public function output() { global $vbulletin; $vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT)); // verify the userid exists, don't want useless entries in our table. if ($vbulletin->GPC['userid'] and $vbulletin->GPC['userid'] != $vbulletin->userinfo['userid']) { if (!($userinfo = fetch_userinfo($vbulletin->GPC['userid']))) { standard_error(fetch_error('invalidid', $vbphrase['user'], $vbulletin->options['contactuslink'])); } // are we a member of this user's blog? if (!is_member_of_blog($vbulletin->userinfo, $userinfo)) { print_no_permission(); } $userid = $userinfo['userid']; /* Blog posting check */ if (!($userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_canpost']) or !($userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) { print_no_permission(); } } else { $userinfo =& $vbulletin->userinfo; $userid = ''; /* Blog posting check, no guests! */ if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) or !($vbulletin->userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_canpost']) or !$vbulletin->userinfo['userid']) { print_no_permission(); } } require_once DIR . '/includes/blog_functions_shared.php'; prepare_blog_category_permissions($userinfo, true); $globalcats = $this->construct_category($userinfo, 'global'); $localcats = $this->construct_category($userinfo, 'local'); return array('globalcategorybits' => $globalcats, 'localcategorybits' => $localcats); }
function showItem() { global $vbulletin, $vbphrase, $itembit_right_column; $showvalues = false; $this->getExtraInfo(); if (!$this->bypassEnableForm() and $this->itemtypedata['options']['edit_time']) { if (!$this->canEdit()) { $itembit_right_column .= construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_cantedit'], vb_number_format($this->data['options']['edit_time'])); $showvalues = true; } else { $itembit_right_column .= construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_canedit'], vb_number_format($this->data['options']['edit_time']), vb_number_format($this->itemtypedata['options']['edit_time'])); } } if ($this->data['status'] == KBANK_ITEM_ENABLED or $showvalues) { if ($this->data['userid'] == $vbulletin->userinfo['userid']) { $userinfo =& $vbulletin->userinfo; } else { if (!$vbulletin->userinfo['kbank_granted'][$this->data['userid']]['fetched']) { $vbulletin->userinfo['kbank_granted'][$this->data['userid']] = fetch_userinfo($this->data['userid']); $vbulletin->userinfo['kbank_granted'][$this->data['userid']]['fetched'] = true; } $userinfo =& $vbulletin->userinfo['kbank_granted'][$this->data['userid']]; } $userinfo['musername'] = null; $this->work($userinfo); if ($this->data['options']['username'] or $this->data['options']['username_color'] or $this->data['options']['username_strong']) { $itembit_right_column .= construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_username'], $userinfo['musername']); } if ($this->data['options']['usertitle'] or $this->data['options']['usertitle_color']) { $itembit_right_column .= construct_phrase($vbphrase['kbank_itemshow_customize_userinfo_usertitle'], $userinfo['usertitle']); } } return parent::showItem(); }
/** * Формирует(но не сохраняет) тело сообщения * * @param array $post * @global vB_Registry $vbulletin * @return string */ protected function _make_message_body($post) { global $vbulletin, $foruminfo, $threadinfo; $message = ''; if (!intval($this->_post_id)) { return $message; } if (empty($post['pagetext'])) { $post['pagetext'] = $post['message']; } $post['allowsmilie'] = $post['enablesmilies']; // get attachments require_once DIR . '/packages/vbattach/attach.php'; $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post'); $postattach = $attach->fetch_postattach(0, $this->_post_id); $post['attachments'] = $postattach; $userinfo = fetch_userinfo($post['userid']); require_once DIR . '/includes/class_postbit.php'; $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->thread =& $threadinfo; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $postbit_factory->bbcode_parser->set_parse_userinfo($userinfo); $postbit_obj =& $postbit_factory->fetch_postbit('post_nntp'); $this->_body = $postbit_obj->construct_postbit($post); return $this->_body; }
function RegisterService($who) { global $db, $vbulletin, $server; $result = array(); if (!$vbulletin->options['vbb_serviceonoff']) { $result['Code'] = 1; $result['Text'] = 'vbb_service_turned_off'; } else { if ($vbulletin->options['vbb_servicepw'] != $_SERVER['PHP_AUTH_PW']) { $result['Code'] = 1; $result['Text'] = 'vbb_invalid_servicepw'; } else { $userid = fetch_userid_by_service($who['ServiceName'], $who['Username']); if (empty($userid) || $userid <= 0) { $result['Code'] = 1; $result['Text'] = 'invalid_user'; } else { unset($vbulletin->userinfo); $vbulletin->userinfo =& fetch_userinfo($userid); $permissions = cache_permissions($vbulletin->userinfo); $vbulletin->options['hourdiff'] = (date('Z', TIMENOW) / 3600 - $vbulletin->userinfo['timezoneoffset']) * 3600; fetch_options_overrides($vbulletin->userinfo); fetch_time_data(); // everything is ok $result['Code'] = 0; } } } return $result; }
/** * Create from the user id * * @param int $id * @return vB_Legacy_User */ public static function createFromId($id, $extra_flags = 0) { $user = new vB_Legacy_User(); if ($id == 0) { $user->initGuest(); } else { $user->record = fetch_userinfo($id, $extra_flags); } return $user; }
function fetch_userinfo_from_username($username, $option = 0, $languageid = 0) { $result = $this->db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE username = '******'"); $useridq = $this->db->fetch_array($result); if (!$useridq) { return $useridq; } $userid = $useridq['userid']; return fetch_userinfo($userid, $option, $languageid); }
function hqth_get_value($userid) { global $vbulletin; $userinfo = fetch_userinfo($userid); $user_post_number = $userinfo['posts']; $user_num_buyed = hqth_get_num_buyed($userid); $user_oldmaster_fee = $vbulletin->options['hqthffs_fee_oldmaster']; $ffs_default_money = $vbulletin->options['hqthffs_default_money']; $user_page_fee = $vbulletin->options['hqthffs_fee_page']; $user_redeemer_fee = $vbulletin->options['hqthffs_fee_redeemer']; eval('$userprice = ' . $vbulletin->options['hqthffs_pet_cast'] . ';'); return $userprice; }
function add_member_to_group($member, $order_details, $renewal) { if ($renewal || is_wp_error($member) || !$member) { return; } if (!empty($order_details['_acp_order_product_id'])) { $member_group = get_post_meta($order_details['_acp_order_product_id'], '_acp_product_vbulletin_group', true); } if (empty($member_group)) { $member_group = accesspress_get_option('vbulletin_group'); } if (!$member_group) { return; } $vb_user_id = get_user_meta($member, 'vbulletin_user_id', true); if (empty($vb_user_id)) { return; } // get the vBulletin user $vb_user_data = datamanager_init('User', $GLOBALS['vbulletin'], ERRTYPE_ARRAY); $user_info = fetch_userinfo($vb_user_id); $vb_user_data->set_existing($user_info); // check for existing user $vb_primary_group = $vb_user_data->fetch_field('usergroupid'); if (empty($vb_primary_group) || !is_numeric($vb_primary_group)) { $vb_user_data->set('usergroupid', $member_group); // user already has this primary group } elseif ($vb_primary_group == $member_group) { return; // add to secondary group } else { $secondary_groups = array($member_group); $groups = $vb_user_data->fetch_field('membergroupids'); if (!empty($groups)) { $secondary_groups = explode(',', $groups); if (in_array($member_group, $secondary_groups)) { return; } $secondary_groups[] = $member_group; sort($secondary_groups); } $vb_user_data->set('membergroupids', implode(',', $secondary_groups)); } $vb_user_data->pre_save(); if (empty($vb_user_data->errors)) { $vb_user_id = $vb_user_data->save(); } }
/** * Validates login status on external service and logs in vBulletin */ public function login() { global $vbulletin; $vbulletin->session = NULL; // Get and store vbnexus-id and vbnexus-srv $vBNexus = vBNexus::getInstance(); $vbnexus_service = $vBNexus->getConfig('vbnexus_service'); $vbnexus_userid = $vBNexus->getConfig('vbnexus_userid'); if (!$vbnexus_userid) { $vbnexus_userid = $this->getUserOnline(); $vBNexus->setConfig('vbnexus_userid', $vbnexus_userid); } // Returning null if authentication from service failed (unexpected error) // If this happens, there's likely cookies issues on the server or the // applications config is wrong/incomplete in fb or gfc if (!$vbnexus_userid) { return NULL; } // Get all available information on this user $sql = "SELECT `u`.`usergroupid`,\r\n `u`.`username`,\r\n `u`.`email`,\r\n `n`.*\r\n FROM " . TABLE_PREFIX . "vbnexus_user `n`\r\n LEFT JOIN " . TABLE_PREFIX . "user `u` USING (`userid`)\r\n WHERE `n`.`service` = '{$vbnexus_service}'\r\n AND `n`.`nonvbid` = '{$vbnexus_userid}'"; $res = $vbulletin->db->query_first($sql); // Returning false if user not registered yet with this external account if (!$res || !$res['userid']) { return false; } /************* Starts: fix proxied emails from vBNexus3 ***************/ $oldemails = array('fb' => '/@proxymail\\.facebook\\.com$/', 'gfc' => "/apps\\+|{$vbnexus_userid}[@\\.]/"); if (preg_match($oldemails[$vbnexus_service], $res['email'])) { $this->fixOldEmail($res, $vbnexus_userid); } elseif ($vbnexus_service == 'gfc' && !$res['associated']) { $this->associateAccount($res, $vbnexus_userid); } /********** Ends: ask for a valid password for GFC accounts ***********/ // Process vBulletin login require_once DIR . '/includes/functions_login.php'; $vbulletin->userinfo = fetch_userinfo($res['userid']); $vbulletin->session->created = false; process_new_login('', false, ''); // On login, store a cookie with vbnexus params if ($vbulletin->session->created) { $vBNexusInfo = array('userid' => $res['userid'], 'service' => $vbnexus_service, 'nexusid' => $vbnexus_userid, 'can_publish' => $this->canPublish()); setcookie(COOKIE_PREFIX . 'vbnexus', serialize($vBNexusInfo)); } return !!$vbulletin->session->created; }
