/** * Generates a valid path and filename for a temp file. In the case * of safe upload, this generates the filename, but not the file. In * the case of tempnam(), the temp file is actually created. * * @param string|int Optional extra "entropy" for the md5 call, this would typically be an ID such as userid or avatarid, etc *for the current record* of whatever is being processed. If empty, it uses the *current user's* userid. * @param string An optional prefix for the file name. Depending on OS and if tempnam is used, only the first 3 chars of this will be used. * @param string An optional suffix for the file name, can be used to add a file extension if needed. * * @return string|false The path and filename of the temp file, or bool false if it failed. */ public static function getTmpFileName($entropy = '', $prefix = 'vb_', $suffix = '') { $options = vB::getDatastore()->getValue('options'); if ($options['safeupload']) { if (empty($entropy)) { $entropy = vB::getCurrentSession()->get('userid'); } //it *usually* doesn't matter if we use the slash instead of the local OS seperator, but //if we pass the value to exec things can't go a bit wierd. $filename = $options['tmppath'] . DIRECTORY_SEPARATOR . $prefix . md5(uniqid(microtime()) . $entropy) . $suffix; } else { if (vB::getUserContext()->hasPermission('adminpermissions', 'cancontrolpanel')) { $filename = tempnam(self::getTmpDir(), $prefix); } else { $filename = @tempnam(self::getTmpDir(), $prefix); } if ($filename and $suffix) { // tempnam doesn't support specifying a suffix unlink($filename); $filename = $filename . $suffix; touch($filename); } } return $filename; }
/** * Create a blog channel. * * @param array $input * @param int $channelid * @param int $channelConvTemplateid * @param int $channelPgTemplateId * @param int $ownerSystemGroupId * * @return int The nodeid of the new blog channel */ public function createChannel($input, $channelid, $channelConvTemplateid, $channelPgTemplateId, $ownerSystemGroupId) { $input['parentid'] = $channelid; $input['inlist'] = 1; // we don't want it to be shown in channel list, but we want to move them $input['protected'] = 0; if (empty($input['userid'])) { $input['userid'] = vB::getCurrentSession()->get('userid'); } if (!isset($input['publishdate'])) { $input['publishdate'] = vB::getRequest()->getTimeNow(); } $input['templates']['vB5_Route_Channel'] = $channelPgTemplateId; $input['templates']['vB5_Route_Conversation'] = $channelConvTemplateid; // add channel node $channelLib = vB_Library::instance('content_channel'); $input['page_parentid'] = 0; $result = $channelLib->add($input, array('skipFloodCheck' => true, 'skipDupCheck' => true)); //Make the current user the channel owner. $userApi = vB_Api::instanceInternal('user'); $usergroup = vB::getDbAssertor()->getRow('usergroup', array('systemgroupid' => $ownerSystemGroupId)); if (empty($usergroup) or !empty($usergroup['errors'])) { //This should never happen. It would mean an invalid parameter was passed throw new vB_Exception_Api('invalid_request'); } vB_User::setGroupInTopic($input['userid'], $result['nodeid'], $usergroup['usergroupid']); vB_Cache::allCacheEvent(array('nodeChg_' . $this->blogChannel, "nodeChg_{$channelid}")); vB::getUserContext()->rebuildGroupAccess(); vB_Channel::rebuildChannelTypes(); // clear follow cache vB_Api::instanceInternal('follow')->clearFollowCache(array($input['userid'])); return $result['nodeid']; }
/** * Create an article category channel. This function works basically like the blog library's version * * @param array $input data array, should have standard channel data like title, parentid, * @param int $channelid parentid that the new channel should fall under. * @param int $channelConvTemplateid "Conversation" level pagetemplate to use. Typically vB_Page::getArticleConversPageTemplate() * @param int $channelPgTemplateId "Channel" level pagetemplate to use. Typically vB_Page::getArticleChannelPageTemplate() * @param int $ownerSystemGroupId * * @return int The nodeid of the new blog channel */ public function createChannel($input, $channelid, $channelConvTemplateid, $channelPgTemplateId, $ownerSystemGroupId) { if (!isset($input['parentid']) or intval($input['parentid']) < 1) { $input['parentid'] = $channelid; } $input['inlist'] = 1; // we don't want it to be shown in channel list, but we want to move them $input['protected'] = 0; if (empty($input['userid'])) { $input['userid'] = vB::getCurrentSession()->get('userid'); } if (!isset($input['publishdate'])) { $input['publishdate'] = vB::getRequest()->getTimeNow(); } $input['templates']['vB5_Route_Channel'] = $channelPgTemplateId; $input['templates']['vB5_Route_Article'] = $channelConvTemplateid; $input['childroute'] = 'vB5_Route_Article'; // add channel node $channelLib = vB_Library::instance('content_channel'); $input['page_parentid'] = 0; $result = $channelLib->add($input, array('skipNotifications' => true, 'skipFloodCheck' => true, 'skipDupCheck' => true)); //Make the current user the channel owner. $userApi = vB_Api::instanceInternal('user'); $usergroup = vB::getDbAssertor()->getRow('usergroup', array('systemgroupid' => $ownerSystemGroupId)); vB_Cache::allCacheEvent(array('nodeChg_' . $this->articleHomeChannel, "nodeChg_{$channelid}")); vB::getUserContext()->rebuildGroupAccess(); vB_Channel::rebuildChannelTypes(); // clear follow cache vB_Api::instanceInternal('follow')->clearFollowCache(array($input['userid'])); return $result['nodeid']; }
