Ejemplo n.º 1
0
function mark_pm_unread_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $input = Tapatalk_Input::filterXmlInput(array('message_id' => Tapatalk_Input::INT), $xmlrpc_params);
    $lang->load("private");
    $parser = new postParser();
    if ($mybb->settings['enablepms'] == 0) {
        return xmlrespfalse($lang->pms_disabled);
    }
    if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**";
        $sql_array = array("pmfolders" => $mybb->user['pmfolders']);
        $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']);
    }
    $rand = my_rand(0, 9);
    if ($rand == 5) {
        update_pm_count();
    }
    $foldernames = array();
    $foldersexploded = explode("\$%%\$", $mybb->user['pmfolders']);
    foreach ($foldersexploded as $key => $folders) {
        $folderinfo = explode("**", $folders, 2);
        $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
        $foldernames[$folderinfo[0]] = $folderinfo[1];
    }
    $sql_array = array("status" => 0, "readtime" => 0);
    $db->update_query("privatemessages", $sql_array, "pmid='{$input['message_id']}' AND uid='" . $mybb->user['uid'] . "'");
    update_pm_count();
    return xmlresptrue();
}
Ejemplo n.º 2
0
function upload_attach_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("member");
    $parser = new postParser();
    $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'group_id' => Tapatalk_Input::STRING, 'content' => Tapatalk_Input::STRING), $xmlrpc_params);
    $fid = $input['forum_id'];
    //return xmlrespfalse(print_r($_FILES, true));
    // Fetch forum information.
    $forum = get_forum($fid);
    if (!$forum) {
        return xmlrespfalse($lang->error_invalidforum);
    }
    $forumpermissions = forum_permissions($fid);
    if ($forum['open'] == 0 || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    // Check if this forum is password protected and we have a valid password
    tt_check_forum_password($forum['fid']);
    $posthash = $input['group_id'];
    if (empty($posthash)) {
        $posthash = md5($mybb->user['uid'] . random_str());
    }
    $mybb->input['posthash'] = $posthash;
    if (!empty($mybb->input['pid'])) {
        $attachwhere = "pid='{$mybb->input['pid']}'";
    } else {
        $attachwhere = "posthash='{$posthash}'";
    }
    $query = $db->simple_select("attachments", "COUNT(aid) as numattachs", $attachwhere);
    $attachcount = $db->fetch_field($query, "numattachs");
    //if(is_array($_FILES['attachment']['name'])){
    foreach ($_FILES['attachment'] as $k => $v) {
        if (is_array($_FILES['attachment'][$k])) {
            $_FILES['attachment'][$k] = $_FILES['attachment'][$k][0];
        }
    }
    //}
    if ($_FILES['attachment']['type'] == 'image/jpg') {
        $_FILES['attachment']['type'] = 'image/jpeg';
    }
    // If there's an attachment, check it and upload it
    if ($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0 && ($mybb->settings['maxattachments'] == 0 || $attachcount < $mybb->settings['maxattachments'])) {
        require_once MYBB_ROOT . "inc/functions_upload.php";
        $attachedfile = upload_attachment($_FILES['attachment'], false);
    }
    if (empty($attachedfile)) {
        return xmlrespfalse("No file uploaded");
    }
    //return xmlrespfalse(print_r($attachedfile, true));
    if ($attachedfile['error']) {
        return xmlrespfalse(implode(" :: ", $attachedfile['error']));
    }
    $result = new xmlrpcval(array('attachment_id' => new xmlrpcval($attachedfile['aid'], 'string'), 'group_id' => new xmlrpcval($posthash, 'string'), 'result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'file_size' => new xmlrpcval($attachedfile['filesize'], 'int')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 3
0
function remove_attachment_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    chdir("../");
    $lang->load("member");
    $parser = new postParser();
    $input = Tapatalk_Input::filterXmlInput(array('attachment_id' => Tapatalk_Input::INT, 'forum_id' => Tapatalk_Input::INT, 'group_id' => Tapatalk_Input::STRING, 'post_id' => Tapatalk_Input::INT), $xmlrpc_params);
    $fid = $input['forum_id'];
    $forum = get_forum($fid);
    if (!$forum) {
        return xmlrespfalse($lang->error_invalidforum);
    }
    $forumpermissions = forum_permissions($fid);
    if ($forum['open'] == 0 || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    tt_check_forum_password($forum['fid']);
    $posthash = $input['group_id'];
    $mybb->input['posthash'] = $posthash;
    // If we're removing an attachment that belongs to an existing post, some security checks...
    $query = $db->simple_select("attachments", "pid", "aid='{$input['attachment_id']}'");
    $attachment = $db->fetch_array($query);
    $pid = $attachment['pid'];
    if ($pid > 0) {
        if ($pid != $input['post_id']) {
            return xmlrespfalse("The attachment you are trying to remove does not belong to this post");
        }
        $query = $db->simple_select("posts", "*", "pid='{$pid}'");
        $post = $db->fetch_array($query);
        if (!$post['pid']) {
            return xmlrespfalse($lang->error_invalidpost);
        }
        // Get thread info
        $tid = $post['tid'];
        $thread = get_thread($tid);
        if (!$thread['tid']) {
            return xmlrespfalse($lang->error_invalidthread);
        }
        if (!is_moderator($fid, "caneditposts")) {
            if ($thread['closed'] == 1) {
                return xmlrespfalse($lang->redirect_threadclosed);
            }
            if ($forumpermissions['caneditposts'] == 0) {
                return tt_no_permission();
            }
            if ($mybb->user['uid'] != $post['uid']) {
                return tt_no_permission();
            }
        }
    } else {
        $pid = 0;
    }
    require_once MYBB_ROOT . "inc/functions_upload.php";
    remove_attachment($pid, $mybb->input['posthash'], $input['attachment_id']);
    return xmlresptrue();
}
Ejemplo n.º 4
0
function subscribe_topic_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("usercp");
    $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::INT), $xmlrpc_params);
    $thread = get_thread($input['topic_id']);
    if (!$thread['tid']) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    $forumpermissions = forum_permissions($thread['fid']);
    if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) {
        return tt_no_permission();
    }
    add_subscribed_thread($thread['tid'], 0);
    return xmlresptrue();
}
Ejemplo n.º 5
0
function get_quote_pm_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    require_once MYBB_ROOT . $mybb->settings['tapatalk_directory'] . '/emoji/emoji.class.php';
    $input = Tapatalk_Input::filterXmlInput(array('message_id' => Tapatalk_Input::INT), $xmlrpc_params);
    $lang->load("private");
    $parser = new postParser();
    if ($mybb->settings['enablepms'] == 0) {
        return xmlrespfalse($lang->pms_disabled);
    }
    if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**";
        $sql_array = array("pmfolders" => $mybb->user['pmfolders']);
        $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']);
    }
    $rand = my_rand(0, 9);
    if ($rand == 5) {
        update_pm_count();
    }
    $foldernames = array();
    $foldersexploded = explode("\$%%\$", $mybb->user['pmfolders']);
    foreach ($foldersexploded as $key => $folders) {
        $folderinfo = explode("**", $folders, 2);
        $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
        $foldernames[$folderinfo[0]] = $folderinfo[1];
    }
    if ($mybb->usergroup['cansendpms'] == 0) {
        return tt_no_permission();
    }
    $query = $db->query("\n\t\tSELECT pm.*, u.username AS quotename\n\t\tFROM " . TABLE_PREFIX . "privatemessages pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=pm.fromid)\n\t\tWHERE pm.pmid='{$input['message_id']}' AND pm.uid='" . $mybb->user['uid'] . "'\n\t");
    $pm = $db->fetch_array($query);
    $message = $pm['message'];
    $subject = $pm['subject'];
    $subject = preg_replace("#(FW|RE):( *)#is", '', $subject);
    $message = "[quote={$pm['quotename']}]\n{$message}\n[/quote]";
    $message = preg_replace('#^/me (.*)$#im', "* " . $pm['quotename'] . " \\1", $message);
    $subject = "Re: {$subject}";
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'msg_id' => new xmlrpcval($pm['pmid'], 'string'), 'msg_subject' => new xmlrpcval($subject, 'base64'), 'text_body' => new xmlrpcval(tapatalkEmoji::covertNameToEmoji($message), 'base64')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 6
0
function create_message_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $pminfo, $pm;
    $input = Tapatalk_Input::filterXmlInput(array('user_name' => Tapatalk_Input::RAW, 'subject' => Tapatalk_Input::STRING, 'text_body' => Tapatalk_Input::STRING, 'action' => Tapatalk_Input::INT, 'pm_id' => Tapatalk_Input::INT), $xmlrpc_params);
    $lang->load("private");
    $parser = new postParser();
    if ($mybb->settings['enablepms'] == 0) {
        return xmlrespfalse($lang->pms_disabled);
    }
    if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**";
        $sql_array = array("pmfolders" => $mybb->user['pmfolders']);
        $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']);
    }
    $rand = my_rand(0, 9);
    if ($rand == 5) {
        update_pm_count();
    }
    if ($mybb->usergroup['cansendpms'] == 0) {
        return tt_no_permission();
    }
    $pmhandler = new PMDataHandler();
    $pm = array("subject" => $input['subject'], "message" => $input['text_body'], "icon" => 0, "fromid" => $mybb->user['uid'], "do" => $input['action'] == 1 ? 'reply' : 'forward', "pmid" => $input['pm_id']);
    $pm['to'] = array_map("trim", $input['user_name']);
    $pm['options'] = array("signature" => 0, "disablesmilies" => 0, "savecopy" => 1, "readreceipt" => 0);
    $pmhandler->set_data($pm);
    if (!$pmhandler->validate_pm()) {
        $pm_errors = $pmhandler->get_friendly_errors();
        return xmlrespfalse(implode(" :: ", $pm_errors));
    } else {
        $pminfo = $pmhandler->insert_pm();
        $plugins->run_hooks("private_do_send_end");
    }
    return xmlresptrue();
}
Ejemplo n.º 7
0
function delete_message_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $input = Tapatalk_Input::filterXmlInput(array('message_id' => Tapatalk_Input::INT, 'box_id' => Tapatalk_Input::INT), $xmlrpc_params);
    $lang->load("private");
    $parser = new postParser();
    if ($mybb->settings['enablepms'] == 0) {
        return xmlrespfalse($lang->pms_disabled);
    }
    if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**";
        $sql_array = array("pmfolders" => $mybb->user['pmfolders']);
        $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']);
    }
    $rand = my_rand(0, 9);
    if ($rand == 5) {
        update_pm_count();
    }
    $foldernames = array();
    $foldersexploded = explode("\$%%\$", $mybb->user['pmfolders']);
    foreach ($foldersexploded as $key => $folders) {
        $folderinfo = explode("**", $folders, 2);
        $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
        $foldernames[$folderinfo[0]] = $folderinfo[1];
    }
    $query = $db->simple_select("privatemessages", "*", "pmid='{$input['message_id']}' AND uid='" . $mybb->user['uid'] . "' AND folder='4'", array('order_by' => 'pmid'));
    if ($db->num_rows($query) == 1) {
        $db->delete_query("privatemessages", "pmid='{$input['message_id']}'");
    } else {
        $sql_array = array("folder" => 4, "deletetime" => TIME_NOW);
        $db->update_query("privatemessages", $sql_array, "pmid='{$input['message_id']}' AND uid='" . $mybb->user['uid'] . "'");
    }
    update_pm_count();
    return xmlresptrue();
}
Ejemplo n.º 8
0
function get_subscribed_forum_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("usercp");
    if ($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0) {
        return tt_no_permission();
    }
    $query = $db->simple_select("forumpermissions", "*", "gid='" . $db->escape_string($mybb->user['usergroup']) . "'");
    while ($permissions = $db->fetch_array($query)) {
        $permissioncache[$permissions['gid']][$permissions['fid']] = $permissions;
    }
    // Build a forum cache.