// ######################### START MAIN SCRIPT ############################ // ######################################################################## print_cp_header($vbphrase['administrator_permissions_manager']); if (!in_array($vbulletin->userinfo['userid'], preg_split('#\\s*,\\s*#s', $vbulletin->config['SpecialUsers']['superadministrators'], -1, PREG_SPLIT_NO_EMPTY))) { print_stop_message('sorry_you_are_not_allowed_to_edit_admin_permissions'); } // ############################# LOG ACTION ############################### $vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_INT)); if ($vbulletin->GPC['userid']) { $user = $db->query_first("\n\t\tSELECT administrator.*, IF(administrator.userid IS NULL, 0, 1) AS isadministrator,\n\t\t\tuser.userid, user.username\n\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\tLEFT JOIN " . TABLE_PREFIX . "administrator AS administrator ON(administrator.userid = user.userid)\n\t\tWHERE user.userid = " . $vbulletin->GPC['userid']); if (!$user) { print_stop_message('no_matches_found'); } else { if (!$user['isadministrator']) { // should this user have an administrator record?? $userinfo = fetch_userinfo($user['userid']); cache_permissions($userinfo); if ($userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) { $admindm =& datamanager_init('Admin', $vbulletin, ERRTYPE_SILENT); $admindm->set('userid', $userinfo['userid']); $admindm->save(); unset($admindm); } else { print_stop_message('invalid_user_specified'); } } } $admindm =& datamanager_init('Admin', $vbulletin, ERRTYPE_CP); $admindm->set_existing($user); } else { $user = array();
/** * Sends email notifications for discussions. * * @param int $discussion - The discussion being updated * @param int $messageid - Id of the message that triggered the update * @param string $postusername - Optional username displayed on post */ function exec_send_sg_notification($discussionid, $gmid = false, $postusername = false) { global $vbulletin; if (!$vbulletin->options['enableemail']) { return; } $discussion = fetch_socialdiscussioninfo($discussionid); // if there are no subscribers, no need to send notifications if (!$discussion['subscribers']) { return; } // if the discussion is moderated or deleted, don't send notification if ('deleted' == $discussion['state'] or 'moderation' == $discussion['state']) { return; } $group = fetch_socialgroupinfo($discussion['groupid']); if (!$gmid) { // get last gmid from discussion $gmid = $vbulletin->db->query_first("\n\t\t\tSELECT MAX(gmid) AS gmid\n\t\t\tFROM " . TABLE_PREFIX . "groupmessage AS groupmessage\n\t\t\tWHERE discussionid = {$discussion['discussionid']}\n\t\t\t\tAND state = 'visible'\n\t\t"); $gmid = $gmid['gmid']; } // get message details $gmessage = fetch_groupmessageinfo($gmid); if (!$gmessage) { return; } // get post time of previous message - if a user hasn't been active since then we won't resend a notification $lastposttime = ($lastposttime = $vbulletin->db->query_first("\n\t\t\tSELECT MAX(dateline) AS dateline\n\t\t\tFROM " . TABLE_PREFIX . "groupmessage AS groupmessage\n\t\t\tWHERE discussionid = {$discussion['discussionid']}\n\t\t\t\tAND dateline < {$gmessage['dateline']}\n\t\t\t\tAND state = 'visible'\n\t")) ? $lastposttime['dateline'] : $gmessage['dateline']; $discussion['title'] = unhtmlspecialchars($discussion['title']); $group['name'] = unhtmlspecialchars($group['name']); // temporarily use postusername in userinfo if (!$postusername) { // get current user name if user exists if ($gmessage['postuserid'] and $userinfo = fetch_userinfo($gmessage['postuserid'])) { $postusername = $userinfo['username']; } else { $postusername = $gmessage['postusername']; } } $postusername = unhtmlspecialchars($postusername); $userid = $gmessage['postuserid']; ($hook = vBulletinHook::fetch_hook('newpost_sg_notification_start')) ? eval($hook) : false; $useremails = $vbulletin->db->query_read_slave("\n\t\tSELECT user.*, subscribediscussion.emailupdate, subscribediscussion.subscribediscussionid, IF(socialgroupmember.userid IS NOT NULL,1,0) ismember\n\t\tFROM " . TABLE_PREFIX . "subscribediscussion AS subscribediscussion\n\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON (subscribediscussion.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup ON (usergroup.usergroupid = user.usergroupid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON (usertextfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "socialgroupmember AS socialgroupmember ON (socialgroupmember.userid = user.userid AND socialgroupmember.groupid = {$group['groupid']})\n\t\tWHERE subscribediscussion.discussionid = {$discussion['discussionid']}\n\t\t AND subscribediscussion.emailupdate = 1\n\t\t AND " . ($gmessage['postuserid'] ? " CONCAT(' ', IF(usertextfield.ignorelist IS NULL, '', usertextfield.ignorelist), ' ') NOT LIKE ' " . intval($userid) . " '" : '') . "\n\t\t AND user.usergroupid <> 3\n\t\t AND user.userid <> " . intval($userid) . "\n\t\t AND user.lastactivity >= " . intval($lastposttime) . "\n\t\t AND (usergroup.genericoptions & " . $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'] . ")\n\t"); vbmail_start(); // parser for plaintexting the message pagetext require_once DIR . '/includes/class_bbcode_alt.php'; $plaintext_parser =& new vB_BbCodeParser_PlainText($vbulletin, fetch_tag_list()); $pagetext_cache = array(); // used to cache the results per languageid for speed $evalemail = array(); while ($touser = $vbulletin->db->fetch_array($useremails)) { // check user can view discussion $permissions = cache_permissions($touser, false); if (!($vbulletin->usergroupcache["{$touser['usergroupid']}"]['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup']) or !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or !($permissions['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canviewgroups']) or $group['options'] & $vbulletin->bf_misc_socialgroupoptions['join_to_view'] and !$touser['ismember'] and !($permissions['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canalwayscreatediscussion']) and !($permissions['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canalwayspostmessage'])) { continue; } $touser['username'] = unhtmlspecialchars($touser['username']); $touser['languageid'] = iif($touser['languageid'] == 0, $vbulletin->options['languageid'], $touser['languageid']); $touser['auth'] = md5($touser['userid'] . $touser['subscribediscussionid'] . $touser['salt'] . COOKIE_SALT); if (empty($evalemail)) { $email_texts = $vbulletin->db->query_read_slave("\n\t\t\t\tSELECT text, languageid, fieldname\n\t\t\t\tFROM " . TABLE_PREFIX . "phrase\n\t\t\t\tWHERE fieldname IN ('emailsubject', 'emailbody') AND varname = 'notify_discussion'\n\t\t\t"); while ($email_text = $vbulletin->db->fetch_array($email_texts)) { $emails["{$email_text['languageid']}"]["{$email_text['fieldname']}"] = $email_text['text']; } require_once DIR . '/includes/functions_misc.php'; foreach ($emails as $languageid => $email_text) { // lets cycle through our array of notify phrases $text_message = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailbody']), $emails['-1']['emailbody'], $email_text['emailbody']))); $text_message = replace_template_variables($text_message); $text_subject = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailsubject']), $emails['-1']['emailsubject'], $email_text['emailsubject']))); $text_subject = replace_template_variables($text_subject); $evalemail["{$languageid}"] = ' $message = "' . $text_message . '"; $subject = "' . $text_subject . '"; '; } } // parse the page text into plain text, taking selected language into account if (!isset($pagetext_cache["{$touser['languageid']}"])) { $plaintext_parser->set_parsing_language($touser['languageid']); $pagetext_cache["{$touser['languageid']}"] = $plaintext_parser->parse($gmessage['pagetext']); } $pagetext = $pagetext_cache["{$touser['languageid']}"]; ($hook = vBulletinHook::fetch_hook('new_sg_message_notification_message')) ? eval($hook) : false; eval(iif(empty($evalemail["{$touser['languageid']}"]), $evalemail["-1"], $evalemail["{$touser['languageid']}"])); vbmail($touser['email'], $subject, $message); } $vbulletin->db->free_result($useremails); unset($plaintext_parser, $pagetext_cache); vbmail_end(); }
