/**
* Generates a valid path and filename for a temp file. In the case
* of safe upload, this generates the filename, but not the file. In
* the case of tempnam(), the temp file is actually created.
*
* @param string|int Optional extra "entropy" for the md5 call, this would typically be an ID such as userid or avatarid, etc *for the current record* of whatever is being processed. If empty, it uses the *current user's* userid.
* @param string An optional prefix for the file name. Depending on OS and if tempnam is used, only the first 3 chars of this will be used.
* @param string An optional suffix for the file name, can be used to add a file extension if needed.
*
* @return string|false The path and filename of the temp file, or bool false if it failed.
*/
public static function getTmpFileName($entropy = '', $prefix = 'vb_', $suffix = '')
{
$options = vB::getDatastore()->getValue('options');
if ($options['safeupload']) {
if (empty($entropy)) {
$entropy = vB::getCurrentSession()->get('userid');
}
//it *usually* doesn't matter if we use the slash instead of the local OS seperator, but
//if we pass the value to exec things can't go a bit wierd.
$filename = $options['tmppath'] . DIRECTORY_SEPARATOR . $prefix . md5(uniqid(microtime()) . $entropy) . $suffix;
} else {
if (vB::getUserContext()->hasPermission('adminpermissions', 'cancontrolpanel')) {
$filename = tempnam(self::getTmpDir(), $prefix);
} else {
$filename = @tempnam(self::getTmpDir(), $prefix);
}
if ($filename and $suffix) {
// tempnam doesn't support specifying a suffix
unlink($filename);
$filename = $filename . $suffix;
touch($filename);
}
}
return $filename;
}
/**
* Create a blog channel.
*
* @param array $input
* @param int $channelid
* @param int $channelConvTemplateid
* @param int $channelPgTemplateId
* @param int $ownerSystemGroupId
*
* @return int The nodeid of the new blog channel
*/
public function createChannel($input, $channelid, $channelConvTemplateid, $channelPgTemplateId, $ownerSystemGroupId)
{
$input['parentid'] = $channelid;
$input['inlist'] = 1;
// we don't want it to be shown in channel list, but we want to move them
$input['protected'] = 0;
if (empty($input['userid'])) {
$input['userid'] = vB::getCurrentSession()->get('userid');
}
if (!isset($input['publishdate'])) {
$input['publishdate'] = vB::getRequest()->getTimeNow();
}
$input['templates']['vB5_Route_Channel'] = $channelPgTemplateId;
$input['templates']['vB5_Route_Conversation'] = $channelConvTemplateid;
// add channel node
$channelLib = vB_Library::instance('content_channel');
$input['page_parentid'] = 0;
$result = $channelLib->add($input, array('skipFloodCheck' => true, 'skipDupCheck' => true));
//Make the current user the channel owner.
$userApi = vB_Api::instanceInternal('user');
$usergroup = vB::getDbAssertor()->getRow('usergroup', array('systemgroupid' => $ownerSystemGroupId));
if (empty($usergroup) or !empty($usergroup['errors'])) {
//This should never happen. It would mean an invalid parameter was passed
throw new vB_Exception_Api('invalid_request');
}
vB_User::setGroupInTopic($input['userid'], $result['nodeid'], $usergroup['usergroupid']);
vB_Cache::allCacheEvent(array('nodeChg_' . $this->blogChannel, "nodeChg_{$channelid}"));
vB::getUserContext()->rebuildGroupAccess();
vB_Channel::rebuildChannelTypes();
// clear follow cache
vB_Api::instanceInternal('follow')->clearFollowCache(array($input['userid']));
return $result['nodeid'];
}
/**
* Create an article category channel. This function works basically like the blog library's version
*
* @param array $input data array, should have standard channel data like title, parentid,
* @param int $channelid parentid that the new channel should fall under.
* @param int $channelConvTemplateid "Conversation" level pagetemplate to use. Typically vB_Page::getArticleConversPageTemplate()
* @param int $channelPgTemplateId "Channel" level pagetemplate to use. Typically vB_Page::getArticleChannelPageTemplate()
* @param int $ownerSystemGroupId
*
* @return int The nodeid of the new blog channel
*/
public function createChannel($input, $channelid, $channelConvTemplateid, $channelPgTemplateId, $ownerSystemGroupId)
{
if (!isset($input['parentid']) or intval($input['parentid']) < 1) {
$input['parentid'] = $channelid;
}
$input['inlist'] = 1;
// we don't want it to be shown in channel list, but we want to move them
$input['protected'] = 0;
if (empty($input['userid'])) {
$input['userid'] = vB::getCurrentSession()->get('userid');
}
if (!isset($input['publishdate'])) {
$input['publishdate'] = vB::getRequest()->getTimeNow();
}
$input['templates']['vB5_Route_Channel'] = $channelPgTemplateId;
$input['templates']['vB5_Route_Article'] = $channelConvTemplateid;
$input['childroute'] = 'vB5_Route_Article';
// add channel node
$channelLib = vB_Library::instance('content_channel');
$input['page_parentid'] = 0;
$result = $channelLib->add($input, array('skipNotifications' => true, 'skipFloodCheck' => true, 'skipDupCheck' => true));
//Make the current user the channel owner.
