/**
* Fetches proper ajax query depending on post from a single user's messages or from a wall to wall page
*
* @param array Userinfo of user that this is being posted to
* @param string Source Page
* @param int The comment that was made during this ajax call
* @param array Userinfo of the other user of the wall to wall view
*
* @return string
*/
function fetch_vm_ajax_query($userinfo, $vmid, $type = 'wall', $userinfo2 = null)
{
global $vbulletin;
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$hook_query_fields2 = $hook_query_joins2 = $hook_query_where2 = '';
($hook = vBulletinHook::fetch_hook('visitor_message_post_ajax')) ? eval($hook) : false;
if ($type != 'wall') {
$state = array('visible');
if (can_moderate(0, 'canmoderatevisitormessages') or $vbulletin->userinfo['userid'] == $userinfo['userid']) {
$state[] = 'moderation';
}
if (can_moderate(0, 'canmoderatevisitormessages') or $vbulletin->userinfo['userid'] == $userinfo['userid'] and $vbulletin->userinfo['permissions']['visitormessagepermissions'] & $vbulletin->bf_ugp_visitormessagepermissions['canmanageownprofile']) {
$state[] = 'deleted';
$deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
} else {
$deljoinsql = '';
}
$state_or = array("visitormessage.state IN ('" . implode("','", $state) . "')");
// Get the viewing user's moderated posts
if ($vbulletin->userinfo['userid'] and !can_moderate(0, 'canmoderatevisitormessages') and $vbulletin->userinfo['userid'] != $userinfo['userid']) {
$state_or[] = "(visitormessage.postuserid = " . $vbulletin->userinfo['userid'] . " AND state = 'moderation')";
}
$sql = "\n\t\t\tSELECT\n\t\t\t\tvisitormessage.*, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t\t" . ($vbulletin->userinfo['userid'] ? ",IF(userlist.userid IS NOT NULL, 1, 0) AS bbuser_iscontact_of_user" : "") . "\n\t\t\t\t" . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, customavatar.filedata_thumb" : "") . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.userid = user.userid AND userlist.type = 'buddy' AND userlist.relationid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t{$deljoinsql}\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE visitormessage.userid = {$userinfo['userid']}\n\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\tAND " . (($lastviewed = $vbulletin->GPC['lastcomment']) ? "(visitormessage.dateline > {$lastviewed} OR visitormessage.vmid = {$vmid})" : "visitormessage.vmid = {$vmid}") . "\n\t\t\t\t{$hook_query_where}\n\t\t\tORDER BY visitormessage.dateline ASC\n\t\t";
} else {
$sql1 = $sql2 = array();
$state1 = array('visible');
if ($viewself or fetch_visitor_message_perm('canmoderatevisitormessages', $userinfo)) {
$state1[] = 'moderation';
}
if (can_moderate(0, 'canmoderatevisitormessages')) {
$state1[] = 'deleted';
$delsql1 = ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason";
$deljoinsql1 = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
} else {
if ($deljoinsql2) {
$delsql1 = ",0 AS del_userid, '' AS del_username, '' AS del_reason";
}
}
$sql1[] = "visitormessage.userid = {$userinfo['userid']}";
$sql1[] = "visitormessage.postuserid = {$userinfo2['userid']}";
$sql1[] = "visitormessage.state IN ('" . implode("','", $state1) . "')";
$sql1[] = "(visitormessage.dateline > " . $vbulletin->GPC['lastcomment'] . " OR visitormessage.vmid = {$vmid})";
$state2 = array('visible');
if (fetch_visitor_message_perm('canmoderatevisitormessages', $userinfo2)) {
$state2[] = 'moderation';
}
if (can_moderate(0, 'canmoderatevisitormessages') or $viewself and $vbulletin->userinfo['permissions']['visitormessagepermissions'] & $vbulletin->bf_ugp_visitormessagepermissions['canmanageownprofile']) {
$state2[] = 'deleted';
