function asb_strip_url($message)
{
$message = ' ' . $message;
$message = preg_replace("#([\\>\\s\\(\\)])(http|https|ftp|news){1}://([^\\/\"\\s\\<\\[\\.]+\\.([^\\/\"\\s\\<\\[\\.]+\\.)*[\\w]+(:[0-9]+)?(/[^\"\\s<\\[]*)?)#i", '', $message);
$message = preg_replace("#([\\>\\s\\(\\)])(www|ftp)\\.(([^\\/\"\\s\\<\\[\\.]+\\.)*[\\w]+(:[0-9]+)?(/[^\"\\s<\\[]*)?)#i", '', $message);
return my_substr($message, 1);
}
public function create_action($id, $type)
{
checkObject();
checkObjectModule('documents');
object_set_visit_module('documents');
if (!$GLOBALS['rechte']) {
throw new AccessDeniedException();
}
PageLayout::setTitle(_('Neuen Ordner erstellen'));
$options = array();
$options[md5('new_top_folder')] = _('Namen auswählen oder wie Eingabe') . ' -->';
$query = "SELECT SUM(1) FROM folder WHERE range_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($id));
if ($statement->fetchColumn() == 0) {
$options[$id] = _('Allgemeiner Dateiordner');
}
if ($type === 'sem') {
$query = "SELECT statusgruppe_id AS id, statusgruppen.name AS name\n FROM statusgruppen\n LEFT JOIN folder ON (statusgruppe_id = folder.range_id)\n WHERE statusgruppen.range_id = ? AND folder_id IS NULL\n ORDER BY position";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($id));
$statement->setFetchMode(PDO::FETCH_ASSOC);
foreach ($statement as $row) {
$options[$row['id']] = sprintf(_('Dateiordner der Gruppe: %s'), $row['name']);
}
$issues = array();
$shown_dates = array();
$query = "SELECT themen_termine.issue_id, termine.date, folder.name, termine.termin_id, date_typ\n FROM termine\n LEFT JOIN themen_termine USING (termin_id)\n LEFT JOIN folder ON (themen_termine.issue_id = folder.range_id)\n WHERE termine.range_id = ? AND folder.folder_id IS NULL\n ORDER BY termine.date, name";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($id));
$statement->setFetchMode(PDO::FETCH_ASSOC);
foreach ($statement as $row) {
if ($row['name']) {
continue;
}
$name = sprintf(_('Ordner für %s [%s]'), date('d.m.Y', $row['date']), $GLOBALS['TERMIN_TYP'][$row['date_typ']]['name']);
if ($row['issue_id']) {
if (!$issues[$row['issue_id']]) {
$issues[$row['issue_id']] = new Issue(array('issue_id' => $row['issue_id']));
}
$name .= ', ' . my_substr($issues[$row['issue_id']]->toString(), 0, 20);
$option_id = $row['issue_id'];
} else {
$option_id = $row['termin_id'];
}
$options[$option_id] = $name;
}
}
$this->options = $options;
$this->id = $id;
}
/**
* Clean up a description and append it to google_seo_meta.
*
* @param string The unfiltered description that should be used.
*/
function google_seo_meta_description($description)
{
global $settings, $plugins, $google_seo_meta;
if ($settings['google_seo_meta_length'] > 0) {
$description = strip_tags($description);
$description = str_replace(" ", " ", $description);
$description = preg_replace("/\\[[^\\]]+\\]/u", "", $description);
$description = preg_replace("/\\s+/u", " ", $description);
$description = trim($description);
$description = my_substr($description, 0, $settings['google_seo_meta_length'], true);
$description = trim($description);
if ($description) {
$plugins->add_hook('pre_output_page', 'google_seo_meta_output');
$google_seo_meta = "<meta name=\"description\" content=\"{$description}\" />\n{$google_seo_meta}";
}
}
}
$memban['adminuser'] = build_profile_link($memban['adminuser'], $memban['admin']);
// Display a nice warning to the user
eval('$bannedbit = "' . $templates->get('member_profile_banned') . '";');
}
$adminoptions = '';
if ($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1) {
eval("\$adminoptions = \"" . $templates->get("member_profile_adminoptions") . "\";");
}
$modoptions = $viewnotes = $editnotes = $editprofile = $banuser = $manageuser = '';
$can_purge_spammer = purgespammer_show($memprofile['postnum'], $memprofile['usergroup'], $memprofile['uid']);
if ($mybb->usergroup['canmodcp'] == 1 || $can_purge_spammer) {
$memprofile['usernotes'] = nl2br(htmlspecialchars_uni($memprofile['usernotes']));
if (!empty($memprofile['usernotes'])) {
if (strlen($memprofile['usernotes']) > 100) {
eval("\$viewnotes = \"" . $templates->get("member_profile_modoptions_viewnotes") . "\";");
$memprofile['usernotes'] = my_substr($memprofile['usernotes'], 0, 100) . "... {$viewnotes}";
}
} else {
$memprofile['usernotes'] = $lang->no_usernotes;
}
if ($mybb->usergroup['caneditprofiles'] == 1) {
eval("\$editprofile = \"" . $templates->get("member_profile_modoptions_editprofile") . "\";");
eval("\$editnotes = \"" . $templates->get("member_profile_modoptions_editnotes") . "\";");
}
if ($mybb->usergroup['canbanusers'] == 1 && (!$memban['uid'] || $memban['uid'] && $mybb->user['uid'] == $memban['admin'] || $mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['cancp'] == 1)) {
eval("\$banuser = \"" . $templates->get("member_profile_modoptions_banuser") . "\";");
}
if ($can_purge_spammer) {
eval("\$purgespammer = \"" . $templates->get('member_profile_modoptions_purgespammer') . "\";");
}
if (!empty($editprofile) || !empty($banuser) || !empty($purgespammer)) {
<tr>
<td valign="top">
<?
$search_exp = Request::get('search_exp');
if ($search_exp):
$users = getSearchResults(trim($search_exp), $range_id, 'sem');
if ($users): ?>
<select name="searchPersons[]" size="5" multiple style="width: 90%;">
<? if (is_array($users)) foreach ($users as $user) : ?>
<option value="<?php
echo htmlReady($user['username']);
?>
">
<?php
echo htmlReady(my_substr($user['fullname'], 0, 35));
?>
(<?php
echo $user['username'];
?>
), <?php
echo $user['perms'];
?>
</option>
<? endforeach; ?>
</select>
<?php
echo Icon::create('refresh', ['title' => _('Personen suchen')])->asInput(['valign' => 'bottom', 'name' => 'search', 'value' => _('Personen suchen')]);
?>
<br>
<? else : // no users there ?>
}
}
$loginhandler->set_data(array('username' => $mybb->input['username'], 'password' => $mybb->input['password']));
if ($loginhandler->validate_login() == true) {
$mybb->user = get_user($loginhandler->login_data['uid']);
}
if ($mybb->user['uid']) {
if (login_attempt_check_acp($mybb->user['uid']) == true) {
log_admin_action(array('type' => 'admin_locked_out', 'uid' => (int) $mybb->user['uid'], 'username' => $mybb->user['username']));
$default_page->show_lockedout();
}
$db->delete_query("adminsessions", "uid='{$mybb->user['uid']}'");
$sid = md5(uniqid(microtime(true), true));
$useragent = $_SERVER['HTTP_USER_AGENT'];
if (my_strlen($useragent) > 200) {
$useragent = my_substr($useragent, 0, 200);
}
// Create a new admin session for this user
$admin_session = array("sid" => $sid, "uid" => $mybb->user['uid'], "loginkey" => $mybb->user['loginkey'], "ip" => $db->escape_binary(my_inet_pton(get_ip())), "dateline" => TIME_NOW, "lastactive" => TIME_NOW, "data" => my_serialize(array()), "useragent" => $db->escape_string($useragent));
$db->insert_query("adminsessions", $admin_session);
$admin_session['data'] = array();
// Only reset the loginattempts when we're really logged in and the user doesn't need to enter a 2fa code
$query = $db->simple_select("adminoptions", "authsecret", "uid='{$mybb->user['uid']}'");
$admin_options = $db->fetch_array($query);
if (empty($admin_options['authsecret'])) {
$db->update_query("adminoptions", array("loginattempts" => 0, "loginlockoutexpiry" => 0), "uid='{$mybb->user['uid']}'");
}
my_setcookie("adminsid", $sid, '', true);
my_setcookie('acploginattempts', 0);
$post_verify = false;
$mybb->request_method = "get";
eval("\$latest_post = \"" . $templates->get("modcp_awaitingmoderation_none") . "\";");
}
eval("\$awaitingposts = \"" . $templates->get("modcp_awaitingposts") . "\";");
}
if ($nummodqueuethreads > 0 || $mybb->usergroup['issupermod'] == 1) {
$query = $db->simple_select("threads", "COUNT(tid) AS unapprovedthreads", "visible='0' {$flist_queue_threads}");
$unapproved_threads = $db->fetch_field($query, "unapprovedthreads");
if ($unapproved_threads > 0) {
$query = $db->simple_select("threads", "tid, subject, uid, username, dateline", "visible='0' {$flist_queue_threads}", array('order_by' => 'dateline', 'order_dir' => 'DESC', 'limit' => 1));
$thread = $db->fetch_array($query);
$thread['date'] = my_date('relative', $thread['dateline']);
$thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']);
$thread['link'] = get_thread_link($thread['tid']);
$thread['subject'] = $thread['fullsubject'] = $parser->parse_badwords($thread['subject']);
if (my_strlen($thread['subject']) > 25) {
$post['subject'] = my_substr($thread['subject'], 0, 25) . "...";
}
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$thread['fullsubject'] = htmlspecialchars_uni($thread['fullsubject']);
$unapproved_threads = my_number_format($unapproved_threads);
eval("\$latest_thread = \"" . $templates->get("modcp_lastthread") . "\";");
} else {
eval("\$latest_thread = \"" . $templates->get("modcp_awaitingmoderation_none") . "\";");
}
eval("\$awaitingthreads = \"" . $templates->get("modcp_awaitingthreads") . "\";");
}
if (!empty($awaitingattachments) || !empty($awaitingposts) || !empty($awaitingthreads)) {
eval("\$awaitingmoderation = \"" . $templates->get("modcp_awaitingmoderation") . "\";");
}
}
$latestfivemodactions = '';
echo $institute_id;
?>
"
<? if ($institute_id == $resObject->getInstitutId()) echo 'selected'; ?>>
<?php
echo htmlReady(my_substr($faculty['Name'], 0, 50));
?>
</option>
<? foreach ($faculty['institutes'] as $institute_id => $name): ?>
<option style="padding-left: 1.5em;" value="<?php
echo $institute_id;
?>
"
<? if ($institute_id == $resObject->getInstitutId()) echo 'selected'; ?>>
<?php
echo htmlReady(my_substr($name, 0, 50));
?>
</option>
<? endforeach; ?>
<? endforeach; ?>
</select>
<? else : ?>
<?php
echo MessageBox::info(_('Sie können die Einordnung in die Orga-Struktur nicht ändern.'));
?>
<? endif; ?>
</td>
</tr>
<? endif; ?>
<? if ($resObject->getCategoryId()) : ?>
<? foreach ($EditResourceData->selectProperties() as $property): ?>
foreach ($faculties as $faculty) {
$export_pagecontent .= "<option style=\"font-weight:bold;\" ";
if ($range_id == $faculty['fakultaets_id']) {
$export_pagecontent .= " selected";
}
$export_pagecontent .= " value=\"" . $faculty['Institut_id'] . "\">" . htmlReady(my_substr($faculty['Name'], 0, 60)) . "</option>";
$inst_statement->execute(array($faculty['Institut_id']));
while ($institute = $inst_statement->fetch(PDO::FETCH_ASSOC)) {
$export_pagecontent .= sprintf("<option value=\"%s\"", $institute['Institut_id']);
if ($range_id == $institute['Institut_id'] && $range_id != $faculty['Institut_id']) {
$export_pagecontent .= " selected";
}
$export_pagecontent .= sprintf("> %s </option>\n", htmlReady(my_substr($institute['Name'], 0, 60)));
}
$inst_statement->closeCursor();
}
if ($perm->have_perm("root")) {
$export_pagecontent .= "<option style=\"font-weight:bold;\" value=\"root\">Alle Einrichtungen";
}
$export_pagecontent .= "</select><br><br>";
$export_pagecontent .= "<b>"._("Art der auszugebenden Daten: ") . "</b><br><select name=\"ex_type\">";
$export_pagecontent .= "<option";
if ($ex_type=="veranstaltung")
$export_pagecontent .= " selected";
error($lang->no_attachments_selected);
}
$aids = implode(',', array_map('intval', $mybb->input['attachments']));
$query = $db->simple_select("attachments", "*", "aid IN ({$aids}) AND uid='" . $mybb->user['uid'] . "'");
while ($attachment = $db->fetch_array($query)) {
remove_attachment($attachment['pid'], '', $attachment['aid']);
}
$plugins->run_hooks("usercp_do_attachments_end");
redirect("usercp.php?action=attachments", $lang->attachments_deleted);
}
if ($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post") {
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
// Cap at 60,000 chars; text will allow up to 65535?
