function verify_upload_folder($attachpath)
{
global $vbphrase;
if ($attachpath == '')
{
print_stop_message('please_complete_required_fields');
}
if (!is_dir($attachpath . '/test'))
{
@umask(0);
if (!@mkdir($attachpath . '/test', 0777))
{
print_stop_message('test_file_write_failed', $attachpath);
}
}
@chmod($attachpath . '/test', 0777);
if ($fp = @fopen($attachpath . '/test/test.attach', 'wb'))
{
fclose($fp);
if (!@unlink($attachpath . '/test/test.attach'))
{
print_stop_message('test_file_write_failed', $attachpath);
}
@rmdir($attachpath . '/test');
}
else
{
print_stop_message('test_file_write_failed', $attachpath);
}
}
function verify_upload_folder($imagepath)
{
global $vbphrase;
if ($imagepath == '') {
print_stop_message('please_complete_required_fields');
}
if ($fp = @fopen($imagepath . '/test.image', 'wb')) {
fclose($fp);
if (!@unlink($imagepath . '/test.image')) {
print_stop_message('test_file_write_failed', $imagepath);
}
return true;
} else {
print_stop_message('test_file_write_failed', $imagepath);
}
}
construct_hidden_code('group', $vbulletin->GPC['group']);
construct_hidden_code('searchstring', $vbulletin->GPC['searchstring']);
construct_hidden_code('dostyleid', $vbulletin->GPC['dostyleid']);
construct_hidden_code('product', $vbulletin->GPC['product']);
construct_hidden_code('savehistory', intval($vbulletin->GPC['savehistory']));
construct_hidden_code('histcomment', $vbulletin->GPC['histcomment']);
print_table_header($vbphrase['vbulletin_message']);
print_description_row(construct_phrase($vbphrase['template_eval_error'], $errors));
print_submit_row($vbphrase['continue'], 0, 2, $vbphrase['go_back']);
print_cp_footer();
exit;
}
}
$old_template = $db->query_first("\n\t\tSELECT title, styleid, dateline, username, template_un\n\t\tFROM " . TABLE_PREFIX . "template\n\t\tWHERE templateid = " . $vbulletin->GPC['templateid'] . "\n\t");
if (strtolower($vbulletin->GPC['title']) != strtolower($old_template['title']) and $db->query_first("\n\t\tSELECT templateid\n\t\tFROM " . TABLE_PREFIX . "template\n\t\tWHERE styleid = {$old_template['styleid']} AND title = '" . $db->escape_string($vbulletin->GPC['title']) . "'\n\t")) {
print_stop_message('template_x_exists', $vbulletin->GPC['title']);
}
if ($vbulletin->GPC['lastedit'] and $vbulletin->GPC['lastedit'] != $old_template['dateline']) {
$comment = construct_phrase($vbphrase['template_edited_after_load'], $old_template['username']);
echo "<p align=\"center\"><strong>{$comment}</strong></p>";
/* Save what was in the template into the history */
$db->query_write("\n\t\t\tINSERT INTO " . TABLE_PREFIX . "templatehistory\n\t\t\t\t(styleid, title, template, dateline, username, version, comment)\n\t\t\tVALUES\n\t\t\t\t({$old_template['styleid']},\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\t\t'" . $db->escape_string($old_template['template_un']) . "',\n\t\t\t\t" . TIMENOW . ",\n\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t'" . $db->escape_string($full_product_info[$vbulletin->GPC['product']]['version']) . "',\n\t\t\t\t'" . $db->escape_string($comment) . "'\n\t\t)");
}
$db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "template SET\n\t\t\ttitle = '" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\ttemplate = '" . $db->escape_string($vbulletin->GPC['template']) . "',\n\t\t\ttemplate_un = '" . $db->escape_string($template_un) . "',\n\t\t\tdateline = " . TIMENOW . ",\n\t\t\tusername = '******'username']) . "',\n\t\t\tversion = '" . $db->escape_string($full_product_info[$vbulletin->GPC['product']]['version']) . "',\n\t\t\tproduct = '" . $db->escape_string($vbulletin->GPC['product']) . "'\n\t\tWHERE templateid = " . $vbulletin->GPC['templateid'] . "\n\t");
if (strpos($vbulletin->GPC['title'], 'bbcode_') === 0) {
// begins with bbcode_ - empty the post parsed cache
$vbulletin->db->query_write("TRUNCATE TABLE " . TABLE_PREFIX . "postparsed");
}
// update any customized templates to reflect a change of product id
if ($old_template['styleid'] == -1 and $vbulletin->GPC['product'] != $old_template['product']) {
$db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "template\n\t\t\tSET product = '" . $db->escape_string($vbulletin->GPC['product']) . "'\n\t\t\tWHERE title = '" . $db->escape_string($vbulletin->GPC['title']) . "'\n\t\t\t\tAND styleid <> -1\n\t\t");
function verify_reminder_title_length($title)
{
global $vbphrase;
$length = strlen($title);
if ($length > MAXTITLELENGTH) {
$diff = $length - MAXTITLELENGTH;
print_stop_message('reminder_title_too_long', MAXTITLELENGTH, $diff);
} else {
return $title;
}
}
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);
if (!is_object($vbulletin->db)) {
exit;
}
// ########################################################################
// ######################### START MAIN SCRIPT ############################
// ########################################################################
require_once DIR . '/includes/class_sitemap.php';
$runner = new vB_SiteMapRunner_Cron($vbulletin);
$runner->set_cron_item($nextitem);
$status = $runner->check_environment();
if ($status['error']) {
// if an error has happened, display/log it if necessary and die
if (VB_AREA == 'AdminCP') {
print_stop_message($status['error']);
} else {
if ($status['loggable']) {
$rows = $vbulletin->db->query_first("\n\t\t\tSELECT COUNT(*) AS count\n\t\t\tFROM " . TABLE_PREFIX . "adminmessage\n\t\t\tWHERE varname = '" . $vbulletin->db->escape_string($status['error']) . "'\n\t\t\t\tAND status = 'undone'\n\t\t");
if ($rows['count'] == 0) {
$vbulletin->db->query_write("\n\t\t\t\tINSERT INTO " . TABLE_PREFIX . "adminmessage\n\t\t\t\t\t(varname, dismissable, script, action, execurl, method, dateline, status)\n\t\t\t\tVALUES\n\t\t\t\t\t('" . $vbulletin->db->escape_string($status['error']) . "',\n\t\t\t\t\t1,\n\t\t\t\t\t'sitemap.php',\n\t\t\t\t\t'buildsitemap',\n\t\t\t\t\t'sitemap.php?do=buildsitemap',\n\t\t\t\t\t'get',\n\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t'undone')\n\t\t\t");
}
}
}
exit;
}
$runner->generate();
if ($runner->is_finished) {
$log_text = $runner->written_filename . ', vbulletin_sitemap_index.xml';
} else {
$log_text = $runner->written_filename;
$queryoptions = array('-1' => '', $vbphrase['all_users'] => array('10' => $vbphrase['yes'] . ' - ' . $vbphrase['invisible_mode'], '80' => $vbphrase['no'] . ' - ' . $vbphrase['invisible_mode'], '20' => $vbphrase['yes'] . ' - ' . $vbphrase['allow_vcard_download'], '90' => $vbphrase['no'] . ' - ' . $vbphrase['allow_vcard_download'], '30' => $vbphrase['yes'] . ' - ' . $vbphrase['receive_admin_emails'], '100' => $vbphrase['no'] . ' - ' . $vbphrase['receive_admin_emails'], '40' => $vbphrase['yes'] . ' - ' . $vbphrase['display_email'], '110' => $vbphrase['no'] . ' - ' . $vbphrase['display_email'], '50' => $vbphrase['yes'] . ' - ' . $vbphrase['receive_private_messages'], '120' => $vbphrase['no'] . ' - ' . $vbphrase['receive_private_messages'], '60' => $vbphrase['yes'] . ' - ' . $vbphrase['send_notification_email_when_a_private_message_is_received'], '130' => $vbphrase['no'] . ' - ' . $vbphrase['send_notification_email_when_a_private_message_is_received'], '70' => $vbphrase['yes'] . ' - ' . $vbphrase['pop_up_notification_box_when_a_private_message_is_received'], '140' => $vbphrase['no'] . ' - ' . $vbphrase['pop_up_notification_box_when_a_private_message_is_received'], '150' => $vbphrase['on'] . ' - ' . $vbphrase['display_signatures'], '180' => $vbphrase['off'] . ' - ' . $vbphrase['display_signatures'], '160' => $vbphrase['on'] . ' - ' . $vbphrase['display_avatars'], '190' => $vbphrase['off'] . ' - ' . $vbphrase['display_avatars'], '170' => $vbphrase['on'] . ' - ' . $vbphrase['display_images'], '200' => $vbphrase['off'] . ' - ' . $vbphrase['display_images'], '175' => $vbphrase['on'] . ' - ' . $vbphrase['display_reputation'], '205' => $vbphrase['off'] . ' - ' . $vbphrase['display_reputation'], '176' => $vbphrase['on'] . ' - ' . $vbphrase['enahnced_attachment_uploading'], '206' => $vbphrase['off'] . ' - ' . $vbphrase['enahnced_attachment_uploading'], 