbulletin->GPC['profilefieldid']} MEDIUMTEXT NOT NULL"); $db->query_write("OPTIMIZE TABLE " . TABLE_PREFIX . "userfield"); } else { $db->query_write(fetch_query_sql($vbulletin->GPC['profilefield'], 'profilefield', "WHERE profilefieldid=" . $vbulletin->GPC['profilefieldid'])); } $db->query_write("\n\t\tREPLACE INTO " . TABLE_PREFIX . "phrase\n\t\t\t(languageid, fieldname, varname, text, product, username, dateline, version)\n\t\tVALUES\n\t\t\t(\n\t\t\t\t0,\n\t\t\t\t'cprofilefield',\n\t\t\t\t'field" . $db->escape_string($vbulletin->GPC['profilefieldid']) . "_title',\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\t\t'vbulletin',\n\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t" . TIMENOW . ",\n\t\t\t\t'" . $db->escape_string($vbulletin->options['templateversion']) . "'\n\t\t\t),\n\t\t\t(\n\t\t\t\t0,\n\t\t\t\t'cprofilefield',\n\t\t\t\t'field" . $db->escape_string($vbulletin->GPC['profilefieldid']) . "_desc',\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['description']) . "',\n\t\t\t\t'vbulletin',\n\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t" . TIMENOW . ",\n\t\t\t\t'" . $db->escape_string($vbulletin->options['templateversion']) . "'\n\t\t\t)\n\t"); require_once DIR . '/includes/adminfunctions_language.php'; build_language(); build_profilefield_cache(); if ($vbulletin->GPC['modifyfields']) { define('CP_REDIRECT', "profilefield.php?do=modifycheckbox&profilefieldid=" . $vbulletin->GPC['profilefieldid']); } else { define('CP_REDIRECT', 'profilefield.php?do=modify'); } print_stop_message('saved_x_successfully', htmlspecialchars_uni($vbulletin->GPC['title'])); } // ###################### Start add ####################### if ($_REQUEST['do'] == 'add' or $_REQUEST['do'] == 'edit') { $vbulletin->input->clean_array_gpc('r', array('type' => TYPE_STR));
/** * Installs a product from the xml text * * This function depends on the vb class loader, which requires that the * framework init is called. * * @return bool True if the product requires a template merge, false otherwise */ function install_product($xml, $allow_overwrite) { global $vbphrase; global $vbulletin; global $db; require_once(DIR . '/includes/class_bitfield_builder.php'); require_once(DIR . '/includes/class_xml.php'); require_once(DIR . '/includes/class_block.php'); //share some code with the main xml style import require_once(DIR . '/includes/adminfunctions_template.php'); print_dots_start('<b>' . $vbphrase['importing_product'] . "</b>, $vbphrase[please_wait]", ':', 'dspan'); $xmlobj = new vB_XML_Parser($xml); if ($xmlobj->error_no == 1) { print_dots_stop(); throw new vB_Exception_AdminStopMessage('no_xml_and_no_path'); } if(!$arr = $xmlobj->parse()) { print_dots_stop(); throw new vB_Exception_AdminStopMessage( array('xml_error_x_at_line_y', $xmlobj->error_string(), $xmlobj->error_line())); } // ############## general product information $info = array( 'productid' => substr(preg_replace('#[^a-z0-9_]#', '', strtolower($arr['productid'])), 0, 25), 'title' => $arr['title'], 'description' => $arr['description'], 'version' => $arr['version'], 'active' => $arr['active'], 'url' => $arr['url'], 'versioncheckurl' => $arr['versioncheckurl'] ); if (!$info['productid']) { print_dots_stop(); if (!empty($arr['plugin'])) { throw new vB_Exception_AdminStopMessage('this_file_appears_to_be_a_plugin'); } else { throw new vB_Exception_AdminStopMessage('invalid_file_specified'); } } if (strtolower($info['productid']) == 'vbulletin') { print_dots_stop(); throw new vB_Exception_AdminStopMessage(array('product_x_installed_no_overwrite', 'vBulletin')); } // check for bitfield conflicts on install $bitfields = vB_Bitfield_Builder::return_data(); if (!$bitfields) { $bfobj =& vB_Bitfield_Builder::init(); if ($bfobj->errors) { print_dots_stop(); throw new vB_Exception_AdminStopMessage(array( 'bitfield_conflicts_x', '<li>' . implode('</li><li>', $bfobj->errors) . '</li>' )); } } // get system version info $system_versions = array( 'php' => PHP_VERSION, 'vbulletin' => $vbulletin->options['templateversion'], 'products' => fetch_product_list(true) ); $mysql_version = $db->query_first("SELECT VERSION() AS version"); $system_versions['mysql'] = $mysql_version['version']; // ############## import dependencies if (is_array($arr['dependencies']['dependency'])) { $dependencies =& $arr['dependencies']['dependency']; if (!isset($dependencies[0])) { $dependencies = array($dependencies); } $dependency_errors = array(); $ignore_dependency_errors = array(); // let's check the dependencies foreach ($dependencies AS $dependency) { // if we get an error, we haven't met this dependency // if we go through without a problem, we have automatically met // all dependencies for this "class" (mysql, php, vb, a specific product, etc) $this_dependency_met = true; // build a phrase for the version compats -- will look like (minver / maxver) if ($dependency['minversion']) { $compatible_phrase = construct_phrase( $vbphrase['compatible_starting_with_x'], htmlspecialchars_uni($dependency['minversion']) ); } else { $compatible_phrase = ''; } if ($dependency['maxversion']) { $incompatible_phrase = construct_phrase( $vbphrase['incompatible_with_x_and_greater'], htmlspecialchars_uni($dependency['maxversion']) ); } else { $incompatible_phrase = ''; } if ($compatible_phrase OR $incompatible_phrase) { $required_version_info = "($compatible_phrase"; if ($compatible_phrase AND $incompatible_phrase) { $required_version_info .= ' / '; } $required_version_info .= "$incompatible_phrase)"; } // grab the appropriate installed version string if ($dependency['dependencytype'] == 'product') { // group dependencies into types -- individual products get their own group $dependency_type_key = "product-$dependency[parentproductid]"; // undocumented feature -- you can put a producttitle attribute in a dependency so the id isn't displayed $parent_product_title = (!empty($dependency['producttitle']) ? $dependency['producttitle'] : $dependency['parentproductid']); $parent_product = $system_versions['products']["$dependency[parentproductid]"]; if (!