/**
* Removes the invalid prefixes from a collection of threads in a specific forum.
*
* @param array|int An array of thread IDs (or a comma delimited list)
* @param integer The forumid to consider the threads to be in
*/
function remove_invalid_prefixes($threadids, $forumid = 0)
{
global $vbulletin;
if (!is_array($threadids)) {
$threadids = preg_replace('#\\s#', '', trim($threadids));
$threadids = explode(',', $threadids);
}
$threadids = array_map('intval', $threadids);
$valid_prefixes = array();
if ($forumid) {
// find all valid prefixes in the specified forum
$valid_prefix_sets = fetch_prefix_array($forumid);
foreach ($valid_prefix_sets as $prefixset) {
foreach ($prefixset as $prefixid) {
$valid_prefixes[] = "'" . $vbulletin->db->escape_string($prefixid) . "'";
}
}
}
$vbulletin->db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "thread SET\n\t\t\tprefixid = ''\n\t\tWHERE threadid IN(" . implode(',', $threadids) . ")\n\t\t\t" . ($valid_prefixes ? "AND prefixid NOT IN (" . implode(',', $valid_prefixes) . ")" : ''));
}
/**
* Fetch available prefixes of a Channel. It has permission check,
* So if an user doesn't have permission to use a prefix, the prefix
* won't be returned.
*
* @param int $nodeid Channel node ID
* @param bool $permcheck If set to true, it will return only the prefixes that
* a user can use
*
* @return array Prefixes in format [PrefixsetID][PrefixID] => array(prefixid, usergroupids)
*/
public function fetch($nodeid, $permcheck = true)
{
if (!$nodeid) {
return array();
}
if (!isset($this->cache[$nodeid][$permcheck])) {
require_once DIR . '/includes/functions_prefix.php';
$prefixsets = array();
if ($prefixsets = fetch_prefix_array($nodeid)) {
if ($permcheck) {
foreach ($prefixsets as $prefixsetid => $prefixes) {
foreach ($prefixes as $prefixid => $prefix) {
if (!can_use_prefix($prefixid, $prefix['restrictions'])) {
unset($prefixsets[$prefixsetid][$prefixid]);
}
}
}
}
}
$this->cache[$nodeid][$permcheck] = $prefixsets;
}
return $this->cache[$nodeid][$permcheck];
}
/**
* Creates a new post
*
* @param string 'thread' for the first post in a new thread, 'reply' otherwise
* @param array Forum Information
* @param array Thread Information
* @param array Post Information for the "Parent" post
* @param array Post Information for the post being created
* @param array (return) Array of errors
*
*/
function build_new_post($type = 'thread', $foruminfo, $threadinfo, $postinfo, &$post, &$errors)
{
//NOTE: permissions are not checked in this function
// $post is passed by reference, so that any changes (wordwrap, censor, etc) here are reflected on the copy outside the function
// $post[] includes:
// title, iconid, message, parseurl, email, signature, preview, disablesmilies, rating
// $errors will become any error messages that come from the checks before preview kicks in
global $vbulletin, $vbphrase, $forumperms;
// ### PREPARE OPTIONS AND CHECK VALID INPUT ###
$post['disablesmilies'] = intval($post['disablesmilies']);
$post['enablesmilies'] = $post['disablesmilies'] ? 0 : 1;
$post['folderid'] = intval($post['folderid']);
$post['emailupdate'] = intval($post['emailupdate']);
$post['rating'] = intval($post['rating']);
$post['podcastsize'] = intval($post['podcastsize']);
/*$post['parseurl'] = intval($post['parseurl']);
$post['email'] = intval($post['email']);
$post['signature'] = intval($post['signature']);
$post['preview'] = iif($post['preview'], 1, 0);
$post['iconid'] = intval($post['iconid']);
$post['message'] = trim($post['message']);
$post['title'] = trim(preg_replace('/�*32;/', ' ', $post['title']));
$post['username'] = trim($post['username']);
$post['posthash'] = trim($post['posthash']);
$post['poststarttime'] = trim($post['poststarttime']);*/
// Make sure the posthash is valid
if (md5($post['poststarttime'] . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $post['posthash']) {
$post['posthash'] = 'invalid posthash';
// don't phrase me
}
// OTHER SANITY CHECKS
$threadinfo['threadid'] = intval($threadinfo['threadid']);
// create data manager
if ($type == 'thread') {
$dataman =& datamanager_init('Thread_FirstPost', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
$dataman->set('prefixid', $post['prefixid']);
} else {
$dataman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
}
// set info
$dataman->set_info('preview', $post['preview']);
$dataman->set_info('parseurl', $post['parseurl']);
$dataman->set_info('posthash', $post['posthash']);
$dataman->set_info('forum', $foruminfo);
$dataman->set_info('thread', $threadinfo);
if (!$vbulletin->GPC['fromquickreply']) {
$dataman->set_info('show_title_error', true);
}
if ($foruminfo['podcast'] and (!empty($post['podcasturl']) or !empty($post['podcastexplicit']) or !empty($post['podcastauthor']) or !empty($post['podcastsubtitle']) or !empty($post['podcastkeywords']))) {
$dataman->set_info('podcastexplicit', $post['podcastexplicit']);
$dataman->set_info('podcastauthor', $post['podcastauthor']);
$dataman->set_info('podcastkeywords', $post['podcastkeywords']);
$dataman->set_info('podcastsubtitle', $post['podcastsubtitle']);
$dataman->set_info('podcasturl', $post['podcasturl']);
if ($post['podcastsize']) {
$dataman->set_info('podcastsize', $post['podcastsize']);
}
}
// set options
$dataman->setr('showsignature', $post['signature']);
$dataman->setr('allowsmilie', $post['enablesmilies']);
// set data
$dataman->setr('userid', $vbulletin->userinfo['userid']);
if ($vbulletin->userinfo['userid'] == 0) {
$dataman->setr('username', $post['username']);
}
$dataman->setr('title', $post['title']);
$dataman->setr('pagetext', $post['message']);
$dataman->setr('iconid', $post['iconid']);
// see if post has to be moderated or if poster in a mod
if (($foruminfo['moderatenewthread'] and $type == 'thread' or $foruminfo['moderatenewpost'] and $type == 'reply' or !($forumperms & $vbulletin->bf_ugp_forumpermissions['followforummoderation'])) and !can_moderate($foruminfo['forumid']) or $type == 'reply' and ($postinfo['postid'] and !$postinfo['visible'] and !empty($postinfo['specifiedpost']) or !$threadinfo['visible'])) {
// note: specified post comes from a variable passed into newreply.php
$dataman->set('visible', 0);
$post['visible'] = 0;
} else {
$dataman->set('visible', 1);
$post['visible'] = 1;
}
if ($type != 'thread') {
if ($postinfo['postid'] == 0) {
// get parentid of the new post
// we're not posting a new thread, so make this post a child of the first post in the thread
$getfirstpost = $vbulletin->db->query_first("SELECT postid FROM " . TABLE_PREFIX . "post WHERE threadid={$threadinfo['threadid']} ORDER BY dateline LIMIT 1");
$parentid = $getfirstpost['postid'];
} else {
$parentid = $postinfo['postid'];
}
$dataman->setr('parentid', $parentid);
$dataman->setr('threadid', $threadinfo['threadid']);
} else {
$dataman->setr('forumid', $foruminfo['forumid']);
}
$errors = array();
// done!
