Example #1
0
        require_once DIR . '/includes/class_humanverify.php';
        $verification =& vB_HumanVerify::fetch_library($vbulletin);
        $human_verify = $verification->output_token();
    } else {
        $human_verify = '';
    }
    $url =& $vbulletin->url;
    eval('print_output("' . fetch_template('lostpw') . '");');
}
// ############################### start email password ###############################
if ($_POST['do'] == 'emailpassword') {
    $vbulletin->input->clean_array_gpc('p', array('email' => TYPE_STR, 'userid' => TYPE_UINT, 'humanverify' => TYPE_ARRAY));
    if ($vbulletin->GPC['email'] == '') {
        eval(standard_error(fetch_error('invalidemail', $vbulletin->options['contactuslink'])));
    }
    if (fetch_require_hvcheck('lostpw')) {
        require_once DIR . '/includes/class_humanverify.php';
        $verify =& vB_HumanVerify::fetch_library($vbulletin);
        if (!$verify->verify_token($vbulletin->GPC['humanverify'])) {
            standard_error(fetch_error($verify->fetch_error()));
        }
    }
    require_once DIR . '/includes/functions_user.php';
    $users = $db->query_read_slave("\n\t\tSELECT userid, username, email, languageid\n\t\tFROM " . TABLE_PREFIX . "user\n\t\tWHERE email = '" . $db->escape_string($vbulletin->GPC['email']) . "'\n\t");
    if ($db->num_rows($users)) {
        while ($user = $db->fetch_array($users)) {
            if ($vbulletin->GPC['userid'] and $vbulletin->GPC['userid'] != $user['userid']) {
                continue;
            }
            $user['username'] = unhtmlspecialchars($user['username']);
            $user['activationid'] = build_user_activation_id($user['userid'], 2, 1);
Example #2
0
function do_get_thread()
{
    global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vault, $vbphrase;
    $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'password' => TYPE_STR, 'signature' => TYPE_BOOL));
    if (empty($threadinfo['threadid'])) {
        json_error(ERR_INVALID_THREAD);
    }
    $threadedmode = 0;
    $threadid = $vbulletin->GPC['threadid'];
    // Goto first unread post?
    if ($vbulletin->GPC['pagenumber'] == FR_LAST_POST) {
        $threadinfo = verify_id('thread', $threadid, 1, 1);
        if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
            $vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
        } else {
            if (($tview = intval(fetch_bbarray_cookie('thread_lastview', $threadid))) > $vbulletin->userinfo['lastvisit']) {
                $vbulletin->userinfo['lastvisit'] = $tview;
            }
        }
        $coventry = fetch_coventry('string');
        $posts = $db->query_first("\n\t    SELECT MIN(postid) AS postid\n\t    FROM " . TABLE_PREFIX . "post\n\t    WHERE threadid = {$threadinfo['threadid']}\n\t    AND visible = 1\n\t    AND dateline > " . intval($vbulletin->userinfo['lastvisit']) . "\n\t    " . ($coventry ? "AND userid NOT IN ({$coventry})" : "") . "\n\t    LIMIT 1\n\t");
        if ($posts['postid']) {
            $postid = $posts['postid'];
        } else {
            $postid = $threadinfo['lastpostid'];
        }
    }
    // *********************************************************************************
    // workaround for header redirect issue from forms with enctype in IE
    // (use a scrollIntoView javascript call in the <body> onload event)
    $onload = '';
    // *********************************************************************************
    // set $perpage
    $perpage = max(FR_MIN_PERPAGE, min($vbulletin->GPC['perpage'], FR_MAX_PERPAGE));
    // FRNR
    //$perpage = sanitize_maxposts($vbulletin->GPC['perpage']);
    // *********************************************************************************
    // set post order
    if ($vbulletin->userinfo['postorder'] == 0) {
        $postorder = '';
    } else {
        $postorder = 'DESC';
    }
    // *********************************************************************************
    // get thread info
    $thread = verify_id('thread', $threadid, 1, 1);
    $threadinfo =& $thread;
    ($hook = vBulletinHook::fetch_hook('showthread_getinfo')) ? eval($hook) : false;
    // *********************************************************************************
    // check for visible / deleted thread
    if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts') or $thread['isdeleted'] and !can_moderate($thread['forumid'])) {
        json_error(ERR_INVALID_THREAD);
    }
    // *********************************************************************************
    // Tachy goes to coventry
    if (in_coventry($thread['postuserid']) and !can_moderate($thread['forumid'])) {
        json_error(ERR_INVALID_THREAD);
    }
    // FRNR Start
    // Check the forum password (set necessary cookies)
    if ($vbulletin->GPC['password'] && $foruminfo['password'] == $vbulletin->GPC['password']) {
        // set a temp cookie for guests
        if (!$vbulletin->userinfo['userid']) {
            set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']));
        } else {
            set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']), 1);
        }
    }
    // FRNR End
    // *********************************************************************************
    // do word wrapping for the thread title
    if ($vbulletin->options['wordwrap'] != 0) {
        $thread['title'] = fetch_word_wrapped_string($thread['title']);
    }
    $thread['title'] = fetch_censored_text($thread['title']);
    $thread['meta_description'] = strip_bbcode(strip_quotes($thread['description']), false, true);
    $thread['meta_description'] = htmlspecialchars_uni(fetch_censored_text(fetch_trimmed_title($thread['meta_description'], 500, false)));
    // *********************************************************************************
    // words to highlight from the search engine
    if (!empty($vbulletin->GPC['highlight'])) {
        $highlight = preg_replace('#\\*+#s', '*', $vbulletin->GPC['highlight']);
        if ($highlight != '*') {
            $regexfind = array('\\*', '\\<', '\\>');
            $regexreplace = array('[\\w.:@*/?=]*?', '<', '>');
            $highlight = preg_quote(strtolower($highlight), '#');
            $highlight = explode(' ', $highlight);
            $highlight = str_replace($regexfind, $regexreplace, $highlight);
            foreach ($highlight as $val) {
                if ($val = trim($val)) {
                    $replacewords[] = htmlspecialchars_uni($val);
                }
            }
        }
    }
    // *********************************************************************************
    // make the forum jump in order to fill the forum caches
    $navpopup = array('id' => 'showthread_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('thread', $threadinfo));
    construct_quick_nav($navpopup);
    // *********************************************************************************
    // get forum info
    $forum = fetch_foruminfo($thread['forumid']);
    $foruminfo =& $forum;
    // *********************************************************************************
    // check forum permissions
    $forumperms = fetch_permissions($thread['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
        json_error(ERR_NO_PERMISSION);
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
        json_error(ERR_NO_PERMISSION);
    }
    // *********************************************************************************
    // check if there is a forum password and if so, ensure the user has it set
    if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'])) {
        // FRNR
        json_error(ERR_NEED_PASSWORD, RV_NEED_FORUM_PASSWORD);
    }
    // verify that we are at the canonical SEO url
    // and redirect to this if not
    //verify_seo_url('thread|js', $threadinfo, array('pagenumber' => $_REQUEST['pagenumber']));
    // *********************************************************************************
    // jump page if thread is actually a redirect
    if ($thread['open'] == 10) {
        $destthreadinfo = fetch_threadinfo($threadinfo['pollid']);
        exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo));
    }
    // *********************************************************************************
    // get ignored users
    $ignore = array();
    if (trim($vbulletin->userinfo['ignorelist'])) {
        $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
        foreach ($ignorelist as $ignoreuserid) {
            $ignore["{$ignoreuserid}"] = 1;
        }
    }
    DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore)));
    // *********************************************************************************
    // filter out deletion notices if can't be seen
    if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'] or can_moderate($threadinfo['forumid'])) {
        $deljoin = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(post.postid = deletionlog.primaryid AND deletionlog.type = 'post')";
    } else {
        $deljoin = '';
    }
    $show['viewpost'] = can_moderate($threadinfo['forumid']) ? true : false;
    $show['managepost'] = iif(can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts'), true, false);
    $show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false;
    $show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false;
    $show['approveattachment'] = can_moderate($threadinfo['forumid'], 'canmoderateattachments') ? true : false;
    $show['inlinemod'] = (!$show['threadedmode'] and ($show['managethread'] or $show['managepost'] or $show['approvepost'])) ? true : false;
    $show['spamctrls'] = ($show['inlinemod'] and $show['managepost']);
    $url = $show['inlinemod'] ? SCRIPTPATH : '';
    // build inline moderation popup
    if ($show['popups'] and $show['inlinemod']) {
        $threadadmin_imod_menu_post = vB_Template::create('threadadmin_imod_menu_post')->render();
    } else {
        $threadadmin_imod_menu_post = '';
    }
    // *********************************************************************************
    // find the page that we should be on to display this post
    if (!empty($postid) and $threadedmode == 0) {
        $postinfo = verify_id('post', $postid, 1, 1);
        $threadid = $postinfo['threadid'];
        $getpagenum = $db->query_first("\n    \t\tSELECT COUNT(*) AS posts\n    \t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\tWHERE threadid = {$threadid} AND visible = 1\n    \t\tAND dateline " . iif(!$postorder, '<=', '>=') . " {$postinfo['dateline']}\n    \t");
        $vbulletin->GPC['pagenumber'] = ceil($getpagenum['posts'] / $perpage);
    }
    // *********************************************************************************
    // update views counter
    if ($vbulletin->options['threadviewslive']) {
        // doing it as they happen; for optimization purposes, this cannot use a DM!
        $db->shutdown_query("\n    \t\tUPDATE " . TABLE_PREFIX . "thread\n    \t\tSET views = views + 1\n    \t\tWHERE threadid = " . intval($threadinfo['threadid']));
    } else {
        // or doing it once an hour
        $db->shutdown_query("\n    \t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n    \t\tVALUES (" . intval($threadinfo['threadid']) . ')');
    }
    // *********************************************************************************
    // display ratings if enabled
    $show['rating'] = false;
    if ($forum['allowratings'] == 1) {
        if ($thread['votenum'] > 0) {
            $thread['voteavg'] = vb_number_format($thread['votetotal'] / $thread['votenum'], 2);
            $thread['rating'] = intval(round($thread['votetotal'] / $thread['votenum']));
            if ($thread['votenum'] >= $vbulletin->options['showvotes']) {
                $show['rating'] = true;
            }
        }
        devdebug("threadinfo[vote] = {$threadinfo['vote']}");
        if ($threadinfo['vote']) {
            $voteselected["{$threadinfo['vote']}"] = 'selected="selected"';
            $votechecked["{$threadinfo['vote']}"] = 'checked="checked"';
        } else {
            $voteselected[0] = 'selected="selected"';
            $votechecked[0] = 'checked="checked"';
        }
    }
    // *********************************************************************************
    // set page number
    if ($vbulletin->GPC['pagenumber'] < 1) {
        $vbulletin->GPC['pagenumber'] = 1;
    } else {
        if ($vbulletin->GPC['pagenumber'] > ceil(($thread['replycount'] + 1) / $perpage)) {
            $vbulletin->GPC['pagenumber'] = ceil(($thread['replycount'] + 1) / $perpage);
        }
    }
    // *********************************************************************************
    // initialise some stuff...
    $limitlower = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
    $limitupper = $vbulletin->GPC['pagenumber'] * $perpage;
    $counter = 0;
    if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
        $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
    } else {
        $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
        if (!$threadview) {
            $threadview = $vbulletin->userinfo['lastvisit'];
        }
    }
    $threadinfo['threadview'] = intval($threadview);
    $displayed_dateline = 0;
    ################################################################################
    ############################### SHOW POLL ######################################
    ################################################################################
    $poll = '';
    if ($thread['pollid']) {
        $pollbits = '';
        $counter = 1;
        $pollid = $thread['pollid'];
        $show['editpoll'] = iif(can_moderate($threadinfo['forumid'], 'caneditpoll'), true, false);
        // get poll info
        $pollinfo = $db->query_first_slave("\n    \t\tSELECT *\n    \t\tFROM " . TABLE_PREFIX . "poll\n    \t\tWHERE pollid = {$pollid}\n    \t");
        require_once DIR . '/includes/class_bbcode.php';
        $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
        $pollinfo['question'] = $bbcode_parser->parse(unhtmlspecialchars($pollinfo['question']), $forum['forumid'], true);
        $splitoptions = explode('|||', $pollinfo['options']);
        $splitoptions = array_map('rtrim', $splitoptions);
        $splitvotes = explode('|||', $pollinfo['votes']);
        $showresults = 0;
        $uservoted = 0;
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) {
            $nopermission = 1;
        }
        if (!$pollinfo['active'] or !$thread['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0 or $nopermission) {
            //thread/poll is closed, ie show results no matter what
            $showresults = 1;
        } else {
            //get userid, check if user already voted
            $voted = intval(fetch_bbarray_cookie('poll_voted', $pollid));
            if ($voted) {
                $uservoted = 1;
            }
        }
        ($hook = vBulletinHook::fetch_hook('showthread_poll_start')) ? eval($hook) : false;
        if ($pollinfo['timeout'] and !$showresults) {
            $pollendtime = vbdate($vbulletin->options['timeformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400);
            $pollenddate = vbdate($vbulletin->options['dateformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400);
            $show['pollenddate'] = true;
        } else {
            $show['pollenddate'] = false;
        }
        foreach ($splitvotes as $index => $value) {
            $pollinfo['numbervotes'] += $value;
        }
        if ($vbulletin->userinfo['userid'] > 0) {
            $pollvotes = $db->query_read_slave("\n    \t\t\tSELECT voteoption\n    \t\t\tFROM " . TABLE_PREFIX . "pollvote\n    \t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . " AND pollid = {$pollid}\n    \t\t");
            if ($db->num_rows($pollvotes) > 0) {
                $uservoted = 1;
            }
        }
        if ($showresults or $uservoted) {
            if ($uservoted) {
                $uservote = array();
                while ($pollvote = $db->fetch_array($pollvotes)) {
                    $uservote["{$pollvote['voteoption']}"] = 1;
                }
            }
        }
        $left = vB_Template_Runtime::fetchStyleVar('left');
        $right = vB_Template_Runtime::fetchStyleVar('right');
        $option['open'] = $left[0];
        $option['close'] = $right[0];
        foreach ($splitvotes as $index => $value) {
            $arrayindex = $index + 1;
            $option['uservote'] = iif($uservote["{$arrayindex}"], true, false);
            $option['question'] = $bbcode_parser->parse($splitoptions["{$index}"], $forum['forumid'], true);
            // public link
            if ($pollinfo['public'] and $value) {
                $option['votes'] = '<a href="poll.php?' . $vbulletin->session->vars['sessionurl'] . 'do=showresults&amp;pollid=' . $pollinfo['pollid'] . '">' . vb_number_format($value) . '</a>';
            } else {
                $option['votes'] = vb_number_format($value);
                //get the vote count for the option
            }
            $option['number'] = $counter;
            //number of the option
            //Now we check if the user has voted or not
            if ($showresults or $uservoted) {
                // user did vote or poll is closed
                if ($value <= 0) {
                    $option['percentraw'] = 0;
                } else {
                    if ($pollinfo['multiple']) {
                        $option['percentraw'] = $value < $pollinfo['voters'] ? $value / $pollinfo['voters'] * 100 : 100;
                    } else {
                        $option['percentraw'] = $value < $pollinfo['numbervotes'] ? $value / $pollinfo['numbervotes'] * 100 : 100;
                    }
                }
                $option['percent'] = vb_number_format($option['percentraw'], 2);
                $option['graphicnumber'] = $option['number'] % 6 + 1;
                $option['barnumber'] = round($option['percent']) * 2;
                $option['remainder'] = 201 - $option['barnumber'];
                // Phrase parts below
                if ($nopermission) {
                    $pollstatus = $vbphrase['you_may_not_vote_on_this_poll'];
                } else {
                    if ($showresults) {
                        $pollstatus = $vbphrase['this_poll_is_closed'];
                    } else {
                        if ($uservoted) {
                            $pollstatus = $vbphrase['you_have_already_voted_on_this_poll'];
                        }
                    }
                }
                ($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false;
                $templater = vB_Template::create('pollresult');
                $templater->register('names', $names);
                $templater->register('option', $option);
                $pollbits .= $templater->render();
            } else {
                ($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false;
                if ($pollinfo['multiple']) {
                    $templater = vB_Template::create('polloption_multiple');
