}
// make sure the ids we are going to work with are sane
$messageids = array();
foreach (array_keys($vbulletin->GPC['pm']) as $pmid) {
$pmid = intval($pmid);
$messageids["{$pmid}"] = $pmid;
}
unset($pmid);
($hook = vBulletinHook::fetch_hook('private_managepm_start')) ? eval($hook) : false;
// now switch the $dowhat...
switch ($vbulletin->GPC['dowhat']) {
// *****************************
// move messages to a new folder
case 'move':
$totalmessages = sizeof($messageids);
$messageids = sign_client_string(serialize($messageids));
$folderoptions = construct_folder_jump(0, 0, array($vbulletin->GPC['folderid'], -1));
switch ($vbulletin->GPC['folderid']) {
case -1:
$fromfolder = $vbphrase['sent_items'];
break;
case 0:
$fromfolder = $vbphrase['inbox'];
break;
default:
$folders = unserialize($vbulletin->userinfo['pmfolders']);
$fromfolder = $folders["{$vbulletin->GPC['folderid']}"];
}
($hook = vBulletinHook::fetch_hook('private_managepm_move')) ? eval($hook) : false;
if ($folderoptions) {
$templatename = 'pm_movepm';
}
// ###################### Do delete the attachment ####################
if ($_POST['do'] == 'dodelete') {
$vbulletin->input->clean_array_gpc('p', array('attachmentid' => TYPE_UINT));
$attachdata =& datamanager_init('Attachment', $vbulletin, ERRTYPE_CP, 'attachment');
$attachdata->condition = "attachmentid = " . $vbulletin->GPC['attachmentid'];
$attachdata->log = false;
$attachdata->delete(true, false);
define('CP_REDIRECT', 'attachment.php?do=intro');
print_stop_message('deleted_attachment_successfully');
}
// ###################### Mass Delete attachments ####################
if ($_REQUEST['do'] == 'massdelete') {
$vbulletin->input->clean_array_gpc('r', array('a_delete' => TYPE_ARRAY_UINT));
print_form_header('attachment', 'domassdelete');
construct_hidden_code('a_delete', sign_client_string(serialize($vbulletin->GPC['a_delete'])));
print_table_header($vbphrase['confirm_deletion']);
print_description_row($vbphrase['are_you_sure_you_want_to_delete_these_attachments']);
print_submit_row($vbphrase['yes'], '', 2, $vbphrase['no']);
}
// ###################### Mass Delete attachments ####################
if ($_POST['do'] == 'domassdelete') {
$vbulletin->input->clean_array_gpc('p', array('a_delete' => TYPE_STR));
$delete = @unserialize(verify_client_string($vbulletin->GPC['a_delete']));
if ($delete and is_array($delete)) {
$ids = implode(',', $delete);
$attachdata =& datamanager_init('Attachment', $vbulletin, ERRTYPE_CP, 'attachment');
$attachdata->condition = "attachmentid IN (-1," . $db->escape_string($ids) . ")";
$attachdata->log = false;
$attachdata->delete(true, false);
}
function check_all_checkable(toggle)
{
var els = YAHOO.util.Dom.getElementsByClassName('checkable');
for (var i = 0; i < els.length; i++)
{
els[i].checked = toggle.checked;
}
}
// -->
</script>
<?php
print_form_header('prefix', 'savepermissions');
print_table_header($vbphrase['edit_thread_prefix_permissions']);
construct_hidden_code('prefixids', sign_client_string(serialize($prefixids)));
construct_hidden_code('shownusergroups', sign_client_string(serialize(array_keys($vbulletin->usergroupcache))));
print_description_row(construct_phrase($vbphrase['editing_permissions_for_x'], implode(', ', $prefix_html)));
if (count(array_unique($prefixdefaults)) <= 1) {
print_yes_no_row($vbphrase['allow_new_groups_to_use_selected_prefixes'], 'default', $prefixdefaults[0]);
} else {
$conflict_options_default = array('-1' => $vbphrase['leave_default_permissions_unchanged'], '0' => $vbphrase['new_groups_may_use_selected_prefixes'], '1' => $vbphrase['new_groups_may_not_use_selected_prefixes']);
print_label_row($vbphrase['allow_new_groups_to_use_selected_prefixes'], "<label for=\"sel_ug{$usergroupid}\" class=\"smallfont\">" . $vbphrase['set_default_permissions'] . ": <select name=\"conflict[{$usergroupid}]\" id=\"sel_ug{$usergroupid}\">" . construct_select_options($conflict_options_default, '-1') . "</select>");