    $query = $db->query("\n\t\tSELECT f.fid, fr.dateline AS lastread\n\t\tFROM " . TABLE_PREFIX . "forums f\n\t\tLEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')\n\t\tWHERE f.active != 0\n\t\tORDER BY pid, disporder\n\t");
    while ($forum = $db->fetch_array($query)) {
        if ($mybb->user['uid'] == 0) {
            if ($forumsread[$forum['fid']]) {
                $forum['lastread'] = $forumsread[$forum['fid']];
            }
        }
        $readforums[$forum['fid']] = $forum['lastread'];
    }
    require_once MYBB_ROOT . "inc/functions_forumlist.php";
    $fpermissions = forum_permissions();
    $query = $db->query("\n\t\tSELECT fs.*, f.*, t.subject AS lastpostsubject, fr.dateline AS lastread\n\t\tFROM " . TABLE_PREFIX . "forumsubscriptions fs\n\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid = fs.fid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid = f.lastposttid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')\n\t\tWHERE f.type='f' AND fs.uid='" . $mybb->user['uid'] . "'\n\t\tORDER BY f.name ASC\n\t");
    $forums = '';
    $forum_list = array();
    while ($forum = $db->fetch_array($query)) {
        $forumpermissions = $fpermissions[$forum['fid']];
        if ($forumpermissions['canview'] != 0) {
            $lightbulb = get_forum_lightbulb(array('open' => $forum['open'], 'lastread' => $forum['lastread']), array('lastpost' => $forum['lastpost']));
            $forum_list[] = new xmlrpcval(array('forum_id' => new xmlrpcval($forum['fid'], 'string'), 'forum_name' => new xmlrpcval(basic_clean($forum['name']), 'base64'), 'is_protected' => new xmlrpcval(!empty($forum['password']), 'boolean'), 'new_post' => new xmlrpcval($lightbulb['folder'] == 'on', 'boolean')), 'struct');
        }
    }
    $result = new xmlrpcval(array('total_forums_num' => new xmlrpcval(count($forum_list), 'int'), 'forums' => new xmlrpcval($forum_list, 'array')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 9
0
function m_get_moderate_post_func($xmlrpc_params)
{
    global $input, $post, $thread, $forum, $pid, $tid, $fid, $modlogdata, $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $moderation, $parser;
    $input = Tapatalk_Input::filterXmlInput(array('start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT), $xmlrpc_params);
    mod_setup();
    list($start, $limit) = process_page($input['start_num'], $input['last_num']);
    // Load global language phrases
    $lang->load("modcp");
    if ($mybb->user['uid'] == 0 || $mybb->usergroup['canmodcp'] != 1) {
        return tt_no_permission();
    }
    $errors = '';
    // SQL for fetching items only related to forums this user moderates
    $moderated_forums = array();
    if ($mybb->usergroup['issupermod'] != 1) {
        $query = $db->simple_select("moderators", "*", "id='{$mybb->user['uid']}' AND isgroup = '0'");
        while ($forum = $db->fetch_array($query)) {
            $flist .= ",'{$forum['fid']}'";
            $children = get_child_list($forum['fid']);
            if (!empty($children)) {
                $flist .= ",'" . implode("','", $children) . "'";
            }
            $moderated_forums[] = $forum['fid'];
        }
        if ($flist) {
            $tflist = " AND t.fid IN (0{$flist})";
            $flist = " AND fid IN (0{$flist})";
        }
    } else {
        $flist = $tflist = '';
    }
    $forum_cache = $cache->read("forums");
    $query = $db->query("\n        SELECT COUNT(pid) AS unapprovedposts\n        FROM  " . TABLE_PREFIX . "posts p\n        LEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n        WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid\n    ");
    $unapproved_posts = $db->fetch_field($query, "unapprovedposts");
    $query = $db->query("\n        SELECT p.pid, p.subject, p.message, t.subject AS threadsubject, t.tid, u.username, p.uid, t.fid, p.dateline, u.avatar, t.views, t.replies, IF(b.lifted > UNIX_TIMESTAMP() OR b.lifted = 0, 1, 0) as isbanned\n        FROM  " . TABLE_PREFIX . "posts p\n        LEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n        LEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n        LEFT JOIN " . TABLE_PREFIX . "banned b ON (b.uid = p.uid)\n        left join " . TABLE_PREFIX . "forums f on f.fid = t.fid\n        WHERE p.visible='0' {$tflist} AND t.firstpost != p.pid\n        ORDER BY p.dateline DESC\n        LIMIT {$start}, {$limit}\n    ");
    $forumcache = $cache->read("forums");
    $post_list = array();
    while ($post = $db->fetch_array($query)) {
        $post['threadsubject'] = $parser->parse_badwords($post['threadsubject']);
        $forumpermissions = forum_permissions($post['fid']);
        $can_delete = 0;
        if ($mybb->user['uid'] == $post['uid']) {
            if ($forumpermissions['candeletethreads'] == 1 && $post['replies'] == 0) {
                $can_delete = 1;
            } else {
                if ($forumpermissions['candeleteposts'] == 1 && $post['replies'] > 0) {
                    $can_delete = 1;
                }
            }
        }
        $can_delete = (is_moderator($post['fid'], "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0;
        $post_list[] = new xmlrpcval(array('forum_id' => new xmlrpcval($post['fid'], 'string'), 'forum_name' => new xmlrpcval(basic_clean($forumcache[$post['fid']]['name']), 'base64'), 'topic_id' => new xmlrpcval($post['tid'], 'string'), 'topic_title' => new xmlrpcval($post['threadsubject'], 'base64'), 'post_id' => new xmlrpcval($post['pid'], 'string'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_author_name' => new xmlrpcval($post['username'], 'base64'), 'icon_url' => new xmlrpcval(absolute_url($post['avatar']), 'string'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($post['dateline']), 'dateTime.iso8601'), 'short_content' => new xmlrpcval(process_short_content($post['message'], $parser), 'base64'), 'reply_number' => new xmlrpcval($post['replies'], 'int'), 'view_number' => new xmlrpcval($post['views'], 'int'), 'can_delete' => new xmlrpcval($can_delete, 'boolean'), 'can_approve' => new xmlrpcval(is_moderator($post['fid'], "canmanagethreads"), 'boolean'), 'can_move' => new xmlrpcval(is_moderator($post['fid'], "canmovetononmodforum"), 'boolean'), 'can_ban' => new xmlrpcval($mybb->usergroup['canmodcp'] == 1, 'boolean'), 'is_ban' => new xmlrpcval($post['isbanned'], 'boolean'), 'is_approved' => new xmlrpcval(false, 'boolean'), 'is_deleted' => new xmlrpcval(false, 'boolean')), "struct");
    }
    $result = new xmlrpcval(array('total_post_num' => new xmlrpcval($unapproved_posts, 'int'), 'posts' => new xmlrpcval($post_list, 'array')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 10
0
function get_raw_post_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    require_once MYBB_ROOT . $mybb->settings['tapatalk_directory'] . '/emoji/emoji.class.php';
    $lang->load("editpost");
    $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT), $xmlrpc_params);
    // No permission for guests
    if (!$mybb->user['uid']) {
        return tt_no_permission();
    }
    // Get post info
    $pid = $input['post_id'];
    $query = $db->simple_select("posts", "*", "pid='{$pid}'");
    $post = $db->fetch_array($query);
    if (!$post['pid']) {
        return xmlrespfalse($lang->error_invalidpost);
    }
    // Get thread info
    $tid = $post['tid'];
    $thread = get_thread($tid);
    if (!$thread['tid']) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    $thread['subject'] = htmlspecialchars_uni($thread['subject']);
    // Get forum info
    $fid = $post['fid'];
    $forum = get_forum($fid);
    if (!$forum || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    $forumpermissions = forum_permissions($fid);
    if (!is_moderator($fid, "caneditposts")) {
        if ($thread['closed'] == 1) {
            return xmlrespfalse($lang->redirect_threadclosed);
        }
        if ($forumpermissions['caneditposts'] == 0) {
            return tt_no_permission();
        }
        if ($mybb->user['uid'] != $post['uid']) {
            return tt_no_permission();
        }
        // Edit time limit
        $time = TIME_NOW;
        if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) {
            $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
            return xmlrespfalse($lang->edit_time_limit);
        }
    }
    // Check if this forum is password protected and we have a valid password
    tt_check_forum_password($forum['fid']);
    if ($forumpermissions['canpostattachments'] != 0) {
        // Get a listing of the current attachments, if there are any
        $attachcount = 0;
        global $attachcache;
        $query = $db->simple_select("attachments", "*", "pid='{$pid}'");
        $attachments = '';
        while ($attachment = $db->fetch_array($query)) {
            $attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
            $attachcount++;
        }
    }
    $attachment_list = array();
    if ($attachcount) {
        $attachment_list = process_post_attachments($post['pid'], $post, true);
    }
    $result = new xmlrpcval(array('post_id' => new xmlrpcval($post['pid'], 'string'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(tapatalkEmoji::covertNameToEmoji($post['message']), 'base64'), 'attachments' => new xmlrpcval($attachment_list, 'array'), 'group_id' => new xmlrpcval($post['posthash']), 'show_reason' => new xmlrpcval($mybb->settings['alloweditreason'] && version_compare($mybb->version, '1.8.0', '>='), 'boolean'), 'edit_reason' => new xmlrpcval($post['editreason'], 'base64')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 11
0
function get_subscribed_topic_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("usercp");
    $parser = new postParser();
    $input = Tapatalk_Input::filterXmlInput(array('start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT), $xmlrpc_params);
    if ($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0) {
        return tt_no_permission();
    }
    $query = $db->simple_select("forumpermissions", "*", "gid='" . $db->escape_string($mybb->user['usergroup']) . "'");
    while ($permissions = $db->fetch_array($query)) {
        $permissioncache[$permissions['gid']][$permissions['fid']] = $permissions;
    }
    while ($forum = $db->fetch_array($query)) {
        if ($mybb->user['uid'] == 0) {
            if ($forumsread[$forum['fid']]) {
                $forum['lastread'] = $forumsread[$forum['fid']];
            }
        }
        $readforums[$forum['fid']] = $forum['lastread'];
    }
    require_once MYBB_ROOT . "inc/functions_forumlist.php";
    $fpermissions = forum_permissions();
    list($start, $limit) = process_page($input['start_num'], $input['last_num']);
    // Thread visiblity
    $visible = "AND t.visible != 0";
    if (is_moderator() == true) {
        $visible = '';
    }
    // Do Multi Pages
    $query = $db->query("\n\t\tSELECT COUNT(ts.tid) as threads\n\t\tFROM " . TABLE_PREFIX . "threadsubscriptions ts\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid = ts.tid)\n\t\tWHERE ts.uid = '" . $mybb->user['uid'] . "' {$visible}\n\t");
    $threadcount = $db->fetch_field($query, "threads");
    // Fetch subscriptions
    $query = $db->query("\n\t\tSELECT s.*, t.*, t.username AS threadusername, u.username, u.username, u.avatar, if({$mybb->user['uid']} > 0 and s.uid = {$mybb->user['uid']}, 1, 0) as subscribed, po.message, f.name as forumname, IF(b.lifted > UNIX_TIMESTAMP() OR b.lifted = 0, 1, 0) as isbanned\n\t\tFROM " . TABLE_PREFIX . "threadsubscriptions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (s.tid=t.tid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "banned b ON (b.uid = t.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "posts po ON (po.pid = t.firstpost)\n\t\tleft join " . TABLE_PREFIX . "forums f on f.fid = t.fid\n\t\tWHERE s.uid='" . $mybb->user['uid'] . "' {$visible}\n\t\tORDER BY t.lastpost DESC\n\t\tLIMIT {$start}, {$limit}\n\t");
    while ($subscription = $db->fetch_array($query)) {
        $forumpermissions = $fpermissions[$subscription['fid']];
        if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) {
            // Hmm, you don't have permission to view this thread - unsubscribe!
            $del_subscriptions[] = $subscription['tid'];
        } else {
            if ($subscription['tid']) {
                $subscriptions[$subscription['tid']] = $subscription;
            }
        }
    }
    if (is_array($del_subscriptions)) {
        $tids = implode(',', $del_subscriptions);
        if ($tids) {
            $db->delete_query("threadsubscriptions", "tid IN ({$tids}) AND uid='{$mybb->user['uid']}'");
        }
    }
    $topic_list = array();
    if (is_array($subscriptions)) {
        $tids = implode(",", array_keys($subscriptions));
        // Build a forum cache.