$deljoinsql2 = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
} else {
$deljoinsql2 = '';
}
$sql2[] = "visitormessage.userid = {$userinfo2['userid']}";
$sql2[] = "visitormessage.postuserid = {$userinfo['userid']}";
$sql2[] = "visitormessage.state IN ('" . implode("','", $state2) . "')";
$sql2[] = "visitormessage.dateline > " . $vbulletin->GPC['lastcomment'];
$sql = "\n\t\t\t(\n\t\t\t\tSELECT\n\t\t\t\t\tvisitormessage.*, visitormessage.dateline AS pmdateline, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t\t\t{$delsql1}\n\t\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t\t\t{$hook_query_fields}\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t\t{$deljoinsql1}\n\t\t\t\t{$hook_query_joins}\n\t\t\t\tWHERE " . implode(" AND ", $sql1) . "\n\t\t\t\t{$hook_query_where}\n\t\t\t)\n\t\t\tUNION\n\t\t\t(\n\t\t\t\tSELECT\n\t\t\t\t\tvisitormessage.*, visitormessage.dateline AS pmdateline, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t\t\t" . ($deljoinsql2 ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t\t\t{$hook_query_fields2}\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t\t{$deljoinsql2}\n\t\t\t\t{$hook_query_joins2}\n\t\t\t\tWHERE " . implode(" AND ", $sql2) . "\n\t\t\t\t{$hook_query_where2}\n\t\t\t)\n\t\t\tORDER BY pmdateline ASC\n\t\t\t";
}
return $sql;
}
$reportobj->set_extrainfo('user', $userinfo);
$perform_floodcheck = $reportobj->need_floodcheck();
if ($perform_floodcheck)
{
$reportobj->perform_floodcheck_precommit();
}
if (!$messageinfo['vmid'])
{
eval(standard_error(fetch_error('invalidid', $vbphrase['message'], $vbulletin->options['contactuslink'])));
}
if (
($messageinfo['state'] == 'moderation' AND !fetch_visitor_message_perm('canmoderatevisitormessages', $userinfo, $messageinfo) AND $messageinfo['postuserid'] != $vbulletin->userinfo['userid'])
OR ($messageinfo['state'] == 'deleted' AND !fetch_visitor_message_perm('candeletevisitormessages', $userinfo, $messageinfo)))
{
eval(standard_error(fetch_error('invalidid', $vbphrase['message'], $vbulletin->options['contactuslink'])));
}
($hook = vBulletinHook::fetch_hook('report_start')) ? eval($hook) : false;
if ($_REQUEST['do'] == 'report')
{
// draw nav bar
$navbits = array();
$navbits[fetch_seo_url('member', $userinfo)] = $userinfo['username'];
$navbits[''] = $vbphrase['report_bad_visitor_message'];
$navbits = construct_navbits($navbits);
$usernamecode = vB_Template::create('newpost_usernamecode')->render();
}
if (can_moderate(0, 'candeletevisitormessages')) {
foreach ($messagearray as $message) {
log_moderator_action($message, $physicaldel ? 'vm_by_x_for_y_removed' : 'vm_by_x_for_y_soft_deleted', array($message['postusername'], $message['profile_username']));
}
}
// empty cookie
setcookie('vbulletin_inlinevmessage', '', TIMENOW - 3600, '/');
($hook = vBulletinHook::fetch_hook('member_inlinemod_dodelete')) ? eval($hook) : false;
eval(print_standard_redirect('redirect_inline_deletedmessages', true, $forceredirect));
}
if ($_POST['do'] == 'inlineundelete') {
// Validate Messages
$messages = $db->query_read_slave("\r\n\t\tSELECT visitormessage.vmid, visitormessage.state, visitormessage.userid, visitormessage.dateline,\r\n\t\t\tvisitormessage.postuserid, visitormessage.postusername,\r\n\t\t\tuser.username AS profile_username\r\n\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.userid = user.userid)\r\n\t\tWHERE vmid IN ({$messageids})\r\n\t\t\tAND visitormessage.state = 'deleted'\r\n\t");
while ($message = $db->fetch_array($messages)) {
if (!fetch_visitor_message_perm('canundeletevisitormessages', $userinfo, $message)) {
standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_messages'));
}
