function get_message_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $input = Tapatalk_Input::filterXmlInput(array('message_id' => Tapatalk_Input::INT, 'box_id' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); $lang->load("private"); $parser = new postParser(); if ($mybb->settings['enablepms'] == 0) { return xmlrespfalse($lang->pms_disabled); } if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) { return tt_no_permission(); } if (!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**"; $sql_array = array("pmfolders" => $mybb->user['pmfolders']); $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']); } $rand = my_rand(0, 9); if ($rand == 5) { update_pm_count(); } $foldernames = array(); $foldersexploded = explode("\$%%\$", $mybb->user['pmfolders']); foreach ($foldersexploded as $key => $folders) { $folderinfo = explode("**", $folders, 2); $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]); $foldernames[$folderinfo[0]] = $folderinfo[1]; } $pmid = $input['message_id']; $query = $db->query("\n\t\tSELECT pm.*, u.*, f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.namestyle\n\t\tFROM " . TABLE_PREFIX . "privatemessages pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=pm.fromid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (g.gid=u.usergroup)\n\t\tWHERE pm.pmid='{$pmid}' AND pm.uid='" . $mybb->user['uid'] . "'\n\t"); $pm = $db->fetch_array($query); if ($pm['folder'] == 3) { return xmlrespfalse("Draft PMs are not supported by Tapatalk"); } if (!$pm['pmid']) { return xmlrespfalse($lang->error_invalidpm); } $parser = new Tapatalk_Parser(); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; $pm['message'] = post_bbcode_clean($pm['message']); $pm['message'] = $parser->parse_message($pm['message'], $parser_options); if ($pm['receipt'] == 1) { if ($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $mybb->input['denyreceipt'] == 1) { $receiptadd = 0; } else { $receiptadd = 2; } } if ($pm['status'] == 0) { $time = TIME_NOW; $updatearray = array('status' => 1, 'readtime' => $time); if (isset($receiptadd)) { $updatearray['receipt'] = $receiptadd; } $db->update_query('privatemessages', $updatearray, "pmid='{$pmid}'"); // Update the unread count - it has now changed. update_pm_count($mybb->user['uid'], 6); // Update PM notice value if this is our last unread PM if ($mybb->user['unreadpms'] - 1 <= 0 && $mybb->user['pmnotice'] == 2) { $updated_user = array("pmnotice" => 1); $db->update_query("users", $updated_user, "uid='{$mybb->user['uid']}'"); } } $pm['subject'] = $parser->parse_badwords($pm['subject']); if ($pm['fromid'] == 0) { $pm['username'] = $lang->mybb_engine; } if (!$pm['username']) { $pm['username'] = $lang->na; } // Fetch the recipients for this message $pm['recipients'] = @unserialize($pm['recipients']); if (is_array($pm['recipients']['to'])) { $uid_sql = implode(',', $pm['recipients']['to']); foreach ($pm['recipients']['to'] as $uid) { $user = get_user($uid); $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct'); if (($pm['folder'] == 2 or $pm['folder'] == 3) && !$avatar) { $avatar = $user['avatar']; } } } else { $user = get_user($pm['toid']); $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct'); if ($pm['folder'] == 2 or $pm['folder'] == 3) { $avatar = $user['avatar']; } } $show_bcc = 0; // If we have any BCC recipients and this user is an Administrator, add them on to the query if (count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1) { foreach ($pm['recipients']['bcc'] as $uid) { $user = get_user($uid); $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct'); } } if (!$avatar) { $avatar = $pm['avatar']; } //$display_user = ($box_id == 'inbox') ? $message['from'] : $msg_to[0]; $is_online = false; $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if ($pm['lastactive'] > $timecut && ($pm['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $pm['lastvisit'] != $pm['lastactive']) { $is_online = true; } $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'msg_from' => new xmlrpcval($pm['username'], 'base64'), 'msg_from_id' => new xmlrpcval($pm['fromid'], 'string'), 'msg_to' => new xmlrpcval($msg_to_list, 'array'), 'icon_url' => new xmlrpcval(absolute_url($avatar), 'string'), 'sent_date' => new xmlrpcval(mobiquo_iso8601_encode($pm['dateline']), 'dateTime.iso8601'), 'msg_subject' => new xmlrpcval($pm['subject'], 'base64'), 'text_body' => new xmlrpcval(process_post($pm['message'], $input['return_html']), 'base64'), 'is_online' => new xmlrpcval($is_online, 'boolean'), 'allow_smilies' => new xmlrpcval(true, 'boolean')), 'struct'); return new xmlrpcresp($result); }
