function upload_attach_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("member"); $parser = new postParser(); $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'group_id' => Tapatalk_Input::STRING, 'content' => Tapatalk_Input::STRING), $xmlrpc_params); $fid = $input['forum_id']; //return xmlrespfalse(print_r($_FILES, true)); // Fetch forum information. $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } // Check if this forum is password protected and we have a valid password tt_check_forum_password($forum['fid']); $posthash = $input['group_id']; if (empty($posthash)) { $posthash = md5($mybb->user['uid'] . random_str()); } $mybb->input['posthash'] = $posthash; if (!empty($mybb->input['pid'])) { $attachwhere = "pid='{$mybb->input['pid']}'"; } else { $attachwhere = "posthash='{$posthash}'"; } $query = $db->simple_select("attachments", "COUNT(aid) as numattachs", $attachwhere); $attachcount = $db->fetch_field($query, "numattachs"); //if(is_array($_FILES['attachment']['name'])){ foreach ($_FILES['attachment'] as $k => $v) { if (is_array($_FILES['attachment'][$k])) { $_FILES['attachment'][$k] = $_FILES['attachment'][$k][0]; } } //} if ($_FILES['attachment']['type'] == 'image/jpg') { $_FILES['attachment']['type'] = 'image/jpeg'; } // If there's an attachment, check it and upload it if ($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0 && ($mybb->settings['maxattachments'] == 0 || $attachcount < $mybb->settings['maxattachments'])) { require_once MYBB_ROOT . "inc/functions_upload.php"; $attachedfile = upload_attachment($_FILES['attachment'], false); } if (empty($attachedfile)) { return xmlrespfalse("No file uploaded"); } //return xmlrespfalse(print_r($attachedfile, true)); if ($attachedfile['error']) { return xmlrespfalse(implode(" :: ", $attachedfile['error'])); } $result = new xmlrpcval(array('attachment_id' => new xmlrpcval($attachedfile['aid'], 'string'), 'group_id' => new xmlrpcval($posthash, 'string'), 'result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'file_size' => new xmlrpcval($attachedfile['filesize'], 'int')), 'struct'); return new xmlrpcresp($result); }
function remove_attachment_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; chdir("../"); $lang->load("member"); $parser = new postParser(); $input = Tapatalk_Input::filterXmlInput(array('attachment_id' => Tapatalk_Input::INT, 'forum_id' => Tapatalk_Input::INT, 'group_id' => Tapatalk_Input::STRING, 'post_id' => Tapatalk_Input::INT), $xmlrpc_params); $fid = $input['forum_id']; $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } tt_check_forum_password($forum['fid']); $posthash = $input['group_id']; $mybb->input['posthash'] = $posthash; // If we're removing an attachment that belongs to an existing post, some security checks... $query = $db->simple_select("attachments", "pid", "aid='{$input['attachment_id']}'"); $attachment = $db->fetch_array($query); $pid = $attachment['pid']; if ($pid > 0) { if ($pid != $input['post_id']) { return xmlrespfalse("The attachment you are trying to remove does not belong to this post"); } $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (!$post['pid']) { return xmlrespfalse($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { return tt_no_permission(); } } } else { $pid = 0; } require_once MYBB_ROOT . "inc/functions_upload.php"; remove_attachment($pid, $mybb->input['posthash'], $input['attachment_id']); return xmlresptrue(); }
function unsubscribe_forum_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("usercp"); $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT), $xmlrpc_params); $forum = get_forum($input['forum_id']); if (!$forum['fid']) { return xmlrespfalse($lang->error_invalidforum); } remove_subscribed_forum($forum['fid']); return xmlresptrue(); }
function subscribe_forum_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("usercp"); $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT), $xmlrpc_params); $forum = get_forum($input['forum_id']); if (!$forum['fid']) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($forum['fid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { return tt_no_permission(); } add_subscribed_forum($forum['fid']); return xmlresptrue(); }