/** * Deletes all private messages belonging to the specified user * * @param integer User ID * @param boolean If true, update the user record in the database to reflect their new number of private messages * * @return mixed If messages are deleted, will return a string to be printed out detailing work done by this function */ function delete_user_pms($userid, $updateuser = true) { global $vbulletin, $vbphrase; $userid = intval($userid); // array to store pm ids message ids $pms = array(); // array to store the number of pmtext records used by this user $pmTextCount = array(); // array to store the ids of any pmtext records that are used soley by this user $deleteTextIDs = array(); // array to store results $out = array(); // first zap all receipts belonging to this user $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "pmreceipt WHERE userid = {$userid}"); $out['receipts'] = $vbulletin->db->affected_rows(); // now find all this user's private messages $messages = $vbulletin->db->query_read("\n\t\tSELECT pmid, pmtextid\n\t\tFROM " . TABLE_PREFIX . "pm\n\t\tWHERE userid = {$userid}\n\t"); while ($message = $vbulletin->db->fetch_array($messages)) { // stick this record into our $pms array $pms["{$message['pmid']}"] = $message['pmtextid']; // increment the number of PMs that use the current PMtext record $pmTextCount["{$message['pmtextid']}"]++; } $vbulletin->db->free_result($messages); if (!empty($pms)) { // zap all pm records belonging to this user $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "pm WHERE userid = {$userid}"); $out['pms'] = $vbulletin->db->affected_rows(); $out['pmtexts'] = 0; // update the user record if necessary if ($updateuser and $user = fetch_userinfo($userid)) { $updateduser = true; $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdm->set_existing($user); $userdm->set('pmtotal', 0); $userdm->set('pmunread', 0); $userdm->set('pmpopup', 'IF(pmpopup=2, 1, pmpopup)', false); $userdm->save(); unset($userdm); } } else { $out['pms'] = 0; $out['pmtexts'] = 0; } // in case the totals have been corrupted somehow if (!isset($updateduser) and $updateuser and $user = fetch_userinfo($userid)) { $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdm->set_existing($user); $userdm->set('pmtotal', 0); $userdm->set('pmunread', 0); $userdm->set('pmpopup', 'IF(pmpopup=2, 1, pmpopup)', false); $userdm->save(); unset($userdm); } foreach ($out as $k => $v) { $out["{$k}"] = vb_number_format($v); } return $out; }
$search = $db->query_first(" SELECT * FROM " . TABLE_PREFIX . "blog_search WHERE blogsearchid = " . $vbulletin->GPC['searchid'] ); if (!$search OR ($search['userid'] AND $search['userid'] != $vbulletin->userinfo['userid'])) { standard_error(fetch_error('invalidid', $vbphrase['search'], $vbulletin->options['contactuslink'])); } ($hook = vBulletinHook::fetch_hook('blog_search_results_start')) ? eval($hook) : false; if ($search['searchuserid']) { $userinfo = fetch_userinfo($search['searchuserid'], 1); $sidebar =& build_user_sidebar($userinfo); } else { $sidebar =& build_overview_sidebar(); } // Set Perpage .. this limits it to 10. Any reason for more? if ($vbulletin->GPC['perpage'] == 0) { $perpage = 15; } else if ($vbulletin->GPC['perpage'] > 10) { $perpage = 30;
/** * Does the report * * @param string The Reason for the report * @param array Information regarding the item being reported * */ function do_report($reason, &$iteminfo) { global $vbphrase; $this->iteminfo =& $iteminfo; $reportinfo = array('rusername' => unhtmlspecialchars($this->registry->userinfo['username']), 'ruserid' => $this->registry->userinfo['userid'], 'remail' => $this->registry->userinfo['email']); if ($this->registry->options['postmaxchars'] > 0) { $reportinfo['reason'] = substr($reason, 0, $this->registry->options['postmaxchars']); } else { $reportinfo['reason'] = $reason; } $reportthread = ($rpforumid = $this->registry->options['rpforumid'] and $rpforuminfo = fetch_foruminfo($rpforumid)); $reportemail = ($this->registry->options['enableemail'] and $this->registry->options['rpemail']); $mods = array(); $reportinfo['modlist'] = ''; $moderators = $this->fetch_affected_moderators(); if ($moderators) { while ($moderator = $this->registry->db->fetch_array($moderators)) { $mods["{$moderator['userid']}"] = $moderator; $reportinfo['modlist'] .= (!empty($reportinfo['modlist']) ? ', ' : '') . unhtmlspecialchars($moderator['username']); } } if (empty($reportinfo['modlist'])) { $reportinfo['modlist'] = $vbphrase['n_a']; } $this->set_reportinfo($reportinfo); if ($reportthread) { // Determine if we need to create a thread or a post if (!$this->iteminfo['reportthreadid'] or !($rpthreadinfo = fetch_threadinfo($this->iteminfo['reportthreadid'])) or $rpthreadinfo and ($rpthreadinfo['isdeleted'] or !$rpthreadinfo['visible'] or $rpthreadinfo['forumid'] != $rpforuminfo['forumid'])) { eval(fetch_email_phrases('report' . $this->phrasekey . '_newthread', 0)); if (!$this->registry->options['rpuserid'] or !($userinfo = fetch_userinfo($this->registry->options['rpuserid']))) { $userinfo =& $this->registry->userinfo; } $threadman =& datamanager_init('Thread_FirstPost', $this->registry, ERRTYPE_SILENT, 'threadpost'); $threadman->set_info('forum', $rpforuminfo); $threadman->set_info('is_automated', true); $threadman->set_info('skip_moderator_email', true); $threadman->set_info('mark_thread_read', true); $threadman->set_info('parseurl', true); $threadman->set('allowsmilie', true); $threadman->set('userid', $userinfo['userid']); $threadman->setr_info('user', $userinfo); $threadman->set('title', $subject); $threadman->set('pagetext', $message); $threadman->set('forumid', $rpforuminfo['forumid']); $threadman->set('visible', 1); if ($userinfo['userid'] != $this->registry->userinfo['userid']) { // not posting as the current user, IP won't make sense $threadman->set('ipaddress', ''); } $rpthreadid = $threadman->save(); if ($this->update_item_reportid($rpthreadid)) { $threadman->set_info('skip_moderator_email', false); $threadman->email_moderators(array('newthreademail', 'newpostemail')); $this->iteminfo['reportthreadid'] = 0; $rpthreadinfo = array('threadid' => $rpthreadid, 'forumid' => $rpforuminfo['forumid'], 'postuserid' => $userinfo['userid']); // check the permission of the other user $userperms = fetch_permissions($rpthreadinfo['forumid'], $userinfo['userid'], $userinfo); if ($userperms & $this->registry->bf_ugp_forumpermissions['canview'] and $userperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'] and $userinfo['autosubscribe'] != -1) { $this->registry->db->query_write("\n\t\t\t\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "subscribethread\n\t\t\t\t\t\t\t\t(userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t(" . $userinfo['userid'] . ", {$rpthreadinfo['threadid']}, {$userinfo['autosubscribe']}, 0, 1)\n\t\t\t\t\t\t"); } } else { // Delete the thread we just created if ($delthread = fetch_threadinfo($rpthreadid)) { $threadman =& datamanager_init('Thread', $this->registry, ERRTYPE_SILENT, 'threadpost'); $threadman->set_existing($delthread); $threadman->delete($rpforuminfo['countposts'], true, NULL, false); unset($threadman); } $this->refetch_iteminfo(); } } if ($this->iteminfo['reportthreadid'] and $rpthreadinfo = fetch_threadinfo($this->iteminfo['reportthreadid']) and !$rpthreadinfo['isdeleted'] and $rpthreadinfo['visible'] == 1 and $rpthreadinfo['forumid'] == $rpforuminfo['forumid']) { eval(fetch_email_phrases('reportitem_newpost', 0)); // Already reported, thread still exists/visible, and thread is in the right forum. // Technically, if the thread exists but is in the wrong forum, we should create the // thread, but that should only occur in a race condition. if (!$this->registry->options['rpuserid'] or !$userinfo and !($userinfo = fetch_userinfo($this->registry->options['rpuserid']))) { $userinfo =& $this->registry->userinfo; } $postman =& datamanager_init('Post', $this->registry, ERRTYPE_STANDARD, 'threadpost'); $postman->set_info('thread', $rpthreadinfo); $postman->set_info('forum', $rpforuminfo); $postman->set_info('is_automated', true); $postman->set_info('parseurl', true); $postman->set('threadid', $rpthreadinfo['threadid']); $postman->set('userid', $userinfo['userid']); $postman->set('allowsmilie', true); $postman->set('visible', true); $postman->set('title', $subject); $postman->set('pagetext', $message); if ($userinfo['userid'] != $this->registry->userinfo['userid']) { // not posting as the current user, IP won't make sense $postman->set('ipaddress', ''); } $postman->save(); unset($postman); } } if ($reportemail) { $threadinfo['title'] = unhtmlspecialchars($threadinfo['title']); $postinfo['title'] = unhtmlspecialchars($postinfo['title']); if (empty($mods) or $this->registry->options['rpemail'] == 2) { $moderators = $this->fetch_affected_super_moderators($mods); if ($moderators) { while ($moderator = $this->registry->db->fetch_array($moderators)) { $mods["{$moderator['userid']}"] = $moderator; } } } ($hook = vBulletinHook::fetch_hook('report_send_process')) ? eval($hook) : false; foreach ($mods as $userid => $moderator) { if (!empty($moderator['email'])) { $this->send_moderator_email($moderator, $rpthreadinfo, $reportinfo); } } ($hook = vBulletinHook::fetch_hook('report_send_complete')) ? eval($hook) : false; } }