public function get_admin_detail_chat() { global $vbulletin; // Get the settings options and the user's info $options = vB::getDatastore()->getValue('options'); $userinfo = vB::getCurrentSession()->fetch_userinfo(); // Api Key and Secret $api = $options['chat_cat_messenger_api']; $secret = $options['chat_cat_messenger_secret']; $login_url = $options['chat_cat_messenger_login_url']; $register_url = $options['chat_cat_messenger_register_url']; $primary_domain = $options['chat_cat_messenger_primary_url']; // echo $primary_domain; // die(); // User info $uname = $userinfo['username']; $uid = $userinfo['userid']; $desc = $userinfo['field1']; $src = ''; $home = $options['bburl'] . '/member/' . $uid; //echo $home;die; $location = $userinfo['field2']; $bod = $userinfo['birthday']; if (!empty($bod)) { $year = explode("-", $bod); $bod = $year['2']; } $profilepic = $vbulletin->db->query_first("\n\t\t\tSELECT userid, dateline, height, width\n\t\t\tFROM " . TABLE_PREFIX . "customavatar\n\t\t\tWHERE userid = " . $uid); if ($profilepic['dateline']) { $img = $options['bburl'] . '/image.php?userid=' . $uid . '&thumb=1&dateline=' . $profilepic[dateline] . '&type=avtar'; } else { $img = null; } $src = urlencode($img); $home = urlencode($home); //$src = urldecode($img); $chatdata = array(); $chatdata['sinonurl'] = ''; if (isset($api) && $api != '') { $chatdata['sinonurl'] = '/ajaxchat.php?uid=' . $uid . '&api=' . $api . '&secret=' . $secret . '&uname=' . $uname . '&desc=' . $desc . '&src=' . $src . '&home=' . $home . '&birthday=' . $bod . '&location=' . $location; } $chatdata['primaryurl'] = $primary_domain; if ($login_url != '') { $chatdata['loginurl'] = $login_url; if (!preg_match("@^[hf]tt?ps?://@", $chatdata['loginurl'])) { $chatdata['loginurl'] = "http://" . $chatdata['loginurl']; } } else { $chatdata['loginurl'] = ''; } if ($register_url != '') { $chatdata['registerurl'] = $register_url; if (!preg_match("@^[hf]tt?ps?://@", $chatdata['registerurl'])) { $chatdata['registerurl'] = "http://" . $chatdata['registerurl']; } } else { $chatdata['registerurl'] = $options['frontendurl'] . '/register'; } return $chatdata; }
function construct_user_ip_table($userid, $previpaddress, $depth = 2) { global $vbulletin, $vbphrase; if (VB_AREA == 'AdminCP') { $userscript = 'usertools.php'; } else { $userscript = 'user.php'; } $depth--; $ips = vB_Api::instanceInternal('user')->searchIP($userid, $depth); $retdata = ''; // @TODO user api currently returns only 1 IP per user. $result = array('ipaddress' => $ips['regip']); foreach ($result as $ip) { $retdata .= '<li>' . "<a href=\"{$userscript}?" . vB::getCurrentSession()->get('sessionurl') . "do=gethost&ip={$ip['ipaddress']}\" title=\"" . $vbphrase['resolve_address'] . "\">{$ip['ipaddress']}</a> " . construct_link_code($vbphrase['find_more_users_with_this_ip_address'], "{$userscript}?" . vB::getCurrentSession()->get('sessionurl') . "do=doips&ipaddress={$ip['ipaddress']}&hash=" . CP_SESSIONHASH) . "</li>\n"; if ($depth > 0) { $retdata .= construct_ip_usage_table($ip['ipaddress'], $userid, $depth); } } if (empty($retdata)) { return ''; } else { return '<ul>' . $retdata . '</ul>'; } }
protected function checkRoutePermissions() { $currentUser = vB::getUserContext(); if (!$currentUser->hasPermission('genericpermissions', 'canviewmembers') and $this->arguments['userid'] != vB::getCurrentSession()->get('userid')) { throw new vB_Exception_NodePermission('profile'); } }
public function __construct(&$routeInfo, &$matches, &$queryString = '') { if (isset($matches['params']) and !empty($matches['params'])) { $paramString = strpos($matches['params'], '/') === 0 ? substr($matches['params'], 1) : $matches['params']; $params = explode('/', $paramString); if (count($params) >= 2) { $this->pagenum = $params[1]; $this->folderid = $params[0]; } else { if (!empty($params)) { $this->pagenum = $params[1]; } } } if (!empty($matches['pagenum']) and intval($matches['pagenum'])) { $this->pagenum = $matches['pagenum']; } if (!empty($matches['folderid']) and intval($matches['folderid'])) { $this->folderid = $matches['folderid']; } $routeInfo['arguments']['subtemplate'] = $this->subtemplate; $userid = vB::getCurrentSession()->get('userid'); $pmquota = vB::getUserContext($userid)->getLimit('pmquota'); $vboptions = vB::getDatastore($userid)->getValue('options'); $canUsePmSystem = ($vboptions['enablepms'] and $pmquota); if (!$canUsePmSystem and !$this->overrideDisable) { throw new vB_Exception_NodePermission('privatemessage'); } }