}
print_description_row('<label for="cb_allbox"><input type="checkbox" name="allbox" id="cb_allbox" onclick="check_all_checkable(this)"' . (empty($usergroupperms) ? ' checked="checked"' : '') . " />{$vbphrase['check_uncheck_all']}</label>", false, 2, 'thead');
foreach ($vbulletin->usergroupcache as $usergroupid => $usergroup) {
if (in_array($usergroupid, $conflicts)) {
print_label_row("<label for=\"cb_ug{$usergroupid}\"><input type=\"checkbox\" disabled=\"disabled\" id=\"cb_ug{$usergroupid}\" />{$usergroup['title']}</label>", "<label for=\"sel_ug{$usergroupid}\" class=\"smallfont\">" . $vbphrase['resolve_permission_conflict'] . ": <select name=\"conflict[{$usergroupid}]\" id=\"sel_ug{$usergroupid}\">" . construct_select_options($conflict_options, 0) . "</select>");
} else {
print_description_row("<label for=\"cb_ug{$usergroupid}\"><input type=\"checkbox\" name=\"usergroup[{$usergroupid}]\" id=\"cb_ug{$usergroupid}\" class=\"checkable\"" . (empty($usergroupperms["{$usergroupid}"]) ? ' checked="checked"' : '') . " />{$usergroup['title']}</label>");
}
}
function do_login_redirect()
{
global $vbulletin, $vbphrase;
$vbulletin->input->fetch_basepath();
if (
$vbulletin->url == 'login.php'
OR $vbulletin->url == $vbulletin->options['forumhome'] . '.php'
OR strpos($vbulletin->url, 'do=logout') !== false
OR (!$vbulletin->options['allowmultiregs'] AND strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0)
)
{
$vbulletin->url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'];
}
else
{
$vbulletin->url = fetch_replaced_session_url($vbulletin->url);
$vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url); // bug 3654 don't ask why
}
$temp = strpos($vbulletin->url, '?');
if ($temp)
{
$formfile = substr($vbulletin->url, 0, $temp);
}
else
{
$formfile =& $vbulletin->url;
}
$postvars = $vbulletin->GPC['postvars'];
($hook = vBulletinHook::fetch_hook('login_redirect')) ? eval($hook) : false;
// recache the global group to get the stuff from the new language
$globalgroup = $vbulletin->db->query_first_slave("
SELECT phrasegroup_global, languagecode, charset
FROM " . TABLE_PREFIX . "language
WHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid'])
);
if ($globalgroup)
{
$vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global']));
if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset'])
{
// change the character set in a bunch of places - a total hack
global $headinclude;
$headinclude = str_replace(
"content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"",
"content=\"text/html; charset=$globalgroup[charset]\"",
$headinclude
);
vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir');
$vbulletin->userinfo['lang_charset'] = $globalgroup['charset'];
exec_headers();
}
if ($vbulletin->GPC['postvars'])
{
$postvars = @unserialize(verify_client_string($vbulletin->GPC['postvars']));
if ($postvars['securitytoken'] = 'guest')
{
$vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['salt']) . sha1(COOKIE_SALT));
$vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']);
$postvars['securitytoken'] = $vbulletin->userinfo['securitytoken'];
$vbulletin->GPC['postvars'] = sign_client_string(serialize($postvars));
}
}
vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']);
}
eval(print_standard_redirect('redirect_login', true, true, $vbulletin->userinfo['languageid']));
}
}
}
$cell[] = $output;
} else {
$cell[] = $user["{$varname}"];
}
}
}
if ($vbulletin->GPC['display']['options']) {