$parent_product) { // required product is not installed $dependency_errors["$dependency_type_key"] = construct_phrase( $vbphrase['product_x_must_be_installed'], htmlspecialchars_uni($parent_product_title), $required_version_info ); continue; // can't do version checks if the product isn't installed } else if ($parent_product['active'] == 0) { // product is installed, but inactive $dependency_errors["{$dependency_type_key}-inactive"] = construct_phrase( $vbphrase['product_x_must_be_activated'], htmlspecialchars_uni($parent_product_title) ); $this_dependency_met = false; // allow version checks to continue } $sys_version_str = $parent_product['version']; $version_incompatible_phrase = 'product_incompatible_version_x_product_y'; } else { $dependency_type_key = $dependency['dependencytype']; $parent_product_title = ''; $sys_version_str = $system_versions["$dependency[dependencytype]"]; $version_incompatible_phrase = 'product_incompatible_version_x_' . $dependency['dependencytype']; } // if no version string, we are trying to do an unsupported dep check if ($sys_version_str == '') { continue; } $sys_version = fetch_version_array($sys_version_str); // error if installed version < minversion if ($dependency['minversion']) { $dep_version = fetch_version_array($dependency['minversion']); for ($i = 0; $i <= 5; $i++) { if ($sys_version["$i"] < $dep_version["$i"]) { // installed version is too old $dependency_errors["$dependency_type_key"] = construct_phrase( $vbphrase["$version_incompatible_phrase"], htmlspecialchars_uni($sys_version_str), $required_version_info, $parent_product_title ); $this_dependency_met = false; break; } else if ($sys_version["$i"] > $dep_version["$i"]) { break; } } } // error if installed version >= maxversion if ($dependency['maxversion']) { $dep_version = fetch_version_array($dependency['maxversion']); $all_equal = true; for ($i = 0; $i <= 5; $i++) { if ($sys_version["$i"] > $dep_version["$i"]) { // installed version is newer than the maxversion $dependency_errors["$dependency_type_key"] = construct_phrase( $vbphrase["$version_incompatible_phrase"], htmlspecialchars_uni($sys_version_str), $required_version_info, $parent_product_title ); $this_dependency_met = false; break; } else if ($sys_version["$i"] < $dep_version["$i"]) { // not every part is the same and since we've got less we can exit $all_equal = false; break; } else if ($sys_version["$i"] != $dep_version["$i"]) { // not every part is the same $all_equal = false; } } if ($all_equal == true) { // installed version is same as the max version, which is the first incompat version $dependency_errors["$dependency_type_key"] = construct_phrase( $vbphrase["$version_incompatible_phrase"], htmlspecialchars_uni($sys_version_str), $required_version_info, $parent_product_title ); $this_dependency_met = false; } } if ($this_dependency_met) { // we met 1 dependency for this type -- this emulates or'ing together groups $ignore_dependency_errors["$dependency_type_key"] = true; } } // for any group we met a dependency for, ignore any errors we might // have gotten for the group foreach ($ignore_dependency_errors AS $dependency_type_key => $devnull) { unset($dependency_errors["$dependency_type_key"]); } if ($dependency_errors) { $dependency_errors = array_unique($dependency_errors); $dependency_errors = '<ol><li>' . implode('</li><li>', $dependency_errors) . '</li></ol>'; print_dots_stop(); throw new vB_Exception_AdminStopMessage( array('dependencies_not_met_x', $dependency_errors)); } } // look to see if we already have this product installed if ($existingprod = $db->query_first(" SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = '" . $db->escape_string($info['productid']) . "'" )) { if (!$allow_overwrite) { print_dots_stop(); throw new vB_Exception_AdminStopMessage( array('product_x_installed_no_overwrite', $info['title'])); } $active = $existingprod['active']; // not sure what we're deleting, so rebuild everything $rebuild = array( 'templates' => true, 'plugins' => true, 'phrases' => true, 'options' => true, 'cron' => true ); $installed_version = $existingprod['version']; } else { $active = ($info['active'] ? 1 : 0); $rebuild = array( 'templates' => false, 'plugins' => false, 'phrases' => false, 'options' => false, 'cron' => false ); $installed_version = null; } // ############## import install/uninstall code if (is_array($arr['codes']['code'])) { $codes =& $arr['codes']['code']; if (!isset($codes[0])) { $codes = array($codes); } // run each of the codes foreach ($codes AS $code) { // Run if: code version is * (meaning always run), no version // previously installed, or if the code is for a newer version // than is currently installed if ($code['version'] == '*' OR $installed_version === null OR is_newer_version($code['version'], $installed_version)) { eval($code['installcode']); } } // Clear routes from datastore build_datastore('routes', serialize(array()), 1); //assume that the product may have installed content types and purge the content type cache vB_Cache::instance()->purge('vb_types.types'); } // dependencies checked, install code run. Now clear out the old product info; // settings should be retained in memory already delete_product($info['productid'], false, true); if (is_array($codes)) { // we've now run all the codes, if execution is still going // then it's going to complete fully, so insert the codes foreach ($codes AS $code) { /* insert query */ $db->query_write(" INSERT INTO " . TABLE_PREFIX . "productcode (productid, version, installcode, uninstallcode) VALUES ('" . $db->escape_string($info['productid']) . "', '" . $db->escape_string($code['version']) . "', '" . $db->escape_string($code['installcode']) . "', '" . $db->escape_string($code['uninstallcode']) . "') "); } } if (is_array($dependencies)) { // dependencies met, codes run -- now we can insert the dependencies into the DB foreach ($dependencies AS $dependency) { /* insert query */ $db->query_write(" INSERT