if (my_strlen($mybb->get_input('notepad')) > 60000) {
$mybb->input['notepad'] = my_substr($mybb->get_input('notepad'), 0, 60000);
}
$plugins->run_hooks("usercp_do_notepad_start");
$db->update_query("users", array('notepad' => $db->escape_string($mybb->get_input('notepad'))), "uid='" . $mybb->user['uid'] . "'");
$plugins->run_hooks("usercp_do_notepad_end");
redirect("usercp.php", $lang->redirect_notepadupdated);
}
if (!$mybb->input['action']) {
// Get posts per day
$daysreg = (TIME_NOW - $mybb->user['regdate']) / (24 * 3600);
if ($daysreg < 1) {
$daysreg = 1;
}
$perday = $mybb->user['postnum'] / $daysreg;
$perday = round($perday, 2);
if ($perday > $mybb->user['postnum']) {
function process_short_content($post_text, $parser = null, $length = 200)
{
global $parser, $mybb;
require_once MYBB_ROOT . $mybb->settings['tapatalk_directory'] . '/emoji/emoji.class.php';
$post_text = tapatalkEmoji::covertNameToEmpty($post_text);
if ($parser === null) {
require_once MYBB_ROOT . "inc/class_parser.php";
$parser = new postParser();
}
$array_reg = array(array('reg' => '/\\[color=(.*?)\\](.*?)\\[\\/color\\]/sei', 'replace' => "mobi_color_convert('\$1','\$2' ,false)"), array('reg' => '/\\[php\\](.*?)\\[\\/php\\]/si', 'replace' => '[php]'), array('reg' => '/\\[align=(.*?)\\](.*?)\\[\\/align\\]/si', replace => " \$2 "), array('reg' => '/\\[email\\](.*?)\\[\\/email\\]/si', replace => "[url]"), array('reg' => '/\\[quote(.*?)\\](.*?)\\[\\/quote\\]/si', 'replace' => '[quote]'), array('reg' => '/\\[code\\](.*?)\\[\\/code\\]/si', 'replace' => ''), array('reg' => '/\\[url=(.*?)\\](.*?)\\[\\/url\\]/sei', 'replace' => "mobi_url_convert('\$1','\$2')"), array('reg' => '/\\[img(.*?)\\](.*?)\\[\\/img\\]/si', 'replace' => '[img]'), array('reg' => '/\\[video=(.*?)\\](.*?)\\[\\/video\\]/si', 'replace' => '[V]'), array('reg' => '/\\[attachment=(.*?)\\]/si', 'replace' => '[attach]'));
foreach ($array_reg as $arr) {
$post_text = preg_replace($arr['reg'], $arr['replace'], $post_text);
}
//$post_text = tt_covert_list($post_text, '/\[list=1\](.*?)\[\/list\]/si', '2');
//$post_text = tt_covert_list($post_text, '/\[list\](.*?)\[\/list\]/si', '1');
$parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1);
$post_text = strip_tags($parser->parse_message($post_text, $parser_options));
$post_text = preg_replace('/\\s+/', ' ', $post_text);
$post_text = html_entity_decode($post_text);
if (my_strlen($post_text) > $length) {
$post_text = my_substr(trim($post_text), 0, $length);
}
return $post_text;
}
/**
* Build a list of forum bits.
*
* @param int The parent forum to fetch the child forums for (0 assumes all)
* @param int The depth to return forums with.
* @return array Array of information regarding the child forums of this parent forum
*/
function build_forumbits($pid = 0, $depth = 1)
{
global $fcache, $moderatorcache, $forumpermissions, $theme, $mybb, $templates, $bgcolor, $collapsed, $lang, $showdepth, $plugins, $parser, $forum_viewers;
$forum_listing = '';
// If no forums exist with this parent, do nothing
if (!is_array($fcache[$pid])) {
return;
}
// Foreach of the forums in this parent
foreach ($fcache[$pid] as $parent) {
foreach ($parent as $forum) {
$forums = $subforums = $sub_forums = '';
$lastpost_data = '';
$counters = '';
$forum_viewers_text = '';
$forum_viewers_text_plain = '';
// Get the permissions for this forum
$permissions = $forumpermissions[$forum['fid']];
// If this user doesnt have permission to view this forum and we're hiding private forums, skip this forum
if ($permissions['canview'] != 1 && $mybb->settings['hideprivateforums'] == 1) {
continue;
}
$plugins->run_hooks_by_ref("build_forumbits_forum", $forum);
// Build the link to this forum
$forum_url = get_forum_link($forum['fid']);
// This forum has a password, and the user isn't authenticated with it - hide post information
$hideinfo = false;
$showlockicon = 0;
if ($permissions['canviewthreads'] != 1) {
$hideinfo = true;
}
if ($forum['password'] != '' && $mybb->cookies['forumpass'][$forum['fid']] != md5($mybb->user['uid'] . $forum['password'])) {
$hideinfo = true;
$showlockicon = 1;
}
$lastpost_data = array("lastpost" => $forum['lastpost'], "lastpostsubject" => $forum['lastpostsubject'], "lastposter" => $forum['lastposter'], "lastposttid" => $forum['lastposttid'], "lastposteruid" => $forum['lastposteruid']);
// Fetch subforums of this forum
if (isset($fcache[$forum['fid']])) {
$forum_info = build_forumbits($forum['fid'], $depth + 1);
// Increment forum counters with counters from child forums
$forum['threads'] += $forum_info['counters']['threads'];
$forum['posts'] += $forum_info['counters']['posts'];
$forum['unapprovedthreads'] += $forum_info['counters']['unapprovedthreads'];
$forum['unapprovedposts'] += $forum_info['counters']['unapprovedposts'];
$forum['viewers'] += $forum_info['counters']['viewing'];
// If the child forums' lastpost is greater than the one for this forum, set it as the child forums greatest.
if ($forum_info['lastpost']['lastpost'] > $lastpost_data['lastpost']) {
$lastpost_data = $forum_info['lastpost'];
}
$sub_forums = $forum_info['forum_list'];
}
// If we are hiding information (lastpost) because we aren't authenticated against the password for this forum, remove them
if ($hideinfo == true) {
unset($lastpost_data);
}
// If the current forums lastpost is greater than other child forums of the current parent, overwrite it
if ($lastpost_data['lastpost'] > $parent_lastpost['lastpost']) {
$parent_lastpost = $lastpost_data;
}
if (is_array($forum_viewers) && $forum_viewers[$forum['fid']] > 0) {
$forum['viewers'] = $forum_viewers[$forum['fid']];
}
// Increment the counters for the parent forum (returned later)
if ($hideinfo != true) {
$parent_counters['threads'] += $forum['threads'];
$parent_counters['posts'] += $forum['posts'];
$parent_counters['unapprovedposts'] += $forum['unapprovedposts'];
$parent_counters['unapprovedthreads'] += $forum['unapprovedthreads'];
$parent_counters['viewers'] += $forum['viewers'];
}
// Done with our math, lets talk about displaying - only display forums which are under a certain depth
if ($depth > $showdepth) {
continue;
}
// Get the lightbulb status indicator for this forum based on the lastpost
$lightbulb = get_forum_lightbulb($forum, $lastpost_data, $showlockicon);
// Fetch the number of unapproved threads and posts for this forum
$unapproved = get_forum_unapproved($forum);
if ($hideinfo == true) {
unset($unapproved);
}
// Sanitize name and description of forum.
$forum['name'] = preg_replace("#&(?!\\#[0-9]+;)#si", "&", $forum['name']);
// Fix & but allow unicode
$forum['description'] = preg_replace("#&(?!\\#[0-9]+;)#si", "&", $forum['description']);
// Fix & but allow unicode
$forum['name'] = preg_replace("#&([^\\#])(?![a-z1-4]{1,10};)#i", "&\$1", $forum['name']);
$forum['description'] = preg_replace("#&([^\\#])(?![a-z1-4]{1,10};)#i", "&\$1", $forum['description']);
// If this is a forum and we've got subforums of it, load the subforums list template
if ($depth == 2 && $sub_forums) {
eval("\$subforums = \"" . $templates->get("forumbit_subforums") . "\";");
} else {
if ($depth == 3) {
if ($donecount < $mybb->settings['subforumsindex']) {
$statusicon = '';
// Showing mini status icons for this forum
if ($mybb->settings['subforumsstatusicons'] == 1) {
$lightbulb['folder'] = "mini" . $lightbulb['folder'];
eval("\$statusicon = \"" . $templates->get("forumbit_depth3_statusicon", 1, 0) . "\";");
}
// Fetch the template and append it to the list
eval("\$forum_list .= \"" . $templates->get("forumbit_depth3", 1, 0) . "\";");
$comma = ', ';
}
// Have we reached our max visible subforums? put a nice message and break out of the loop
++$donecount;
if ($donecount == $mybb->settings['subforumsindex']) {
if (subforums_count($fcache[$pid]) > $donecount) {
$forum_list .= $comma . $lang->sprintf($lang->more_subforums, subforums_count($fcache[$pid]) - $donecount);
}
}
continue;
}
}
// Forum is a category, set template type
if ($forum['type'] == 'c') {
$forumcat = '_cat';
} else {
$forumcat = '_forum';
}
if ($forum['linkto'] == '') {
// No posts have been made in this forum - show never text
if (($lastpost_data['lastpost'] == 0 || $lastpost_data['lastposter'] == '') && $hideinfo != true) {
$lastpost = "<div style=\"text-align: center;\">{$lang->lastpost_never}</div>";
} elseif ($hideinfo != true) {
// Format lastpost date and time
$lastpost_date = my_date($mybb->settings['dateformat'], $lastpost_data['lastpost']);
$lastpost_time = my_date($mybb->settings['timeformat'], $lastpost_data['lastpost']);
// Set up the last poster, last post thread id, last post subject and format appropriately
$lastpost_profilelink = build_profile_link($lastpost_data['lastposter'], $lastpost_data['lastposteruid']);
$lastpost_link = get_thread_link($lastpost_data['lastposttid'], 0, "lastpost");
$lastpost_subject = $full_lastpost_subject = $parser->parse_badwords($lastpost_data['lastpostsubject']);
if (my_strlen($lastpost_subject) > 25) {
$lastpost_subject = my_substr($lastpost_subject, 0, 25) . "...";
}
$lastpost_subject = htmlspecialchars_uni($lastpost_subject);
$full_lastpost_subject = htmlspecialchars_uni($full_lastpost_subject);
// Call lastpost template
if ($depth != 1) {
eval("\$lastpost = \"" . $templates->get("forumbit_depth{$depth}_forum_lastpost") . "\";");
}
}
if ($mybb->settings['showforumviewing'] != 0 && $forum['viewers'] > 0) {
if ($forum['viewers'] == 1) {
$forum_viewers_text = $lang->viewing_one;
} else {
$forum_viewers_text = $lang->sprintf($lang->viewing_multiple, $forum['viewers']);
}
$forum_viewers_text_plain = $forum_viewers_text;
$forum_viewers_text = "<span class=\"smalltext\">{$forum_viewers_text}</span>";
}
}
// If this forum is a link or is password protected and the user isn't authenticated, set lastpost and counters to "-"
if ($forum['linkto'] != '' || $hideinfo == true) {
$lastpost = "<div style=\"text-align: center;\">-</div>";
$posts = "-";
$threads = "-";
} else {
$posts = my_number_format($forum['posts']);
$threads = my_number_format($forum['threads']);
}
// Moderator column is not off
if ($mybb->settings['modlist'] != 0) {
$done_moderators = array();
$moderators = '';
// Fetch list of moderators from this forum and its parents
$parentlistexploded = explode(',', $forum['parentlist']);
foreach ($parentlistexploded as $mfid) {
// This forum has moderators
if (is_array($moderatorcache[$mfid])) {
// Fetch each moderator from the cache and format it, appending it to the list
foreach ($moderatorcache[$mfid] as $moderator) {
if (in_array($moderator['uid'], $done_moderators)) {
continue;
}
$moderators .= "{$comma}<a href=\"" . get_profile_link($moderator['uid']) . "\">" . htmlspecialchars_uni($moderator['username']) . "</a>";
$comma = ', ';
$done_moderators[] = $moderator['uid'];
}
}
}
$comma = '';
// If we have a moderators list, load the template
if ($moderators) {
eval("\$modlist = \"" . $templates->get("forumbit_moderators") . "\";");
} else {
$modlist = '';
}
}
// Descriptions aren't being shown - blank them
if ($mybb->settings['showdescriptions'] == 0) {
$forum['description'] = '';
}
// Check if this category is either expanded or collapsed and hide it as necessary.