                    $templater->register('option', $option);
                    $pollbits .= $templater->render();
                } else {
                    $templater = vB_Template::create('polloption');
                    $templater->register('option', $option);
                    $pollbits .= $templater->render();
                }
            }
            $counter++;
        }
        if ($pollinfo['multiple']) {
            $pollinfo['numbervotes'] = $pollinfo['voters'];
            $show['multiple'] = true;
        }
        if ($pollinfo['public']) {
            $show['publicwarning'] = true;
        } else {
            $show['publicwarning'] = false;
        }
        $displayed_dateline = $threadinfo['lastpost'];
        ($hook = vBulletinHook::fetch_hook('showthread_poll_complete')) ? eval($hook) : false;
        if ($showresults or $uservoted) {
            $templater = vB_Template::create('pollresults_table');
            $templater->register('pollbits', $pollbits);
            $templater->register('pollenddate', $pollenddate);
            $templater->register('pollendtime', $pollendtime);
            $templater->register('pollinfo', $pollinfo);
            $templater->register('pollstatus', $pollstatus);
            $poll = $templater->render();
        } else {
            $templater = vB_Template::create('polloptions_table');
            $templater->register('pollbits', $pollbits);
            $templater->register('pollenddate', $pollenddate);
            $templater->register('pollendtime', $pollendtime);
            $templater->register('pollinfo', $pollinfo);
            $poll = $templater->render();
        }
    }
    // work out if quickreply should be shown or not
    if ($vbulletin->options['quickreply'] and !$thread['isdeleted'] and !is_browser('netscape') and $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'] or $vbulletin->userinfo['userid'] != $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']) and ($thread['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and !fetch_require_hvcheck('post')) {
        $show['quickreply'] = true;
    } else {
        $show['quickreply'] = false;
        $show['wysiwyg'] = 0;
        $quickreply = '';
    }
    $show['largereplybutton'] = (!$thread['isdeleted'] and !$show['threadedmode'] and $forum['allowposting'] and !$show['search_engine']);
    if (!$forum['allowposting']) {
        $show['quickreply'] = false;
    }
    $show['multiquote_global'] = ($vbulletin->options['multiquote'] and $vbulletin->userinfo['userid']);
    if ($show['multiquote_global']) {
        $vbulletin->input->clean_array_gpc('c', array('vbulletin_multiquote' => TYPE_STR));
        $vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']);
    }
    // post is cachable if option is enabled, last post is newer than max age, and this user
    // isn't showing a sessionhash
    $post_cachable = ($vbulletin->options['cachemaxage'] > 0 and TIMENOW - $vbulletin->options['cachemaxage'] * 60 * 60 * 24 <= $thread['lastpost'] and $vbulletin->session->vars['sessionurl'] == '');
    $saveparsed = '';
    $save_parsed_sigs = '';
    ($hook = vBulletinHook::fetch_hook('showthread_post_start')) ? eval($hook) : false;
    ################################################################################
    ####################### SHOW THREAD IN LINEAR MODE #############################
    ################################################################################
    if ($threadedmode == 0) {
        // allow deleted posts to not be counted in number of posts displayed on the page;
        // prevents issue with page count on forum display being incorrect
        $ids = array();
        $lastpostid = 0;
        $hook_query_joins = $hook_query_where = '';
        ($hook = vBulletinHook::fetch_hook('showthread_query_postids')) ? eval($hook) : false;
        if (empty($deljoin) and !$show['approvepost']) {
            $totalposts = $threadinfo['replycount'] + 1;
            if (can_moderate($thread['forumid'])) {
                $coventry = '';
            } else {
                $coventry = fetch_coventry('string');
            }
            $getpostids = $db->query_read("\n    \t\t\tSELECT post.postid\n    \t\t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\t\t{$hook_query_joins}\n    \t\t\tWHERE post.threadid = {$threadid}\n    \t\t\t\tAND post.visible = 1\n    \t\t\t\t" . ($coventry ? "AND post.userid NOT IN ({$coventry})" : '') . "\n    \t\t\t\t{$hook_query_where}\n    \t\t\tORDER BY post.dateline {$postorder}\n    \t\t\tLIMIT {$limitlower}, {$perpage}\n    \t\t");
            while ($post = $db->fetch_array($getpostids)) {
                if (!isset($qrfirstpostid)) {
                    $qrfirstpostid = $post['postid'];
                }
                $qrlastpostid = $post['postid'];
                $ids[] = $post['postid'];
            }
            $db->free_result($getpostids);
            $lastpostid = $qrlastpostid;
        } else {
            $getpostids = $db->query_read("\n    \t\t\tSELECT post.postid, post.visible, post.userid\n    \t\t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\t\t{$hook_query_joins}\n    \t\t\tWHERE post.threadid = {$threadid}\n    \t\t\t\tAND post.visible IN (1\n    \t\t\t\t" . (!empty($deljoin) ? ",2" : "") . "\n    \t\t\t\t" . ($show['approvepost'] ? ",0" : "") . "\n    \t\t\t\t)\n    \t\t\t\t{$hook_query_where}\n    \t\t\tORDER BY post.dateline {$postorder}\n    \t\t");
            $totalposts = 0;
            if ($limitlower != 0) {
                $limitlower++;
            }
            while ($post = $db->fetch_array($getpostids)) {
                if (!isset($qrfirstpostid)) {
                    $qrfirstpostid = $post['postid'];
                }
                $qrlastpostid = $post['postid'];
                if ($post['visible'] == 1 and !in_coventry($post['userid']) and !$ignore[$post['userid']]) {
                    $totalposts++;
                }
                if ($totalposts < $limitlower or $totalposts > $limitupper) {
                    continue;
                }
                // remember, these are only added if they're going to be displayed
                $ids[] = $post['postid'];
                $lastpostid = $post['postid'];
            }
            $db->free_result($getpostids);
        }
        // '0' inside parenthesis in unlikely case we have no ids for this page
        // (this could happen if the replycount is wrong in the db)
        $postids = "post.postid IN (0" . implode(',', $ids) . ")";
        // load attachments
        if ($thread['attach']) {
            require_once DIR . '/packages/vbattach/attach.php';
            $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
            $postattach = $attach->fetch_postattach(0, $ids);
        }
        $hook_query_fields = $hook_query_joins = '';
        ($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false;
        $posts = $db->query_read("\n    \t\tSELECT\n    \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n    \t\t\tuser.*, userfield.*, usertextfield.*,\n    \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n    \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n    \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n    \t\t\t" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n    \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n    \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n    \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n    \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n    \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n    \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n    \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n    \t\t\t{$hook_query_fields}\n    \t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n    \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n    \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n    \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n    \t\t\t{$deljoin}\n    \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n    \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n    \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n    \t\t\t{$hook_query_joins}\n    \t\tWHERE {$postids}\n    \t\tORDER BY post.dateline {$postorder}\n    \t");
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
            $vbulletin->options['attachthumbs'] = 0;
        }
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
            $vbulletin->options['viewattachedimages'] = 0;
        }
        $postcount = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
        if ($postorder) {
            // Newest first
            $postcount = $totalposts - $postcount + 1;
        }
        $counter = 0;
        $postbits = '';
        $postbit_factory = new vB_Postbit_Factory();
        $postbit_factory->registry =& $vbulletin;
        $postbit_factory->forum =& $foruminfo;
        $postbit_factory->thread =& $thread;
        $postbit_factory->cache = array();
        $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
        while ($post = $db->fetch_array($posts)) {
            if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
                continue;
            }
            if ($post['visible'] == 1 and !$tachyuser) {
                ++$counter;
                if ($postorder) {
                    $post['postcount'] = --$postcount;
                } else {
                    $post['postcount'] = ++$postcount;
                }
            }
            if ($tachyuser) {
                $fetchtype = 'post_global_ignore';
            } else {
                if ($ignore["{$post['userid']}"]) {
                    $fetchtype = 'post_ignore';
                } else {
                    if ($post['visible'] == 2) {
                        $fetchtype = 'post_deleted';
                    } else {
                        $fetchtype = 'post';
                    }
                }
            }
            if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
                $fetchtype = 'post';
            }
            if ($fetchtype != 'post' && $fetchtype != 'post_deleted') {
                continue;
            }
            ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
            $postbit_obj =& $postbit_factory->fetch_postbit($fetchtype);
            if ($fetchtype == 'post') {
                $postbit_obj->highlight =& $replacewords;
            }
            $postbit_obj->cachable = $post_cachable;
            $post['islastshown'] = $post['postid'] == $lastpostid;
            $post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1);
            $post['islastshown'] = $post['postid'] == $lastpostid;
            $post['attachments'] = $postattach["{$post['postid']}"];
            $parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);
            $postbits .= $postbit_obj->construct_postbit($post);
            // Only show after the first post, counter isn't incremented for deleted/moderated posts
            if ($post['isfirstshown']) {
                $postbits .= vB_Template::create('ad_showthread_firstpost')->render();
            }
            if ($post_cachable and $post['pagetext_html'] == '') {
                if (!empty($saveparsed)) {
                    $saveparsed .= ',';
                }
                $saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
            }
            if (!empty($postbit_obj->sig_cache) and $post['userid']) {
                if (!empty($save_parsed_sigs)) {
                    $save_parsed_sigs .= ',';
                }
                $save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
            }
            // get first and last post ids for this page (for big reply buttons)
            if (!isset($FIRSTPOSTID)) {
                $FIRSTPOSTID = $post['postid'];
            }
            $LASTPOSTID = $post['postid'];
            if ($post['dateline'] > $displayed_dateline) {
                $displayed_dateline = $post['dateline'];
                if ($displayed_dateline <= $threadview) {
                    $updatethreadcookie = true;
                }
            }
            // FRNR Start
            // find out if first post
            $getpost = $db->query_first("\n                    SELECT firstpostid\n                    FROM " . TABLE_PREFIX . "thread\n                    WHERE threadid = {$threadinfo['threadid']}\n                ");
            $isfirstpost = $getpost['firstpostid'] == $post['postid'];
            $candelete = false;
            if ($isfirstpost and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
                $candelete = true;
            } else {
                if (!$isfirstpost and can_moderate($threadinfo['forumid'], 'candeleteposts')) {
                    $candelete = true;
                } else {
                    if (($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and !$isfirstpost or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $isfirstpost) and $vbulletin->userinfo['userid'] == $post['userid']) {
                        $candelete = true;
                    }
                }
            }
            // Get post date/time
            $postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1);
            $posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']);
            $fr_images = array();
            $docattach = array();
            // Attachments (images).
            if (is_array($post['attachments']) && count($post['attachments']) > 0) {
                foreach ($post['attachments'] as $attachment) {
                    $lfilename = strtolower($attachment['filename']);
                    if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
                        $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']);
                        if ($vbulletin->options['attachthumbs']) {
                            $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1';
                        }
                        $fr_images[] = $tmp;
                    }
                    if (strpos($lfilename, '.pdf') !== false) {
                        $docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'];
                    }
                }
            }
            // Parse the post for quotes and inline images
            list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies);
            if (count($fr_images) > 0) {
                $text .= "<br/>";
                foreach ($fr_images as $attachment) {
                    $text .= "<img src=\"{$attachment['img']}\"/>";
                }
            }
            foreach ($images as $image) {
                $fr_images[] = array('img' => $image);
            }
            $avatarurl = '';
            // Avatar work
            if ($post['avatarurl']) {
                $avatarurl = process_avatarurl($post['avatarurl']);
            }
            $tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'online' => fetch_online_status(fetch_userinfo($post['userid']), false), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images);
            if ($candelete) {
                $tmp['candelete'] = true;
            }
            // Soft Deleted
            if ($post['visible'] == 2) {
                $tmp['deleted'] = true;
                $tmp['del_username'] = prepare_utf8_string($post['del_username']);
                if ($post['del_reason']) {
                    $tmp['del_reason'] = prepare_utf8_string($post['del_reason']);
                }
            } else {
                $tmp['text'] = $text;
                $tmp['quotable'] = $nuked_quotes;
                if ($post['editlink']) {
                    $tmp['canedit'] = true;
                    $tmp['edittext'] = prepare_utf8_string($post['pagetext']);
                }
            }
            if ($avatarurl != '') {
                $tmp['avatarurl'] = $avatarurl;
            }
            if (count($docattach) > 0) {
                $tmp['docattach'] = $docattach;
            }
            if ($vbulletin->GPC['signature']) {
                $sig = trim(remove_bbcode(strip_tags($post['signatureparsed']), true, true), '<a>');
                $sig = str_replace(array("\t", "\r"), array('', ''), $sig);
                $sig = str_replace("\n\n", "\n", $sig);
                $tmp['sig'] = prepare_utf8_string($sig);
            }
            // Begin Support for Post Thanks Hack - http://www.vbulletin.org/forum/showthread.php?t=122944
            if ($vbulletin->userinfo['userid'] && function_exists('post_thanks_off') && function_exists('can_thank_this_post') && function_exists('thanked_already') && function_exists('fetch_thanks')) {
                if (!post_thanks_off($thread['forumid'], $post, $thread['firstpostid'], THIS_SCRIPT)) {
                    global $ids;
                    if (can_thank_this_post($post, $thread['isdeleted'])) {
                        $tmp['canlike'] = true;
                    }
                    if (thanked_already($post, 0, true)) {
                        $tmp['likes'] = true;
                        if (!$vbulletin->options['post_thanks_delete_own']) {
                            $tmp['canlike'] = $tmp['likes'] = false;
                        }
                    }
                    $thanks = fetch_thanks($post['postid']);
                    $thank_users = array();
                    if (is_array($thanks)) {
                        foreach ($thanks as $thank) {
                            $thank_users[] = $thank['username'];
                        }
                    }
                    if (count($thank_users)) {
                        $tmp['likestext'] = prepare_utf8_string($vbphrase['fr_thanked_by'] . ': ' . join(', ', $thank_users));
                        $tmp['likesusers'] = join(', ', $thank_users);
                    }
                }
            }
            // End Support for Post Thanks Hack
            $posts_out[] = $tmp;
            // FRNR End
        }
        $db->free_result($posts);
        unset($post);
        if ($postbits == '' and $vbulletin->GPC['pagenumber'] > 1) {
            $pageinfo = array('page' => $vbulletin->GPC['pagenumber'] - 1);
            if (!empty($vbulletin->GPC['perpage'])) {
                $pageinfo['pp'] = $perpage;
            }
            if (!empty($vbulletin->GPC['highlight'])) {
                $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
            }
            exec_header_redirect(fetch_seo_url('thread|js', $threadinfo, $pageinfo));
        }
        DEVDEBUG("First Post: {$FIRSTPOSTID}; Last Post: {$LASTPOSTID}");
        $pageinfo = array();
        if ($vbulletin->GPC['highlight']) {
            $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
        }
        if (!empty($vbulletin->GPC['perpage'])) {
            $pageinfo['pp'] = $perpage;
        }
        $pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $totalposts, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo);
        if ($thread['lastpost'] > $threadview) {
            if ($firstnew) {