/** * Fetches the online states for the user, taking into account the browsing * user's viewing permissions. Also modifies the user to include [buddymark] * and [invisiblemark] * * @param array Array of userinfo to fetch online status for * @param boolean True if you want to set $user[onlinestatus] with template results * * @return integer 0 = offline, 1 = online, 2 = online but invisible (if permissions allow) */ function fetch_online_status(&$user) { static $buddylist, $datecut; $session = vB::getCurrentSession(); if (empty($session)) { $currentUserId = 0; } else { $currentUserId = vB::getCurrentSession()->get('userid'); } // get variables used by this function if (!isset($buddylist) and !empty($currentUserId)) { $buddylist = array(); //If we are asking for the current user's status we can skip the fetch if ($currentUserId == $user['userid']) { $currentUser =& $user; } else { $currentUser = vB_Api::instanceInternal('user')->fetchCurrentUserInfo(); } if (isset($currentUser['buddylist']) and $currentUser['buddylist'] = trim($currentUser['buddylist'])) { $buddylist = preg_split('/\\s+/', $currentUser['buddylist'], -1, PREG_SPLIT_NO_EMPTY); } } if (!isset($datecut)) { $datecut = vB::getRequest()->getTimeNow() - vB::getDatastore()->getOption('cookietimeout'); } // is the user on bbuser's buddylist? if (isset($buddylist) and is_array($buddylist) and in_array($user['userid'], $buddylist)) { $user['buddymark'] = '+'; } else { $user['buddymark'] = ''; } // set the invisible mark to nothing by default $user['invisiblemark'] = ''; $onlinestatus = 0; $user['online'] = 'offline'; // now decide if we can see the user or not if ($user['lastactivity'] > $datecut and $user['lastvisit'] != $user['lastactivity']) { $bf_misc_useroptions = vB::getDatastore()->getValue('bf_misc_useroptions'); if ($user['options'] & $bf_misc_useroptions['invisible']) { if (!isset($userContext)) { $userContext = vB::getUserContext(); } if ($currentUserId == $user['userid'] or $userContext and $userContext->hasPermission('genericpermissions', 'canseehidden')) { // user is online and invisible BUT bbuser can see them $user['invisiblemark'] = '*'; $user['online'] = 'invisible'; $onlinestatus = 2; } } else { // user is online and visible $onlinestatus = 1; $user['online'] = 'online'; } } return $onlinestatus; }
public function __construct(&$routeInfo, &$matches, &$queryString = '') { $userid = vB::getCurrentSession()->get('userid'); $pmquota = vB::getUserContext($userid)->getLimit('pmquota'); $vboptions = vB::getDatastore($userid)->getValue('options'); $canUsePmSystem = ($vboptions['enablepms'] and $pmquota); if (!$canUsePmSystem) { throw new vB_Exception_NodePermission('privatemessage'); } parent::__construct($routeInfo, $matches, $queryString); }
function fetch_faq_parents($faqname) { global $ifaqcache, $faqcache, $parents, $vbulletin; static $i = 0; $faq = $faqcache["{$faqname}"]; if (is_array($ifaqcache["{$faq['faqparent']}"])) { $key = iif($i++, 'faq.php?' . vB::getCurrentSession()->get('sessionurl') . "faq={$faq['faqname']}"); $parents["{$key}"] = $faq['title']; fetch_faq_parents($faq['faqparent']); } }
/** * Shows the form for inline mod authentication. */ function show_inline_mod_login($showerror = false) { global $vbulletin, $vbphrase, $show; $show['inlinemod_form'] = true; $show['passworderror'] = $showerror; if (!$showerror) { $vbulletin->url = SCRIPTPATH; } $forumHome = vB_Library::instance('content_channel')->getForumHomeChannel(); eval(standard_error(fetch_error('nopermission_loggedin', $vbulletin->userinfo['username'], vB_Template_Runtime::fetchStyleVar('right'), vB::getCurrentSession()->get('sessionurl'), $vbulletin->userinfo['securitytoken'], vB5_Route::buildUrl($forumHome['routeid'] . 'home|fullurl')))); }
protected function getNewRouteInfo() { if ($session = vB::getCurrentSession()) { $userid = $session->get('userid'); } if (empty($userid)) { throw new vB_Exception_404('invalid_page'); } $this->arguments['userid'] = $userid; $this->arguments['tab'] = 'subscriptions'; return 'subscription'; }
public static function init($configFile) { parent::init($configFile); self::$instance = new vB5_Frontend_Application(); self::$instance->router = new vB5_Frontend_Routing(); self::$instance->router->setRoutes(); $styleid = vB5_Template_Stylevar::instance()->getPreferredStyleId(); if ($styleid) { vB::getCurrentSession()->set('styleid', $styleid); } self::ajaxCharsetConvert(); self::setHeaders(); return self::$instance; }
/** * Create a taggable content item. * * @param int id for the content item to be tagged. Can be 0 if it is used only for validating tags * @param array content info -- database record for item to be tagged, values vary by * specific content item. For performance reasons this can be included, otherwise the * data will be fetched if needed from the provided id. */ public function __construct($nodeid = 0, $contentinfo = false) { $this->nodeid = $nodeid; $this->assertor = vB::getDbAssertor(); $this->currentUserId = vB::getCurrentSession()->get('userid'); // If this is node related fetch the required info if ($this->nodeid) { $this->owner = $this->getNodeOwner($this->nodeid); if ($contentinfo) { $this->contentinfo = $contentinfo; } else { $this->loadContentInfo(); } } }