$expdisplay = '';
$collapsed_name = "cat_{$forum['fid']}_c";
if (isset($collapsed[$collapsed_name]) && $collapsed[$collapsed_name] == "display: show;") {
$expcolimage = "collapse_collapsed.gif";
$expdisplay = "display: none;";
$expaltext = "[+]";
} else {
$expcolimage = "collapse.gif";
$expaltext = "[-]";
}
// Swap over the alternate backgrounds
$bgcolor = alt_trow();
// Add the forum to the list
eval("\$forum_list .= \"" . $templates->get("forumbit_depth{$depth}{$forumcat}") . "\";");
}
}
// Return an array of information to the parent forum including child forums list, counters and lastpost information
return array("forum_list" => $forum_list, "counters" => $parent_counters, "lastpost" => $parent_lastpost);
}
/**
* Create a new session.
*
* @param int The user id to bind the session to.
*/
function create_session($uid = 0)
{
global $db;
$speciallocs = $this->get_special_locations();
// If there is a proper uid, delete by uid.
if ($uid > 0) {
$db->delete_query("sessions", "uid='{$uid}'");
$onlinedata['uid'] = $uid;
} else {
if ($this->is_spider == true) {
$db->delete_query("sessions", "sid='{$this->sid}'");
} else {
$db->delete_query("sessions", "ip=" . $db->escape_binary($this->packedip));
$onlinedata['uid'] = 0;
}
}
// If the user is a search enginge spider, ...
if ($this->is_spider == true) {
$onlinedata['sid'] = $this->sid;
} else {
$onlinedata['sid'] = md5(uniqid(microtime(true), true));
}
$onlinedata['time'] = TIME_NOW;
$onlinedata['ip'] = $db->escape_binary($this->packedip);
$onlinedata['location'] = $db->escape_string(substr(get_current_location(), 0, 150));
$onlinedata['useragent'] = $db->escape_string(my_substr($this->useragent, 0, 100));
$onlinedata['location1'] = (int) $speciallocs['1'];
$onlinedata['location2'] = (int) $speciallocs['2'];
$onlinedata['nopermission'] = 0;
$db->replace_query("sessions", $onlinedata, "sid", false);
$this->sid = $onlinedata['sid'];
$this->uid = $onlinedata['uid'];
}
foreach ($message as $key => $v) {
?>
<span class="message_box">
<div class="row">
<div class="col-xs-9">
<a class="read_message" message_id="<?php
echo $v["message_id"];
?>
" target="_blank" href="<?php
echo U('Comment/index', array('post_id' => $v['post_id']));
?>
"><?php
echo $v["send_user"]["username"];
?>
:<?php
echo my_substr(strip_tags(htmlspecialchars_decode($v['body'])), 100);
?>
</a>
</div>
<div class="col-xs-1">
<?php
if (!$v['is_read']) {
?>
<a class="read_message" message_id="<?php
echo $v["message_id"];
?>
" target="_blank" href="<?php
echo U('Comment/index', array('post_id' => $v['post_id']));
?>
"><span message_id="<?php
echo $v["message_id"];
<? foreach ($members as $member): ?>
<tr>
<td class="gruppe<?php
echo $seminars[$member['seminar_id']]['gruppe'];
?>
"> </td>
<td>
<a href="<?php
echo URLHelper::getLink('seminar_main.php', array('auswahl' => $member['seminar_id']));
?>
">
<?php
echo Config::get()->IMPORTANT_SEMNUMBER ? htmlReady($seminars[$member['seminar_id']]['sem_nr']) : '';
?>
<?php
echo htmlReady(my_substr($seminars[$member['seminar_id']]['name'], 0, 70));
?>
</a>
<? if (!$seminars[$member['seminar_id']]['visible']): ?>
<?php
echo _('(versteckt)');
?>
<? endif; ?>
<input type="hidden" name="m_checked[<?php
echo $member['seminar_id'];
?>
][33]" value="0">
</td>
<? foreach (array_values($modules) as $index => $data): ?>
<td>
<input type="checkbox" name="m_checked[<?php
">
<?php
echo $method == 'post' ? CSRFProtection::tokenTag() : '';
?>
<select class="sidebar-selectlist" size="<?php
echo (int) $size ?: 8;
?>
" name="<?php
echo htmlReady($name);
?>
" onKeyDown="if (event.keyCode === 13) { jQuery(this).closest('form')[0].submit(); }" <?php
echo $size == 1 ? 'onchange' : 'onClick';
?>
="jQuery(this).closest('form')[0].submit();" size="10" style="max-width: 200px;cursor:pointer" class="text-top" aria-label="<?php
echo _("Wählen Sie ein Objekt aus. Sie gelangen dann zur neuen Seite.");
?>
">
<? foreach ($elements as $element): ?>
<option <?php
echo $value == $element->getid() ? 'selected' : '';
?>
value="<?php
echo htmlReady($element->getid());
?>
"><?php
echo htmlReady(my_substr($element->getLabel(), 0, 30));
?>
</option>
<? endforeach; ?>
</select>
</form>
function iriDomain($ip)
{
$host = gethostbyaddr($ip);
if (ereg('^([0-9]{1,3}\\.){3}[0-9]{1,3}$', $host)) {
return "";
} else {
return my_substr(strrchr($host, "."), 1);
}
}
function luc_hdate($dt = "00000000")
{
return mysql2date(get_option('date_format'), my_substr($dt, 0, 4) . "-" . my_substr($dt, 4, 2) . "-" . my_substr($dt, 6, 2));
}
/**
* Fetch a users activity and any corresponding details from their location.
*
* @param string The location (URL) of the user.
* @return array Array of location and activity information
*/
function fetch_wol_activity($location, $nopermission = false)
{
global $uid_list, $aid_list, $pid_list, $tid_list, $fid_list, $ann_list, $eid_list, $plugins, $user, $parameters;
$user_activity = array();
$split_loc = explode(".php", $location);
if (isset($user['location']) && $split_loc[0] == $user['location']) {
$filename = '';
} else {
$filename = my_substr($split_loc[0], -my_strpos(strrev($split_loc[0]), "/"));
}
$parameters = array();
if ($split_loc[1]) {
$temp = explode("&", my_substr($split_loc[1], 1));
foreach ($temp as $param) {
$temp2 = explode("=", $param, 2);
if (isset($temp2[1])) {
$parameters[$temp2[0]] = $temp2[1];
}
}
}
if ($nopermission) {
$filename = "nopermission";
}
switch ($filename) {
case "announcements":
if (!isset($parameters['aid'])) {
$parameters['aid'] = 0;
}
$parameters['aid'] = (int) $parameters['aid'];
if ($parameters['aid'] > 0) {
$ann_list[$parameters['aid']] = $parameters['aid'];
}
$user_activity['activity'] = "announcements";
$user_activity['ann'] = $parameters['aid'];
break;
case "attachment":
if (!isset($parameters['aid'])) {
$parameters['aid'] = 0;
}
$parameters['aid'] = (int) $parameters['aid'];
if ($parameters['aid'] > 0) {
$aid_list[] = $parameters['aid'];
}
$user_activity['activity'] = "attachment";
$user_activity['aid'] = $parameters['aid'];
break;
case "calendar":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
if ($parameters['action'] == "event") {
if (!isset($parameters['eid'])) {
$parameters['eid'] = 0;
}
$parameters['eid'] = (int) $parameters['eid'];
if ($parameters['eid'] > 0) {
$eid_list[$parameters['eid']] = $parameters['eid'];
}
$user_activity['activity'] = "calendar_event";
$user_activity['eid'] = $parameters['eid'];
} elseif ($parameters['action'] == "addevent" || $parameters['action'] == "do_addevent") {
$user_activity['activity'] = "calendar_addevent";
} elseif ($parameters['action'] == "editevent" || $parameters['action'] == "do_editevent") {
$user_activity['activity'] = "calendar_editevent";
} else {
$user_activity['activity'] = "calendar";
}
break;
case "contact":
$user_activity['activity'] = "contact";
break;
case "editpost":
$user_activity['activity'] = "editpost";
break;
case "forumdisplay":
if (!isset($parameters['fid'])) {
$parameters['fid'] = 0;
}
$parameters['fid'] = (int) $parameters['fid'];
if ($parameters['fid'] > 0) {
$fid_list[$parameters['fid']] = $parameters['fid'];
}
$user_activity['activity'] = "forumdisplay";
$user_activity['fid'] = $parameters['fid'];
break;
case "index":
case '':
$user_activity['activity'] = "index";
break;
case "managegroup":
$user_activity['activity'] = "managegroup";
break;
case "member":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
if ($parameters['action'] == "activate") {
$user_activity['activity'] = "member_activate";
} elseif ($parameters['action'] == "register" || $parameters['action'] == "do_register") {
$user_activity['activity'] = "member_register";
} elseif ($parameters['action'] == "login" || $parameters['action'] == "do_login") {
$user_activity['activity'] = "member_login";
} elseif ($parameters['action'] == "logout") {
$user_activity['activity'] = "member_logout";
} elseif ($parameters['action'] == "profile") {
$user_activity['activity'] = "member_profile";
if (!isset($parameters['uid'])) {
$parameters['uid'] = 0;
}
$parameters['uid'] = (int) $parameters['uid'];
if ($parameters['uid'] > 0) {
$uid_list[$parameters['uid']] = $parameters['uid'];
}
$user_activity['uid'] = $parameters['uid'];
} elseif ($parameters['action'] == "emailuser" || $parameters['action'] == "do_emailuser") {
$user_activity['activity'] = "member_emailuser";
} elseif ($parameters['action'] == "rate" || $parameters['action'] == "do_rate") {
$user_activity['activity'] = "member_rate";
} elseif ($parameters['action'] == "resendactivation" || $parameters['action'] == "do_resendactivation") {
$user_activity['activity'] = "member_resendactivation";
} elseif ($parameters['action'] == "lostpw" || $parameters['action'] == "do_lostpw" || $parameters['action'] == "resetpassword") {
$user_activity['activity'] = "member_lostpw";
} else {
$user_activity['activity'] = "member";
}
break;
case "memberlist":
$user_activity['activity'] = "memberlist";
break;
case "misc":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
$accepted_parameters = array("markread", "help", "buddypopup", "smilies", "syndication", "imcenter", "dstswitch");
if ($parameters['action'] == "whoposted") {
if (!isset($parameters['tid'])) {
$parameters['tid'] = 0;
}
$parameters['tid'] = (int) $parameters['tid'];
if ($parameters['tid'] > 0) {
$tid_list[$parameters['tid']] = $parameters['tid'];
}
$user_activity['activity'] = "misc_whoposted";
$user_activity['tid'] = $parameters['tid'];
} elseif (in_array($parameters['action'], $accepted_parameters)) {
$user_activity['activity'] = "misc_" . $parameters['action'];
} else {
$user_activity['activity'] = "misc";
}
break;
case "modcp":
if (!isset($parameters['action'])) {
$parameters['action'] = 0;
}
$accepted_parameters = array("modlogs", "announcements", "finduser", "warninglogs", "ipsearch");
foreach ($accepted_parameters as $action) {
if ($parameters['action'] == $action) {
$user_activity['activity'] = "modcp_" . $action;
break;
}
}
$accepted_parameters = array();
$accepted_parameters['report'] = array("do_reports", "reports", "allreports");
$accepted_parameters['new_announcement'] = array("do_new_announcement", "new_announcement");
$accepted_parameters['delete_announcement'] = array("do_delete_announcement", "delete_announcement");
$accepted_parameters['edit_announcement'] = array("do_edit_announcement", "edit_announcement");
$accepted_parameters['mod_queue'] = array("do_modqueue", "modqueue");
$accepted_parameters['editprofile'] = array("do_editprofile", "editprofile");
$accepted_parameters['banning'] = array("do_banuser", "banning", "liftban", "banuser");
foreach ($accepted_parameters as $name => $actions) {
if (in_array($parameters['action'], $actions)) {
$user_activity['activity'] = "modcp_" . $name;
break;
}
}
if (empty($user_activity['activity'])) {
$user_activity['activity'] = "modcp";
}
break;
case "moderation":
$user_activity['activity'] = "moderation";
break;
case "newreply":
if (!isset($parameters['tid'])) {
$parameters['tid'] = 0;
}
$parameters['tid'] = (int) $parameters['tid'];
if ($parameters['tid'] > 0) {
$tid_list[$parameters['tid']] = $parameters['tid'];
}
$user_activity['activity'] = "newreply";
$user_activity['tid'] = $parameters['tid'];
break;
case "newthread":
if (!isset($parameters['fid'])) {
$parameters['fid'] = 0;
}
$parameters['fid'] = (int) $parameters['fid'];
if ($parameters['fid'] > 0) {
$fid_list[$parameters['fid']] = $parameters['fid'];
}
$user_activity['activity'] = "newthread";
$user_activity['fid'] = $parameters['fid'];
break;
case "online":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
if ($parameters['action'] == "today") {
$user_activity['activity'] = "woltoday";
} else {
$user_activity['activity'] = "wol";
}
break;
case "polls":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
// Make the "do" parts the same as the other one.