        $query = $db->query("\n\t\t\tSELECT f.fid, fr.dateline AS lastread\n\t\t\tFROM " . TABLE_PREFIX . "forums f\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')\n\t\t\tWHERE f.active != 0\n\t\t\tORDER BY pid, disporder\n\t\t");
        while ($forum = $db->fetch_array($query)) {
            if ($mybb->user['uid'] == 0) {
                if ($forumsread[$forum['fid']]) {
                    $forum['lastread'] = $forumsread[$forum['fid']];
                }
            }
            $readforums[$forum['fid']] = $forum['lastread'];
        }
        // Read threads
        if ($mybb->settings['threadreadcut'] > 0) {
            $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})");
            while ($readthread = $db->fetch_array($query)) {
                $subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline'];
            }
        }
        // Now we can build our subscription list
        foreach ($subscriptions as $thread) {
            $bgcolor = alt_trow();
            $folder = '';
            $prefix = '';
            // If this thread has a prefix, insert a space between prefix and subject
            if ($thread['prefix'] != 0) {
                $thread['threadprefix'] .= '&nbsp;';
            }
            // Sanitize
            $thread['subject'] = $parser->parse_badwords($thread['subject']);
            $gotounread = '';
            $isnew = 0;
            $donenew = 0;
            $lastread = 0;
            $unreadpost = 0;
            if ($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) {
                $forum_read = $readforums[$thread['fid']];
                $read_cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24;
                if ($forum_read == 0 || $forum_read < $read_cutoff) {
                    $forum_read = $read_cutoff;
                }
            } else {
                $forum_read = $forumsread[$thread['fid']];
            }
            if ($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read) {
                $cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24;
            }
            if ($thread['lastpost'] > $cutoff) {
                if ($thread['lastpost'] > $cutoff) {
                    if ($thread['lastread']) {
                        $lastread = $thread['lastread'];
                    } else {
                        $lastread = 1;
                    }
                }
            }
            if (!$lastread) {
                $readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']);
                if ($readcookie > $forum_read) {
                    $lastread = $readcookie;
                } else {
                    $lastread = $forum_read;
                }
            }
            if ($thread['lastpost'] > $lastread && $lastread) {
                $unreadpost = 1;
            }
            $topic_list[] = new xmlrpcval(array('forum_id' => new xmlrpcval($thread['fid'], 'string'), 'forum_name' => new xmlrpcval(basic_clean($thread['forumname']), 'base64'), 'topic_id' => new xmlrpcval($thread['tid'], 'string'), 'topic_title' => new xmlrpcval($thread['subject'], 'base64'), 'topic_author_id' => new xmlrpcval($thread['uid'], 'string'), 'post_author_name' => new xmlrpcval($thread['username'], 'base64'), 'can_subscribe' => new xmlrpcval(true, 'boolean'), 'is_subscribed' => new xmlrpcval((bool) $thread['subscribed'], 'boolean'), 'is_closed' => new xmlrpcval((bool) $thread['closed'], 'boolean'), 'short_content' => new xmlrpcval(process_short_content($thread['message'], $parser), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($thread['avatar']), 'string'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($thread['lastpost']), 'dateTime.iso8601'), 'reply_number' => new xmlrpcval($thread['replies'], 'int'), 'view_number' => new xmlrpcval($thread['views'], 'int'), 'new_post' => new xmlrpcval($unreadpost, 'boolean'), 'can_delete' => new xmlrpcval(is_moderator($thread['fid'], "candeleteposts"), 'boolean'), 'can_close' => new xmlrpcval(is_moderator($thread['fid'], "canopenclosethreads"), 'boolean'), 'can_approve' => new xmlrpcval(is_moderator($thread['fid'], "canopenclosethreads"), 'boolean'), 'can_stick' => new xmlrpcval(is_moderator($thread['fid'], "canmanagethreads"), 'boolean'), 'can_merge' => new xmlrpcval(is_moderator($thread['fid'], "canmanagethreads"), 'boolean'), 'can_merge_post' => new xmlrpcval(is_moderator($thread['fid'], "canmanagethreads"), 'boolean'), 'can_move' => new xmlrpcval(is_moderator($thread['fid'], "canmovetononmodforum"), 'boolean'), 'can_ban' => new xmlrpcval($mybb->usergroup['canmodcp'] == 1, 'boolean'), 'can_rename' => new xmlrpcval(false, 'boolean'), 'is_ban' => new xmlrpcval($thread['isbanned'], 'boolean'), 'is_sticky' => new xmlrpcval($thread['sticky'], 'boolean'), 'is_approved' => new xmlrpcval(!!$thread['visible'], 'boolean'), 'is_deleted' => new xmlrpcval(false, 'boolean')), 'struct');
        }
    }
    $result = new xmlrpcval(array('total_topic_num' => new xmlrpcval($threadcount, 'int'), 'topics' => new xmlrpcval($topic_list, 'array')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 12
0
function get_topic_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $time, $mybbgroups;
    $lang->load("member");
    $parser = new postParser();
    $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT, 'mode' => Tapatalk_Input::STRING), $xmlrpc_params);
    $lang->load("forumdisplay");
    $fid = $input['forum_id'];
    $foruminfo = get_forum($fid);
    if (!$foruminfo) {
        return xmlrespfalse($lang->error_invalidforum);
    }
    list($start, $limit) = process_page($input['start_num'], $input['last_num']);
    $forumpermissions = forum_permissions();
    $fpermissions = $forumpermissions[$fid];
    if ($fpermissions['canview'] != 1) {
        return tt_no_permission();
    }
    switch ($input['mode']) {
        case 'TOP':
            $stickyonly = " AND sticky=1 ";
            $tstickyonly = " AND t.sticky=1 ";
            break;
        case 'ANN':
            return get_announcement_list($foruminfo, $fid);
            break;
        default:
            $stickyonly = " AND sticky=0 ";
            $tstickyonly = " AND t.sticky=0 ";
            break;
    }
    if ($mybb->user['uid'] == 0) {
        // Build a forum cache.
        $query = $db->query("\n            SELECT *\n            FROM " . TABLE_PREFIX . "forums\n            WHERE active != 0\n            ORDER BY pid, disporder\n        ");
        $forumsread = unserialize($mybb->cookies['mybb']['forumread']);
        if (!is_array($forumsread)) {
            $forumsread = array();
        }
    } else {
        // Build a forum cache.
        $query = $db->query("\n            SELECT f.*, fr.dateline AS lastread\n            FROM " . TABLE_PREFIX . "forums f\n            LEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')\n            WHERE f.active != 0\n            ORDER BY pid, disporder\n        ");
    }
    while ($forum = $db->fetch_array($query)) {
        if ($mybb->user['uid'] == 0) {
            if ($forumsread[$forum['fid']]) {
                $forum['lastread'] = $forumsread[$forum['fid']];
            }
        }
        $fcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;
    }
    tt_check_forum_password($foruminfo['fid']);
    if ($foruminfo['linkto']) {
        return xmlrespfalse('This forum is a link');
    }
    $visibleonly = "AND visible='1'";
    $tvisibleonly = "AND t.visible='1'";
    // Check if the active user is a moderator and get the inline moderation tools.
    if (is_moderator($fid)) {
        $ismod = true;
        $inlinecount = "0";
        $inlinecookie = "inlinemod_forum" . $fid;
        $visibleonly = " AND (visible='1' OR visible='0')";
        $tvisibleonly = " AND (t.visible='1' OR t.visible='0')";
    } else {
        $inlinemod = '';
        $ismod = false;
    }
    if (is_moderator($fid, "caneditposts") || $fpermissions['caneditposts'] == 1) {
        $can_edit_titles = 1;
    } else {
        $can_edit_titles = 0;
    }
    $t = "t.";
    $sortby = "lastpost";
    $sortfield = "lastpost";
    $sortordernow = "desc";
    $threadcount = 0;
    $useronly = $tuseronly = "";
    if ($fpermissions['canonlyviewownthreads'] == 1) {
        $useronly = "AND uid={$mybb->user['uid']}";
        $tuseronly = "AND t.uid={$mybb->user['uid']}";
    }
    if ($fpermissions['canviewthreads'] != 0) {
        // How many posts are there?
        if ($datecut > 0 || $fpermissions['canonlyviewownthreads'] == 1) {
            $query = $db->simple_select("threads", "COUNT(tid) AS threads", "fid = '{$fid}' {$useronly} {$visibleonly} {$stickyonly}");
            $threadcount = $db->fetch_field($query, "threads");
        } else {
            $query = $db->simple_select("threads", "COUNT(tid) AS threads", "fid = '{$fid}' {$useronly} {$visibleonly} {$stickyonly}", array('limit' => 1));
            $threadcount = $db->fetch_field($query, "threads");
        }
    }
    // count unread stickies
    $query = $db->query("\n        select COUNT(t.tid) AS threads\n        from " . TABLE_PREFIX . "threads t\n        left join " . TABLE_PREFIX . "threadsread tr on t.tid = tr.tid and tr.uid = '{$mybb->user['uid']}'\n        where t.fid = '{$fid}' {$tuseronly} {$tvisibleonly} and t.sticky=1 and (tr.dateline < t.lastpost or tr.dateline is null)\n    ");
    $unreadStickyCount = $db->fetch_field($query, "threads");
    if ($fpermissions['canviewthreads'] != 0) {
        // Start Getting Threads
        $query = $db->query("\n            SELECT t.*, {$ratingadd}{$select_rating_user}t.username AS threadusername, u.username, u.avatar, s.sid as subscribed, po.message, IF(b.lifted > UNIX_TIMESTAMP() OR b.lifted = 0, 1, 0) as isbanned\n            FROM " . TABLE_PREFIX . "threads t\n            LEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid){$select_voting}\n            LEFT JOIN " . TABLE_PREFIX . "banned b ON (b.uid = t.uid) \n            LEFT JOIN " . TABLE_PREFIX . "threadsubscriptions s ON (s.tid = t.tid) AND (s.uid = '{$mybb->user['uid']}')\n            LEFT JOIN " . TABLE_PREFIX . "posts po ON (po.pid = t.firstpost)\n            WHERE t.fid='{$fid}' {$tuseronly} {$tvisibleonly} {$tstickyonly}\n            GROUP BY t.tid\n            ORDER BY t.sticky DESC, {$t}{$sortfield} {$sortordernow} {$sortfield2}\n            LIMIT {$start}, {$limit}\n        ");
        while ($thread = $db->fetch_array($query)) {
            $threadcache[$thread['tid']] = $thread;
            // If this is a moved thread - set the tid for participation marking and thread read marking to that of the moved thread
            if (substr($thread['closed'], 0, 5) == "moved") {
                $tid = substr($thread['closed'], 6);
                if (!$tids[$tid]) {
                    $moved_threads[$tid] = $thread['tid'];
                    $tids[$thread['tid']] = $tid;
                }
            } else {
                $tids[$thread['tid']] = $thread['tid'];
                if ($moved_threads[$tid]) {
                    unset($moved_threads[$tid]);
                }
            }
        }
    } else {
        $threadcache = $tids = null;
    }
    if ($tids) {
        $tids = implode(",", $tids);
    }
    if ($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $threadcache) {
        $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})");
        while ($post = $db->fetch_array($query)) {
            if ($moved_threads[$post['tid']]) {
                $post['tid'] = $moved_threads[$post['tid']];
            }
            if ($threadcache[$post['tid']]) {
                $threadcache[$post['tid']]['doticon'] = 1;
            }
        }
    }
    if ($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0 && $threadcache) {
        $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})");
        while ($readthread = $db->fetch_array($query)) {
            if ($moved_threads[$readthread['tid']]) {
                $readthread['tid'] = $moved_threads[$readthread['tid']];
            }
            if ($threadcache[$readthread['tid']]) {
                $threadcache[$readthread['tid']]['lastread'] = $readthread['dateline'];
            }
        }
    }
    if ($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) {
        $query = $db->simple_select("forumsread", "dateline", "fid='{$fid}' AND uid='{$mybb->user['uid']}'");
        $forum_read = $db->fetch_field($query, "dateline");
        $read_cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24;
        if ($forum_read == 0 || $forum_read < $read_cutoff) {
            $forum_read = $read_cutoff;
        }
    } else {