/** * Fetches the IDs of the dismissed notices so we do not display them for the user. * */ function fetch_dismissed_notices() { static $dismissed_notices = null; if ($dismissed_notices === null) { $userinfo = vB::getCurrentSession()->fetch_userinfo(); $dismissed_notices = array(); if (!$userinfo['userid']) { return $dismissed_notices; } $noticeids = vB::getDbAssertor()->assertQuery('vBForum:fetchdismissednotices', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED, 'userid' => $userinfo['userid'])); foreach ($noticeids as $noticeid) { $dismissed_notices[] = $noticeid['noticeid']; } } return $dismissed_notices; }
public function replacePlaceholders(&$content) { $this->fetchPhrases(); $placeholders = array(); end($this->stack); while (!is_null($placeholder_id = key($this->stack))) { $phraseName = current($this->stack); $phraseInfo = $this->pending[$phraseName][$placeholder_id]; $phraseInfo[0] = isset($this->cache[$phraseName]) ? $this->cache[$phraseName] : $phraseInfo[0]; // do parameter replacements in phrases for notices, since we don't want // the extra overhead of pulling these phrases in the api method if (strpos($phraseName, 'notice_') === 0 and preg_match('/^notice_[0-9]+_html$/', $phraseName)) { $phraseInfo[0] = str_replace(array('{musername}', '{username}', '{userid}', '{sessionurl}', '{sessionurl_q}', '{register_page}', '{help_page}'), array(vB5_User::get('musername'), vB5_User::get('username'), vB5_User::get('userid'), vB::getCurrentSession()->get('sessionurl'), vB::getCurrentSession()->get('sessionurl_q'), vB5_Template_Runtime::buildUrl('register'), vB5_Template_Runtime::buildUrl('help')), $phraseInfo[0]); } $replace = $this->constructPhraseFromArray($phraseInfo); $placeholders[$placeholder_id] = $replace; //$content = str_replace($placeholder_id, $replace, $content); prev($this->stack); } // If we passed any phrases as parameters to other phrases, we will // still have those placeholders in the "replace" content, for example: // {vb:phrase have_x_posts_in_topic_last_y, {vb:var topic.dot_postcount}, {vb:date {vb:var topic.dot_lastpostdate}}} // since the date call can return phrases (today, yesterday, etc.). // This only goes one level deep (e.g., it's not recursive), since that's // all we need at this time. // This searches the replace text to see if there are any placeholders // left in them, and if so, replaces those placeholders with the phrase text. foreach ($placeholders as $k => $replace) { if (strpos($replace, '<!-- ##phrase_') !== false or strpos($replace, '<!-- ##phrase_') !== false) { if (preg_match_all('/(?:<|<)!-- ##phrase_([a-z0-9_]+)_[0-9]+## --(?:>|>)/siU', $replace, $matches, PREG_SET_ORDER)) { foreach ($matches as $match) { $placeholder_id = $match[0]; $phrase_varname = $match[1]; $placeholder_id_lookup = str_replace(array('<', '>'), array('<', '>'), $placeholder_id); $phraseInfo = $this->pending[$phrase_varname][$placeholder_id_lookup]; $phraseInfo[0] = isset($this->cache[$phrase_varname]) ? $this->cache[$phrase_varname] : $phraseInfo[0]; $phraseText = $this->constructPhraseFromArray($phraseInfo); $placeholders[$k] = str_replace($placeholder_id, $phraseText, $placeholders[$k]); } } } } if (!empty($placeholders)) { $content = str_replace(array_keys($placeholders), $placeholders, $content); } }
/** * Add photo record * * @param mixed Array of field => value pairs which define the record. * @param array Array of options for the content being created * Understands skipTransaction, skipFloodCheck, floodchecktime. * * @return mixed array with nodeid (int), success (bool), cacheEvents (array of strings), nodeVals (array of field => value). */ public function add($data, array $options = array()) { //Store this so we know whether we should call afterAdd() $skipTransaction = !empty($options['skipTransaction']); $options += array('skipDupCheck' => true); if (empty($data['filedataid'])) { throw new vB_Exception_Api('incomplete_data'); } if (empty($data['userid'])) { $user = vB::getCurrentSession()->fetch_userinfo(); $data['authorname'] = $user['username']; $userid = $data['userid'] = $user['userid']; } else { $userid = $data['userid']; if (empty($data['authorname'])) { $user = vB_Api::instanceInternal('user')->fetchUserName($userid); $data['authorname'] = $user; } } try { if (!$skipTransaction) { $this->assertor->beginTransaction(); } $options['skipTransaction'] = true; /** Validate Filedata */ $newNode = parent::add($data, $options); /** Update filedata refcount */ $fileData = $this->assertor->getRow('vBForum:filedata', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'filedataid' => $data["filedataid"])); $refCount = $fileData["refcount"] + 1; $photodata = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, vB_dB_Query::CONDITIONS_KEY => array('filedataid' => $data['filedataid']), 'refcount' => $refCount); $this->assertor->assertQuery('vBForum:filedata', $photodata); if (!$skipTransaction) { $this->assertor->commitTransaction(); } } catch (exception $e) { if (!$skipTransaction) { $this->assertor->rollbackTransaction(); } throw $e; } if (!$skipTransaction) { //The child classes that have their own transactions all set this to true so afterAdd is always called just once. $this->afterAdd($newNode['nodeid'], $data, $options, $newNode['cacheEvents'], $newNode['nodeVals']); } return $newNode; }