if ($parameters['action'] == "do_newpoll") {
$user_activity['activity'] = "newpoll";
} elseif ($parameters['action'] == "do_editpoll") {
$user_activity['activity'] = "editpoll";
} else {
$accepted_parameters = array("do_editpoll", "editpoll", "newpoll", "do_newpoll", "showresults", "vote");
foreach ($accepted_parameters as $action) {
if ($parameters['action'] == $action) {
$user_activity['activity'] = $action;
break;
}
}
if (!$user_activity['activity']) {
$user_activity['activity'] = "showresults";
}
}
break;
case "printthread":
if (!isset($parameters['tid'])) {
$parameters['tid'] = 0;
}
$parameters['tid'] = (int) $parameters['tid'];
if ($parameters['tid'] > 0) {
$tid_list[$parameters['tid']] = $parameters['tid'];
}
$user_activity['activity'] = "printthread";
$user_activity['tid'] = $parameters['tid'];
break;
case "private":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
if ($parameters['action'] == "send" || $parameters['action'] == "do_send") {
$user_activity['activity'] = "private_send";
} elseif ($parameters['action'] == "read") {
$user_activity['activity'] = "private_read";
} elseif ($parameters['action'] == "folders" || $parameters['action'] == "do_folders") {
$user_activity['activity'] = "private_folders";
} else {
$user_activity['activity'] = "private";
}
break;
case "ratethread":
$user_activity['activity'] = "ratethread";
break;
case "report":
$user_activity['activity'] = "report";
break;
case "reputation":
if (!isset($parameters['uid'])) {
$parameters['uid'] = 0;
}
$parameters['uid'] = (int) $parameters['uid'];
if ($parameters['uid'] > 0) {
$uid_list[$parameters['uid']] = $parameters['uid'];
}
$user_activity['uid'] = $parameters['uid'];
if ($parameters['action'] == "add") {
$user_activity['activity'] = "reputation";
} else {
$user_activity['activity'] = "reputation_report";
}
break;
case "search":
$user_activity['activity'] = "search";
break;
case "sendthread":
if (!isset($parameters['tid'])) {
$parameters['tid'] = 0;
}
$parameters['tid'] = (int) $parameters['tid'];
if ($parameters['tid'] > 0) {
$tid_list[$parameters['tid']] = $parameters['tid'];
}
$user_activity['activity'] = "sendthread";
$user_activity['tid'] = $parameters['tid'];
break;
case "showteam":
$user_activity['activity'] = "showteam";
break;
case "showthread":
if (!isset($parameters['action'])) {
$parameters['action'] = 0;
}
if (!isset($parameters['pid'])) {
$parameters['pid'] = 0;
}
$parameters['pid'] = (int) $parameters['pid'];
if ($parameters['pid'] > 0 && $parameters['action'] == "showpost") {
$pid_list[$parameters['pid']] = $parameters['pid'];
$user_activity['activity'] = "showpost";
$user_activity['pid'] = $parameters['pid'];
} else {
if (!isset($parameters['page'])) {
$parameters['page'] = 0;
}
$parameters['page'] = (int) $parameters['page'];
$user_activity['page'] = $parameters['page'];
if (!isset($parameters['tid'])) {
$parameters['tid'] = 0;
}
$parameters['tid'] = (int) $parameters['tid'];
if ($parameters['tid'] > 0) {
$tid_list[$parameters['tid']] = $parameters['tid'];
}
$user_activity['activity'] = "showthread";
$user_activity['tid'] = $parameters['tid'];
}
break;
case "stats":
$user_activity['activity'] = "stats";
break;
case "usercp":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
if ($parameters['action'] == "profile" || $parameters['action'] == "do_profile") {
$user_activity['activity'] = "usercp_profile";
} elseif ($parameters['action'] == "options" || $parameters['action'] == "do_options") {
$user_activity['activity'] = "usercp_options";
} elseif ($parameters['action'] == "password" || $parameters['action'] == "do_password") {
$user_activity['activity'] = "usercp_password";
} elseif ($parameters['action'] == "editsig" || $parameters['action'] == "do_editsig") {
$user_activity['activity'] = "usercp_editsig";
} elseif ($parameters['action'] == "avatar" || $parameters['action'] == "do_avatar") {
$user_activity['activity'] = "usercp_avatar";
} elseif ($parameters['action'] == "editlists" || $parameters['action'] == "do_editlists") {
$user_activity['activity'] = "usercp_editlists";
} elseif ($parameters['action'] == "favorites") {
$user_activity['activity'] = "usercp_favorites";
} elseif ($parameters['action'] == "subscriptions") {
$user_activity['activity'] = "usercp_subscriptions";
} elseif ($parameters['action'] == "notepad" || $parameters['action'] == "do_notepad") {
$user_activity['activity'] = "usercp_notepad";
} else {
$user_activity['activity'] = "usercp";
}
break;
case "usercp2":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
if ($parameters['action'] == "addfavorite" || $parameters['action'] == "removefavorite" || $parameters['action'] == "removefavorites") {
$user_activity['activity'] = "usercp2_favorites";
} else {
if ($parameters['action'] == "addsubscription" || $parameters['action'] == "do_addsubscription" || $parameters['action'] == "removesubscription" || $parameters['action'] == "removesubscriptions") {
$user_activity['activity'] = "usercp2_subscriptions";
}
}
break;
case "portal":
$user_activity['activity'] = "portal";
break;
case "warnings":
if (!isset($parameters['action'])) {
$parameters['action'] = '';
}
if ($parameters['action'] == "warn" || $parameters['action'] == "do_warn") {
$user_activity['activity'] = "warnings_warn";
} elseif ($parameters['action'] == "do_revoke") {
$user_activity['activity'] = "warnings_revoke";
} elseif ($parameters['action'] == "view") {
$user_activity['activity'] = "warnings_view";
} else {
$user_activity['activity'] = "warnings";
}
break;
case "nopermission":
$user_activity['activity'] = "nopermission";
$user_activity['nopermission'] = 1;
break;
default:
$user_activity['activity'] = "unknown";
break;
}
// Expects $location to be passed through already sanitized
$user_activity['location'] = $location;
$user_activity = $plugins->run_hooks("fetch_wol_activity_end", $user_activity);
return $user_activity;
}
/**
* creates the items head
*
* @access private
* @param string $itemID the current item
* @return string the item head (html)
*/
function getItemHead($itemID)
{
$mode = $this->getInstance($itemID);
if ($this->itemID == $itemID) {
# $group = new EvaluationGroup($itemID);
$head = " ";
if ($this->tree->tree_data[$itemID]['name'] == "" && $mode == QUESTION_BLOCK) {
$head .= NO_QUESTION_GROUP_TITLE;
} else {
$head .= htmlready(my_substr($this->tree->tree_data[$itemID]['name'], 0, 60));
}
} else {
if ($mode == QUESTION_BLOCK) {
$group =& $this->tree->getGroupObject($itemID);
$templateID = $group->getTemplateID();
if ($templateID) {
$template = new EvaluationQuestion($templateID);
$templateTitle = htmlReady($template->getText());
} else {
$templateTitle = NO_TEMPLATE_GROUP;
}
if ($templateTitle == "") {
$templateTitle = NO_TEMPLATE;
}
$template = " </td>\n" . " <td align=\"right\" valign=\"bottom\" " . "class=\"printhead\" nowrap=\"nowrap\">\n" . "<b>" . _("Vorlage") . ": " . $templateTitle . "</b> ";
}
$head = " <a class=\"tree\" href=\"" . URLHelper::getLink($this->getSelf("itemID={$itemID}", false)) . "\"" . tooltip(_("Diesen Block öffnen"), true) . ">";
if ($this->tree->tree_data[$itemID]['name'] == "" && $mode == QUESTION_BLOCK) {
$head .= NO_QUESTION_GROUP_TITLE;
} else {
$head .= htmlready(my_substr($this->tree->tree_data[$itemID]['name'], 0, 60));
}
$head .= "</a>";
if ($template) {
$head .= $template;
}
}
if ($itemID == ROOT_BLOCK) {
$itemID2 = $this->evalID;
} else {
$itemID2 = $itemID;
}
// the "verschiebäfinger"
if ($this->moveItemID && $this->tree->tree_data[$itemID]['parent_id'] != $this->moveItemID && ($mode == ARRANGMENT_BLOCK || $itemID == ROOT_BLOCK) && $this->moveItemID != $itemID2) {
$parentID = $this->tree->tree_data[$itemID]['parent_id'];
if (!$parentID) {
$parentID = ROOT_BLOCK;
}
while ($parentID != ROOT_BLOCK && $parentID != $this->moveItemID) {
$parentID = $this->tree->tree_data[$parentID]['parent_id'];
if ($parentID == $this->moveItemID) {
$moveItemIsParent = 1;
}
}
$moveItem = " </td>\n" . " <td align=\"right\" valign=\"middle\" class=\"printhead\" nowrap=\"nowrap\">\n" . $this->createLinkImage(EVAL_PIC_MOVE_GROUP, _("Den ausgwählten Block in diesen Block verschieben"), "&itemID={$itemID}&cmd=MoveGroup", NO, NULL, NO) . " ";
}
if ($moveItem && !$moveItemIsParent) {
$move_mode = $this->getInstance($this->moveItemID);
if ($mode == ARRANGMENT_BLOCK) {
$group =& $this->tree->getGroupObject($itemID);
if ($children = $group->getChildren()) {
if ($this->getInstance($children[0]->getObjectID()) == ARRANGMENT_BLOCK) {
$move_type = ARRANGMENT_BLOCK;
} else {
$move_type = QUESTION_BLOCK;
}
} else {
$move_type = "both";
}
} elseif ($mode == ROOT_BLOCK) {
$move_type = ARRANGMENT_BLOCK;
} else {
$move_type = "no";
}
if ($move_type == "both" || $move_mode == $move_type) {
$head .= $moveItem;
}
}
if (!($this->tree->isFirstKid($itemID) && $this->tree->isLastKid($itemID)) && $itemID != $this->startItemID && $this->tree->tree_data[$itemID]['parent_id'] == $this->startItemID) {
$head .= " </td>\n" . " <td align=\"right\" valign=\"bottom\" class=\"printhead\" nowrap=\"nowrap\">\n" . $this->createLinkImage(EVAL_PIC_MOVE_UP, _("Block nach oben verschieben"), "cmd=Move&direction=up&groupID={$itemID}", NO) . $this->createLinkImage(EVAL_PIC_MOVE_DOWN, _("Block nach unten verschieben"), "cmd=Move&direction=down&groupID={$itemID}", NO) . " ";
}
return $head;
}
/**
* Initialize a session
*/
function init()
{
global $db, $mybb, $cache;
// Get our visitor's IP.