INTO " . TABLE_PREFIX . "productdependency (productid, dependencytype, parentproductid, minversion, maxversion) VALUES ('" . $db->escape_string($info['productid']) . "', '" . $db->escape_string($dependency['dependencytype']) . "', '" . $db->escape_string($dependency['parentproductid']) . "', '" . $db->escape_string($dependency['minversion']) . "', '" . $db->escape_string($dependency['maxversion']) . "') "); } } /* insert query */ $db->query_write(" INSERT INTO " . TABLE_PREFIX . "product (productid, title, description, version, active, url, versioncheckurl) VALUES ('" . $db->escape_string($info['productid']) . "', '" . $db->escape_string($info['title']) . "', '" . $db->escape_string($info['description']) . "', '" . $db->escape_string($info['version']) . "', " . intval($active) . ", '" . $db->escape_string($info['url']) . "', '" . $db->escape_string($info['versioncheckurl']) . "') "); // ############## import templates if (is_array($arr['templates']['template'])) { $querybits = array(); $querytemplates = 0; $templates =& $arr['templates']['template']; if (!isset($templates[0])) { $templates = array($templates); } foreach ($templates AS $template) { $title = $db->escape_string($template['name']); $template['template'] = $db->escape_string($template['value']); $template['username'] = $db->escape_string($template['username']); $template['templatetype'] = $db->escape_string($template['templatetype']); $template['date'] = intval($template['date']); if ($template['templatetype'] != 'template') { // template is a special template $querybits[] = "(-1, '$template[templatetype]', '$title', '$template[template]', '', $template[date], '$template[username]', '" . $db->escape_string($template['version']) . "', '" . $db->escape_string($info['productid']) . "')"; } else { // template is a standard template $querybits[] = "(-1, '$template[templatetype]', '$title', '" . $db->escape_string(compile_template($template['value'])) . "', '$template[template]', $template[date], '$template[username]', '" . $db->escape_string($template['version']) . "', '" . $db->escape_string($info['productid']) . "')"; } if (++$querytemplates % 20 == 0) { /*insert query*/ $db->query_write(" REPLACE INTO " . TABLE_PREFIX . "template (styleid, templatetype, title, template, template_un, dateline, username, version, product) VALUES " . implode(',', $querybits) . " "); $querybits = array(); } // Send some output to the browser inside this loop so certain hosts // don't artificially kill the script. See bug #34585 echo ' '; vbflush(); } // insert any remaining templates if (!empty($querybits)) { /*insert query*/ $db->query_write(" REPLACE INTO " . TABLE_PREFIX . "template (styleid, templatetype, title, template, template_un, dateline, username, version, product) VALUES " . implode(',', $querybits) . " "); } unset($querybits); $rebuild['templates'] = true; } // ############## import stylevars if (is_array($arr['stylevardfns']['stylevargroup'])) { xml_import_stylevar_definitions($arr['stylevardfns'], $info['productid']); } if (is_array($arr['stylevars']['stylevar'])) { xml_import_stylevars($arr['stylevars'], -1); } // ############## import hooks/plugins if (is_array($arr['plugins']['plugin'])) { $plugins =& $arr['plugins']['plugin']; if (!isset($plugins[0])) { $plugins = array($plugins); } foreach ($plugins AS $plugin) { $plugin['product'] = $info['productid']; unset($plugin['devkey']); $db->query_write(fetch_query_sql($plugin, 'plugin')); } $rebuild['plugins'] = true; } // ############## import phrases if (is_array($arr['phrases']['phrasetype'])) { require_once(DIR . '/includes/adminfunctions_language.php'); $master_phrasetypes = array(); $master_phrasefields = array(); foreach(fetch_phrasetypes_array(false) as $phrasetype) { $master_phrasefields["$phrasetype[fieldname]"] = true; } $phrasetypes =& $arr['phrases']['phrasetype']; if (!isset($phrasetypes[0])) { $phrasetypes = array($phrasetypes); } foreach ($phrasetypes AS $phrasetype) { if (empty($phrasetype['phrase'])) { continue; } if ($phrasetype['fieldname'] == '' OR !preg_match('#^[a-z0-9_]+$#i', $phrasetype['fieldname'])) // match a-z, A-Z, 0-9,_ only { continue; } $fieldname = $master_phrasefields["$phrasetype[fieldname]"]; if (!$fieldname) { $db->query_write(" INSERT IGNORE INTO " . TABLE_PREFIX . "phrasetype (fieldname, title, editrows, product) VALUES ('" . $db->escape_string($phrasetype['fieldname']) . "', '" . $db->escape_string($phrasetype['name']) . "', 3, '" . $db->escape_string($info['productid']) . "') "); // need to add the column to the language table as well require_once(DIR . '/includes/class_dbalter.php'); $db_alter = new vB_Database_Alter_MySQL($db); if ($db_alter->fetch_table_info('language')) { $db_alter->add_field(array( 'name' => "phrasegroup_$phrasetype[fieldname]", 'type' => 'mediumtext' )); } } $phrases =& $phrasetype['phrase']; if (!isset($phrases[0])) { $phrases = array($phrases); } $sql = array(); foreach ($phrases AS $phrase) { $sql[] = " (-1, '" . $db->escape_string($phrasetype['fieldname']) . "', '" . $db->escape_string($phrase['name']) . "', '" . $db->escape_string($phrase['value']) . "', '" . $db->escape_string($info['productid']) . "', '" . $db->escape_string($phrase['username']) . "', " . intval($phrase['date']) . ", '" . $db->escape_string($phrase['version']) . "') "; } /*insert query*/ $db->query_write(" REPLACE INTO " . TABLE_PREFIX . "phrase (languageid, fieldname, varname, text, product, username, dateline, version) VALUES " . implode(',', $sql) ); } $rebuild['phrases'] = true; } // ############## import settings if (is_array($arr['options']['settinggroup'])) { $settinggroups =& $arr['options']['settinggroup']; if (!isset($settinggroups[0])) { $settinggroups = array($settinggroups); } foreach ($settinggroups AS $group) { if (empty($group['setting'])) { continue; } // create the setting group if it doesn't already exist /*insert query*/ $db->query_write(" INSERT IGNORE INTO " . TABLE_PREFIX . "settinggroup (grouptitle, displayorder, volatile, product) VALUES ('" . $db->escape_string($group['name']) . "', " . intval($group['displayorder']) . ", 1, '" . $db->escape_string($info['productid']) . "') "); $settings =& $group['setting']; if (!isset($settings[0])) { $settings = array($settings); } $setting_bits = array(); foreach ($settings AS $setting) { if (isset($vbulletin->options["$setting[varname]"])) { $newvalue = $vbulletin->options["$setting[varname]"]; } else { $newvalue = $setting['defaultvalue']; } $setting_bits[] = "( '" . $db->escape_string($setting['varname']) . "', '" . $db->escape_string($group['name']) . "', '" . $db->escape_string(trim($newvalue)) . "', '" . $db->escape_string(trim($setting['defaultvalue'])) . "', '" . $db->escape_string(trim($setting['datatype'])) . "', '" . $db->escape_string($setting['optioncode']) . "', " . intval($setting['displayorder']) . ", " . intval($setting['advanced']) . ", 1, '" . $db->escape_string($setting['validationcode']) . "', " . intval($setting['blacklist']) . ", '" . $db->escape_string($info['productid']) . "'\n\t)"; } /*insert query*/ $db->query_write(" REPLACE INTO " . TABLE_PREFIX . "setting (varname, grouptitle, value, defaultvalue, datatype, optioncode, displayorder, advanced, volatile, validationcode, blacklist, product) VALUES " . implode(",\n\t", $setting_bits) ); } $rebuild['options'] = true; } // ############## import admin help if (is_array($arr['helptopics']['helpscript'])) { $help_scripts =& $arr['helptopics']['helpscript']; if (!isset($help_scripts[0])) { $help_scripts = array($help_scripts); } foreach ($help_scripts AS $help_script) { // Deal with single entry if (!is_array($help_script['helptopic'][0])) { $help_script['helptopic'] = array($help_script['helptopic']); } $help_sql = array(); foreach ($help_script['helptopic'] AS $topic) { $helpsql[] = " ('" . $db->escape_string($help_script['name']) . "', '" . $db->escape_string($topic['act']) . "', '" . $db->escape_string($topic['opt']) . "', " . intval($topic['disp']) . ", 1, '" . $db->escape_string($info['productid']) . "') "; } if (!empty($helpsql)) { /*insert query*/ $db->query_write(" REPLACE INTO " . TABLE_PREFIX . "adminhelp (script, action, optionname, displayorder, volatile, product) VALUES " . implode(",\n\t", $helpsql) ); } } } // ############## import cron if (is_array($arr['cronentries']['cron'])) { require_once(DIR . '/includes/functions_cron.php'); $cron_entries =& $arr['cronentries']['cron']; if (!isset($cron_entries[0])) { $cron_entries = array($cron_entries); } foreach ($cron_entries AS $cron) { $cron['varname'] = preg_replace('#[^a-z0-9_]#i', '', $cron['varname']); if (!$cron['varname']) { continue; } $cron['active'] = ($cron['active'] ? 1 : 0); $cron['loglevel'] = ($cron['loglevel'] ? 1 : 0); $scheduling = $cron['scheduling']; $scheduling['weekday'] = intval($scheduling['weekday']); $scheduling['day'] = intval($scheduling['day']); $scheduling['hour'] = intval($scheduling['hour']); $scheduling['minute'] = explode(',', preg_replace('#[^0-9,-]#i', '', $scheduling['minute'])); if (count($scheduling['minute']) == 0) { $scheduling['minute'] = array(0); } else { $scheduling['minute'] = array_map('intval', $scheduling['minute']); } /*insert query*/ $db->query_write(" REPLACE INTO " . TABLE_PREFIX . "cron (weekday, day, hour, minute, filename, loglevel, active, varname, volatile, product) VALUES ($scheduling[weekday], $scheduling[day], $scheduling[hour], '" . $db->escape_string(serialize($scheduling['minute'])) . "', '" . $db->escape_string($cron['filename']) . "', $cron[loglevel], $cron[active], '" . $db->escape_string($cron['varname']) . "', 1, '" . $db->escape_string($info['productid']) . "') "); $cronid = $db->insert_id(); // replace either inserts, or deletes+inserts if ($cronid) { build_cron_item($cronid); } $rebuild['cron'] = true; } } // ############## import faq if (is_array($arr['faqentries']['faq'])) { $faq_entries =& $arr['faqentries']['faq']; if (!isset($faq_entries[0])) { $faq_entries = array($faq_entries); } $sql = array(); foreach ($faq_entries AS $faq) { $sql[] = " ('" . $db->escape_string($faq['faqname']) . "', '" . $db->escape_string($faq['faqparent']) . "', " . intval($faq['displayorder']) . ", 1, '" . $db->escape_string($info['productid']) . "') "; } if ($sql) { /*insert query*/ $db->query_write(" REPLACE INTO " . TABLE_PREFIX . "faq (faqname, faqparent, displayorder, volatile, product) VALUES " . implode(',', $sql) . " "); } } // Check if the plugin system is disabled. If it is, enable it. if (!$vbulletin->options['enablehooks']) { $db->query_write(" UPDATE " . TABLE_PREFIX . "setting SET value = '1' WHERE varname = 'enablehooks' "); $rebuild['options'] = true; } // Now rebuild everything we need... if ($rebuild['plugins']) { vBulletinHook::build_datastore($db); if ($active) { $plugin_data = $db->query_read(" SELECT * FROM " . TABLE_PREFIX . "datastore WHERE title IN ('pluginlist', 'pluginlistadmin') "); while ($plugin_info = $db->fetch_array($plugin_data)) { if ($plugin_info['title'] == 'pluginlist') { $vbulletin->pluginlist = unserialize($plugin_info['data']); } else if ($plugin_info['title'] == 'pluginlistadmin') { $vbulletin->pluginlistadmin = unserialize($plugin_info['data']); } } // enable any hooks -- this is mainly necessary for importing templates (template_safe_functions hook) if (!defined('DISABLE_HOOKS')) { if (!empty($vbulletin->pluginlistadmin) AND is_array($vbulletin->pluginlistadmin)) { $vbulletin->pluginlist = array_merge($vbulletin->pluginlist, $vbulletin->pluginlistadmin); unset($vbulletin->pluginlistadmin); } vBulletinHook::set_pluginlist($vbulletin->pluginlist); } } } if ($rebuild['templates']) { build_all_styles(); } if ($rebuild['phrases']) { require_once(DIR . '/includes/adminfunctions_language.php'); build_language(); } if ($rebuild['options']) { build_options(); } if ($rebuild['cron']) { require_once(DIR . '/includes/functions_cron.php'); build_cron_next_run(); } build_product_datastore(); // build bitfields to remove/add this products bitfields vB_Bitfield_Builder::save($db); // reload block types $blockmanager = vB_BlockManager::create($vbulletin); $blockmanager->reloadBlockTypes(); print_dots_stop(); $info['need_merge'] = ($rebuild['templates'] AND $installed_version); return $info; }