        $forum_read = my_get_array_cookie("forumread", $fid);
    }
    $threads = '';
    $load_inline_edit_js = 0;
    $topic_list = array();
    if (is_array($threadcache)) {
        reset($threadcache);
        foreach ($threadcache as $thread) {
            $unreadpost = false;
            $moved = explode("|", $thread['closed']);
            $thread['author'] = $thread['uid'];
            if (!$thread['username']) {
                $thread['username'] = $thread['threadusername'];
                $thread['profilelink'] = $thread['threadusername'];
            } else {
                $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']);
            }
            // If this thread has a prefix, insert a space between prefix and subject
            if ($thread['prefix'] != 0) {
                $threadprefix = build_prefixes($thread['prefix']);
                $thread['displayprefix'] = $threadprefix['displaystyle'];
            }
            $thread['subject'] = $parser->parse_badwords($thread['subject']);
            $prefix = '';
            if ($thread['poll']) {
                $prefix = $lang->poll_prefix;
            }
            $thread['posts'] = $thread['replies'] + 1;
            if ($moved[0] == "moved") {
                $prefix = $lang->moved_prefix;
                $thread['replies'] = "-";
                $thread['views'] = "-";
            }
            $gotounread = '';
            $isnew = 0;
            $donenew = 0;
            if ($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read) {
                if ($thread['lastread']) {
                    $last_read = $thread['lastread'];
                } else {
                    $last_read = $read_cutoff;
                }
            } else {
                $last_read = my_get_array_cookie("threadread", $thread['tid']);
            }
            if ($forum_read > $last_read) {
                $last_read = $forum_read;
            }
            if ($thread['lastpost'] > $last_read && $moved[0] != "moved") {
                $folder .= "new";
                $folder_label .= $lang->icon_new;
                $new_class = "subject_new";
                $unreadpost = true;
            } else {
                $folder_label .= $lang->icon_no_new;
                $new_class = "subject_old";
            }
            if (!empty($thread['closed'])) {
                $moved = explode("|", $thread['closed']);
                if ($moved[0] == "moved") {
                    $thread['subject'] = $lang->moved_prefix . ' ' . $thread['subject'];
                }
            }
            $new_topic = array('forum_id' => new xmlrpcval($thread['fid'], 'string'), 'topic_id' => new xmlrpcval($thread['tid'], 'string'), 'topic_title' => new xmlrpcval(basic_clean($thread['subject']), 'base64'), 'prefix' => new xmlrpcval(basic_clean($thread['displayprefix']), 'base64'), 'topic_author_id' => new xmlrpcval($thread['uid'], 'string'), 'topic_author_name' => new xmlrpcval(basic_clean($thread['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($thread['avatar']), 'string'), 'last_reply_time' => new xmlrpcval(mobiquo_iso8601_encode($thread['lastpost']), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval($thread['lastpost'], 'string'), 'short_content' => new xmlrpcval(process_short_content($thread['message'], $parser), 'base64'), 'reply_number' => new xmlrpcval(intval($thread['replies']), 'int'), 'view_number' => new xmlrpcval(intval($thread['views']), 'int'), 'is_approved' => new xmlrpcval($thread['visible'], 'boolean'), 'is_moved' => new xmlrpcval(isset($moved[0]) && $moved[0] == "moved" ? true : false, 'boolean'), 'real_topic_id' => new xmlrpcval(isset($moved[1]) ? $moved[1] : $thread['tid']));
            $forumpermissions = forum_permissions($thread['fid']);
            if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) {
                $new_topic['can_subscribe'] = new xmlrpcval(false, 'boolean');
            } else {
                $new_topic['can_subscribe'] = new xmlrpcval(true, 'boolean');
            }
            //can_rename topic
            $can_rename = (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $thread['uid']) && $mybb->user['uid'] != 0;
            if ($unreadpost) {
                $new_topic['new_post'] = new xmlrpcval(true, 'boolean');
            }
            if ($thread['sticky']) {
                $new_topic['is_sticky'] = new xmlrpcval(true, 'boolean');
            }
            if (!empty($thread['subscribed'])) {
                $new_topic['is_subscribed'] = new xmlrpcval(true, 'boolean');
            } else {
                $new_topic['is_subscribed'] = new xmlrpcval(false, 'boolean');
            }
            if ($thread['closed']) {
                $new_topic['is_closed'] = new xmlrpcval(true, 'boolean');
            }
            if ($thread['isbanned']) {
                $new_topic['is_ban'] = new xmlrpcval(true, 'boolean');
            }
            if ($mybb->usergroup['canmodcp'] == 1) {
                $new_topic['can_ban'] = new xmlrpcval(true, 'boolean');
            }
            if (is_moderator($fid, "canmanagethreads")) {
                $new_topic['can_move'] = new xmlrpcval(true, 'boolean');
                $new_topic['can_merge'] = new xmlrpcval(true, 'boolean');
                $new_topic['can_merge_post'] = new xmlrpcval(true, 'boolean');
            }
            if (is_moderator($fid, "canopenclosethreads")) {
                $new_topic['can_close'] = new xmlrpcval(true, 'boolean');
            }
            if (is_moderator($fid, "candeleteposts")) {
                $new_topic['can_delete'] = new xmlrpcval(true, 'boolean');
            }
            if (is_moderator($fid, "canmanagethreads")) {
                $new_topic['can_stick'] = new xmlrpcval(true, 'boolean');
            }
            if (is_moderator($fid, "canopenclosethreads")) {
                $new_topic['can_approve'] = new xmlrpcval(true, 'boolean');
            }
            if ($can_rename) {
                $new_topic['can_rename'] = new xmlrpcval(true, 'boolean');
            }
            $topic_list[] = new xmlrpcval($new_topic, 'struct');
        }
        $customthreadtools = '';
    }
    // If there are no unread threads in this forum and no unread child forums - mark it as read
    require_once MYBB_ROOT . "inc/functions_indicators.php";
    if (fetch_unread_count($fid) == 0 && $unread_forums == 0) {
        mark_forum_read($fid);
    }
    $prefix_list = array();
    // Does this user have additional groups?
    if ($mybb->user['additionalgroups']) {
        $exp = explode(",", $mybb->user['additionalgroups']);
        // Because we like apostrophes...
        $imps = array();
        foreach ($exp as $group) {
            $imps[] = "'{$group}'";
        }
        $additional_groups = implode(",", $imps);
        $extra_sql = "groups IN ({$additional_groups}) OR ";
    } else {
        $extra_sql = '';
    }
    if ($mybb->version_code >= 1600 && $mybb->user['uid']) {
        $prefixes = get_prefix_list($fid);
        foreach ($prefixes as $prefix) {
            $prefix_list[] = new xmlrpcval(array('prefix_id' => new xmlrpcval($prefix['pid'], "string"), 'prefix_display_name' => new xmlrpcval(basic_clean($prefix['prefix']), "base64")), "struct");
        }
    }
    $read_only_forums = explode(",", $settings['tapatalk_forum_read_only']);
    $can_post = true;
    if (empty($read_only_forums) || !is_array($read_only_forums)) {
        $read_only_forums = array();
    }
    if (!($foruminfo['type'] == "f" && $foruminfo['open'] != 0 && $mybb->user['uid'] > 0 && $mybb->usergroup['canpostthreads']) || in_array($fid, $read_only_forums)) {
        $can_post = false;
    }
    $result = array('total_topic_num' => new xmlrpcval($threadcount, 'int'), 'forum_id' => new xmlrpcval($fid, 'string'), 'forum_name' => new xmlrpcval(basic_clean($foruminfo['name']), 'base64'), 'can_post' => new xmlrpcval($can_post, 'boolean'), 'prefixes' => new xmlrpcval($prefix_list, 'array'), 'can_upload' => new xmlrpcval($fpermissions['canpostattachments'], 'boolean'));
    if ($unreadStickyCount) {
        $result['unread_sticky_count'] = new xmlrpcval($unreadStickyCount, 'int');
    }
    if ($mybb->user['uid']) {
        $query = $db->simple_select("forumsubscriptions", "fid", "fid='" . $fid . "' AND uid='{$mybb->user['uid']}'", array('limit' => 1));
        if ($db->fetch_field($query, 'fid')) {
            $result['is_subscribed'] = new xmlrpcval(true, 'boolean');
        }
    }
    $result['topics'] = new xmlrpcval($topic_list, 'array');
    return new xmlrpcresp(new xmlrpcval($result, 'struct'));
}
Ejemplo n.º 13
0
function reply_post_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $tid, $pid, $visible, $thread, $post;
    $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'topic_id' => Tapatalk_Input::INT, 'subject' => Tapatalk_Input::STRING, 'text_body' => Tapatalk_Input::STRING, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params);
    $lang->load("newreply");
    $parser = new Tapatalk_Parser();
    $tid = $input['topic_id'];
    $options = array("limit" => 1);
    $query = $db->simple_select("threads", "*", "tid='" . $tid . "'");
    if ($db->num_rows($query) == 0) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    $thread = $db->fetch_array($query);
    $fid = $thread['fid'];
    // Get forum info
    $forum = get_forum($fid);
    if (!$forum) {
        return xmlrespfalse($lang->error_invalidforum);
    }
    $forumpermissions = forum_permissions($fid);
    if ($thread['visible'] == 0 && !is_moderator($fid) || $thread['visible'] < 0) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    if ($forum['open'] == 0 || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    if ($forumpermissions['canonlyviewthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) {
        return tt_no_permission();
    }
    tt_check_forum_password($forum['fid']);
    // Check to see if the thread is closed, and if the user is a mod.
    if (!is_moderator($fid, "caneditposts")) {
        if ($thread['closed'] == 1) {
            return xmlrespfalse($lang->redirect_threadclosed);
        }
    }
    // Is the currently logged in user a moderator of this forum?
    if (is_moderator($fid)) {
        $ismod = true;
    } else {
        $ismod = false;
    }
    if (!empty($input['group_id'])) {
        $posthash = $input['group_id'];
    } else {
        $posthash = md5($thread['tid'] . $mybb->user['uid'] . random_str());
    }
    if ($mybb->settings['maxposts'] > 0 && $mybb->usergroup['cancp'] != 1) {
        $daycut = TIME_NOW - 60 * 60 * 24;
        $query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}");
        $post_count = $db->fetch_field($query, "posts_today");
        if ($post_count >= $mybb->settings['maxposts']) {
            $lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']);
            return xmlrespfalse($lang->error_maxposts);
        }
    }
    $username = $mybb->user['username'];
    $uid = $mybb->user['uid'];
    $user_check = "p.uid='{$uid}'";
    if (version_compare($mybb->version, '1.8.0', '<')) {
        $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->input['subject']) . "' AND p.message='" . $db->escape_string($mybb->input['message']) . "' AND p.posthash='" . $db->escape_string($mybb->input['posthash']) . "' AND p.visible != '-2'");
    } else {
        $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->get_input('subject')) . "' AND p.message='" . $db->escape_string($mybb->get_input('message')) . "' AND p.visible != '-2' AND p.dateline>" . (TIME_NOW - 600));
    }
    $duplicate_check = $db->fetch_field($query, "pid");
    if ($duplicate_check) {
        return xmlrespfalse($lang->error_post_already_submitted);
    }
    require_once MYBB_ROOT . "inc/datahandlers/post.php";
    $posthandler = new PostDataHandler("insert");
    $post = array("tid" => $input['topic_id'], "replyto" => 0, "fid" => $thread['fid'], "subject" => $input['subject'], "icon" => 0, "uid" => $uid, "username" => $username, "message" => $input['text_body'], "ipaddress" => get_ip(), "posthash" => $posthash);
    if ($mybb->input['pid']) {
        $post['pid'] = $mybb->input['pid'];
    }
    $post['savedraft'] = 0;
    // Set up the post options from the input.
    $post['options'] = array("signature" => 1, "subscriptionmethod" => $mybb->user['subscriptionmethod'] == 0 ? '' : $mybb->user['subscriptionmethod'], "disablesmilies" => 0);
    $post['modoptions']['stickthread'] = $thread['sticky'];
    $post['modoptions']['closethread'] = $thread['closed'];
    $posthandler->set_data($post);
    // Now let the post handler do all the hard work.
