$reportthread = ($rpforumid = $vbulletin->options['rpforumid'] AND $rpforuminfo = fetch_foruminfo($rpforumid));
$reportemail = ($vbulletin->options['enableemail'] AND $vbulletin->options['rpemail']);
if (!$reportthread AND !$reportemail)
{
standard_error(fetch_error('emaildisabled'));
}
$navbits = array();
if ($blogid)
{
$bloginfo = verify_blog($blogid);
if ($blogtextinfo AND $blogtextinfo['blogtextid'] != $bloginfo['firstblogtextid'])
{
if (!fetch_comment_perm('canviewcomments', $bloginfo, $blogtextinfo))
{
print_no_permission();
}
$reportobj = new vB_ReportItem_Blog_Comment($vbulletin);
$reportobj->set_extrainfo('blog', $bloginfo);
$forminfo = $reportobj->set_forminfo($blogtextinfo);
}
else
{
$blogtextinfo = array();
$bloginfo['blogtextid'] = $bloginfo['firstblogtextid'];
$reportobj = new vB_ReportItem_Blog_Entry($vbulletin);
$forminfo = $reportobj->set_forminfo($bloginfo);
}
$vbulletin->GPC['editorid'] = preg_replace('/\\W/s', '', $vbulletin->GPC['editorid']);
/* Check they can view a blog, any blog */
if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) {
$xml->add_tag('error', 'nopermission');
$xml->print_xml();
}
$bloginfo = verify_blog($blogtextinfo['blogid'], 0, 'modifychild');
if (!$bloginfo) {
$xml->add_tag('error', 'nopermission');
$xml->print_xml();
}
if (!$blogtextinfo) {
$xml->add_tag('error', 'nopermission');
$xml->print_xml();
}
if ($bloginfo['firstblogtextid'] == $blogtextinfo['blogtextid'] or !fetch_comment_perm('caneditcomments', $bloginfo, $blogtextinfo)) {
$xml->add_tag('error', 'nopermission');
$xml->print_xml();
}
$show['quick_edit_form_tag'] = false;
//$show['deletepostoption'] = (fetch_comment_perm('candeletecomments', $bloginfo, $blogtextinfo) OR fetch_comment_perm('canremovecomments', $bloginfo, $blogtextinfo));
$show['softdeleteoption'] = true;
$show['physicaldeleteoption'] = can_moderate_blog('canremovecomments');
require_once DIR . '/includes/functions_editor.php';
$editorid = construct_edit_toolbar(htmlspecialchars_uni($blogtextinfo['pagetext']), false, 'blog_comment', $vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_allowsmilies'], $blogtextinfo['allowsmilie'], false, 'qe', $vbulletin->GPC['editorid']);
$xml->add_group('quickedit');
$xml->add_tag('editor', $messagearea, array('reason' => $blogtextinfo['edit_reason'], 'parsetype' => 'blog_comment', 'parsesmilies' => $vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_allowsmilies'], 'mode' => $show['is_wysiwyg_editor']));
$xml->close_group();
$xml->print_xml();
}
}
$saveparsed .= "({$comment['blogtextid']}, " . intval($bloginfo['lastcomment']) . ', ' . intval($response_handler->parsed_cache['has_images']) . ", '" . $db->escape_string($response_handler->parsed_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if ($comment['dateline'] > $displayed_dateline) {
$displayed_dateline = $comment['dateline'];
}
$oldest_comment = $comment['dateline'];
if ($comment['state'] == 'deleted' or $ignore["{$comment['userid']}"]) {
// be aware $factory->create can change $response['state']
$show['quickload'] = true;
}
}
// This is only used by Quick Comment but init it either way
$effective_lastcomment = max($displayed_dateline, $bloginfo['lastcomment']);
$show['delete'] = (fetch_comment_perm('candeletecomments', $bloginfo) or fetch_comment_perm('canremovecomments', $bloginfo));
$show['undelete'] = fetch_comment_perm('canundeletecomments', $bloginfo);
$show['approve'] = fetch_comment_perm('canmoderatecomments', $bloginfo);
$show['inlinemod'] = ($responsebits and ($show['delete'] or $show['approve'] or $show['undelete']));
// Only allow AJAX QC on the last page and after one comment
$allow_ajax_qc = ($comment_count > 0 and $vbulletin->GPC['pagenumber'] == ceil($comment_count / $vbulletin->options['blog_commentsperpage'])) ? 1 : 0;
if ($vbulletin->userinfo['userid']) {
mark_blog_read($bloginfo, $vbulletin->userinfo['userid'], $oldest_comment);
}
// Todo: allow ratings option or permission, hardcoded but we may want to add this
$show['blograting'] = $bloginfo['state'] == 'visible';