/** * protected void associateAccount(array $user, int $vbnexus_userid) * Forces GFC users to choose a password (and a valid email too for * users of vbnexus3). The change is then flagged in the database with * field vbnexus_user.associated set to 2. * * @param array $user * @param int $vbnexus_userid * @return void */ protected function associateAccount($user, $vbnexus_userid) { global $vbulletin, $vboptions, $vbphrase, $stylevar, $vbnexus_loc; if (!intval($user['userid'])) { return false; } // If the user is submitting email and/or password, process it if (isset($_POST['vbnexus_gfc_fix'])) { // Validate input if (empty($_POST['email'])) { $vbnexus_error = "A valid email is required"; } elseif (empty($_POST['password'])) { $vbnexus_error = "A valid password is required"; } elseif (empty($_POST['password2']) || $_POST['password'] != $_POST['password2']) { $vbnexus_error = "Passwords do not match"; } else { $require_activation = $vbulletin->options['verifyemail'] && $user['email'] != $_POST['email']; $userdata =& datamanager_init('user', $vbulletin, ERRTYPE_SILENT); $userdata->set_existing(fetch_userinfo($user['userid'])); $userdata->set('password', $_POST['password']); // We can ignore validation of the email if it wasn't changed $user['email'] == $_POST['email'] || $userdata->set('email', $_POST['email']); if ($require_activation) { $userdata->set('usergroupid', 3); } if ($userdata->has_errors(false)) { $vbnexus_error = join('</li><li>', $userdata->errors); } elseif ($userdata->save()) { if ($require_activation) { // Email phrase 'activateaccount' expects vars called $userid, $username // and $activateid to be defined and meaningfull $userid = $user['userid']; $username = $user['username']; $activateid = build_user_activation_id($userid, $user['usergroupid'], 0); eval(fetch_email_phrases('activateaccount', $languageid)); // After eval'ing activateaccount we have vars $subject and $message set vbmail($_POST['email'], $subject, $message, true); } // The user was updated, there's now a valid password and email, so let's flag it $sql = "UPDATE `" . TABLE_PREFIX . "vbnexus_user`\r\n SET `associated` = 2\r\n WHERE `nonvbid` = '{$vbnexus_userid}'\r\n AND `service` = 'gfc'"; $vbulletin->db->query_write($sql); if ($vbulletin->db->query_write($sql)) { // Returning since we're done here and execution should go on normally return; } else { // This should never happen, it's mostly for debugging if something goes wrong $errmsg = "An error occurred trying to update your GFC information. Please try again." . " If the problem persists please report it to an admin."; return eval(standard_error($errmsg)); // Prints and exits } } else { // This should never happen, it's mostly for debugging if something goes wrong $errmsg = "An error occurred trying to update the account information. Please try again." . " If the problem persists please report it to an admin."; return eval(standard_error($errmsg)); // Prints and exits } } $user['email'] = $_POST['email']; } $vBNexusUser = $user; // No need to show mock emails from old vbnexus (< 3) if (empty($_POST['email']) && preg_match("/apps\\+|{$vbnexus_userid}[@\\.]/", $user['email'])) { $vBNexusUser['email'] = ''; } $vbnexus_loc = $_GET['loc']; // This will print a Message box (not really an error, but the actual form) and exit eval('$html = "' . fetch_template('vbnexus_3_gfc_invalid_email') . '";'); eval(standard_error($html)); }
/** * This is a pre_save method that only applies to the subclasses that have post * fields as their members (ie, not _Thread). Likely only called in those class's * pre_save methods. * * @return bool True on success, false on failure */ function pre_save_post($doquery = true) { if ($this->info['forum']['podcast'] and $this->info['podcasturl'] and empty($this->info['podcastsize'])) { require_once DIR . '/includes/class_upload.php'; $upload = new vB_Upload_Abstract($this->registry); if (!($this->info['podcastsize'] = intval($upload->fetch_remote_filesize($this->info['podcasturl'])))) { $this->error('invalid_podcasturl'); return false; } } if (!$this->condition) { if ($this->fetch_field('userid', 'post') == 0 and $this->fetch_field('username', 'post') == '') { $this->error('nousername'); return false; } if ($this->fetch_field('dateline', 'post') === null) { $this->set('dateline', TIMENOW); } if ($this->fetch_field('ipaddress', 'post') === null) { $this->set('ipaddress', $this->registry->options['logip'] ? IPADDRESS : ''); } // flood check if ($this->registry->options['floodchecktime'] > 0 and empty($this->info['preview']) and empty($this->info['is_automated']) and $this->fetch_field('userid', 'post')) { if (!$this->info['user']) { $this->info['user'] = fetch_userinfo($this->fetch_field('userid', 'post')); } $user =& $this->info['user']; if ($user['lastpost'] <= TIMENOW and !can_moderate($this->info['forum']['forumid'], '', $user['userid'], $user['usergroupid'] . (trim($user['membergroupids']) ? ",{$user['membergroupids']}" : ''))) { if (!class_exists('vB_FloodCheck')) { require_once DIR . '/includes/class_floodcheck.php'; } $this->floodcheck =& new vB_FloodCheck($this->registry, 'user', 'lastpost'); $this->floodcheck->commit_key($this->registry->userinfo['userid'], TIMENOW, TIMENOW - $this->registry->options['floodchecktime']); if ($this->floodcheck->is_flooding()) { $this->error('postfloodcheck', $this->registry->options['floodchecktime'], $this->floodcheck->flood_wait()); return false; } if ($this->errors) { // if we already have errors, the save won't happen, so rollback now... $this->floodcheck->rollback(); } else { // ...or, in case we have a new error $this->set_failure_callback(array(&$this->floodcheck, 'rollback')); } } } } if (!$this->verify_image_count('pagetext', 'allowsmilie', $this->info['forum']['forumid'], 'post')) { return false; } if ($this->info['posthash']) { $this->info['newattach'] = $this->fetch_attachment_count($this->info['posthash'], $this->fetch_field('userid', 'post')); $this->set('attach', intval($this->fetch_field('attach')) + $this->info['newattach']); } // New posts that aren't automated and are visible should be scanned if (!$this->condition and !empty($this->registry->options['vb_antispam_key']) and empty($this->info['is_automated']) and $this->fetch_field('visible') == 1 and (!$this->registry->options['vb_antispam_posts'] or $this->registry->userinfo['posts'] < $this->registry->options['vb_antispam_posts']) and !can_moderate()) { require_once DIR . '/includes/class_akismet.php'; $akismet = new vB_Akismet($this->registry); $akismet->akismet_board = $this->registry->options['bburl']; $akismet->akismet_key = $this->registry->options['vb_antispam_key']; if ($akismet->verify_text(array('user_ip' => IPADDRESS, 'user_agent' => USER_AGENT, 'comment_type' => 'post', 'comment_author' => $this->registry->userinfo['userid'] ? $this->registry->userinfo['username'] : $this->fetch_field('username', 'post'), 'comment_author_email' => $this->registry->userinfo['email'], 'comment_author_url' => $this->registry->userinfo['homepage'], 'comment_content' => $this->fetch_field('pagetext', 'post'))) === 'spam') { $this->set('visible', 0); $this->spamlog_insert = true; } } return true; }
if (!empty($albuminfo)) { $formdata = $albuminfo; } else { $formdata = array('albumid' => 0, 'title' => '', 'description' => '', 'state' => 'public', 'userid' => $vbulletin->userinfo['userid']); } } $formdata['albumtype_' . $formdata['state']] = 'checked="checked"'; $show['delete_option'] = (!defined('PREVIEW_ERRORS') and !empty($albuminfo['albumid']) and ($vbulletin->userinfo['userid'] == $albuminfo['userid'] or can_moderate(0, 'candeletealbumpicture'))); $show['album_used_in_css'] = false; if (!empty($albuminfo['albumid'])) { if ($db->query_first("\n\t\t\tSELECT selector\n\t\t\tFROM " . TABLE_PREFIX . "usercss\n\t\t\tWHERE userid = {$albuminfo['userid']}\n\t\t\t\tAND property = 'background_image'\n\t\t\t\tAND value LIKE '{$albuminfo['albumid']},%'\n\t\t\tLIMIT 1\n\t\t")) { $show['album_used_in_css'] = true; } } // if permitted to customize profile, or album is already a profile-type, show the profile-type option $creator = fetch_userinfo($formdata['userid']); cache_permissions($creator); $show['albumtype_profile'] = ($albuminfo['state'] == 'profile' or $vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_profile_styling'] and $creator['permissions']['usercsspermissions'] & $vbulletin->bf_ugp_usercsspermissions['caneditbgimage']); ($hook = vBulletinHook::fetch_hook('album_album_edit')) ? eval($hook) : false; // navbar and final output $navbits = construct_navbits(array('member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}" => construct_phrase($vbphrase['xs_profile'], $userinfo['username']), 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}" => $vbphrase['albums'], '' => !empty($albuminfo['albumid']) ? $vbphrase['edit_album'] : $vbphrase['add_album'])); eval('$navbar = "' . fetch_template('navbar') . '";'); eval('print_output("' . fetch_template('album_edit') . '");'); } // ####################################################################### if ($_POST['do'] == 'updatepictures') { $vbulletin->input->clean_array_gpc('p', array('pictures' => TYPE_ARRAY, 'coverpictureid' => TYPE_UINT, 'frompicture' => TYPE_BOOL)); if (empty($albuminfo)) { standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } if ($userinfo['userid'] != $vbulletin->userinfo['userid'] and !can_moderate(0, 'caneditalbumpicture')) {