    $valid_post = $posthandler->validate_post();
    $post_errors = array();
    // Fetch friendly error messages if this is an invalid post
    if (!$valid_post) {
        $post_errors = $posthandler->get_friendly_errors();
    }
    // Mark thread as read
    require_once MYBB_ROOT . "inc/functions_indicators.php";
    mark_thread_read($tid, $fid);
    // One or more errors returned, fetch error list and throw to newreply page
    if (count($post_errors) > 0) {
        return xmlrespfalse(implode(" :: ", $post_errors));
    } else {
        $postinfo = $posthandler->insert_post();
        $pid = $postinfo['pid'];
        $visible = $postinfo['visible'];
        tapatalk_push_reply();
        tapatalk_push_quote();
        tapatalk_push_tag();
        // Deciding the fate
        if ($visible == -2) {
            $state = 1;
        } elseif ($visible == 1) {
            $state = 0;
        } else {
            $state = 1;
        }
    }
    $pid = intval($pid);
    if (!empty($input['group_id_esc'])) {
        $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'");
    }
    // update thread attachment account
    if (count($input['attachment_id_array']) > 0) {
        update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array'])));
    }
    $post = get_post($pid);
    $parser_options = array();
    $parser_options['allow_html'] = false;
    $parser_options['allow_mycode'] = true;
    $parser_options['allow_smilies'] = false;
    $parser_options['allow_imgcode'] = true;
    $parser_options['allow_videocode'] = true;
    $parser_options['nl2br'] = (bool) $input['return_html'];
    $parser_options['filter_badwords'] = 1;
    if (!$post['username']) {
        $post['username'] = $lang->guest;
    }
    if ($post['userusername']) {
        $parser_options['me_username'] = $post['userusername'];
    } else {
        $parser_options['me_username'] = $post['username'];
    }
    $post['message'] = post_bbcode_clean($post['message']);
    $post['message'] = $parser->parse_message($post['message'], $parser_options);
    global $attachcache;
    $attachcache = array();
    if ($thread['attachmentcount'] > 0) {
        // Now lets fetch all of the attachments for these posts.
        $query = $db->simple_select("attachments", "*", "pid='{$pid}'");
        while ($attachment = $db->fetch_array($query)) {
            $attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
        }
    }
    $attachment_list = process_post_attachments($post['pid'], $post);
    $can_delete = 0;
    if ($mybb->user['uid'] == $post['uid']) {
        if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) {
            $can_delete = 1;
        } else {
            if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) {
                $can_delete = 1;
            }
        }
    }
    $can_delete = (is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0;
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'post_id' => new xmlrpcval($postinfo['pid'], 'string'), 'state' => new xmlrpcval($state, 'int'), 'post_author_id' => new xmlrpcval($mybb->user['uid'], 'string'), 'post_author_name' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($mybb->user['avatar']), 'string'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64'), 'can_edit' => new xmlrpcval(is_moderator($fid, "caneditposts") || $thread['closed'] == 0 && $forumpermissions['caneditposts'] == 1, 'boolean'), 'can_delete' => new xmlrpcval($can_delete, 'boolean'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode(TIME_NOW), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval(TIME_NOW, 'string'), 'attachments' => new xmlrpcval($attachment_list, 'array')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 14
0
function ignore_user_func()
{
    global $mybb, $lang, $db, $cache;
    // Load global language phrases
    $lang->load("usercp");
    if ($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**" . $lang->folder_inbox . "\$%%\$2**" . $lang->folder_sent_items . "\$%%\$3**" . $lang->folder_drafts . "\$%%\$4**" . $lang->folder_trash;
        $db->update_query("users", array('pmfolders' => $mybb->user['pmfolders']), "uid='" . $mybb->user['uid'] . "'");
    }
    $existing_users = array();
    $selected_list = array();
    if ($mybb->input['manage'] == "ignored") {
        if ($mybb->user['ignorelist']) {
            $existing_users = explode(",", $mybb->user['ignorelist']);
        }
    } else {
        if ($mybb->user['ignorelist']) {
            // Create a list of ignored users
            $selected_list = explode(",", $mybb->user['ignorelist']);
        }
    }
    $error_message = "";
    $message = "";
    $users = $mybb->input['user_id'];
    $mode = $mybb->input['mode'];
    // Adding one or more users to this list
    if (!empty($users) && $mode) {
        // Split up any usernames we have
        $found_users = 0;
        $adding_self = false;
        $users = explode(",", $users);
        $users = array_map("trim", $users);
        $users = array_unique($users);
        foreach ($users as $key => $user_id) {
            $user_id = intval($user_id);
            if (empty($user_id)) {
                continue;
            }
            $users[$key] = $user_id;
        }
        // Fetch out new users
        if (count($users) > 0) {
            $query = $db->simple_select("users", "uid", "uid IN ('" . implode("','", $users) . "')");
            while ($user = $db->fetch_array($query)) {
                ++$found_users;
                // Make sure we're not adding a duplicate
                if (in_array($user['uid'], $existing_users) || in_array($user['uid'], $selected_list)) {
                    if ($mybb->input['manage'] == "ignored") {
                        $error_message = "ignore";
                    } else {
                        $error_message = "buddy";
                    }
                    // On another list?
                    $string = "users_already_on_" . $error_message . "_list";
                    if (in_array($user['uid'], $selected_list)) {
                        $string .= "_alt";
                    }
                    $error_message = $lang->{$string};
                    array_pop($users);
                    // To maintain a proper count when we call count($users)
                    continue;
                }
                $existing_users[] = $user['uid'];
            }
        }
        if ($found_users < count($users)) {
            if ($error_message) {
                $error_message .= "<br />";
            }
            $error_message .= $lang->invalid_user_selected;
        }
        if (($adding_self != true || $adding_self == true && count($users) > 0) && ($error_message == "" || count($users) > 1)) {
            if ($mybb->input['manage'] == "ignored") {
                $message = $lang->users_added_to_ignore_list;
            } else {
                $message = $lang->users_added_to_buddy_list;
            }
        }
        if ($adding_self == true) {
            if ($mybb->input['manage'] == "ignored") {
                $error_message = $lang->cant_add_self_to_ignore_list;
            } else {
                $error_message = $lang->cant_add_self_to_buddy_list;
            }
        }
        if (count($existing_users) == 0) {
            $message = "";
        }
    } else {
        if ($mode == 0 && !empty($users)) {
            // Check if user exists on the list
            $key = array_search($users, $existing_users);
            if ($key !== false) {
                unset($existing_users[$key]);
                $user = get_user($users);
                if ($mybb->input['manage'] == "ignored") {
                    $message = $lang->removed_from_ignore_list;
                } else {
                    $message = $lang->removed_from_buddy_list;
                }
                $message = $lang->sprintf($message, $user['username']);
            } else {
                $error_message = $lang->invalid_user_selected;
            }
        }
    }
    if ($error_message) {
        return xmlrespfalse($error_message);
    }
    if (empty($message)) {
        return xmlresperror($lang->invalid_user_selected);
    }
    // Now we have the new list, so throw it all back together
    $new_list = implode(",", $existing_users);
    // And clean it up a little to ensure there is no possibility of bad values
    $new_list = preg_replace("#,{2,}#", ",", $new_list);
    $new_list = preg_replace("#[^0-9,]#", "", $new_list);
    if (my_substr($new_list, 0, 1) == ",") {
        $new_list = my_substr($new_list, 1);
    }
    if (my_substr($new_list, -1) == ",") {
        $new_list = my_substr($new_list, 0, my_strlen($new_list) - 2);
    }
    // And update
    $user = array();
    if ($mybb->input['manage'] == "ignored") {
        $user['ignorelist'] = $db->escape_string($new_list);
        $mybb->user['ignorelist'] = $user['ignorelist'];
    } else {
        $user['buddylist'] = $db->escape_string($new_list);
        $mybb->user['buddylist'] = $user['buddylist'];
    }
    $db->update_query("users", $user, "uid='" . $mybb->user['uid'] . "'");
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval(strip_tags($message), 'base64')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 15
0
function get_message_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $input = Tapatalk_Input::filterXmlInput(array('message_id' => Tapatalk_Input::INT, 'box_id' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params);
    $lang->load("private");
    $parser = new postParser();
    if ($mybb->settings['enablepms'] == 0) {
        return xmlrespfalse($lang->pms_disabled);
    }
    if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**";
        $sql_array = array("pmfolders" => $mybb->user['pmfolders']);
        $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']);
    }
    $rand = my_rand(0, 9);
    if ($rand == 5) {
        update_pm_count();
    }
    $foldernames = array();
    $foldersexploded = explode("\$%%\$", $mybb->user['pmfolders']);
    foreach ($foldersexploded as $key => $folders) {
        $folderinfo = explode("**", $folders, 2);
        $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
        $foldernames[$folderinfo[0]] = $folderinfo[1];
    }
    $pmid = $input['message_id'];
    $query = $db->query("\n\t\tSELECT pm.*, u.*, f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.namestyle\n\t\tFROM " . TABLE_PREFIX . "privatemessages pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=pm.fromid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (g.gid=u.usergroup)\n\t\tWHERE pm.pmid='{$pmid}' AND pm.uid='" . $mybb->user['uid'] . "'\n\t");
    $pm = $db->fetch_array($query);
    if ($pm['folder'] == 3) {
        return xmlrespfalse("Draft PMs are not supported by Tapatalk");
    }
    if (!$pm['pmid']) {
        return xmlrespfalse($lang->error_invalidpm);
    }
    $parser = new Tapatalk_Parser();
    $parser_options = array();
    $parser_options['allow_html'] = false;
    $parser_options['allow_mycode'] = true;
    $parser_options['allow_smilies'] = false;
    $parser_options['allow_imgcode'] = true;
    $parser_options['allow_videocode'] = true;
    $parser_options['nl2br'] = (bool) $input['return_html'];
    $parser_options['filter_badwords'] = 1;
    $pm['message'] = post_bbcode_clean($pm['message']);
    $pm['message'] = $parser->parse_message($pm['message'], $parser_options);
    if ($pm['receipt'] == 1) {
        if ($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $mybb->input['denyreceipt'] == 1) {
            $receiptadd = 0;
        } else {
            $receiptadd = 2;
        }
    }
    if ($pm['status'] == 0) {
        $time = TIME_NOW;
        $updatearray = array('status' => 1, 'readtime' => $time);
        if (isset($receiptadd)) {
            $updatearray['receipt'] = $receiptadd;
        }
        $db->update_query('privatemessages', $updatearray, "pmid='{$pmid}'");
        // Update the unread count - it has now changed.