($hook = vBulletinHook::fetch_hook('newpost_process')) ? eval($hook) : false;
if ($vbulletin->GPC['fromquickreply'] and $post['preview']) {
$errors = array();
return;
}
if ($vbulletin->options['hvcheck_post'] and !$post['preview'] and !$vbulletin->userinfo['userid']) {
require_once DIR . '/includes/class_humanverify.php';
$verify =& vB_HumanVerify::fetch_library($vbulletin);
if (!$verify->verify_token($post['humanverify'])) {
$dataman->error($verify->fetch_error());
}
}
if ($dataman->info['podcastsize']) {
$post['podcastsize'] = $dataman->info['podcastsize'];
}
// check if this forum requires a prefix
if ($type == 'thread' and !$dataman->fetch_field('prefixid') and $foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
// only require a prefix if we actually have options for this forum
require_once DIR . '/includes/functions_prefix.php';
if (fetch_prefix_array($foruminfo['forumid'])) {
$dataman->error('thread_prefix_required');
}
}
if ($type == 'thread' and $post['taglist']) {
fetch_valid_tags($dataman->thread, $post['taglist'], $tag_errors, true, false);
if ($tag_errors) {
foreach ($tag_errors as $error) {
$dataman->error($error);
}
}
}
$dataman->pre_save();
$errors = array_merge($errors, $dataman->errors);
if ($post['preview']) {
return;
}
// ### DUPE CHECK ###
$dupehash = md5($foruminfo['forumid'] . $post['title'] . $post['message'] . $vbulletin->userinfo['userid'] . $type);
$prevpostfound = false;
$prevpostthreadid = 0;
if ($prevpost = $vbulletin->db->query_first("\n\t\tSELECT posthash.threadid\n\t\tFROM " . TABLE_PREFIX . "posthash AS posthash\n\t\tWHERE posthash.userid = " . $vbulletin->userinfo['userid'] . " AND\n\t\t\tposthash.dupehash = '" . $vbulletin->db->escape_string($dupehash) . "' AND\n\t\t\tposthash.dateline > " . (TIMENOW - 300) . "\n\t")) {
if ($type == 'thread' and $prevpost['threadid'] == 0 or $type == 'reply' and $prevpost['threadid'] == $threadinfo['threadid']) {
$prevpostfound = true;
$prevpostthreadid = $prevpost['threadid'];
}
}
// Redirect user to forumdisplay since this is a duplicate post
if ($prevpostfound) {
if ($type == 'thread') {
$vbulletin->url = 'forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$foruminfo['forumid']}";
eval(print_standard_redirect('redirect_duplicatethread', true, true));
} else {
// with ajax quick reply we need to use the error system
if ($vbulletin->GPC['ajax']) {
$dataman->error('duplicate_post');
$errors = $dataman->errors;
return;
} else {
$vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$prevpostthreadid}&goto=newpost";
if ($post['ajaxqrfailed']) {
// ajax qr failed. While this is a dupe, most likely the user didn't
// see the initial post, so act like it went through.
eval(print_standard_redirect('redirect_postthanks', true, true));
} else {
eval(print_standard_redirect('redirect_duplicatepost', true, true));
}
}
}
}
if (sizeof($errors) > 0) {
return;
}
$id = $dataman->save();
if ($type == 'thread') {
$post['threadid'] = $id;
$threadinfo =& $dataman->thread;
$post['postid'] = $dataman->fetch_field('firstpostid');
} else {
$post['postid'] = $id;
}
$post['visible'] = $dataman->fetch_field('visible');
$set_open_status = false;
$set_sticky_status = false;
if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
$set_open_status = true;
}
if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
$set_sticky_status = true;
}
if ($set_open_status or $set_sticky_status) {
$thread =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
if ($type == 'thread') {
$thread->set_existing($dataman->thread);
if ($set_open_status) {
$post['postpoll'] = false;
}
} else {
$thread->set_existing($threadinfo);
}
if ($set_open_status) {
$thread->set('open', $thread->fetch_field('open') == 1 ? 0 : 1);
}
if ($set_sticky_status) {
$thread->set('sticky', $thread->fetch_field('sticky') == 1 ? 0 : 1);
}
$thread->save();
}
if ($type == 'thread') {
add_tags_to_thread($threadinfo, $post['taglist']);
}
// ### DO THREAD RATING ###
build_thread_rating($post['rating'], $foruminfo, $threadinfo);
// ### DO EMAIL NOTIFICATION ###
if ($post['visible'] and $type != 'thread' and !in_coventry($vbulletin->userinfo['userid'], true)) {
exec_send_notification($threadinfo['threadid'], $vbulletin->userinfo['userid'], $post['postid']);
}
// ### DO THREAD SUBSCRIPTION ###
if ($vbulletin->userinfo['userid'] != 0) {
require_once DIR . '/includes/functions_misc.php';
$post['emailupdate'] = verify_subscription_choice($post['emailupdate'], $vbulletin->userinfo, 9999);
($hook = vBulletinHook::fetch_hook('newpost_subscribe')) ? eval($hook) : false;
if (!$threadinfo['issubscribed'] and $post['emailupdate'] != 9999) {
// user is not subscribed to this thread so insert it
/*insert query*/
$vbulletin->db->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
} else {
// User is subscribed, see if they changed the settings for this thread
if ($post['emailupdate'] == 9999) {
// Remove this subscription, user chose 'No Subscription'
$vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "subscribethread WHERE threadid = {$threadinfo['threadid']} AND userid = " . $vbulletin->userinfo['userid']);
} else {
if ($threadinfo['emailupdate'] != $post['emailupdate'] or $threadinfo['folderid'] != $post['folderid']) {
// User changed the settings so update the current record
/*insert query*/
$vbulletin->db->query_write("REPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
}
}
}
}
($hook = vBulletinHook::fetch_hook('newpost_complete')) ? eval($hook) : false;
}
/**
* Creates a new post
*
* @param string 'thread' for the first post in a new thread, 'reply' otherwise
* @param array Forum Information
* @param array Thread Information
* @param array Post Information for the "Parent" post
* @param array Post Information for the post being created
* @param array (return) Array of errors
*
*/
function build_new_post($type = 'thread', $foruminfo, $threadinfo, $postinfo, &$post, &$errors)
{
//NOTE: permissions are not checked in this function
// $post is passed by reference, so that any changes (wordwrap, censor, etc) here are reflected on the copy outside the function
// $post[] includes:
// title, iconid, message, parseurl, email, signature, preview, disablesmilies, rating
// $errors will become any error messages that come from the checks before preview kicks in
global $vbulletin, $vbphrase, $forumperms;
// ### PREPARE OPTIONS AND CHECK VALID INPUT ###
$post['disablesmilies'] = intval($post['disablesmilies']);
$post['enablesmilies'] = $post['disablesmilies'] ? 0 : 1;
$post['folderid'] = intval($post['folderid']);
$post['emailupdate'] = intval($post['emailupdate']);
$post['rating'] = intval($post['rating']);
$post['podcastsize'] = intval($post['podcastsize']);
// Make sure the posthash is valid
if (md5($post['poststarttime'] . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $post['posthash']) {
$post['posthash'] = 'invalid posthash';
// don't phrase me
}
// OTHER SANITY CHECKS
$threadinfo['threadid'] = intval($threadinfo['threadid']);
// Doublepost //
$dp_flag = false;
// create data manager
if ($type == 'thread') {
$dataman =& datamanager_init('Thread_FirstPost', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
$dataman->set('prefixid', $post['prefixid']);
} else {
$dataman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
$dupehash = md5($foruminfo['forumid'] . $post['title'] . $post['message'] . $vbulletin->userinfo['userid'] . $type);
// Doublepost Check //
if ($vbulletin->options['dp_timespan'] and VB_API !== true and $cutoff = TIMENOW - $vbulletin->options['dp_timespan'] * 60 and $threadinfo['lastpost'] > $cutoff and !$post['preview'] and $threadinfo['lastposter'] == $vbulletin->userinfo['username'] and !($foruminfo['options'] & $vbulletin->bf_misc_forumoptions['bypassdp']) and !($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['bypassdoublepost']) and $doublepost = $vbulletin->db->query_first("\n\t\t\t\tSELECT post.*, posthash.userid AS dupe_userid\n\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "posthash AS posthash ON (\n\t\t\t\t\tposthash.threadid = {$threadinfo['threadid']}\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.dupehash = '" . $vbulletin->db->escape_string($dupehash) . "'\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.userid = {$vbulletin->userinfo['userid']}\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.dateline > " . (TIMENOW - 300) . "\n\t\t\t\t)\n\t\t\t\tWHERE\n\t\t\t\t\tpost.visible = 1\n\t\t\t\t\t\tAND\n\t\t\t\t\tpost.postid = " . $threadinfo['lastpostid'] . "\n\t\t\t\t\t\tAND\n\t\t\t\t\tpost.threadid = " . $threadinfo['threadid'] . "\n\t\t\t\tLIMIT 1\t") and $attach = $vbulletin->db->query_first("\n\t\t\t\tSELECT count(attachmentid) AS attach\n\t\t\t\tFROM " . TABLE_PREFIX . "attachment\n\t\t\t\tWHERE state = 'visible'\n\t\t\t\tAND posthash = '" . $post['posthash'] . "'") and ($vbulletin->options['attachlimit'] == 0 or $attach['attach'] + $doublepost['attach'] <= $vbulletin->options['attachlimit'])) {
$cstate = $vbulletin->options['dp_color'] ? 1 : 0;
$minchar = intval($vbulletin->options['postminchars']) <= 0 ? 1 : intval($vbulletin->options['postminchars']);
if (vbstrlen(strip_bbcode($post['message'], $vbulletin->options['ignorequotechars'])) < $minchar) {
require_once DIR . '/includes/functions_misc.php';
$errors[] = construct_phrase(fetch_phrase('tooshort', 'error'), $minchar);
return false;
}
if ($doublepost['dupe_userid']) {
require_once DIR . '/includes/functions_misc.php';
$errors[] = fetch_phrase('duplicate_post', 'error');
return false;
}
switch ($vbulletin->options['dp_spacer']) {
case 1:
// None
$cstate = 2;
break;
case 2:
// Custom
$spacer = $vbulletin->options['dp_text'];
break;
default:
$spacer = $vbphrase['dp_spacer_default'];
break;
}
switch ($cstate) {
case 1:
// Coloured spacer
$spacer = "\n\n" . '[COLOR="' . $vbulletin->options['dp_color'] . '"]' . $spacer . '[/COLOR]' . "\n\n";
break;
case 2:
// No spacer.