$messagearray["{$message['vmid']}"] = $message;
$userlist["{$message['userid']}"] = true;
}
if (empty($messagearray)) {
standard_error(fetch_error('you_did_not_select_any_valid_messages'));
}
$db->query_write("\r\n\t\tDELETE FROM " . TABLE_PREFIX . "deletionlog\r\n\t\tWHERE type = 'visitormessage' AND\r\n\t\t\tprimaryid IN(" . implode(',', array_keys($messagearray)) . ")\r\n\t");
$db->query_write("\r\n\t\tUPDATE " . TABLE_PREFIX . "visitormessage\r\n\t\tSET state = 'visible'\r\n\t\tWHERE vmid IN(" . implode(',', array_keys($messagearray)) . ")\r\n\t");
foreach (array_keys($userlist) as $userid) {
build_visitor_message_counters($userid);
}
if (can_moderate(0, 'candeletevisitormessages')) {
foreach ($messagearray as $message) {
/**
* Prepares the User's Visitor Message Statistics
*
* @param array The Latest Visitor Message
*/
function prepare_visitor_message_stats($vminfo)
{
global $vbphrase;
if ((!isset($this->prepared['vm_total']) or !isset($this->prepared['lastvm_date']) or !isset($this->prepared['lastvm_time'])) and $this->registry->options['socnet'] & $this->registry->bf_misc_socnet['enable_visitor_messaging'] and (!$this->userinfo['vm_contactonly'] or can_moderate(0, 'canmoderatevisitormessages') or $this->userinfo['userid'] == $this->registry->userinfo['userid'] or $this->userinfo['bbuser_iscontact_of_user']) and ($this->userinfo['vm_enable'] or can_moderate(0, 'canmoderatevisitormessages') and $this->registry->userinfo['userid'] != $this->userinfo['userid'])) {
require_once DIR . '/includes/functions_visitormessage.php';
$state = array('visible');
if (fetch_visitor_message_perm('canmoderatevisitormessages', $this->userinfo)) {
$state[] = 'moderation';
}
if (can_moderate(0, 'canmoderatevisitormessages') or $this->registry->userinfo['userid'] == $this->userinfo['userid'] and $this->registry->userinfo['permissions']['visitormessagepermissions'] & $this->registry->bf_ugp_visitormessagepermissions['canmanageownprofile']) {
$state[] = 'deleted';
$deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
} else {
$deljoinsql = '';
}
$state_or = array("visitormessage.state IN ('" . implode("','", $state) . "')");
if (!fetch_visitor_message_perm('canmoderatevisitormessages', $this->userinfo)) {
$state_or[] = "(visitormessage.postuserid = " . $this->registry->userinfo['userid'] . " AND state = 'moderation')";
}
$coventry = '';
if ($this->registry->options['globalignore'] != '') {
if (!can_moderate(0, 'candeletevisitormessages') and !can_moderate(0, 'canremovevisitormessages')) {
require_once DIR . '/includes/functions_bigthree.php';
$coventry = fetch_coventry('string');
}
}
if (empty($vminfo)) {
$vminfo = $this->registry->db->query_first("\n\t\t\t\t\tSELECT COUNT(*) AS messages, MAX(visitormessage.dateline) AS dateline\n\t\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\t\t{$deljoinsql}\n\t\t\t\t\tWHERE visitormessage.userid = " . $this->prepared['userid'] . "\n\t\t\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\t\t" . ($coventry ? "AND visitormessage.postuserid NOT IN (" . $coventry . ")" : '') . "\n\t\t\t\t");
}
$this->prepared['vm_total'] = intval($vminfo['messages']);
if ($vminfo['dateline']) {
$this->prepared['lastvm_time'] = vbdate($this->registry->options['timeformat'], $vminfo['dateline'], true);
$this->prepared['lastvm_date'] = vbdate($this->registry->options['dateformat'], $vminfo['dateline'], true);
} else {
$this->prepared['lastvm_date'] = $vbphrase['never'];
$this->prepared['lastvm_time'] = '';
}
}
}
}
$reportthread = ($rpforumid = $vbulletin->options['rpforumid'] and $rpforuminfo = fetch_foruminfo($rpforumid));
$reportemail = ($vbulletin->options['enableemail'] and $vbulletin->options['rpemail']);