        update_pm_count($mybb->user['uid'], 6);
        // Update PM notice value if this is our last unread PM
        if ($mybb->user['unreadpms'] - 1 <= 0 && $mybb->user['pmnotice'] == 2) {
            $updated_user = array("pmnotice" => 1);
            $db->update_query("users", $updated_user, "uid='{$mybb->user['uid']}'");
        }
    }
    $pm['subject'] = $parser->parse_badwords($pm['subject']);
    if ($pm['fromid'] == 0) {
        $pm['username'] = $lang->mybb_engine;
    }
    if (!$pm['username']) {
        $pm['username'] = $lang->na;
    }
    // Fetch the recipients for this message
    $pm['recipients'] = @unserialize($pm['recipients']);
    if (is_array($pm['recipients']['to'])) {
        $uid_sql = implode(',', $pm['recipients']['to']);
        foreach ($pm['recipients']['to'] as $uid) {
            $user = get_user($uid);
            $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct');
            if (($pm['folder'] == 2 or $pm['folder'] == 3) && !$avatar) {
                $avatar = $user['avatar'];
            }
        }
    } else {
        $user = get_user($pm['toid']);
        $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct');
        if ($pm['folder'] == 2 or $pm['folder'] == 3) {
            $avatar = $user['avatar'];
        }
    }
    $show_bcc = 0;
    // If we have any BCC recipients and this user is an Administrator, add them on to the query
    if (count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1) {
        foreach ($pm['recipients']['bcc'] as $uid) {
            $user = get_user($uid);
            $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct');
        }
    }
    if (!$avatar) {
        $avatar = $pm['avatar'];
    }
    //$display_user = ($box_id == 'inbox') ? $message['from'] : $msg_to[0];
    $is_online = false;
    $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
    if ($pm['lastactive'] > $timecut && ($pm['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $pm['lastvisit'] != $pm['lastactive']) {
        $is_online = true;
    }
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'msg_from' => new xmlrpcval($pm['username'], 'base64'), 'msg_from_id' => new xmlrpcval($pm['fromid'], 'string'), 'msg_to' => new xmlrpcval($msg_to_list, 'array'), 'icon_url' => new xmlrpcval(absolute_url($avatar), 'string'), 'sent_date' => new xmlrpcval(mobiquo_iso8601_encode($pm['dateline']), 'dateTime.iso8601'), 'msg_subject' => new xmlrpcval($pm['subject'], 'base64'), 'text_body' => new xmlrpcval(process_post($pm['message'], $input['return_html']), 'base64'), 'is_online' => new xmlrpcval($is_online, 'boolean'), 'allow_smilies' => new xmlrpcval(true, 'boolean')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 16
0
function report_post_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'reason' => Tapatalk_Input::STRING), $xmlrpc_params);
    $lang->load("report");
    if ($mybb->usergroup['canview'] == 0 || !$mybb->user['uid']) {
        return tt_no_permission();
    }
    $post = get_post($input['post_id']);
    if (!$post['pid']) {
        return xmlrespfalse($lang->error_invalidpost);
    }
    $forum = get_forum($post['fid']);
    if (!$forum) {
        $error = $lang->error_invalidforum;
        eval("\$report_error = \"" . $templates->get("report_error") . "\";");
        output_page($report_error);
        exit;
    }
    tt_check_forum_password($forum['parentlist']);
    $thread = get_thread($post['tid']);
    if (version_compare($mybb->version, '1.8.0', '<')) {
        if ($mybb->settings['reportmethod'] == "email" || $mybb->settings['reportmethod'] == "pms") {
            $query = $db->query("\n\t\t\t\tSELECT DISTINCT u.username, u.email, u.receivepms, u.uid\n\t\t\t\tFROM " . TABLE_PREFIX . "moderators m\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=m.id)\n\t\t\t\tWHERE m.fid IN (" . $forum['parentlist'] . ") AND m.isgroup = '0'\n\t\t\t");
            $nummods = $db->num_rows($query);
            if (!$nummods) {
                unset($query);
                switch ($db->type) {
                    case "pgsql":
                    case "sqlite":
                        $query = $db->query("\n\t\t\t\t\t\t\tSELECT u.username, u.email, u.receivepms, u.uid\n\t\t\t\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))\n\t\t\t\t\t\t\tWHERE (g.cancp=1 OR g.issupermod=1)\n\t\t\t\t\t\t");
                        break;
                    default:
                        $query = $db->query("\n\t\t\t\t\t\t\tSELECT u.username, u.email, u.receivepms, u.uid\n\t\t\t\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid))\n\t\t\t\t\t\t\tWHERE (g.cancp=1 OR g.issupermod=1)\n\t\t\t\t\t\t");
                }
            }
            while ($mod = $db->fetch_array($query)) {
                $emailsubject = $lang->sprintf($lang->emailsubject_reportpost, $mybb->settings['bbname']);
                $emailmessage = $lang->sprintf($lang->email_reportpost, $mybb->user['username'], $mybb->settings['bbname'], $post['subject'], $mybb->settings['bburl'], str_replace('&amp;', '&', get_post_link($post['pid'], $thread['tid']) . "#pid" . $post['pid']), $thread['subject'], $input['reason']);
                if ($mybb->settings['reportmethod'] == "pms" && $mod['receivepms'] != 0 && $mybb->settings['enablepms'] != 0) {
                    $pm_recipients[] = $mod['uid'];
                } else {
                    my_mail($mod['email'], $emailsubject, $emailmessage);
                }
            }
            if (count($pm_recipients) > 0) {
                $emailsubject = $lang->sprintf($lang->emailsubject_reportpost, $mybb->settings['bbname']);
                $emailmessage = $lang->sprintf($lang->email_reportpost, $mybb->user['username'], $mybb->settings['bbname'], $post['subject'], $mybb->settings['bburl'], str_replace('&amp;', '&', get_post_link($post['pid'], $thread['tid']) . "#pid" . $post['pid']), $thread['subject'], $input['reason']);
                require_once MYBB_ROOT . "inc/datahandlers/pm.php";
                $pmhandler = new PMDataHandler();
                $pm = array("subject" => $emailsubject, "message" => $emailmessage, "icon" => 0, "fromid" => $mybb->user['uid'], "toid" => $pm_recipients);
                $pmhandler->admin_override = true;
                $pmhandler->set_data($pm);
                // Now let the pm handler do all the hard work.
                if (!$pmhandler->validate_pm()) {
                    // Force it to valid to just get it out of here
                    $pmhandler->is_validated = true;
                    $pmhandler->errors = array();
                }
                $pminfo = $pmhandler->insert_pm();
            }
        } else {
            $reportedpost = array("pid" => $input['post_id'], "tid" => $thread['tid'], "fid" => $thread['fid'], "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "reportstatus" => 0, "reason" => $db->escape_string(htmlspecialchars_uni($input['reason'])));
            $db->insert_query("reportedposts", $reportedpost);
            $cache->update_reportedposts();
        }
    } else {
        require_once MYBB_ROOT . 'inc/functions_modcp.php';
        $plugins->run_hooks("report_do_report_start");
        $id = $post['pid'];
        $id2 = $post['tid'];
        $id3 = $forum['fid'];
        $report_type = 'post';
        $report_type_db = "(type = 'post' OR type = '')";
        if (!empty($report_type_db)) {
            $query = $db->simple_select("reportedcontent", "*", "reportstatus != '1' AND id = '{$id}' AND {$report_type_db}");
            if ($db->num_rows($query)) {
                // Existing report
                $report = $db->fetch_array($query);
                $report['reporters'] = my_unserialize($report['reporters']);
                if ($mybb->user['uid'] == $report['uid'] || is_array($report['reporters']) && in_array($mybb->user['uid'], $report['reporters'])) {
                    $error = $lang->success_report_voted;
                }
            }
        }
        // Is this an existing report or a new offender?
        if (!empty($report)) {
            // Existing report, add vote
            $report['reporters'][] = $mybb->user['uid'];
            update_report($report);
            //$plugins->run_hooks("report_do_report_end");
        } else {
            // Bad user!
            $new_report = array('id' => $id, 'id2' => $id2, 'id3' => $id3, 'uid' => $mybb->user['uid']);
            // Figure out the reason
            $reason = trim($input['reason']);
            if ($reason == 'other') {
                // Replace the reason with the user comment
                $reason = trim($mybb->get_input('comment'));
            } else {
                $report_reason_string = "report_reason_{$reason}";
                //$reason = "\n".$lang->$report_reason_string;
            }
            if (my_strlen($reason) < 3) {
                $error = $lang->error_report_length;
            }
            if (empty($error)) {
                $new_report['reason'] = $reason;
                add_report($new_report, $report_type);
            } else {
                error($error);
            }
        }
    }
    return xmlresptrue();
}
Ejemplo n.º 17
0
function get_box_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $input = Tapatalk_Input::filterXmlInput(array('box_id' => Tapatalk_Input::INT, 'start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT), $xmlrpc_params);
    list($start, $limit) = process_page($input['start_num'], $input['last_num']);
    $lang->load("private");
    $parser = new postParser();
    if ($mybb->settings['enablepms'] == 0) {
        return xmlrespfalse($lang->pms_disabled);
    }
    if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**";
        $sql_array = array("pmfolders" => $mybb->user['pmfolders']);
        $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']);
    }
    $rand = my_rand(0, 9);
    if ($rand == 5) {
        update_pm_count();
    }
    $foldernames = array();
    $foldersexploded = explode("\$%%\$", $mybb->user['pmfolders']);
    foreach ($foldersexploded as $key => $folders) {
        $folderinfo = explode("**", $folders, 2);
        $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
        $foldernames[$folderinfo[0]] = $folderinfo[1];
    }
    if (!$input['box_id'] || !array_key_exists($input['box_id'], $foldernames)) {
        $input['box_id'] = 1;
    }
    $folder = $input['box_id'];
    $foldername = $foldernames[$folder];
    $lang->pms_in_folder = $lang->sprintf($lang->pms_in_folder, $foldername);
    if ($folder == 2 || $folder == 3) {
        $sender = $lang->sentto;
    } else {
        $sender = $lang->sender;
    }
    // Do Multi Pages
    $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='" . $mybb->user['uid'] . "' AND folder='{$folder}'");
    $count_total = $db->fetch_field($query, 'total');
    $query = $db->simple_select("privatemessages", "COUNT(*) AS unread", "uid='" . $mybb->user['uid'] . "' AND folder='{$folder}' AND readtime = 0");
    $count_unread = $db->fetch_field($query, 'unread');
    // Get all recipients into an array
    $cached_users = $get_users = array();
    $users_query = $db->simple_select("privatemessages", "recipients", "folder='{$folder}' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $limit, 'order_by' => 'dateline', 'order_dir' => 'DESC'));
    while ($row = $db->fetch_array($users_query)) {
        $recipients = unserialize($row['recipients']);
        if (is_array($recipients['to']) && count($recipients['to'])) {
            $get_users = array_merge($get_users, $recipients['to']);
        }
        if (is_array($recipients['bcc']) && count($recipients['bcc'])) {
            $get_users = array_merge($get_users, $recipients['bcc']);
        }
    }
    $get_users = implode(',', array_unique($get_users));
    // Grab info
    if ($get_users) {
        $users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
        while ($user = $db->fetch_array($users_query)) {
            $cached_users[$user['uid']] = $user;
        }
    }
    $user_online = $folder == 1 ? ', fu.lastactive, fu.invisible, fu.lastvisit ' : ', tu.lastactive, tu.invisible, tu.lastvisit ';
    $query = $db->query("\n\t\tSELECT pm.*, fu.username AS fromusername, tu.username as tousername, fu.avatar as favatar, tu.avatar as tavatar {$user_online}\n\t\tFROM " . TABLE_PREFIX . "privatemessages pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "users fu ON (fu.uid=pm.fromid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "users tu ON (tu.uid=pm.toid)\n\t\tWHERE pm.folder='{$folder}' AND pm.uid='" . $mybb->user['uid'] . "'\n\t\tORDER BY pm.dateline DESC\n\t\tLIMIT {$start}, {$limit}\n\t");
    $message_list = array();
    if ($db->num_rows($query) > 0) {
        while ($message = $db->fetch_array($query)) {
            $status = 1;
            if ($message['status'] == 0) {
                $msgalt = $lang->new_pm;
            } elseif ($message['status'] == 1) {
                $msgalt = $lang->old_pm;
                $status = 2;
            } elseif ($message['status'] == 3) {
                $msgalt = $lang->reply_pm;
                $status = 3;
            } elseif ($message['status'] == 4) {
                $msgalt = $lang->fwd_pm;
                $status = 4;
            }
            $msg_from = null;
            $msg_to = array();
            $avatar = "";
            $outboxdisplayuserid = 0;
            // Sent Items or Drafts Folder Check
            $recipients = unserialize($message['recipients']);
            if (count($recipients['to']) > 1 || count($recipients['to']) == 1 && count($recipients['bcc']) > 0) {
                foreach ($recipients['to'] as $uid) {
                    $profilelink = get_profile_link($uid);
                    $user = $cached_users[$uid];
                    if (!empty($user['username'])) {
                        $msg_to[] = new xmlrpcval(array("username" => new xmlrpcval($user['username'], "base64"), "user_id" => new xmlrpcval($uid, "string"), "user_type" => check_return_user_type($user['username'])), "struct");
                    }
                    if (($folder == 2 or $folder == 3) && !$outboxdisplayuserid) {
                        $outboxdisplayuserid = $uid;
                    }
                }
                /*if(is_array($recipients['bcc']) && count($recipients['bcc']))
                		{
                			foreach($recipients['bcc'] as $uid)
                			{
                				$profilelink = get_profile_link($uid);
                				$user = $cached_users[$uid];
                				$msg_to[]=new xmlrpcval($user['username'], "base64");
                			}
                		}*/
            } else {
                if ($message['toid']) {
                    $tofromusername = $message['tousername'];
                    $tofromuid = $message['toid'];
                    if (!empty($tofromusername)) {
                        $msg_to[] = new xmlrpcval(array("username" => new xmlrpcval($tofromusername, "base64"), "user_id" => new xmlrpcval($message['toid'], "string"), "user_type" => check_return_user_type($tofromusername)), "struct");
                    }
                }
            }
            $avatar = $message['tavatar'];
            if ($folder != 2 && $folder != 3) {
                $tofromusername = $message['fromusername'];
                $tofromuid = $message['fromid'];
                if ($tofromuid == 0) {
                    $tofromusername = $lang->mybb_engine;
                }
                if (!$tofromusername) {
                    $tofromuid = 0;
                    $tofromusername = $lang->na;
                }
                $msg_from = $tofromusername;
                $avatar = $message['favatar'];
            } else {
                if ($outboxdisplayuserid) {
                    $outboxdisplayuser = get_user($outboxdisplayuserid);
                    $avatar = $outboxdisplayuser['avatar'];
                }
            }
            if (!trim($message['subject'])) {
                $message['subject'] = $lang->pm_no_subject;
            }
            $is_online = false;
            $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
            if ($message['lastactive'] > $timecut && ($message['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $message['lastvisit'] != $message['lastactive']) {
                $is_online = true;
            }
            $new_message = array('msg_id' => new xmlrpcval($message['pmid'], 'string'), 'msg_state' => new xmlrpcval($status, 'int'), 'sent_date' => new xmlrpcval(mobiquo_iso8601_encode($message['dateline']), 'dateTime.iso8601'), 'msg_to' => new xmlrpcval($msg_to, 'array'), 'icon_url' => new xmlrpcval(absolute_url($avatar), 'string'), 'msg_subject' => new xmlrpcval($message['subject'], 'base64'), 'short_content' => new xmlrpcval(process_short_content($message['message'], $parser), 'base64'), 'is_online' => new xmlrpcval($is_online, 'boolean'));
            if ($msg_from !== null) {
                $new_message['msg_from'] = new xmlrpcval($msg_from, 'base64');
            }
            $message_list[] = new xmlrpcval($new_message, "struct");
        }
    }
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'total_message_count' => new xmlrpcval($count_total, 'int'), 'total_unread_count' => new xmlrpcval($count_unread, 'int'), 'list' => new xmlrpcval($message_list, 'array')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 18
0
function save_raw_post_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("editpost");
    $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'post_title' => Tapatalk_Input::STRING, 'post_content' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'editreason' => Tapatalk_Input::STRING), $xmlrpc_params);
    $parser = new postParser();
    // No permission for guests
    if (!$mybb->user['uid']) {
        return tt_no_permission();
    }
    // Get post info
    $pid = $input['post_id'];
    $query = $db->simple_select("posts", "*", "pid='{$pid}'");
    $post = $db->fetch_array($query);
    if (empty($input['post_title'])) {
        $input['post_title'] = $post['subject'];
    }
    if (!$post['pid']) {
        return xmlrespfalse($lang->error_invalidpost);
    }
    // Get thread info
    $tid = $post['tid'];
    $thread = get_thread($tid);
    if (!$thread['tid']) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    $thread['subject'] = htmlspecialchars_uni($thread['subject']);
    // Get forum info
    $fid = $post['fid'];
    $forum = get_forum($fid);
    if (!$forum || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    $forumpermissions = forum_permissions($fid);
    if (!is_moderator($fid, "caneditposts")) {
        if ($thread['closed'] == 1) {
            return xmlrespfalse($lang->redirect_threadclosed);
        }
        if ($forumpermissions['caneditposts'] == 0) {
            return tt_no_permission();
        }
        if ($mybb->user['uid'] != $post['uid']) {
            return tt_no_permission();
        }
        // Edit time limit
        $time = TIME_NOW;
        if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) {
            $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
            return xmlrespfalse($lang->edit_time_limit);
        }
    }
    // Check if this forum is password protected and we have a valid password
    tt_check_forum_password($forum['fid']);
    // Set up posthandler.