$this->ipaddress = get_ip();
// Find out the user agent.
$this->useragent = $_SERVER['HTTP_USER_AGENT'];
if (my_strlen($this->useragent) > 100) {
$this->useragent = my_substr($this->useragent, 0, 100);
}
// Attempt to find a session id in the cookies.
if (isset($mybb->cookies['sid'])) {
$this->sid = $db->escape_string($mybb->cookies['sid']);
// Load the session
$query = $db->simple_select("sessions", "*", "sid='{$this->sid}' AND ip='" . $db->escape_string($this->ipaddress) . "'", array('limit' => 1));
$session = $db->fetch_array($query);
if ($session['sid']) {
$this->sid = $session['sid'];
$this->uid = $session['uid'];
} else {
$this->sid = 0;
$this->uid = 0;
$this->logins = 1;
$this->failedlogin = 0;
}
}
// Still no session, fall back
if (!$this->sid) {
$this->sid = 0;
$this->uid = 0;
$this->logins = 1;
$this->failedlogin = 0;
}
// If we have a valid session id and user id, load that users session.
if ($mybb->cookies['mybbuser']) {
$logon = explode("_", $mybb->cookies['mybbuser'], 2);
$this->load_user($logon[0], $logon[1]);
}
// If no user still, then we have a guest.
if (!isset($mybb->user['uid'])) {
// Detect if this guest is a search engine spider. (bots don't get a cookied session ID so we first see if that's set)
if (!$this->sid) {
$spiders = $cache->read("spiders");
if (is_array($spiders)) {
foreach ($spiders as $spider) {
if (my_strpos(my_strtolower($this->useragent), my_strtolower($spider['useragent'])) !== false) {
$this->load_spider($spider['sid']);
}
}
}
}
// Still nothing? JUST A GUEST!
if (!$this->is_spider) {
$this->load_guest();
}
}
// As a token of our appreciation for getting this far (and they aren't a spider), give the user a cookie
if ($this->sid && $mybb->cookies['sid'] != $this->sid && $this->is_spider != true) {
my_setcookie("sid", $this->sid, -1, true);
}
}
}
}
}
}
if ($forum['allowpicons'] != 0) {
$posticons = get_post_icons();
}
// No subject?
if (!isset($subject)) {
if (!empty($mybb->input['subject'])) {
$subject = $mybb->get_input('subject');
} else {
$subject = $thread['subject'];
// Subject too long? Shorten it to avoid error message
if (my_strlen($subject) > 85) {
$subject = my_substr($subject, 0, 82) . '...';
}
$subject = "RE: " . $subject;
}
}
// Preview a post that was written.
$preview = '';
if (!empty($mybb->input['previewpost'])) {
// If this isn't a logged in user, then we need to do some special validation.
if ($mybb->user['uid'] == 0) {
// If they didn't specify a username then give them "Guest"
if (!$mybb->get_input('username')) {
$username = $lang->guest;
} else {
$username = $mybb->get_input('username');
}
$thread['displayprefix'] = '';
if ($thread['prefix'] != 0) {
$threadprefix = build_prefixes($thread['prefix']);
if ($threadprefix['prefix']) {
$thread['threadprefix'] = $threadprefix['prefix'] . ' ';
$thread['displayprefix'] = $threadprefix['displaystyle'] . ' ';
}
}
if (substr($thread['closed'], 0, 6) == "moved|") {
$thread['tid'] = 0;
}
$reply_subject = $parser->parse_badwords($thread['subject']);
$thread['subject'] = htmlspecialchars_uni($reply_subject);
// Subject too long? Shorten it to avoid error message
if (my_strlen($reply_subject) > 85) {
$reply_subject = my_substr($reply_subject, 0, 82) . '...';
}
$reply_subject = htmlspecialchars_uni($reply_subject);
$tid = $thread['tid'];
$fid = $thread['fid'];
if (!$thread['username']) {
$thread['username'] = $lang->guest;
}
$visibleonly = "AND visible='1'";
$visibleonly2 = "AND p.visible='1' AND t.visible='1'";
// Is the currently logged in user a moderator of this forum?
if (is_moderator($fid)) {
$visibleonly = " AND (visible='1' OR visible='0')";
$visibleonly2 = "AND (p.visible='1' OR p.visible='0') AND (t.visible='1' OR t.visible='0')";
$ismod = true;
} else {
/**
* @param array $view
*
* @return string
*/
function build_users_view($view)
{
global $mybb, $db, $cache, $lang, $user_view_fields, $page;
$view_title = '';
if ($view['title']) {
$title_string = "view_title_{$view['vid']}";
if ($lang->{$title_string}) {
$view['title'] = $lang->{$title_string};
}
$view_title .= " (" . htmlspecialchars_uni($view['title']) . ")";
}
// Build the URL to this view
if (!isset($view['url'])) {
$view['url'] = "index.php?module=user-users";
}
if (!is_array($view['conditions'])) {
$view['conditions'] = my_unserialize($view['conditions']);
}
if (!is_array($view['fields'])) {
$view['fields'] = my_unserialize($view['fields']);
}
if (!is_array($view['custom_profile_fields'])) {
$view['custom_profile_fields'] = my_unserialize($view['custom_profile_fields']);
}
if (isset($mybb->input['username'])) {
$view['conditions']['username'] = $mybb->input['username'];
}
if ($view['vid']) {
$view['url'] .= "&vid={$view['vid']}";
} else {
// If this is a custom view we need to save everything ready to pass it on from page to page
global $admin_session;
if (!$mybb->input['search_id']) {
$search_id = md5(random_str());
$admin_session['data']['user_views'][$search_id] = $view;
update_admin_session('user_views', $admin_session['data']['user_views']);
$mybb->input['search_id'] = $search_id;
}
$view['url'] .= "&search_id=" . htmlspecialchars_uni($mybb->input['search_id']);
}
if (isset($mybb->input['username'])) {
$view['url'] .= "&username="******"&", "&", $view['url'])) {
update_admin_session('last_users_url', str_replace("&", "&", $view['url']));
}
if (isset($view['conditions']['referrer'])) {
$view['url'] .= "&action=referrers&uid=" . htmlspecialchars_uni($view['conditions']['referrer']);
}
// Do we not have any views?
if (empty($view)) {
return false;
}
$table = new Table();
// Build header for table based view
if ($view['view_type'] != "card") {
foreach ($view['fields'] as $field) {
if (!$user_view_fields[$field]) {
continue;
}
$view_field = $user_view_fields[$field];
$field_options = array();
if ($view_field['width']) {
$field_options['width'] = $view_field['width'];
}
if ($view_field['align']) {
$field_options['class'] = "align_" . $view_field['align'];
}
$table->construct_header($view_field['title'], $field_options);
}
$table->construct_header("<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this);\" />");
// Create a header for the "select" boxes
}
$search_sql = '1=1';
// Build the search SQL for users
// List of valid LIKE search fields
$user_like_fields = array("username", "email", "website", "icq", "aim", "yahoo", "skype", "google", "signature", "usertitle");
foreach ($user_like_fields as $search_field) {
if (!empty($view['conditions'][$search_field]) && !$view['conditions'][$search_field . '_blank']) {
$search_sql .= " AND u.{$search_field} LIKE '%" . $db->escape_string_like($view['conditions'][$search_field]) . "%'";
} else {
if (!empty($view['conditions'][$search_field . '_blank'])) {
$search_sql .= " AND u.{$search_field} != ''";
}
}
}
// EXACT matching fields
$user_exact_fields = array("referrer");
foreach ($user_exact_fields as $search_field) {
if (!empty($view['conditions'][$search_field])) {
$search_sql .= " AND u.{$search_field}='" . $db->escape_string($view['conditions'][$search_field]) . "'";
}
}
// LESS THAN or GREATER THAN
$direction_fields = array("postnum", "threadnum");
foreach ($direction_fields as $search_field) {
$direction_field = $search_field . "_dir";
if (isset($view['conditions'][$search_field]) && ($view['conditions'][$search_field] || $view['conditions'][$search_field] === '0') && $view['conditions'][$direction_field]) {
switch ($view['conditions'][$direction_field]) {
case "greater_than":
$direction = ">";
break;
case "less_than":
$direction = "<";
break;
default:
$direction = "=";
}
$search_sql .= " AND u.{$search_field}{$direction}'" . $db->escape_string($view['conditions'][$search_field]) . "'";
}
}
// Registration searching
$reg_fields = array("regdate");
foreach ($reg_fields as $search_field) {
if (!empty($view['conditions'][$search_field]) && (int) $view['conditions'][$search_field]) {
$threshold = TIME_NOW - (int) $view['conditions'][$search_field] * 24 * 60 * 60;
$search_sql .= " AND u.{$search_field} >= '{$threshold}'";
}
}
// IP searching
$ip_fields = array("regip", "lastip");
foreach ($ip_fields as $search_field) {
if (!empty($view['conditions'][$search_field])) {
$ip_range = fetch_ip_range($view['conditions'][$search_field]);
if (!is_array($ip_range)) {
$ip_sql = "{$search_field}=" . $db->escape_binary($ip_range);
} else {
$ip_sql = "{$search_field} BETWEEN " . $db->escape_binary($ip_range[0]) . " AND " . $db->escape_binary($ip_range[1]);
}
$search_sql .= " AND {$ip_sql}";
}
}
// Post IP searching
if (!empty($view['conditions']['postip'])) {
$ip_range = fetch_ip_range($view['conditions']['postip']);
if (!is_array($ip_range)) {
$ip_sql = "ipaddress=" . $db->escape_binary($ip_range);
} else {
$ip_sql = "ipaddress BETWEEN " . $db->escape_binary($ip_range[0]) . " AND " . $db->escape_binary($ip_range[1]);
}
$ip_uids = array(0);
$query = $db->simple_select("posts", "uid", $ip_sql);
while ($uid = $db->fetch_field($query, "uid")) {
$ip_uids[] = $uid;
}
$search_sql .= " AND u.uid IN(" . implode(',', $ip_uids) . ")";
unset($ip_uids);
}
// Custom Profile Field searching
if ($view['custom_profile_fields']) {
$userfield_sql = '1=1';
foreach ($view['custom_profile_fields'] as $column => $input) {
if (is_array($input)) {
foreach ($input as $value => $text) {
if ($value == $column) {
$value = $text;
}
if ($value == $lang->na) {
continue;
}
if (strpos($column, '_blank') !== false) {
$column = str_replace('_blank', '', $column);
$userfield_sql .= ' AND ' . $db->escape_string($column) . " != ''";
} else {
$userfield_sql .= ' AND ' . $db->escape_string($column) . "='" . $db->escape_string($value) . "'";
}
}
} else {
if (!empty($input)) {
if ($input == $lang->na) {
continue;
}
if (strpos($column, '_blank') !== false) {
$column = str_replace('_blank', '', $column);
$userfield_sql .= ' AND ' . $db->escape_string($column) . " != ''";
} else {
$userfield_sql .= ' AND ' . $db->escape_string($column) . " LIKE '%" . $db->escape_string_like($input) . "%'";
}
}
}
}
if ($userfield_sql != '1=1') {
$userfield_uids = array(0);
$query = $db->simple_select("userfields", "ufid", $userfield_sql);
while ($userfield = $db->fetch_array($query)) {
$userfield_uids[] = $userfield['ufid'];
}
$search_sql .= " AND u.uid IN(" . implode(',', $userfield_uids) . ")";
unset($userfield_uids);
}
}
// Usergroup based searching
if (isset($view['conditions']['usergroup'])) {
if (!is_array($view['conditions']['usergroup'])) {
$view['conditions']['usergroup'] = array($view['conditions']['usergroup']);
}
foreach ($view['conditions']['usergroup'] as $usergroup) {
$usergroup = (int) $usergroup;
if (!$usergroup) {
continue;
}
$additional_sql = '';
switch ($db->type) {
case "pgsql":
case "sqlite":
$additional_sql .= " OR ','||additionalgroups||',' LIKE '%,{$usergroup},%'";
break;
default:
$additional_sql .= "OR CONCAT(',',additionalgroups,',') LIKE '%,{$usergroup},%'";
}
}
$search_sql .= " AND (u.usergroup IN (" . implode(",", array_map('intval', $view['conditions']['usergroup'])) . ") {$additional_sql})";
}
// COPPA users only?