$show['rateblog'] = ($show['blograting'] and (!$bloginfo['vote'] and $vbulletin->userinfo['userid'] or !$rated and !$vbulletin->userinfo['userid'] or $vbulletin->options['votechange']));
// Build Social Bookmark Links
$guestuser = array('userid' => 0, 'usergroupid' => 0);
cache_permissions($guestuser, false);
$bookmarksites = '';
if ($guestuser['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview'] and $vbulletin->options['socialbookmarks'] and is_array($vbulletin->bookmarksitecache) and !empty($vbulletin->bookmarksitecache) and $bloginfo['state'] == 'visible' and $bloginfo['guest_canviewmyblog'] and $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']) {
foreach ($vbulletin->bookmarksitecache as $bookmarksite) {
'infractiongroupids' => $comment['blog_infractiongroupids'],
'membergroupids' => $comment['blog_membergroupids'],
'memberids' => $comment['memberids'],
'memberblogids' => $comment['memberblogids'],
'postedby_userid' => $comment['postedby_userid'],
'postedby_username' => $comment['postedby_username'],
'grouppermissions' => $comment['grouppermissions'],
'membermoderate' => $comment['membermoderate'],
);
cache_permissions($trackback, false);
cache_permissions($entryinfo, false);
$show['edit_trackback'] = fetch_comment_perm('caneditcomments', $entryinfo, $trackback);
$show['inlinemod_approve'] = fetch_comment_perm('canmoderatecomments', $entryinfo, $trackback);
$show['inlinemod_delete'] = (fetch_comment_perm('candeletecomments', $entryinfo, $trackback) OR fetch_comment_perm('canremovecomments', $entryinfo, $trackback));
if ($show['inlinemod_delete'] OR $show['inlinemod_approve'])
{
$show['inlinemod_trackback'] = true;
}
$show['moderation'] = ($trackback['state'] == 'moderation');
$trackback['date'] = vbdate($vbulletin->options['dateformat'], $trackback['dateline'], true);
$trackback['time'] = vbdate($vbulletin->options['timeformat'], $trackback['dateline'], true);
$templater = vB_Template::create('blog_cp_manage_trackbacks_trackback');
$templater->register('trackback', $trackback);
$trackbackbits .= $templater->render();
}
if ($show['inlinemod_trackback'])
{
/**
* Fetches the permission value for a specific blog comment
*
* @param string The permission to check
* @param array An array of information about the blog entry
* @param array An array of information about the blog comment
*
* @return boolean Returns true if they have the permission else false
*/
function fetch_comment_perm($perm, $entryinfo = null, $blogtextinfo = null)
{
global $vbulletin;
// Only moderator can manage a comment that is in a moderated/deleted post, not even the owner of the post can manage in this situation.
if (
// Deleted Post
($entryinfo['state'] == 'deleted' AND !can_moderate_blog('candeleteentries') AND ($perm != 'canviewcomments' OR !is_member_of_blog($vbulletin->userinfo, $entryinfo['userid'])))
OR
// Moderated Post
($entryinfo['state'] == 'moderation' AND !can_moderate_blog('canmoderateentries') AND ($perm != 'canviewcomments' OR !is_member_of_blog($vbulletin->userinfo, $entryinfo)))
)
{
return false;
}
switch ($perm)
{
case 'canviewcomments':
return
(
(
($blogtextinfo['state'] != 'deleted' OR can_moderate_blog('candeletecomments') OR is_member_of_blog($vbulletin->userinfo, $entryinfo))
AND
($blogtextinfo['state'] != 'moderation' OR is_member_of_blog($vbulletin->userinfo, $entryinfo) OR $vbulletin->userinfo['userid'] == $blogtextinfo['userid'] OR fetch_comment_perm('canmoderatecomments', $entryinfo, $blogtextinfo))
)
);
case 'caneditcomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
OR
(
$vbulletin->userinfo['userid'] != $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanageotherentry']
)
)
)
OR
(
($blogtextinfo['state'] == 'visible' OR $blogtextinfo['state'] == 'moderation')
AND
$blogtextinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_caneditowncomment']
)
OR
(
can_moderate_blog('caneditcomments')
AND
(
$blogtextinfo['state'] != 'moderation' OR fetch_comment_perm('canmoderatecomments', $entryinfo, $blogtextinfo)
)
AND
(
$blogtextinfo['state'] != 'deleted' OR fetch_comment_perm('candeletecomments', $entryinfo, $blogtextinfo)