public function shutdown() { if ($this->called) { return; // Already called once. } $session = vB::getCurrentSession(); if (is_object($session)) { $session->save(); } if (sizeof($this->callbacks)) { foreach ($this->callbacks as $callback) { call_user_func($callback); } unset($this->callbacks); } $this->setCalled(); }
public function __construct($routeInfo, $matches, $queryString = '', $anchor = '') { if (empty($matches['tab'])) { $matches['tab'] = 'profile'; } parent::__construct($routeInfo, $matches, $queryString, $anchor); if (empty($this->arguments['userid'])) { $userInfo = vB::getCurrentSession()->fetch_userinfo(); $this->arguments['userid'] = $userInfo['userid']; $this->arguments['username'] = $userInfo['username']; } else { if (empty($this->arguments['username'])) { $userInfo = vB_User::fetchUserinfo($this->arguments['userid']); $this->arguments['username'] = $userInfo['username']; } } $this->breadcrumbs = array(0 => array('title' => $this->arguments['username'], 'url' => vB5_Route::buildUrl('profile', array('userid' => $this->arguments['userid'], 'username' => vB_String::getUrlIdent($this->arguments['username'])))), 1 => array('phrase' => 'user_settings', 'url' => '')); }
public function __construct(&$routeInfo, &$matches, &$queryString = '') { $cleaner = vB::getCleaner(); if (isset($matches['params']) and !empty($matches['params'])) { $paramString = strpos($matches['params'], '/') === 0 ? substr($matches['params'], 1) : $matches['params']; list($this->userid) = explode('/', $paramString); } else { if (isset($matches['userid'])) { $this->userid = $matches['userid']; } } $this->userid = $cleaner->clean($this->userid, vB_Cleaner::TYPE_INT); $routeInfo['arguments']['subtemplate'] = $this->subtemplate; $userid = vB::getCurrentSession()->get('userid'); $pmquota = vB::getUserContext($userid)->getLimit('pmquota'); $vboptions = vB::getDatastore($userid)->getValue('options'); $canUsePmSystem = ($vboptions['enablepms'] and $pmquota); if (!$canUsePmSystem) { throw new vB_Exception_NodePermission('privatemessage'); } }
/** * Returns an array of bbcode parsing information. {@see vB_Api_Bbcode::fetchTagList} * * @see vB_Api_Bbcode::fetchTagList * @see vB_Api_Bbcode::fetchCustomTags() * @return array Bbcode parsing information. Format: * <pre>array( * defaultTags => array {@see vB_Api_Bbcode::fetchTagList} * customTags => array @see vB_Api_Bbcode::fetchCustomTags * defaultOptions => array {@see vB_Api_Bbcode::fetchBbcodeOptions()} * )</pre> */ public function initInfo() { $response['defaultTags'] = $this->fetchTagList(); $response['customTags'] = $this->fetchCustomTags(); $response['defaultOptions'] = $this->fetchBbcodeOptions(); $response['censorship'] = $this->fetchCensorshipInfo(); $response['smilies'] = $this->fetchSmilies(); $response['sessionUrl'] = vB::getCurrentSession()->get('sessionurl'); $response['vBHttpHost'] = vB::getRequest()->getVbHttpHost(); $options = vB::getDatastore()->get_value('options'); $response['blankAsciiStrip'] = $options['blankasciistrip']; $response['wordWrap'] = $options['wordwrap']; $response['codeMaxLines'] = $options['codemaxlines']; $response['bbUrl'] = $options['bburl']; $response['viewAttachedImages'] = $options['viewattachedimages']; $response['urlNoFollow'] = $options['url_nofollow']; $response['urlNoFollowWhiteList'] = $options['url_nofollow_whitelist']; $response['useFileAvatar'] = $options['usefileavatar']; $response['sigpicUrl'] = $options['sigpicurl']; return $response; }
public function print_editor() { global $vbulletin, $vbphrase; $vb5_config =& vB::getConfig(); $header = $vbphrase["stylevar_{$this->stylevarid}_name"] ? $vbphrase["stylevar_{$this->stylevarid}_name"] : $this->stylevarid; $addbit = false; if ($vbulletin->GPC['dostyleid'] == -1) { $header .= ' - <span class="smallfont">' . construct_link_code($vbphrase['edit'], "stylevar.php?" . vB::getCurrentSession()->get('sessionurl') . "do=dfnedit&stylevarid=" . $this->stylevarid); $addbit = true; } if ($this->inherited == -1) { if (!$addbit) { $header .= ' - <span class="smallfont">'; $addbit = true; } else { $header .= ' - '; } $header .= construct_link_code($vbphrase['revert_gcpglobal'], "stylevar.php?" . vB::getCurrentSession()->get('sessionurl') . "do=confirmrevert&dostyleid=" . $vbulletin->GPC['dostyleid'] . "&stylevarid=" . $this->stylevarid . "&rootstyle=-1"); } if ($addbit) { $header .= '</span>'; } print_table_header($header); if ($vbphrase["stylevar_{$this->stylevarid}_description"]) { print_description_row($vbphrase["stylevar_{$this->stylevarid}_description"], false, 2); } if ($vb5_config['Misc']['debug']) { print_label_row($vbphrase['stylevarid'], $this->stylevarid); } // output this stylevar's inheritance level (inherited or customized) // so that we can update the stylevar list and show inherited status // immediately echo '<script type="text/javascript"> window.vBulletinStylevarInheritance = window.vBulletinStylevarInheritance ? window.vBulletinStylevarInheritance : {}; window.vBulletinStylevarInheritance["' . $this->stylevarid . '"] = ' . $this->inherited . '; </script>'; // once we have LSB change this to self:: $this->print_editor_form(); }