'blank1' => '', '210' => $vbphrase['subscribe_choice_none'], '220' => $vbphrase['subscribe_choice_0'], '230' => $vbphrase['subscribe_choice_1'], '240' => $vbphrase['subscribe_choice_2'], '250' => $vbphrase['subscribe_choice_3'], 'blank2' => '', '270' => $vbphrase['thread_display_mode'] . ' - ' . $vbphrase['linear'], '280' => $vbphrase['thread_display_mode'] . ' - ' . $vbphrase['threaded'], '290' => $vbphrase['thread_display_mode'] . ' - ' . $vbphrase['hybrid'], 'blank3' => '', '260' => $vbphrase['posts'] . ' - ' . $vbphrase['oldest_first'], '265' => $vbphrase['posts'] . ' - ' . $vbphrase['newest_first'], 'blank4' => '', '300' => $vbphrase['do_not_show_editor_toolbar'], '310' => $vbphrase['show_standard_editor_toolbar'], '320' => $vbphrase['show_enhanced_editor_toolbar']), $vbphrase['all_forums'] => array('400' => $vbphrase['show_threads_from_last_day'], '405' => $vbphrase['show_threads_from_last_week'], '410' => $vbphrase['show_threads_from_last_month'], '415' => $vbphrase['show_threads_from_last_year'], '420' => $vbphrase['show_all_threads']));
($hook = vBulletinHook::fetch_hook('admin_queries_auto_options')) ? eval($hook) : false;
// ##################### START DO QUERY #####################
if ($_POST['do'] == 'doquery') {
require_once DIR . '/includes/functions_misc.php';
$vbulletin->input->clean_array_gpc('p', array('autoquery' => TYPE_UINT, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'confirmquery' => TYPE_BOOL));
$query =& $vbulletin->GPC['query'];
if ($vbulletin->GPC['pagenumber'] < 1) {
$vbulletin->GPC['pagenumber'] = 1;
}
if (!$vbulletin->GPC['perpage']) {
$vbulletin->GPC['perpage'] = 20;
}
if (!$vbulletin->GPC['confirmquery']) {
if (!$vbulletin->GPC['autoquery'] and !$query) {
print_stop_message('please_complete_required_fields');
}
if ($vbulletin->GPC['autoquery']) {
switch ($vbulletin->GPC['autoquery']) {
case 10:
$query = "UPDATE " . TABLE_PREFIX . "user SET options = options + " . $vbulletin->bf_misc_useroptions['invisible'] . " WHERE NOT (options & " . $vbulletin->bf_misc_useroptions['invisible'] . ")";
break;
case 20:
$query = "UPDATE " . TABLE_PREFIX . "user SET options = options + " . $vbulletin->bf_misc_useroptions['showvcard'] . " WHERE NOT (options & " . $vbulletin->bf_misc_useroptions['showvcard'] . ")";
break;
case 30:
$query = "UPDATE " . TABLE_PREFIX . "user SET options = options + " . $vbulletin->bf_misc_useroptions['adminemail'] . " WHERE NOT (options & " . $vbulletin->bf_misc_useroptions['adminemail'] . ")";
break;
case 40:
$query = "UPDATE " . TABLE_PREFIX . "user SET options = options + " . $vbulletin->bf_misc_useroptions['showemail'] . " WHERE NOT (options & " . $vbulletin->bf_misc_useroptions['showemail'] . ")";
break;
function xml_import_help_topics($xml = false)
{
global $vbulletin, $vbphrase;
print_dots_start('<b>' . $vbphrase['importing_admin_help'] . "</b>, {$vbphrase['please_wait']}", ':', 'dspan');
require_once DIR . '/includes/class_xml.php';
$xmlobj = new vB_XML_Parser($xml, $GLOBALS['path']);
if ($xmlobj->error_no == 1) {
print_dots_stop();
print_stop_message('no_xml_and_no_path');
} else {
if ($xmlobj->error_no == 2) {
print_dots_stop();
print_stop_message('please_ensure_x_file_is_located_at_y', 'vbulletin-adminhelp.xml', $GLOBALS['path']);
}
}
if (!($arr = $xmlobj->parse())) {
print_dots_stop();
print_stop_message('xml_error_x_at_line_y', $xmlobj->error_string(), $xmlobj->error_line());
}
if (!$arr['helpscript']) {
print_dots_stop();
print_stop_message('invalid_file_specified');
}
$product = empty($arr['product']) ? 'vbulletin' : $arr['product'];
$has_phrases = !empty($arr['hasphrases']);
$arr = $arr['helpscript'];
if ($product == 'vbulletin') {
$product_sql = "product IN ('vbulletin', '')";
} else {
$product_sql = "product = '" . $vbulletin->db->escape_string($product) . "'";
}
$vbulletin->db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "adminhelp\n\t\tWHERE {$product_sql}\n\t\t\t AND volatile = 1\n\t");
if ($has_phrases) {
$vbulletin->db->query_write("\n\t\t\tDELETE FROM " . TABLE_PREFIX . "phrase\n\t\t\tWHERE {$product_sql}\n\t\t\t\tAND fieldname = 'cphelptext'\n\t\t\t\tAND languageid = -1\n\t\t");
}
// Deal with single entry
if (!is_array($arr[0])) {
$arr = array($arr);
}
foreach ($arr as $helpscript) {
$help_sql = array();
$phrase_sql = array();
$help_sql_len = 0;
$phrase_sql_len = 0;
// Deal with single entry
if (!is_array($helpscript['helptopic'][0])) {
$helpscript['helptopic'] = array($helpscript['helptopic']);
}
foreach ($helpscript['helptopic'] as $topic) {
$help_sql[] = "\n\t\t\t\t('" . $vbulletin->db->escape_string($helpscript['name']) . "',\n\t\t\t\t'" . $vbulletin->db->escape_string($topic['act']) . "',\n\t\t\t\t'" . $vbulletin->db->escape_string($topic['opt']) . "',\n\t\t\t\t" . intval($topic['disp']) . ",\n\t\t\t\t1,\n\t\t\t\t'" . $vbulletin->db->escape_string($product) . "')\n\t\t\t";
$help_sql_len += strlen(end($help_sql));
if ($has_phrases) {
$phrase_name = fetch_help_phrase_short_name(array('script' => $helpscript['name'], 'action' => $topic['act'], 'optionname' => $topic['opt']));
if (isset($topic['text']['value'])) {
$phrase_sql[] = "\n\t\t\t\t\t\t(-1,\n\t\t\t\t\t\t'cphelptext',\n\t\t\t\t\t\t'{$phrase_name}_text',\n\t\t\t\t\t\t'" . $vbulletin->db->escape_string($topic['text']['value']) . "',\n\t\t\t\t\t\t'" . $vbulletin->db->escape_string($product) . "',\n\t\t\t\t\t\t'" . $vbulletin->db->escape_string($topic['text']['username']) . "',\n\t\t\t\t\t\t" . intval($topic['text']['date']) . ",\n\t\t\t\t\t\t'" . $vbulletin->db->escape_string($topic['text']['version']) . "')\n\t\t\t\t\t";
$phrase_sql_len += strlen(end($phrase_sql));
}
if (isset($topic['title']['value'])) {
$phrase_sql[] = "\n\t\t\t\t\t\t(-1,\n\t\t\t\t\t\t'cphelptext',\n\t\t\t\t\t\t'{$phrase_name}_title',\n\t\t\t\t\t\t'" . $vbulletin->db->escape_string($topic['title']['value']) . "',\n\t\t\t\t\t\t'" . $vbulletin->db->escape_string($product) . "',\n\t\t\t\t\t\t'" . $vbulletin->db->escape_string($topic['title']['username']) . "',\n\t\t\t\t\t\t" . intval($topic['title']['date']) . ",\n\t\t\t\t\t\t'" . $vbulletin->db->escape_string($topic['title']['version']) . "')\n\t\t\t\t\t";
$phrase_sql_len += strlen(end($phrase_sql));
}
}
if ($phrase_sql_len > 102400) {
// insert max of 100k of phrases at a time
/*insert query*/
$vbulletin->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "phrase\n\t\t\t\t\t\t(languageid, fieldname, varname, text, product, username, dateline, version)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t" . implode(",\n", $phrase_sql));
$phrase_sql = array();
$phrase_sql_len = 0;
}
if ($help_sql_len > 102400) {
// insert max of 100k of phrases at a time
/*insert query*/
$vbulletin->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "adminhelp\n\t\t\t\t\t\t(script, action, optionname, displayorder, volatile, product)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t" . implode(",\n\t", $help_sql));
$help_sql = array();
$help_sql_len = 0;
}
}
if ($help_sql) {
/*insert query*/