$db->query_write("DELETE FROM " . TABLE_PREFIX . "calendarpermission WHERE calendarpermissionid = " . $vbulletin->GPC['calendarpermissionid']); print_stop_message('deleted_calendar_permissions_successfully'); } else { print_stop_message('saved_calendar_permissions_successfully'); } } else { require_once DIR . '/includes/functions_misc.php'; $vbulletin->GPC['calendarpermission']['calendarpermissions'] = convert_array_to_bits($vbulletin->GPC['calendarpermission'], $vbulletin->bf_ugp_calendarpermissions, 1); if ($vbulletin->GPC['calendarid'] and !$vbulletin->GPC['calendarpermissionid']) { $vbulletin->GPC['calendarpermission']['calendarid'] = $vbulletin->GPC['calendarid']; $query = fetch_query_sql($vbulletin->GPC['calendarpermission'], 'calendarpermission'); $db->query_write($query); $calendarinfo = $db->query_first("SELECT title AS calendartitle FROM " . TABLE_PREFIX . "calendar WHERE calendarid=" . $vbulletin->GPC['calendarid']); print_stop_message('saved_calendar_permissions_successfully'); } else { $query = fetch_query_sql($vbulletin->GPC['calendarpermission'], 'calendarpermission', "WHERE calendarpermissionid = " . $vbulletin->GPC['calendarpermissionid']); $db->query_write($query); print_stop_message('saved_calendar_permissions_successfully'); } } } // ###################### Start fpgetstyle ####################### function fetch_forumpermission_style($color = '', $canview) { if ($canview == 0) { if ($canview == 0) { $canview = 'list-style-type:circle;'; } else { $canview = ''; } return " style=\"{$color}{$canview}\"";
function doAction($action) { global $kbank, $vbulletin, $bbuserinfo, $vbphrase, $KBANK_HOOK_NAME; $vbulletin->kbank['errors'][$this->data['itemid']] = array(); //Reset errors if ($action == 'enable') { $item =& $this->data; $itemtypeoptions =& $this->itemtypedata['options']; if ($itemtypeoptions['postbg']) { //build backgrounds $postbg_options = ''; $postbgs = explode("\r\n", $itemtypeoptions['postbg_list']); $isURLBackground = iif($this->data['options']['postbg'] == '', false, true); foreach ($postbgs as $postbg) { if ($postbg) { $tmp = explode(":", $postbg); if (!isset($tmp[1])) { $tmp[1] = basename($tmp[0]); } $selected = ''; if ($this->data['options']['postbg'] == $tmp[0]) { $selected = ' selected="selected"'; $isURLBackground = false; } $postbg_options .= "<option value=\"{$tmp['0']}\"{$selected}>{$tmp['1']}</option>"; } } //build positions $postbg_positions = ''; foreach ($this->itemtype->options['postbg_positions'] as $value => $name) { $selected = ''; if ($this->data['options']['postbg_position'] == $value) { $selected = ' selected="selected"'; } $postbg_positions .= "<option value=\"{$value}\"{$selected}>{$name}</option>"; } } eval('$tmp = "' . fetch_template('kbank_template_customize_postdisplay_enable') . '";'); eval(standard_error($tmp, '', false)); } if ($action == 'do_enable') { if ($this->ready2Enable()) { $vbulletin->input->clean_array_gpc('p', array('itemid' => TYPE_UINT, 'postbg_select' => TYPE_STR, 'postbg_url' => TYPE_STR, 'postbg_position' => TYPE_STR)); if ($this->itemtypedata['options']['postbg']) { if ($vbulletin->GPC['postbg_select'] != '-1') { //background if ($vbulletin->GPC['postbg_select'] == '0' and $this->itemtypedata['options']['postbg_url']) { //Admin allow URL and user selected url mode $postbg = $vbulletin->GPC['postbg_url']; $pathinfo = pathinfo($postbg); if (strpos($postbg, '?') or !in_array(strtolower($pathinfo['extension']), array('jpg', 'jpeg', 'png', 'gif', 'bmp'))) { $postbg = ''; } } else { $postbg = ''; $valid_postbgs = explode("\r\n", $this->itemtypedata['options']['postbg_list']); foreach ($valid_postbgs as $valid_postbg) { $tmp = explode(":", $valid_postbg); if ($tmp[0] == $vbulletin->GPC['postbg_select']) { $postbg = $tmp[0]; } } } $this->data['options']['postbg'] = $postbg; //position if (isset($this->itemtype->options['postbg_positions'][$vbulletin->GPC['postbg_position']])) { $this->data['options']['postbg_position'] = $vbulletin->GPC['postbg_position']; } else { $keys = array_keys($this->itemtype->options['postbg_positions']); $this->data['options']['postbg_position'] = $keys[0]; } } else { $this->data['options']['postbg'] = ''; $this->data['options']['postbg_position'] = ''; } } $this->data['options']['enabled'] = 1; $this->data['expire_time'] = iif(!$this->data['options']['enabled'], iif($this->data['options']['duration'] > 0, TIMENOW + $this->data['options']['duration'] * 24 * 60 * 60, -1), $this->data['expire_time']); //Optimizing.... $options = array(); foreach ($this->data['options'] as $key => $val) { if ($val) { $options[$key] = $val; } } $item_new = array('status' => KBANK_ITEM_ENABLED, 'expire_time' => $this->data['expire_time'], 'options' => serialize($options)); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); } } if ($action == 'disable') { if ($this->ready2Disable()) { $item_new = array('status' => KBANK_ITEM_AVAILABLE); $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); } } if ($action == 'work') { //Check for running hook switch ($KBANK_HOOK_NAME) { case KBANK_POSTBIT_COMPLETE: if (THIS_SCRIPT == 'showthread' or THIS_SCRIPT == 'showpost') { //currently only work with showthread and showpost $options = $this->data['options']; $itemtypeoptions = $this->itemtypedata['options']; global $post, $stylevar, $kbank_active_items; if ($itemtypeoptions['postbg']) { $postbg_position = str_replace(array('-', '_'), array(' ', '-'), $options['postbg_position']); $background = "background: {$stylevar['alt1_bgcolor']} url({$options['postbg']}) {$postbg_position};"; $GLOBALS['customize_postdisplay_cache'][$post['postid']]['background'] = $background; } $foundOther = false; $foundThis = false; foreach ($GLOBALS['kbank_active_items'] as $userid => $useritems) { if ($foundOther) { break; } foreach ($useritems as $item) { if ($foundTher) { break; } if (is_subclass_of($item, 'Item')) { if ($item->data['itemid'] == $this->data['itemid']) { $foundThis = true; } if ($foundThis and $item->itemtype->data['filename'] == substr(strrchr(__FILE__, DIRECTORY_SEPARATOR), 1)) { $foundOTher = true; break; } } } } if (!