if (!$reportthread and !$reportemail) {
eval(standard_error(fetch_error('emaildisabled')));
}
$reportobj = new vB_ReportItem_VisitorMessage($vbulletin);
$reportobj->set_extrainfo('user', $userinfo);
$perform_floodcheck = $reportobj->need_floodcheck();
if ($perform_floodcheck) {
$reportobj->perform_floodcheck_precommit();
}
if (!$messageinfo['vmid']) {
eval(standard_error(fetch_error('invalidid', $vbphrase['message'], $vbulletin->options['contactuslink'])));
}
if ($messageinfo['state'] == 'moderation' and !fetch_visitor_message_perm('canmoderatevisitormessages', $userinfo, $messageinfo) and $messageinfo['postuserid'] != $vbulletin->userinfo['userid'] or $messageinfo['state'] == 'deleted' and !fetch_visitor_message_perm('candeletevisitormessages', $userinfo, $messageinfo)) {
eval(standard_error(fetch_error('invalidid', $vbphrase['message'], $vbulletin->options['contactuslink'])));
}
($hook = vBulletinHook::fetch_hook('report_start')) ? eval($hook) : false;
if ($_REQUEST['do'] == 'report') {
// draw nav bar
$navbits = array();
$navbits['member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}"] = $userinfo['username'];
$navbits[''] = $vbphrase['report_bad_visitor_message'];
$navbits = construct_navbits($navbits);
require_once DIR . '/includes/functions_editor.php';
$textareacols = fetch_textarea_width();
eval('$usernamecode = "' . fetch_template('newpost_usernamecode') . '";');
eval('$navbar = "' . fetch_template('navbar') . '";');
$url =& $vbulletin->url;
($hook = vBulletinHook::fetch_hook('report_form_start')) ? eval($hook) : false;
/**
* Sets up different display variables for the Visitor Message
*
*/
function process_display()
{
global $show, $vbphrase;
$show['converse'] = false;
if ($this->converse)
{
if ($this->userinfo['userid'] == $this->registry->userinfo['userid'])
{ // viewing our own profile
if ($this->message['postuserid'] AND $this->message['postuserid'] != $this->userinfo['userid'])
{
$show['converse'] = true;
$this->message['hostuserid'] = $this->message['postuserid'];
$this->message['guestuserid'] = $this->userinfo['userid'];
$this->message['converse_description_phrase'] = construct_phrase($vbphrase['view_your_conversation_with_x'], $this->message['username']);
}
}
else if ($this->message['postuserid'] AND $this->message['postuserid'] != $this->userinfo['userid'])
{ // Not our profile!
$show['converse'] = true;
$this->message['hostuserid'] = $this->userinfo['userid'];
$this->message['guestuserid'] = $this->message['postuserid'];
if ($this->message['postuserid'] == $this->registry->userinfo['userid'])
{
// viewing your own message on someone else's profile
$this->message['converse_description_phrase'] = construct_phrase($vbphrase['view_your_conversation_with_x'], $this->userinfo['username']);
}
else
{
// viewing user[x]'s message on user[y]'s profile
$this->message['converse_description_phrase'] = construct_phrase($vbphrase['view_conversation_between_x_and_y'], $this->userinfo['username'], $this->message['username']);
}
}
}
if ($show['conversepage'])
{
if ($this->message['profileuserid'] == $this->registry->userinfo['userid'])
{
$this->message['hostuserid'] = $this->message['postuserid'];
$this->message['guestuserid'] = $this->message['profileuserid'];
}
else
{
$this->message['hostuserid'] = $this->message['profileuserid'];
$this->message['guestuserid'] = $this->message['postuserid'];
}
}
$show['edit'] = fetch_visitor_message_perm('caneditvisitormessages', $this->userinfo, $this->message);
$show['moderation'] = ($this->message['state'] == 'moderation');
// Set up special situation where we show the inline mod box for posts on our profile when those posts are combined with our posts on another user's profile.