                $firstunread = fetch_seo_url('thread', $threadinfo, array('page' => $vbulletin->GPC['pagenumber'])) . '#post' . $firstnew;
                $show['firstunreadlink'] = true;
            } else {
                $firstunread = fetch_seo_url('thread', $threadinfo, array('goto' => 'newpost'));
                $show['firstunreadlink'] = true;
            }
        } else {
            $firstunread = '';
            $show['firstunreadlink'] = false;
        }
        if ($vbulletin->userinfo['postorder']) {
            // disable ajax qr when displaying linear newest first
            $show['allow_ajax_qr'] = 0;
        } else {
            // only allow ajax on the last page of a thread when viewing oldest first
            $show['allow_ajax_qr'] = $vbulletin->GPC['pagenumber'] == ceil($totalposts / $perpage) ? 1 : 0;
        }
        ################################################################################
        ################ SHOW THREAD IN THREADED OR HYBRID MODE ########################
        ################################################################################
    } else {
        // ajax qr doesn't work with threaded controls
        $show['allow_ajax_qr'] = 0;
        require_once DIR . '/includes/functions_threadedmode.php';
        // save data
        $ipostarray = array();
        $postarray = array();
        $userarray = array();
        $postparent = array();
        $postorder = array();
        $hybridposts = array();
        $deletedparents = array();
        $totalposts = 0;
        $links = '';
        $cache_postids = '';
        $hook_query_fields = $hook_query_joins = $hook_query_where = '';
        ($hook = vBulletinHook::fetch_hook('showthread_query_postids_threaded')) ? eval($hook) : false;
        // get all posts
        $listposts = $db->query_read("\n    \t\tSELECT\n    \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n    \t\t\tuser.*, userfield.*\n    \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n    \t\t\t{$hook_query_fields}\n    \t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n    \t\t{$hook_query_joins}\n    \t\tWHERE threadid = {$threadid}\n    \t\t\t{$hook_query_where}\n    \t\tORDER BY postid\n    \t");
        // $toppostid is the first post in the thread
        // $curpostid is the postid passed from the URL, or if not specified, the first post in the thread
        $ids = array();
        while ($post = $db->fetch_array($listposts)) {
            if ($post['visible'] == 2 and !$deljoin or $post['visible'] == 0 and !$show['approvepost'] or in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
                $deletedparents["{$post['postid']}"] = iif(isset($deletedparents["{$post['parentid']}"]), $deletedparents["{$post['parentid']}"], $post['parentid']);
                continue;
            }
            if (empty($toppostid)) {
                $toppostid = $post['postid'];
            }
            if (empty($postid)) {
                if (empty($curpostid)) {
                    $curpostid = $post['postid'];
                    if ($threadedmode == 2 and empty($vbulletin->GPC['postid'])) {
                        $vbulletin->GPC['postid'] = $curpostid;
                    }
                    $curpostparent = $post['parentid'];
                }
            } else {
                if ($post['postid'] == $postid) {
                    $curpostid = $post['postid'];
                    $curpostparent = $post['parentid'];
                }
            }
            $postparent["{$post['postid']}"] = $post['parentid'];
            $ipostarray["{$post['parentid']}"][] = $post['postid'];
            $postarray["{$post['postid']}"] = $post;
            $userarray["{$post['userid']}"] = $db->escape_string($post['username']);
            $totalposts++;
            $ids[] = $post['postid'];
        }
        $db->free_result($listposts);
        // hooks child posts up to new parent if actual parent has been deleted or hidden
        if (count($deletedparents) > 0) {
            foreach ($deletedparents as $dpostid => $dparentid) {
                if (is_array($ipostarray[$dpostid])) {
                    foreach ($ipostarray[$dpostid] as $temppostid) {
                        $postparent[$temppostid] = $dparentid;
                        $ipostarray[$dparentid][] = $temppostid;
                        $postarray[$temppostid]['parentid'] = $dparentid;
                    }
                    unset($ipostarray[$dpostid]);
                }
                if ($curpostparent == $dpostid) {
                    $curpostparent = $dparentid;
                }
            }
        }
        unset($post, $listposts, $deletedparents);
        if ($thread['attach']) {
            require_once DIR . '/packages/vbattach/attach.php';
            $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
            $postattach = $attach->fetch_postattach(0, $ids);
        }
        // get list of usernames from post list
        $userjs = '';
        foreach ($userarray as $userid => $username) {
            if ($userid) {
                $userjs .= "pu[{$userid}] = \"" . addslashes_js($username) . "\";\n";
            }
        }
        unset($userarray, $userid, $username);
        $parent_postids = fetch_post_parentlist($curpostid);
        if (!$parent_postids) {
            $currentdepth = 0;
        } else {
            $currentdepth = sizeof(explode(',', $parent_postids));
        }
        sort_threaded_posts();
        if (empty($curpostid)) {
            eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
        }
        if ($threadedmode == 2) {
            $numhybrids = sizeof($hybridposts);
            if ($vbulletin->GPC['pagenumber'] < 1) {
                $vbulletin->GPC['pagenumber'] = 1;
            }
            $startat = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
            if ($startat > $numhybrids) {
                $vbulletin->GPC['pagenumber'] = 1;
                $startat = 0;
            }
            $endat = $startat + $perpage;
            for ($i = $startat; $i < $endat; $i++) {
                if (isset($hybridposts["{$i}"])) {
                    if (!isset($FIRSTPOSTID)) {
                        $FIRSTPOSTID = $hybridposts["{$i}"];
                    }
                    $cache_postids .= ",{$hybridposts[$i]}";
                    $LASTPOSTID = $hybridposts["{$i}"];
                }
            }
            $pageinfo = array('p' => $vbulletin->GPC['postid']);
            if ($vbulletin->GPC['highlight']) {
                $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
            }
            if (!empty($vbulletin->GPC['perpage'])) {
                $pageinfo['pp'] = $perpage;
            }
            $pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $numhybrids, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo);
        } else {
            $FIRSTPOSTID = $curpostid;
            $LASTPOSTID = $curpostid;
            // sort out which posts to cache:
            if (!$vbulletin->options['threaded_maxcache']) {
                $vbulletin->options['threaded_maxcache'] = 999999;
            }
            // cache $vbulletin->options['threaded_maxcache'] posts
            // take 0.25 from above $curpostid
            // and take 0.75 below
            if (sizeof($postorder) <= $vbulletin->options['threaded_maxcache']) {
                $startat = 0;
            } else {
                if ($curpostidkey + $vbulletin->options['threaded_maxcache'] * 0.75 > sizeof($postorder)) {
                    $startat = sizeof($postorder) - $vbulletin->options['threaded_maxcache'];
                } else {
                    if ($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25 < 0) {
                        $startat = 0;
                    } else {
                        $startat = intval($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25);
                    }
                }
            }
            unset($curpostidkey);
            foreach ($postorder as $postkey => $pid) {
                if ($postkey > $startat + $vbulletin->options['threaded_maxcache']) {
                    break;
                }
                if ($postkey >= $startat and empty($morereplies["{$pid}"])) {
                    $cache_postids .= ',' . $pid;
                }
            }
            // get next/previous posts for each post in the list
            // key: NAVJS[postid][0] = prev post, [1] = next post
            $NAVJS = array();
            $prevpostid = 0;
            foreach ($postorder as $pid) {
                $NAVJS["{$pid}"][0] = $prevpostid;
                $NAVJS["{$prevpostid}"][1] = $pid;
                $prevpostid = $pid;
            }
            $NAVJS["{$toppostid}"][0] = $pid;
            //prev button for first post
            $NAVJS["{$pid}"][1] = $toppostid;
            //next button for last post
            $navjs = '';
            foreach ($NAVJS as $pid => $info) {
                $navjs .= "pn[{$pid}] = \"{$info['0']},{$info['1']}\";\n";
            }
        }
        unset($ipostarray, $postparent, $postorder, $NAVJS, $postid, $info, $prevpostid, $postkey);
        $cache_postids = substr($cache_postids, 1);
        if (empty($cache_postids)) {
            // umm... something weird happened. Just prevent an error.
            eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
        }
        $hook_query_fields = $hook_query_joins = $hook_query_where = '';
        ($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false;
        $cacheposts = $db->query_read("\n    \t\tSELECT\n    \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n    \t\t\tuser.*, userfield.*, usertextfield.*,\n    \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n    \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,') . "\n    \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n    \t\t\t" . iif($deljoin, "deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,") . "\n    \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n    \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n    \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n    \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n    \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n    \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n    \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n    \t\t\t{$hook_query_fields}\n    \t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n    \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n    \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n    \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n    \t\t\t{$deljoin}\n    \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n    \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n    \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n    \t\t\t{$hook_query_joins}\n    \t\tWHERE post.postid IN (" . $cache_postids . ") {$hook_query_where}\n    \t");
        // re-initialise the $postarray variable
        $postarray = array();
        while ($post = $db->fetch_array($cacheposts)) {
            $postarray["{$post['postid']}"] = $post;
        }
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
            $vbulletin->options['viewattachedimages'] = 0;
            $vbulletin->options['attachthumbs'] = 0;
        }
        // init
        $postcount = 0;
        $postbits = '';
        $saveparsed = '';
        $jspostbits = '';
        $postbit_factory = new vB_Postbit_Factory();
        $postbit_factory->registry =& $vbulletin;
        $postbit_factory->forum =& $foruminfo;
        $postbit_factory->thread =& $thread;
        $postbit_factory->cache = array();
        $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
        foreach (explode(',', $cache_postids) as $id) {
            // get the post from the post array
            if (!isset($postarray["{$id}"])) {
                continue;
            }
            $post = $postarray["{$id}"];
            if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
                continue;
            }
            if ($tachyuser) {
                $fetchtype = 'post_global_ignore';
            } else {
                if ($ignore["{$post['userid']}"]) {
                    $fetchtype = 'post_ignore';
                } else {
                    if ($post['visible'] == 2) {
                        $fetchtype = 'post_deleted';
                    } else {
                        $fetchtype = 'post';
                    }
                }
            }
            if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
                $fetchtype = 'post';
            }
            ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
            $postbit_obj =& $postbit_factory->fetch_postbit($fetchtype);
            if ($fetchtype == 'post') {
                $postbit_obj->highlight =& $replacewords;
            }
            $postbit_obj->cachable = $post_cachable;
            $post['postcount'] = ++$postcount;
            $post['attachments'] =& $postattach["{$post['postid']}"];
            $parsed_postcache = array('text' => '', 'images' => 1);
            $bgclass = 'alt2';
            if ($threadedmode == 2) {
                $postbits .= $postbit_obj->construct_postbit($post);
            } else {
                $postbit = $postbit_obj->construct_postbit($post);
                if ($curpostid == $post['postid']) {
                    $curpostdateline = $post['dateline'];
                    $curpostbit = $postbit;
                }
                $postbit = preg_replace('#</script>#i', "<\\/scr' + 'ipt>", addslashes_js($postbit));
                $jspostbits .= "pd[{$post['postid']}] = '{$postbit}';\n";
            }
            // end threaded mode
            if ($post_cachable and $post['pagetext_html'] == '') {
                if (!empty($saveparsed)) {
                    $saveparsed .= ',';
                }
                $saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "'," . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
            }
            if (!empty($postbit_obj->sig_cache) and $post['userid']) {
                if (!empty($save_parsed_sigs)) {
                    $save_parsed_sigs .= ',';
                }
                $save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
            }
            if ($post['dateline'] > $displayed_dateline) {
                $displayed_dateline = $post['dateline'];
                if ($displayed_dateline <= $threadview) {
                    $updatethreadcookie = true;
                }
            }
        }
        // end while ($post)
        $db->free_result($cacheposts);
        if ($threadedmode == 1) {
            $postbits = $curpostbit;
        }
        $templater = vB_Template::create('showthread_list');
        $templater->register('curpostid', $curpostid);
        $templater->register('highlightwords', $highlightwords);
        $templater->register('jspostbits', $jspostbits);
        $templater->register('links', $links);
        $templater->register('navjs', $navjs);
        $templater->register('threadedmode', $threadedmode);
        $templater->register('userjs', $userjs);
        $threadlist = $templater->render();
        unset($curpostbit, $post, $cacheposts, $parsed_postcache, $postbit);
    }
    ################################################################################
    ########################## END LINEAR / THREADED ###############################
    ################################################################################
    $effective_lastpost = max($displayed_dateline, $thread['lastpost']);
    // *********************************************************************************
    //set thread last view
    if ($thread['pollid'] and $vbulletin->options['updatelastpost'] and ($displayed_dateline == $thread['lastpost'] or $threadview == $thread['lastpost']) and $pollinfo['lastvote'] > $thread['lastpost']) {
        $displayed_dateline = $pollinfo['lastvote'];
    }
    if ((!$vbulletin->GPC['posted'] or $updatethreadcookie) and $displayed_dateline and $displayed_dateline > $threadview) {
        mark_thread_read($threadinfo, $foruminfo, $vbulletin->userinfo['userid'], $displayed_dateline);
    }
    // FRNR Below
    fr_update_subsent($threadinfo['threadid'], $displayed_dateline);
    if (!is_array($posts_out)) {
        $posts_out = array();
    }
    // Figure out if we can post
    $canpost = true;
    if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
        $canpost = false;
    }
    if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
        $canpost = false;
    }
    if (!$threadinfo['open']) {
        if (!can_moderate($threadinfo['forumid'], 'canopenclose')) {
            $canpost = false;
        }
    }
    if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
        $canpost = false;
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) {
        $canpost = false;
    }
    $mod = 0;
    if (can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts')) {
        $mod |= MOD_DELETEPOST;
    }
    if (can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
        if ($threadinfo['sticky']) {
            $mod |= MOD_UNSTICK;
        } else {
            $mod |= MOD_STICK;
        }
    }
    if ($threadinfo['visible'] != 2 and can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts') or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and ($vbulletin->options['edittimelimit'] == 0 or $threadinfo['dateline'] > TIMENOW - $vbulletin->options['edittimelimit'] * 60)) {
        $mod |= MOD_DELETETHREAD;
    }
    if (can_moderate($threadinfo['forumid'], 'canopenclose') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) {
        if ($threadinfo['open']) {
            $mod |= MOD_CLOSE;
        } else {
            $mod |= MOD_OPEN;
        }
    }
    if (can_moderate($threadinfo['forumid'], 'canmanagethreads') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) {
        $mod |= MOD_MOVETHREAD;
    }
    if ($show['spamctrls']) {
        $mod |= MOD_SPAM_CONTROLS;
    }
    $out = array('posts' => $posts_out, 'total_posts' => $totalposts, 'page' => $vbulletin->GPC['pagenumber'], 'canpost' => $canpost ? 1 : 0, 'mod' => $mod, 'pollid' => $thread['pollid'], 'subscribed' => $threadinfo['issubscribed'] ? 1 : 0, 'title' => prepare_utf8_string($thread['title']), 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid']);
    if ($postid) {
        $out['gotopostid'] = $postid;
    }
    return $out;
}
Example #3
0
	// if search conditions are specified in the URI, use them
	foreach (array_keys($search_fields + $optional_fields) AS $varname)
	{
		if ($vbulletin->GPC_exists["$varname"] AND !is_array($vbulletin->GPC["$varname"]))
		{
			$$varname = htmlspecialchars_uni($vbulletin->GPC["$varname"]);
			$checkedvar = $varname . 'checked';
			$selectedvar = $varname . 'selected';
			$$checkedvar = array($vbulletin->GPC["$varname"] => 'checked="checked"');
			$$selectedvar = array($vbulletin->GPC["$varname"] => 'selected="selected"');
		}
	}