$userApi = vB_Api::instanceInternal('user');
$usergroup = vB::getDbAssertor()->getRow('usergroup', array('systemgroupid' => $ownerSystemGroupId));
vB_Cache::allCacheEvent(array('nodeChg_' . $this->articleHomeChannel, "nodeChg_{$channelid}"));
vB::getUserContext()->rebuildGroupAccess();
vB_Channel::rebuildChannelTypes();
// clear follow cache
vB_Api::instanceInternal('follow')->clearFollowCache(array($input['userid']));
return $result['nodeid'];
}
public function get_admin_detail_chat()
{
global $vbulletin;
// Get the settings options and the user's info
$options = vB::getDatastore()->getValue('options');
$userinfo = vB::getCurrentSession()->fetch_userinfo();
// Api Key and Secret
$api = $options['chat_cat_messenger_api'];
$secret = $options['chat_cat_messenger_secret'];
$login_url = $options['chat_cat_messenger_login_url'];
$register_url = $options['chat_cat_messenger_register_url'];
$primary_domain = $options['chat_cat_messenger_primary_url'];
// echo $primary_domain;
// die();
// User info
$uname = $userinfo['username'];
$uid = $userinfo['userid'];
$desc = $userinfo['field1'];
$src = '';
$home = $options['bburl'] . '/member/' . $uid;
//echo $home;die;
$location = $userinfo['field2'];
$bod = $userinfo['birthday'];
if (!empty($bod)) {
$year = explode("-", $bod);
$bod = $year['2'];
}
$profilepic = $vbulletin->db->query_first("\n\t\t\tSELECT userid, dateline, height, width\n\t\t\tFROM " . TABLE_PREFIX . "customavatar\n\t\t\tWHERE userid = " . $uid);
if ($profilepic['dateline']) {
$img = $options['bburl'] . '/image.php?userid=' . $uid . '&thumb=1&dateline=' . $profilepic[dateline] . '&type=avtar';
} else {
$img = null;
}
$src = urlencode($img);
$home = urlencode($home);
//$src = urldecode($img);
$chatdata = array();
$chatdata['sinonurl'] = '';
if (isset($api) && $api != '') {
$chatdata['sinonurl'] = '/ajaxchat.php?uid=' . $uid . '&api=' . $api . '&secret=' . $secret . '&uname=' . $uname . '&desc=' . $desc . '&src=' . $src . '&home=' . $home . '&birthday=' . $bod . '&location=' . $location;
}
$chatdata['primaryurl'] = $primary_domain;
if ($login_url != '') {
$chatdata['loginurl'] = $login_url;
if (!preg_match("@^[hf]tt?ps?://@", $chatdata['loginurl'])) {
$chatdata['loginurl'] = "http://" . $chatdata['loginurl'];
}
} else {
$chatdata['loginurl'] = '';
}
if ($register_url != '') {
$chatdata['registerurl'] = $register_url;
if (!preg_match("@^[hf]tt?ps?://@", $chatdata['registerurl'])) {
$chatdata['registerurl'] = "http://" . $chatdata['registerurl'];
}
} else {
$chatdata['registerurl'] = $options['frontendurl'] . '/register';
}
return $chatdata;
}
function construct_user_ip_table($userid, $previpaddress, $depth = 2)
{
global $vbulletin, $vbphrase;
if (VB_AREA == 'AdminCP') {
$userscript = 'usertools.php';
} else {
$userscript = 'user.php';
}
$depth--;
$ips = vB_Api::instanceInternal('user')->searchIP($userid, $depth);
$retdata = '';
// @TODO user api currently returns only 1 IP per user.
$result = array('ipaddress' => $ips['regip']);
foreach ($result as $ip) {
$retdata .= '<li>' . "<a href=\"{$userscript}?" . vB::getCurrentSession()->get('sessionurl') . "do=gethost&ip={$ip['ipaddress']}\" title=\"" . $vbphrase['resolve_address'] . "\">{$ip['ipaddress']}</a> " . construct_link_code($vbphrase['find_more_users_with_this_ip_address'], "{$userscript}?" . vB::getCurrentSession()->get('sessionurl') . "do=doips&ipaddress={$ip['ipaddress']}&hash=" . CP_SESSIONHASH) . "</li>\n";
if ($depth > 0) {
$retdata .= construct_ip_usage_table($ip['ipaddress'], $userid, $depth);
}
}
if (empty($retdata)) {
return '';
} else {
return '<ul>' . $retdata . '</ul>';
}
}
protected function checkRoutePermissions()
{
$currentUser = vB::getUserContext();
if (!$currentUser->hasPermission('genericpermissions', 'canviewmembers') and $this->arguments['userid'] != vB::getCurrentSession()->get('userid')) {
throw new vB_Exception_NodePermission('profile');
}
}
public function __construct(&$routeInfo, &$matches, &$queryString = '')
{
if (isset($matches['params']) and !empty($matches['params'])) {
$paramString = strpos($matches['params'], '/') === 0 ? substr($matches['params'], 1) : $matches['params'];
$params = explode('/', $paramString);
if (count($params) >= 2) {
$this->pagenum = $params[1];
$this->folderid = $params[0];
} else {
if (!empty($params)) {
$this->pagenum = $params[1];
}
}
}
if (!empty($matches['pagenum']) and intval($matches['pagenum'])) {
$this->pagenum = $matches['pagenum'];
}
if (!empty($matches['folderid']) and intval($matches['folderid'])) {
$this->folderid = $matches['folderid'];
}
$routeInfo['arguments']['subtemplate'] = $this->subtemplate;
$userid = vB::getCurrentSession()->get('userid');
$pmquota = vB::getUserContext($userid)->getLimit('pmquota');
$vboptions = vB::getDatastore($userid)->getValue('options');
$canUsePmSystem = ($vboptions['enablepms'] and $pmquota);
if (!$canUsePmSystem and !$this->overrideDisable) {
throw new vB_Exception_NodePermission('privatemessage');
}
}
/**
* Fetches the online states for the user, taking into account the browsing
* user's viewing permissions. Also modifies the user to include [buddymark]
* and [invisiblemark]
*
* @param array Array of userinfo to fetch online status for
* @param boolean True if you want to set $user[onlinestatus] with template results
*
* @return integer 0 = offline, 1 = online, 2 = online but invisible (if permissions allow)
*/
function fetch_online_status(&$user)
{
static $buddylist, $datecut;
$session = vB::getCurrentSession();
if (empty($session)) {
$currentUserId = 0;
} else {
$currentUserId = vB::getCurrentSession()->get('userid');
}
// get variables used by this function
if (!isset($buddylist) and !empty($currentUserId)) {
$buddylist = array();
//If we are asking for the current user's status we can skip the fetch
if ($currentUserId == $user['userid']) {
$currentUser =& $user;
} else {
$currentUser = vB_Api::instanceInternal('user')->fetchCurrentUserInfo();
}
if (isset($currentUser['buddylist']) and $currentUser['buddylist'] = trim($currentUser['buddylist'])) {
$buddylist = preg_split('/\\s+/', $currentUser['buddylist'], -1, PREG_SPLIT_NO_EMPTY);
}
}
if (!isset($datecut)) {
$datecut = vB::getRequest()->getTimeNow() - vB::getDatastore()->getOption('cookietimeout');
}
// is the user on bbuser's buddylist?