$spacer = "\n\n";
break;
default:
$spacer = "\n\n" . $spacer . "\n\n";
break;
}
$dp_flag = true;
$id = $doublepost['postid'];
// Need to set valid values for later //
$doublepost['signature'] = $doublepost['showsignature'];
$doublepost['disablesmilies'] = intval($doublepost['disablesmilies']);
$doublepost['enablesmilies'] = $doublepost['disablesmilies'] ? 0 : 1;
$doublepost['folderid'] = intval($doublepost['folderid']);
$doublepost['emailupdate'] = intval($doublepost['emailupdate']);
$doublepost['rating'] = intval($doublepost['rating']);
$doublepost['podcastsize'] = intval($doublepost['podcastsize']);
$doublepost['doublepost'] = $dp_flag;
$doublepost['posthash'] = $post['posthash'];
$doublepost['oldmessage'] = $post['message'];
$doublepost['message'] = $doublepost['pagetext'] . $spacer . $post['message'];
$post = $doublepost;
unset($doublepost);
$dataman->set_existing($post);
if ($vbulletin->options['dp_bump']) {
$post['dateline'] = TIMENOW;
$dataman->set('dateline', $post['dateline']);
}
} else {
$dp_flag = false;
}
}
// set info
$dataman->set_info('dpflag', $dp_flag);
$dataman->set_info('preview', $post['preview']);
$dataman->set_info('parseurl', $post['parseurl']);
$dataman->set_info('posthash', $post['posthash']);
$dataman->set_info('forum', $foruminfo);
$dataman->set_info('thread', $threadinfo);
if (!$vbulletin->GPC['fromquickreply']) {
$dataman->set_info('show_title_error', true);
}
if ($foruminfo['podcast'] and (!empty($post['podcasturl']) or !empty($post['podcastexplicit']) or !empty($post['podcastauthor']) or !empty($post['podcastsubtitle']) or !empty($post['podcastkeywords']))) {
$dataman->set_info('podcastexplicit', $post['podcastexplicit']);
$dataman->set_info('podcastauthor', $post['podcastauthor']);
$dataman->set_info('podcastkeywords', $post['podcastkeywords']);
$dataman->set_info('podcastsubtitle', $post['podcastsubtitle']);
$dataman->set_info('podcasturl', $post['podcasturl']);
if ($post['podcastsize']) {
$dataman->set_info('podcastsize', $post['podcastsize']);
}
}
// set options
$dataman->setr('showsignature', $post['signature']);
$dataman->setr('allowsmilie', $post['enablesmilies']);
$dataman->setr('htmlstate', $post['htmlstate']);
// set data
$dataman->setr('userid', $vbulletin->userinfo['userid']);
if ($vbulletin->userinfo['userid'] == 0) {
$dataman->setr('username', $post['username']);
}
$dataman->setr('title', $post['title']);
$dataman->setr('pagetext', $post['message']);
$dataman->setr('iconid', $post['iconid']);
// see if post has to be moderated or if poster in a mod
if (($foruminfo['moderatenewthread'] and $type == 'thread' or $foruminfo['moderatenewpost'] and $type == 'reply' or !($forumperms & $vbulletin->bf_ugp_forumpermissions['followforummoderation'])) and !can_moderate($foruminfo['forumid']) or $type == 'reply' and ($postinfo['postid'] and !$postinfo['visible'] and !empty($postinfo['specifiedpost']) or !$threadinfo['visible'])) {
// note: specified post comes from a variable passed into newreply.php
$dataman->set('visible', 0);
$post['visible'] = 0;
} else {
$dataman->set('visible', 1);
$post['visible'] = 1;
}
if ($type != 'thread') {
if ($dp_flag) {
$parentid = $post['parentid'];
} else {
if ($postinfo['postid']) {
// get parentid of the new post
// we're not posting a new thread, so make this post a child of the first post in the thread
if (!empty($threadinfo['firstpostid'])) {
//we have the postid in the thread table (firstpostid)
$parentid = $threadinfo['firstpostid'];
} else {
//for some reason it might not be available in the $threadinfo array, need to fetch it
$getfirstpost = $vbulletin->db->query_first("SELECT postid FROM " . TABLE_PREFIX . "post WHERE threadid={$threadinfo['threadid']} ORDER BY dateline LIMIT 1");
$parentid = $getfirstpost['postid'];
}
} else {
$parentid = $postinfo['postid'];
}
}
$dataman->setr('parentid', $parentid);
$dataman->setr('threadid', $threadinfo['threadid']);
} else {
$dataman->setr('forumid', $foruminfo['forumid']);
}
$errors = array();
// done!
($hook = vBulletinHook::fetch_hook('newpost_process')) ? eval($hook) : false;
if ($vbulletin->GPC['fromquickreply'] and $post['preview']) {
$errors = array();
return;
}
if (fetch_require_hvcheck('post') and !$post['preview']) {
require_once DIR . '/includes/class_humanverify.php';
$verify =& vB_HumanVerify::fetch_library($vbulletin);
if (!$verify->verify_token($post['humanverify'])) {
$dataman->error($verify->fetch_error());
}
}
if ($dataman->info['podcastsize']) {
$post['podcastsize'] = $dataman->info['podcastsize'];
}
// check if this forum requires a prefix
if ($type == 'thread' and !$dataman->fetch_field('prefixid') and $foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
// only require a prefix if we actually have options for this forum
require_once DIR . '/includes/functions_prefix.php';
if (fetch_prefix_array($foruminfo['forumid'])) {
$dataman->error('thread_prefix_required');
}
}
if ($type == 'thread' and $post['taglist']) {
$threadinfo['postuserid'] = $vbulletin->userinfo['userid'];
require_once DIR . '/includes/class_taggablecontent.php';
$content = vB_Taggable_Content_Item::create($vbulletin, "vBForum_Thread", $dataman->thread['threadid'], $threadinfo);
$limits = $content->fetch_tag_limits();
$content->filter_tag_list_content_limits($post['taglist'], $limits, $tag_errors, true, false);
if ($tag_errors) {
foreach ($tag_errors as $error) {
$dataman->error($error);
}
}
$dataman->setr('taglist', $post['taglist']);
}
if ($type == 'reply' and $vbulletin->GPC['return_node']) {
$dataman->set_info('nodeid', $vbulletin->GPC['return_node']);
}
$dataman->pre_save();
$errors = array_merge($errors, $dataman->errors);
if ($post['preview']) {
return;
}
// ### DUPE CHECK ###
$dupehash = md5($foruminfo['forumid'] . $post['title'] . $post['message'] . $vbulletin->userinfo['userid'] . $type);
$prevpostfound = false;
$prevpostthreadid = 0;
if ($prevpost = $vbulletin->db->query_first("\n\t\tSELECT posthash.threadid, thread.title\n\t\tFROM " . TABLE_PREFIX . "posthash AS posthash\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = posthash.threadid)\n\t\tWHERE posthash.userid = " . $vbulletin->userinfo['userid'] . " AND\n\t\t\tposthash.dupehash = '" . $vbulletin->db->escape_string($dupehash) . "' AND\n\t\t\tposthash.dateline > " . (TIMENOW - 300) . "\n\t")) {
if ($type == 'thread' and $prevpost['threadid'] == 0 or $type == 'reply' and $prevpost['threadid'] == $threadinfo['threadid']) {
$prevpostfound = true;
$prevpostthreadid = $prevpost['threadid'];
}
}
// Redirect user to forumdisplay since this is a duplicate post
if ($prevpostfound) {
if ($type == 'thread') {
$vbulletin->url = fetch_seo_url('forum', $foruminfo);
print_standard_redirect('redirect_duplicatethread', true, true);
} else {
// with ajax quick reply we need to use the error system
if ($vbulletin->GPC['ajax']) {
$dataman->error('duplicate_post');
$errors = $dataman->errors;
return;
} else {
$vbulletin->url = fetch_seo_url('thread', $prevpost, array('goto' => 'newpost'));
if ($post['ajaxqrfailed']) {
// ajax qr failed. While this is a dupe, most likely the user didn't
// see the initial post, so act like it went through.