    require_once MYBB_ROOT . "inc/datahandlers/post.php";
    $posthandler = new PostDataHandler("update");
    $posthandler->action = "post";
    // Set the post data that came from the input to the $post array.
    $post = array("pid" => $pid, "subject" => $input['post_title'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "edit_uid" => $mybb->user['uid'], "message" => $input['post_content']);
    if (version_compare($mybb->version, '1.8.0', '>=') && !empty($input['editreason'])) {
        $post["editreason"] = $input['editreason'];
    }
    // get subscription status
    $query = $db->simple_select("threadsubscriptions", 'notification', "uid='" . intval($mybb->user['uid']) . "' AND tid='" . intval($tid) . "'");
    $substatus = $db->fetch_array($query);
    // Set up the post options from the input.
    $post['options'] = array("signature" => 1, "subscriptionmethod" => isset($substatus['notification']) ? $substatus['notification'] == 1 ? 'instant' : 'none' : '', "disablesmilies" => 0);
    $posthandler->set_data($post);
    // Now let the post handler do all the hard work.
    if (!$posthandler->validate_post()) {
        $post_errors = $posthandler->get_friendly_errors();
        return xmlrespfalse(implode(" :: ", $post_errors));
    } else {
        $postinfo = $posthandler->update_post();
        $visible = $postinfo['visible'];
        $first_post = $postinfo['first_post'];
        // Help keep our attachments table clean.
        $db->delete_query("attachments", "filename='' OR filesize<1");
        if ($visible == 0 && $first_post && !is_moderator($fid, "", $mybb->user['uid'])) {
            $state = 1;
        } else {
            if ($visible == 0 && !is_moderator($fid, "", $mybb->user['uid'])) {
                $state = 1;
            } else {
                $state = 0;
            }
        }
    }
    $pid = intval($pid);
    if (!empty($input['group_id_esc'])) {
        $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'");
    }
    // update thread attachment account
    if (count($input['attachment_id_array']) > 0) {
        update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array'])));
    }
    $post = get_post($pid);
    $parser_options = array();
    $parser_options['allow_html'] = false;
    $parser_options['allow_mycode'] = true;
    $parser_options['allow_smilies'] = false;
    $parser_options['allow_imgcode'] = true;
    $parser_options['allow_videocode'] = true;
    $parser_options['nl2br'] = (bool) $input['return_html'];
    $parser_options['filter_badwords'] = 1;
    if (!$post['username']) {
        $post['username'] = $lang->guest;
    }
    if ($post['userusername']) {
        $parser_options['me_username'] = $post['userusername'];
    } else {
        $parser_options['me_username'] = $post['username'];
    }
    $post['message'] = $parser->parse_message($post['message'], $parser_options);
    $post['subject'] = $parser->parse_badwords($post['subject']);
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'state' => new xmlrpcval($state, 'int'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 19
0
function new_topic_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $thread_info, $pid, $tid, $visible, $fid, $new_thread;
    $lang->load("newthread");
    $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'subject' => Tapatalk_Input::STRING, 'message' => Tapatalk_Input::STRING, 'prefix_id' => Tapatalk_Input::STRING, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING), $xmlrpc_params);
    $fid = $input['forum_id'];
    // Fetch forum information.
    $forum = get_forum($fid);
    if (!$forum) {
        return xmlrespfalse($lang->error_invalidforum);
    }
    $forumpermissions = forum_permissions($fid);
    if ($forum['open'] == 0 || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    // Check if this forum is password protected and we have a valid password
    tt_check_forum_password($forum['fid']);
    // Check the maximum posts per day for this user
    if ($mybb->settings['maxposts'] > 0 && $mybb->usergroup['cancp'] != 1) {
        $daycut = TIME_NOW - 60 * 60 * 24;
        $query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}");
        $post_count = $db->fetch_field($query, "posts_today");
        if ($post_count >= $mybb->settings['maxposts']) {
            $lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']);
            return xmlrespfalse($lang->error_maxposts);
        }
    }
    $username = $mybb->user['username'];
    $uid = $mybb->user['uid'];
    // Attempt to see if this post is a duplicate or not
    if ($uid > 0) {
        $user_check = "p.uid='{$uid}'";
    } else {
        $user_check = "p.ipaddress='" . $db->escape_string($session->ipaddress) . "'";
    }
    if (!$mybb->input['savedraft'] && !$pid) {
        $query = $db->simple_select("posts p", "p.pid", "{$user_check} AND p.fid='{$forum['fid']}' AND p.subject='{$input['subject_esc']}' AND p.message='{$input['message_esc']}'");
        $duplicate_check = $db->fetch_field($query, "pid");
        if ($duplicate_check) {
            return xmlrespfalse($lang->error_post_already_submitted);
        }
    }
    // Set up posthandler.
    require_once MYBB_ROOT . "inc/datahandlers/post.php";
    $posthandler = new PostDataHandler("insert");
    $posthandler->action = "thread";
    // Set the thread data that came from the input to the $thread array.
    $new_thread = array("fid" => $forum['fid'], "subject" => $input['subject'], "prefix" => $input['prefix_id'], "icon" => 0, "uid" => $uid, "username" => $username, "message" => $input['message'], "ipaddress" => get_ip(), "posthash" => $input['group_id_esc']);
    $new_thread['savedraft'] = 0;
    // Set up the thread options from the input.
    $new_thread['options'] = array("signature" => 1, "subscriptionmethod" => $mybb->user['subscriptionmethod'] == 0 ? '' : $mybb->user['subscriptionmethod'], "disablesmilies" => 0);
    $posthandler->set_data($new_thread);
    // Now let the post handler do all the hard work.
    $valid_thread = $posthandler->validate_thread();
    $post_errors = array();
    // Fetch friendly error messages if this is an invalid thread
    if (!$valid_thread) {
        $post_errors = $posthandler->get_friendly_errors();
        return xmlrespfalse(implode(" :: ", $post_errors));
    }
    $thread_info = $posthandler->insert_thread();
    $tid = $thread_info['tid'];
    $pid = $thread_info['pid'];
    $visible = $thread_info['visible'];
    if ($pid != '') {
        if (!empty($input['group_id_esc'])) {
            $db->update_query("attachments", array("pid" => intval($pid)), "posthash='{$input['group_id_esc']}'");
        }
    }
    tapatalk_push_newtopic();
    tapatalk_push_quote();
    tapatalk_push_tag();
    // Mark thread as read
    require_once MYBB_ROOT . "inc/functions_indicators.php";
    mark_thread_read($tid, $fid);
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'topic_id' => new xmlrpcval($tid, 'string'), 'state' => new xmlrpcval($visible ? 0 : 1, 'int')), 'struct');
    return new xmlrpcresp($result);
}
Ejemplo n.º 20
0
function get_box_info_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("private");
    $parser = new postParser();
    if ($mybb->settings['enablepms'] == 0) {
        return xmlrespfalse($lang->pms_disabled);
    }
    if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**";
        $sql_array = array("pmfolders" => $mybb->user['pmfolders']);
        $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']);
    }
    $rand = my_rand(0, 9);
    if ($rand == 5) {
        update_pm_count();
    }
    $foldercache = array();
    $folderids = array();
    $folderlist = '';
    $foldersexploded = explode("\$%%\$", $mybb->user['pmfolders']);
    foreach ($foldersexploded as $key => $folders) {
        $folderinfo = explode("**", $folders, 2);
        $foldername = $folderinfo[1];
        $fid = $folderinfo[0];
        $foldername = get_pm_folder_name($fid, $foldername);
        $type = "";
        if ($fid == 1) {
            $type = "INBOX";
        } else {
            if ($fid == 2) {
                $type = "SENT";
            } else {
                continue;
            }
        }
        // return inbox and send box only
        $foldercache[$fid] = array("fid" => $fid, "name" => $foldername, "total" => 0, "unread" => 0, "type" => $type);
        $folderids[] = intval($fid);
    }
    $query = $db->simple_select("privatemessages", "folder, count(*) as total", "FIND_IN_SET(folder, '" . implode(",", $folderids) . "') AND uid='{$mybb->user['uid']}' group by folder");
    while ($folder = $db->fetch_array($query)) {
        $foldercache[$folder['folder']]['total'] = $folder['total'];
    }
    $query = $db->simple_select("privatemessages", "folder, count(*) as unread", "FIND_IN_SET(folder, '" . implode(",", $folderids) . "') AND uid='{$mybb->user['uid']}' AND readtime = 0 group by folder");
    while ($folder = $db->fetch_array($query)) {
        $foldercache[$folder['folder']]['unread'] = $folder['unread'];
    }
    $folder_list = array();
    foreach ($foldercache as $fid => $folder) {
        $folder_list[] = new xmlrpcval(array('box_id' => new xmlrpcval($fid, 'string'), 'box_name' => new xmlrpcval($folder['name'], 'base64'), 'msg_count' => new xmlrpcval($folder['total'], 'int'), 'unread_count' => new xmlrpcval($folder['unread'], 'int'), 'box_type' => new xmlrpcval($folder['type'], 'string')), 'struct');
    }
    $spaceused = 0;
    if ($mybb->usergroup['pmquota'] != '0' && $mybb->usergroup['cancp'] != 1) {
        $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='" . $mybb->user['uid'] . "'");
        $pmscount = $db->fetch_array($query);
        if ($pmscount['total'] > 0) {
            $spaceused = $mybb->usergroup['pmquota'] - $pmscount['total'];
        }
    }
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'message_room_count' => new xmlrpcval($mybb->usergroup['cancp'] == 1 ? 100 : $spaceused, 'int'), 'list' => new xmlrpcval($folder_list, 'array')), 'struct');
    return $result;
}
Ejemplo n.º 21
0
function get_online_users_func()
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("online");
    $user_lists = array();
    if ($mybb->usergroup['canviewonline'] == 0) {
        return tt_no_permission();
    }
    switch ($db->type) {
        case "sqlite":
        case "pgsql":
            $sql = "s.time DESC";
            break;
        default:
            $sql = "IF( s.uid >0, 1, 0 ) DESC, s.time DESC";
            break;
    }
    $refresh_string = '';
    $timesearch = TIME_NOW - $mybb->settings['wolcutoffmins'] * 60;
    // Query for active sessions
    $query = $db->query("\n\t\tSELECT DISTINCT s.sid, s.ip, s.uid, s.time, s.location, u.username, s.nopermission,s.useragent,u.invisible, u.usergroup, u.displaygroup, u.avatar\n\t\tFROM " . TABLE_PREFIX . "sessions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (s.uid=u.uid)\n\t\tWHERE s.time>'{$timesearch}'\n\t\tORDER BY {$sql}\n\t");
    // Fetch spiders
    $spiders = $cache->read("spiders");
    while ($user = $db->fetch_array($query)) {
        // Fetch the WOL activity
        $user['activity'] = fetch_wol_activity($user['location'], $user['nopermission']);
        $user['from'] = 'broswer';
        if (strpos($user['useragent'], 'Android') !== false || strpos($user['useragent'], 'iPhone') !== false || strpos($user['useragent'], 'BlackBerry') !== false) {
            $user['from'] = 'mobile';
        }
        if (strpos($user['location'], 'mobiquo') !== false) {
            $user['from'] = 'tapatalk';
        }
        if (strpos($user['useragent'], 'BYO') !== false) {
            $user['from'] = 'byo';
        }
        // Stop links etc.