/** * Generates a Preview of a post * * @param array Information regarding the new post * @param integer The User ID posting * @param array Information regarding attachments * * @return string The Generated Preview * */ function process_post_preview(&$newpost, $postuserid = 0, $attachmentinfo = NULL) { global $vbphrase, $checked, $rate, $previewpost, $stylevar, $foruminfo, $vbulletin, $show; require_once DIR . '/includes/class_bbcode.php'; $bbcode_parser =& new vB_BbCodeParser($vbulletin, fetch_tag_list()); if ($attachmentinfo) { $bbcode_parser->attachments =& $attachmentinfo; } $previewpost = 1; $bbcode_parser->unsetattach = true; $previewmessage = $bbcode_parser->parse($newpost['message'], $foruminfo['forumid'], iif($newpost['disablesmilies'], 0, 1)); $post = array('userid' => $postuserid ? $postuserid : $vbulletin->userinfo['userid']); if (!empty($attachmentinfo)) { require_once DIR . '/includes/class_postbit.php'; $post['attachments'] =& $attachmentinfo; $postbit_factory =& new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_obj =& $postbit_factory->fetch_postbit('post'); $postbit_obj->post =& $post; $postbit_obj->process_attachments(); } if ($post['userid'] != $vbulletin->userinfo['userid']) { $fetchsignature = $vbulletin->db->query_first("\n\t\t\tSELECT signature\n\t\t\tFROM " . TABLE_PREFIX . "usertextfield\n\t\t\tWHERE userid = {$postuserid}\n\t\t"); $signature =& $fetchsignature['signature']; } else { $signature = $vbulletin->userinfo['signature']; } $show['signature'] = false; if ($newpost['signature'] and trim($signature)) { $userinfo = fetch_userinfo($post['userid'], FETCH_USERINFO_SIGPIC); if ($post['userid'] != $vbulletin->userinfo['userid']) { cache_permissions($userinfo, false); } else { $userinfo['permissions'] =& $vbulletin->userinfo['permissions']; } if ($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusesignature']) { $bbcode_parser->set_parse_userinfo($userinfo); $post['signature'] = $bbcode_parser->parse($signature, 'signature'); $bbcode_parser->set_parse_userinfo(array()); $show['signature'] = true; } } if ($foruminfo['allowicons'] and $newpost['iconid']) { if ($icon = $vbulletin->db->query_first_slave("\n\t\t\tSELECT title as title, iconpath\n\t\t\tFROM " . TABLE_PREFIX . "icon\n\t\t\tWHERE iconid = " . intval($newpost['iconid']) . "\n\t\t")) { $newpost['iconpath'] = $icon['iconpath']; $newpost['icontitle'] = $icon['title']; } } else { if ($vbulletin->options['showdeficon'] != '') { $newpost['iconpath'] = $vbulletin->options['showdeficon']; $newpost['icontitle'] = $vbphrase['default']; } } $show['messageicon'] = iif($newpost['iconpath'], true, false); $show['errors'] = false; ($hook = vBulletinHook::fetch_hook('newpost_preview')) ? eval($hook) : false; if ($previewmessage != '') { eval('$postpreview = "' . fetch_template('newpost_preview') . "\";"); } else { $postpreview = ''; } construct_checkboxes($newpost); if ($newpost['rating']) { $rate["{$newpost['rating']}"] = ' ' . 'selected="selected"'; } return $postpreview; }
if ($user) { $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdm->set_existing($user); $userdm->set('reputation', "reputation - {$diff}", false); $userdm->save(); unset($userdm); } } define('CP_REDIRECT', "adminreputation.php?do=list&u=" . $vbulletin->GPC['userid']); print_stop_message('saved_reputation_successfully'); } // ************************************************************************************************* if ($_POST['do'] == 'killreputation') { $vbulletin->input->clean_array_gpc('p', array('reputationid' => TYPE_INT)); $repinfo = verify_id('reputation', $vbulletin->GPC['reputationid'], 0, 1); $user = fetch_userinfo($repinfo['userid']); if ($user) { $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_CP); $userdm->set_existing($user); $userdm->set('reputation', $user['reputation'] - $repinfo['reputation']); $userdm->save(); unset($userdm); } $db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "reputation\n\t\tWHERE reputationid = " . $vbulletin->GPC['reputationid']); define('CP_REDIRECT', "adminreputation.php?do=list&u={$repinfo['userid']}"); print_stop_message('deleted_reputation_successfully'); } // ************************************************************************************************* if ($_REQUEST['do'] == 'deletereputation') { $vbulletin->input->clean_array_gpc('r', array('reputationid' => TYPE_INT)); print_delete_confirmation('reputation', $vbulletin->GPC['reputationid'], 'adminreputation', 'killreputation');
function get_username_massively($useridpack) { if (!empty($useridpack)) { $usernamepack = array(); $useridpack = explode(",", $useridpack); foreach ($useridpack as $userid) { if (($userinfo = fetch_userinfo($userid)) === false) { $usernamepack[] = "false"; } else { $usernamepack[] = $userinfo['username']; } } return implode(", ", $usernamepack); } }
/** * (Re)Generates an Activation ID for a user * * @param integer User's ID * @param integer The group to move the user to when they are activated * @param integer 0 for Normal Activation, 1 for Forgotten Password * @param boolean Whether this is an email change or not * * @return string The Activation ID * */ function build_user_activation_id($userid, $usergroupid, $type, $emailchange = 0) { global $vbulletin; if ($usergroupid == 3 or $usergroupid == 0) { // stop them getting stuck in email confirmation group forever :) $usergroupid = 2; } $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = {$userid} AND type = {$type}"); $activateid = vbrand(0, 100000000); /*insert query*/ $vbulletin->db->query_write("\n\t\tREPLACE INTO " . TABLE_PREFIX . "useractivation\n\t\t\t(userid, dateline, activationid, type, usergroupid, emailchange)\n\t\tVALUES\n\t\t\t({$userid}, " . TIMENOW . ", {$activateid} , {$type}, {$usergroupid}, " . intval($emailchange) . ")\n\t"); if ($userinfo = fetch_userinfo($userid)) { $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdata->set_existing($userinfo); $userdata->set_bitfield('options', 'noactivationmails', 0); $userdata->save(); } return $activateid; }
print_cp_redirect("photoplog_category.php?" . $vbulletin->session->vars['sessionurl'] . "do=moderate", 1); } if ($_REQUEST['do'] == 'moderate') { $photoplog_moderate_cats = $db->query_read("SELECT suggestid, userid, title\r\n\t\tFROM " . PHOTOPLOG_PREFIX . "photoplog_suggestedcats\r\n\t\tWHERE catid = 0 AND approve = 0\r\n\t\tORDER BY dateline DESC\r\n\t"); if ($photoplog_moderate_cats) { print_form_header('photoplog_category', 'decline'); construct_hidden_code('s', $vbulletin->session->vars['sessionhash']); construct_hidden_code('suggestid', 0); print_table_header($vbphrase['photoplog_moderate_categories'], 3); print_cells_row(array($vbphrase['photoplog_title'], '<nobr>' . $vbphrase['photoplog_submitted_by'] . '</nobr>', $vbphrase['photoplog_controls']), 1, '', -1); $photoplog_cnt_bits = 0; while ($photoplog_moderate_cat = $db->fetch_array($photoplog_moderate_cats)) { $photoplog_cnt_bits++; $photoplog_suggestid = intval($photoplog_moderate_cat['suggestid']); $photoplog_title = htmlspecialchars_uni($photoplog_moderate_cat['title']); $photoplog_userinfo = fetch_userinfo(intval($photoplog_moderate_cat['userid'])); $photoplog_username = $photoplog_userinfo['username']; $photoplog_userid = $photoplog_userinfo['userid']; $photoplog_suggested_by = "<a href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u=" . $photoplog_userid . "\">" . $photoplog_username . "</a>"; $bgclass = fetch_row_bgclass(); echo "\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td class=\"{$bgclass}\" width=\"100%\"><a href=\"photoplog_category.php?" . $vbulletin->session->vars['sessionurl'] . "do=review&suggestid=" . $photoplog_suggestid . "\">" . $photoplog_title . "</a></td>\r\n\t\t\t\t\t<td class=\"{$bgclass}\">{$photoplog_suggested_by}</td>\r\n\t\t\t\t\t<td class=\"{$bgclass}\"><nobr><a href=\"photoplog_category.php?" . $vbulletin->session->vars['sessionurl'] . "do=review&suggestid=" . $photoplog_suggestid . "\">" . $vbphrase['photoplog_review'] . "</a> <a href=\"photoplog_category.php?" . $vbulletin->session->vars['sessionurl'] . "do=decline&suggestid=" . $photoplog_suggestid . "\">" . $vbphrase['photoplog_decline'] . "</a></nobr></td>\r\n\t\t\t\t</tr>\r\n\t\t\t"; } if ($photoplog_cnt_bits) { print_table_footer(3, "<input type=\"submit\" class=\"button\" tabindex=\"1\" value=\"" . $vbphrase['photoplog_decline_all'] . "\" accesskey=\"s\" />"); } else { print_description_row($vbphrase['photoplog_nothing_to_moderate'], 0, 3); print_table_footer(); } } else { print_form_header('', ''); construct_hidden_code('s', $vbulletin->session->vars['sessionhash']);
/** * Verifies permissions to attach content to posts * * @param array Contenttype information - bypass reading environment settings * * @return boolean */ public function verify_permissions($info = array()) { global $show; if ($info) { $this->values['postid'] = $info['postid']; $this->values['threadid'] = $info['threadid']; $this->values['forumid'] = $info['forumid']; } else { $this->values['postid'] = intval($this->values['p']) ? intval($this->values['p']) : intval($this->values['postid']); $this->values['threadid'] = intval($this->values['t']) ? intval($this->values['t']) : intval($this->values['threadid']); $this->values['forumid'] = intval($this->values['f']) ? intval($this->values['f']) : intval($this->values['forumid']); } if ($this->values['postid']) { if (!($this->postinfo = fetch_postinfo($this->values['postid']))) { return false; } $this->values['threadid'] = $this->postinfo['threadid']; } if ($this->values['threadid']) { if (!($this->threadinfo = fetch_threadinfo($this->values['threadid']))) { return false; } $this->values['forumid'] = $this->threadinfo['forumid']; } if ($this->values['forumid'] and !($this->foruminfo = fetch_foruminfo($this->values['forumid']))) { return false; } if (!$this->foruminfo and !$this->threadinfo and !($this->postinfo and $this->values['editpost'])) { return false; } $forumperms = fetch_permissions($this->foruminfo['forumid']); // No permissions to post attachments in this forum or no permission to view threads in this forum. if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canpostattachment']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canview']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'])) { return false; } if (!