$vbulletin->db->query_write("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "adminhelp\n\t\t\t\t\t(script, action, optionname, displayorder, volatile, product)\n\t\t\t\tVALUES\n\t\t\t\t\t" . implode(",\n\t", $help_sql));
}
if ($phrase_sql) {
/*insert query*/
$vbulletin->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "phrase\n\t\t\t\t\t\t(languageid, fieldname, varname, text, product, username, dateline, version)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t" . implode(",\n", $phrase_sql));
}
}
// stop the 'dots' counter feedback
print_dots_stop();
require_once DIR . '/includes/adminfunctions_language.php';
build_language();
}
/**
* Generates the style for the style generator
*
* @param array contains all color data
* @param int Number for the parent id
* @param string Title for the genrated style
* @param boolean Override version check
* @param int Display order for the style
* @param boolean True / False whether it will be user selectable
* @param int Version
*
*/
function generate_style($data, $parentid, $title, $anyversion=false, $displayorder, $userselect, $version)
{
global $vbulletin;
// Need to check variable for values - Check to make sure we have a name etc
$arr = explode('{', stripslashes($data)); // checked below
$hex = array(0 => ''); // start at one
$match = $match2 = array(); // initialize
$type = 'lps'; // checked below
foreach ($arr AS $key => $value)
{
if (preg_match("/\"hex\":\"([0-9A-F]{6})\"/", $value, $match) == 1)
{
$hex[] = '#' . $match[1];
}
if (preg_match("/\"type\":\"([a-z0-9]{3})\"/", $value, $match2) == 1)
{
$type = $match2[1];
}
}
switch (count($hex))
{
case '11':
break;
default:
print_stop_message('incorrect_color_mapping');
}
if ($type == 'lps') // Color : Primary and Secondary (except S3 and S4)
{
$sample_file = "style_generator_sample_light.xml";
$from = array('#FF0000', '#BF3030', '#A60000', '#FF4040', '#FF7373', '#009999', '#1D7373', '#5CCCCC');
$to = array($hex[1], $hex[2], $hex[3], $hex[4], $hex[5], $hex[6], $hex[7], $hex[10]);
}
else if ($type == 'lpt') // White : Similar to the current style
{
$sample_file = "style_generator_sample_white.xml";
$from = array('#A60000', '#BF3030', '#FF4040', '#FF7373');
$to = array($hex[3], $hex[2], $hex[1], $hex[1]);
}
else if ($type == 'gry') // Grey :: Primary 3 and Primary 4 only
{
$sample_file = "style_generator_sample_gray.xml";
$from = array('#A60000', '#FF4040');
$to = array($hex[1], $hex[4]);
}
else if ($type == 'drk') // Dark : Primary 3 and Primary 4 only
{
$sample_file = "style_generator_sample_dark.xml";
$from = array('#A60000', '#FF4040');
$to = array($hex[1], $hex[4]);
}
else // Dark : Default to Dark
{
$sample_file = "style_generator_sample_dark.xml";
$from = array('#A60000', '#FF4040');
$to = array($hex[1], $hex[4]);
}
$style = file(DIR . '/includes/xml/' . $sample_file);
$decode = $match = array();
foreach($style AS $name => $value) // read in and decode the sample_*.xml file
{
if (preg_match("/name=\"(.*)\" value=\"(.*)\"/", $value, $match) == 1)
{
$decode[$match[1]] = base64_decode($match[2]);
}
}
$match = array();
$output = '';
foreach ($decode AS $name => $value) // replace the RRGGBB in the sample_*.xml file with chosen colors and re-encode
{
if (preg_match("/\"(#[a-zA-Z0-9]{6})\"/", $value, $match) == 1)
{
$upper = '"' . strtoupper($match[1]) . '"';
$value = base64_encode(str_replace($from, $to, preg_replace("/\"(#[a-zA-Z0-9]{6})\"/", $upper, $value)));
$output .= ' <stylevar name="' . $name . '" value="' . $value . '" />
';
}
}
if($title===''){$title = 'Style ' . time();}
$output = '<?xml version="1.0" encoding="ISO-8859-1"?>
<style name="' . $title . '" vbversion="' . $version . '" product="vbulletin" type="custom">
<stylevardfns>
</stylevardfns>
<stylevars>
' . $output . ' </stylevars>
</style>
';
xml_import_style($output,
-1, $parentid, $title,
$anyversion, $displayorder, $userselect
);
print_cp_redirect("template.php?" . $vbulletin->session->vars['sessionurl'] . "do=rebuild&goto=template.php?" . $vbulletin->session->vars['sessionurl']);
}
}
// *************************************************************************************************
if ($_POST['do'] == 'killreputation') {
$vbulletin->input->clean_array_gpc('p', array('reputationid' => TYPE_INT));
$repinfo = verify_id('reputation', $vbulletin->GPC['reputationid'], 0, 1);
$user = fetch_userinfo($repinfo['userid']);
if ($user) {
$userdm =& datamanager_init('User', $vbulletin, ERRTYPE_CP);
$userdm->set_existing($user);
$userdm->set('reputation', $user['reputation'] - $repinfo['reputation']);
$userdm->save();
unset($userdm);
}
$db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "reputation\n\t\tWHERE reputationid = " . $vbulletin->GPC['reputationid']);
define('CP_REDIRECT', "adminreputation.php?do=list&u={$repinfo['userid']}");
print_stop_message('deleted_reputation_successfully');
}
// *************************************************************************************************
if ($_REQUEST['do'] == 'deletereputation') {
$vbulletin->input->clean_array_gpc('r', array('reputationid' => TYPE_INT));
print_delete_confirmation('reputation', $vbulletin->GPC['reputationid'], 'adminreputation', 'killreputation');
}
if ($_REQUEST['do'] == 'modify') {
$reputationlevels = $db->query_read("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "reputationlevel\n\t\tORDER BY minimumreputation\n\t");
print_form_header('adminreputation', 'updateminimums');
print_table_header($vbphrase['user_reputation_manager'], 3);
print_cells_row(array($vbphrase['reputation_level'], $vbphrase['minimum_reputation_level'], $vbphrase['controls']), 1);
while ($reputationlevel = $db->fetch_array($reputationlevels)) {
$reputationlevel['level'] = htmlspecialchars_uni($vbphrase['reputation' . $reputationlevel['reputationlevelid']]);
$cell = array();
$cell[] = "{$vbphrase['user']} <b>{$reputationlevel['level']}</b>";
print_stop_message('invalid_locale', $langupdate['locale']);
}
if ($langupdate['dateoverride'] == '' or $langupdate['timeoverride'] == '' or $langupdate['registereddateoverride'] == '' or $langupdate['calformat1override'] == '' or $langupdate['calformat2override'] == '' or $langupdate['logdateoverride'] == '') {
print_stop_message('locale_define_fill_in_all_overrides');
}
}
$query = fetch_query_sql($langupdate, 'language', "WHERE languageid = " . $vbulletin->GPC['dolanguageid']);
$db->query_write($query);
if ($vbulletin->GPC['isdefault'] and $vbulletin->GPC['dolanguageid'] != $vbulletin->options['languageid']) {
$do = 'setdefault';
} else {
$do = 'modify';
}
build_language_datastore();
define('CP_REDIRECT', 'language.php?dolanguageid=' . $vbulletin->GPC['dolanguageid'] . '&do=' . $do);
print_stop_message('saved_language_x_successfully', $newlang['title']);
}
// ##########################################################################
if ($_REQUEST['do'] == 'edit_settings') {
$language = fetch_languages_array($vbulletin->GPC['dolanguageid']);
$getoptions = convert_bits_to_array($language['options'], $vbulletin->bf_misc_languageoptions);
$language = array_merge($language, $getoptions);
print_form_header('language', 'update_settings');
construct_hidden_code('dolanguageid', $vbulletin->GPC['dolanguageid']);
print_table_header(construct_phrase($vbphrase['x_y_id_z'], $vbphrase['language'], $language['title'], $language['languageid']));
print_description_row($vbphrase['general_settings'], 0, 2, 'thead');
print_input_row($vbphrase['title'], 'title', $language['title'], 0);
print_yes_no_row($vbphrase['allow_user_selection'], 'userselect', $language['userselect']);