$userinfo = $this->userinfo;
$message = $this->message;
if (!$this->converse)
{
if ($this->userinfo['userid'] != $this->registry->userinfo['userid'] OR $this->message['postuserid'] == $this->userinfo['userid'])
{ // This forces the inlinemod checks below to only use the moderator permissions
$userinfo = null;
$message = null;
}
}
$show['inlinemod'] = (
fetch_visitor_message_perm('canmoderatevisitormessages', $userinfo, $message)
OR
fetch_visitor_message_perm('canundeletevisitormessages', $userinfo, $message)
OR
(
(
$userinfo['userid'] == $this->registry->userinfo['userid']
AND
$this->registry->userinfo['permissions']['visitormessagepermissions'] & $this->registry->bf_ugp_visitormessagepermissions['canmanageownprofile']
AND
$this->message['state'] != 'deleted'
)
OR
can_moderate(0, 'candeletevisitormessages')
OR
can_moderate(0, 'canremovevisitormessages')
)
);
}
/**
* Prepare any data needed for the output
*
* @param string The id of the block
* @param array Options specific to the block
*/
function prepare_output($id = '', $options = array())
{
global $show, $vbphrase, $messagearea, $vBeditTemplate;
require_once DIR . '/includes/functions_visitormessage.php';
require_once DIR . '/includes/class_bbcode.php';
require_once DIR . '/includes/class_visitormessage.php';
if (is_array($options)) {
$options = array_merge($this->option_defaults, $options);
} else {
$options = $this->option_defaults;
}
if ($options['vmid']) {
$messageinfo = verify_visitormessage($options['vmid'], false);
}
$state = array('visible');
if (fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo)) {
$state[] = 'moderation';
}
if (can_moderate(0, 'canmoderatevisitormessages') or $this->registry->userinfo['userid'] == $this->profile->userinfo['userid'] and $this->registry->userinfo['permissions']['visitormessagepermissions'] & $this->registry->bf_ugp_visitormessagepermissions['canmanageownprofile']) {
$state[] = 'deleted';
$deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
} else {
$deljoinsql = '';
}
$state_or = array("visitormessage.state IN ('" . implode("','", $state) . "')");
// Get the viewing user's moderated posts
if ($this->registry->userinfo['userid'] and !fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo)) {
$state_or[] = "(visitormessage.postuserid = " . $this->registry->userinfo['userid'] . " AND state = 'moderation')";
}
$perpage = (!$options['perpage'] or $options['perpage'] > $this->registry->options['vm_maxperpage']) ? $this->registry->options['vm_perpage'] : $options['perpage'];
if ($messageinfo['vmid']) {
$getpagenum = $this->registry->db->query_first("\n\t\t\t\tSELECT COUNT(*) AS comments\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tWHERE userid = " . $this->profile->userinfo['userid'] . "\n\t\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\t\tAND dateline >= {$messageinfo['dateline']}\n\t\t\t");
$options['pagenumber'] = ceil($getpagenum['comments'] / $perpage);
}
$pagenumber = $options['pagenumber'];
do {
if (!$pagenumber or $options['tab'] != $id and $options['tab'] != '') {
$pagenumber = 1;
}
$start = ($pagenumber - 1) * $perpage;
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('member_profileblock_visitormessage_query')) ? eval($hook) : false;
if ($this->registry->options['globalignore'] != '') {
if (!can_moderate(0, 'candeletevisitormessages') and !can_moderate(0, 'canremovevisitormessages')) {
require_once DIR . '/includes/functions_bigthree.php';
$coventry = fetch_coventry('string');
}
}
$messagebits = '';
$messages = $this->registry->db->query_read("\n\t\t\t\tSELECT " . (!isset($this->profile->prepared['vm_total']) ? "SQL_CALC_FOUND_ROWS" : "") . "\n\t\t\t\t\tvisitormessage.*, user.*, visitormessage.ipaddress AS messageipaddress\n\t\t\t\t\t" . ($this->registry->userinfo['userid'] ? ",IF(userlist.userid IS NOT NULL, 1, 0) AS bbuser_iscontact_of_user" : "") . "\n\t\t\t\t\t" . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t\t\t" . ($this->registry->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "\n\t\t\t\t\t{$hook_query_fields}\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t\t" . ($this->registry->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.userid = user.userid AND userlist.type = 'buddy' AND userlist.relationid = " . $this->registry->userinfo['userid'] . ")" : "") . "\n\t\t\t\t" . ($this->registry->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t\t{$deljoinsql}\n\t\t\t\t{$hook_query_joins}\n\t\t\t\tWHERE visitormessage.userid = " . $this->profile->userinfo['userid'] . "\n\t\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\t" . ($coventry ? "AND visitormessage.postuserid NOT IN (" . $coventry . ")" : '') . "\n\t\t\t\t\t{$hook_query_where}\n\t\t\t\tORDER BY visitormessage.dateline DESC\n\t\t\t\tLIMIT {$start}, {$perpage}\n\t\t\t");