if (isset($buddylist) and is_array($buddylist) and in_array($user['userid'], $buddylist)) {
$user['buddymark'] = '+';
} else {
$user['buddymark'] = '';
}
// set the invisible mark to nothing by default
$user['invisiblemark'] = '';
$onlinestatus = 0;
$user['online'] = 'offline';
// now decide if we can see the user or not
if ($user['lastactivity'] > $datecut and $user['lastvisit'] != $user['lastactivity']) {
$bf_misc_useroptions = vB::getDatastore()->getValue('bf_misc_useroptions');
if ($user['options'] & $bf_misc_useroptions['invisible']) {
if (!isset($userContext)) {
$userContext = vB::getUserContext();
}
if ($currentUserId == $user['userid'] or $userContext and $userContext->hasPermission('genericpermissions', 'canseehidden')) {
// user is online and invisible BUT bbuser can see them
$user['invisiblemark'] = '*';
$user['online'] = 'invisible';
$onlinestatus = 2;
}
} else {
// user is online and visible
$onlinestatus = 1;
$user['online'] = 'online';
}
}
return $onlinestatus;
}
public function __construct(&$routeInfo, &$matches, &$queryString = '')
{
$userid = vB::getCurrentSession()->get('userid');
$pmquota = vB::getUserContext($userid)->getLimit('pmquota');
$vboptions = vB::getDatastore($userid)->getValue('options');
$canUsePmSystem = ($vboptions['enablepms'] and $pmquota);
if (!$canUsePmSystem) {
throw new vB_Exception_NodePermission('privatemessage');
}
parent::__construct($routeInfo, $matches, $queryString);
}
function fetch_faq_parents($faqname)
{
global $ifaqcache, $faqcache, $parents, $vbulletin;
static $i = 0;
$faq = $faqcache["{$faqname}"];
if (is_array($ifaqcache["{$faq['faqparent']}"])) {
$key = iif($i++, 'faq.php?' . vB::getCurrentSession()->get('sessionurl') . "faq={$faq['faqname']}");
$parents["{$key}"] = $faq['title'];
fetch_faq_parents($faq['faqparent']);
}
}
/**
* Shows the form for inline mod authentication.
*/
function show_inline_mod_login($showerror = false)
{
global $vbulletin, $vbphrase, $show;
$show['inlinemod_form'] = true;
$show['passworderror'] = $showerror;
if (!$showerror) {
$vbulletin->url = SCRIPTPATH;
}
$forumHome = vB_Library::instance('content_channel')->getForumHomeChannel();
eval(standard_error(fetch_error('nopermission_loggedin', $vbulletin->userinfo['username'], vB_Template_Runtime::fetchStyleVar('right'), vB::getCurrentSession()->get('sessionurl'), $vbulletin->userinfo['securitytoken'], vB5_Route::buildUrl($forumHome['routeid'] . 'home|fullurl'))));
}
protected function getNewRouteInfo()
{
if ($session = vB::getCurrentSession()) {
$userid = $session->get('userid');
}
if (empty($userid)) {
throw new vB_Exception_404('invalid_page');
}
$this->arguments['userid'] = $userid;
$this->arguments['tab'] = 'subscriptions';
return 'subscription';
}
public static function init($configFile)
{
parent::init($configFile);
self::$instance = new vB5_Frontend_Application();
self::$instance->router = new vB5_Frontend_Routing();
self::$instance->router->setRoutes();
$styleid = vB5_Template_Stylevar::instance()->getPreferredStyleId();
if ($styleid) {
vB::getCurrentSession()->set('styleid', $styleid);
}
self::ajaxCharsetConvert();
self::setHeaders();
return self::$instance;
}
/**
* Create a taggable content item.
*
* @param int id for the content item to be tagged. Can be 0 if it is used only for validating tags
* @param array content info -- database record for item to be tagged, values vary by
* specific content item. For performance reasons this can be included, otherwise the
* data will be fetched if needed from the provided id.
*/
public function __construct($nodeid = 0, $contentinfo = false)
{
$this->nodeid = $nodeid;
$this->assertor = vB::getDbAssertor();
$this->currentUserId = vB::getCurrentSession()->get('userid');
// If this is node related fetch the required info
if ($this->nodeid) {
$this->owner = $this->getNodeOwner($this->nodeid);
if ($contentinfo) {
$this->contentinfo = $contentinfo;
} else {
$this->loadContentInfo();
}
}
}
/**
* Fetches the IDs of the dismissed notices so we do not display them for the user.