print_yes_no_row($vbphrase['is_default_language'], 'isdefault', iif($vbulletin->GPC['dolanguageid'] == $vbulletin->options['languageid'], 1, 0));
print_yes_no_row($vbphrase['enable_directional_markup_fix'], 'options[dirmark]', $language['dirmark']);
print_label_row($vbphrase['text_direction'], '<label for="rb_l2r"><input type="radio" name="options[direction]" id="rb_l2r" value="1" tabindex="1"' . iif($language['direction'], ' checked="checked"') . " />{$vbphrase['left_to_right']}</label><br />" . '
}
print_forum_chooser($vbphrase['use_prefix_set_in_these_forums'], 'forumids[]', $enabled_forums, $vbphrase['none'], false, true);
print_submit_row();
}
// ########################################################################
if ($_POST['do'] == 'displayorder') {
$vbulletin->input->clean_array_gpc('p', array('prefixset_order' => TYPE_ARRAY_UINT, 'prefix_order' => TYPE_ARRAY_UINT));
foreach ($vbulletin->GPC['prefixset_order'] as $prefixsetid => $displayorder) {
$db->query_write("\r\n\t\t\tUPDATE " . TABLE_PREFIX . "prefixset SET\r\n\t\t\t\tdisplayorder = " . intval($displayorder) . "\r\n\t\t\tWHERE prefixsetid = '" . $db->escape_string($prefixsetid) . "'\r\n\t\t");
}
foreach ($vbulletin->GPC['prefix_order'] as $prefixid => $displayorder) {
$db->query_write("\r\n\t\t\tUPDATE " . TABLE_PREFIX . "prefix SET\r\n\t\t\t\tdisplayorder = " . intval($displayorder) . "\r\n\t\t\tWHERE prefixid = '" . $db->escape_string($prefixid) . "'\r\n\t\t");
}
build_prefix_datastore();
define('CP_REDIRECT', 'prefix.php?do=list');
print_stop_message('saved_display_order_successfully');
}
// ########################################################################
if ($_REQUEST['do'] == 'list') {
$prefixsets_sql = $db->query_read("\r\n\t\tSELECT *\r\n\t\tFROM " . TABLE_PREFIX . "prefixset\r\n\t\tORDER BY displayorder\r\n\t");
$prefixsets = array();
while ($prefixset = $db->fetch_array($prefixsets_sql)) {
$prefixsets["{$prefixset['prefixsetid']}"] = $prefixset;
$prefixsets["{$prefixset['prefixsetid']}"]['prefixes'] = array();
}
$prefixes_sql = $db->query_read("\r\n\t\tSELECT *\r\n\t\tFROM " . TABLE_PREFIX . "prefix\r\n\t\tORDER BY displayorder\r\n\t");
while ($prefix = $db->fetch_array($prefixes_sql)) {
if (isset($prefixsets["{$prefix['prefixsetid']}"])) {
$prefixsets["{$prefix['prefixsetid']}"]['prefixes']["{$prefix['prefixid']}"] = $prefix;
}
}
if (!empty($vbulletin->GPC['modaction'])) {
$sqlconds[] = "action LIKE '%" . $db->escape_string_like($vbulletin->GPC['modaction']) . "%'";
}
if (!empty($vbulletin->GPC['userid'])) {
$sqlconds[] = "userid = " . $vbulletin->GPC['userid'];
}
if ($vbulletin->GPC['product']) {
if ($vbulletin->GPC['product'] == 'vbulletin') {
$sqlconds[] = "product IN ('', 'vbulletin')";
} else {
$sqlconds[] = "product = '" . $db->escape_string($vbulletin->GPC['product']) . "'";
}
}
$db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "moderatorlog\n\t\tWHERE " . (!empty($sqlconds) ? implode("\r\n\tAND ", $sqlconds) : "") . "\n\t");
define('CP_REDIRECT', 'modlog.php?do=choose');
print_stop_message('pruned_moderator_log_successfully');
}
// ###################### Start modify #######################
if ($_REQUEST['do'] == 'choose') {
$users = $db->query_read("\n\t\tSELECT DISTINCT moderatorlog.userid, user.username\n\t\tFROM " . TABLE_PREFIX . "moderatorlog AS moderatorlog\n\t\tINNER JOIN " . TABLE_PREFIX . "user AS user USING(userid)\n\t\tORDER BY username\n\t");
$userlist = array('no_value' => $vbphrase['all_log_entries']);
while ($user = $db->fetch_array($users)) {
$userlist["{$user['userid']}"] = $user['username'];
}
print_form_header('modlog', 'view');
print_table_header($vbphrase['moderator_log_viewer']);
print_input_row($vbphrase['log_entries_to_show_per_page'], 'perpage', 15);
print_select_row($vbphrase['show_only_entries_generated_by'], 'userid', $userlist);
print_time_row($vbphrase['start_date'], 'startdate', 0, 0);
print_time_row($vbphrase['end_date'], 'enddate', 0, 0);
if (count($products = fetch_product_list()) > 1) {
}
}
$userchange["{$fname}"] = $str ? $str : '-';
}
break;
}
// sometimes we need translate the fieldname to show the phrases (database field and phrase have different name)
$fieldnametrans = array('usergroupid' => 'primary_usergroup', 'membergroupids' => 'additional_usergroups');
if ($fieldnametrans["{$userchange['fieldname']}"]) {
$userchange['fieldname'] = $fieldnametrans["{$userchange['fieldname']}"];
}
// print the change
$text = array();
$text[] = $vbphrase["{$userchange['fieldname']}"];
$text[] = $userchange['oldvalue'];
$text[] = $userchange['newvalue'];
print_cells_row($text, 0, false, -10);
}
print_table_footer();
} else {
print_stop_message('no_userchange_history');
}
}
}
print_cp_footer();
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 22:41, Fri Oct 10th 2008
|| # CVS: $RCSfile$ - $Revision: 27484 $
|| ####################################################################
\*======================================================================*/
define('CP_REDIRECT', 'usertitle.php?do=modify');
print_stop_message('saved_user_title_x_successfully', $vbulletin->GPC['title']);
}
// ###################### Start Remove #######################
if ($_REQUEST['do'] == 'remove') {
print_form_header('usertitle', 'kill');
construct_hidden_code('usertitleid', $vbulletin->GPC['usertitleid']);
print_table_header($vbphrase['confirm_deletion']);
print_description_row($vbphrase['are_you_sure_you_want_to_delete_this_user_title']);
print_submit_row($vbphrase['yes'], '', 2, $vbphrase['no']);
}
// ###################### Start Kill #######################
if ($_POST['do'] == 'kill') {
$db->query_write("DELETE FROM " . TABLE_PREFIX . "usertitle WHERE usertitleid = " . $vbulletin->GPC['usertitleid']);
define('CP_REDIRECT', 'usertitle.php?do=modify');
print_stop_message('deleted_user_title_successfully');
}
// ###################### Start modify #######################
if ($_REQUEST['do'] == 'modify') {
$usertitles = $db->query_read("\r\n\t\tSELECT usertitleid, title, minposts\r\n\t\tFROM " . TABLE_PREFIX . "usertitle\r\n\t\tORDER BY minposts\r\n\t");
?>
<script type="text/javascript">
function js_usergroup_jump(usertitleid, obj)
{
task = obj.options[obj.selectedIndex].value;
switch (task)
{
case 'edit': window.location = "usertitle.php?<?php
echo $vbulletin->session->vars['sessionurl_js'];
?>
do=edit&usertitleid=" + usertitleid; break;
print_form_header('usergroup', 'processjoinrequests');
construct_hidden_code('usergroupid', $vbulletin->GPC['usergroupid']);
print_table_header("{$usergroup['title']} - ({$vbphrase['join_requests']}: {$usergroup['joinrequests']})", 6);
if (!empty($leaders)) {
print_description_row("<span style=\"font-weight:normal\">(" . $vbphrase['usergroup_leader'] . ': ' . implode(', ', $leaders) . ')</span>', 0, 6, 'thead');
}
print_cells_row(array($vbphrase['username'], $vbphrase['reason'], '<span style="white-space:nowrap">' . $vbphrase['date'] . '</span>', '<input type="button" value="' . $vbphrase['accept'] . '" onclick="js_check_all_option(this.form, 1);" class="button" title="' . $vbphrase['check_all'] . '" />', '<input type="button" value=" ' . $vbphrase['deny'] . ' " onclick="js_check_all_option(this.form, 0);" class="button" title="' . $vbphrase['check_all'] . '" />', '<input type="button" value="' . $vbphrase['ignore'] . '" onclick="js_check_all_option(this.form, -1);" class="button" title="' . $vbphrase['check_all'] . '" />'), 1);
$i = 0;
while ($request = $db->fetch_array($requests)) {
if ($i > 0 and $i % 10 == 0) {