if (!isset($this->profile->prepared['vm_total'])) {
list($messagetotal) = $this->registry->db->query_first("SELECT FOUND_ROWS()", DBARRAY_NUM);
} else {
$messagetotal = $this->profile->prepared['vm_total'];
}
if ($start >= $messagetotal) {
$pagenumber = ceil($messagetotal / $perpage);
}
} while ($start >= $messagetotal and $messagetotal);
$this->block_data['messagestart'] = $start + 1;
$this->block_data['messageend'] = min($start + $perpage, $messagetotal);
$bbcode = new vB_BbCodeParser($this->registry, fetch_tag_list());
$factory = new vB_Visitor_MessageFactory($this->registry, $bbcode, $this->profile->userinfo);
$messagebits = '';
if ($this->registry->userinfo['userid'] and empty($options['showignored'])) {
$ignorelist = preg_split('/( )+/', trim($this->registry->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
} else {
$ignorelist = array();
}
$firstrecord = array();
$read_ids = array();
while ($message = $this->registry->db->fetch_array($messages)) {
// Process user.options
$message = array_merge($message, convert_bits_to_array($message['options'], $this->registry->bf_misc_useroptions));
if (!$firstrecord) {
$firstrecord = $message;
}
if ($ignorelist and in_array($message['postuserid'], $ignorelist)) {
$message['ignored'] = true;
}
if (empty($options['showignored']) and in_coventry($message['postuserid'])) {
$message['ignored'] = true;
}
$response_handler =& $factory->create($message);
$response_handler->converse = true;
if (!$message['vm_enable'] and (!can_moderate(0, 'canmoderatevisitormessages') or $this->registry->userinfo['userid'] == $message['postuserid']) or $message['vm_contactonly'] and !can_moderate(0, 'canmoderatevisitormessages') and $message['postuserid'] != $this->registry->userinfo['userid'] and !$message['bbuser_iscontact_of_user']) {
$response_handler->converse = false;
}
$response_handler->cachable = false;
$messagebits .= $response_handler->construct();
if (!$message['messageread'] and $message['state'] == 'visible') {
$read_ids[] = $message['vmid'];
}
$lastcomment = !$lastcomment ? $message['dateline'] : $lastcomment;
}
$readvms = 0;
// If it's our profile and the visible or default tab then we hope they've read it
// if ($this->profile->userinfo['userid'] == $this->registry->userinfo['userid'] AND ($options['tab'] == $id OR $options['tab'] == '') AND !empty($read_ids))
if ($this->profile->userinfo['userid'] == $this->registry->userinfo['userid']) {
if (!empty($read_ids)) {
$readvms = sizeof($read_ids);
$this->registry->db->query_write("UPDATE " . TABLE_PREFIX . "visitormessage SET messageread = 1 WHERE vmid IN (" . implode(',', $read_ids) . ")");
}
if ($this->profile->userinfo['vmunreadcount'] - $readvms > 0 and $this->registry->options['globalignore'] != '') {
// We still have unread VMs somewhere, and Tachy is enabled
build_visitor_message_counters($this->profile->userinfo['userid']);
} else {
if ($readvms) {
// This is more than likely on the second page
$this->registry->db->query_write("\n\t\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\t\tSET vmunreadcount = IF(vmunreadcount >= {$readvms}, vmunreadcount - {$readvms}, 0)\n\t\t\t\t\tWHERE userid = " . $this->registry->userinfo['userid']);
}
}
}
if ($pagenumber == 1 and (!isset($this->profile->prepared['vm_total']) or !isset($this->profile->prepared['lastvm_time']) or !isset($this->profile->prepared['lastvm_date']))) {
$pminfo = array('dateline' => $firstrecord['dateline'], 'messages' => $messagetotal);
} else {
$pminfo = null;
}
$this->profile->prepare('vm_total', $pminfo);
$this->block_data['messagebits'] = $messagebits;
$this->block_data['lastcomment'] = $lastcomment;
$show['delete'] = fetch_visitor_message_perm('candeletevisitormessages', $this->profile->userinfo);
$show['undelete'] = fetch_visitor_message_perm('canundeletevisitormessages', $this->profile->userinfo);