*
*/
function fetch_dismissed_notices()
{
static $dismissed_notices = null;
if ($dismissed_notices === null) {
$userinfo = vB::getCurrentSession()->fetch_userinfo();
$dismissed_notices = array();
if (!$userinfo['userid']) {
return $dismissed_notices;
}
$noticeids = vB::getDbAssertor()->assertQuery('vBForum:fetchdismissednotices', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED, 'userid' => $userinfo['userid']));
foreach ($noticeids as $noticeid) {
$dismissed_notices[] = $noticeid['noticeid'];
}
}
return $dismissed_notices;
}
public function replacePlaceholders(&$content)
{
$this->fetchPhrases();
$placeholders = array();
end($this->stack);
while (!is_null($placeholder_id = key($this->stack))) {
$phraseName = current($this->stack);
$phraseInfo = $this->pending[$phraseName][$placeholder_id];
$phraseInfo[0] = isset($this->cache[$phraseName]) ? $this->cache[$phraseName] : $phraseInfo[0];
// do parameter replacements in phrases for notices, since we don't want
// the extra overhead of pulling these phrases in the api method
if (strpos($phraseName, 'notice_') === 0 and preg_match('/^notice_[0-9]+_html$/', $phraseName)) {
$phraseInfo[0] = str_replace(array('{musername}', '{username}', '{userid}', '{sessionurl}', '{sessionurl_q}', '{register_page}', '{help_page}'), array(vB5_User::get('musername'), vB5_User::get('username'), vB5_User::get('userid'), vB::getCurrentSession()->get('sessionurl'), vB::getCurrentSession()->get('sessionurl_q'), vB5_Template_Runtime::buildUrl('register'), vB5_Template_Runtime::buildUrl('help')), $phraseInfo[0]);
}
$replace = $this->constructPhraseFromArray($phraseInfo);
$placeholders[$placeholder_id] = $replace;
//$content = str_replace($placeholder_id, $replace, $content);
prev($this->stack);
}
// If we passed any phrases as parameters to other phrases, we will
// still have those placeholders in the "replace" content, for example:
// {vb:phrase have_x_posts_in_topic_last_y, {vb:var topic.dot_postcount}, {vb:date {vb:var topic.dot_lastpostdate}}}
// since the date call can return phrases (today, yesterday, etc.).
// This only goes one level deep (e.g., it's not recursive), since that's
// all we need at this time.
// This searches the replace text to see if there are any placeholders
// left in them, and if so, replaces those placeholders with the phrase text.
foreach ($placeholders as $k => $replace) {
if (strpos($replace, '<!-- ##phrase_') !== false or strpos($replace, '<!-- ##phrase_') !== false) {
if (preg_match_all('/(?:<|<)!-- ##phrase_([a-z0-9_]+)_[0-9]+## --(?:>|>)/siU', $replace, $matches, PREG_SET_ORDER)) {
foreach ($matches as $match) {
$placeholder_id = $match[0];
$phrase_varname = $match[1];
$placeholder_id_lookup = str_replace(array('<', '>'), array('<', '>'), $placeholder_id);
$phraseInfo = $this->pending[$phrase_varname][$placeholder_id_lookup];
$phraseInfo[0] = isset($this->cache[$phrase_varname]) ? $this->cache[$phrase_varname] : $phraseInfo[0];
$phraseText = $this->constructPhraseFromArray($phraseInfo);
$placeholders[$k] = str_replace($placeholder_id, $phraseText, $placeholders[$k]);
}
}
}
}
if (!empty($placeholders)) {
$content = str_replace(array_keys($placeholders), $placeholders, $content);
}
}
/**
* Add photo record
*
* @param mixed Array of field => value pairs which define the record.
* @param array Array of options for the content being created
* Understands skipTransaction, skipFloodCheck, floodchecktime.
*
* @return mixed array with nodeid (int), success (bool), cacheEvents (array of strings), nodeVals (array of field => value).
*/
public function add($data, array $options = array())
{
//Store this so we know whether we should call afterAdd()
$skipTransaction = !empty($options['skipTransaction']);
$options += array('skipDupCheck' => true);
if (empty($data['filedataid'])) {
throw new vB_Exception_Api('incomplete_data');
}
if (empty($data['userid'])) {
$user = vB::getCurrentSession()->fetch_userinfo();
$data['authorname'] = $user['username'];
$userid = $data['userid'] = $user['userid'];
} else {
$userid = $data['userid'];
if (empty($data['authorname'])) {
$user = vB_Api::instanceInternal('user')->fetchUserName($userid);
$data['authorname'] = $user;
}
}
try {
if (!$skipTransaction) {
$this->assertor->beginTransaction();
}
$options['skipTransaction'] = true;
/** Validate Filedata */
$newNode = parent::add($data, $options);
/** Update filedata refcount */
$fileData = $this->assertor->getRow('vBForum:filedata', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'filedataid' => $data["filedataid"]));
$refCount = $fileData["refcount"] + 1;
$photodata = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, vB_dB_Query::CONDITIONS_KEY => array('filedataid' => $data['filedataid']), 'refcount' => $refCount);
$this->assertor->assertQuery('vBForum:filedata', $photodata);
if (!$skipTransaction) {
$this->assertor->commitTransaction();
}
} catch (exception $e) {
if (!$skipTransaction) {
$this->assertor->rollbackTransaction();
}
throw $e;
}
if (!$skipTransaction) {
//The child classes that have their own transactions all set this to true so afterAdd is always called just once.
$this->afterAdd($newNode['nodeid'], $data, $options, $newNode['cacheEvents'], $newNode['nodeVals']);
}
return $newNode;
}
public function shutdown()
{
if ($this->called) {
return;
// Already called once.