print_standard_redirect('redirect_postthanks');
} else {
print_standard_redirect('redirect_duplicatepost', true, true);
}
}
}
}
if (sizeof($errors) > 0) {
return;
}
if ($post['doublepost']) {
$dataman->save();
} else {
$id = $dataman->save();
}
if ($type == 'thread') {
$post['threadid'] = $id;
$threadinfo =& $dataman->thread;
$post['postid'] = $dataman->fetch_field('firstpostid');
clear_autosave_text('vBForum_Thread', 0, 0, $vbulletin->userinfo['userid']);
} else {
$post['postid'] = $id;
if ($vbulletin->GPC_exists['return_node'] and intval($vbulletin->GPC['return_node'])) {
clear_autosave_text('vBCms_ArticleComment', 0, $vbulletin->GPC['return_node'], $vbulletin->userinfo['userid']);
} else {
clear_autosave_text('vBForum_Post', 0, $threadinfo['threadid'], $vbulletin->userinfo['userid']);
}
}
post_vb_api_details('vBForum_Post', $post['postid']);
$post['visible'] = $dataman->fetch_field('visible');
$set_open_status = false;
$set_sticky_status = false;
if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
$set_open_status = true;
}
if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
$set_sticky_status = true;
}
if ($set_open_status or $set_sticky_status) {
$thread =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
if ($type == 'thread') {
$thread->set_existing($dataman->thread);
if ($set_open_status) {
$post['postpoll'] = false;
}
} else {
$thread->set_existing($threadinfo);
}
if ($set_open_status) {
$thread->set('open', $thread->fetch_field('open') == 1 ? 0 : 1);
}
if ($set_sticky_status) {
$thread->set('sticky', $thread->fetch_field('sticky') == 1 ? 0 : 1);
}
$thread->save();
}
if ($type == 'thread') {
require_once DIR . '/includes/class_taggablecontent.php';
$content = vB_Taggable_Content_Item::create($vbulletin, "vBForum_Thread", $dataman->thread['threadid'], $threadinfo);
$limits = $content->fetch_tag_limits();
$content->add_tags_to_content($post['taglist'], $limits);
}
// ### DO THREAD RATING ###
build_thread_rating($post['rating'], $foruminfo, $threadinfo);
// ### DO EMAIL NOTIFICATION ###
if ($post['visible'] and $type != 'thread' and !in_coventry($vbulletin->userinfo['userid'], true)) {
exec_send_notification($threadinfo['threadid'], $vbulletin->userinfo['userid'], $post['postid']);
}
// ### DO THREAD SUBSCRIPTION ###
if ($vbulletin->userinfo['userid'] != 0) {
require_once DIR . '/includes/functions_misc.php';
$post['emailupdate'] = verify_subscription_choice($post['emailupdate'], $vbulletin->userinfo, 9999);
($hook = vBulletinHook::fetch_hook('newpost_subscribe')) ? eval($hook) : false;
if (!$threadinfo['issubscribed'] and $post['emailupdate'] != 9999) {
// user is not subscribed to this thread so insert it
/*insert query*/
$vbulletin->db->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
} else {
// User is subscribed, see if they changed the settings for this thread
if ($post['emailupdate'] == 9999) {
// Remove this subscription, user chose 'No Subscription'
$vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "subscribethread WHERE threadid = {$threadinfo['threadid']} AND userid = " . $vbulletin->userinfo['userid']);
} else {
if ($threadinfo['emailupdate'] != $post['emailupdate'] or $threadinfo['folderid'] != $post['folderid']) {
// User changed the settings so update the current record
/*insert query*/
$vbulletin->db->query_write("REPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
}
}
}
}
($hook = vBulletinHook::fetch_hook('newpost_complete')) ? eval($hook) : false;
}
function do_get_forum()
{
global $vbulletin, $db, $show, $vbphrase, $foruminfo;
$canpost = true;
$vbulletin->input->clean_array_gpc('r', array('fid' => TYPE_INT, 'previewtype' => TYPE_INT));
$previewtype = $vbulletin->GPC['previewtype'];
if (!$previewtype) {
$previewtype = 1;
}
if (empty($foruminfo['forumid'])) {
$forumid = -1;
} else {
$vbulletin->input->clean_array_gpc('r', array('password' => TYPE_STR));
// Check the forum password
if ($vbulletin->GPC['password'] && $foruminfo['password'] == $vbulletin->GPC['password']) {
// Set a temp cookie for guests
if (!$vbulletin->userinfo['userid']) {
set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']));
} else {
set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']), 1);
}
}
$perpage = $vbulletin->input->clean_gpc('r', 'perpage', TYPE_UINT);
$pagenumber = $vbulletin->input->clean_gpc('r', 'pagenumber', TYPE_UINT);
$daysprune = $vbulletin->input->clean_gpc('r', 'daysprune', TYPE_INT);
$sortfield = $vbulletin->input->clean_gpc('r', 'sortfield', TYPE_STR);
// get permission to view forum
$_permsgetter_ = 'forumdisplay';
$forumperms = fetch_permissions($foruminfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
json_error(ERR_NO_PERMISSION);
}
// Check for forum password!
if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
json_error(ERR_NEED_PASSWORD, RV_NEED_FORUM_PASSWORD);
}
// Can we post in this forum?
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostnew'])) {
$canpost = false;
}
$forumid = $foruminfo['forumid'];
}
// Can forum contain threads?