$foundOther) { $css = ''; foreach ($GLOBALS['customize_postdisplay_cache'] as $postid => $cache) { if ($itemtypeoptions['postbg_element']) { $elementid = str_replace('###', $postid, $itemtypeoptions['postbg_element']); } else { $elementid = "post_message_{$postid}"; } $css .= "#{$elementid} {\r\n"; foreach ($cache as $element) { $css .= $element . "\r\n"; } $css .= "}\r\n"; $GLOBALS['customize_postdisplay_cache'] = array(); } if ($css != '') { $css = "<style type=\"text/css\">\r\n{$css}</style>\r\n"; $GLOBALS['headinclude'] .= "<!-- CSS automatically added by " . substr(strrchr(__FILE__, DIRECTORY_SEPARATOR), 1) . " at line " . __LINE__ . " -->\n" . $css; } } } break; } } return parent::doAction($action); }
$vbulletin->GPC['modusername'] = $userinfo['username']; } $calendarinfo = $db->query_first("\n\t\tSELECT calendarid,title\n\t\tFROM " . TABLE_PREFIX . "calendar\n\t\tWHERE calendarid = " . intval($vbulletin->GPC['moderator']['calendarid'])); if ($calendarinfo['calendarid'] and ($userinfo['userid'] or $vbulletin->GPC['moderatorid'])) { // no errors require_once DIR . '/includes/functions_misc.php'; $vbulletin->GPC['moderator']['permissions'] = convert_array_to_bits($vbulletin->GPC['modperms'], $vbulletin->bf_misc_calmoderatorpermissions, 1); if ($vbulletin->GPC['moderatorid']) { // update $db->query_write(fetch_query_sql($vbulletin->GPC['moderator'], 'calendarmoderator', "WHERE calendarmoderatorid=" . $vbulletin->GPC['moderatorid'])); define('CP_REDIRECT', 'admincalendar.php'); print_stop_message('saved_moderator_x_successfully', $vbulletin->GPC['modusername']); } else { // insert $vbulletin->GPC['moderator']['userid'] = $userinfo['userid']; $db->query_write(fetch_query_sql($vbulletin->GPC['moderator'], 'calendarmoderator')); define('CP_REDIRECT', 'admincalendar.php'); print_stop_message('saved_moderator_x_successfully', $vbulletin->GPC['modusername']); } } else { // error if (!$userinfo['userid']) { print_stop_message('no_moderator_matched_your_query'); } if (!$calendarinfo['calendarid']) { print_stop_message('invalid_calendar_specified'); } } } // ###################### Start Remove moderator ####################### if ($_REQUEST['do'] == 'removemod') {
$usergroups = $db->query_read('SELECT * FROM usergroup'); echo "<p>{$upgrade_phrases['upgrade_300b3.php']['updating_usergroup_permissions']}</p><ul>"; require_once DIR . '/includes/functions_misc.php'; while ($usergroup = $db->fetch_array($usergroups)) { if ($usergroup['usergroupid'] != 2 and $usergroup['usergroupid'] != 5 and $usergroup['usergroupid'] != 6 and $usergroup['usergroupid'] != 7) { $calendarsql .= ", (2, {$usergroup['usergroupid']}, 1)"; } echo "<li>" . sprintf($upgrade_phrases['upgrade_300b3.php']['usergroup_x'], $usergroup['title']) . " ...\n"; $ug = array(); foreach ($vbulletin->bf_ugp as $dbfield => $fields) { $ug["{$dbfield}"] = convert_array_to_bits($usergroup, $fields); } if ($usergroup['genericoptions']) { $ug['genericoptions'] += 1; } $db->query_write(fetch_query_sql($ug, 'usergroup', "WHERE usergroupid={$usergroup['usergroupid']}")); echo "{$vbphrase['done']}.</li>\n"; vbflush(); } echo "</ul>\n"; $query[] = "UPDATE usergroup SET pmquota = IF(canusepm, " . iif($pmquota == 0, 10000, $pmquota) . ", 0)"; $explain[] = $upgrade_phrases['upgrade_300b3.php']['updating_usergroups']; // update usergroups to allow membergroups EXCEPT for the following groups: // unregistered users (group 1) // users awaiting email confirmation (group 3) // COPPA users awaiting moderation (group 4) // any usergroup defined as 'banned' if (empty($vbulletin->GPC['bangroup'])) { $bannedgroups = 0; } else { $bannedgroups = implode(',', $vbulletin->GPC['bangroup']);
if (empty($langupdate['title']) or empty($langupdate['charset'])) { print_stop_message('please_complete_required_fields'); } if ($isdefault and $langupdate['userselect'] == 0) { print_stop_message('cant_delete_default_language'); } // User has defined a locale. if ($langupdate['locale'] != '') { if (!setlocale(LC_TIME, $langupdate['locale']) or !setlocale(LC_CTYPE, $langupdate['locale'])) { print_stop_message('invalid_locale', $langupdate['locale']); } if ($langupdate['dateoverride'] == '' or $langupdate['timeoverride'] == '' or $langupdate['registereddateoverride'] == '' or $langupdate['calformat1override'] == '' or $langupdate['calformat2override'] == '' or $langupdate['logdateoverride'] == '') { print_stop_message('locale_define_fill_in_all_overrides'); } } $query = fetch_query_sql($langupdate, 'language', "WHERE languageid = " . $vbulletin->GPC['dolanguageid']); $db->query_write($query); if ($vbulletin->GPC['isdefault'] and $vbulletin->GPC['dolanguageid'] != $vbulletin->options['languageid']) { $do = 'setdefault'; } else { $do = 'modify'; } build_language_datastore(); define('CP_REDIRECT', 'language.php?dolanguageid=' . $vbulletin->GPC['dolanguageid'] . '&do=' . $do); print_stop_message('saved_language_x_successfully', $newlang['title']); } // ########################################################################## if ($_REQUEST['do'] == 'edit_settings') { $language = fetch_languages_array($vbulletin->GPC['dolanguageid']); $getoptions = convert_bits_to_array($language['options'], $vbulletin->bf_misc_languageoptions); $language = array_merge($language, $getoptions);