/** * Verifies that the provided username is valid, and attempts to correct it if it is not valid * * @param string Username * * @return boolean Returns true if the username is valid, or has been corrected to be valid */ function verify_username(&$username) { // this is duplicated from the user manager // fix extra whitespace and invisible ascii stuff $username = trim(preg_replace('#[ \\r\\n\\t]+#si', ' ', strip_blank_ascii($username, ' '))); $username_raw = $username; $username = vB_String::cleanUserName($username); $username = str_replace(chr(0), '', $username); $username = trim($username); $length = vB_String::vbStrlen($username); if ($length < $this->registry->options['minuserlength']) { // name too short $this->error('usernametooshort', $this->registry->options['minuserlength']); return false; } else { if ($length > $this->registry->options['maxuserlength']) { // name too long $this->error('usernametoolong', $this->registry->options['maxuserlength']); return false; } else { if (preg_match('/(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});/', $username)) { // name contains semicolons $this->error('username_contains_semi_colons'); return false; } else { if ($username != fetch_censored_text($username)) { // name contains censored words $this->error('censorfield'); return false; } else { $result = $this->assertor->assertQuery('verifyUsername', array('userid' => intval($this->existing['userid']), 'username' => vB_String::htmlSpecialCharsUni($username), 'username_raw' => vB_String::htmlSpecialCharsUni($username_raw))); if ($result->valid() and $result->current()) { // name is already in use $this->error('usernametaken', vB_String::htmlSpecialCharsUni($username), vB::getCurrentSession()->get('sessionurl')); return false; } else { if (!empty($this->registry->options['illegalusernames'])) { // check for illegal username $usernames = preg_split('/[ \\r\\n\\t]+/', $this->registry->options['illegalusernames'], -1, PREG_SPLIT_NO_EMPTY); foreach ($usernames as $val) { if (strpos(strtolower($username), strtolower($val)) !== false) { // wierd error to show, but hey... $this->error('usernametaken', vB_String::htmlSpecialCharsUni($username), vB::getCurrentSession()->get('sessionurl')); return false; } } } } } } } } // if we got here, everything is okay $username = vB_String::htmlSpecialCharsUni($username); return true; }
{ case 'edit': window.location = "usertitle.php?<?php echo vB::getCurrentSession()->get('sessionurl_js'); ?> do=edit&usertitleid=" + usertitleid; break; case 'kill': window.location = "usertitle.php?<?php echo vB::getCurrentSession()->get('sessionurl_js'); ?> do=remove&usertitleid=" + usertitleid; break; default: return false; break; } } </script> <?php $options = array('edit' => $vbphrase['edit'], 'kill' => $vbphrase['delete']); print_form_header('usertitle', 'add'); print_table_header($vbphrase['user_title_manager_gcpuser'], 3); print_description_row('<p>' . construct_phrase($vbphrase['it_is_recommended_that_you_update_user_titles'], vB::getCurrentSession()->get('sessionurl')) . '</p>', 0, 3); print_cells_row(array($vbphrase['user_title_guser'], $vbphrase['minimum_posts'], $vbphrase['controls']), 1); foreach ($usertitles as $usertitle) { print_cells_row(array('<b>' . $usertitle['title'] . '</b>', $usertitle['minposts'], "\n\t<select name=\"u{$usertitle['usertitleid']}\" onchange=\"js_usergroup_jump({$usertitle['usertitleid']}, this);\" class=\"bginput\">\n" . construct_select_options($options) . "\t</select>\n\t<input type=\"button\" value=\"" . $vbphrase['go'] . "\" onclick=\"js_usergroup_jump({$usertitle['usertitleid']}, this.form.u{$usertitle['usertitleid']});\" />\n\t")); } print_submit_row($vbphrase['add_new_user_title_gcpuser'], 0, 3); } print_cp_footer(); /*=========================================================================*\ || ####################################################################### || # Downloaded: 15:45, Tue Sep 8th 2015 || # CVS: $RCSfile$ - $Revision: 83432 $ || ####################################################################### \*=========================================================================*/
/** * Determines if the logged-in user can view the infractions for the given user * * @return bool The current user can view the given user's infractions (or not) */ public function canViewUserInfractions($userid) { $userid = (int) $userid; $currentUserId = vB::getCurrentSession()->get('userid'); return $userid == $currentUserId or vB::getUserContext()->hasPermission('genericpermissions', 'canseeinfraction') or vB::getUserContext()->hasPermission('genericpermissions', 'canreverseinfraction') or vB::getUserContext()->hasPermission('genericpermissions', 'cangiveinfraction'); }