function mark_all_as_read_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $forum_cache; $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT), $xmlrpc_params); if (!empty($input['forum_id'])) { $validforum = get_forum($input['forum_id']); if (!$validforum) { return xmlrespfalse('Invalid forum'); } require_once MYBB_ROOT . "/inc/functions_indicators.php"; mark_forum_read($input['forum_id']); } else { require_once MYBB_ROOT . "/inc/functions_indicators.php"; mark_all_forums_read(); } return xmlresptrue(); }
function reportthread_dopost() { require_once MYBB_ROOT . "inc/datahandlers/post.php"; global $db, $mybb; if (intval($mybb->settings['rtt_enabled']) == 1 || preg_replace("/[^a-z]/i", "", $mybb->settings['rtt_enabled']) == "yes") { if ($mybb->input['type'] == 'post') { $title = "Reported Post By "; $post = get_post($mybb->input['pid']); $thread = get_thread($post['tid']); $forum = get_forum($thread['fid']); $tlink = get_thread_link($thread['tid']); $flink = get_forum_link($thread['fid']); $reason = $mybb->input['reason']; if ($reason === 'other') { $reason = $mybb->input['comment']; } $post_data = $mybb->user['username'] . " has reported a post.\r\n\r\nOriginal Thread: [url=" . $mybb->settings['bburl'] . "/{$tlink}]" . $thread['subject'] . "[/url]\r\nForum: [url=" . $mybb->settings['bburl'] . "/{$flink}]" . $forum['name'] . "[/url]\r\n\r\nReason Given:\r\n[quote=\"" . $mybb->user['username'] . "\" dateline=\"" . time() . "\"]" . $reason . "[/quote]\r\n\r\nPost Content:\r\n[quote=\"" . $post['username'] . "\" pid=\"" . $post['pid'] . "\" dateline=\"" . $post['dateline'] . "\"]" . $post['message'] . "[/quote]"; } else { if ($mybb->input['type'] == 'reputation') { $title = "Reported Reputation By "; $rep = get_reputation_point($mybb->input['pid']); $giver = get_user($rep['adduid']); $reason = $mybb->input['reason']; if ($reason === 'other') { $reason = $mybb->input['comment']; } $post_data = $mybb->user['username'] . " has reported a reputation point.\r\n\r\nReason Given:\r\n[quote=\"" . $mybb->user['username'] . "\" dateline=\"" . time() . "\"]" . $reason . "[/quote]\r\n\r\nReputation comment:\r\n[quote=\"" . $giver['username'] . "\" dateline=\"" . $rep['dateline'] . "\"]" . $rep['comments'] . "[/quote]"; } } $new_thread = array("fid" => $mybb->settings['rtt_fid'], "prefix" => 0, "subject" => $title . $mybb->user['username'], "icon" => 0, "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "message" => $post_data, "ipaddress" => get_ip(), "posthash" => md5($mybb->user['uid'] . random_str())); $posthandler = new PostDataHandler("insert"); $posthandler->action = "thread"; $posthandler->set_data($new_thread); if ($posthandler->validate_thread()) { $thread_info = $posthandler->insert_thread(); } } }
function breadcrumb($db, $id, $get_from = 'F') { $separator = ' · '; if ($get_from == 'P') { $sql = 'SELECT forum_id, subject FROM frm_posts WHERE id = ' . $id; $result = mysql_query($sql, $db) or die(mysql_error($db)); $row = mysql_fetch_array($result); $id = $row['forum_id']; $topic = $row['subject']; mysql_free_result($result); } $row = get_forum($db, $id); $bcrumb = '<a href="frm_index.php">Home</a>' . $separator; switch ($get_from) { case 'P': $bcrumb .= '<a href="frm_view_forum.php?f=' . $id . '">' . $row['name'] . '</a>' . $separator . $topic; break; case 'F': $bcrumb .= $row['name']; break; } return '<h2>' . $bcrumb . '</h2>'; }
} // Make sure we are looking at a real thread here. if (!$thread || $thread['visible'] != 1 && $ismod == false || $thread['visible'] > 1 && $ismod == true) { error($lang->error_invalidthread); } $forumpermissions = forum_permissions($thread['fid']); // Does the user have permission to view this thread? if ($forumpermissions['canview'] != 1 || $forumpermissions['canviewthreads'] != 1) { error_no_permission(); } if (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) { error_no_permission(); } $archive_url = build_archive_link("thread", $tid); // Does the thread belong to a valid forum? $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { error($lang->error_invalidforum); } // Check if this forum is password protected and we have a valid password check_forum_password($forum['fid']); // If there is no specific action, we must be looking at the thread. if (empty($mybb->input['action'])) { $mybb->input['action'] = "thread"; } // Jump to the unread posts. if ($mybb->input['action'] == "newpost") { // First, figure out what time the thread or forum were last read $query = $db->simple_select("threadsread", "dateline", "uid='{$mybb->user['uid']}' AND tid='{$thread['tid']}'"); $thread_read = $db->fetch_field($query, "dateline"); if ($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) {