$cell[] = "\n\t<select name=\"u{$user['userid']}\" onchange=\"js_usergroup_jump({$user['userid']});\" class=\"bginput\">\n\t\t\t<option value=\"edit\">{$vbphrase['view']} / " . $vbphrase['edit_user'] . "</option>" . iif(!empty($user['email']), "<option value=\"" . unhtmlspecialchars($user[email]) . "\">" . $vbphrase['send_password_to_user'] . "</option>") . "\n\t\t\t<option value=\"access\">" . $vbphrase['edit_access_masks'] . "</option>\n\t\t\t<option value=\"kill\">" . $vbphrase['delete_user'] . "</option>\n\t</select><input type=\"button\" class=\"button\" value=\"" . $vbphrase['go'] . "\" onclick=\"js_usergroup_jump({$user['userid']});\" />\n\t";
}
print_cells_row($cell);
}
construct_hidden_code('serializeduser', sign_client_string(serialize($vbulletin->GPC['user'])));
construct_hidden_code('serializedprofile', sign_client_string(serialize($vbulletin->GPC['profile'])));
construct_hidden_code('serializeddisplay', sign_client_string(serialize($vbulletin->GPC['display'])));
construct_hidden_code('limitnumber', $vbulletin->GPC['limitnumber']);
construct_hidden_code('orderby', $vbulletin->GPC['orderby']);
construct_hidden_code('direction', $vbulletin->GPC['direction']);
if ($vbulletin->GPC['limitstart'] == 0 and $countusers['users'] > $vbulletin->GPC['limitnumber']) {
construct_hidden_code('limitstart', $vbulletin->GPC['limitstart'] + $vbulletin->GPC['limitnumber'] + 1);
print_submit_row($vbphrase['next_page'], 0, $colspan);
} else {
if ($limitfinish < $countusers['users']) {
construct_hidden_code('limitstart', $vbulletin->GPC['limitstart'] + $vbulletin->GPC['limitnumber'] + 1);
print_submit_row($vbphrase['next_page'], 0, $colspan, $vbphrase['prev_page'], '', true);
} else {
if ($vbulletin->GPC['limitstart'] > 0 and $limitfinish >= $countusers['users']) {
print_submit_row($vbphrase['first_page'], 0, $colspan, $vbphrase['prev_page'], '', true);
} else {
print_table_footer();
/**
* Returns a hidden input field containing the serialized $_POST array
*
* @return string HTML code containing hidden fields
*/
function construct_post_vars_html()
{
global $vbulletin;
$vbulletin->input->clean_gpc('p', 'postvars', TYPE_BINARY);
if ($vbulletin->GPC['postvars'] != '' and verify_client_string($vbulletin->GPC['postvars']) !== false) {
return '<input type="hidden" name="postvars" value="' . htmlspecialchars_uni($vbulletin->GPC['postvars']) . '" />' . "\n";
} else {
if ($vbulletin->superglobal_size['_POST'] > 0) {
return '<input type="hidden" name="postvars" value="' . htmlspecialchars_uni(sign_client_string(serialize($_POST))) . '" />' . "\n";
} else {
return '';
}
}
}
if (!$count['count']) {
print_stop_message('no_threads_matched_your_query');
}
print_form_header('thread', 'dothreadsall');
construct_hidden_code('type', $vbulletin->GPC['type']);
construct_hidden_code('criteria', sign_client_string(serialize($vbulletin->GPC['thread'])));
print_table_header(construct_phrase($vbphrase['x_thread_matches_found'], $count['count']));
if ($vbulletin->GPC['type'] == 'prune') {
print_submit_row($vbphrase['prune_all_threads'], '');
} else {
construct_hidden_code('destforumid', $vbulletin->GPC['destforumid']);
print_submit_row($vbphrase['move_all_threads'], '');
}
print_form_header('thread', 'dothreadssel');
construct_hidden_code('type', $vbulletin->GPC['type']);
construct_hidden_code('criteria', sign_client_string(serialize($vbulletin->GPC['thread'])));
print_table_header(construct_phrase($vbphrase['x_thread_matches_found'], $count['count']));
if ($vbulletin->GPC['type'] == 'prune') {
print_submit_row($vbphrase['prune_threads_selectively'], '');
} else {
construct_hidden_code('destforumid', $vbulletin->GPC['destforumid']);
print_submit_row($vbphrase['move_threads_selectively'], '');
}
}
// ###################### Start move/prune all matching #######################
if ($_POST['do'] == 'dothreadsall') {
$vbulletin->input->clean_array_gpc('p', array('criteria' => TYPE_BINARY, 'destforumid' => TYPE_INT));
$thread = @unserialize(verify_client_string($vbulletin->GPC['criteria']));