$show['approve'] = fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo);
$show['inlinemod'] = ($show['delete'] or $show['undelete'] or $show['approve']);
// Only allow AJAX QC on the first page
$show['quickcomment'] = $show['post_visitor_message'];
$show['allow_ajax_qc'] = ($pagenumber == 1 and $messagetotal) ? 1 : 0;
$pageinfo = array('tab' => $id);
if ($options['perpage'] != $this->registry->options['vm_perpage']) {
$pageindo['pp'] = $options['perpage'];
}
if (!empty($options['showignored'])) {
$pageinfo['showignored'] = 1;
}
$this->block_data['pagenav'] = construct_page_nav($pagenumber, $perpage, $messagetotal, '', '', $id, 'member', $this->profile->userinfo, $pageinfo);
$this->block_data['messagetotal'] = $messagetotal;
$show['view_conversation'] = (!$this->profile->prepared['myprofile'] and THIS_SCRIPT != 'converse' and $this->registry->userinfo['vm_enable']);
if ($show['quickcomment']) {
require_once DIR . '/includes/functions_editor.php';
$this->block_data['editorid'] = construct_edit_toolbar('', false, 'visitormessage', $this->registry->options['allowsmilies'], true, false, 'qr_small', '', array(), 'content', 'vBForum_VisitorMessage', 0, $this->profile->userinfo['userid']);
$this->block_data['messagearea'] = $messagearea;
$this->block_data['clientscript'] = $vBeditTemplate['clientscript'];
}
}
$response_handler->cachable = false;
$block_data['messagebits'] .= $response_handler->construct();
if ($show['inlinemod']) {
$have_inlinemod = true;
}
$block_data['lastcomment'] = !$block_data['lastcomment'] ? $message['dateline'] : $block_data['lastcomment'];
}
// our profile and ids that need read
if (!empty($read_ids)) {
$db->query_write("UPDATE " . TABLE_PREFIX . "visitormessage SET messageread = 1 WHERE vmid IN (" . implode(',', $read_ids) . ")");
build_visitor_message_counters($vbulletin->userinfo['userid']);
}
$dummydata = array();
$show['delete'] = ($have_inlinemod and fetch_visitor_message_perm('candeletevisitormessages', $userinfo2));
$show['undelete'] = ($have_inlinemod and fetch_visitor_message_perm('canundeletevisitormessages', $userinfo2));
$show['approve'] = ($have_inlinemod and fetch_visitor_message_perm('canmoderatevisitormessages', $userinfo2));
$show['inlinemod'] = ($show['delete'] or $show['undelete'] or $show['approve']);
// Only allow AJAX QC on the first page
$show['quickcomment'] = ($vbulletin->userinfo['userid'] and $viewself and $vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_visitor_messaging'] and $userinfo['vm_enable'] and $userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers'] and (!$userinfo['vm_contactonly'] or $userinfo['userid'] == $vbulletin->userinfo['userid'] or $userinfo['bbuser_iscontact_of_user'] or can_moderate(0, 'canmoderatevisitormessages')) and ($userinfo['userid'] == $vbulletin->userinfo['userid'] and $vbulletin->userinfo['permissions']['visitormessagepermissions'] & $vbulletin->bf_ugp_visitormessagepermissions['canmessageownprofile'] or $userinfo['userid'] != $vbulletin->userinfo['userid'] and $vbulletin->userinfo['permissions']['visitormessagepermissions'] & $vbulletin->bf_ugp_visitormessagepermissions['canmessageothersprofile']));
$show['post_visitor_message'] = $show['quickcomment'];
$show['allow_ajax_qc'] = ($pagenumber == 1 and $messagetotal) ? 1 : 0;
$pagenavbits = array("u={$userinfo['userid']}", "u2={$userinfo2['userid']}");
if ($perpage != $vbulletin->options['vm_perpage']) {
$pagenavbits[] = "pp={$perpage}";
}
if ($vbulletin->GPC['showignored']) {
$pagenavbits[] = 'showignored=1';
}
$pagenavurl = 'converse.php?' . $vbulletin->session->vars['sessionurl'] . implode('&', $pagenavbits);
$block_data['pagenav'] = construct_page_nav($pagenumber, $perpage, $messagetotal, $pagenavurl, '');
if ($show['quickcomment']) {
protected function fetchCanViewVisitorMessage($vmid)
{
if (!($message = $this->content['visitormessage'][$vmid])) {
return false;
}
if (!($userinfo = $this->content['user'][$message['userid']])) {
return false;
}
if ($userinfo['usergroupid'] == 4 and !(vB::$vbulletin->userinfo['permissions']['adminpermissions'] & vB::$vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
return false;
}
if ($userinfo['vm_contactonly'] and !can_moderate(0, 'canmoderatevisitormessages') and $userinfo['userid'] != vB::$vbulletin->userinfo['userid'] and !$userinfo['bbuser_iscontact_of_user'] or !$userinfo['vm_enable'] and (!can_moderate(0, 'canmoderatevisitormessages') or vB::$vbulletin->userinfo['userid'] == $userinfo['userid'])) {