}
$session = vB::getCurrentSession();
if (is_object($session)) {
$session->save();
}
if (sizeof($this->callbacks)) {
foreach ($this->callbacks as $callback) {
call_user_func($callback);
}
unset($this->callbacks);
}
$this->setCalled();
}
public function __construct($routeInfo, $matches, $queryString = '', $anchor = '')
{
if (empty($matches['tab'])) {
$matches['tab'] = 'profile';
}
parent::__construct($routeInfo, $matches, $queryString, $anchor);
if (empty($this->arguments['userid'])) {
$userInfo = vB::getCurrentSession()->fetch_userinfo();
$this->arguments['userid'] = $userInfo['userid'];
$this->arguments['username'] = $userInfo['username'];
} else {
if (empty($this->arguments['username'])) {
$userInfo = vB_User::fetchUserinfo($this->arguments['userid']);
$this->arguments['username'] = $userInfo['username'];
}
}
$this->breadcrumbs = array(0 => array('title' => $this->arguments['username'], 'url' => vB5_Route::buildUrl('profile', array('userid' => $this->arguments['userid'], 'username' => vB_String::getUrlIdent($this->arguments['username'])))), 1 => array('phrase' => 'user_settings', 'url' => ''));
}
public function __construct(&$routeInfo, &$matches, &$queryString = '')
{
$cleaner = vB::getCleaner();
if (isset($matches['params']) and !empty($matches['params'])) {
$paramString = strpos($matches['params'], '/') === 0 ? substr($matches['params'], 1) : $matches['params'];
list($this->userid) = explode('/', $paramString);
} else {
if (isset($matches['userid'])) {
$this->userid = $matches['userid'];
}
}
$this->userid = $cleaner->clean($this->userid, vB_Cleaner::TYPE_INT);
$routeInfo['arguments']['subtemplate'] = $this->subtemplate;
$userid = vB::getCurrentSession()->get('userid');
$pmquota = vB::getUserContext($userid)->getLimit('pmquota');
$vboptions = vB::getDatastore($userid)->getValue('options');
$canUsePmSystem = ($vboptions['enablepms'] and $pmquota);
if (!$canUsePmSystem) {
throw new vB_Exception_NodePermission('privatemessage');
}
}
/**
* Returns an array of bbcode parsing information. {@see vB_Api_Bbcode::fetchTagList}
*
* @see vB_Api_Bbcode::fetchTagList
* @see vB_Api_Bbcode::fetchCustomTags()
* @return array Bbcode parsing information. Format:
* <pre>array(
* defaultTags => array {@see vB_Api_Bbcode::fetchTagList}
* customTags => array @see vB_Api_Bbcode::fetchCustomTags
* defaultOptions => array {@see vB_Api_Bbcode::fetchBbcodeOptions()}
* )</pre>
*/
public function initInfo()
{
$response['defaultTags'] = $this->fetchTagList();
$response['customTags'] = $this->fetchCustomTags();
$response['defaultOptions'] = $this->fetchBbcodeOptions();
$response['censorship'] = $this->fetchCensorshipInfo();
$response['smilies'] = $this->fetchSmilies();
$response['sessionUrl'] = vB::getCurrentSession()->get('sessionurl');
$response['vBHttpHost'] = vB::getRequest()->getVbHttpHost();
$options = vB::getDatastore()->get_value('options');
$response['blankAsciiStrip'] = $options['blankasciistrip'];
$response['wordWrap'] = $options['wordwrap'];
$response['codeMaxLines'] = $options['codemaxlines'];
$response['bbUrl'] = $options['bburl'];
$response['viewAttachedImages'] = $options['viewattachedimages'];
$response['urlNoFollow'] = $options['url_nofollow'];
$response['urlNoFollowWhiteList'] = $options['url_nofollow_whitelist'];
$response['useFileAvatar'] = $options['usefileavatar'];
$response['sigpicUrl'] = $options['sigpicurl'];
return $response;
}
public function print_editor()
{
global $vbulletin, $vbphrase;
$vb5_config =& vB::getConfig();
$header = $vbphrase["stylevar_{$this->stylevarid}_name"] ? $vbphrase["stylevar_{$this->stylevarid}_name"] : $this->stylevarid;
$addbit = false;
if ($vbulletin->GPC['dostyleid'] == -1) {
$header .= ' - <span class="smallfont">' . construct_link_code($vbphrase['edit'], "stylevar.php?" . vB::getCurrentSession()->get('sessionurl') . "do=dfnedit&stylevarid=" . $this->stylevarid);
$addbit = true;
}
if ($this->inherited == -1) {
if (!$addbit) {
$header .= ' - <span class="smallfont">';
$addbit = true;
} else {
$header .= ' - ';
}
$header .= construct_link_code($vbphrase['revert_gcpglobal'], "stylevar.php?" . vB::getCurrentSession()->get('sessionurl') . "do=confirmrevert&dostyleid=" . $vbulletin->GPC['dostyleid'] . "&stylevarid=" . $this->stylevarid . "&rootstyle=-1");
}
if ($addbit) {
$header .= '</span>';
}
print_table_header($header);
if ($vbphrase["stylevar_{$this->stylevarid}_description"]) {
print_description_row($vbphrase["stylevar_{$this->stylevarid}_description"], false, 2);
}
if ($vb5_config['Misc']['debug']) {
print_label_row($vbphrase['stylevarid'], $this->stylevarid);
}
// output this stylevar's inheritance level (inherited or customized)
// so that we can update the stylevar list and show inherited status
// immediately
echo '<script type="text/javascript">
window.vBulletinStylevarInheritance = window.vBulletinStylevarInheritance ? window.vBulletinStylevarInheritance : {};
window.vBulletinStylevarInheritance["' . $this->stylevarid . '"] = ' . $this->inherited . ';
</script>';
// once we have LSB change this to self::
$this->print_editor_form();
}
/**
* Verifies that the provided username is valid, and attempts to correct it if it is not valid
*
* @param string Username
