$vbulletin->input->clean_array_gpc('r', array('albumid' => TYPE_UINT, 'pictureid' => TYPE_UINT, 'userid' => TYPE_UINT)); $moderatedpictures = (($vbulletin->options['albums_pictures_moderation'] or !($vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['picturefollowforummoderation'])) and !can_moderate(0, 'canmoderatepictures')); ($hook = vBulletinHook::fetch_hook('album_start_precheck')) ? eval($hook) : false; if (!$vbulletin->GPC['userid']) { $vbulletin->GPC['userid'] = $vbulletin->userinfo['userid']; } // if we specify an album, make sure our user context is sane if ($vbulletin->GPC['albumid']) { $albuminfo = fetch_albuminfo($vbulletin->GPC['albumid']); if (!$albuminfo) { standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } $vbulletin->GPC['userid'] = $albuminfo['userid']; } if ($vbulletin->GPC['pictureid']) { $pictureinfo = fetch_pictureinfo($vbulletin->GPC['pictureid'], $albuminfo['albumid']); if (!$pictureinfo) { standard_error(fetch_error('invalidid', $vbphrase['picture'], $vbulletin->options['contactuslink'])); } } if (!$vbulletin->GPC['userid']) { print_no_permission(); } $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, FETCH_USERINFO_USERCSS); // don't show stuff for users awaiting moderation if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { print_no_permission(); } cache_permissions($userinfo, false); if (!can_moderate(0, 'caneditalbumpicture') and !($userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canalbum'])) { print_no_permission();
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } if (!can_view_profile_section($albuminfo['userid'], 'albums')) { // private album that we can not see standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } if ($albuminfo['state'] == 'private' and !can_view_private_albums($albuminfo['userid'])) { // private album that we can not see standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } else { if ($albuminfo['state'] == 'profile' and !can_view_profile_albums($albuminfo['userid'])) { // profile album that we can not see standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } } $pictureinfo = fetch_pictureinfo($vbulletin->GPC['attachmentid'], $vbulletin->GPC['albumid']); $navbits = array(fetch_seo_url('member', $albuminfo) => construct_phrase($vbphrase['xs_profile'], $albuminfo['username']), 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$albuminfo['userid']}" => $vbphrase['albums'], 'album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albuminfo['albumid']}" => $albuminfo['title_html']); } else { if ($vbulletin->GPC['groupid']) { $group = fetch_socialgroupinfo($vbulletin->GPC['groupid']); if (!$group) { standard_error(fetch_error('invalidid', $vbphrase['social_group'], $vbulletin->options['contactuslink'])); } if (!($group['options'] & $vbulletin->bf_misc_socialgroupoptions['enable_group_albums'])) { print_no_permission(); } if ($group['membertype'] != 'member' and !can_moderate(0, 'caneditalbumpicture')) { if ($vbulletin->userinfo['permissions']['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canjoingroups']) { standard_error(fetch_error('must_be_group_member_view_add_pictures_join_x', fetch_seo_url('group', $group))); } else { standard_error(fetch_error('must_be_group_member_view_add_pictures'));