        /*unset($user['activity']['tid']);
        		unset($user['activity']['fid']);
        		unset($user['activity']['pid']);
        		unset($user['activity']['eid']);
        		unset($user['activity']['aid']);*/
        $botkey = my_strtolower(str_replace("bot=", '', $user['sid']));
        // Have a registered user
        if ($user['uid'] > 0) {
            if ($users[$user['uid']]['time'] < $user['time'] || !$users[$user['uid']]) {
                $users[$user['uid']] = $user;
            }
        } else {
            if (my_strpos($user['sid'], "bot=") !== false && $spiders[$botkey]) {
                $user['bot'] = $spiders[$botkey]['name'];
                $user['usergroup'] = $spiders[$botkey]['usergroup'];
                $guests[] = $user;
            } else {
                $guests[] = $user;
            }
        }
    }
    // Now we build the actual online rows - we do this separately because we need to query all of the specific activity and location information
    $online_rows = '';
    if (is_array($users)) {
        reset($users);
        foreach ($users as $user) {
            // We have a registered user
            if ($user['uid'] > 0) {
                // Only those with "canviewwolinvis" permissions can view invisible users
                if ($user['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1 || $user['uid'] == $mybb->user['uid']) {
                    // Append an invisible mark if the user is invisible
                    if ($user['invisible'] == 1) {
                        $invisible_mark = "(*)";
                    } else {
                        $invisible_mark = '';
                    }
                    //$user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
                    //$online_name = build_profile_link($user['username'], $user['uid']).$invisible_mark;
                    $online_name = $user['username'];
                }
            } elseif ($user['bot']) {
                //$online_name = format_name($user['bot'], $user['usergroup']);
                continue;
            } else {
                //$online_name = format_name($lang->guest, 1);
                continue;
            }
            // Fetch the location name for this users activity
            $location = $invisible_mark . strip_tags(build_friendly_wol_location($user['activity']));
            $user_lists[] = new xmlrpcval(array('user_name' => new xmlrpcval($online_name, 'base64'), 'user_type' => check_return_user_type($online_name), 'user_id' => new xmlrpcval($user['uid'], 'string'), 'display_text' => new xmlrpcval($location, 'base64'), 'icon_url' => new xmlrpcval(absolute_url($user['avatar']), 'string'), 'from' => new xmlrpcval($user['from'], 'string')), 'struct');
        }
    }
    $online_users = new xmlrpcval(array('member_count' => new xmlrpcval(count($user_lists), 'int'), 'guest_count' => new xmlrpcval(count($guests), 'int'), 'list' => new xmlrpcval($user_lists, 'array')), 'struct');
    return new xmlrpcresp($online_users);
}
Ejemplo n.º 22
0
function search_user_func()
{
    global $mybb, $db, $lang, $cache;
    // Load global language phrases
    $lang->load("memberlist");
    if ($mybb->settings['enablememberlist'] == 0) {
        return xmlrespfalse($lang->memberlist_disabled);
    }
    //$plugins->run_hooks("memberlist_start");
    if ($mybb->usergroup['canviewmemberlist'] == 0) {
        return tt_no_permission();
    }
    $colspan = 5;
    $search_url = '';
    // Incoming sort field?
    $mybb->input['sort'] = $mybb->settings['default_memberlist_sortby'];
    switch ($mybb->input['sort']) {
        case "regdate":
            $sort_field = "u.regdate";
            break;
        case "lastvisit":
            $sort_field = "u.lastactive";
            break;
        case "reputation":
            $sort_field = "u.reputation";
            break;
        case "postnum":
            $sort_field = "u.postnum";
            break;
        case "referrals":
            $sort_field = "u.referrals";
            break;
        default:
            $sort_field = "u.username";
            $mybb->input['sort'] = 'username';
            break;
    }
    //$sort_selected[$mybb->input['sort']] = " selected=\"selected\"";
    // Incoming sort order?
    $mybb->input['order'] = strtolower($mybb->settings['default_memberlist_order']);
    if ($mybb->input['order'] == "ascending" || !$mybb->input['order'] && $mybb->input['sort'] == 'username') {
        $sort_order = "ASC";
        $mybb->input['order'] = "ascending";
    } else {
        $sort_order = "DESC";
        $mybb->input['order'] = "descending";
    }
    //$order_check[$mybb->input['order']] = " checked=\"checked\"";
    // Incoming results per page?
    $mybb->input['perpage'] = intval($mybb->input['perpage']);
    if ($mybb->input['perpage'] > 0 && $mybb->input['perpage'] <= 500) {
        $per_page = $mybb->input['perpage'];
    } else {
        if ($mybb->settings['membersperpage']) {
            $per_page = $mybb->input['perpage'] = intval($mybb->settings['membersperpage']);
        } else {
            $per_page = $mybb->input['perpage'] = 20;
        }
    }
    $search_query = '1=1';
    // Searching for a matching username
    $search_username = htmlspecialchars_uni(trim($mybb->input['username']));
    if ($search_username != '') {
        $username_like_query = $db->escape_string_like($search_username);
        // Name begins with
        if ($mybb->input['username_match'] == "begins") {
            $search_query .= " AND u.username LIKE '" . $username_like_query . "%'";
        } else {
            $search_query .= " AND u.username LIKE '%" . $username_like_query . "%'";
        }
    }
    $query = $db->simple_select("users u", "COUNT(*) AS users", "{$search_query}");
    $num_users = $db->fetch_field($query, "users");
    $page = intval($mybb->input['page']);
    if ($page && $page > 0) {
        $start = ($page - 1) * $per_page;
    } else {
        $start = 0;
        $page = 1;
    }
    //$search_url = htmlspecialchars_uni($search_url);
    $multipage = multipage($num_users, $per_page, $page, $search_url);
    // Cache a few things
    $usergroups_cache = $cache->read('usergroups');
    $query = $db->simple_select("usertitles", "*", "", array('order_by' => 'posts', 'order_dir' => 'DESC'));
    while ($usertitle = $db->fetch_array($query)) {
        $usertitles_cache[$usertitle['posts']] = $usertitle;
    }
    $query = $db->query("\n\t\tSELECT u.*, f.*\n\t\tFROM " . TABLE_PREFIX . "users u\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\tWHERE {$search_query}\n\t\tORDER BY {$sort_field} {$sort_order}\n\t\tLIMIT {$start}, {$per_page}\n\t");
    while ($user = $db->fetch_array($query)) {
        //$user = $plugins->run_hooks("memberlist_user", $user);
        if (!$user['username']) {
            continue;
        }
        $user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
        if ($user['avatar'] != '') {
            $user['avatar'] = absolute_url($user['avatar']);
        } else {
            $user['avatar'] = "";
        }
        $users[] = $user;
    }
    $total = $num_users;
    if (!empty($users)) {
        foreach ($users as $user) {
            $return_user_lists[] = new xmlrpcval(array('username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_id' => new xmlrpcval($user['uid'], 'string'), 'icon_url' => new xmlrpcval($user['avatar'], 'string')), 'struct');
        }
    }
    $suggested_users = new xmlrpcval(array('total' => new xmlrpcval($total, 'int'), 'list' => new xmlrpcval($return_user_lists, 'array')), 'struct');
    return new xmlrpcresp($suggested_users);
}
Ejemplo n.º 23
0
function get_quote_post_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    require_once MYBB_ROOT . $mybb->settings['tapatalk_directory'] . '/emoji/emoji.class.php';
    $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::STRING), $xmlrpc_params);
    $lang->load("newreply");
    $parser = new postParser();
    $pids = explode('-', $input['post_id']);
    $message = '';
    foreach ($pids as $pid) {
        $query = $db->simple_select("posts", "tid", "pid = '{$pid}'");
        if ($db->num_rows($query) == 0) {
            return xmlrespfalse("Invalid post");
        }
        $post = $db->fetch_array($query);
        $tid = $post['tid'];
        $options = array("limit" => 1);
        $query = $db->simple_select("threads", "*", "tid='" . $tid . "'");
        if ($db->num_rows($query) == 0) {
            return xmlrespfalse($lang->error_invalidthread);
        }
        $thread = $db->fetch_array($query);
        $fid = $thread['fid'];
        // Get forum info
        $forum = get_forum($fid);
        if (!$forum) {
            return xmlrespfalse($lang->error_invalidforum);
        }
        $forumpermissions = forum_permissions($fid);
        if ($thread['visible'] == 0 && !is_moderator($fid) || $thread['visible'] < 0) {
            return xmlrespfalse($lang->error_invalidthread);
        }
        if ($forum['open'] == 0 || $forum['type'] != "f") {
            return xmlrespfalse($lang->error_closedinvalidforum);
        }
        if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1) {
            return tt_no_permission();
        }
        if ($forumpermissions['canonlyviewthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) {
            return tt_no_permission();
        }
        tt_check_forum_password($forum['fid']);
        // Check to see if the thread is closed, and if the user is a mod.
        if (!is_moderator($fid, "caneditposts")) {
            if ($thread['closed'] == 1) {
                return xmlrespfalse($lang->redirect_threadclosed);
            }
        }
        // Is the currently logged in user a moderator of this forum?
        if (is_moderator($fid)) {
            $ismod = true;
        } else {
            $ismod = false;
        }
        $unviewable_forums = get_unviewable_forums();
        if ($unviewable_forums) {
            $unviewable_forums = "AND t.fid NOT IN ({$unviewable_forums})";
        }
        if (is_moderator($fid)) {
            $visible_where = "AND p.visible != 2";
        } else {
            $visible_where = "AND p.visible > 0";
        }
        require_once MYBB_ROOT . "inc/functions_posting.php";
        $query = $db->query("\n\t\t\tSELECT p.subject, p.message, p.pid, p.tid, p.username, p.dateline, u.username AS userusername\n\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\t\tWHERE p.pid = {$pid} {$unviewable_forums} {$visible_where}\n\t\t");
        $load_all = intval($mybb->input['load_all_quotes']);
        if ($db->num_rows($query) == 0) {
            return xmlrespfalse("Invalid post");
        }
        $quoted_post = $db->fetch_array($query);
        // Only show messages for the current thread
        if ($quoted_post['tid'] == $tid || $load_all == 1) {
            // If this post was the post for which a quote button was clicked, set the subject
            if ($pid == $quoted_post['pid']) {
                $subject = preg_replace('#RE:\\s?#i', '', $quoted_post['subject']);
                $subject = "RE: " . $subject;
            }
            $message .= parse_quoted_message($quoted_post);
            $quoted_ids[] = $quoted_post['pid'];
        } else {
            ++$external_quotes;
        }
        if ($mybb->settings['maxquotedepth'] != '0') {
            $message = remove_message_quotes($message);
        }
    }
    $result = new xmlrpcval(array('post_id' => new xmlrpcval($pid), 'post_title' => new xmlrpcval($subject, 'base64'), 'post_content' => new xmlrpcval(tapatalkEmoji::covertNameToEmoji($message), 'base64')), 'struct');
    return new xmlrpcresp($result);
}