if (!is_array($thread) or sizeof($thread) == 0) {
print_stop_message('please_complete_required_fields');
}
}
$vbulletin->db->show_errors();
print_table_break();
}
print_table_header($vbphrase['results'], 3);
print_cells_row(array($vbphrase['table'], $vbphrase['action'], $vbphrase['message']), 1);
if (!empty($vbulletin->GPC['tablelist']) and ($vbulletin->GPC['optimizetables'] or $vbulletin->GPC['repairtables'])) {
foreach ($vbulletin->GPC['tablelist'] as $tablename) {
exec_sql_table_check($tablename);
}
} else {
print_description_row($vbphrase['nothing_to_do'], 0, 3);
}
construct_hidden_code('optimizetables', $vbulletin->GPC['optimizetables']);
construct_hidden_code('repairtables', $vbulletin->GPC['repairtables']);
construct_hidden_code('tableserial', sign_client_string(serialize($vbulletin->GPC['tablelist'])));
print_submit_row($vbphrase['repeat_process'], '', 3);
}
// ######################### Start table list ####################
if ($_REQUEST['do'] == 'list') {
print_form_header('repair', 'dorepair', 0, 1, 'cpform');
print_table_header($vbphrase['repair_optimize_tables'], 5);
$headings = array();
$headings[] = $vbphrase['table'];
$headings[] = $vbphrase['data_length'];
$headings[] = $vbphrase['index_length'];
$headings[] = $vbphrase['overhead'];
$headings[] = "<input type=\"checkbox\" name=\"allbox\" id=\"allbox\" title=\"{$vbphrase['check_all']}\" onclick=\"js_check_all(this.form);\" /><label for=\"allbox\">{$vbphrase['check_all']}</label>";
print_cells_row($headings, 1);
$mysqlversion = $db->query_first("SELECT VERSION() AS version");
$tables = $db->query_write("SHOW TABLE STATUS");
/**
* Replaces all those none safe characters so we dont waste space in array cookie values with URL entities
*
* @param string Cookie array
* @param string Direction ('get' or 'set')
*
* @return array
*/
function convert_bbarray_cookie($cookie, $dir = 'get')
{
if ($dir == 'set')
{
$cookie = str_replace(array('"', ':', ';'), array('.', '-', '_'), $cookie);
// prefix cookie with 32 character hash
$cookie = sign_client_string($cookie);
}
else
{
if (($cookie = verify_client_string($cookie)) !== false)
{
$cookie = str_replace(array('.', '-', '_'), array('"', ':', ';'), $cookie);
}
else
{
$cookie = '';
}
}
return $cookie;
}
}
$_REQUEST['do'] = 'donext';
} else {
define('CP_REDIRECT', 'email.php?' . $vbulletin->session->vars['sessionurl']);
print_stop_message('emails_sent_successfully');
}
}
}
}
// *************************** Link to next page of emails to send **********************
if ($_REQUEST['do'] == 'donext') {
$vbulletin->GPC['startat'] += $vbulletin->GPC['perpage'];
print_form_header('email', 'dosendmail', false, true, 'cpform_dosendmail');
construct_hidden_code('test', $vbulletin->GPC['test']);
construct_hidden_code('serializeduser', sign_client_string(serialize($vbulletin->GPC['user'])));
construct_hidden_code('serializedprofile', sign_client_string(serialize($vbulletin->GPC['profile'])));
construct_hidden_code('from', $vbulletin->GPC['from']);
construct_hidden_code('subject', $vbulletin->GPC['subject']);
construct_hidden_code('message', $vbulletin->GPC['message']);
construct_hidden_code('startat', $vbulletin->GPC['startat']);
construct_hidden_code('perpage', $vbulletin->GPC['perpage']);
print_submit_row($vbphrase['next_page'], 0);
?>
<script type="text/javascript">
<!--
if (document.cpform_dosendmail)
{
function send_submit()
{
var submits = YAHOO.util.Dom.getElementsBy(
function(element) { return (element.type == "submit") },
}
$vbulletin->url = 'subscription.php?' . $vbulletin->session->vars['sessionurl'] . 'do=viewsubscription&folderid=' . $vbulletin->GPC['folderid'];
eval(print_standard_redirect('redirect_subupdate'));
break;
// *************************
// Move to new Folder
// *************************
// Move to new Folder
case 'move':
$ids = array();