$announcements_out = array();
// These $_REQUEST values will get used in the sort template so they are assigned to normal variables
$perpage = $vbulletin->input->clean_gpc('r', 'perpage', TYPE_UINT);
$pagenumber = $vbulletin->input->clean_gpc('r', 'pagenumber', TYPE_UINT);
$daysprune = $vbulletin->input->clean_gpc('r', 'daysprune', TYPE_INT);
$sortfield = $vbulletin->input->clean_gpc('r', 'sortfield', TYPE_STR);
// get permission to view forum
$_permsgetter_ = 'forumdisplay';
$forumperms = fetch_permissions($foruminfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
json_error(ERR_NO_PERMISSION);
}
// disable thread preview if we can't view threads
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
$vbulletin->options['threadpreview'] = 0;
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
// verify that we are at the canonical SEO url
// and redirect to this if not
//verify_seo_url('forum', $foruminfo, array('pagenumber' => $_REQUEST['pagenumber']));
// get vbulletin->iforumcache - for use by makeforumjump and forums list
// fetch the forum even if they are invisible since its needed
// for the title but we'll unset that further down
// also fetch subscription info for $show['subscribed'] variable
cache_ordered_forums(1, 1, $vbulletin->userinfo['userid']);
$show['newthreadlink'] = iif(!$show['search_engine'] and $foruminfo['allowposting'], true, false);
$show['threadicons'] = iif($foruminfo['allowicons'], true, false);
$show['threadratings'] = iif($foruminfo['allowratings'], true, false);
$show['subscribed_to_forum'] = $vbulletin->forumcache["{$foruminfo['forumid']}"]['subscribeforumid'] != '' ? true : false;
if (!$daysprune) {
if ($vbulletin->userinfo['daysprune']) {
$daysprune = $vbulletin->userinfo['daysprune'];
} else {
$daysprune = iif($foruminfo['daysprune'], $foruminfo['daysprune'], 30);
}
}
$daysprune = -1;
// FRNR
// ### GET FORUMS, PERMISSIONS, MODERATOR iCACHES ########################
cache_moderators();
// draw nav bar
$navbits = array();
$navbits[$vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']] = $vbphrase['forum'];
$parentlist = array_reverse(explode(',', substr($foruminfo['parentlist'], 0, -3)));
foreach ($parentlist as $forumID) {
$forumTitle = $vbulletin->forumcache["{$forumID}"]['title'];
$navbits[fetch_seo_url('forum', array('forumid' => $forumID, 'title' => $forumTitle))] = $forumTitle;
}
// pop the last element off the end of the $nav array so that we can show it without a link
array_pop($navbits);
$navbits[''] = $foruminfo['title'];
$navbits = construct_navbits($navbits);
$navbar = render_navbar_template($navbits);
$moderatorslist = '';
$listexploded = explode(',', $foruminfo['parentlist']);
$showmods = array();
$show['moderators'] = false;
$totalmods = 0;
foreach ($listexploded as $parentforumid) {
if (!$imodcache["{$parentforumid}"] or $parentforumid == -1) {
continue;
}
foreach ($imodcache["{$parentforumid}"] as $moderator) {
if ($showmods["{$moderator['userid']}"] === true) {
continue;
}
$showmods["{$moderator['userid']}"] = true;
$show['comma_leader'] = $moderatorslist != '';
$show['moderators'] = true;
$totalmods++;
}
}
// ### BUILD FORUMS LIST #################################################
// get an array of child forum ids for this forum
$foruminfo['childlist'] = explode(',', $foruminfo['childlist']);
// define max depth for forums display based on $vbulletin->options[forumhomedepth]
define('MAXFORUMDEPTH', $vbulletin->options['forumdisplaydepth']);
if (($vbulletin->options['showforumusers'] == 1 or $vbulletin->options['showforumusers'] == 2 or $vbulletin->options['showforumusers'] > 2 and $vbulletin->userinfo['userid']) and !$show['search_engine']) {
$datecut = TIMENOW - $vbulletin->options['cookietimeout'];
$forumusers = $db->query_read_slave("\n \t\tSELECT user.username, (user.options & " . $vbulletin->bf_misc_useroptions['invisible'] . ") AS invisible, user.usergroupid,\n \t\t\tsession.userid, session.inforum, session.lastactivity, session.badlocation,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\tFROM " . TABLE_PREFIX . "session AS session\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = session.userid)\n \t\tWHERE session.lastactivity > {$datecut}\n \t\tORDER BY" . iif($vbulletin->options['showforumusers'] == 1 or $vbulletin->options['showforumusers'] == 3, " username ASC,") . " lastactivity DESC\n \t");
$numberregistered = 0;
$numberguest = 0;
$doneuser = array();
if ($vbulletin->userinfo['userid']) {
// fakes the user being in this forum
$loggedin = array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'invisible' => $vbulletin->userinfo['invisible'], 'invisiblemark' => $vbulletin->userinfo['invisiblemark'], 'inforum' => $foruminfo['forumid'], 'lastactivity' => TIMENOW, 'musername' => $vbulletin->userinfo['musername']);
$numberregistered = 1;
fetch_online_status($loggedin);
$show['comma_leader'] = false;
$doneuser["{$vbulletin->userinfo['userid']}"] = 1;
}
$inforum = array();
// this require the query to have lastactivity ordered by DESC so that the latest location will be the first encountered.
while ($loggedin = $db->fetch_array($forumusers)) {
if ($loggedin['badlocation']) {
continue;
}
if (empty($doneuser["{$loggedin['userid']}"])) {
if (in_array($loggedin['inforum'], $foruminfo['childlist']) and $loggedin['inforum'] != -1) {
if (!$loggedin['userid']) {
// this is a guest
$numberguest++;
$inforum["{$loggedin['inforum']}"]++;
} else {
$numberregistered++;
$inforum["{$loggedin['inforum']}"]++;
if (fetch_online_status($loggedin)) {
fetch_musername($loggedin);
$show['comma_leader'] = $activeusers != '';
}
}
}
if ($loggedin['userid']) {
$doneuser["{$loggedin['userid']}"] = 1;
}
}
}
if (!$vbulletin->userinfo['userid']) {
$numberguest = $numberguest == 0 ? 1 : $numberguest;
}
$totalonline = $numberregistered + $numberguest;
unset($joingroupid, $key, $datecut, $invisibleuser, $userinfo, $userid, $loggedin, $index, $value, $forumusers, $parentarray);
$show['activeusers'] = true;
} else {
$show['activeusers'] = false;
}
// #############################################################################
// get read status for this forum and children
$unreadchildforums = 0;
foreach ($foruminfo['childlist'] as $val) {
if ($val == -1 or $val == $foruminfo['forumid']) {
continue;
}
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$lastread_child = max($vbulletin->forumcache["{$val}"]['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
$lastread_child = max(intval(fetch_bbarray_cookie('forum_view', $val)), $vbulletin->userinfo['lastvisit']);
}
if ($vbulletin->forumcache["{$val}"]['lastpost'] > $lastread_child) {
$unreadchildforums = 1;
break;
}
}
$forumbits = fr_construct_forum_bit($forumid);
// admin tools
$show['post_queue'] = can_moderate($foruminfo['forumid'], 'canmoderateposts');
$show['attachment_queue'] = can_moderate($foruminfo['forumid'], 'canmoderateattachments');
$show['mass_move'] = can_moderate($foruminfo['forumid'], 'canmassmove');
$show['mass_prune'] = can_moderate($foruminfo['forumid'], 'canmassprune');
$show['post_new_announcement'] = can_moderate($foruminfo['forumid'], 'canannounce');
$show['addmoderator'] = $permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'];
$show['adminoptions'] = ($show['post_queue'] or $show['attachment_queue'] or $show['mass_move'] or $show['mass_prune'] or $show['addmoderator'] or $show['post_new_announcement']);
$navpopup = array('id' => 'forumdisplay_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('forum', $foruminfo));
construct_quick_nav($navpopup);
/////////////////////////////////
if ($foruminfo['cancontainthreads']) {
/////////////////////////////////
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$foruminfo['forumread'] = $vbulletin->forumcache["{$foruminfo['forumid']}"]['forumread'];
$lastread = max($foruminfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
$bbforumview = intval(fetch_bbarray_cookie('forum_view', $foruminfo['forumid']));
$lastread = max($bbforumview, $vbulletin->userinfo['lastvisit']);
}
// Inline Moderation
$show['movethread'] = can_moderate($forumid, 'canmanagethreads') ? true : false;
$show['deletethread'] = (can_moderate($forumid, 'candeleteposts') or can_moderate($forumid, 'canremoveposts')) ? true : false;
$show['approvethread'] = can_moderate($forumid, 'canmoderateposts') ? true : false;