print_description_row('<div align="center"><input type="submit" class="button" value="' . $vbphrase['process'] . '" accesskey="s" tabindex="1" /></div>', 0, 6, 'thead');
}
$i++;
$cell = array("<a href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u={$request['userid']}\"><b>{$request['username']}</b></a>", $request['reason'], '<span class="smallfont">' . vbdate($vbulletin->options['dateformat'], $request['dateline']) . '<br />' . vbdate($vbulletin->options['timeformat'], $request['dateline']) . '</span>', '<label for="a' . $request['usergrouprequestid'] . '" class="smallfont">' . $vbphrase['accept'] . '<input type="radio" name="request[' . $request['usergrouprequestid'] . ']" value="1" id="a' . $request['usergrouprequestid'] . '" tabindex="1" /></label>', '<label for="d' . $request['usergrouprequestid'] . '" class="smallfont">' . $vbphrase['deny'] . '<input type="radio" name="request[' . $request['usergrouprequestid'] . ']" value="0" id="d' . $request['usergrouprequestid'] . '" tabindex="1" /></label>', '<label for="i' . $request['usergrouprequestid'] . '" class="smallfont">' . $vbphrase['ignore'] . '<input type="radio" name="request[' . $request['usergrouprequestid'] . ']" value="-1" id="i' . $request['usergrouprequestid'] . '" tabindex="1" checked="checked" /></label>');
print_cells_row($cell, 0, '', -5);
}
unset($request);
$db->free_result($requests);
print_submit_row($vbphrase['process'], $vbphrase['reset'], 6);
} else {
print_stop_message('no_join_requests_matched_your_query');
}
}
}
print_cp_footer();
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 22:41, Fri Oct 10th 2008
|| # CVS: $RCSfile$ - $Revision: 27232 $
|| ####################################################################
\*======================================================================*/
/**
* Simple vB Redirection Function
*
* @param string $do
* @param string $stopmessage
* @param string $var
*/
function redirect($do, $stopmessage, $var = '')
{
define('CP_REDIRECT', "ame.php?do={$do}");
print_stop_message($stopmessage, $var);
}
// #############################################################################
if (empty($_REQUEST['do'])) {
$_REQUEST['do'] = 'modify';
}
// #############################################################################
if ($_POST['do'] == 'update') {
$vbulletin->input->clean_array_gpc('p', array('cssprefs' => TYPE_STR, 'dismissednews' => TYPE_STR));
foreach ($vbulletin->GPC['adminpermissions'] as $key => $value) {
$admindm->set_bitfield('adminpermissions', $key, $value);
}
($hook = vBulletinHook::fetch_hook('admin_permissions_process')) ? eval($hook) : false;
$admindm->set('cssprefs', $vbulletin->GPC['cssprefs']);
$admindm->set('dismissednews', $vbulletin->GPC['dismissednews']);
$admindm->save();
define('CP_REDIRECT', "adminpermissions.php?" . $vbulletin->session->vars['sessionurl'] . "#user{$user['userid']}");
print_stop_message('saved_administrator_permissions_successfully');
}
// #############################################################################
if ($_REQUEST['do'] == 'edit') {
echo "<p align=\"center\">{$vbphrase['give_admin_access_arbitrary_html']}</p>";
print_form_header('adminpermissions', 'update');
construct_hidden_code('userid', $vbulletin->GPC['userid']);
construct_hidden_code('oldpermissions', $user['adminpermissions']);
print_table_header(construct_phrase($vbphrase['x_y_id_z'], $vbphrase['administrator_permissions'], $user['username'], $user['userid']));
print_label_row("{$vbphrase['administrator']}: <a href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u=" . $vbulletin->GPC['userid'] . "\">{$user['username']}</a>", '<div align="' . $stylevar['right'] . '"><input type="button" class="button" value=" ' . $vbphrase['all_yes'] . ' " onclick="js_check_all_option(this.form, 1);" /> <input type="button" class="button" value=" ' . $vbphrase['all_no'] . ' " onclick="js_check_all_option(this.form, 0);" /></div>', 'thead');
foreach (convert_bits_to_array($user['adminpermissions'], $ADMINPERMISSIONS) as $field => $value) {
print_yes_no_row($permsphrase["{$field}"] == '' ? $vbphrase['n_a'] : $permsphrase["{$field}"], "adminpermissions[{$field}]", $value);
}
($hook = vBulletinHook::fetch_hook('admin_permissions_form')) ? eval($hook) : false;
print_select_row($vbphrase['control_panel_style_choice'], 'cssprefs', array_merge(array('' => "({$vbphrase['default']})"), fetch_cpcss_options()), $user['cssprefs']);
print_input_row($vbphrase['dismissed_news_item_ids'], 'dismissednews', $user['dismissednews']);
}
if (!empty($vbulletin->GPC['pageaction'])) {
$action = $vbulletin->GPC['pageaction'];
} else {
if ($strpos and preg_match('#do=([^&]+)(&|$)#sU', substr($fullpage, $strpos), $matches)) {
$action = $matches[1];
} else {
$action = '';
}
}
if (empty($vbulletin->GPC['option'])) {
$vbulletin->GPC['option'] = NULL;
}
$helptopics = $db->query_read("\n\t\tSELECT *, LENGTH(action) AS length\n\t\tFROM " . TABLE_PREFIX . "adminhelp\n\t\tWHERE script = '" . $db->escape_string($pagename) . "' AND\n\t\t\t(action = '' OR FIND_IN_SET('" . $db->escape_string($action) . "', action))\n\t\t\t" . iif($vbulletin->GPC['option'] !== NULL, "AND\n\t\t\toptionname = '" . $db->escape_string($vbulletin->GPC['option']) . "'") . " AND\n\t\t\tdisplayorder <> 0\n\t\tORDER BY length, displayorder\n\t");
if (($resultcount = $db->num_rows($helptopics)) == 0) {
print_stop_message('no_help_topics');
} else {
$general = array();
$specific = array();
$phraseSQL = array();
while ($topic = $db->fetch_array($helptopics)) {
$phrasename = $db->escape_string(fetch_help_phrase_short_name($topic));
$phraseSQL[] = "'{$phrasename}" . "_title'";
$phraseSQL[] = "'{$phrasename}" . "_text'";
if (!$topic['action']) {
$general[] = $topic;
} else {
$specific[] = $topic;
}
}
// query phrases
$gettitle = $db->query_first("\n\t\t\t\t\t\tSELECT title\n\t\t\t\t\t\tFROM " . TABLE_PREFIX . "usertitle\n\t\t\t\t\t\tWHERE minposts <= {$getuserid['posts']}\n\t\t\t\t\t\tORDER BY minposts DESC\n\t\t\t\t\t");
$usertitle = $gettitle['title'];
} else {
$usertitle = $vbulletin->usergroupcache["2"]['usertitle'];
}
} else {
$usertitle = $getuserid['usertitle'];
}
$userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
$userdm->set_existing($getuserid);
$userdm->set('usergroupid', 2);
$getuserid['usergroupid'] = 2;
if ($getuserid['displaygroupid'] == 7) {
$userdm->set('displaygroupid', 2);
$getuserid['displaygroupid'] = 2;
}
$userdm->set('usertitle', $usertitle);
$userdm->save();
unset($userdm);
}
define('CP_REDIRECT', "moderator.php?do=showlist");
print_stop_message('deleted_moderators_successfully');
}
}
print_cp_footer();
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 08:19, Wed Nov 5th 2008
|| # CVS: $RCSfile$ - $Revision: 27232 $
|| ####################################################################
\*======================================================================*/
$tags = fetch_tag_list('', true);
if ($vbulletin->GPC['twoparams'] and isset($tags['option'][$vbulletin->GPC['bbcodetag']]) or !$vbulletin->GPC['twoparams'] and isset($tags['no_option'][$vbulletin->GPC['bbcodetag']])) {
print_stop_message('there_is_already_bb_code_named_x', htmlspecialchars_uni($vbulletin->GPC['bbcodetag']));
}
}
$vbulletin->GPC['bbcodereplacement'] = str_replace('%', '%%', $vbulletin->GPC['bbcodereplacement']);
if ($vbulletin->GPC['twoparams']) {
$vbulletin->GPC['bbcodereplacement'] = str_replace('{param}', '%1$s', $vbulletin->GPC['bbcodereplacement']);
$vbulletin->GPC['bbcodereplacement'] = str_replace('{option}', '%2$s', $vbulletin->GPC['bbcodereplacement']);