if (isset($view['conditions']['coppa'])) {
$search_sql .= " AND u.coppauser=1 AND u.usergroup=5";
}
// Extra SQL?
if (isset($view['extra_sql'])) {
$search_sql .= $view['extra_sql'];
}
// Lets fetch out how many results we have
$query = $db->query("\n\t\tSELECT COUNT(u.uid) AS num_results\n\t\tFROM " . TABLE_PREFIX . "users u\n\t\tWHERE {$search_sql}\n\t");
$num_results = $db->fetch_field($query, "num_results");
// No matching results then return false
if (!$num_results) {
return false;
} else {
if (!$view['perpage']) {
$view['perpage'] = 20;
}
$view['perpage'] = (int) $view['perpage'];
// Establish which page we're viewing and the starting index for querying
if (!isset($mybb->input['page'])) {
$mybb->input['page'] = 1;
} else {
$mybb->input['page'] = $mybb->get_input('page', MyBB::INPUT_INT);
}
if ($mybb->input['page']) {
$start = ($mybb->input['page'] - 1) * $view['perpage'];
} else {
$start = 0;
$mybb->input['page'] = 1;
}
$from_bit = "";
if (isset($mybb->input['from']) && $mybb->input['from'] == "home") {
$from_bit = "&from=home";
}
switch ($view['sortby']) {
case "regdate":
case "lastactive":
case "postnum":
case "reputation":
$view['sortby'] = $db->escape_string($view['sortby']);
break;
case "numposts":
$view['sortby'] = "postnum";
break;
case "numthreads":
$view['sortby'] = "threadnum";
break;
case "warninglevel":
$view['sortby'] = "warningpoints";
break;
default:
$view['sortby'] = "username";
}
if ($view['sortorder'] != "desc") {
$view['sortorder'] = "asc";
}
$usergroups = $cache->read("usergroups");
// Fetch matching users
$query = $db->query("\n\t\t\tSELECT u.*\n\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\tWHERE {$search_sql}\n\t\t\tORDER BY {$view['sortby']} {$view['sortorder']}\n\t\t\tLIMIT {$start}, {$view['perpage']}\n\t\t");
$users = '';
while ($user = $db->fetch_array($query)) {
$comma = $groups_list = '';
$user['view']['username'] = "******"index.php?module=user-users&action=edit&uid={$user['uid']}\">" . format_name($user['username'], $user['usergroup'], $user['displaygroup']) . "</a>";
$user['view']['usergroup'] = htmlspecialchars_uni($usergroups[$user['usergroup']]['title']);
if ($user['additionalgroups']) {
$additional_groups = explode(",", $user['additionalgroups']);
foreach ($additional_groups as $group) {
$groups_list .= $comma . htmlspecialchars_uni($usergroups[$group]['title']);
$comma = $lang->comma;
}
}
if (!$groups_list) {
$groups_list = $lang->none;
}
$user['view']['additionalgroups'] = "<small>{$groups_list}</small>";
$user['view']['email'] = "<a href=\"mailto:" . htmlspecialchars_uni($user['email']) . "\">" . htmlspecialchars_uni($user['email']) . "</a>";
$user['view']['regdate'] = my_date('relative', $user['regdate']);
$user['view']['lastactive'] = my_date('relative', $user['lastactive']);
// Build popup menu
$popup = new PopupMenu("user_{$user['uid']}", $lang->options);
$popup->add_item($lang->view_profile, $mybb->settings['bburl'] . '/' . get_profile_link($user['uid']));
$popup->add_item($lang->edit_profile_and_settings, "index.php?module=user-users&action=edit&uid={$user['uid']}");
// Banning options... is this user banned?
if ($usergroups[$user['usergroup']]['isbannedgroup'] == 1) {
// Yes, so do we want to edit the ban or pardon his crime?
$popup->add_item($lang->edit_ban, "index.php?module=user-banning&uid={$user['uid']}#username");
$popup->add_item($lang->lift_ban, "index.php?module=user-banning&action=lift&uid={$user['uid']}&my_post_key={$mybb->post_code}");
} else {
// Not banned... but soon maybe!
$popup->add_item($lang->ban_user, "index.php?module=user-banning&uid={$user['uid']}#username");
}
if ($user['usergroup'] == 5) {
if ($user['coppauser']) {
$popup->add_item($lang->approve_coppa_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}");
} else {
$popup->add_item($lang->approve_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}");
}
}
$popup->add_item($lang->delete_user, "index.php?module=user-users&action=delete&uid={$user['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->user_deletion_confirmation}')");
$popup->add_item($lang->show_referred_users, "index.php?module=user-users&action=referrers&uid={$user['uid']}");
$popup->add_item($lang->show_ip_addresses, "index.php?module=user-users&action=ipaddresses&uid={$user['uid']}");
$popup->add_item($lang->show_attachments, "index.php?module=forum-attachments&results=1&username="******"-";
}
if ($mybb->settings['enablewarningsystem'] != 0 && $usergroups[$user['usergroup']]['canreceivewarnings'] != 0) {
if ($mybb->settings['maxwarningpoints'] < 1) {
$mybb->settings['maxwarningpoints'] = 10;
}
$warning_level = round($user['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100);
if ($warning_level > 100) {
$warning_level = 100;
}
$user['view']['warninglevel'] = get_colored_warning_level($warning_level);
}
if ($user['avatar'] && my_substr($user['avatar'], 0, 7) !== 'http://' && my_substr($user['avatar'], 0, 8) !== 'https://') {
$user['avatar'] = "../{$user['avatar']}";
}
if ($view['view_type'] == "card") {
$scaled_avatar = fetch_scaled_avatar($user, 80, 80);
} else {
$scaled_avatar = fetch_scaled_avatar($user, 34, 34);
}
if (!$user['avatar']) {
$user['avatar'] = "../" . $mybb->settings['useravatar'];
}
$user['view']['avatar'] = "<img src=\"" . htmlspecialchars_uni($user['avatar']) . "\" alt=\"\" width=\"{$scaled_avatar['width']}\" height=\"{$scaled_avatar['height']}\" />";
// Convert IP's to readable
$user['regip'] = my_inet_ntop($db->unescape_binary($user['regip']));
$user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip']));
if ($view['view_type'] == "card") {
$users .= build_user_view_card($user, $view, $i);
} else {
build_user_view_table($user, $view, $table);
}
}
// If card view, we need to output the results
if ($view['view_type'] == "card") {
$table->construct_cell($users);
$table->construct_row();
}
}
if (!isset($view['table_id'])) {
$view['table_id'] = "users_list";
}
$switch_view = "<div class=\"float_right\">";
$switch_url = $view['url'];
if ($mybb->input['page'] > 0) {
$switch_url .= "&page=" . $mybb->get_input('page', MyBB::INPUT_INT);
}
if ($view['view_type'] != "card") {
$switch_view .= "<strong>{$lang->table_view}</strong> | <a href=\"{$switch_url}&type=card\" style=\"font-weight: normal;\">{$lang->card_view}</a>";
} else {
$switch_view .= "<a href=\"{$switch_url}&type=table\" style=\"font-weight: normal;\">{$lang->table_view}</a> | <strong>{$lang->card_view}</strong>";
}
$switch_view .= "</div>";
// Do we need to construct the pagination?