	// image verification
	$human_verify = '';
	if (fetch_require_hvcheck('search'))
	{
		require_once(DIR . '/includes/class_humanverify.php');
		$verification =& vB_HumanVerify::fetch_library($vbulletin);
		$human_verify = $verification->output_token();
	}

	$tag_cloud = '';
	if ($vbulletin->options['vbblog_tagging'] AND $vbulletin->options['vbblog_tagcloud_searchcloud'])
	{
		$show['searchcloud'] = true;
		if ($tag_cloud = fetch_blog_tagcloud('search'))
		{
			$show['tagcloud_css'] = true;
		}
	}
Example #4
0
/**
 * Creates a new post
 *
 * @param	string	'thread' for the first post in a new thread, 'reply' otherwise
 * @param	array	Forum Information
 * @param	array	Thread Information
 * @param	array	Post Information for the "Parent" post
 * @param	array	Post Information for the post being created
 * @param	array	(return) Array of errors
 *
 */
function build_new_post($type = 'thread', $foruminfo, $threadinfo, $postinfo, &$post, &$errors)
{
    //NOTE: permissions are not checked in this function
    // $post is passed by reference, so that any changes (wordwrap, censor, etc) here are reflected on the copy outside the function
    // $post[] includes:
    // title, iconid, message, parseurl, email, signature, preview, disablesmilies, rating
    // $errors will become any error messages that come from the checks before preview kicks in
    global $vbulletin, $vbphrase, $forumperms;
    // ### PREPARE OPTIONS AND CHECK VALID INPUT ###
    $post['disablesmilies'] = intval($post['disablesmilies']);
    $post['enablesmilies'] = $post['disablesmilies'] ? 0 : 1;
    $post['folderid'] = intval($post['folderid']);
    $post['emailupdate'] = intval($post['emailupdate']);
    $post['rating'] = intval($post['rating']);
    $post['podcastsize'] = intval($post['podcastsize']);
    // Make sure the posthash is valid
    if (md5($post['poststarttime'] . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $post['posthash']) {
        $post['posthash'] = 'invalid posthash';
        // don't phrase me
    }
    // OTHER SANITY CHECKS
    $threadinfo['threadid'] = intval($threadinfo['threadid']);
    // Doublepost //
    $dp_flag = false;
    // create data manager
    if ($type == 'thread') {
        $dataman =& datamanager_init('Thread_FirstPost', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
        $dataman->set('prefixid', $post['prefixid']);
    } else {
        $dataman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
        $dupehash = md5($foruminfo['forumid'] . $post['title'] . $post['message'] . $vbulletin->userinfo['userid'] . $type);
        // Doublepost Check //
        if ($vbulletin->options['dp_timespan'] and VB_API !== true and $cutoff = TIMENOW - $vbulletin->options['dp_timespan'] * 60 and $threadinfo['lastpost'] > $cutoff and !$post['preview'] and $threadinfo['lastposter'] == $vbulletin->userinfo['username'] and !($foruminfo['options'] & $vbulletin->bf_misc_forumoptions['bypassdp']) and !($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['bypassdoublepost']) and $doublepost = $vbulletin->db->query_first("\n\t\t\t\tSELECT post.*, posthash.userid AS dupe_userid\n\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "posthash AS posthash ON (\n\t\t\t\t\tposthash.threadid = {$threadinfo['threadid']}\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.dupehash = '" . $vbulletin->db->escape_string($dupehash) . "'\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.userid = {$vbulletin->userinfo['userid']}\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.dateline > " . (TIMENOW - 300) . "\n\t\t\t\t)\n\t\t\t\tWHERE\n\t\t\t\t\tpost.visible = 1\n\t\t\t\t\t\tAND\n\t\t\t\t\tpost.postid = " . $threadinfo['lastpostid'] . "\n\t\t\t\t\t\tAND\n\t\t\t\t\tpost.threadid = " . $threadinfo['threadid'] . "\n\t\t\t\tLIMIT 1\t") and $attach = $vbulletin->db->query_first("\n\t\t\t\tSELECT count(attachmentid) AS attach\n\t\t\t\tFROM " . TABLE_PREFIX . "attachment\n\t\t\t\tWHERE state = 'visible'\n\t\t\t\tAND posthash = '" . $post['posthash'] . "'") and ($vbulletin->options['attachlimit'] == 0 or $attach['attach'] + $doublepost['attach'] <= $vbulletin->options['attachlimit'])) {
            $cstate = $vbulletin->options['dp_color'] ? 1 : 0;
            $minchar = intval($vbulletin->options['postminchars']) <= 0 ? 1 : intval($vbulletin->options['postminchars']);
            if (vbstrlen(strip_bbcode($post['message'], $vbulletin->options['ignorequotechars'])) < $minchar) {
                require_once DIR . '/includes/functions_misc.php';
                $errors[] = construct_phrase(fetch_phrase('tooshort', 'error'), $minchar);
                return false;
            }
            if ($doublepost['dupe_userid']) {
                require_once DIR . '/includes/functions_misc.php';
                $errors[] = fetch_phrase('duplicate_post', 'error');
                return false;
            }
            switch ($vbulletin->options['dp_spacer']) {
                case 1:
                    // None
                    $cstate = 2;
                    break;
                case 2:
                    // Custom
                    $spacer = $vbulletin->options['dp_text'];
                    break;
                default:
                    $spacer = $vbphrase['dp_spacer_default'];
                    break;
            }
            switch ($cstate) {
                case 1:
                    // Coloured spacer
                    $spacer = "\n\n" . '[COLOR="' . $vbulletin->options['dp_color'] . '"]' . $spacer . '[/COLOR]' . "\n\n";
                    break;
                case 2:
                    // No spacer.
                    $spacer = "\n\n";
                    break;
                default:
                    $spacer = "\n\n" . $spacer . "\n\n";
                    break;
            }
            $dp_flag = true;
            $id = $doublepost['postid'];
            // Need to set valid values for later //
            $doublepost['signature'] = $doublepost['showsignature'];
            $doublepost['disablesmilies'] = intval($doublepost['disablesmilies']);
            $doublepost['enablesmilies'] = $doublepost['disablesmilies'] ? 0 : 1;
            $doublepost['folderid'] = intval($doublepost['folderid']);
            $doublepost['emailupdate'] = intval($doublepost['emailupdate']);
            $doublepost['rating'] = intval($doublepost['rating']);
            $doublepost['podcastsize'] = intval($doublepost['podcastsize']);
            $doublepost['doublepost'] = $dp_flag;
            $doublepost['posthash'] = $post['posthash'];
            $doublepost['oldmessage'] = $post['message'];
            $doublepost['message'] = $doublepost['pagetext'] . $spacer . $post['message'];
            $post = $doublepost;
            unset($doublepost);
            $dataman->set_existing($post);
            if ($vbulletin->options['dp_bump']) {
                $post['dateline'] = TIMENOW;
                $dataman->set('dateline', $post['dateline']);
            }
        } else {
            $dp_flag = false;
        }
    }
    // set info
    $dataman->set_info('dpflag', $dp_flag);
    $dataman->set_info('preview', $post['preview']);
    $dataman->set_info('parseurl', $post['parseurl']);
    $dataman->set_info('posthash', $post['posthash']);
    $dataman->set_info('forum', $foruminfo);
    $dataman->set_info('thread', $threadinfo);
    if (!$vbulletin->GPC['fromquickreply']) {
        $dataman->set_info('show_title_error', true);
    }
    if ($foruminfo['podcast'] and (!empty($post['podcasturl']) or !empty($post['podcastexplicit']) or !empty($post['podcastauthor']) or !empty($post['podcastsubtitle']) or !empty($post['podcastkeywords']))) {
        $dataman->set_info('podcastexplicit', $post['podcastexplicit']);
        $dataman->set_info('podcastauthor', $post['podcastauthor']);
        $dataman->set_info('podcastkeywords', $post['podcastkeywords']);
        $dataman->set_info('podcastsubtitle', $post['podcastsubtitle']);
        $dataman->set_info('podcasturl', $post['podcasturl']);
        if ($post['podcastsize']) {
            $dataman->set_info('podcastsize', $post['podcastsize']);
        }
    }
    // set options
    $dataman->setr('showsignature', $post['signature']);
    $dataman->setr('allowsmilie', $post['enablesmilies']);
    $dataman->setr('htmlstate', $post['htmlstate']);
    // set data
    $dataman->setr('userid', $vbulletin->userinfo['userid']);
    if ($vbulletin->userinfo['userid'] == 0) {
        $dataman->setr('username', $post['username']);
    }
    $dataman->setr('title', $post['title']);
    $dataman->setr('pagetext', $post['message']);
    $dataman->setr('iconid', $post['iconid']);
    // see if post has to be moderated or if poster in a mod
    if (($foruminfo['moderatenewthread'] and $type == 'thread' or $foruminfo['moderatenewpost'] and $type == 'reply' or !($forumperms & $vbulletin->bf_ugp_forumpermissions['followforummoderation'])) and !can_moderate($foruminfo['forumid']) or $type == 'reply' and ($postinfo['postid'] and !$postinfo['visible'] and !empty($postinfo['specifiedpost']) or !$threadinfo['visible'])) {
        // note: specified post comes from a variable passed into newreply.php
        $dataman->set('visible', 0);
        $post['visible'] = 0;
    } else {
        $dataman->set('visible', 1);
        $post['visible'] = 1;
    }
    if ($type != 'thread') {
        if ($dp_flag) {
            $parentid = $post['parentid'];
        } else {
            if ($postinfo['postid']) {
                // get parentid of the new post
                // we're not posting a new thread, so make this post a child of the first post in the thread
                if (!empty($threadinfo['firstpostid'])) {
                    //we have the postid in the thread table (firstpostid)
                    $parentid = $threadinfo['firstpostid'];
                } else {
                    //for some reason it might not be available in the $threadinfo array, need to fetch it
                    $getfirstpost = $vbulletin->db->query_first("SELECT postid FROM " . TABLE_PREFIX . "post WHERE threadid={$threadinfo['threadid']} ORDER BY dateline LIMIT 1");
                    $parentid = $getfirstpost['postid'];
                }
            } else {
                $parentid = $postinfo['postid'];
            }
        }
        $dataman->setr('parentid', $parentid);
        $dataman->setr('threadid', $threadinfo['threadid']);
    } else {
        $dataman->setr('forumid', $foruminfo['forumid']);
    }
    $errors = array();
    // done!
    ($hook = vBulletinHook::fetch_hook('newpost_process')) ? eval($hook) : false;
    if ($vbulletin->GPC['fromquickreply'] and $post['preview']) {
        $errors = array();
        return;
    }
    if (fetch_require_hvcheck('post') and !$post['preview']) {
        require_once DIR . '/includes/class_humanverify.php';
        $verify =& vB_HumanVerify::fetch_library($vbulletin);
        if (!$verify->verify_token($post['humanverify'])) {
            $dataman->error($verify->fetch_error());
        }
    }
    if ($dataman->info['podcastsize']) {
        $post['podcastsize'] = $dataman->info['podcastsize'];
    }
    // check if this forum requires a prefix
    if ($type == 'thread' and !$dataman->fetch_field('prefixid') and $foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
        // only require a prefix if we actually have options for this forum
        require_once DIR . '/includes/functions_prefix.php';
        if (fetch_prefix_array($foruminfo['forumid'])) {
            $dataman->error('thread_prefix_required');
        }
    }
    if ($type == 'thread' and $post['taglist']) {
        $threadinfo['postuserid'] = $vbulletin->userinfo['userid'];
        require_once DIR . '/includes/class_taggablecontent.php';
        $content = vB_Taggable_Content_Item::create($vbulletin, "vBForum_Thread", $dataman->thread['threadid'], $threadinfo);
        $limits = $content->fetch_tag_limits();
        $content->filter_tag_list_content_limits($post['taglist'], $limits, $tag_errors, true, false);
        if ($tag_errors) {
            foreach ($tag_errors as $error) {
                $dataman->error($error);
            }
        }
        $dataman->setr('taglist', $post['taglist']);
    }
    if ($type == 'reply' and $vbulletin->GPC['return_node']) {
        $dataman->set_info('nodeid', $vbulletin->GPC['return_node']);
    }
    $dataman->pre_save();
    $errors = array_merge($errors, $dataman->errors);
    if ($post['preview']) {
        return;
    }
    // ### DUPE CHECK ###
    $dupehash = md5($foruminfo['forumid'] . $post['title'] . $post['message'] . $vbulletin->userinfo['userid'] . $type);
    $prevpostfound = false;
    $prevpostthreadid = 0;
    if ($prevpost = $vbulletin->db->query_first("\n\t\tSELECT posthash.threadid, thread.title\n\t\tFROM " . TABLE_PREFIX . "posthash AS posthash\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = posthash.threadid)\n\t\tWHERE posthash.userid = " . $vbulletin->userinfo['userid'] . " AND\n\t\t\tposthash.dupehash = '" . $vbulletin->db->escape_string($dupehash) . "' AND\n\t\t\tposthash.dateline > " . (TIMENOW - 300) . "\n\t")) {