$this->postinfo and !$this->foruminfo['allowposting'] or $this->foruminfo['link'] or !$this->foruminfo['cancontainthreads']) { return false; } if ($this->threadinfo) { if ($this->threadinfo['isdeleted'] or !$this->threadinfo['visible'] and !can_moderate($this->threadinfo['forumid'], 'canmoderateposts')) { return false; } if (!$this->threadinfo['open']) { if (!can_moderate($this->threadinfo['forumid'], 'canopenclose')) { return false; } } if ($this->registry->userinfo['userid'] != $this->threadinfo['postuserid'] and (!($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canreplyothers']))) { return false; } // don't call this part on editpost.php (which will have a $postid) if (!$this->postinfo and !($forumperms & $this->registry->bf_ugp_forumpermissions['canreplyown']) and $this->registry->userinfo['userid'] == $this->threadinfo['postuserid']) { return false; } } else { if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canpostnew'])) { return false; } } if ($this->postinfo) { if (!can_moderate($this->threadinfo['forumid'], 'caneditposts')) { if (!($forumperms & $this->registry->bf_ugp_forumpermissions['caneditpost'])) { return false; } else { if ($this->registry->userinfo['userid'] != $this->postinfo['userid']) { // check user owns this post return false; } else { // check for time limits if ($this->postinfo['dateline'] < TIMENOW - $this->registry->options['edittimelimit'] * 60 and $this->registry->options['edittimelimit']) { return false; } } } } $this->contentid = $this->postinfo['postid']; $this->userinfo = fetch_userinfo($this->postinfo['userid']); cache_permissions($this->userinfo, true); } else { $this->userinfo = $this->registry->userinfo; } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($this->foruminfo['forumid'], $this->foruminfo['password'], false); if (!$this->foruminfo['allowposting']) { $show['attachoption'] = false; $show['forumclosed'] = true; } return true; }
{ $subject = $vbulletin->GPC['other_subject']; } else { $options = explode("\n", trim($vbulletin->options['contactusoptions'])); foreach($options AS $index => $title) { if ($index == $subject) { if (preg_match('#^{(.*)} (.*)$#siU', $title, $matches)) { $title =& $matches[2]; if (is_numeric($matches[1]) AND intval($matches[1]) !== 0) { $userinfo = fetch_userinfo($matches[1]); $alt_email =& $userinfo['email']; $languageid =& $userinfo['languageid']; } else { $alt_email = $matches[1]; } } $subject = $title; break; } } } }
function do_get_subscriptions() { global $vbulletin, $db, $show, $vbphrase, $permissions, $subscribecounters; $vbulletin->options['threadpreview'] = FR_PREVIEW_LEN; if (!$vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if (!$vbulletin->userinfo['userid'] and $_REQUEST['do'] != 'removesubscription' or $vbulletin->userinfo['userid'] and !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or $vbulletin->userinfo['usergroupid'] == 4 or !($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) { json_error(ERR_NO_PERMISSION); } $thread_data = array(); $unread_subs = 0; // vbulletin expects folderid, but we will just get them all $vbulletin->input->clean_array_gpc('r', array('folderid' => TYPE_NOHTML, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'sortfield' => TYPE_NOHTML, 'sortorder' => TYPE_NOHTML, 'previewtype' => TYPE_INT)); $previewtype = $vbulletin->GPC['previewtype']; if (!$previewtype) { $previewtype = 1; } $vbulletin->GPC['folderid'] = 'all'; // Values that are reused in templates $sortfield =& $vbulletin->GPC['sortfield']; $perpage =& $vbulletin->GPC['perpage']; $pagenumber =& $vbulletin->GPC['pagenumber']; $folderid =& $vbulletin->GPC['folderid']; if ($folderid == 'all') { $getallfolders = true; $show['allfolders'] = true; } else { $folderid = intval($folderid); } $folderselect["{$folderid}"] = 'selected="selected"'; // Build folder jump require_once DIR . '/includes/functions_misc.php'; $folders = construct_folder_jump(1, $folderid, false, '', true); $templater = vB_Template::create('subscribe_folder_jump'); $templater->register('folders', $folders); $folderjump = $templater->render(); // look at sorting options: if ($vbulletin->GPC['sortorder'] != 'asc') { $vbulletin->GPC['sortorder'] = 'desc'; $sqlsortorder = 'DESC'; $order = array('desc' => 'selected="selected"'); } else { $sqlsortorder = ''; $order = array('asc' => 'selected="selected"'); } switch ($sortfield) { case 'title': case 'lastpost': case 'replycount': case 'views': case 'postusername': $sqlsortfield = 'thread.' . $sortfield; break; default: $handled = false; if (!$handled) { $sqlsortfield = 'thread.lastpost'; $sortfield = 'lastpost'; } } $sort = array($sortfield => 'selected="selected"'); if ($getallfolders) { $totalallthreads = array_sum($subscribecounters); } else { $totalallthreads = $subscribecounters["{$folderid}"]; } // set defaults sanitize_pageresults($totalallthreads, $pagenumber, $perpage, 200, $vbulletin->options['maxthreads']); // display threads $limitlower = ($pagenumber - 1) * $perpage + 1; $limitupper = $pagenumber * $perpage; if ($limitupper > $totalallthreads) { $limitupper = $totalallthreads; if ($limitlower > $totalallthreads) { $limitlower = $totalallthreads - $perpage; } } if ($limitlower <= 0) { $limitlower = 1; } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $getthreads = $db->query_read_slave("\n\t\tSELECT thread.threadid, emailupdate, subscribethreadid, thread.forumid, thread.postuserid\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "subscribethread AS subscribethread\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = subscribethread.threadid)\n\t\t{$hook_query_joins}\n\t\tWHERE subscribethread.userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\tAND thread.visible = 1\n\t\t\tAND canview = 1\n\t\t" . iif(!$getallfolders, "\tAND folderid = {$folderid}") . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\tLIMIT " . ($limitlower - 1) . ", {$perpage}\n\t"); if ($totalthreads = $db->num_rows($getthreads)) { $forumids = array(); $threadids = array(); $emailupdate = array(); $killthreads = array(); while ($getthread = $db->fetch_array($getthreads)) { $forumperms = fetch_permissions($getthread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $getthread['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { $killthreads["{$getthread['subscribethreadid']}"] = $getthread['subscribethreadid']; $totalallthreads--; continue; } $forumids["{$getthread['forumid']}"] = true; $threadids[] = $getthread['threadid']; $emailupdate["{$getthread['threadid']}"] = $getthread['emailupdate']; $subscribethread["{$getthread['threadid']}"] = $getthread['subscribethreadid']; } $threadids = implode(',', $threadids); } unset($getthread); $db->free_result($getthreads); if (!empty($killthreads)) { // Update thread subscriptions $vbulletin->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "subscribethread\n\t\t\tSET canview = 0\n\t\t\tWHERE subscribethreadid IN (" . implode(', ', $killthreads) . ")\n\t\t"); } if (!empty($threadids)) { cache_ordered_forums(1); $colspan = 5; $show['threadicons'] = false; // get last read info for each thread $lastread = array(); foreach (array_keys($forumids) as $forumid) { if ($vbulletin->options['threadmarking']) { $lastread["{$forumid}"] = max($vbulletin->forumcache["{$forumid}"]['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { $lastread["{$forumid}"] = max(intval(fetch_bbarray_cookie('forum_view', $forumid)), $vbulletin->userinfo['lastvisit']); } if ($vbulletin->forumcache["{$forumid}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons']) { $show['threadicons'] = true; $colspan = 6; } } if ($previewtype == 1) { $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,"; $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)"; } else { $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,"; $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.lastpostid)"; } $hasthreads = true; $threadbits = ''; $pagenav = ''; $counter = 0; $toread = 0; $vbulletin->options['showvotes'] = intval($vbulletin->options['showvotes']); if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) { $lastpost_info = "IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost, " . "IF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter, " . "IF(tachythreadpost.userid IS NULL, thread.lastposterid, tachythreadpost.lastposterid) AS lastposterid, " . "IF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid"; $tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')'; } else { $lastpost_info = 'thread.lastpost, thread.lastposter, thread.lastposterid, thread.lastpostid'; $tachyjoin = ''; } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $threads = $db->query_read_slave("\n\t\t\tSELECT\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . ", thread.votenum, 0) AS votenum,\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . " AND thread.votenum > 0, thread.votetotal / thread.votenum, 0) AS voteavg,\n\t\t\t\tthread.votetotal,\n\t\t\t\t{$previewfield} thread.threadid, thread.title AS threadtitle, thread.forumid, thread.pollid,\n\t\t\t\tthread.open, thread.replycount, thread.postusername, thread.prefixid,\n\t\t\t\t{$lastpost_info}, thread.postuserid, thread.dateline, thread.views, thread.iconid AS threadiconid,\n\t\t\t\tthread.notes, thread.visible, thread.attach, thread.taglist\n\t\t\t\t" . ($vbulletin->options['threadmarking'] ? ", threadread.readtime AS threadread" : '') . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t{$previewjoin}\n\t\t\t" . ($vbulletin->options['threadmarking'] ? " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")" : '') . "\n\t\t\t{$tachyjoin}\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE thread.threadid IN ({$threadids})\n\t\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\t"); unset($sqlsortfield, $sqlsortorder); require_once DIR . '/includes/functions_forumdisplay.php'; // Get Dot Threads $dotthreads = fetch_dot_threads_array($threadids); if ($vbulletin->options['showdots'] and $vbulletin->userinfo['userid']) { $show['dotthreads'] = true; } else { $show['dotthreads'] = false; } if ($vbulletin->options['threadpreview'] and $vbulletin->userinfo['ignorelist']) { // Get Buddy List $buddy = array(); if (trim($vbulletin->userinfo['buddylist'])) { $buddylist = preg_split('/( )+/', trim($vbulletin->userinfo['buddylist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($buddylist as $buddyuserid) { $buddy["{$buddyuserid}"] = 1; } } DEVDEBUG('buddies: ' . implode(', ', array_keys($buddy))); // Get Ignore Users $ignore = array(); if (trim($vbulletin->userinfo['ignorelist'])) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($ignorelist as $ignoreuserid) { if (!$buddy["{$ignoreuserid}"]) { $ignore["{$ignoreuserid}"] = 1; } } } DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore))); } $foruminfo['allowratings'] = true; $show['notificationtype'] = true; $show['threadratings'] = true; $show['threadrating'] = true; while ($thread = $db->fetch_array($threads)) { $threadid = $thread['threadid']; // build thread data $thread = process_thread_array($thread, $lastread["{$thread['forumid']}"]); switch ($emailupdate["{$thread['threadid']}"]) { case 0: $thread['notification'] = $vbphrase['none']; break; case 1: $thread['notification'] = $vbphrase['instant']; break; case 2: $thread['notification'] = $vbphrase['daily']; break; case 3: $thread['notification'] = $vbphrase['weekly']; break; default: $thread['notification'] = $vbphrase['n_a']; } $avatarurl = ''; if ($thread['lastpost_userid'] > 0) { $userinfoavatar = fetch_userinfo($thread['lastpost_userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); } $tmp = array('thread_id' => $thread['threadid'], 'new_posts' => $show['gotonewpost'] ? true : false, 'forum_id' => $thread['forumid'], 'total_posts' => $thread['totalposts'] ? $thread['totalposts'] : 0, 'forum_title' => prepare_utf8_string($thread['forumtitle']), 'thread_title' => prepare_utf8_string($thread['threadtitle']), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($thread['preview']), FR_PREVIEW_LEN)), 'post_userid' => $thread['lastpost_userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($thread['lastpostdate']) . ' ' . $thread['lastposttime']), 'post_username' => prepare_utf8_string(strip_tags($thread['lastpost_username']))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if ($thread['attach']) { $tmp['attach'] = true; } if ($thread['pollid']) { $tmp['poll'] = true; } $thread_data[] = $tmp; } $db->free_result($threads); unset($threadids); } else { $totalallthreads = 0; } $out = array('threads' => $thread_data, 'total_threads' => $totalallthreads); return $out; }
print_description_row($vbphrase['email_will_be_sent_in_user_specified_language']); print_table_break(); print_submit_row($vbphrase['continue']); } } // ###################### Start do moderate and coppa ####################### if ($_POST['do'] == 'domoderate') { $vbulletin->input->clean_array_gpc('p', array('send_validated' => TYPE_INT, 'send_deleted' => TYPE_INT, 'validate' => TYPE_ARRAY_INT)); if (empty($vbulletin->GPC['validate'])) { print_stop_message('please_complete_required_fields'); } else { $evalemail_validated = array(); $evalemail_deleted = array(); require_once DIR . '/includes/functions_misc.php'; if ($vbulletin->options['welcomepm']) { if ($fromuser = fetch_userinfo($vbulletin->options['welcomepm'])) { cache_permissions($fromuser, false); } } foreach ($vbulletin->GPC['validate'] as $userid => $status) { $userid = intval($userid); $user = $db->query_first("\n\t\t\t\tSELECT *\n\t\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\t\tWHERE userid = {$userid}\n\t\t\t"); if (!$user) { // use was likely deleted continue; } $username = unhtmlspecialchars($user['username']); $chosenlanguage = iif($user['languageid'] < 1, intval($vbulletin->options['languageid']), intval($user['languageid'])); if ($status == 1) { // validated // init user data manager
{ print_label_row($bitfieldnames["$val"], '<b>' . $vbphrase['yes'] . '</b>'); } else { print_label_row($bitfieldnames["$val"], '<b>' . $vbphrase['no'] . '</b>'); } } } print_table_footer(); } // ###################### Start viewing resources for specific user ######################## if ($_REQUEST['do'] == 'viewuser') { $userinfo = fetch_userinfo($vbulletin->GPC['userid']); if (!$userinfo) { print_stop_message('invalid_user_specified'); } $perms = cache_permissions($userinfo); print_form_header('', ''); print_table_header($userinfo['username'] . " <span class=\"normal\">(userid: $userinfo[userid])</span>"); foreach ($userinfo['forumpermissions'] AS $forumid => $forumperms) { print_table_header($vbulletin->forumcache["$forumid"]['title'] . " <span class=\"normal\">(forumid: $forumid)</span>"); foreach ($vbulletin->bf_ugp_forumpermissions AS $key => $val) {
function post_save_each($doquery = true) { $blogid = intval($this->fetch_field('blogid')); $userid = intval($this->fetch_field('userid')); $blogtextid = $this->fetch_field('blogtextid'); $postedby_userid = intval($this->fetch_field('postedby_userid')); require_once(DIR . '/vb/search/indexcontroller/queue.php'); vb_Search_Indexcontroller_Queue::indexQueue('vBBlog', 'BlogEntry', 'index', $blogid); vb_Search_Indexcontroller_Queue::indexQueue('vBBlog', 'BlogComment', 'group_data_change', $blogid); if (!$condition AND $this->info['addtags']) { // invalidate users tag cloud $dataman =& datamanager_init('Blog_User', $this->registry, ERRTYPE_SILENT); $info = array('bloguserid' => $userid); $dataman->set_existing($info); $dataman->set('tagcloud', ''); $dataman->save(); } $this->build_category_counters(); build_blog_stats(); // Insert entry for moderation if ($this->fetch_field('state') == 'moderation') { /*insert query*/ $this->dbobject->query_write(" INSERT IGNORE INTO " . TABLE_PREFIX . "blog_moderation (primaryid, type, dateline) VALUES ($blogid, 'blogid', " . TIMENOW . ") "); } // Insert entry for moderation if (!$this->condition AND ($this->fetch_field('state') == 'moderation' OR $this->fetch_field('state') == 'draft') OR $this->fetch_field('pending')) { $userinfo = array('bloguserid' => $userid); $userdata =& datamanager_init('Blog_user', $this->registry, ERRTYPE_SILENT); $userdata->set_existing($userinfo); if ($this->fetch_field('state') == 'moderation' OR $this->fetch_field('state') == 'draft') { $userdata->set($this->fetch_field('state'), $this->fetch_field('state') . ' + 1', false); } if ($this->fetch_field('pending')) { $userdata->set('pending', 'pending + 1', false); } $userdata->save(); } // Send Email Notification if (((!$this->condition AND !$this->fetch_field('pending')) OR $this->info['send_notification']) AND ($this->fetch_field('state') == 'visible' OR $this->fetch_field('state') == 'moderation') AND $this->registry->options['enableemail']) { $lastposttime = $this->dbobject->query_first(" SELECT MAX(dateline) AS dateline FROM " . TABLE_PREFIX . "blog AS blog WHERE blogid = $blogid AND dateline < " . $this->fetch_field('dateline') . " AND state = 'visible' "); $entrytitle = unhtmlspecialchars($this->fetch_field('title')); if (defined('VBBLOG_PERMS') AND $this->registry->userinfo['userid'] == $this->fetch_field('userid')) { $blogtitle = unhtmlspecialchars($this->registry->userinfo['blog_title']); $username = unhtmlspecialchars($this->registry->userinfo['username']); $userinfo =& $this->registry->userinfo; } else { if (!defined('VBBLOG_PERMS')) { // Tell the fetch_userinfo plugin that we need the blog fields in case this class is being called by a non blog script define('VBBLOG_PERMS', true); } $userinfo = fetch_userinfo($this->fetch_field('userid'), 1); cache_permissions($userinfo, false); $blogtitle = unhtmlspecialchars($userinfo['blog_title']); if ($userinfo['userid'] != $this->fetch_field('userid')) { $userinfo2 = fetch_userinfo($this->fetch_field('userid'), 1); $username = unhtmlspecialchars($userinfo2['username']); } else { $username = unhtmlspecialchars($userinfo['username']); } } require_once(DIR . '/includes/class_bbcode_alt.php'); $plaintext_parser = new vB_BbCodeParser_PlainText($this->registry, fetch_tag_list()); $pagetext_cache = array(); // used to cache the results per languageid for speed $pagetext_orig =& $this->fetch_field('pagetext', 'blog_text'); ($hook = vBulletinHook::fetch_hook('blog_user_notification_start')) ? eval($hook) : false; $useremails = $this->dbobject->query_read_slave(" SELECT user.