$msg->printErrors('FORUM_DENIED'); require(AT_INCLUDE_PATH.'footer.inc.php'); exit; } // set default thread display order to ascending if (!isset($_SESSION['thread_order'])) { $_SESSION['thread_order'] = 'a'; } else if (isset($_GET['order'])) { $_SESSION['thread_order'] = $_GET['order']; } $forum_info = get_forum($fid); $_pages[url_rewrite('mods/_standard/forums/forum/index.php?fid='.$fid)]['title'] = get_forum_name($fid); $_pages[url_rewrite('mods/_standard/forums/forum/index.php?fid='.$fid)]['parent'] = 'mods/_standard/forums/forum/list.php'; $_pages[url_rewrite('mods/_standard/forums/forum/index.php?fid='.$fid)]['children'] = array(url_rewrite('mods/_standard/forums/forum/new_thread.php?fid='.$fid), 'search.php?search_within[]=forums'); $_pages[url_rewrite('mods/_standard/forums/forum/new_thread.php?fid='.$fid)]['title_var'] = 'new_thread'; $_pages[url_rewrite('mods/_standard/forums/forum/new_thread.php?fid='.$fid)]['parent'] = url_rewrite('mods/_standard/forums/forum/index.php?fid='.$fid); $_pages['mods/_standard/forums/forum/view.php']['parent'] = url_rewrite('mods/_standard/forums/forum/index.php?fid='.$fid); $_pages['search.php?search_within[]=forums']['title_var'] = 'search'; $_pages['search.php?search_within[]=forums']['parent'] = url_rewrite('mods/_standard/forums/forum/index.php'); if ($_REQUEST['reply']) { $onload = 'document.form.subject.focus();'; }
$pcheck2 = array(); while ($tcheck = $db->fetch_array($query)) { if ($tcheck['count'] > 0) { $pcheck2[] = $tcheck['tid']; } } if (count($pcheck2) != count($pcheck)) { // One or more threads do not have posts after splitting error($lang->error_cantsplitall); } if ($mybb->input['moveto']) { $moveto = intval($mybb->input['moveto']); } else { $moveto = $fid; } $newforum = get_forum($moveto); if (!$newforum || $newforum['type'] != "f" || $newforum['type'] == "f" && $newforum['linkto'] != '') { error($lang->error_invalidforum); } $newsubject = $mybb->input['newsubject']; $newtid = $moderation->split_posts($posts, $tid, $moveto, $newsubject); $pid_list = implode(', ', $posts); $lang->split_selective_posts = $lang->sprintf($lang->split_selective_posts, $pid_list, $newtid); log_moderator_action($modlogdata, $lang->split_selective_posts); moderation_redirect(get_thread_link($newtid), $lang->redirect_threadsplit); break; // Approve posts - Inline moderation // Approve posts - Inline moderation case "multiapproveposts": // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
$result = mysql_query($sql, $db); write_to_log(AT_ADMIN_LOG_DELETE, 'forums', mysql_affected_rows($db), $sql); $sql = "OPTIMIZE TABLE ".TABLE_PREFIX."forums_threads"; $result = mysql_query($sql, $db); $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); header('Location: forums.php'); exit; } require(AT_INCLUDE_PATH.'header.inc.php'); $_GET['forum'] = intval($_GET['forum']); $row = get_forum($_GET['forum']); if (!is_array($row)) { $msg->addError('FORUM_NOT_FOUND'); $msg->printErrors(); } else { $hidden_vars['delete_forum'] = TRUE; $hidden_vars['forum'] = $_GET['forum']; $msg->addConfirm(array('DELETE_FORUM', AT_print($row['title'], 'forums.title')), $hidden_vars); $msg->printConfirm(); } require(AT_INCLUDE_PATH.'footer.inc.php'); ?>
function save_raw_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("editpost"); $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'post_title' => Tapatalk_Input::STRING, 'post_content' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'editreason' => Tapatalk_Input::STRING), $xmlrpc_params); $parser = new postParser(); // No permission for guests if (!$mybb->user['uid']) { return tt_no_permission(); } // Get post info $pid = $input['post_id']; $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (empty($input['post_title'])) { $input['post_title'] = $post['subject']; } if (!