        if ($type == 'thread' and $prevpost['threadid'] == 0 or $type == 'reply' and $prevpost['threadid'] == $threadinfo['threadid']) {
            $prevpostfound = true;
            $prevpostthreadid = $prevpost['threadid'];
        }
    }
    // Redirect user to forumdisplay since this is a duplicate post
    if ($prevpostfound) {
        if ($type == 'thread') {
            $vbulletin->url = fetch_seo_url('forum', $foruminfo);
            print_standard_redirect('redirect_duplicatethread', true, true);
        } else {
            // with ajax quick reply we need to use the error system
            if ($vbulletin->GPC['ajax']) {
                $dataman->error('duplicate_post');
                $errors = $dataman->errors;
                return;
            } else {
                $vbulletin->url = fetch_seo_url('thread', $prevpost, array('goto' => 'newpost'));
                if ($post['ajaxqrfailed']) {
                    // ajax qr failed. While this is a dupe, most likely the user didn't
                    // see the initial post, so act like it went through.
                    print_standard_redirect('redirect_postthanks');
                } else {
                    print_standard_redirect('redirect_duplicatepost', true, true);
                }
            }
        }
    }
    if (sizeof($errors) > 0) {
        return;
    }
    if ($post['doublepost']) {
        $dataman->save();
    } else {
        $id = $dataman->save();
    }
    if ($type == 'thread') {
        $post['threadid'] = $id;
        $threadinfo =& $dataman->thread;
        $post['postid'] = $dataman->fetch_field('firstpostid');
        clear_autosave_text('vBForum_Thread', 0, 0, $vbulletin->userinfo['userid']);
    } else {
        $post['postid'] = $id;
        if ($vbulletin->GPC_exists['return_node'] and intval($vbulletin->GPC['return_node'])) {
            clear_autosave_text('vBCms_ArticleComment', 0, $vbulletin->GPC['return_node'], $vbulletin->userinfo['userid']);
        } else {
            clear_autosave_text('vBForum_Post', 0, $threadinfo['threadid'], $vbulletin->userinfo['userid']);
        }
    }
    post_vb_api_details('vBForum_Post', $post['postid']);
    $post['visible'] = $dataman->fetch_field('visible');
    $set_open_status = false;
    $set_sticky_status = false;
    if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
        $set_open_status = true;
    }
    if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
        $set_sticky_status = true;
    }
    if ($set_open_status or $set_sticky_status) {
        $thread =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
        if ($type == 'thread') {
            $thread->set_existing($dataman->thread);
            if ($set_open_status) {
                $post['postpoll'] = false;
            }
        } else {
            $thread->set_existing($threadinfo);
        }
        if ($set_open_status) {
            $thread->set('open', $thread->fetch_field('open') == 1 ? 0 : 1);
        }
        if ($set_sticky_status) {
            $thread->set('sticky', $thread->fetch_field('sticky') == 1 ? 0 : 1);
        }
        $thread->save();
    }
    if ($type == 'thread') {
        require_once DIR . '/includes/class_taggablecontent.php';
        $content = vB_Taggable_Content_Item::create($vbulletin, "vBForum_Thread", $dataman->thread['threadid'], $threadinfo);
        $limits = $content->fetch_tag_limits();
        $content->add_tags_to_content($post['taglist'], $limits);
    }
    // ### DO THREAD RATING ###
    build_thread_rating($post['rating'], $foruminfo, $threadinfo);
    // ### DO EMAIL NOTIFICATION ###
    if ($post['visible'] and $type != 'thread' and !in_coventry($vbulletin->userinfo['userid'], true)) {
        exec_send_notification($threadinfo['threadid'], $vbulletin->userinfo['userid'], $post['postid']);
    }
    // ### DO THREAD SUBSCRIPTION ###
    if ($vbulletin->userinfo['userid'] != 0) {
        require_once DIR . '/includes/functions_misc.php';
        $post['emailupdate'] = verify_subscription_choice($post['emailupdate'], $vbulletin->userinfo, 9999);
        ($hook = vBulletinHook::fetch_hook('newpost_subscribe')) ? eval($hook) : false;
        if (!$threadinfo['issubscribed'] and $post['emailupdate'] != 9999) {
            // user is not subscribed to this thread so insert it
            /*insert query*/
            $vbulletin->db->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
        } else {
            // User is subscribed, see if they changed the settings for this thread
            if ($post['emailupdate'] == 9999) {
                // Remove this subscription, user chose 'No Subscription'
                $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "subscribethread WHERE threadid = {$threadinfo['threadid']} AND userid = " . $vbulletin->userinfo['userid']);
            } else {
                if ($threadinfo['emailupdate'] != $post['emailupdate'] or $threadinfo['folderid'] != $post['folderid']) {
                    // User changed the settings so update the current record
                    /*insert query*/
                    $vbulletin->db->query_write("REPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
                }
            }
        }
    }
    ($hook = vBulletinHook::fetch_hook('newpost_complete')) ? eval($hook) : false;
}
Example #5
0
     $templater->register('birthdate', $birthdate);
     $templater->register('dayselected', $dayselected);
     $templater->register('monthselected', $monthselected);
     $templater->register('sbselected', $sbselected);
     $templater->register('year', $year);
     $birthdayfields = $templater->render();
 } else {
     $show['birthday'] = false;
     $birthdayfields = '';
 }
 $htmlonoff = $vbulletin->options['allowhtml'] ? $vbphrase['on'] : $vbphrase['off'];
 $bbcodeonoff = $vbulletin->options['allowbbcode'] ? $vbphrase['on'] : $vbphrase['off'];
 $imgcodeonoff = $vbulletin->options['allowbbimagecode'] ? $vbphrase['on'] : $vbphrase['off'];
 $smiliesonoff = $vbulletin->options['allowsmilies'] ? $vbphrase['on'] : $vbphrase['off'];
 // human verification, which we can bypass if user has been verified on facebook
 if (fetch_require_hvcheck('register') and (!is_facebookenabled() or is_facebookenabled() and !vB_Facebook::instance()->userIsLoggedIn())) {
     require_once DIR . '/includes/class_humanverify.php';
     $verify =& vB_HumanVerify::fetch_library($vbulletin);
     $human_verify = $verify->output_token();
 }
 // Referrer
 if ($vbulletin->options['usereferrer'] and !$vbulletin->userinfo['userid']) {
     exec_switch_bg();
     if ($errorlist) {
         $referrername = $vbulletin->GPC['referrername'];
     } else {
         if ($vbulletin->GPC[COOKIE_PREFIX . 'referrerid']) {
             if ($referrername = $db->query_first_slave("SELECT username FROM " . TABLE_PREFIX . "user WHERE userid = " . $vbulletin->GPC[COOKIE_PREFIX . 'referrerid'])) {
                 $referrername = $referrername['username'];
             }
         }
Example #6
0
}
// #############################################################################
// do cron stuff - goes into footer
if ($vbulletin->cron <= TIMENOW) {
    $cronimage = '<img src="' . create_full_url('cron.php?' . $vbulletin->session->vars['sessionurl'] . 'rand=' . TIMENOW) . '" alt="" width="1" height="1" border="0" />';
} else {
    $cronimage = '';
}
$show['rtl'] = $stylevar['textdirection'] == 'rtl';
$show['admincplink'] = iif($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'], true, false);
// This generates an extra query for non-admins/supermods on many pages so we have chosen to only display it to supermods & admins
// $show['modcplink'] = iif(can_moderate(), true, false);
$show['modcplink'] = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or $vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator']);
$show['registerbutton'] = (!$show['search_engine'] and $vbulletin->options['allowregistration'] and (!$vbulletin->userinfo['userid'] or $vbulletin->options['allowmultiregs']));
$show['searchbuttons'] = (!$show['search_engine'] and $vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['cansearch'] and $vbulletin->options['enablesearches']);
$show['quicksearch'] = !fetch_require_hvcheck('search');
$show['memberslist'] = ($vbulletin->options['enablememberlist'] and $permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers']);
$loggedout = false;
if (THIS_SCRIPT == 'login' and $_REQUEST['do'] == 'logout' and $vbulletin->userinfo['userid'] != 0) {
    $vbulletin->input->clean_gpc('r', 'logouthash', TYPE_STR);
    if (verify_security_token($vbulletin->GPC['logouthash'], $vbulletin->userinfo['securitytoken_raw'])) {
        $loggedout = true;
    }
}
if (!$vbulletin->userinfo['userid'] or $loggedout) {
    $show['guest'] = true;
    $show['member'] = false;
} else {
    $show['guest'] = false;
    $show['member'] = true;
}
Example #7
0
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
    $vbulletin->options['viewattachedimages'] = ($vbulletin->options['viewattachedimages'] and $vbulletin->options['attachthumbs']) ? 1 : 0;
}
// needed for deleted post management
$show['managepost'] = (can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts')) ? true : false;
$show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false;
$show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false;
$show['inlinemod'] = ($show['managethread'] or $show['managepost'] or $show['approvepost']) ? true : false;
$show['multiquote_global'] = ($vbulletin->options['multiquote'] and $vbulletin->userinfo['userid']);
if ($show['multiquote_global']) {
    $vbulletin->input->clean_array_gpc('c', array('vbulletin_multiquote' => TYPE_STR));
    $vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']);
}
// work out if quickreply should be shown or not
if ($vbulletin->options['quickreply'] and !$threadinfo['isdeleted'] and !is_browser('netscape') and $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'] or $vbulletin->userinfo['userid'] != $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']) and ($threadinfo['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and !fetch_require_hvcheck('post')) {
    $show['quickreply'] = true;
} else {
    $show['quickreply'] = false;
}
$show['lightbox'] = ($vbulletin->options['lightboxenabled'] and $vbulletin->options['usepopups']);
$show['spacer'] = false;
$saveparsed = '';
// inialise
$post['postcount'] =& $vbulletin->GPC['postcount'];
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry =& $vbulletin;
$postbit_factory->forum =& $foruminfo;
$postbit_factory->thread =& $threadinfo;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
/**
 * Creates a new post
 *
 * @param	string	'thread' for the first post in a new thread, 'reply' otherwise
 * @param	array	Forum Information
 * @param	array	Thread Information
 * @param	array	Post Information for the "Parent" post
 * @param	array	Post Information for the post being created
 * @param	array	(return) Array of errors
 *
 */
function build_new_post($type = 'thread', $foruminfo, $threadinfo, $postinfo, &$post, &$errors)
{
    //NOTE: permissions are not checked in this function
    // $post is passed by reference, so that any changes (wordwrap, censor, etc) here are reflected on the copy outside the function
    // $post[] includes:
    // title, iconid, message, parseurl, email, signature, preview, disablesmilies, rating
    // $errors will become any error messages that come from the checks before preview kicks in
    global $vbulletin, $vbphrase, $forumperms;
    // ### PREPARE OPTIONS AND CHECK VALID INPUT ###
    $post['disablesmilies'] = intval($post['disablesmilies']);
    $post['enablesmilies'] = $post['disablesmilies'] ? 0 : 1;
    $post['folderid'] = intval($post['folderid']);
    $post['emailupdate'] = intval($post['emailupdate']);
    $post['rating'] = intval($post['rating']);
    $post['podcastsize'] = intval($post['podcastsize']);
    /*$post['parseurl'] = intval($post['parseurl']);
    	$post['email'] = intval($post['email']);
    	$post['signature'] = intval($post['signature']);
    	$post['preview'] = iif($post['preview'], 1, 0);
    	$post['iconid'] = intval($post['iconid']);
    	$post['message'] = trim($post['message']);
    	$post['title'] = trim(preg_replace('/&#0*32;/', ' ', $post['title']));
    	$post['username'] = trim($post['username']);
    	$post['posthash'] = trim($post['posthash']);
    	$post['poststarttime'] = trim($post['poststarttime']);*/
    // Make sure the posthash is valid
    if (md5($post['poststarttime'] . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $post['posthash']) {
        $post['posthash'] = 'invalid posthash';
        // don't phrase me
    }
    // OTHER SANITY CHECKS
    $threadinfo['threadid'] = intval($threadinfo['threadid']);
    // create data manager
    if ($type == 'thread') {
        $dataman =& datamanager_init('Thread_FirstPost', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
        $dataman->set('prefixid', $post['prefixid']);
    } else {
        $dataman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
    }
    // set info