*
* @return boolean Returns true if the username is valid, or has been corrected to be valid
*/
function verify_username(&$username)
{
// this is duplicated from the user manager
// fix extra whitespace and invisible ascii stuff
$username = trim(preg_replace('#[ \\r\\n\\t]+#si', ' ', strip_blank_ascii($username, ' ')));
$username_raw = $username;
$username = vB_String::cleanUserName($username);
$username = str_replace(chr(0), '', $username);
$username = trim($username);
$length = vB_String::vbStrlen($username);
if ($length < $this->registry->options['minuserlength']) {
// name too short
$this->error('usernametooshort', $this->registry->options['minuserlength']);
return false;
} else {
if ($length > $this->registry->options['maxuserlength']) {
// name too long
$this->error('usernametoolong', $this->registry->options['maxuserlength']);
return false;
} else {
if (preg_match('/(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});/', $username)) {
// name contains semicolons
$this->error('username_contains_semi_colons');
return false;
} else {
if ($username != fetch_censored_text($username)) {
// name contains censored words
$this->error('censorfield');
return false;
} else {
$result = $this->assertor->assertQuery('verifyUsername', array('userid' => intval($this->existing['userid']), 'username' => vB_String::htmlSpecialCharsUni($username), 'username_raw' => vB_String::htmlSpecialCharsUni($username_raw)));
if ($result->valid() and $result->current()) {
// name is already in use
$this->error('usernametaken', vB_String::htmlSpecialCharsUni($username), vB::getCurrentSession()->get('sessionurl'));
return false;
} else {
if (!empty($this->registry->options['illegalusernames'])) {
// check for illegal username
$usernames = preg_split('/[ \\r\\n\\t]+/', $this->registry->options['illegalusernames'], -1, PREG_SPLIT_NO_EMPTY);
foreach ($usernames as $val) {
if (strpos(strtolower($username), strtolower($val)) !== false) {
// wierd error to show, but hey...
$this->error('usernametaken', vB_String::htmlSpecialCharsUni($username), vB::getCurrentSession()->get('sessionurl'));
return false;
}
}
}
}
}
}
}
}
// if we got here, everything is okay
$username = vB_String::htmlSpecialCharsUni($username);
return true;
}
{
case 'edit': window.location = "usertitle.php?<?php
echo vB::getCurrentSession()->get('sessionurl_js');
?>
do=edit&usertitleid=" + usertitleid; break;
case 'kill': window.location = "usertitle.php?<?php
echo vB::getCurrentSession()->get('sessionurl_js');
?>
do=remove&usertitleid=" + usertitleid; break;
default: return false; break;
}
}
</script>
<?php
$options = array('edit' => $vbphrase['edit'], 'kill' => $vbphrase['delete']);
print_form_header('usertitle', 'add');
print_table_header($vbphrase['user_title_manager_gcpuser'], 3);
print_description_row('<p>' . construct_phrase($vbphrase['it_is_recommended_that_you_update_user_titles'], vB::getCurrentSession()->get('sessionurl')) . '</p>', 0, 3);
print_cells_row(array($vbphrase['user_title_guser'], $vbphrase['minimum_posts'], $vbphrase['controls']), 1);
foreach ($usertitles as $usertitle) {
print_cells_row(array('<b>' . $usertitle['title'] . '</b>', $usertitle['minposts'], "\n\t<select name=\"u{$usertitle['usertitleid']}\" onchange=\"js_usergroup_jump({$usertitle['usertitleid']}, this);\" class=\"bginput\">\n" . construct_select_options($options) . "\t</select>\n\t<input type=\"button\" value=\"" . $vbphrase['go'] . "\" onclick=\"js_usergroup_jump({$usertitle['usertitleid']}, this.form.u{$usertitle['usertitleid']});\" />\n\t"));
}
print_submit_row($vbphrase['add_new_user_title_gcpuser'], 0, 3);
}
print_cp_footer();
/*=========================================================================*\
|| #######################################################################
|| # Downloaded: 15:45, Tue Sep 8th 2015
|| # CVS: $RCSfile$ - $Revision: 83432 $
|| #######################################################################
\*=========================================================================*/
/**
* Determines if the logged-in user can view the infractions for the given user
*
* @return bool The current user can view the given user's infractions (or not)
*/
public function canViewUserInfractions($userid)
{
$userid = (int) $userid;
$currentUserId = vB::getCurrentSession()->get('userid');
return $userid == $currentUserId or vB::getUserContext()->hasPermission('genericpermissions', 'canseeinfraction') or vB::getUserContext()->hasPermission('genericpermissions', 'canreverseinfraction') or vB::getUserContext()->hasPermission('genericpermissions', 'cangiveinfraction');
}
function print_channels($permissions, $inheritance = array(), $channels = false, $indent = ' ')
{
global $vbulletin, $imodcache, $npermscache, $vbphrase;
if ($channels === false) {
$channels = vB_Api::instanceInternal('search')->getChannels(false, array('include_protected' => true, 'no_perm_check' => true));
}
foreach ($channels as $nodeid => $node) {
// make a copy of the current permissions set up
$perms = $permissions;
// make a copy of the inheritance set up
$inherit = $inheritance;
// echo channel title and links
if (!defined('ONLYID') or $nodeid == ONLYID) {
echo "{$indent}<ul class=\"lsq\">\n";