} else {
$vbulletin->GPC['bbcodereplacement'] = str_replace('{param}', '%1$s', $vbulletin->GPC['bbcodereplacement']);
}
$db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "bbcode SET\n\t\t\ttitle = '" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\tbbcodetag = '" . $db->escape_string($vbulletin->GPC['bbcodetag']) . "',\n\t\t\tbbcodereplacement = '" . $db->escape_string($vbulletin->GPC['bbcodereplacement']) . "',\n\t\t\tbbcodeexample = '" . $db->escape_string($vbulletin->GPC['bbcodeexample']) . "',\n\t\t\tbbcodeexplanation = '" . $db->escape_string($vbulletin->GPC['bbcodeexplanation']) . "',\n\t\t\ttwoparams = '" . $db->escape_string($vbulletin->GPC['twoparams']) . "',\n\t\t\tbuttonimage = '" . $db->escape_string($vbulletin->GPC['buttonimage']) . "',\n\t\t\toptions = " . convert_array_to_bits($vbulletin->GPC['options'], $vbulletin->bf_misc['bbcodeoptions']) . "\n\t\tWHERE bbcodeid = " . $vbulletin->GPC['bbcodeid']);
build_bbcode_cache();
define('CP_REDIRECT', 'bbcode.php?do=modify');
print_stop_message('saved_bb_code_x_successfully', "[" . $vbulletin->GPC['bbcodetag'] . "]");
}
// ####################################### REMOVE #####################################
if ($_REQUEST['do'] == 'remove') {
$vbulletin->input->clean_array_gpc('r', array('bbcodeid' => TYPE_INT));
print_delete_confirmation('bbcode', $vbulletin->GPC['bbcodeid'], 'bbcode', 'kill', 'bb_code');
}
// ######################################## KILL #####################################
if ($_POST['do'] == 'kill') {
$vbulletin->input->clean_array_gpc('p', array('bbcodeid' => TYPE_INT));
$db->query_write("DELETE FROM " . TABLE_PREFIX . "bbcode WHERE bbcodeid = " . $vbulletin->GPC['bbcodeid']);
build_bbcode_cache();
$_REQUEST['do'] = 'modify';
}
// ######################################### TEST ######################################
if ($_POST['do'] == 'test') {
define('CP_CONTINUE', $merge_url);
print_stop_message('product_x_imported_need_merge', $info['productid'], htmlspecialchars($merge_url));
}
} else {
print_stop_message('product_x_imported', $info['productid']);
}
}
// #############################################################################
if ($_REQUEST['do'] == 'productexport') {
require_once DIR . '/includes/class_xml.php';
$xml = new vB_XML_Builder($vbulletin);
$vbulletin->input->clean_array_gpc('r', array('productid' => TYPE_STR));
// Set up the parent tag
$product_details = $db->query_first("\r\n\t\tSELECT *\r\n\t\tFROM " . TABLE_PREFIX . "product\r\n\t\tWHERE productid = '" . $db->escape_string($vbulletin->GPC['productid']) . "'\r\n\t");
if (!$product_details) {
print_stop_message('invalid_product_specified');
}
$export_styleid = -1;
$export_languageids = array(-1, 0);
// ############## main product info
$xml->add_group('product', array('productid' => strtolower($product_details['productid']), 'active' => $product_details['active']));
// Parent for product
$xml->add_tag('title', $product_details['title']);
$xml->add_tag('description', $product_details['description']);
$xml->add_tag('version', $product_details['version']);
$xml->add_tag('url', $product_details['url']);
$xml->add_tag('versioncheckurl', $product_details['versioncheckurl']);
($hook = vBulletinHook::fetch_hook('admin_product_export')) ? eval($hook) : false;
// ############## dependencies
$product_dependencies = $db->query_read("\r\n\t\tSELECT *\r\n\t\tFROM " . TABLE_PREFIX . "productdependency\r\n\t\tWHERE productid = '" . $db->escape_string($vbulletin->GPC['productid']) . "'\r\n\t\tORDER BY dependencytype, parentproductid, minversion\r\n\t");
$xml->add_group('dependencies');
/*insert query*/
$db->query_write("\n\t\t\tINSERT INTO " . TABLE_PREFIX . "attachmenttype\n\t\t\t(\n\t\t\t\textension,\n\t\t\t\tsize,\n\t\t\t\theight,\n\t\t\t\twidth,\n\t\t\t\tmimetype,\n\t\t\t\tcontenttypes\n\t\t\t)\n\t\t\tVALUES\n\t\t\t(\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['type']['extension']) . "',\n\t\t\t\t" . intval($vbulletin->GPC['type']['size']) . ",\n\t\t\t\t" . intval($vbulletin->GPC['type']['height']) . ",\n\t\t\t\t" . intval($vbulletin->GPC['type']['width']) . ",\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['type']['mimetype']) . "',\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['type']['contenttype']) . "'\n\t\t\t)\n\t\t");
build_attachment_permissions();
}
print_stop_message('saved_attachment_type_x_successfully', $vbulletin->GPC['type']['extension']);
}
// ###################### Remove File Type ####################
if ($_REQUEST['do'] == 'removetype') {
$vbulletin->input->clean_array_gpc('r', array('extension' => TYPE_STR));
print_form_header('attachment', 'killtype', 0, 1, '', '75%');
construct_hidden_code('extension', $vbulletin->GPC['extension']);
print_table_header(construct_phrase($vbphrase['confirm_deletion_of_attachment_type_x'], $vbulletin->GPC['extension']));
print_description_row("\n\t\t<blockquote><br />" . construct_phrase($vbphrase['are_you_sure_you_want_to_delete_the_attachment_type_x'], $vbulletin->GPC['extension']) . "\n\t\t<br /></blockquote>\n\t");
print_submit_row($vbphrase['yes'], 0, 2, $vbphrase['no']);
}
// ###################### Kill File Type ####################
if ($_POST['do'] == 'killtype') {
$vbulletin->input->clean_array_gpc('r', array('extension' => TYPE_STR));
$db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "attachmenttype\n\t\tWHERE extension = '" . $db->escape_string($vbulletin->GPC['extension']) . "'\n\t");
$db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "attachmentpermission\n\t\tWHERE extension = '" . $db->escape_string($vbulletin->GPC['extension']) . "'\n\t");
build_attachment_permissions();
define('CP_REDIRECT', 'attachment.php?do=types');
print_stop_message('deleted_attachment_type_successfully');
}
print_cp_footer();
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 03:13, Sat Sep 7th 2013
|| # CVS: $RCSfile$ - $Revision: 76725 $
|| ####################################################################
\*======================================================================*/
print_stop_message('please_complete_required_fields');
}
if (empty($vbulletin->GPC['infractionbanid'])) {
$db->query_write("INSERT INTO " . TABLE_PREFIX . "infractionban (amount) VALUES (0)");
$vbulletin->GPC['infractionbanid'] = $db->insert_id();
}
$db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "infractionban\n\t\tSET amount = " . $vbulletin->GPC['amount'] . ",\n\t\t\tmethod = '" . $db->escape_string($vbulletin->GPC['method']) . "',\n\t\t\tusergroupid = " . $vbulletin->GPC['usergroupid'] . ",\n\t\t\tbanusergroupid = " . $vbulletin->GPC['banusergroupid'] . ",\n\t\t\tperiod = '" . $db->escape_string($vbulletin->GPC['period']) . "'\n\t\tWHERE infractionbanid = " . $vbulletin->GPC['infractionbanid'] . "\n\t");
define('CP_REDIRECT', 'admininfraction.php?do=modify');
print_stop_message('saved_automatic_ban_successfully');
}
// ###################### Start Remove #######################
if ($_REQUEST['do'] == 'removebangroup') {
print_form_header('admininfraction', 'killbangroup');
construct_hidden_code('infractionbanid', $vbulletin->GPC['infractionbanid']);
print_table_header(construct_phrase($vbphrase['confirm_deletion_x'], $vbphrase['automatic_ban']));
print_description_row($vbphrase['are_you_sure_you_want_to_delete_this_automatic_ban']);
print_submit_row($vbphrase['yes'], '', 2, $vbphrase['no']);
}
// ###################### Start Kill #######################
if ($_POST['do'] == 'killbangroup') {