    $dataman->set_info('preview', $post['preview']);
    $dataman->set_info('parseurl', $post['parseurl']);
    $dataman->set_info('posthash', $post['posthash']);
    $dataman->set_info('forum', $foruminfo);
    $dataman->set_info('thread', $threadinfo);
    if (!$vbulletin->GPC['fromquickreply']) {
        $dataman->set_info('show_title_error', true);
    }
    if ($foruminfo['podcast'] and (!empty($post['podcasturl']) or !empty($post['podcastexplicit']) or !empty($post['podcastauthor']) or !empty($post['podcastsubtitle']) or !empty($post['podcastkeywords']))) {
        $dataman->set_info('podcastexplicit', $post['podcastexplicit']);
        $dataman->set_info('podcastauthor', $post['podcastauthor']);
        $dataman->set_info('podcastkeywords', $post['podcastkeywords']);
        $dataman->set_info('podcastsubtitle', $post['podcastsubtitle']);
        $dataman->set_info('podcasturl', $post['podcasturl']);
        if ($post['podcastsize']) {
            $dataman->set_info('podcastsize', $post['podcastsize']);
        }
    }
    // set options
    $dataman->setr('showsignature', $post['signature']);
    $dataman->setr('allowsmilie', $post['enablesmilies']);
    // set data
    $dataman->setr('userid', $vbulletin->userinfo['userid']);
    if ($vbulletin->userinfo['userid'] == 0) {
        $dataman->setr('username', $post['username']);
    }
    $dataman->setr('title', $post['title']);
    $dataman->setr('pagetext', $post['message']);
    $dataman->setr('iconid', $post['iconid']);
    // see if post has to be moderated or if poster in a mod
    if (($foruminfo['moderatenewthread'] and $type == 'thread' or $foruminfo['moderatenewpost'] and $type == 'reply' or !($forumperms & $vbulletin->bf_ugp_forumpermissions['followforummoderation'])) and !can_moderate($foruminfo['forumid']) or $type == 'reply' and ($postinfo['postid'] and !$postinfo['visible'] and !empty($postinfo['specifiedpost']) or !$threadinfo['visible'])) {
        // note: specified post comes from a variable passed into newreply.php
        $dataman->set('visible', 0);
        $post['visible'] = 0;
    } else {
        $dataman->set('visible', 1);
        $post['visible'] = 1;
    }
    if ($type != 'thread') {
        if ($postinfo['postid'] == 0) {
            // get parentid of the new post
            // we're not posting a new thread, so make this post a child of the first post in the thread
            $getfirstpost = $vbulletin->db->query_first("SELECT postid FROM " . TABLE_PREFIX . "post WHERE threadid={$threadinfo['threadid']} ORDER BY dateline LIMIT 1");
            $parentid = $getfirstpost['postid'];
        } else {
            $parentid = $postinfo['postid'];
        }
        $dataman->setr('parentid', $parentid);
        $dataman->setr('threadid', $threadinfo['threadid']);
    } else {
        $dataman->setr('forumid', $foruminfo['forumid']);
    }
    $errors = array();
    // done!
    ($hook = vBulletinHook::fetch_hook('newpost_process')) ? eval($hook) : false;
    if ($vbulletin->GPC['fromquickreply'] and $post['preview']) {
        $errors = array();
        return;
    }
    if (fetch_require_hvcheck('post') and !$post['preview']) {
        require_once DIR . '/includes/class_humanverify.php';
        $verify =& vB_HumanVerify::fetch_library($vbulletin);
        if (!$verify->verify_token($post['humanverify'])) {
            $dataman->error($verify->fetch_error());
        }
    }
    if ($dataman->info['podcastsize']) {
        $post['podcastsize'] = $dataman->info['podcastsize'];
    }
    // check if this forum requires a prefix
    if ($type == 'thread' and !$dataman->fetch_field('prefixid') and $foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
        // only require a prefix if we actually have options for this forum
        require_once DIR . '/includes/functions_prefix.php';
        if (fetch_prefix_array($foruminfo['forumid'])) {
            $dataman->error('thread_prefix_required');
        }
    }
    if ($type == 'thread' and $post['taglist']) {
        fetch_valid_tags($dataman->thread, $post['taglist'], $tag_errors, true, false);
        if ($tag_errors) {
            foreach ($tag_errors as $error) {
                $dataman->error($error);
            }
        }
    }
    $dataman->pre_save();
    $errors = array_merge($errors, $dataman->errors);
    if ($post['preview']) {
        return;
    }
    // ### DUPE CHECK ###
    $dupehash = md5($foruminfo['forumid'] . $post['title'] . $post['message'] . $vbulletin->userinfo['userid'] . $type);
    $prevpostfound = false;
    $prevpostthreadid = 0;
    if ($prevpost = $vbulletin->db->query_first("\n\t\tSELECT posthash.threadid\n\t\tFROM " . TABLE_PREFIX . "posthash AS posthash\n\t\tWHERE posthash.userid = " . $vbulletin->userinfo['userid'] . " AND\n\t\t\tposthash.dupehash = '" . $vbulletin->db->escape_string($dupehash) . "' AND\n\t\t\tposthash.dateline > " . (TIMENOW - 300) . "\n\t")) {
        if ($type == 'thread' and $prevpost['threadid'] == 0 or $type == 'reply' and $prevpost['threadid'] == $threadinfo['threadid']) {
            $prevpostfound = true;
            $prevpostthreadid = $prevpost['threadid'];
        }
    }
    // Redirect user to forumdisplay since this is a duplicate post
    if ($prevpostfound) {
        if ($type == 'thread') {
            $vbulletin->url = 'forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$foruminfo['forumid']}";
            eval(print_standard_redirect('redirect_duplicatethread', true, true));
        } else {
            // with ajax quick reply we need to use the error system
            if ($vbulletin->GPC['ajax']) {
                $dataman->error('duplicate_post');
                $errors = $dataman->errors;
                return;
            } else {
                $vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$prevpostthreadid}&goto=newpost";
                if ($post['ajaxqrfailed']) {
                    // ajax qr failed. While this is a dupe, most likely the user didn't
                    // see the initial post, so act like it went through.
                    eval(print_standard_redirect('redirect_postthanks'));
                } else {
                    eval(print_standard_redirect('redirect_duplicatepost', true, true));
                }
            }
        }
    }
    if (sizeof($errors) > 0) {
        return;
    }
    $id = $dataman->save();
    if ($type == 'thread') {
        $post['threadid'] = $id;
        $threadinfo =& $dataman->thread;
        $post['postid'] = $dataman->fetch_field('firstpostid');
    } else {
        $post['postid'] = $id;
    }
    $post['visible'] = $dataman->fetch_field('visible');
    $set_open_status = false;
    $set_sticky_status = false;
    if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
        $set_open_status = true;
    }
    if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
        $set_sticky_status = true;
    }
    if ($set_open_status or $set_sticky_status) {
        $thread =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
        if ($type == 'thread') {
            $thread->set_existing($dataman->thread);
            if ($set_open_status) {
                $post['postpoll'] = false;
            }
        } else {
            $thread->set_existing($threadinfo);
        }
        if ($set_open_status) {
            $thread->set('open', $thread->fetch_field('open') == 1 ? 0 : 1);
        }
        if ($set_sticky_status) {
            $thread->set('sticky', $thread->fetch_field('sticky') == 1 ? 0 : 1);
        }
        $thread->save();
    }
    if ($type == 'thread') {
        add_tags_to_thread($threadinfo, $post['taglist']);
    }
    // ### DO THREAD RATING ###
    build_thread_rating($post['rating'], $foruminfo, $threadinfo);
    // ### DO EMAIL NOTIFICATION ###
    if ($post['visible'] and $type != 'thread' and !in_coventry($vbulletin->userinfo['userid'], true)) {
        exec_send_notification($threadinfo['threadid'], $vbulletin->userinfo['userid'], $post['postid']);
    }
    // ### DO THREAD SUBSCRIPTION ###
    if ($vbulletin->userinfo['userid'] != 0) {
        require_once DIR . '/includes/functions_misc.php';
        $post['emailupdate'] = verify_subscription_choice($post['emailupdate'], $vbulletin->userinfo, 9999);
        ($hook = vBulletinHook::fetch_hook('newpost_subscribe')) ? eval($hook) : false;
        if (!$threadinfo['issubscribed'] and $post['emailupdate'] != 9999) {
            // user is not subscribed to this thread so insert it
            /*insert query*/
            $vbulletin->db->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
        } else {
            // User is subscribed, see if they changed the settings for this thread
            if ($post['emailupdate'] == 9999) {
                // Remove this subscription, user chose 'No Subscription'
                $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "subscribethread WHERE threadid = {$threadinfo['threadid']} AND userid = " . $vbulletin->userinfo['userid']);
            } else {
                if ($threadinfo['emailupdate'] != $post['emailupdate'] or $threadinfo['folderid'] != $post['folderid']) {
                    // User changed the settings so update the current record
                    /*insert query*/
                    $vbulletin->db->query_write("REPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
                }
            }
        }
    }
    ($hook = vBulletinHook::fetch_hook('newpost_complete')) ? eval($hook) : false;
}
Example #9
0
 if (can_moderate($foruminfo['forumid'], 'canmanagethreads')) {
     $threadinfo['sticky'] = 0;
     $show['stickunstick'] = true;
     $show['unstickthread'] = false;
 } else {
     $show['stickunstick'] = false;
 }
 if ($show['openclose'] or $show['stickunstick']) {
     ($hook = vBulletinHook::fetch_hook('newthread_form_threadmanage')) ? eval($hook) : false;
     $templater = vB_Template::create('newpost_threadmanage');
     $templater->register('checked', $checked);
     $threadmanagement = $templater->render();
 } else {
     $threadmanagement = '';
 }
 if (fetch_require_hvcheck('post')) {
     require_once DIR . '/includes/class_humanverify.php';
     $verification =& vB_HumanVerify::fetch_library($vbulletin);
     $human_verify = $verification->output_token();
 } else {
     $human_verify = '';
 }
 if ($show['tag_option']) {
     $tags_remain = null;
     if ($vbulletin->options['tagmaxthread']) {
         $tags_remain = $vbulletin->options['tagmaxthread'];
     }
     if ($vbulletin->options['tagmaxstarter'] and !can_moderate($threadinfo['forumid'], 'caneditthreads')) {
         $tags_remain = $tags_remain === null ? $vbulletin->options['tagmaxstarter'] : min($tags_remain, $vbulletin->options['tagmaxstarter']);
     }
     $show['tags_remain'] = $tags_remain !== null;
Example #10
0
     }
     // Default Birthday Privacy option to show all
     if (empty($errorlist)) {
         $sbselected = array(2 => 'selected="selected"');
     }
     eval('$birthdayfields = "' . fetch_template('modifyprofile_birthday') . '";');
 } else {
     $show['birthday'] = false;
     $birthdayfields = '';
 }
 $htmlonoff = $vbulletin->options['allowhtml'] ? $vbphrase['on'] : $vbphrase['off'];
 $bbcodeonoff = $vbulletin->options['allowbbcode'] ? $vbphrase['on'] : $vbphrase['off'];
 $imgcodeonoff = $vbulletin->options['allowbbimagecode'] ? $vbphrase['on'] : $vbphrase['off'];
 $smiliesonoff = $vbulletin->options['allowsmilies'] ? $vbphrase['on'] : $vbphrase['off'];
 // human verification
 if (fetch_require_hvcheck('register')) {
     require_once DIR . '/includes/class_humanverify.php';
     $verify =& vB_HumanVerify::fetch_library($vbulletin);
     $human_verify = $verify->output_token();
 }
 // Referrer
 if ($vbulletin->options['usereferrer'] and !$vbulletin->userinfo['userid']) {
     exec_switch_bg();
     if ($errorlist) {
         $referrername = $vbulletin->GPC['referrername'];
     } else {
         if ($vbulletin->GPC[COOKIE_PREFIX . 'referrerid']) {
             if ($referrername = $db->query_first_slave("SELECT username FROM " . TABLE_PREFIX . "user WHERE userid = " . $vbulletin->GPC[COOKIE_PREFIX . 'referrerid'])) {
                 $referrername = $referrername['username'];
             }
         }
Example #11
0
		'vbulletin_multiquote' => TYPE_STR
	));
	$vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']);
}
// work out if quickreply should be shown or not
if (
	$vbulletin->options['quickreply']
	AND
	!$threadinfo['isdeleted'] AND !is_browser('netscape') AND $vbulletin->userinfo['userid']
	AND (
		($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] AND $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'])
		OR
		($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] AND $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers'])
	)
	AND ($threadinfo['open'] OR can_moderate($threadinfo['forumid'], 'canopenclose'))
	AND (!fetch_require_hvcheck('post'))
)
{
	$show['quickreply'] = true;
}
else
{
	$show['quickreply'] = false;
}
$show['lightbox'] = ($vbulletin->options['lightboxenabled'] AND $vbulletin->options['usepopups']);
$show['spacer'] = false;