$db->query_write("\r\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "blog_categorypermission\r\n\t\t\t\tWHERE categorypermissionid = " . $vbulletin->GPC['categorypermissionid']); build_category_permissions(); print_stop_message('deleted_category_permissions_successfully'); } else { build_category_permissions(); print_stop_message('saved_category_permissions_successfully'); } } else { require_once DIR . '/includes/functions_misc.php'; $vbulletin->GPC['categorypermission']['categorypermissions'] = convert_array_to_bits($vbulletin->GPC['categorypermission'], $vbulletin->bf_ugp_vbblog_general_permissions, 1); if ($vbulletin->GPC['blogcategoryid'] and !$vbulletin->GPC['categorypermissionid']) { $vbulletin->GPC['categorypermission']['blogcategoryid'] = $vbulletin->GPC['blogcategoryid']; $query = fetch_query_sql($vbulletin->GPC['categorypermission'], 'blog_categorypermission'); $db->query_write($query); } else { $query = fetch_query_sql($vbulletin->GPC['categorypermission'], 'blog_categorypermission', "WHERE categorypermissionid = " . $vbulletin->GPC['categorypermissionid']); $db->query_write($query); } build_category_permissions(); print_stop_message('saved_category_permissions_successfully'); } } if ($_REQUEST['do'] == 'stats') { $vbulletin->input->clean_array_gpc('r', array('start' => TYPE_ARRAY_INT, 'end' => TYPE_ARRAY_INT, 'scope' => TYPE_NOHTML, 'sort' => TYPE_NOHTML, 'nullvalue' => TYPE_BOOL, 'username' => TYPE_NOHTML, 'type' => TYPE_NOHTML)); if (!empty($vbulletin->GPC['username'])) { if (!($userexist = $db->query_first("\r\n\t\t\tSELECT userid\r\n\t\t\tFROM " . TABLE_PREFIX . "user\r\n\t\t\tWHERE username = '******'username']) . "'"))) { print_stop_message('invalid_user_specified'); } } // Default View Values if (empty($vbulletin->GPC['start'])) {
if (!$arr['plugin']) { print_dots_stop(); if (!empty($arr['productid'])) { print_stop_message('this_file_appears_to_be_a_product'); } else { print_stop_message('invalid_file_specified'); } } if (!is_array($arr['plugin'][0])) { $arr['plugin'] = array($arr['plugin']); } $maxid = $db->query_first("SELECT MAX(pluginid) AS max FROM " . TABLE_PREFIX . "plugin"); foreach ($arr['plugin'] as $plugin) { unset($plugin['devkey']); // make sure we don't try to set this as it's no longer used $db->query_write(fetch_query_sql($plugin, 'plugin')); } // rebuild the $vboptions array vBulletinHook::build_datastore($db); // stop the 'dots' counter feedback print_dots_stop(); print_cp_redirect("plugin.php?" . $vbulletin->session->vars['sessionurl'], 0); } // ############################################################################# if ($_POST['do'] == 'download') { $vbulletin->input->clean_array_gpc('p', array('filename' => TYPE_STR, 'download' => TYPE_ARRAY_UINT)); if (empty($vbulletin->GPC['download']) or empty($vbulletin->GPC['filename'])) { print_stop_message('please_complete_required_fields'); } require_once DIR . '/includes/class_xml.php'; $xml = new vB_XML_Builder($vbulletin);
/** * Logs the moderation actions that are being performed on the forum * * @param array Array of information indicating on what data the action was performed * @param integer This value corresponds to the action that was being performed * @param string Other moderator parameters */ function log_moderator_action($loginfo, $logtype, $action = '') { global $vbulletin; $modlogsql = array(); if ($result = fetch_modlogtypes($logtype)) { $logtype = $result; } ($hook = vBulletinHook::fetch_hook('log_moderator_action')) ? eval($hook) : false; if (is_array($loginfo[0])) { foreach ($loginfo as $index => $log) { if (is_array($action)) { $action = serialize($action); } $modlogsql[] = "(" . intval($logtype) . ", " . intval($log['userid']) . ", " . TIMENOW . ", " . intval($log['forumid']) . ", " . intval($log['threadid']) . ", " . intval($log['postid']) . ", " . intval($log['pollid']) . ", " . intval($log['attachmentid']) . ", '" . $vbulletin->db->escape_string($action) . "', '" . $vbulletin->db->escape_string(IPADDRESS) . "')"; } $vbulletin->db->query_write("INSERT INTO " . TABLE_PREFIX . "moderatorlog (type, userid, dateline, forumid, threadid, postid, pollid, attachmentid, action, ipaddress) VALUES " . implode(', ', $modlogsql)); } else { $moderatorlog['userid'] =& $vbulletin->userinfo['userid']; $moderatorlog['dateline'] = TIMENOW; $moderatorlog['type'] = intval($logtype); $moderatorlog['forumid'] = intval($loginfo['forumid']); $moderatorlog['threadid'] = intval($loginfo['threadid']); $moderatorlog['postid'] = intval($loginfo['postid']); $moderatorlog['pollid'] = intval($loginfo['pollid']); $moderatorlog['attachmentid'] = intval($loginfo['attachmentid']); $moderatorlog['ipaddress'] = IPADDRESS; if (is_array($action)) { $action = serialize($action); } $moderatorlog['action'] = $action; /*insert query*/ $vbulletin->db->query_write(fetch_query_sql($moderatorlog, 'moderatorlog')); } }
print_label_row($vbphrase['leftby'], $repinfo['whoadded_username']); print_label_row($vbphrase['leftfor'], $repinfo['username']); print_input_row($vbphrase['comment'], 'reputation[reason]', $repinfo['reason']); print_input_row($vbphrase['reputation'], 'reputation[reputation]', $repinfo['reputation'], 0, 5); construct_hidden_code('reputationid', $vbulletin->GPC['reputationid']); construct_hidden_code('oldreputation', $repinfo[reputation]); construct_hidden_code('userid', $repinfo['userid']); print_submit_row(); } else { print_stop_message('no_matches_found'); } } // ************************************************************************************************* if ($_POST['do'] == 'doeditreputation') { $vbulletin->input->clean_array_gpc('p', array('reputation' => TYPE_ARRAY, 'reputationid' => TYPE_INT, 'oldreputation' => TYPE_INT, 'userid' => TYPE_INT)); $db->query_write(fetch_query_sql($vbulletin->GPC['reputation'], 'reputation', "WHERE reputationid=" . $vbulletin->GPC['reputationid'])); if ($vbulletin->GPC['oldreputation'] != $vbulletin->GPC['reputation']['reputation']) { $diff = $vbulletin->GPC['oldreputation'] - $vbulletin->GPC['reputation']['reputation']; $user = fetch_userinfo($vbulletin->GPC['userid']); if ($user) { $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdm->set_existing($user); $userdm->set('reputation', "reputation - {$diff}", false); $userdm->save(); unset($userdm); } } define('CP_REDIRECT', "adminreputation.php?do=list&u=" . $vbulletin->GPC['userid']); print_stop_message('saved_reputation_successfully'); } // *************************************************************************************************