$show['openthread'] = can_moderate($forumid, 'canopenclose') ? true : false;
$show['inlinemod'] = ($show['movethread'] or $show['deletethread'] or $show['approvethread'] or $show['openthread']) ? true : false;
$show['spamctrls'] = ($show['inlinemod'] and $show['deletethread']);
$url = $show['inlinemod'] ? SCRIPTPATH : '';
// fetch popup menu
if ($show['popups'] and $show['inlinemod']) {
} else {
$threadadmin_imod_thread_menu = '';
}
// get announcements
$announcebits = '';
if ($show['threadicons'] and $show['inlinemod']) {
$announcecolspan = 6;
} else {
if (!$show['threadicons'] and !$show['inlinemod']) {
$announcecolspan = 4;
} else {
$announcecolspan = 5;
}
}
$mindate = TIMENOW - 2592000;
// 30 days
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$announcements = $db->query_read_slave("\n \t\tSELECT\n \t\t\tannouncement.announcementid, startdate, title, announcement.views,\n \t\t\tuser.username, user.userid, user.usertitle, user.customtitle, user.usergroupid,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . ($vbulletin->userinfo['userid'] ? ", NOT ISNULL(announcementread.announcementid) AS readannounce" : "") . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n \t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "announcementread AS announcementread ON (announcementread.announcementid = announcement.announcementid AND announcementread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = announcement.userid)\n \t\t{$hook_query_joins}\n \t\tWHERE startdate <= " . TIMENOW . "\n \t\t\tAND enddate >= " . TIMENOW . "\n \t\t\tAND " . fetch_forum_clause_sql($foruminfo['forumid'], 'forumid') . "\n \t\t\t{$hook_query_where}\n \t\tORDER BY startdate DESC, announcement.announcementid DESC\n \t\t" . iif($vbulletin->options['oneannounce'], "LIMIT 1"));
while ($announcement = $db->fetch_array($announcements)) {
fetch_musername($announcement);
$announcement['title'] = fetch_censored_text($announcement['title']);
$announcement['postdate'] = vbdate($vbulletin->options['dateformat'], $announcement['startdate']);
if ($announcement['readannounce'] or $announcement['startdate'] <= $mindate) {
$announcement['statusicon'] = 'old';
} else {
$announcement['statusicon'] = 'new';
}
$announcement['views'] = vb_number_format($announcement['views']);
$announcementidlink = iif(!$vbulletin->options['oneannounce'], "&a={$announcement['announcementid']}");
// FRNR START
if ($pagenumber == 1) {
$avatarurl = '';
$userinfoavatar = fetch_userinfo($announcement['userid'], FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfoavatar, true, false);
if ($userinfoavatar['avatarurl'] != '') {
$avatarurl = process_avatarurl($userinfoavatar['avatarurl']);
}
unset($userinfoavatar);
$tmp = array('thread_id' => $foruminfo['forumid'], 'announcement' => 1, 'new_posts' => $announcement['readannounce'] ? 0 : 1, 'thread_title' => prepare_utf8_string(strip_tags($announcement['title'])), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($announcement['pagetext']), FR_PREVIEW_LEN)), 'post_userid' => $announcement['userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($announcement['postdate'])), 'post_username' => prepare_utf8_string(strip_tags($announcement['username'])));
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
$announcements_out[] = $tmp;
}
// FRNR END
}
// display threads
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
$limitothers = "AND postuserid = " . $vbulletin->userinfo['userid'] . " AND " . $vbulletin->userinfo['userid'] . " <> 0";
} else {
$limitothers = '';
}
if (can_moderate($foruminfo['forumid'])) {
$redirectjoin = "LEFT JOIN " . TABLE_PREFIX . "threadredirect AS threadredirect ON(thread.open = 10 AND thread.threadid = threadredirect.threadid)";
} else {
$redirectjoin = '';
}
// filter out deletion notices if can't be seen
if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'] or can_moderate($foruminfo['forumid'])) {
$canseedelnotice = true;
$deljoin = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(thread.threadid = deletionlog.primaryid AND deletionlog.type = 'thread')";
} else {
$canseedelnotice = false;
$deljoin = '';
}
// remove threads from users on the global ignore list if user is not a moderator
if ($Coventry = fetch_coventry('string') and !can_moderate($foruminfo['forumid'])) {
$globalignore = "AND postuserid NOT IN ({$Coventry}) ";
} else {
$globalignore = '';
}
// look at thread limiting options
$stickyids = '';
$stickycount = 0;
if ($daysprune != -1) {
if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
$tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ")";
$datecut = " AND (thread.lastpost >= " . (TIMENOW - $daysprune * 86400) . " OR tachythreadpost.lastpost >= " . (TIMENOW - $daysprune * 86400) . ")";
} else {
$datecut = "AND lastpost >= " . (TIMENOW - $daysprune * 86400);
$tachyjoin = "";
}
$show['noposts'] = false;
} else {
$tachyjoin = "";
$datecut = "";
$show['noposts'] = true;
}
// complete form fields on page
$daysprunesel = iif($daysprune == -1, 'all', $daysprune);
$daysprunesel = array($daysprunesel => 'selected="selected"');
$vbulletin->input->clean_array_gpc('r', array('sortorder' => TYPE_NOHTML, 'prefixid' => TYPE_NOHTML));
// prefix options
$prefix_options = fetch_prefix_html($foruminfo['forumid'], $vbulletin->GPC['prefixid']);
$prefix_selected = array('anythread', 'anythread' => '', 'none' => '');
if ($vbulletin->GPC['prefixid']) {
//no prefix id
if ($vbulletin->GPC['prefixid'] == '-1') {
$prefix_filter = "AND thread.prefixid = ''";
$prefix_selected['none'] = ' selected="selected"';
} else {
if ($vbulletin->GPC['prefixid'] == '-2') {
$prefix_filter = "AND thread.prefixid <> ''";
$prefix_selected['anyprefix'] = ' selected="selected"';
} else {
$prefix_filter = "AND thread.prefixid = '" . $db->escape_string($vbulletin->GPC['prefixid']) . "'";
}
}
} else {
$prefix_filter = '';
$prefix_selected['anythread'] = ' selected="selected"';
}
// default sorting methods
if (empty($sortfield)) {
$sortfield = $foruminfo['defaultsortfield'];
}
if (empty($vbulletin->GPC['sortorder'])) {
$vbulletin->GPC['sortorder'] = $foruminfo['defaultsortorder'];
}
// look at sorting options:
if ('asc' != ($sortorder = $vbulletin->GPC['sortorder'])) {
$sqlsortorder = 'DESC';
$order = array('desc' => 'checked="checked"');
$vbulletin->GPC['sortorder'] = 'desc';
} else {
$sqlsortorder = '';
$order = array('asc' => 'checked="checked"');
}
$sqlsortfield2 = '';
switch ($sortfield) {
case 'title':
$sqlsortfield = 'thread.title';
break;
case 'lastpost':
$sqlsortfield = 'lastpost';
break;
case 'replycount':
case 'views':
$sqlsortfield = 'views';
case 'postusername':
$sqlsortfield = $sortfield;
break;
case 'voteavg':
if ($foruminfo['allowratings']) {
$sqlsortfield = 'voteavg';
$sqlsortfield2 = 'votenum';
break;
}
case 'dateline':
$sqlsortfield = 'thread.dateline';
break;
// else, use last post
// else, use last post
default:
$handled = false;
if (!$handled) {
$sqlsortfield = 'lastpost';
$sortfield = 'lastpost';
}
}
$sort = array($sortfield => 'selected="selected"');
$visiblethreads = " AND visible = 1";
/*if (!can_moderate($forumid, 'canmoderateposts'))
{
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice']))
{
$visiblethreads = " AND visible = 1 ";
}
else
{
$visiblethreads = " AND visible IN (1,2)";
}
}
else
{
$visiblethreads = " AND visible IN (0,1,2)";
}*/
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
# Include visible IN (0,1,2) in order to hit upon the 4 column index
$threadscount = $db->query_first_slave("\n \t\tSELECT COUNT(*) AS threads, SUM(IF(thread.lastpost > {$lastread} AND open <> 10, 1, 0)) AS newthread\n \t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "thread AS thread\n \t\t{$tachyjoin}\n \t\t{$hook_query_joins}\n \t\tWHERE forumid = {$foruminfo['forumid']}\n \t\t\tAND sticky = 0\n \t\t\t{$prefix_filter}\n \t\t\t{$visiblethreads}\n \t\t\t{$globalignore}\n \t\t\t{$limitothers}\n \t\t\t{$datecut}\n \t\t\t{$hook_query_where}\n \t");
$totalthreads = $threadscount['threads'];
$newthreads = $threadscount['newthread'];
// set defaults
sanitize_pageresults($totalthreads, $pagenumber, $perpage, 200, $vbulletin->options['maxthreads']);
// get number of sticky threads for the first page
// on the first page there will be the sticky threads PLUS the $perpage other normal threads
// not quite a bug, but a deliberate feature!