$saveparsed = ''; // inialise

$post['postcount'] =& $vbulletin->GPC['postcount'];
Example #12
0
 /**
  * Returns whether or not the user requires a human verification test to complete the specified action
  *
  * @param string $action The name of the action to check. Possible values: register, post, search, contactus, lostpw
  * @return boolean Whether a hv check is required
  */
 public function fetchRequireHvcheck($action)
 {
     static $results = array();
     if (!empty($results[$action])) {
         return $results[$action];
     }
     $results[$action] = fetch_require_hvcheck($action);
     return $results[$action];
 }
Example #13
0
	/**
	* Loads assorted show variables. Ideally, these would be used in templates,
	* but sometimes they're used within code.
	*/
	public function load_show_variables()
	{
		global $show, $vbulletin, $vbphrase;

		$show['old_explorer'] = (is_browser('ie') AND !is_browser('ie', 6));

		$show['rtl'] = (!($vbulletin->userinfo['lang_options'] & $vbulletin->bf_misc_languageoptions['direction']));

		$show['admincplink'] = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] ? true : false);
		// This generates an extra query for non-admins/supermods on many pages so we have chosen to only display it to supermods & admins
		// $show['modcplink'] = iif(can_moderate(), true, false);
		$show['modcplink'] = (
			$vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']
			OR $vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator']
		);

		$show['registerbutton'] = (
			!$show['search_engine']
			AND $vbulletin->options['allowregistration']
			AND (!$vbulletin->userinfo['userid'] OR $vbulletin->options['allowmultiregs'])
		);
		$show['searchbuttons'] = (
			!$show['search_engine']
			AND $vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['cansearch']
			AND $vbulletin->options['enablesearches']
		);
		$show['quicksearch'] = (!fetch_require_hvcheck('search'));
		$show['memberslist'] = (
			$vbulletin->options['enablememberlist']
			AND $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers']
		);

		$loggedout = false;
		if (THIS_SCRIPT == 'login' AND $_REQUEST['do'] == 'logout' AND $vbulletin->userinfo['userid'] != 0)
		{
			$vbulletin->input->clean_gpc('r', 'logouthash', TYPE_STR);
			if (verify_security_token($vbulletin->GPC['logouthash'], $vbulletin->userinfo['securitytoken_raw']))
			{
				$loggedout = true;
			}
		}
		if (!$vbulletin->userinfo['userid'] OR $loggedout)
		{
			$show['guest'] = true;
			$show['member'] = false;
		}
		else
		{
			$show['guest'] = false;
			$show['member'] = true;
		}

		$show['detailedtime'] = ($vbulletin->options['yestoday'] == 2);