$db->query_write("DELETE FROM " . TABLE_PREFIX . "infractionban WHERE infractionbanid = " . $vbulletin->GPC['infractionbanid']);
define('CP_REDIRECT', 'admininfraction.php?do=modify');
print_stop_message('deleted_automatic_ban_successfully');
}
print_cp_footer();
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 12:39, Wed May 30th 2012
|| # CVS: $RCSfile$ - $Revision: 39862 $
|| ####################################################################
\*======================================================================*/
}
// ###################### Start Remove ###################################
if ($_REQUEST['do'] == 'remove_group') {
// check for there is no groups mapped to this one
// admincp_check_for_mapped_groups( $vbulletin->GPC['group_id'] );
print_form_header($this_script, 'kill_group');
construct_hidden_code('group_id', $vbulletin->GPC['group_id']);
print_table_header($vbphrase['confirm_deletion']);
print_description_row($vbphrase['nntp_are_you_sure_you_want_to_delete_this_group']);
print_submit_row($vbphrase['yes'], '', 2, $vbphrase['no']);
}
// ###################### Start Kill #####################################
if ($_REQUEST['do'] == 'kill_group') {
$group_id = $vbulletin->GPC['group_id'];
define('CP_REDIRECT', $this_script . '.php?do=list');
if ($nntp_group->delete_group($group_id)) {
print_stop_message('nntp_group_deleted_successfully');
} else {
print_stop_message('nntp_group_deleted_defeated');
}
}
// ###################### Start clean #####################################
if ($_REQUEST['do'] == 'group_clean') {
$group_id = $vbulletin->GPC['group_id'];
define('CP_REDIRECT', $this_script . '.php?do=list');
if ($nntp_group->clean_group($group_id)) {
print_stop_message('nntp_group_cleaned_successfully');
} else {
print_stop_message('nntp_group_cleaned_defeated');
}
}
print_cells_row($headercell, 1);
while ($user = $db->fetch_array($permusers))
{
print_cells_row(construct_banned_user_row($user));
}
print_submit_row($vbphrase['ban_user'], 0, 8);
}
if (!$havebanned)
{
if ($canbanuser)
{
print_stop_message('no_users_banned_from_x_board_click_here', '<b>' . $vbulletin->options['bbtitle'] . '</b>', 'banning.php?' . $vbulletin->session->vars['sessionurl'] . 'do=banuser');
}
else
{
print_stop_message('no_users_banned_from_x_board', '<b>' . $vbulletin->options['bbtitle'] . '</b>');
}
}
}
print_cp_footer();
/*======================================================================*\
|| ####################################################################
|| #
|| # CVS: $RCSfile$ - $Revision: 35055 $
|| ####################################################################
\*======================================================================*/
?>
/**
* Verifies the CP sessionhash is sent through with the request to prevent
* an XSS-style issue.
*
* @param boolean Whether to halt if an error occurs
* @param string Name of the input variable to look at
*
* @return boolean True on success, false on failure
*/
function verify_cp_sessionhash($halt = true, $input = 'hash')
{
global $vbulletin;
if (!isset($vbulletin->GPC["{$input}"])) {
$vbulletin->input->clean_array_gpc('r', array($input => TYPE_STR));
}
if ($vbulletin->GPC["{$input}"] != CP_SESSIONHASH) {
if ($halt) {
print_stop_message('security_alert_hash_mismatch');
} else {
return false;
}
}
return true;
}
else
{
print_label_row($bitfieldnames["$val"], '<b>' . $vbphrase['no'] . '</b>');
}
}
}
print_table_footer();
}
// ###################### Start viewing resources for specific user ########################
if ($_REQUEST['do'] == 'viewuser')
{
$userinfo = fetch_userinfo($vbulletin->GPC['userid']);
if (!$userinfo)
{
print_stop_message('invalid_user_specified');
}
$perms = cache_permissions($userinfo);
print_form_header('', '');
print_table_header($userinfo['username'] . " <span class=\"normal\">(userid: $userinfo[userid])</span>");
foreach ($userinfo['forumpermissions'] AS $forumid => $forumperms)
{
print_table_header($vbulletin->forumcache["$forumid"]['title'] . " <span class=\"normal\">(forumid: $forumid)</span>");
foreach ($vbulletin->bf_ugp_forumpermissions AS $key => $val)
{
if (bitwise($userinfo['forumpermissions']["$forumid"], $val))
{
print_label_row($bitfieldnames["$val"], '<b>' . $vbphrase['yes'] . '</b>');
// remove record from ad_cache
unset($ad_cache[$vbulletin->GPC['adid']]);
$ad_cache = array_values($ad_cache);
// rebuild affected template
require_once DIR . '/includes/functions_ad.php';
$template = build_ad_template($adlocation);
$template_un = $template;
require_once DIR . '/includes/adminfunctions_template.php';
$template = compile_template($template);
// note: we are skipping the error check this time around because it would not make sense to ask user to check the
// template if they've already confirmed at other locations that their if conditions are wrong or whatever, and they
// cannot fix it here.
$db->query_write("\r\n\t\tUPDATE " . TABLE_PREFIX . "template SET\r\n\t\t\ttemplate = '" . $db->escape_string($template) . "',\r\n\t\t\ttemplate_un = '" . $db->escape_string($template_un) . "',\r\n\t\t\tdateline = " . TIMENOW . ",\r\n\t\t\tusername = '******'username']) . "'\r\n\t\tWHERE\r\n\t\t\ttitle = 'ad_" . $db->escape_string($adlocation) . "'\r\n\t\tAND\r\n\t\t\tstyleid IN (-1,0)\r\n\t");
build_all_styles();
define('CP_REDIRECT', 'ad.php?do=modify');
print_stop_message('deleted_ad_successfully');
}
// #############################################################################
// quick update of active and display order fields
if ($_POST['do'] == 'quickupdate') {
$vbulletin->input->clean_array_gpc('p', array('active' => TYPE_ARRAY_BOOL, 'displayorder' => TYPE_ARRAY_UINT, 'displayorderswap' => TYPE_CONVERT_KEYS));
$changes = false;
$update_ids = '0';
$update_active = '';
$update_displayorder = '';
$ads_dispord = array();
$changed_locations = array();
$ads_result = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "ad");
while ($ad = $db->fetch_array($ads_result)) {
$ads_dispord["{$ad['adid']}"] = $ad['displayorder'];
if (intval($ad['active']) != $vbulletin->GPC['active']["{$ad['adid']}"] or $ad['displayorder'] != $vbulletin->GPC['displayorder']["{$ad[$adid]}"]) {
// update handler - we sent the site details form (add new or edit old one)
if ($_POST['do'] == 'update') {
$vbulletin->input->clean_array_gpc('p', array('bookmarksiteid' => TYPE_UINT, 'title' => TYPE_NOHTML, 'iconpath' => TYPE_STR, 'active' => TYPE_BOOL, 'displayorder' => TYPE_UINT, 'url' => TYPE_STR, 'utf8encode' => TYPE_BOOL));
$vbulletin->GPC['url'] = preg_replace('/&(?!(#[0-9]+|[a-z]+);)/U', '&', $vbulletin->GPC['url']);
if (!$vbulletin->GPC['title'] or !$vbulletin->GPC['url']) {
print_stop_message('please_complete_required_fields');
}
if ($vbulletin->GPC['bookmarksiteid'] and $bookmarksite = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bookmarksite WHERE bookmarksiteid = " . $vbulletin->GPC['bookmarksiteid'])) {
$db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "bookmarksite SET\n\t\t\t\ttitle = '" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\t\ticonpath = '" . $db->escape_string($vbulletin->GPC['iconpath']) . "',\n\t\t\t\tactive = " . $vbulletin->GPC['active'] . ",\n\t\t\t\tdisplayorder = " . $vbulletin->GPC['displayorder'] . ",\n\t\t\t\turl = '" . $db->escape_string($vbulletin->GPC['url']) . "',\n\t\t\t\tutf8encode = '" . $db->escape_string($vbulletin->GPC['utf8encode']) . "'\n\t\t\tWHERE bookmarksiteid = " . $vbulletin->GPC['bookmarksiteid']);
} else {