if ($pagenumber == 1) {
$stickies = $db->query_read_slave("\n \t\t\tSELECT thread.threadid, lastpost, open\n \t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n \t\t\tWHERE forumid = {$foruminfo['forumid']}\n \t\t\t\tAND sticky = 1\n \t\t\t\t{$prefix_filter}\n \t\t\t\t{$visiblethreads}\n \t\t\t\t{$limitothers}\n \t\t\t\t{$globalignore}\n \t\t");
while ($thissticky = $db->fetch_array($stickies)) {
$stickycount++;
if ($thissticky['lastpost'] >= $lastread and $thissticky['open'] != 10) {
$newthreads++;
}
$stickyids .= ",{$thissticky['threadid']}";
}
$db->free_result($stickies);
unset($thissticky, $stickies);
}
$limitlower = ($pagenumber - 1) * $perpage;
$limitupper = $pagenumber * $perpage;
if ($limitupper > $totalthreads) {
$limitupper = $totalthreads;
if ($limitlower > $totalthreads) {
$limitlower = $totalthreads - $perpage - 1;
}
}
if ($limitlower < 0) {
$limitlower = 0;
}
if ($foruminfo['allowratings']) {
$vbulletin->options['showvotes'] = intval($vbulletin->options['showvotes']);
$votequery = "\n \t\t\tIF(votenum >= " . $vbulletin->options['showvotes'] . ", votenum, 0) AS votenum,\n \t\t\tIF(votenum >= " . $vbulletin->options['showvotes'] . " AND votenum > 0, votetotal / votenum, 0) AS voteavg,\n \t\t";
} else {
$votequery = '';
}
if ($previewtype == 1) {
$previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,";
$previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)";
} else {
$previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,";
$previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.lastpostid)";
}
if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
$tachyjoin = "\n \t\t\tLEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON\n \t\t\t\t(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ")\n \t\t\tLEFT JOIN " . TABLE_PREFIX . "tachythreadcounter AS tachythreadcounter ON\n \t\t\t\t(tachythreadcounter.threadid = thread.threadid AND tachythreadcounter.userid = " . $vbulletin->userinfo['userid'] . ")\n \t\t";
$tachy_columns = "\n \t\t\tIF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost,\n \t\t\tIF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter,\n \t\t\tIF(tachythreadpost.userid IS NULL, thread.lastposterid, tachythreadpost.lastposterid) AS lastposterid,\n \t\t\tIF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid,\n \t\t\tIF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount) AS replycount,\n \t\t\tIF(thread.views<=IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount), IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount)+1, thread.views) AS views\n \t\t";
} else {
$tachyjoin = '';
$tachy_columns = 'thread.lastpost, thread.lastposter, thread.lastposterid, thread.lastpostid, thread.replycount, IF(thread.views<=thread.replycount, thread.replycount+1, thread.views) AS views';
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$getthreadids = $db->query_read_slave("\n \t\tSELECT " . iif($sortfield == 'voteavg', $votequery) . " thread.threadid,\n \t\t\t{$tachy_columns}\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "thread AS thread\n \t\t{$tachyjoin}\n \t\t{$hook_query_joins}\n \t\tWHERE forumid = {$foruminfo['forumid']}\n \t\t\tAND sticky = 0\n \t\t\t{$prefix_filter}\n \t\t\t{$visiblethreads}\n \t\t\t{$globalignore}\n \t\t\t{$limitothers}\n \t\t\t{$datecut}\n \t\t\t{$hook_query_where}\n \t\tORDER BY sticky DESC, {$sqlsortfield} {$sqlsortorder}" . (!empty($sqlsortfield2) ? ", {$sqlsortfield2} {$sqlsortorder}" : '') . "\n \t\tLIMIT {$limitlower}, {$perpage}\n \t");
$ids = '';
while ($thread = $db->fetch_array($getthreadids)) {
$ids .= ',' . $thread['threadid'];
}
$ids .= $stickyids;
$db->free_result($getthreadids);
unset($thread, $getthreadids);
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$threads = $db->query_read_slave("\n \t\tSELECT {$votequery} {$previewfield}\n \t\t\tthread.threadid, thread.title AS threadtitle, thread.forumid, pollid, open, postusername, postuserid, thread.iconid AS threadiconid,\n \t\t\tthread.dateline, notes, thread.visible, sticky, votetotal, thread.attach, {$tachy_columns},\n \t\t\tthread.prefixid, thread.taglist, hiddencount, deletedcount,\n \t\t\tuser.usergroupid, user.homepage, user.options AS useroptions, IF(userlist.friend = 'yes', 1, 0) AS isfriend\n \t\t\t" . (($vbulletin->options['threadsubscribed'] and $vbulletin->userinfo['userid']) ? ", NOT ISNULL(subscribethread.subscribethreadid) AS issubscribed" : "") . "\n \t\t\t" . ($deljoin ? ", deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n \t\t\t" . (($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) ? ", threadread.readtime AS threadread" : "") . "\n \t\t\t" . ($redirectjoin ? ", threadredirect.expires" : "") . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "thread AS thread\n \t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = thread.lastposterid)\n \t\t\tLEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.relationid = user.userid AND userlist.type = 'buddy' AND userlist.userid = " . $vbulletin->userinfo['userid'] . ")\n \t\t\t{$deljoin}\n \t\t\t" . (($vbulletin->options['threadsubscribed'] and $vbulletin->userinfo['userid']) ? " LEFT JOIN " . TABLE_PREFIX . "subscribethread AS subscribethread ON(subscribethread.threadid = thread.threadid AND subscribethread.userid = " . $vbulletin->userinfo['userid'] . " AND canview = 1)" : "") . "\n \t\t\t" . (($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) ? " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n \t\t\t{$previewjoin}\n \t\t\t{$tachyjoin}\n \t\t\t{$redirectjoin}\n \t\t\t{$hook_query_joins}\n \t\tWHERE thread.threadid IN (0{$ids}) {$hook_query_where}\n \t\tORDER BY sticky DESC, {$sqlsortfield} {$sqlsortorder}" . (!empty($sqlsortfield2) ? ", {$sqlsortfield2} {$sqlsortorder}" : '') . "\n \t");
unset($limitothers, $delthreadlimit, $deljoin, $datecut, $votequery, $sqlsortfield, $sqlsortorder, $threadids, $sqlsortfield2);
// Get Dot Threads
$dotthreads = fetch_dot_threads_array($ids);
if ($vbulletin->options['showdots'] and $vbulletin->userinfo['userid']) {
$show['dotthreads'] = true;
} else {
$show['dotthreads'] = false;
}
unset($ids);
$pageinfo = array();
if ($vbulletin->GPC['prefixid']) {
$pageinfo['prefixid'] = $vbulletin->GPC['prefixid'];
}
if ($vbulletin->GPC['daysprune']) {
$pageinfo['daysprune'] = $daysprune;
}
$show['fetchseo'] = true;
$oppositesort = $vbulletin->GPC['sortorder'] == 'asc' ? 'desc' : 'asc';
$pageinfo_voteavg = $pageinfo + array('sort' => 'voteavg', 'order' => 'voteavg' == $sortfield ? $oppositesort : 'desc');
$pageinfo_title = $pageinfo + array('sort' => 'title', 'order' => 'title' == $sortfield ? $oppositesort : 'asc');
$pageinfo_postusername = $pageinfo + array('sort' => 'postusername', 'order' => 'postusername' == $sortfield ? $oppositesort : 'asc');
$pageinfo_flastpost = $pageinfo + array('sort' => 'lastpost', 'order' => 'lastpost' == $sortfield ? $oppositesort : 'asc');
$pageinfo_replycount = $pageinfo + array('sort' => 'replycount', 'order' => 'replycount' == $sortfield ? $oppositesort : 'desc');
$pageinfo_views = $pageinfo + array('sort' => 'views', 'order' => 'views' == $sortfield ? $oppositesort : 'desc');