		$show['popups'] = (!$show['search_engine'] AND $vbulletin->options['usepopups'] AND !$vbulletin->GPC['nojs']);
		if ($show['popups'])
		{
			// this isn't what $show is for, but it's a variable that's available in many places
			$show['nojs_link'] = $vbulletin->scriptpath . (strpos($vbulletin->scriptpath, '?') ? '&amp;' : '?') . 'nojs=1';
		}
		else
		{
			$show['nojs_link'] = '';
		}

		if ($vbulletin->options['enablepms'] AND $vbulletin->userinfo['userid'] AND ($vbulletin->userinfo['pmunread'] OR ($vbulletin->userinfo['receivepm'] AND $vbulletin->userinfo['permissions']['pmquota'])))
		{
			if ($vbulletin->userinfo['pmtotal'] < $vbulletin->userinfo['permissions']['pmquota'])
			{
				if (($vbphrase['pmpercent_nav_compiled'] = number_format(floor($vbulletin->userinfo['pmtotal'] / $vbulletin->userinfo['permissions']['pmquota'] * 100), 0)) >= 90)
				{
					$show['pmwarning'] = true;
				}
				else
				{
					$show['pmwarning'] = false;
				}
			}
			else if ($vbulletin->userinfo['permissions']['pmquota'])
			{
				$show['pmwarning'] = true;
				$vbphrase['pmpercent_nav_compiled'] = '100';
			}
			else
			{
				$show['pmwarning'] = false;
			}
			$show['pmstats'] = true;
		}
		else
		{
			$show['pmstats'] = false;
			$show['pmwarning'] = false;
		}
		$show['pmmainlink'] = (
			$vbulletin->options['enablepms']
			AND $vbulletin->userinfo['userid']
			AND ($vbulletin->userinfo['permissions']['pmquota'] OR $vbulletin->userinfo['pmtotal'])
		);
		$show['pmtracklink'] = ($vbulletin->userinfo['permissions']['pmpermissions'] & $vbulletin->bf_ugp_pmpermissions['cantrackpm']);
		$show['pmsendlink'] = ($vbulletin->userinfo['permissions']['pmquota']);

		$show['siglink'] = ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusesignature']);
		$show['avatarlink'] = ($vbulletin->options['avatarenabled']);
		$show['profilepiclink'] = (
			$vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic']
			AND $vbulletin->options['profilepicenabled']
		);
		$show['wollink'] = ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonline']);

		$show['spacer'] = true; // used in postbit template

		$show['dst_correction'] = (
			THIS_SCRIPT != 'register'
			AND ($vbulletin->session->vars['loggedin'] == 1 OR $vbulletin->session->created OR THIS_SCRIPT == 'usercp')
			AND $vbulletin->userinfo['dstauto'] == 1
			AND $vbulletin->userinfo['userid']
		);

		$show['contactus'] = (
			$vbulletin->options['contactuslink']
			AND ((!$vbulletin->userinfo['userid'] AND $vbulletin->options['contactustype']) OR $vbulletin->userinfo['userid'])
		);

		// you may define this if you don't want the password in the login box to be zapped onsubmit; good for integration
		$show['nopasswordempty'] = defined('DISABLE_PASSWORD_CLEARING') ? 1 : 0; // this nees to be an int for the templates

		// Determine display of certain navbar Quick Links
		$show['quick_links_groups'] = (
			$vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_groups']
			AND $vbulletin->userinfo['permissions']['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canviewgroups']
		);
		$show['quick_links_albums'] = (
			$vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_albums']
			AND $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers']
			AND $vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canviewalbum']
		);
		$show['friends_and_contacts'] = (
			$vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends']
			AND $vbulletin->userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends']
		);
		$show['communitylink'] = ($show['quick_links_groups'] OR $show['quick_links_albums'] OR $vbulletin->userinfo['userid'] OR $show['memberslist']);

		// We don't want the number of columns to be more than the total number of smilies to display #36621
		$vbulletin->options['smcolumns'] = $vbulletin->options['smcolumns'] > $vbulletin->options['smtotal'] ? $vbulletin->options['smtotal'] : $vbulletin->options['smcolumns'];
	}
Example #14
0
	/**
	 * vB_Search_Searchtools::searchIntroRegisterHumanVerify()
	 * Handle registration of the human verify components
	 *  If necesary, display the human verify form.
	 *
	 * @param mixed $template
	 * @return nothing
	 */
	public static function searchIntroRegisterHumanVerify($template)
	{
		global $vbulletin;
		// image verification
		$human_verify = '';

		if (fetch_require_hvcheck('search'))
		{
			require_once(DIR . '/includes/class_humanverify.php');
			$verification =& vB_HumanVerify::fetch_library($vbulletin);
			$human_verify = $verification->output_token();
		}
		$template->register('human_verify', $human_verify);
	}
Example #15
0
	{
		eval(standard_error(fetch_error('requiredfields')));
	}

	if ($perform_floodcheck)
	{
		require_once(DIR . '/includes/class_floodcheck.php');
		$floodcheck = new vB_FloodCheck($vbulletin, 'user', 'emailstamp');
		$floodcheck->commit_key($vbulletin->userinfo['userid'], TIMENOW, TIMENOW - $vbulletin->options['emailfloodtime']);
		if ($floodcheck->is_flooding())
		{
			eval(standard_error(fetch_error('emailfloodcheck', $vbulletin->options['emailfloodtime'], $floodcheck->flood_wait())));
		}
	}

	if (fetch_require_hvcheck('contactus'))
	{
		require_once(DIR . '/includes/class_humanverify.php');
		$verify =& vB_HumanVerify::fetch_library($vbulletin);
		if (!$verify->verify_token($vbulletin->GPC['humanverify']))
		{
	  		standard_error(fetch_error($verify->fetch_error()));
	  	}
	}

	($hook = vBulletinHook::fetch_hook('sendmessage_dosendtofriend_start')) ? eval($hook) : false;

	if ($vbulletin->GPC['username'] != '')
	{
		if ($userinfo = $db->query_first_slave("
			SELECT user.*, userfield.*
Example #16
0
	/**
	 * Fetches the standard page view .
	 * @param integer $nodeid - node for which we are displaying comments
	 *
	 * @return vBCms_View				- The resolved view, or array of views
	 */
	public function getPageView($nodeid, $target_url)
	{
		global $vbphrase;

		require_once DIR . '/includes/functions_editor.php';

			vB::$vbulletin->input->clean_array_gpc('r', array(
			'nodeid'     => vB_Input::TYPE_INT,
			'page' => vB_Input::TYPE_INT,
			'direction' => vB_Input::TYPE_STR,
			'postid' => vB_Input::TYPE_UINT
		));

		if (! $row = vB::$vbulletin->db->query_first("SELECT node.comments_enabled, node.setpublish, node.publishdate,
		 nodeinfo.associatedthreadid,	thread.forumid FROM "
		. TABLE_PREFIX . "cms_node AS node LEFT JOIN "
		. TABLE_PREFIX . "cms_nodeinfo AS nodeinfo ON node.nodeid = nodeinfo.nodeid LEFT JOIN "
		. TABLE_PREFIX . "thread AS thread on thread.threadID = nodeinfo.associatedthreadid
			WHERE	nodeinfo.nodeid = $nodeid LIMIT 1;" ))
		{
			return false;
		}

		if (! $row['comments_enabled'] OR !$row['setpublish'] OR ($row['publishdate'] > TIMENOW))
		{
			return false;
		}

		if (! intval($row['forumid']))
		{
			$this->repairComments($row['associatedthreadid']);
		}

		if (!intval($row['associatedthreadid']))
		{
			return false;
		}

		$associatedthreadid = $row['associatedthreadid'];
		
		$base_url = empty($target_url) ? vB_Router::getCurrentURL() : $target_url;


		// Create view
		$view = new vB_View('vbcms_comments_page');
		$view->nodeid = $nodeid;
		$view->threadid = $row['associatedthreadid'];
		$view->this_url = str_replace('&amp;', '&', $base_url);

		// display publish to Facebook checkbox in quick editor?
		if (is_facebookenabled())
		{
			$view->fbpublishcheckbox = construct_fbpublishcheckbox();
		}

		$this_user = new vB_Legacy_CurrentUser();

		$pageno = vB::$vbulletin->GPC_exists['page'] ?
			vB::$vbulletin->GPC['page'] : 1;
		$view->pageno = $pageno;
		$view->node_comments = self::showComments($view->nodeid,
			$this_user, $pageno, 20, $target_url, $associatedthreadid);

		// make sure user has permission to post comment before displaying comment editor
		if (self::canPostComment($view->threadid, $this_user))
		{
			// prepare the wyswiwig editor for comments
			$view->show_comment_editor = true;
			global $messagearea;
			$editor_name = construct_edit_toolbar('');
			$view->messagearea = $messagearea;//
			$view->editor_name = $editor_name;

			// include captcha validation and guest username field
			if (fetch_require_hvcheck('post'))
			{
				require_once(DIR . '/includes/class_humanverify.php');
				$reg = vB::$vbulletin;
				$verification =& vB_HumanVerify::fetch_library($reg);
				$human_verify = $verification->output_token();
			}
			else
			{
				$human_verify = '';
			}
			$view->human_verify = $human_verify;
			$view->usernamecode = new vB_View('newpost_usernamecode');
		}
		else
		{
			$view->show_comment_editor = false;
		}

		return $view;
	}
Example #17
0
// #############################################################################
// draw navbar
$navbits = array();
$navbits[fetch_seo_url('forumhome', array())] = $vbphrase['forum'];
$parentlist = array_reverse(explode(',', substr($forum['parentlist'], 0, -3)));
foreach ($parentlist as $forumID) {
    $forumTitle = $vbulletin->forumcache["{$forumID}"]['title'];
    $navbits[fetch_seo_url('forum', array('forumid' => $forumID, 'title' => $forumTitle))] = $forumTitle;
}
$navbits[''] = $thread['prefix_rich'] . ' ' . $thread['title'];
$navbits = construct_navbits($navbits);
$navbar = render_navbar_template($navbits);
// #############################################################################
// setup $show variables
$show['lightbox'] = ($vbulletin->options['lightboxenabled'] and $vbulletin->options['usepopups'] and !empty($postattach) and $forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment']);
$show['search'] = (!$show['search_engine'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['cansearch'] and $vbulletin->options['enablesearches'] and !fetch_require_hvcheck('search'));
$show['subscribed'] = iif($threadinfo['issubscribed'], true, false);
$show['threadrating'] = iif($forum['allowratings'] and ($threadinfo['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and $forumperms & $vbulletin->bf_ugp_forumpermissions['canthreadrate'], true, false);
$show['ratethread'] = iif($show['threadrating'] and (!$threadinfo['vote'] or $vbulletin->options['votechange']), true, false);
$show['closethread'] = iif($threadinfo['open'], true, false);
$show['approvethread'] = $threadinfo['visible'] == 0 ? true : false;
$show['unstick'] = iif($threadinfo['sticky'], true, false);
$show['reputation'] = ($vbulletin->options['reputationenable'] and $vbulletin->userinfo['userid'] and $vbulletin->userinfo['permissions']['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup']);
$show['sendtofriend'] = $forumperms & $vbulletin->bf_ugp_forumpermissions['canemail'];
// next/prev links don't work for search engines or non-lastpost sort orders
// Anyone remember why we hide these links from search engines?
$show['next_prev_links'] = (!$show['search_engine'] and ($foruminfo['defaultsortfield'] == 'lastpost' or !$foruminfo['defaultsortfield']));
if ($show['next_prev_links'] and $vbulletin->options['nextprevlinks']) {
    $nextthreadinfo = goto_nextthread($thread['threadid'], false);
    $prevthreadinfo = goto_prevthread($thread['threadid'], false);
}
Example #18
0
		$birthdayfields = $templater->render();
	}
	else
	{
		$show['birthday'] = false;

		$birthdayfields = '';
	}

	$htmlonoff = ($vbulletin->options['allowhtml'] ? $vbphrase['on'] : $vbphrase['off']);
	$bbcodeonoff = ($vbulletin->options['allowbbcode'] ? $vbphrase['on'] : $vbphrase['off']);
	$imgcodeonoff = ($vbulletin->options['allowbbimagecode'] ? $vbphrase['on'] : $vbphrase['off']);
	$smiliesonoff = ($vbulletin->options['allowsmilies'] ? $vbphrase['on'] : $vbphrase['off']);

	// human verification, which we can bypass if user has been verified on facebook
	if (fetch_require_hvcheck('register') AND (!is_facebookenabled() OR (is_facebookenabled() AND !vB_Facebook::instance()->userIsLoggedIn())))
	{
		require_once(DIR . '/includes/class_humanverify.php');
		$verify =& vB_HumanVerify::fetch_library($vbulletin);
		$human_verify = $verify->output_token();
	}

	// Referrer
	if ($vbulletin->options['usereferrer'] AND !$vbulletin->userinfo['userid'])
	{
		exec_switch_bg();
		if ($errorlist)
		{
			$referrername = $vbulletin->GPC['referrername'];
		}
		else if ($vbulletin->GPC[COOKIE_PREFIX . 'referrerid'])