function get_announcement_func($xmlrpc_params) { global $db, $lang, $mybb, $position, $plugins, $pids, $groupscache; $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::STRING, 'start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); $parser = new Tapatalk_Parser(); // Load global language phrases $lang->load("announcements"); $aid = intval($_GET['aid']); // Get announcement fid $query = $db->simple_select("announcements", "fid", "aid='{$aid}'"); $announcement = $db->fetch_array($query); $plugins->run_hooks("announcements_start"); if (!$announcement) { error($lang->error_invalidannouncement); } // Get forum info $fid = $announcement['fid']; if ($fid > 0) { $forum = get_forum($fid); if (!$forum) { error($lang->error_invalidforum); } // Make navigation build_forum_breadcrumb($forum['fid']); // Permissions $forumpermissions = forum_permissions($forum['fid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { error_no_permission(); } // Check if this forum is password protected and we have a valid password check_forum_password($forum['fid']); } add_breadcrumb($lang->nav_announcements); $archive_url = build_archive_link("announcement", $aid); // Get announcement info $time = TIME_NOW; $query = $db->query("\n\t\tSELECT u.*, u.username AS userusername, a.*, f.*\n\t\tFROM " . TABLE_PREFIX . "announcements a\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND a.aid='{$aid}'\n\t"); $announcementarray = $db->fetch_array($query); if (!$announcementarray) { error($lang->error_invalidannouncement); } // Gather usergroup data from the cache // Field => Array Key $data_key = array('title' => 'grouptitle', 'usertitle' => 'groupusertitle', 'stars' => 'groupstars', 'starimage' => 'groupstarimage', 'image' => 'groupimage', 'namestyle' => 'namestyle', 'usereputationsystem' => 'usereputationsystem'); foreach ($data_key as $field => $key) { $announcementarray[$key] = $groupscache[$announcementarray['usergroup']][$field]; } $announcementarray['dateline'] = $announcementarray['startdate']; $announcementarray['userusername'] = $announcementarray['username']; $announcement = build_postbit($announcementarray, 3); $announcementarray['subject'] = $parser->parse_badwords($announcementarray['subject']); $lang->forum_announcement = $lang->sprintf($lang->forum_announcement, htmlspecialchars_uni($announcementarray['subject'])); if ($announcementarray['startdate'] > $mybb->user['lastvisit']) { $setcookie = true; if (isset($mybb->cookies['mybb']['announcements']) && is_scalar($mybb->cookies['mybb']['announcements'])) { $cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements'])); if (isset($cookie[$announcementarray['aid']])) { $setcookie = false; } } if ($setcookie) { my_set_array_cookie('announcements', $announcementarray['aid'], $announcementarray['startdate'], -1); } } $user_info = get_user($announcementarray['aid']); $icon_url = absolute_url($user_info['avatar']); // prepare xmlrpc return $xmlrpc_post = new xmlrpcval(array('topic_id' => new xmlrpcval('ann_' . $announcementarray['aid']), 'post_title' => new xmlrpcval(basic_clean($announcementarray['subject']), 'base64'), 'post_content' => new xmlrpcval(process_post($announcementarray['message'], $input['return_html']), 'base64'), 'post_author_id' => new xmlrpcval($announcementarray['uid']), 'post_author_name' => new xmlrpcval(basic_clean($announcementarray['username']), 'base64'), 'user_type' => new xmlrpcval(check_return_user_type($announcementarray['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($icon_url)), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($announcementarray['dateline']), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval($announcementarray['dateline'], 'string')), 'struct'); $result = array('total_post_num' => new xmlrpcval(1, 'int'), 'can_reply' => new xmlrpcval(false, 'boolean'), 'can_subscribe' => new xmlrpcval(false, 'boolean'), 'posts' => new xmlrpcval(array($xmlrpc_post), 'array')); return new xmlrpcresp(new xmlrpcval($result, 'struct')); }
function reply_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $tid, $pid, $visible, $thread, $post; $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'topic_id' => Tapatalk_Input::INT, 'subject' => Tapatalk_Input::STRING, 'text_body' => Tapatalk_Input::STRING, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); $lang->load("newreply"); $parser = new Tapatalk_Parser(); $tid = $input['topic_id']; $options = array("limit" => 1); $query = $db->simple_select("threads", "*", "tid='" . $tid . "'"); if ($db->num_rows($query) == 0) { return xmlrespfalse($lang->error_invalidthread); } $thread = $db->fetch_array($query); $fid = $thread['fid']; // Get forum info $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($thread['visible'] == 0 && !is_moderator($fid) || $thread['visible'] < 0) { return xmlrespfalse($lang->error_invalidthread); } if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } if ($forumpermissions['canonlyviewthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) { return tt_no_permission(); } tt_check_forum_password($forum['fid']); // Check to see if the thread is