foreach ($deletebox as $id) {
$id = intval($id);
$ids["{$id}"] = $id;
}
$numthreads = sizeof($ids);
$ids = sign_client_string(serialize($ids));
unset($id, $deletebox);
require_once DIR . '/includes/functions_misc.php';
if ($vbulletin->GPC['folderid'] === 'all') {
$exclusions = false;
} else {
$exclusions = array($vbulletin->GPC['folderid'], -1);
}
$folderoptions = construct_folder_jump(1, 0, $exclusions);
($hook = vBulletinHook::fetch_hook('usersub_manage_move')) ? eval($hook) : false;
if ($folderoptions) {
if ($vbulletin->GPC['folderid'] === 'all') {
$fromfolder = $vbphrase['all'];
} else {
$folders = unserialize($vbulletin->userinfo['subfolders']);
$fromfolder = $folders["{$vbulletin->GPC['folderid']}"];
/**
* Returns a hidden input field containing the serialized $_POST array
*
* @return string HTML code containing hidden fields
*/
function construct_post_vars_html()
{
global $vbulletin;
$vbulletin->input->clean_gpc('p', 'postvars', vB_Cleaner::TYPE_BINARY);
if ($vbulletin->GPC['postvars'] != '' and verify_client_string($vbulletin->GPC['postvars']) !== false) {
return '<input type="hidden" name="postvars" value="' . htmlspecialchars_uni($vbulletin->GPC['postvars']) . '" />' . "\n";
} else {
if (sizeof($_POST) > 0) {
$string = json_encode($_POST);
return '<input type="hidden" name="postvars" value="' . htmlspecialchars_uni(sign_client_string($string)) . '" />' . "\n";
} else {
return '';
}
}
}
break;
// *************************
// Move to new Folder
case 'move':
$ids = array();
foreach ($deletebox AS $id)
{
$id = intval($id);
$ids["$id"] = $id;
}
$numthreads = sizeof($ids);
$ids = sign_client_string(implode(',', $ids));
unset($id, $deletebox);
require_once(DIR . '/includes/functions_misc.php');
if ($vbulletin->GPC['folderid'] === 'all')
{
$exclusions = false;
}
else
{
$exclusions = array($vbulletin->GPC['folderid'], -1);
}
$folderoptions = construct_folder_jump(1, 0, $exclusions);
}
print_submit_row($vbphrase['delete_selected_groups']);
} else {
print_cp_message($vbphrase['no_groups_found']);
}
}
// #######################################################################
if ($_POST['do'] == 'delete') {
$vbulletin->input->clean_array_gpc('p', array('ids' => TYPE_ARRAY_KEYS_INT));
if (empty($vbulletin->GPC['ids'])) {
print_cp_message($vbphrase['you_did_not_select_any_groups']);
}
print_form_header('socialgroups', 'kill');
print_table_header($vbphrase['confirm_deletion']);
print_description_row(construct_phrase($vbphrase['are_you_sure_you_want_to_delete_x_groups'], sizeof($vbulletin->GPC['ids'])), false, 2, '', 'center');
construct_hidden_code('ids', sign_client_string(serialize($vbulletin->GPC['ids'])));
print_submit_row($vbphrase['yes'], 0, 2, $vbphrase['no']);
}
// #######################################################################
if ($_POST['do'] == 'kill') {
$vbulletin->input->clean_array_gpc('p', array('ids' => TYPE_NOCLEAN));
$ids = @unserialize(verify_client_string($vbulletin->GPC['ids']));
if (is_array($ids) and !empty($ids)) {
print_form_header('socialgroups', '');
print_table_header($vbphrase['deleting_groups']);
$groups = $vbulletin->db->query_read("\n\t\t\tSELECT * FROM " . TABLE_PREFIX . "socialgroup\n\t\t\tWHERE groupid IN (" . implode(',', $ids) . ")\n\t\t");
if ($vbulletin->db->num_rows($groups) == 0) {
print_description_row($vbphrase['no_groups_found']);
}
while ($group = $vbulletin->db->fetch_array($groups)) {
$socialgroupdm = datamanager_init('SocialGroup', $vbulletin);
function do_login_redirect()
{
global $vbulletin, $vbphrase;
$vbulletin->input->fetch_basepath();
//the clauses
//url $vbulletin->url == 'login.php' and $vbulletin->url == $vbulletin->options['forumhome'] . '.php'
//will never be true -- $vbulletin->url contains the full url path.
//The second shouldn't be needed, the else clause seems to handle this just fine.