if ($num_results > $view['perpage']) {
$pagination = draw_admin_pagination($mybb->input['page'], $view['perpage'], $num_results, $view['url'] . "&type={$view['view_type']}");
$search_class = "float_right";
$search_style = "";
} else {
$search_class = '';
$search_style = "text-align: right;";
}
$search_action = $view['url'];
// stop &username= in the query string
if ($view_upos = strpos($search_action, '&username='******'post', 'search_form', 0, '', true);
$built_view = $search->construct_return;
$built_view .= "<div class=\"{$search_class}\" style=\"padding-bottom: 3px; margin-top: -9px; {$search_style}\">";
$built_view .= $search->generate_hidden_field('action', 'search') . "\n";
if (isset($view['conditions']['username'])) {
$default_class = '';
$value = $view['conditions']['username'];
} else {
$default_class = "search_default";
$value = $lang->search_for_user;
}
$built_view .= $search->generate_text_box('username', $value, array('id' => 'search_keywords', 'class' => "{$default_class} field150 field_small")) . "\n";
$built_view .= "<input type=\"submit\" class=\"search_button\" value=\"{$lang->search}\" />\n";
if ($view['popup']) {
$built_view .= " <div style=\"display: inline\">{$view['popup']}</div>\n";
}
$built_view .= "<script type=\"text/javascript\">\n\t\tvar form = \$(\"#search_form\");\n\t\tform.submit(function() {\n\t\t\tvar search = \$('#search_keywords');\n\t\t\tif(search.val() == '' || search.val() == '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t\t{\n\t\t\t\tsearch.focus();\n\t\t\t\treturn false;\n\t\t\t}\n\t\t});\n\n\t\tvar search = \$(\"#search_keywords\");\n\t\tsearch.focus(function()\n\t\t{\n\t\t\tvar searched_focus = \$(this);\n\t\t\tif(searched_focus.val() == '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t\t{\n\t\t\t\tsearched_focus.removeClass(\"search_default\");\n\t\t\t\tsearched_focus.val(\"\");\n\t\t\t}\n\t\t});\n\n\t\tsearch.blur(function()\n\t\t{\n\t\t\tvar searched_blur = \$(this);\n\t\t\tif(searched_blur.val() == \"\")\n\t\t\t{\n\t\t\t\tsearched_blur.addClass('search_default');\n\t\t\t\tsearched_blur.val('" . addcslashes($lang->search_for_user, "'") . "');\n\t\t\t}\n\t\t});\n\n\t\t// fix the styling used if we have a different default value\n\t\tif(search.val() != '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t{\n\t\t\t\$(search).removeClass('search_default');\n\t\t}\n\t\t</script>\n";
$built_view .= "</div>\n";
// Autocompletion for usernames
// TODO Select2
$built_view .= $search->end();
if (isset($pagination)) {
$built_view .= $pagination;
}
if ($view['view_type'] != "card") {
$checkbox = '';
} else {
$checkbox = "<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this)\" /> ";
}
$built_view .= $table->construct_html("{$switch_view}<div>{$checkbox}{$lang->users}{$view_title}</div>", 1, "", $view['table_id']);
if (isset($pagination)) {
$built_view .= $pagination;
}
$built_view .= '
<script type="text/javascript" src="' . $mybb->settings['bburl'] . '/jscripts/inline_moderation.js?ver=1800"></script>
<form action="index.php?module=user-users" method="post">
<input type="hidden" name="my_post_key" value="' . $mybb->post_code . '" />
<input type="hidden" name="action" value="inline_edit" />
<div class="float_right"><span class="smalltext"><strong>' . $lang->inline_edit . '</strong></span>
<select name="inline_action">
<option value="multiactivate">' . $lang->inline_activate . '</option>
<option value="multiban">' . $lang->inline_ban . '</option>
<option value="multiusergroup">' . $lang->inline_usergroup . '</option>
<option value="multidelete">' . $lang->inline_delete . '</option>
<option value="multiprune">' . $lang->inline_prune . '</option>
</select>
<input type="submit" class="submit_button inline_element" name="go" value="' . $lang->go . ' (0)" id="inline_go" />
<input type="button" onclick="javascript:inlineModeration.clearChecked();" value="' . $lang->clear . '" class="submit_button inline_element" />
</div>
</form>
<br style="clear: both;" />
<script type="text/javascript">
<!--
var go_text = "' . $lang->go . '";
var all_text = "1";
var inlineType = "user";
var inlineId = "acp";
// -->
</script>';
return $built_view;
}
/**
* How do we want to name the admin user?
*/
function create_admin_user()
{
global $output, $mybb, $errors, $db, $lang;
$mybb->input['action'] = "adminuser";
// If no errors then check for errors from last step
if (!is_array($errors)) {
if (empty($mybb->input['bburl'])) {
$errors[] = $lang->config_step_error_url;
}
if (empty($mybb->input['bbname'])) {
$errors[] = $lang->config_step_error_name;
}
if (is_array($errors)) {
configure();
}
}
$output->print_header($lang->create_admin, 'admin');
echo <<<EOF
\t\t<script type="text/javascript">\t
\t\tfunction comparePass()
\t\t{
\t\t\tvar parenttr = \$('#adminpass2').closest('tr');
\t\t\tvar passval = \$('#adminpass2').val();
\t\t\tif(passval && passval != \$('#adminpass').val())
\t\t\t{
\t\t\t\tif(!parenttr.next('.pass_peeker').length)
\t\t\t\t{
\t\t\t\t\tparenttr.removeClass('last').after('<tr class="pass_peeker"><td colspan="2">{$lang->admin_step_nomatch}</td></tr>');
\t\t\t\t}
\t\t\t} else {
\t\t\t\tparenttr.addClass('last').next('.pass_peeker').remove();
\t\t\t}
\t\t}
\t\t</script>
\t\t
EOF;
if (is_array($errors)) {
$error_list = error_list($errors);
echo $lang->sprintf($lang->admin_step_error_config, $error_list);
$adminuser = $mybb->get_input('adminuser');
$adminemail = $mybb->get_input('adminemail');
} else {
require MYBB_ROOT . 'inc/config.php';
$db = db_connection($config);
echo $lang->admin_step_setupsettings;
$adminuser = $adminemail = '';
$settings = file_get_contents(INSTALL_ROOT . 'resources/settings.xml');
$parser = new XMLParser($settings);
$parser->collapse_dups = 0;
$tree = $parser->get_tree();
$groupcount = $settingcount = 0;
// Insert all the settings
foreach ($tree['settings'][0]['settinggroup'] as $settinggroup) {
$groupdata = array('name' => $db->escape_string($settinggroup['attributes']['name']), 'title' => $db->escape_string($settinggroup['attributes']['title']), 'description' => $db->escape_string($settinggroup['attributes']['description']), 'disporder' => (int) $settinggroup['attributes']['disporder'], 'isdefault' => $settinggroup['attributes']['isdefault']);
$gid = $db->insert_query('settinggroups', $groupdata);
++$groupcount;
foreach ($settinggroup['setting'] as $setting) {
$settingdata = array('name' => $db->escape_string($setting['attributes']['name']), 'title' => $db->escape_string($setting['title'][0]['value']), 'description' => $db->escape_string($setting['description'][0]['value']), 'optionscode' => $db->escape_string($setting['optionscode'][0]['value']), 'value' => $db->escape_string($setting['settingvalue'][0]['value']), 'disporder' => (int) $setting['disporder'][0]['value'], 'gid' => $gid, 'isdefault' => 1);
$db->insert_query('settings', $settingdata);
$settingcount++;
}
}
if (my_substr($mybb->get_input('bburl'), -1, 1) == '/') {
$mybb->input['bburl'] = my_substr($mybb->get_input('bburl'), 0, -1);
}
$db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('bbname'))), "name='bbname'");
$db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('bburl'))), "name='bburl'");
$db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('websitename'))), "name='homename'");
$db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('websiteurl'))), "name='homeurl'");
$db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('cookiedomain'))), "name='cookiedomain'");
$db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('cookiepath'))), "name='cookiepath'");
$db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('contactemail'))), "name='adminemail'");
$db->update_query("settings", array('value' => 'contact.php'), "name='contactlink'");
write_settings();
echo $lang->sprintf($lang->admin_step_insertesettings, $settingcount, $groupcount);
// Save the acp pin
$pin = addslashes($mybb->get_input('pin'));
$file = @fopen(MYBB_ROOT . "inc/config.php", "a");
@fwrite($file, "/**\n * Admin CP Secret PIN\n * If you wish to request a PIN\n * when someone tries to login\n * on your Admin CP, enter it below.\n */\n\n\$config['secret_pin'] = '{$pin}';");
@fclose($file);
include_once MYBB_ROOT . "inc/functions_task.php";
$tasks = file_get_contents(INSTALL_ROOT . 'resources/tasks.xml');
$parser = new XMLParser($tasks);
$parser->collapse_dups = 0;
$tree = $parser->get_tree();
$taskcount = 0;
// Insert scheduled tasks
foreach ($tree['tasks'][0]['task'] as $task) {
$new_task = array('title' => $db->escape_string($task['title'][0]['value']), 'description' => $db->escape_string($task['description'][0]['value']), 'file' => $db->escape_string($task['file'][0]['value']), 'minute' => $db->escape_string($task['minute'][0]['value']), 'hour' => $db->escape_string($task['hour'][0]['value']), 'day' => $db->escape_string($task['day'][0]['value']), 'weekday' => $db->escape_string($task['weekday'][0]['value']), 'month' => $db->escape_string($task['month'][0]['value']), 'enabled' => $db->escape_string($task['enabled'][0]['value']), 'logging' => $db->escape_string($task['logging'][0]['value']));
$new_task['nextrun'] = fetch_next_run($new_task);
$db->insert_query("tasks", $new_task);
$taskcount++;
}
// For the version check task, set a random date and hour (so all MyBB installs don't query mybb.com all at the same time)
$update_array = array('hour' => rand(0, 23), 'weekday' => rand(0, 6));
$db->update_query("tasks", $update_array, "file = 'versioncheck'");
echo $lang->sprintf($lang->admin_step_insertedtasks, $taskcount);
$views = file_get_contents(INSTALL_ROOT . 'resources/adminviews.xml');
$parser = new XMLParser($views);
$parser->collapse_dups = 0;
$tree = $parser->get_tree();
$view_count = 0;
// Insert admin views
foreach ($tree['adminviews'][0]['view'] as $view) {
$fields = array();
foreach ($view['fields'][0]['field'] as $field) {
$fields[] = $field['attributes']['name'];
}
$conditions = array();
if (isset($view['conditions'][0]['condition']) && is_array($view['conditions'][0]['condition'])) {
foreach ($view['conditions'][0]['condition'] as $condition) {
if (!$condition['value']) {
continue;
}
if ($condition['attributes']['is_serialized'] == 1) {
$condition['value'] = my_unserialize($condition['value']);
}
$conditions[$condition['attributes']['name']] = $condition['value'];
}
}
$custom_profile_fields = array();
if (isset($view['custom_profile_fields'][0]['field']) && is_array($view['custom_profile_fields'][0]['field'])) {
foreach ($view['custom_profile_fields'][0]['field'] as $field) {
$custom_profile_fields[] = $field['attributes']['name'];
}
}
$new_view = array("uid" => 0, "type" => $db->escape_string($view['attributes']['type']), "visibility" => (int) $view['attributes']['visibility'], "title" => $db->escape_string($view['title'][0]['value']), "fields" => $db->escape_string(my_serialize($fields)), "conditions" => $db->escape_string(my_serialize($conditions)), "custom_profile_fields" => $db->escape_string(my_serialize($custom_profile_fields)), "sortby" => $db->escape_string($view['sortby'][0]['value']), "sortorder" => $db->escape_string($view['sortorder'][0]['value']), "perpage" => (int) $view['perpage'][0]['value'], "view_type" => $db->escape_string($view['view_type'][0]['value']));
$db->insert_query("adminviews", $new_view);
$view_count++;
}
echo $lang->sprintf($lang->admin_step_insertedviews, $view_count);
echo $lang->admin_step_createadmin;
}
echo $lang->sprintf($lang->admin_step_admintable, $adminuser, $adminemail);
$output->print_footer('final');
}
function firstpreview_pm()
{
global $mybb, $db, $charset, $headerinclude, $header;
$header = '<div class="arrow-down"></div>' . $header;
// Add jQuery and noConflict for MyBB 1.6.*
$jquery = '';
$noconflict = '';
if ($mybb->version < "1.7.0") {
$jquery = '<script type="text/javascript">
//<![CDATA[
if (!window.jQuery)
{
document.write(unescape("%3Cscript src=\\"http://code.jquery.com/jquery-latest.min.js\\" type=\\"text/javascript\\"%3E%3C/script%3E"));
}
//]]>
</script>';
$noconflict = 'jQuery.noConflict();';
}
// Background color
$bg_color = '#aaaaaa';
if (isset($mybb->settings['firstpreview_bg']) && preg_match('/^#([0-9a-f]{1,6})$/i', $mybb->settings['firstpreview_bg'])) {
$bg_color = htmlspecialchars_uni($mybb->settings['firstpreview_bg']);
}
// Close button
$close_preview = '#close_preview{display:none;cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}';