$pageinfo_sort = $pageinfo + array(sort => $sortfield, 'order' => $oppositesort, 'pp' => $perpage, 'page' => $pagenumber);
if ($totalthreads > 0 or $stickyids) {
if ($totalthreads > 0) {
$limitlower++;
}
// check to see if there are any threads to display. If there are, do so, otherwise, show message
if ($vbulletin->options['threadpreview'] > 0) {
// Get Buddy List
$buddy = array();
if (trim($vbulletin->userinfo['buddylist'])) {
$buddylist = preg_split('/( )+/', trim($vbulletin->userinfo['buddylist']), -1, PREG_SPLIT_NO_EMPTY);
foreach ($buddylist as $buddyuserid) {
$buddy["{$buddyuserid}"] = 1;
}
}
DEVDEBUG('buddies: ' . implode(', ', array_keys($buddy)));
// Get Ignore Users
$ignore = array();
if (trim($vbulletin->userinfo['ignorelist'])) {
$ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
foreach ($ignorelist as $ignoreuserid) {
if (!$buddy["{$ignoreuserid}"]) {
$ignore["{$ignoreuserid}"] = 1;
}
}
}
DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore)));
}
$show['threads'] = true;
$threadbits = '';
$threadbits_sticky = '';
$counter = 0;
$toread = 0;
while ($thread = $db->fetch_array($threads)) {
// AND $counter++ < $perpage)
// build thread data
$thread = process_thread_array($thread, $lastread, $foruminfo['allowicons']);
$realthreadid = $thread['realthreadid'];
if ($thread['sticky']) {
$threadbit =& $threadbits_sticky;
} else {
$threadbit =& $threadbits;
}
// Soft Deleted Thread
if ($thread['visible'] == 2) {
$thread['deletedcount']++;
$show['threadtitle'] = (can_moderate($forumid) or $vbulletin->userinfo['userid'] != 0 and $vbulletin->userinfo['userid'] == $thread['postuserid']) ? true : false;
$show['deletereason'] = !empty($thread['del_reason']) ? true : false;
$show['viewthread'] = can_moderate($forumid) ? true : false;
$show['managethread'] = (can_moderate($forumid, 'candeleteposts') or can_moderate($forumid, 'canremoveposts')) ? true : false;
$show['moderated'] = ($thread['hiddencount'] > 0 and can_moderate($forumid, 'canmoderateposts')) ? true : false;
$show['deletedthread'] = $canseedelnotice;
} else {
if (!$thread['visible']) {
$thread['hiddencount']++;
}
$show['moderated'] = ($thread['hiddencount'] > 0 and can_moderate($forumid, 'canmoderateposts')) ? true : false;
$show['deletedthread'] = ($thread['deletedcount'] > 0 and $canseedelnotice) ? true : false;
$pageinfo_lastpage = array();
if ($show['pagenavmore']) {
$pageinfo_lastpage['page'] = $thread['totalpages'];
}
$pageinfo_newpost = array('goto' => 'newpost');
$pageinfo_lastpost = array('p' => $thread['lastpostid']);
// prepare the member action drop-down menu
$memberaction_dropdown = construct_memberaction_dropdown(fetch_lastposter_userinfo($thread));
}
// FRNR Start
$avatarurl = '';
if ($thread['lastpost_userid'] > 0) {
$userinfoavatar = fetch_userinfo($thread['lastpost_userid'], FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfoavatar, true, false);
if ($userinfoavatar['avatarurl'] != '') {
$avatarurl = process_avatarurl($userinfoavatar['avatarurl']);
}
unset($userinfoavatar);
}
$tmp = array('thread_id' => $thread['threadid'], 'new_posts' => $show['gotonewpost'] ? 1 : 0, 'forum_id' => $thread['forumid'], 'total_posts' => $thread['totalposts'] ? $thread['totalposts'] : 0, 'thread_title' => prepare_utf8_string(strip_tags($thread['threadtitle'])), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($thread['preview']), FR_PREVIEW_LEN)), 'post_userid' => $thread['lastpost_userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($thread['lastpostdate']) . ' ' . $thread['lastposttime']), 'post_username' => prepare_utf8_string(strip_tags($thread['lastpost_username'])));
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
if ($thread['prefixid']) {
$tmp['prefix'] = prepare_utf8_string(strip_tags($vbphrase["prefix_{$thread['prefixid']}_title_plain"]));
}
if ($thread['attach']) {
$tmp['attach'] = true;
}
if ($thread['pollid']) {
$tmp['poll'] = true;
}
if ($thread['open'] == 10) {
// Special case for redirect threads
$tmp = array_merge($tmp, array('post_userid' => $thread['postuserid'], 'post_username' => prepare_utf8_string(strip_tags($thread['postusername'])), 'poll' => false));
}
if ($thread['sticky']) {
$thread_data_sticky[] = $tmp;
} else {
$thread_data[] = $tmp;
}
// FRNR Stop
}
$db->free_result($threads);
unset($thread, $counter);
$pageinfo_pagenav = array();
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo_pagenav['pp'] = $perpage;
}
if (!empty($vbulletin->GPC['prefixid'])) {
$pageinfo_pagenav['prefixid'] = $vbulletin->GPC['prefixid'];
}
if (!empty($vbulletin->GPC['sortfield'])) {
$pageinfo_pagenav['sort'] = $sortfield;
}
if (!empty($vbulletin->GPC['sortorder'])) {
$pageinfo_pagenav['order'] = $vbulletin->GPC['sortorder'];
}
if (!empty($vbulletin->GPC['daysprune'])) {
$pageinfo_pagenav['daysprune'] = $daysprune;
}
$pagenav = construct_page_nav($pagenumber, $perpage, $totalthreads, 'forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$foruminfo['forumid']}", '', '', 'forum', $foruminfo, $pageinfo_pagenav);
}
unset($threads, $dotthreads);
// get colspan for bottom bar
$foruminfo['bottomcolspan'] = 5;
if ($foruminfo['allowicons']) {
$foruminfo['bottomcolspan']++;
}
if ($show['inlinemod']) {
$foruminfo['bottomcolspan']++;
}
$show['threadslist'] = true;
/////////////////////////////////
} else {
$show['threadslist'] = false;
$canpost = false;
// FRNR
}
/////////////////////////////////
if (!$vbulletin->GPC['prefixid'] and $newthreads < 1 and $unreadchildforums < 1) {
mark_forum_read($foruminfo, $vbulletin->userinfo['userid'], TIMENOW);
}
// FNRN Below
$out = array();
if (is_array($thread_data) && count($thread_data) > 0) {
$out['threads'] = $thread_data;
} else {
$out['threads'] = array();
}
if (is_array($thread_data_sticky) && count($thread_data_sticky) > 0) {
$out['threads_sticky'] = $thread_data_sticky;
$out['total_sticky_threads'] = count($thread_data_sticky);
} else {
$out['threads_sticky'] = array();
$out['total_sticky_threads'] = 0;
}
// Announcements become #1 on the threads
if (is_array($announcements_out) && count($announcements_out) == 1) {
array_unshift($out['threads'], $announcements_out[0]);
$totalthreads++;
}
$out['total_threads'] = $totalthreads ? $totalthreads : 0;
if ($forumbits) {
$out['forums'] = $forumbits;
} else {
$out['forums'] = array();
}
$out['canpost'] = $canpost ? 1 : 0;
$out['canattach'] = ($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid']);
// Get thread prefixes for this forum (if any)
$prefix_out = array();
if ($prefixsets = fetch_prefix_array($forumid)) {
foreach ($prefixsets as $prefixsetid => $prefixes) {
$optgroup_options = '';
foreach ($prefixes as $prefixid => $prefix) {
if ($permcheck and !can_use_prefix($prefixid, $prefix['restrictions'])) {
continue;
}
$optionvalue = $prefixid;
$optiontitle = htmlspecialchars_uni($vbphrase["prefix_{$prefixid}_title_plain"]);
$prefix_out[] = array('prefixid' => $prefixid, 'prefixcaption' => prepare_utf8_string($optiontitle));
}
}
}
if ($foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
$out['prefixrequired'] = true;
} else {
$out['prefixrequired'] = false;
}
$out['prefixes'] = $prefix_out;
return $out;
}