closed, and if the user is a mod. if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } } // Is the currently logged in user a moderator of this forum? if (is_moderator($fid)) { $ismod = true; } else { $ismod = false; } if (!empty($input['group_id'])) { $posthash = $input['group_id']; } else { $posthash = md5($thread['tid'] . $mybb->user['uid'] . random_str()); } if ($mybb->settings['maxposts'] > 0 && $mybb->usergroup['cancp'] != 1) { $daycut = TIME_NOW - 60 * 60 * 24; $query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}"); $post_count = $db->fetch_field($query, "posts_today"); if ($post_count >= $mybb->settings['maxposts']) { $lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']); return xmlrespfalse($lang->error_maxposts); } } $username = $mybb->user['username']; $uid = $mybb->user['uid']; $user_check = "p.uid='{$uid}'"; if (version_compare($mybb->version, '1.8.0', '<')) { $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->input['subject']) . "' AND p.message='" . $db->escape_string($mybb->input['message']) . "' AND p.posthash='" . $db->escape_string($mybb->input['posthash']) . "' AND p.visible != '-2'"); } else { $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->get_input('subject')) . "' AND p.message='" . $db->escape_string($mybb->get_input('message')) . "' AND p.visible != '-2' AND p.dateline>" . (TIME_NOW - 600)); } $duplicate_check = $db->fetch_field($query, "pid"); if ($duplicate_check) { return xmlrespfalse($lang->error_post_already_submitted); } require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("insert"); $post = array("tid" => $input['topic_id'], "replyto" => 0, "fid" => $thread['fid'], "subject" => $input['subject'], "icon" => 0, "uid" => $uid, "username" => $username, "message" => $input['text_body'], "ipaddress" => get_ip(), "posthash" => $posthash); if ($mybb->input['pid']) { $post['pid'] = $mybb->input['pid']; } $post['savedraft'] = 0; // Set up the post options from the input. $post['options'] = array("signature" => 1, "subscriptionmethod" => $mybb->user['subscriptionmethod'] == 0 ? '' : $mybb->user['subscriptionmethod'], "disablesmilies" => 0); $post['modoptions']['stickthread'] = $thread['sticky']; $post['modoptions']['closethread'] = $thread['closed']; $posthandler->set_data($post); // Now let the post handler do all the hard work. $valid_post = $posthandler->validate_post(); $post_errors = array(); // Fetch friendly error messages if this is an invalid post if (!$valid_post) { $post_errors = $posthandler->get_friendly_errors(); } // Mark thread as read require_once MYBB_ROOT . "inc/functions_indicators.php"; mark_thread_read($tid, $fid); // One or more errors returned, fetch error list and throw to newreply page if (count($post_errors) > 0) { return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->insert_post(); $pid = $postinfo['pid']; $visible = $postinfo['visible']; tapatalk_push_reply(); tapatalk_push_quote(); tapatalk_push_tag(); // Deciding the fate if ($visible == -2) { $state = 1; } elseif ($visible == 1) { $state = 0; } else { $state = 1; } } $pid = intval($pid); if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'"); } // update thread attachment account if (count($input['attachment_id_array']) > 0) { update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array']))); } $post = get_post($pid); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['message'] = post_bbcode_clean($post['message']); $post['message'] = $parser->parse_message($post['message'], $parser_options); global $attachcache; $attachcache = array(); if ($thread['attachmentcount'] > 0) { // Now lets fetch all of the attachments for these posts. $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); while ($attachment = $db->fetch_array($query)) { $attachcache[$attachment['pid']][$attachment['aid']] = $attachment; } } $attachment_list = process_post_attachments($post['pid'], $post); $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } $can_delete = (is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0; $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'post_id' => new xmlrpcval($postinfo['pid'], 'string'), 'state' => new xmlrpcval($state, 'int'), 'post_author_id' => new xmlrpcval($mybb->user['uid'], 'string'), 'post_author_name' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($mybb->user['avatar']), 'string'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64'), 'can_edit' => new xmlrpcval(is_moderator($fid, "caneditposts") || $thread['closed'] == 0 && $forumpermissions['caneditposts'] == 1, 'boolean'), 'can_delete' => new xmlrpcval($can_delete, 'boolean'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode(TIME_NOW), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval(TIME_NOW, 'string'), 'attachments' => new xmlrpcval($attachment_list, 'array')), 'struct'); return new xmlrpcresp($result); }