)
)
);
case 'canmoderatecomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
OR
(
$vbulletin->userinfo['userid'] != $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanageotherentry']
)
)
)
OR
(
($blogtextinfo['state'] != 'deleted' OR can_moderate('candeletecomments'))
AND
can_moderate_blog('canmoderatecomments')
)
);
case 'candeletecomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
OR
(
$vbulletin->userinfo['userid'] != $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanageotherentry']
)
)
)
OR
(
can_moderate_blog('candeletecomments')
)
OR
(
$blogtextinfo['state'] == 'visible'
AND
$blogtextinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_candeleteowncomment']
)
);
case 'canremovecomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
)
)
OR
(
can_moderate_blog('canremovecomments')
)
);
case 'canundeletecomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
OR
(
$vbulletin->userinfo['userid'] != $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanageotherentry']
)
)
)
OR
(
can_moderate_blog('candeletecomments')
)
);
default:
$handled = false;
($hook = vBulletinHook::fetch_hook('blog_fetch_comment_perm')) ? eval($hook) : false;
if (!$handled)
{
trigger_error('fetch_comment_perm(): Argument #1; Invalid permission specified', E_USER_ERROR);
}
}
}
'userid' => $comment['blog_userid'],
'usergroupid' => $comment['blog_usergroupid'],
'infractiongroupids' => $comment['blog_infractiongroupids'],
'membergroupids' => $comment['blog_membergroupids'],
'memberids' => $comment['memberids'],
'memberblogids' => $comment['memberblogids'],
'postedby_userid' => $comment['postedby_userid'],
'postedby_username' => $comment['postedby_username'],
'grouppermissions' => $comment['grouppermissions'],
'membermoderate' => $comment['membermoderate'],
);
cache_permissions($comment, false);
cache_permissions($entryinfo, false);
if (!fetch_comment_perm('canundeletecomments', $entryinfo, $comment))
{
standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_comments'));
}
$commentarray["$comment[blogtextid]"] = $comment;
$bloglist["$comment[blogid]"] = true;
if ($comment['dateline'] >= $comment['lastcomment'])
{
$userlist["$entryinfo[userid]"] = true;
}
}
if (empty($commentarray))
{
);
$usernamecode = vB_Template::create('newpost_usernamecode')->render();
// draw nav bar
$navbits = array(
'blog.php?' . $vbulletin->session->vars['sessionurl'] . "u=$bloginfo[userid]" => $bloginfo['blog_title'],
'blog.php?' . $vbulletin->session->vars['sessionurl'] . "b=$bloginfo[blogid]" => $bloginfo['title'],
'' => $vbphrase['edit_comment'],
);
$show['parseurl'] = ($vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_allowbbcode']);
$show['misc_options'] = ($show['parseurl'] OR !empty($disablesmiliesoption));
$show['additional_options'] = ($show['misc_options'] OR !empty($attachmentoption));
$show['edit'] = true;
$show['delete'] = (fetch_comment_perm('candeletecomments', $bloginfo, $blogtextinfo) OR fetch_comment_perm('canremovecomments', $bloginfo, $blogtextinfo));
$show['physicaldeleteoption'] = can_moderate_blog('canremovecomments');
$sidebar =& build_user_sidebar($bloginfo, 0, 0, 'comment');
($hook = vBulletinHook::fetch_hook('blog_post_editcomment_complete')) ? eval($hook) : false;
$url =& $vbulletin->url;
// complete
$templater = vB_Template::create('blog_comment_editor');
$templater->register('attachmentoption', $attachmentoption);
$templater->register('bloginfo', $bloginfo);
$templater->register('blogtextinfo', $blogtextinfo);
$templater->register('checked', $checked);
$templater->register('disablesmiliesoption', $disablesmiliesoption);
$templater->register('editorid', $editorid);
function process_display()
{
global $show;
parent::process_display();
$show['edit_trackback'] = fetch_comment_perm('caneditcomments', $this->bloginfo, $this->response);
$show['inlinemod_trackback'] = (
fetch_comment_perm('canremovecomments', $this->bloginfo)
OR
fetch_comment_perm('candeletecomments', $this->bloginfo)
OR
fetch_comment_perm('canmoderatecomments', $this->bloginfo)
);
}