echo "{$indent}<li><b><a name=\"node{$nodeid}\" href=\"forum.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit&n={$nodeid}\">{$node['htmltitle']}</a></b>";
if ($node['parentid'] != 0) {
echo " <b><span class=\"smallfont\">(" . construct_link_code($vbphrase['reset'], "forumpermission.php?" . vB::getCurrentSession()->get('sessionurl') . "do=quickset&type=reset&n={$nodeid}&hash=" . CP_SESSIONHASH) . construct_link_code($vbphrase['deny_all'], "forumpermission.php?" . vB::getCurrentSession()->get('sessionurl') . "do=quickset&type=deny&n={$nodeid}&hash=" . CP_SESSIONHASH) . ")</span></b>";
}
// get moderators
if (is_array($imodcache["{$nodeid}"])) {
echo "<span class=\"smallfont\"><br /> - <i>" . $vbphrase['moderators'] . ":";
foreach ($imodcache["{$nodeid}"] as $moderator) {
// moderator username and links
echo " <a href=\"moderator.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit&moderatorid={$moderator['moderatorid']}\">{$moderator['username']}</a>";
}
echo "</i></span>";
}
echo "{$indent}\t<ul class=\"usergroups\">\n";
}
$nplink = "";
foreach ($vbulletin->usergroupcache as $usergroupid => $usergroup) {
if ($inherit["{$usergroupid}"] == 'col-c') {
$inherit["{$usergroupid}"] = 'col-i';
}
// if there is a custom permission for the current usergroup, use it
if (isset($npermscache["{$nodeid}"]["{$usergroupid}"]) and $node['parentid'] != 0 and vB_ChannelPermission::compareDefaultChannelPermissions($nodeid, $usergroupid, $npermscache["{$nodeid}"]["{$usergroupid}"])) {
$inherit["{$usergroupid}"] = 'col-c';
$perms["{$usergroupid}"] = $npermscache[$nodeid][$usergroupid]['forumpermissions'];
$nplink = 'np=' . $npermscache[$nodeid][$usergroupid]['permissionid'];
} else {
$nplink = "n={$nodeid}&u={$usergroupid}";
}
// work out display style
$liStyle = '';
if (isset($inherit["{$usergroupid}"])) {
$liStyle = " class=\"{$inherit[$usergroupid]}\"";
} else {
$liStyle = " class=\"col-g\"";
}
if (!($perms["{$usergroupid}"] & $vbulletin->bf_ugp_forumpermissions['canview'])) {
$liStyle .= " style=\"list-style:circle\"";
}
if (!defined('ONLYID') or $nodeid == ONLYID) {
echo "{$indent}\t<li{$liStyle}>" . construct_link_code($vbphrase['edit'], "forumpermission.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit&{$nplink}") . $usergroup['title'] . "</li>\n";
}
}
if (!defined('ONLYID') or $nodeid == ONLYID) {
echo "{$indent}\t</ul><br />\n";
}
if (defined('ONLYID') and $nodeid == ONLYID) {
echo "{$indent}</li>\n";
echo "{$indent}</ul>\n";
return;
}
if (!empty($node['channels'])) {
print_channels($perms, $inherit, $node['channels'], "{$indent}\t");
}
if (!defined('ONLYID') or $nodeid == ONLYID) {
echo "{$indent}</li>\n";
}
unset($inherit);
if (!defined('ONLYID') or $nodeid == ONLYID) {
echo "{$indent}</ul>\n";
}
if (!defined('ONLYID') and $node['parentid'] == -1) {
echo "<hr size=\"1\" />\n";
}
}
}
/**
* Prepares the appropriate url for a group icon.
* The url is based on whether fileavatars are in use, and whether a thumb is required.
*
* @param array mixed $groupinfo - GroupInfo array of the group to fetch the icon for
* @param boolean $thumb - Whether to return a thumb url
* @param boolean $path - Whether to fetch the path or the url
* @param boolean $force_file - Always get the file path as if it existed
*/
function fetch_socialgroupicon_url($groupinfo, $thumb = false, $path = false, $force_file = false)
{
global $vbulletin;
$iconurl = false;
if ($vbulletin->options['sg_enablesocialgroupicons']) {
if (!$groupinfo['icondateline']) {
return vB_Template_Runtime::fetchStyleVar('unknownsgicon');
}
if ($vbulletin->options['usefilegroupicon'] or $force_file) {
$iconurl = ($path ? $vbulletin->options['groupiconpath'] : $vbulletin->options['groupiconurl']) . ($thumb ? '/thumbs' : '') . '/socialgroupicon' . '_' . $groupinfo['groupid'] . '_' . $groupinfo['icondateline'] . '.gif';
} else {
$iconurl = 'image.php?' . vB::getCurrentSession()->get('sessionurl') . 'groupid=' . $groupinfo['groupid'] . '&dateline=' . $groupinfo['icondateline'] . ($thumb ? '&type=groupthumb' : '');
}
}
return $iconurl;
}
foreach ($crons as $cron) {
$options = array('edit' => $vbphrase['edit'], 'switchactive' => $cron['effective_active'] ? $vbphrase['disable'] : $vbphrase['enable']);
if (!$cron['volatile'] or $vb5_config['Misc']['debug']) {
$options['kill'] = $vbphrase['delete'];
}
$item_title = htmlspecialchars_uni($vbphrase['task_' . $cron['varname'] . '_title']);
if (isset($vbphrase['task_' . $cron['varname'] . '_title'])) {
$item_title = htmlspecialchars_uni($vbphrase['task_' . $cron['varname'] . '_title']);
} else {
$item_title = $cron['varname'];
}
if (!$cron['effective_active']) {
$item_title = "<strike>{$item_title}</strike>";
}
$item_desc = htmlspecialchars_uni($vbphrase['task_' . $cron['varname'] . '_desc']);
$timerule = fetch_cron_timerule($cron);
// this will happen in the future which the yestoday setting doesn't handle when its in the detailed mode
$future = ($cron['nextrun'] > TIMENOW and $vbulletin->options['yestoday'] == 2);