//the first we'll change to match a partial url.
if (preg_match('#login.php(?:\\?|$)#', $vbulletin->url) or strpos($vbulletin->url, 'do=logout') !== false or !$vbulletin->options['allowmultiregs'] and strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0) {
$vbulletin->url = fetch_seo_url('forumhome', array());
} else {
$vbulletin->url = fetch_replaced_session_url($vbulletin->url);
$vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url);
// bug 3654 don't ask why
}
$temp = strpos($vbulletin->url, '?');
if ($temp) {
$formfile = substr($vbulletin->url, 0, $temp);
} else {
$formfile =& $vbulletin->url;
}
$postvars = $vbulletin->GPC['postvars'];
($hook = vBulletinHook::fetch_hook('login_redirect')) ? eval($hook) : false;
if (!VB_API) {
// recache the global group to get the stuff from the new language
$globalgroup = $vbulletin->db->query_first_slave("\n\t\t\tSELECT phrasegroup_global, languagecode, charset\n\t\t\tFROM " . TABLE_PREFIX . "language\n\t\t\tWHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid']));
if ($globalgroup) {
$vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global']));
if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset']) {
// change the character set in a bunch of places - a total hack
global $headinclude;
$headinclude = str_replace("content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset={$globalgroup['charset']}\"", $headinclude);
vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir');
$vbulletin->userinfo['lang_charset'] = $globalgroup['charset'];
exec_headers();
}
if ($vbulletin->GPC['postvars']) {
$postvars = @unserialize(verify_client_string($vbulletin->GPC['postvars']));
$postvars['login_redirect'] = true;
if ($postvars['securitytoken'] == 'guest') {
$vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['salt']) . sha1(COOKIE_SALT));
$vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']);
$postvars['securitytoken'] = $vbulletin->userinfo['securitytoken'];
}
$vbulletin->GPC['postvars'] = sign_client_string(serialize($postvars));
}
vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']);
}
}
print_standard_redirect(array('redirect_login', $vbulletin->userinfo['username']), true, true, $vbulletin->userinfo['languageid']);
}
function do_login_redirect()
{
global $vbulletin, $vbphrase;
$vbulletin->input->fetch_basepath();
//the clauses
//url $vbulletin->url == 'login.php' and $vbulletin->url == $vbulletin->options['forumhome'] . '.php'
//will never be true -- $vbulletin->url contains the full url path.
//The second shouldn't be needed, the else clause seems to handle this just fine.
//the first we'll change to match a partial url.
if (preg_match('#login.php(?:\\?|$)#', $vbulletin->url) or strpos($vbulletin->url, 'do=logout') !== false or !$vbulletin->options['allowmultiregs'] and strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0) {
$forumHome = vB_Library::instance('content_channel')->getForumHomeChannel();
$vbulletin->url = vB5_Route::buildUrl($forumHome['routeid'] . '|fullurl');
} else {
$vbulletin->url = fetch_replaced_session_url($vbulletin->url);
$vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url);
// bug 3654 don't ask why
}
$temp = strpos($vbulletin->url, '?');
if ($temp) {
$formfile = substr($vbulletin->url, 0, $temp);
} else {
$formfile =& $vbulletin->url;
}
$postvars = $vbulletin->GPC['postvars'];
// Legacy Hook 'login_redirect' Removed //
if (!VB_API) {
// recache the global group to get the stuff from the new language
$globalgroup = $vbulletin->db->query_first_slave("\n\t\t\tSELECT phrasegroup_global, languagecode, charset\n\t\t\tFROM " . TABLE_PREFIX . "language\n\t\t\tWHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid']));
if ($globalgroup) {
$vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global']));
if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset']) {
// change the character set in a bunch of places - a total hack
global $headinclude;
$headinclude = str_replace("content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset={$globalgroup['charset']}\"", $headinclude);
vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir');
$vbulletin->userinfo['lang_charset'] = $globalgroup['charset'];
exec_headers();
}
if ($vbulletin->GPC['postvars']) {
$postvars = array();
$client_string = verify_client_string($vbulletin->GPC['postvars']);
if ($client_string) {
$postvars = @json_decode($client_string, true);
}
if ($postvars['securitytoken'] == 'guest') {
$vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['secret']) . sha1(vB_Request_Web::$COOKIE_SALT));
$vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']);
$postvars['securitytoken'] = $vbulletin->userinfo['securitytoken'];
$vbulletin->GPC['postvars'] = sign_client_string(json_encode($postvars));
}
}
vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']);
}
}
if ($vbulletin->GPC['logintype'] === 'cplogin' or $vbulletin->GPC['logintype'] === 'modcplogin') {
require_once DIR . '/includes/adminfunctions.php';
print_cp_redirect($vbulletin->url);
} else {
eval(print_standard_redirect('redirect_login_gfrontredirect', true, true, $vbulletin->userinfo['languageid']));
}
}