function doAction($action) { global $vbulletin, $vbphrase, $userinfo; //to be override if (!$userinfo) { $userinfo =& $vbulletin->userinfo; } if ($action == 'buy') { if ($olditem = $vbulletin->db->query_first("\n\t\t\t\t\tSELECT *\n\t\t\t\t\tFROM `" . TABLE_PREFIX . "kbank_items`\n\t\t\t\t\tWHERE type = {$this->data['type']}\n\t\t\t\t\t\tAND userid = {$userinfo['userid']}\n\t\t\t\t\t\tAND (status > " . KBANK_ITEM_AVAILABLE . "\n\t\t\t\t\t\t\tOR status = " . KBANK_ITEM_DELETED . ")\n\t\t\t\t\tORDER BY create_time DESC\n\t\t\t\t\tLIMIT 1\n\t\t\t\t")) { //Search for an old item with same itemtype have been used/enabled or even deleted $options = unserialize($olditem['options']); if (is_array($options)) { foreach ($options as $key => $value) { if (!in_array($key, array('duration', 'bids', 'expire_time_bidding', 'approved', 'edit_time')) and !isset($this->data['options'][$key])) { $this->data['options'][$key] = $value; } } } $this->data['options']['enabled'] = null; } if (isset($this->data['options']['sold_counter'])) { $this->data['options']['sold_counter'] = null; //clear sold counter } if (isset($this->data['options']['receiver'])) { $this->data['options']['receiver'] = null; //clear receiver } if (is_array($this->data['options'])) { $this->data['options'] = serialize($this->data['options']); } $this->data['status'] = KBANK_ITEM_AVAILABLE; //IMPORTANT! $this->data['userid'] = $userinfo['userid']; //IMPORTANT! } if ($action == 'bid') { //This action change database directly //Permission checking if ($this->data['status'] != KBANK_ITEM_BIDDING or !havePerm($userinfo, KBANK_PERM_COMPANY, true) or $this->data['expire_time'] < TIMENOW) { return KBANK_ERROR_NO_PERM; } $bid = $vbulletin->GPC['bid'][$this->data['itemid']]; $highestBid = $this->highestBid(); if ($bid <= $this->data['price']) { //User place bid lower than what we have got if ($bid == $this->data['price'] and !count($highestBid)) { //if this is the first, he/she can bid with amount of default bid } else { return fetch_error('kbank_item_bid_lower', vb_number_format($this->data['price'], $vbulletin->kbank['roundup']), $vbulletin->kbank['name']); } } if (count($highestBid) and $bid - $highestBid['bid'] < $vbulletin->kbank['bidStep']) { return fetch_error('kbank_item_bid_step', vb_number_format($highestBid['bid'], $vbulletin->kbank['roundup']), vb_number_format($vbulletin->kbank['bidStep'], $vbulletin->kbank['roundup']), $vbulletin->kbank['name']); } if (!isset($this->data['options']['bids'])) { $this->data['options']['bids'] = array(); } //Calculating bidding-fee $paid = 0; $fee = calcTransferTax($bid, $vbulletin->kbank['ItemBidFee']); foreach ($this->data['options']['bids'] as $record) { if ($record['userid'] == $userinfo['userid']) { $paid += $record['paid']; } } $need2paid = $fee - $paid; $result = transferMoney($userinfo['userid'], $this->data['userid'], $need2paid, 'bid_' . $this->data['itemid'], $userinfo[$vbulletin->kbank['field']], true, false, KBANK_NO_TAX, false, 0, array('banklogs_itemname' => iif($this->data['userid'] == 0, 'items', 'other'))); if ($result !== true) { return $result; } $this->data['options']['bids'][] = array('userid' => $userinfo['userid'], 'username' => $userinfo['username'], 'bid' => $bid, 'bid_time' => TIMENOW, 'paid' => $need2paid); $item_new = array('price' => $bid, 'options' => serialize($this->data['options'])); //Do database change $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); //updateWarningItem(); - done by main script return true; } if ($action == 'bid_expired') { //Bidding expired //Permission check - for safe if ($this->data['status'] == KBANK_ITEM_BIDDING and $this->data['expire_time'] < TIMENOW) { if (($vbulletin->kbank['BidWinnerBuyAfter'] === false or TIMENOW < $this->data['expire_time'] + $vbulletin->kbank['BidWinnerBuyAfter']) and count($this->highestBid())) { //If there is a highest bid we will specified receiver! $this->data['options']['receiver'] = array($this->highestBid()); } $this->data['status'] = KBANK_ITEM_SELLING; if ($this->data['options']['expire_time_bidding'] > 0) { $this->data['expire_time'] = $this->data['expire_time'] + $this->data['options']['expire_time_bidding']; } else { $this->data['expire_time'] = $this->data['options']['expire_time_bidding']; } //We have to update old info $this->getExtraInfoReceiver(); $this->getExtraInfoExpire(); } else { return false; } } if ($action == 'approve') { //This action change database directly $kBankAdmin =& $vbulletin->userinfo; //One more permission check - just for safe if (THIS_SCRIPT != 'kbankadmin' or !havePerm($kBankAdmin, KBANK_PERM_ADMIN) or $this->data['status'] != KBANK_ITEM_PENDING) { print_stop_message('kbank_no_permission'); } if (isset($this->data['options']['approved'][$kBankAdmin['userid']])) { $do_approved = false; } else { $do_approved = true; $this->data['options']['approved'][$kBankAdmin['userid']] = $kBankAdmin['username']; } $approved = array(); foreach ($this->data['options']['approved'] as $userid => $username) { if (in_array($userid, $vbulletin->kbank['AdminIDs']) and !in_array($userid, $approved)) { $approved[] = $userid; } } if (count($approved) >= $vbulletin->kbank['requestApproval'] or count($approved) == count($vbulletin->kbank['AdminIDs'])) { //Great! Approved $item_new = array('status' => $this->data['options']['status_pending'], 'options' => serialize($this->data['options'])); } else { if ($do_approved) { //Okay but we need more $item_new = array('options' => serialize($this->data['options'])); } } if ($item_new) { //Do database change $vbulletin->db->query_write(fetch_query_sql($item_new, 'kbank_items', "WHERE itemid = {$this->data[itemid]}")); } logkBankAction('admin_item_approve', $this->data['itemid']); updateWarningItem(); define('CP_REDIRECT', 'kbankadmin.php?do=item_man'); print_stop_message('kbank_item_approved'); } return true; }