$cell = array("<input type=\"checkbox\" name=\"enabled[{$cron['varname']}]\" value=\"1\" title=\"{$vbphrase['enabled']}\" id=\"cb_enabled_{$cron['varname']}\" tabindex=\"1\"" . ($cron['active'] ? ' checked="checked"' : '') . " />", $timerule['minute'], $timerule['hour'], $timerule['day'], $timerule['month'], $timerule['weekday'], "<label for=\"cb_enabled_{$cron['varname']}\"><strong>{$item_title}</strong><br /><span class=\"smallfont\">{$item_desc}</span></label>", '<div style="white-space:nowrap">' . ($cron['effective_active'] ? vbdate($vbulletin->options['dateformat'], $cron['nextrun'], true and !$future) . (($vbulletin->options['yestoday'] != 2 or $future) ? '<br />' . vbdate($vbulletin->options['timeformat'], $cron['nextrun']) : '') : $vbphrase['n_a']) . '</div>', "\n\t<select name=\"c{$cron['cronid']}\" onchange=\"js_cron_jump({$cron['cronid']});\" class=\"bginput\">\n" . construct_select_options($options) . "\t</select><input type=\"button\" class=\"button\" value=\"{$vbphrase['go']}\" onclick=\"js_cron_jump({$cron['cronid']});\" />\n\t" . "\n\t<input type=\"button\" class=\"button\" value=\"{$vbphrase['run_now']}\" onclick=\"js_run_cron({$cron['cronid']});\" />");
print_cells_row($cell, 0, '', -6);
}
print_description_row("<div class=\"smallfont\" align=\"center\">{$vbphrase['all_times_are_gmt_x_time_now_is_y']}</div>", 0, 9, 'thead');
print_submit_row($vbphrase['save_enabled_status'], 0, 9, '', "<input type=\"button\" class=\"button\" value=\"{$vbphrase['add_new_scheduled_task_gcron']}\" tabindex=\"1\" onclick=\"window.location='cronadmin.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit'\" />");
}
print_cp_footer();
/*=========================================================================*\
|| #######################################################################
|| # Downloaded: 15:45, Tue Sep 8th 2015
|| # CVS: $RCSfile$ - $Revision: 83432 $
|| #######################################################################
\*=========================================================================*/
/**
* Returns the CSS path needed for the {vb:cssfile} template tag
*
* @return string CSS path
*/
public function fetch_css_path()
{
global $vbulletin, $style, $foruminfo;
if ($vbulletin->options['storecssasfile']) {
$vbcsspath = vB_Api::instanceInternal('style')->fetchCssLocation() . '/style' . str_pad($style['styleid'], 5, '0', STR_PAD_LEFT) . $vbulletin->stylevars['textdirection']['string'][0] . '/';
} else {
// Forum ID added when in forums with style overrides and the "Allow Users To Change Styles"
// option is off, otherwise the requested styleid will be denied. Not added across the board
// to ensure the highest cache hit rate possible. Not needed when CSS is stored as files.
// See bug: VBIV-5647
if (!empty($foruminfo)) {
$forumid = intval($foruminfo['forumid']);
$forum_styleid = intval($foruminfo['styleid']);
if (!$vbulletin->options['allowchangestyles'] and $forumid > 0 and $forum_styleid > 0) {
$add_forumid = '&forumid=' . $forumid;
}
} else {
$add_forumid = '';
}
if (defined('LANGUAGEID')) {
$languageId = LANGUAGEID;
} else {
$languageId = vB::getCurrentSession()->get('languageid');
if (empty($currentlanguageid)) {
$currentlanguageid = vB::getDatastore()->getOption('languageid');
}
}
// textdirection var added to prevent cache if admin modified language text_direction. See bug #32640
$vbcsspath = 'css.php?styleid=' . $style['styleid'] . $add_forumid . '&langid=' . $languageId . '&d=' . $style['dateline'] . '&td=' . $vbulletin->stylevars['textdirection']['string'] . '&sheet=';
}
return $vbcsspath;
}
$refperiod = construct_phrase($vbphrase['x_to_y'], $datestart, $dateend);
} else {
$refperiod = $vbphrase['all_time'];
}
try {
$userInfo = vB_Api::instanceInternal('user')->fetchUserInfo($vbulletin->GPC['referrerid']);
} catch (vB_Exception_Api $ex) {
print_stop_message2($ex->getMessage());
}
$users = $assertor->getRows('userReferrals', array('referrerid' => $vbulletin->GPC['referrerid'], 'startdate' => $vbulletin->GPC['startdate'], 'enddate' => $vbulletin->GPC['enddate']));
print_form_header('', '');
print_table_header(construct_phrase($vbphrase['referrals_for_x'], $userInfo['username']) . ' - ' . $refperiod, 5);
print_cells_row(array($vbphrase['username'], $vbphrase['post_count'], $vbphrase['email'], $vbphrase['join_date'], $vbphrase['last_visit_guser']), 1);
foreach ($users as $user) {
$cell = array();
$cell[] = "<a href=\"user.php?" . vB::getCurrentSession()->get('sessionurl') . "do=edit&u={$user['userid']}\">{$user['username']}</a>";
$cell[] = vb_number_format($user['posts']);
$cell[] = "<a href=\"mailto:{$user['email']}\">{$user['email']}</a>";
$cell[] = '<span class="smallfont">' . vbdate($vbulletin->options['dateformat'] . ', ' . $vbulletin->options['timeformat'], $user['joindate']) . '</span>';
$cell[] = '<span class="smallfont">' . vbdate($vbulletin->options['dateformat'] . ', ' . $vbulletin->options['timeformat'], $user['lastvisit']) . '</span>';
print_cells_row($cell);
}
print_table_footer();
}
// ########################################################################
if ($_REQUEST['do'] == 'usercss' or $_POST['do'] == 'updateusercss') {
$vbulletin->input->clean_array_gpc('r', array('userid' => vB_Cleaner::TYPE_UINT));
$userinfo = fetch_userinfo($vbulletin->GPC['userid']);
if (!$userinfo) {
print_stop_message2('invalid_user_specified');
}