*, blog_subscribeuser.blogsubscribeuserid, bm.blogmoderatorid, ignored.relationid AS ignoreid, buddy.relationid AS buddyid, bu.isblogmoderator, IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid FROM " . TABLE_PREFIX . "blog_subscribeuser AS blog_subscribeuser INNER JOIN " . TABLE_PREFIX . "user AS user ON (blog_subscribeuser.userid = user.userid) LEFT JOIN " . TABLE_PREFIX . "blog_moderator AS bm ON (bm.userid = user.userid) LEFT JOIN " . TABLE_PREFIX . "userlist AS buddy ON (buddy.userid = $userid AND buddy.relationid = user.userid AND buddy.type = 'buddy') LEFT JOIN " . TABLE_PREFIX . "userlist AS ignored ON (ignored.userid = $userid AND ignored.relationid = user.userid AND ignored.type = 'ignore') LEFT JOIN " . TABLE_PREFIX . "blog_user AS bu ON (bu.bloguserid = user.userid) WHERE blog_subscribeuser.bloguserid = $userid AND " . ($userid == $postedby_userid ? "blog_subscribeuser.userid <> $userid AND" : "") . " blog_subscribeuser.type = 'email' AND user.usergroupid <> 3 AND user.lastactivity >= " . intval($lastposttime['dateline']) . " "); vbmail_start(); $setoptions = $this->fetch_field('options'); $evalemail = array(); while ($touser = $this->dbobject->fetch_array($useremails)) { cache_permissions($touser, false); // only send private entries to contacts and moderators if ($setoptions["{$this->bitfields['options']['private']}"] AND !$touser['buddyid'] AND !$touser['blogmoderatorid'] AND !is_member_of_blog($touser, $userinfo)) { continue; } if (!($this->registry->usergroupcache["$touser[usergroupid]"]['genericoptions'] & $this->registry->bf_ugp_genericoptions['isnotbannedgroup'])) { continue; } if ($this->fetch_field('state') == 'moderation') { if ($touser['userid'] != $userid AND !can_moderate_blog('canmoderateentries', $touser)) { continue; } } if (!empty($this->info['categories'])) { prepare_blog_category_permissions($touser); if (array_intersect($touser['blogcategorypermissions']['cantview'], $this->info['categories']) AND $userinfo['userid'] != $touser['userid']) { continue; } } if (!($touser['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) { continue; } else if ( !$touser['blogmoderatorid'] AND !($touser['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel']) AND !($touser['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['ismoderator']) AND (!$userinfo['ignore_canviewmyblog'] OR !$touser['ignoreid']) AND (!$userinfo['buddy_canviewmyblog'] OR !$touser['buddyid']) AND (!$userinfo['member_canviewmyblog'] OR (!$userinfo['buddy_canviewmyblog'] AND $touser['budyid']) OR (!$userinfo['ignore_canviewmyblog'] AND $touser['ignoreid'])) AND !is_member_of_blog($touser, $userinfo) ) { continue; } $touser['username'] = unhtmlspecialchars($touser['username']); $touser['languageid'] = iif($touser['languageid'] == 0, $this->registry->options['languageid'], $touser['languageid']); $touser['auth'] = md5($touser['userid'] . $touser['blogsubscribeuserid'] . $touser['salt'] . COOKIE_SALT); if (empty($evalemail)) { $email_texts = $this->dbobject->query_read_slave(" SELECT text, languageid, fieldname FROM " . TABLE_PREFIX . "phrase WHERE fieldname IN ('emailsubject', 'emailbody') AND varname = 'blog_user_notify' "); while ($email_text = $this->dbobject->fetch_array($email_texts)) { $emails["$email_text[languageid]"]["$email_text[fieldname]"] = $email_text['text']; } require_once(DIR . '/includes/functions_misc.php'); foreach ($emails AS $languageid => $email_text) { // lets cycle through our array of notify phrases $text_message = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailbody']), $emails['-1']['emailbody'], $email_text['emailbody']))); $text_message = replace_template_variables($text_message); $text_subject = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailsubject']), $emails['-1']['emailsubject'], $email_text['emailsubject']))); $text_subject = replace_template_variables($text_subject); $evalemail["$languageid"] = ' $message = "' . $text_message . '"; $subject = "' . $text_subject . '"; '; } } // parse the page text into plain text, taking selected language into account if (!isset($pagetext_cache["$touser[languageid]"])) { $plaintext_parser->set_parsing_language($touser['languageid']); $pagetext_cache["$touser[languageid]"] = $plaintext_parser->parse($pagetext_orig); } $pagetext = $pagetext_cache["$touser[languageid]"]; ($hook = vBulletinHook::fetch_hook('blog_user_notification_message')) ? eval($hook) : false; eval(iif(empty($evalemail["$touser[languageid]"]), $evalemail["-1"], $evalemail["$touser[languageid]"])); vbmail($touser['email'], $subject, $message); } unset($plaintext_parser, $pagetext_cache); vbmail_end(); } $this->post_save_each_blogtext($doquery); if ($this->fetch_field('dateline') <= TIMENOW) { $this->insert_dupehash($this->fetch_field('blogid')); } if ($this->condition AND $this->info['emailupdate'] == 'none' AND ($userid != $this->registry->userinfo['userid'] OR ($userid == $this->registry->userinfo['userid'] AND $this->existing['entrysubscribed']))) { $this->dbobject->query_write(" DELETE FROM " . TABLE_PREFIX . "blog_subscribeentry WHERE blogid = $blogid AND userid = $userid "); } else if ($this->info['emailupdate'] == 'email' OR $this->info['emailupdate'] == 'usercp') { $this->dbobject->query_write(" REPLACE INTO " . TABLE_PREFIX . "blog_subscribeentry (blogid, dateline, type, userid) VALUES ($blogid, " . TIMENOW . ", '" . $this->info['emailupdate'] . "', $userid) "); } ($hook = vBulletinHook::fetch_hook('blog_fpdata_postsave')) ? eval($hook) : false; }
// Build variables for the remaining signature permissions $sigperms_display = array('sigmaxchars' => vb_number_format($permissions['maxchars']), 'sigmaxlines' => vb_number_format($permissions['maxlines']), 'sigpicmaxwidth' => vb_number_format($permissions['sigpicmaxwidth']), 'sigpicmaxheight' => vb_number_format($permissions['sigpicmaxheight']), 'sigpicmaxsize' => vb_number_format($permissions['sigpicmaxsize'], 1, true)); if ($preview_error_signature) { $signature = $preview_error_signature; } else { $signature = $vbulletin->userinfo['signature']; } // Free the memory, unless we need it below. if (!$signature) { unset($sig_parser); } if ($signature) { if (!$previewmessage) { require_once DIR . '/includes/class_bbcode.php'; $bbcode_parser =& new vB_BbCodeParser($vbulletin, fetch_tag_list()); $bbcode_parser->set_parse_userinfo(fetch_userinfo($vbulletin->userinfo['userid'], FETCH_USERINFO_SIGPIC), $vbulletin->userinfo['permissions']); $previewmessage = $bbcode_parser->parse($signature, 'signature'); } // save a conditional by just overwriting the phrase $vbphrase['submit_message'] =& $vbphrase['save_signature']; eval('$preview = "' . fetch_template('newpost_preview') . '";'); } require_once DIR . '/includes/functions_editor.php'; // set message box width to usercp size $stylevar['messagewidth'] = $stylevar['messagewidth_usercp']; $editorid = construct_edit_toolbar(htmlspecialchars_uni($signature), 0, 'signature', $vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['allowsmilies']); $show['canbbcode'] = $vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['canbbcode'] ? true : false; // ############### DISPLAY SIG IMAGE CONTROLS ############### require_once DIR . '/includes/functions_file.php'; $inimaxattach = fetch_max_upload_size(); if ($permissions['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['cansigpic']) {
/** * Returns appropriate user info for the owner of this session. * * @return array Array of user information. */ function &fetch_userinfo() { if ($this->userinfo) { // we already calculated this return $this->userinfo; } else { if ($this->vars['userid'] and !defined('SKIP_USERINFO')) { // user is logged in $useroptions = (defined('IN_CONTROL_PANEL') ? FETCH_USERINFO_ADMIN : 0) + (defined('AVATAR_ON_NAVBAR') ? FETCH_USERINFO_AVATAR : 0); $this->userinfo = fetch_userinfo($this->vars['userid'], $useroptions, $this->vars['languageid']); return $this->userinfo; } else { // guest setup $this->userinfo = array('userid' => 0, 'usergroupid' => 1, 'username' => !empty($_REQUEST['username']) ? htmlspecialchars_uni($_REQUEST['username']) : '', 'password' => '', 'email' => '', 'styleid' => $this->vars['styleid'], 'languageid' => $this->vars['languageid'], 'lastactivity' => $this->vars['lastactivity'], 'daysprune' => 0, 'timezoneoffset' => $this->registry->options['timeoffset'], 'dstonoff' => $this->registry->options['dstonoff'], 'showsignatures' => 1, 'showavatars' => 1, 'showimages' => 1, 'showusercss' => 1, 'dstauto' => 0, 'maxposts' => -1, 'startofweek' => 1, 'threadedmode' => $this->registry->options['threadedmode'], 'securitytoken' => 'guest', 'securitytoken_raw' => 'guest'); $this->userinfo['options'] = $this->registry->bf_misc_useroptions['showsignatures'] | $this->registry->bf_misc_useroptions['showavatars'] | $this->registry->bf_misc_useroptions['showimages'] | $this->registry->bf_misc_useroptions['dstauto'] | $this->registry->bf_misc_useroptions['showusercss']; if (!defined('SKIP_USERINFO')) { // get default language $phraseinfo = $this->registry->db->query_first_slave("\n\t\t\t\t\tSELECT languageid" . fetch_language_fields_sql(0) . "\n\t\t\t\t\tFROM " . TABLE_PREFIX . "language\n\t\t\t\t\tWHERE languageid = " . (!empty($this->vars['languageid']) ? $this->vars['languageid'] : intval($this->registry->options['languageid'])) . "\n\t\t\t\t"); if (empty($phraseinfo)) { // can't phrase this since we can't find the language trigger_error('The requested language does not exist, reset via tools.php.', E_USER_ERROR); } foreach ($phraseinfo as $_arrykey => $_arryval) { $this->userinfo["{$_arrykey}"] = $_arryval; } unset($phraseinfo); } return $this->userinfo; } } }