function print_channels($permissions, $inheritance = array(), $channels = false, $indent = ' ') { global $vbulletin, $imodcache, $npermscache, $vbphrase; if ($channels === false) { $channels = vB_Api::instanceInternal('search')->getChannels(false, array('include_protected' => true, 'no_perm_check' => true)); } foreach ($channels as $nodeid => $node) { // make a copy of the current permissions set up $perms = $permissions; // make a copy of the inheritance set up $inherit = $inheritance; // echo channel title and links if (!defined('ONLYID') or $nodeid == ONLYID) { echo "{$indent}<ul class=\"lsq\">\n"; echo "{$indent}<li><b><a name=\"node{$nodeid}\" href=\"forum.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit&n={$nodeid}\">{$node['htmltitle']}</a></b>"; if ($node['parentid'] != 0) { echo " <b><span class=\"smallfont\">(" . construct_link_code($vbphrase['reset'], "forumpermission.php?" . vB::getCurrentSession()->get('sessionurl') . "do=quickset&type=reset&n={$nodeid}&hash=" . CP_SESSIONHASH) . construct_link_code($vbphrase['deny_all'], "forumpermission.php?" . vB::getCurrentSession()->get('sessionurl') . "do=quickset&type=deny&n={$nodeid}&hash=" . CP_SESSIONHASH) . ")</span></b>"; } // get moderators if (is_array($imodcache["{$nodeid}"])) { echo "<span class=\"smallfont\"><br /> - <i>" . $vbphrase['moderators'] . ":"; foreach ($imodcache["{$nodeid}"] as $moderator) { // moderator username and links echo " <a href=\"moderator.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit&moderatorid={$moderator['moderatorid']}\">{$moderator['username']}</a>"; } echo "</i></span>"; } echo "{$indent}\t<ul class=\"usergroups\">\n"; } $nplink = ""; foreach ($vbulletin->usergroupcache as $usergroupid => $usergroup) { if ($inherit["{$usergroupid}"] == 'col-c') { $inherit["{$usergroupid}"] = 'col-i'; } // if there is a custom permission for the current usergroup, use it if (isset($npermscache["{$nodeid}"]["{$usergroupid}"]) and $node['parentid'] != 0 and vB_ChannelPermission::compareDefaultChannelPermissions($nodeid, $usergroupid, $npermscache["{$nodeid}"]["{$usergroupid}"])) { $inherit["{$usergroupid}"] = 'col-c'; $perms["{$usergroupid}"] = $npermscache[$nodeid][$usergroupid]['forumpermissions']; $nplink = 'np=' . $npermscache[$nodeid][$usergroupid]['permissionid']; } else { $nplink = "n={$nodeid}&u={$usergroupid}"; } // work out display style $liStyle = ''; if (isset($inherit["{$usergroupid}"])) { $liStyle = " class=\"{$inherit[$usergroupid]}\""; } else { $liStyle = " class=\"col-g\""; } if (!($perms["{$usergroupid}"] & $vbulletin->bf_ugp_forumpermissions['canview'])) { $liStyle .= " style=\"list-style:circle\""; } if (!defined('ONLYID') or $nodeid == ONLYID) { echo "{$indent}\t<li{$liStyle}>" . construct_link_code($vbphrase['edit'], "forumpermission.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit&{$nplink}") . $usergroup['title'] . "</li>\n"; } } if (!defined('ONLYID') or $nodeid == ONLYID) { echo "{$indent}\t</ul><br />\n"; } if (defined('ONLYID') and $nodeid == ONLYID) { echo "{$indent}</li>\n"; echo "{$indent}</ul>\n"; return; } if (!empty($node['channels'])) { print_channels($perms, $inherit, $node['channels'], "{$indent}\t"); } if (!defined('ONLYID') or $nodeid == ONLYID) { echo "{$indent}</li>\n"; } unset($inherit); if (!defined('ONLYID') or $nodeid == ONLYID) { echo "{$indent}</ul>\n"; } if (!defined('ONLYID') and $node['parentid'] == -1) { echo "<hr size=\"1\" />\n"; } } }
/** * Prepares the appropriate url for a group icon. * The url is based on whether fileavatars are in use, and whether a thumb is required. * * @param array mixed $groupinfo - GroupInfo array of the group to fetch the icon for * @param boolean $thumb - Whether to return a thumb url * @param boolean $path - Whether to fetch the path or the url * @param boolean $force_file - Always get the file path as if it existed */ function fetch_socialgroupicon_url($groupinfo, $thumb = false, $path = false, $force_file = false) { global $vbulletin; $iconurl = false; if ($vbulletin->options['sg_enablesocialgroupicons']) { if (!$groupinfo['icondateline']) { return vB_Template_Runtime::fetchStyleVar('unknownsgicon'); } if ($vbulletin->options['usefilegroupicon'] or $force_file) { $iconurl = ($path ? $vbulletin->options['groupiconpath'] : $vbulletin->options['groupiconurl']) . ($thumb ? '/thumbs' : '') . '/socialgroupicon' . '_' . $groupinfo['groupid'] . '_' . $groupinfo['icondateline'] . '.gif'; } else { $iconurl = 'image.php?' . vB::getCurrentSession()->get('sessionurl') . 'groupid=' . $groupinfo['groupid'] . '&dateline=' . $groupinfo['icondateline'] . ($thumb ? '&type=groupthumb' : ''); } } return $iconurl; }
foreach ($crons as $cron) { $options = array('edit' => $vbphrase['edit'], 'switchactive' => $cron['effective_active'] ? $vbphrase['disable'] : $vbphrase['enable']); if (!$cron['volatile'] or $vb5_config['Misc']['debug']) { $options['kill'] = $vbphrase['delete']; } $item_title = htmlspecialchars_uni($vbphrase['task_' . $cron['varname'] . '_title']); if (isset($vbphrase['task_' . $cron['varname'] . '_title'])) { $item_title = htmlspecialchars_uni($vbphrase['task_' . $cron['varname'] . '_title']); } else { $item_title = $cron['varname']; } if (!$cron['effective_active']) { $item_title = "<strike>{$item_title}</strike>"; } $item_desc = htmlspecialchars_uni($vbphrase['task_' . $cron['varname'] . '_desc']); $timerule = fetch_cron_timerule($cron); // this will happen in the future which the yestoday setting doesn't handle when its in the detailed mode $future = ($cron['nextrun'] > TIMENOW and $vbulletin->options['yestoday'] == 2); $cell = array("<input type=\"checkbox\" name=\"enabled[{$cron['varname']}]\" value=\"1\" title=\"{$vbphrase['enabled']}\" id=\"cb_enabled_{$cron['varname']}\" tabindex=\"1\"" . ($cron['active'] ? ' checked="checked"' : '') . " />", $timerule['minute'], $timerule['hour'], $timerule['day'], $timerule['month'], $timerule['weekday'], "<label for=\"cb_enabled_{$cron['varname']}\"><strong>{$item_title}</strong><br /><span class=\"smallfont\">{$item_desc}</span></label>", '<div style="white-space:nowrap">' . ($cron['effective_active'] ? vbdate($vbulletin->options['dateformat'], $cron['nextrun'], true and !