return false;
}
if (!$this->fetchCanViewMembers() or !(vB::$vbulletin->userinfo['forumpermissions'] & vB::$vbulletin->bf_ugp_forumpermissions['canview']) or !(vB::$vbulletin->options['socnet'] & vB::$vbulletin->bf_misc_socnet['enable_visitor_messaging'])) {
return false;
}
if (!$this->content['user'][$message['userid']]) {
return false;
}
if (!can_view_profile_section($message['userid'], 'visitor_messaging')) {
return false;
}
require_once DIR . '/includes/functions_visitormessage.php';
if ($message['state'] == 'moderation' and !fetch_visitor_message_perm('canmoderatevisitormessages', $this->content['user'][$message['userid']], $message) and $message['postuserid'] != vB::$vbulletin->userinfo['userid']) {
return false;
}
return true;
}
/**
* vBForum_Search_Result_VisitorMessage::can_search()
*
* @param mixed $user: the id of the user requesting access
* @return bool true
*/
public function can_search($user)
//We have a function fetch_visitor_message_perm in functions_visitormessage
// that tells whether we can see this message. It needs
// $perm, &$userinfo, $message. $perm is 'canviewvisitormessages',
// $userinfo is $vbulletin->userinfo, and $message is an array which,
// as far as I can see, must have state and postuserid. The comment
// says it's the result of a call to fetch_messageinfo(), but we don't have
// any such function.
//So.. if we just pass $message twice, we have all the necessary parameters.
{
require_once( DIR . '/includes/functions_visitormessage.php');
return fetch_visitor_message_perm('canviewvisitormessages',
$this->message, $this->message);
}
/**
* vBForum_Search_Result_VisitorMessage::can_search()
*
* @param mixed $user: the id of the user requesting access
* @return bool true
*/
public function can_search($user)
{
global $vbulletin;
require_once DIR . '/includes/functions_visitormessage.php';
require_once DIR . '/includes/functions_user.php';
//if visitor messages are turned off don't display anything.
if (!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_visitor_messaging'])) {
return false;
}
//if the user can't view member profiles at all, they can't see visitor messages.
if (!$user->hasPermission('genericpermissions', 'canviewmembers')) {
return false;
}
//do we have permissions to view this visitor message based on our permissions.
if (!fetch_visitor_message_perm('canviewvisitormessages', $this->message, $this->message)) {
//We have a function fetch_visitor_message_perm in functions_visitormessage
// that tells whether we can see this message. It needs
// $perm, &$userinfo, $message. $perm is 'canviewvisitormessages',
// $userinfo is $vbulletin->userinfo, and $message is an array which,
// as far as I can see, must have state and postuserid. The comment
// says it's the result of a call to fetch_messageinfo(), but we don't have
// any such function.
//So.. if we just pass $message twice, we have all the necessary parameters.
return false;
}
//If this is a message on the current user's profile or the current user is a mod we can skip some checks.
if (!($this->message['userid'] == $user->getField('userid') or can_moderate(0, 'canmoderatevisitormessages'))) {
//if the user has disabled their visitor messages then don't show them.
//this is under the main user options rather than the profile privacy
if (!($this->message['useroptions'] & $vbulletin->bf_misc_useroptions['vm_enable'])) {
return false;
}
}
//do we have permissions to view this user's visitor messages based on privacy settings.
//do this last because it's the most likely to result in an extra query.
$relationship_level = fetch_user_relationship($this->message['userid'], $user->getField('userid'));
if ($relationship_level < $this->message['requirement']) {
return false;
}
//for some reason, in addition to the permission settings under "profile privacy" there is an option to
//limit visitor messages to "contacts only" in the main user option settings. The level for "contact" is
//2 -- anything higher than that should be considered a contact.
if ($this->message['useroptions'] & $vbulletin->bf_misc_useroptions['vm_contactonly'] and $relationship_level < 2) {
return false;
}
return true;
}