$db->query_write("\n\t\t\tINSERT INTO " . TABLE_PREFIX . "bookmarksite\n\t\t\t\t(title, iconpath, active, displayorder, url, utf8encode)\n\t\t\tVALUES (\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['iconpath']) . "',\n\t\t\t\t" . $vbulletin->GPC['active'] . ",\n\t\t\t\t" . $vbulletin->GPC['displayorder'] . ",\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['url']) . "',\n\t\t\t\t'" . $db->escape_string($vbulletin->GPC['utf8encode']) . "'\n\t\t\t)\n\t\t");
}
// rebuild the cache
build_bookmarksite_datastore();
define('CP_REDIRECT', 'bookmarksite.php' . $vbulletin->session->vars['sessionurl_q']);
print_stop_message('bookmark_site_saved_successfully');
$_REQUEST['do'] = 'modify';
}
// ########################################################################
if ($_REQUEST['do'] == 'add' or $_REQUEST['do'] == 'edit') {
$vbulletin->input->clean_array_gpc('r', array('bookmarksiteid' => TYPE_UINT));
print_form_header('bookmarksite', 'update');
print_column_style_code(array('width:35%', 'width:65%'));
if ($_REQUEST['do'] == 'edit' and $bookmarksite = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bookmarksite WHERE bookmarksiteid = " . $vbulletin->GPC['bookmarksiteid'])) {
// edit existing
print_table_header($vbphrase['edit_social_bookmarking_site'] . " <span class=\"normal\">{$bookmarksite['title']}</span>");
construct_hidden_code('bookmarksiteid', $bookmarksite['bookmarksiteid']);
} else {
// add new
$bookmarksite = $vbulletin->db->query_first("SELECT MAX(displayorder) AS displayorder FROM " . TABLE_PREFIX . "bookmarksite");
$bookmarksite['displayorder'] += 10;
/**
* Reads XML style file and imports data from it into the database
*
* @param string XML data
* @param integer Style ID
* @param integer Parent style ID
* @param string New style title
* @param boolean Allow vBulletin version mismatch
* @param integer Display order for new style
* @param boolean Allow user selection of new style
*/
function xml_import_style($xml = false, $styleid = -1, $parentid = -1, $title = '', $anyversion = false, $displayorder = 1, $userselect = true)
{
// $GLOBALS['path'] needs to be passed into this function or reference $vbulletin->GPC['path']
global $vbulletin, $vbphrase;
print_dots_start('<b>' . $vbphrase['importing_style'] . "</b>, {$vbphrase['please_wait']}", ':', 'dspan');
require_once DIR . '/includes/class_xml.php';
$xmlobj = new vB_XML_Parser($xml, $vbulletin->GPC['path']);
if ($xmlobj->error_no == 1) {
print_dots_stop();
print_stop_message('no_xml_and_no_path');
} else {
if ($xmlobj->error_no == 2) {
print_dots_stop();
print_stop_message('please_ensure_x_file_is_located_at_y', 'vbulletin-style.xml', $vbulletin->GPC['path']);
}
}
if (!($arr = $xmlobj->parse())) {
print_dots_stop();
print_stop_message('xml_error_x_at_line_y', $xmlobj->error_string(), $xmlobj->error_line());
}
if (!$arr['templategroup']) {
print_dots_stop();
print_stop_message('invalid_file_specified');
}
$version = $arr['vbversion'];
$master = $arr['type'] == 'master' ? 1 : 0;
$title = empty($title) ? $arr['name'] : $title;
$product = empty($arr['product']) ? 'vbulletin' : $arr['product'];
$arr = $arr['templategroup'];
if (empty($arr[0])) {
$arr = array($arr);
}
$full_product_info = fetch_product_list(true);
$product_info = $full_product_info["{$product}"];
// version check
if ($version != $product_info['version'] and !$anyversion and !$master) {
print_dots_stop();
print_stop_message('upload_file_created_with_different_version', $product_info['version'], $version);
}
if ($master) {
// overwrite master style
echo "<h3>{$vbphrase['master_style']}</h3>\n<p>{$vbphrase['please_wait']}</p>";
vbflush();
$vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "template WHERE styleid = -10 AND (product = '" . $vbulletin->db->escape_string($product) . "'" . iif($product == 'vbulletin', " OR product = ''") . ")");
$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "template SET styleid = -10 WHERE styleid = -1 AND (product = '" . $vbulletin->db->escape_string($product) . "'" . iif($product == 'vbulletin', " OR product = ''") . ")");
$styleid = -1;
} else {
if ($styleid == -1) {
// creating a new style
if ($test = $vbulletin->db->query_first("SELECT styleid FROM " . TABLE_PREFIX . "style WHERE title = '" . $vbulletin->db->escape_string($title) . "'")) {
print_dots_stop();
print_stop_message('style_already_exists', $title);
} else {
echo "<h3><b>" . construct_phrase($vbphrase['creating_a_new_style_called_x'], $title) . "</b></h3>\n<p>{$vbphrase['please_wait']}</p>";
vbflush();
/*insert query*/
$styleresult = $vbulletin->db->query_write("\n\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "style\n\t\t\t\t\t(title, parentid, displayorder, userselect)\n\t\t\t\t\tVALUES\n\t\t\t\t\t('" . $vbulletin->db->escape_string($title) . "', {$parentid}, {$displayorder}, " . ($userselect ? 1 : 0) . ")\n\t\t\t\t");
$styleid = $vbulletin->db->insert_id($styleresult);
}
} else {
// overwriting an existing style
if ($getstyle = $vbulletin->db->query_first("SELECT title FROM " . TABLE_PREFIX . "style WHERE styleid = {$styleid}")) {
echo "<h3><b>" . construct_phrase($vbphrase['overwriting_style_x'], $getstyle['title']) . "</b></h3>\n<p>{$vbphrase['please_wait']}</p>";
vbflush();
} else {
print_dots_stop();
print_stop_message('cant_overwrite_non_existent_style');
}
}
}
// types array...
$types = array($vbphrase['template'], $vbphrase['stylevar'], $vbphrase['css'], $vbphrase['replacement_variable']);
$querybits = array();
$querytemplates = 0;
foreach ($arr as $templategroup) {
if (empty($templategroup['template'][0])) {
$tg = array($templategroup['template']);
} else {
$tg =& $templategroup['template'];
}
foreach ($tg as $template) {
$title = $vbulletin->db->escape_string($template['name']);
$template['template'] = $vbulletin->db->escape_string($template['value']);
$template['username'] = $vbulletin->db->escape_string($template['username']);
if ($template['templatetype'] != 'template') {
// template is a special template
$querybits[] = "({$styleid}, '{$template['templatetype']}', '{$title}', '{$template['template']}', '', {$template['date']}, '{$template['username']}', '" . $vbulletin->db->escape_string($template['version']) . "', '" . $vbulletin->db->escape_string($product) . "')";
} else {
// template is a standard template
$querybits[] = "({$styleid}, '{$template['templatetype']}', '{$title}', '" . $vbulletin->db->escape_string(compile_template($template['value'])) . "', '{$template['template']}', {$template['date']}, '{$template['username']}', '" . $vbulletin->db->escape_string($template['version']) . "', '" . $vbulletin->db->escape_string($product) . "')";
}
if (++$querytemplates % 20 == 0) {
/*insert query*/
$vbulletin->db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "template\n\t\t\t\t\t(styleid, templatetype, title, template, template_un, dateline, username, version, product)\n\t\t\t\t\tVALUES\n\t\t\t\t\t" . implode(',', $querybits) . "\n\t\t\t\t");
$querybits = array();
}
}
}
// insert any remaining templates
if (!empty($querybits)) {
/*insert query*/
$vbulletin->db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "template\n\t\t\t(styleid, templatetype, title, template, template_un, dateline, username, version, product)\n\t\t\tVALUES\n\t\t\t" . implode(',', $querybits) . "\n\t\t");
}
unset($querybits);
// now delete any templates that were moved into the temporary styleset for safe-keeping
$vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "template WHERE styleid = -10 AND (product = '" . $vbulletin->db->escape_string($product) . "'" . iif($product == 'vbulletin', " OR product = ''") . ")");
print_dots_stop();
}