$future) . (($vbulletin->options['yestoday'] != 2 or $future) ? '<br />' . vbdate($vbulletin->options['timeformat'], $cron['nextrun']) : '') : $vbphrase['n_a']) . '</div>', "\n\t<select name=\"c{$cron['cronid']}\" onchange=\"js_cron_jump({$cron['cronid']});\" class=\"bginput\">\n" . construct_select_options($options) . "\t</select><input type=\"button\" class=\"button\" value=\"{$vbphrase['go']}\" onclick=\"js_cron_jump({$cron['cronid']});\" />\n\t" . "\n\t<input type=\"button\" class=\"button\" value=\"{$vbphrase['run_now']}\" onclick=\"js_run_cron({$cron['cronid']});\" />"); print_cells_row($cell, 0, '', -6); } print_description_row("<div class=\"smallfont\" align=\"center\">{$vbphrase['all_times_are_gmt_x_time_now_is_y']}</div>", 0, 9, 'thead'); print_submit_row($vbphrase['save_enabled_status'], 0, 9, '', "<input type=\"button\" class=\"button\" value=\"{$vbphrase['add_new_scheduled_task_gcron']}\" tabindex=\"1\" onclick=\"window.location='cronadmin.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit'\" />"); } print_cp_footer(); /*=========================================================================*\ || ####################################################################### || # Downloaded: 15:45, Tue Sep 8th 2015 || # CVS: $RCSfile$ - $Revision: 83432 $ || ####################################################################### \*=========================================================================*/
/** * Returns the CSS path needed for the {vb:cssfile} template tag * * @return string CSS path */ public function fetch_css_path() { global $vbulletin, $style, $foruminfo; if ($vbulletin->options['storecssasfile']) { $vbcsspath = vB_Api::instanceInternal('style')->fetchCssLocation() . '/style' . str_pad($style['styleid'], 5, '0', STR_PAD_LEFT) . $vbulletin->stylevars['textdirection']['string'][0] . '/'; } else { // Forum ID added when in forums with style overrides and the "Allow Users To Change Styles" // option is off, otherwise the requested styleid will be denied. Not added across the board // to ensure the highest cache hit rate possible. Not needed when CSS is stored as files. // See bug: VBIV-5647 if (!empty($foruminfo)) { $forumid = intval($foruminfo['forumid']); $forum_styleid = intval($foruminfo['styleid']); if (!$vbulletin->options['allowchangestyles'] and $forumid > 0 and $forum_styleid > 0) { $add_forumid = '&forumid=' . $forumid; } } else { $add_forumid = ''; } if (defined('LANGUAGEID')) { $languageId = LANGUAGEID; } else { $languageId = vB::getCurrentSession()->get('languageid'); if (empty($currentlanguageid)) { $currentlanguageid = vB::getDatastore()->getOption('languageid'); } } // textdirection var added to prevent cache if admin modified language text_direction. See bug #32640 $vbcsspath = 'css.php?styleid=' . $style['styleid'] . $add_forumid . '&langid=' . $languageId . '&d=' . $style['dateline'] . '&td=' . $vbulletin->stylevars['textdirection']['string'] . '&sheet='; } return $vbcsspath; }
$refperiod = construct_phrase($vbphrase['x_to_y'], $datestart, $dateend); } else { $refperiod = $vbphrase['all_time']; } try { $userInfo = vB_Api::instanceInternal('user')->fetchUserInfo($vbulletin->GPC['referrerid']); } catch (vB_Exception_Api $ex) { print_stop_message2($ex->getMessage()); } $users = $assertor->getRows('userReferrals', array('referrerid' => $vbulletin->GPC['referrerid'], 'startdate' => $vbulletin->GPC['startdate'], 'enddate' => $vbulletin->GPC['enddate'])); print_form_header('', ''); print_table_header(construct_phrase($vbphrase['referrals_for_x'], $userInfo['username']) . ' - ' . $refperiod, 5); print_cells_row(array($vbphrase['username'], $vbphrase['post_count'], $vbphrase['email'], $vbphrase['join_date'], $vbphrase['last_visit_guser']), 1); foreach ($users as $user) { $cell = array(); $cell[] = "<a href=\"user.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit&u={$user['userid']}\">{$user['username']}</a>"; $cell[] = vb_number_format($user['posts']); $cell[] = "<a href=\"mailto:{$user['email']}\">{$user['email']}</a>"; $cell[] = '<span class="smallfont">' . vbdate($vbulletin->options['dateformat'] . ', ' . $vbulletin->options['timeformat'], $user['joindate']) . '</span>'; $cell[] = '<span class="smallfont">' . vbdate($vbulletin->options['dateformat'] . ', ' . $vbulletin->options['timeformat'], $user['lastvisit']) . '</span>'; print_cells_row($cell); } print_table_footer(); } // ######################################################################## if ($_REQUEST['do'] == 'usercss' or $_POST['do'] == 'updateusercss') { $vbulletin->input->clean_array_gpc('r', array('userid' => vB_Cleaner::TYPE_UINT)); $userinfo = fetch_userinfo($vbulletin->GPC['userid']); if (!$userinfo) { print_stop_message2('invalid_user_specified'); }