if (isset($mybb->settings['firstpreview_close']) && $mybb->settings['firstpreview_close'] == 1) {
$close_preview = '#close_preview{cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}';
}
// Insert the code
$headerinclude .= '
<!-- start: first_preview_plugin -->
<style type="text/css">
.modal_firstpost{text-align:left;border-radius:7px;-moz-border-radius:7px;-webkit-border-radius:7px;border:1px solid ' . $bgcolor . ';display:none;position:absolute;z-index:29000;width:390px;height:180px;overflow:hidden}
.fpreview{z-index:29001;width:390px;height:180px;overflow:auto;background:' . $bg_color . '}
.arrow-down{display:none;position:absolute;z-index:28999;width:0;height:0;border-left:20px solid transparent;border-right:20px solid transparent;border-top:20px solid ' . $bg_color . '}
.prev_content{padding:10px;height:auto;word-wrap:break-word;-webkit-hyphens:auto;-moz-hyphens:auto;-ms-hyphens:auto;-o-hyphens:auto;hyphens:auto;background:none}
' . $close_preview . '
</style>
' . $jquery . '
<script type="text/javascript">
//<![CDATA[
' . $noconflict . '
<!--
if(use_xmlhttprequest == 1) {
jQuery(document).ready(function(e){e(".pmprev").on("touchenter mouseenter",function(){id=e(this).attr("id");pmid=id.replace(/[^\\d.]/g,"");var t=e(this).offset().left;var n=e(this).offset().top-200;showPost=setTimeout(function(){e.ajax({url:"private.php?pmid="+pmid+"&firstpm=1",type:"post",complete:function(t){e(".modal_firstpost").html(t.responseText)}});e(".modal_firstpost").fadeIn("slow");e(".modal_firstpost").css("top",n);e(".modal_firstpost").css("left",t);e(".arrow-down").fadeIn("slow");e(".arrow-down").css("top",n+180);e(".arrow-down").css("left",t+20);},1500)});e(".pmprev").on("mouseleave touchleave touchend",function(){clearTimeout(showPost);});e(".modal_firstpost").on("mouseleave touchmove",function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")});e(".modal_firstpost").on("click", "#close_preview", function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")})});
}
//]]>
</script>
<!-- end: first_preview_plugin -->
';
// Get the pm preview
if (isset($mybb->input['firstpm']) && $mybb->input['firstpm'] == 1 && $mybb->request_method == "post") {
$pmid = (int) $mybb->input['pmid'];
$query = $db->simple_select('privatemessages', '*', "pmid = '" . $pmid . "'");
$pm = $db->fetch_array($query);
// Load the users own messages only
if ($pm['uid'] != $mybb->user['uid']) {
return;
}
require_once MYBB_ROOT . "inc/class_parser.php";
$parser = new postParser();
$pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));
$user = get_user($pm['fromid']);
$idtype = 'pmid';
$parser_options['allow_html'] = $mybb->settings['pmsallowhtml'];
$parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode'];
$parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies'];
$parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode'];
$parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode'];
$parser_options['me_username'] = $user['username'];
$parser_options['filter_badwords'] = 1;
$id = $pmid;
$pm['message'] = $parser->parse_message($pm['message'], $parser_options);
$pmdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$pmtime = my_date($mybb->settings['timeformat'], $pm['dateline']);
$pmsent = ' (' . $pmdate . ', ' . $pmtime . ')';
if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) {
$pm['message'] = strip_tags($pm['message'], "<br><p><ul><ol><li>");
}
if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($pm['message']) > (int) $mybb->settings['firstpreview_length']) {
$pm['message'] = preg_replace("!<a([^>]+)>!isU", "", $pm['message']);
$pm['message'] = str_replace("</a>", "", $pm['message']);
$pm['message'] = my_substr($pm['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...<p><a href="private.php?action=read&pmid=' . (int) $pm['pmid'] . '">more</a></p>';
}
$preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span>\n\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $pm['subject'] . "</div>\n\t\t<div class=\"tcat\" style=\"padding-left:10px;\">" . build_profile_link(format_name(htmlspecialchars_uni($user['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $pm['fromid']) . "<span class=\"smalltext\">" . $pmsent . "</span></div>\n\t\t<div class=\"prev_content\">" . $pm['message'] . "</div>\n\t\t</div>";
header("Content-type: text/plain; charset={$charset}");
echo $preview;
exit;
}
}
}
$plugins->run_hooks("private_folders_end");
eval("\$folders = \"" . $templates->get("private_folders") . "\";");
output_page($folders);
}
if ($mybb->input['action'] == "do_folders" && $mybb->request_method == "post") {
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("private_do_folders_start");
$highestid = 2;
$folders = '';
$donefolders = array();
$mybb->input['folder'] = $mybb->get_input('folder', MyBB::INPUT_ARRAY);
foreach ($mybb->input['folder'] as $key => $val) {
if (empty($donefolders[$val])) {
if (my_substr($key, 0, 3) == "new") {
++$highestid;
$fid = (int) $highestid;
} else {
if ($key > $highestid) {
$highestid = $key;
}
$fid = (int) $key;
// Use default language strings if empty or value is language string
switch ($fid) {
case 1:
if ($val == $lang->folder_inbox || trim($val) == '') {
$val = '';
}
break;
case 2:
function upgrade3_convertattachments()
{
global $db, $output;
$output->print_header("Attachment Conversion to Files");
if (!$_POST['attachmentspage']) {
$app = 50;
} else {
$app = (int) $_POST['attachmentspage'];
}
if ($_POST['attachmentstart']) {
$startat = (int) $_POST['attachmentstart'];
$upper = $startat + $app;
$lower = $startat;
} else {
$startat = 0;
$upper = $app;
$lower = 1;
}
require_once MYBB_ROOT . "inc/settings.php";
$query = $db->simple_select("attachments", "COUNT(aid) AS attachcount");
$cnt = $db->fetch_array($query);
$contents .= "<p>Converting attachments {$lower} to {$upper} (" . $cnt['attachcount'] . " Total)</p>";
echo "<p>Converting attachments {$lower} to {$upper} (" . $cnt['attachcount'] . " Total)</p>";
if ($db->field_exists("uid", TABLE_PREFIX . "attachments")) {
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments DROP uid;");
}
// Add uid column
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments ADD uid smallint(6) NOT NULL AFTER posthash;");
if ($db->field_exists("thumbnail", TABLE_PREFIX . "attachments")) {
// Drop thumbnail column
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments DROP thumbnail");
}
if ($db->field_exists("thumbnail", TABLE_PREFIX . "attachments")) {
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments DROP thumbnail;");
}
// Add thumbnail column
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments ADD thumbnail varchar(120) NOT NULL;");
if ($db->field_exists("attachname", TABLE_PREFIX . "attachments")) {
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments DROP attachname;");
}
// Add attachname column
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments ADD attachname varchar(120) NOT NULL AFTER filesize;");
if (!$db->field_exists("donecon", TABLE_PREFIX . "attachments")) {
// Add temporary column
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments ADD donecon smallint(1) NOT NULL;");
}
$query = $db->query("\n\t\tSELECT a.*, p.uid AS puid, p.dateline \n\t\tFROM " . TABLE_PREFIX . "attachments a \n\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (p.pid=a.pid) \n\t\tWHERE a.donecon != '1'\n\t\tORDER BY a.aid ASC LIMIT {$app}\n\t");
while ($attachment = $db->fetch_array($query)) {
$filename = "post_" . $attachment['puid'] . "_" . $attachment['dateline'] . $attachment['aid'] . ".attach";
$ext = my_strtolower(my_substr(strrchr($attachment['filename'], "."), 1));
$fp = fopen("../uploads/" . $filename, "wb");
if (!$fp) {
die("Unable to create file. Please check permissions and refresh page.");
}
fwrite($fp, $attachment['filedata']);
fclose($fp);
unset($attachment['filedata']);
if ($ext == "gif" || $ext == "png" || $ext == "jpg" || $ext == "jpeg" || $ext == "jpe") {
require_once MYBB_ROOT . "inc/functions_image.php";
$thumbname = str_replace(".attach", "_thumb.{$ext}", $filename);
$thumbnail = generate_thumbnail("../uploads/" . $filename, "../uploads", $thumbname, $settings['attachthumbh'], $settings['attachthumbw']);
if ($thumbnail['code'] == 4) {
// Image was too small - fake a filename
$thumbnail['filename'] = "SMALL";
}
}
$db->write_query("UPDATE " . TABLE_PREFIX . "attachments SET attachname='" . $filename . "', donecon='1', uid='" . $attachment['puid'] . "', thumbnail='" . $thumbnail['filename'] . "' WHERE aid='" . $attachment['aid'] . "'");
unset($thumbnail);
}
echo "<p>Done.</p>";
$query = $db->simple_select("attachments", "COUNT(aid) AS attachrem", "donecon != '1'");
$cnt = $db->fetch_array($query);
if ($cnt['attachrem'] != 0) {
$nextact = "3_convertattachments";
$startat = $startat + $app;
$contents .= "<p><input type=\"hidden\" name=\"attachmentspage\" value=\"{$app}\" /><input type=\"hidden\" name=\"attachmentstart\" value=\"{$startat}\" />Done. Click Next to move on to the next set of attachments.</p>";
} else {
if ($db->field_exists("donecon", TABLE_PREFIX . "attachments")) {
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments DROP donecon");
}
if ($db->field_exists("filedata", TABLE_PREFIX . "attachments")) {
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments DROP filedata");
}
if ($db->field_exists("thumbnailsm", TABLE_PREFIX . "attachments")) {
$db->write_query("ALTER TABLE " . TABLE_PREFIX . "attachments DROP thumbnailsm");
}
$nextact = "3_convertavatars";
$contents .= "<p>Done</p><p>All attachments have been moved to the file system. The next step is converting avatars to the file system.</p>";
$contents .= "<p>If you wish to change the number of uploaded avatars to process per page then you can do so below.</p>";
$contents .= "<p><strong>Avatars Per Page:</strong> <input type=\"text\" size=\"3\" value=\"200\" name=\"userspage\" /></p>";
$contents .= "<p>Once you're ready, press next to begin the conversion.</p>";
}
$output->print_contents($contents);
$output->print_footer($nextact);
}
} else {
$query = $db->simple_select("themes", "name, tid, properties", $loadstyle);
$theme = $db->fetch_array($query);
}
// No theme was found - we attempt to load the master or any other theme
if (!isset($theme['tid']) || isset($theme['tid']) && !$theme['tid']) {
// Missing theme was from a user, run a query to set any users using the theme to the default
$db->update_query('users', array('style' => 0), "style = '{$mybb->user['style']}'");
// Attempt to load the master or any other theme if the master is not available
$query = $db->simple_select('themes', 'name, tid, properties, stylesheets', '', array('order_by' => 'tid', 'limit' => 1));
$theme = $db->fetch_array($query);
}
$theme = @array_merge($theme, my_unserialize($theme['properties']));
// Set the appropriate image language directory for this theme.
// Are we linking to a remote theme server?
if (my_substr($theme['imgdir'], 0, 7) == 'http://' || my_substr($theme['imgdir'], 0, 8) == 'https://') {
// If a language directory for the current language exists within the theme - we use it
if (!empty($mybb->user['language'])) {
$theme['imglangdir'] = $theme['imgdir'] . '/' . $mybb->user['language'];
} else {
// Check if a custom language directory exists for this theme
if (!empty($mybb->settings['bblanguage'])) {
$theme['imglangdir'] = $theme['imgdir'] . '/' . $mybb->settings['bblanguage'];
} else {
$theme['imglangdir'] = $theme['imgdir'];
}
}
} else {
$img_directory = $theme['imgdir'];
if ($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath'])) {
$img_directory = rtrim($mybb->settings['cdnpath'], '/') . '/' . ltrim($theme['imgdir'], '/');
/**
* Truncate too long URLs.
*
* @param string The string to be truncated.
* @param string The word separator.
* @param int The soft limit.
* @param int The hard limit.
* @return string truncated string
*/
function google_seo_url_truncate($str)
{
global $settings;
$separator = $settings['google_seo_url_separator'];
$soft = $settings['google_seo_url_length_soft'];
$hard = $settings['google_seo_url_length_hard'];
// Cut off word past soft limit.
if ($soft && my_strlen($str) > $soft) {
// Search the separator after the soft limit.
$part = my_substr($str, $soft);
$pos = my_strpos($part, $separator);
if ($pos === 0 || $pos > 0) {
$str = my_substr($str, 0, $soft + $pos);
}
}
// Truncate hard limit.
if ($hard && my_strlen($str) > $hard) {
$str = my_substr($str, 0, $hard);
}
return $str;
}