$post['pid']) { return xmlrespfalse($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } $thread['subject'] = htmlspecialchars_uni($thread['subject']); // Get forum info $fid = $post['fid']; $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } $forumpermissions = forum_permissions($fid); if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { return tt_no_permission(); } // Edit time limit $time = TIME_NOW; if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) { $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); return xmlrespfalse($lang->edit_time_limit); } } // Check if this forum is password protected and we have a valid password tt_check_forum_password($forum['fid']); // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $post = array("pid" => $pid, "subject" => $input['post_title'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "edit_uid" => $mybb->user['uid'], "message" => $input['post_content']); if (version_compare($mybb->version, '1.8.0', '>=') && !empty($input['editreason'])) { $post["editreason"] = $input['editreason']; } // get subscription status $query = $db->simple_select("threadsubscriptions", 'notification', "uid='" . intval($mybb->user['uid']) . "' AND tid='" . intval($tid) . "'"); $substatus = $db->fetch_array($query); // Set up the post options from the input. $post['options'] = array("signature" => 1, "subscriptionmethod" => isset($substatus['notification']) ? $substatus['notification'] == 1 ? 'instant' : 'none' : '', "disablesmilies" => 0); $posthandler->set_data($post); // Now let the post handler do all the hard work. if (!$posthandler->validate_post()) { $post_errors = $posthandler->get_friendly_errors(); return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->update_post(); $visible = $postinfo['visible']; $first_post = $postinfo['first_post']; // Help keep our attachments table clean. $db->delete_query("attachments", "filename='' OR filesize<1"); if ($visible == 0 && $first_post && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { if ($visible == 0 && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { $state = 0; } } } $pid = intval($pid); if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'"); } // update thread attachment account if (count($input['attachment_id_array']) > 0) { update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array']))); } $post = get_post($pid); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['message'] = $parser->parse_message($post['message'], $parser_options); $post['subject'] = $parser->parse_badwords($post['subject']); $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'state' => new xmlrpcval($state, 'int'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64')), 'struct'); return new xmlrpcresp($result); }
$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); } else { $msg->addError('FORUM_NO_DEL_SHARE'); } header('Location: ' . AT_BASE_HREF . 'mods/_standard/forums/index.php'); exit; } } $_section[0][0] = _AT('discussions'); $_section[0][1] = 'discussions/'; $_section[1][0] = _AT('forums'); $_section[1][1] = 'forum/list.php'; $_section[2][0] = _AT('delete_forum'); require AT_INCLUDE_PATH . 'header.inc.php'; $_GET['fid'] = intval($_GET['fid']); $row = get_forum($_GET['fid'], $_SESSION['course_id']); if (!is_array($row)) { $msg->addError('FORUM_NOT_ADDED'); } else { ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?> " method="post"> <input type="hidden" name="delete_forum" value="true"> <input type="hidden" name="fid" value="<?php echo $_GET['fid']; ?> "> <?php
/** * Soft delete one or more threads * * @param array|int Thread ID(s) * @return boolean */ function soft_delete_threads($tids) { global $db, $cache, $plugins; if (!is_array($tids)) { $tids = array($tids); } if (empty($tids)) { return false; } // Make sure we only have valid values $tids = array_map('intval', $tids); $tid_list = implode(',', $tids); $tid_moved_list = ""; $comma = ""; foreach ($tids as $tid) { $tid_moved_list .= "{$comma}'moved|{$tid}'"; $comma = ","; } $forum_counters = $user_counters = $posts_to_delete = array(); foreach ($tids as $tid) { $thread = get_thread($tid); $forum = get_forum($thread['fid']); if ($thread['visible'] == 1 || $thread['visible'] == 0) { if (!isset($forum_counters[$forum['fid']])) { $forum_counters[$forum['fid']] = array('num_posts' => 0, 'num_threads' => 0, 'num_deleted_threads' => 0, 'num_deleted_posts' => 0, 'unapproved_threads' => 0, 'unapproved_posts' => 0); } if (!isset($user_counters[$thread['uid']])) { $user_counters[$thread['uid']] = array('num_posts' => 0, 'num_threads' => 0); } ++$forum_counters[$forum['fid']]['num_deleted_threads']; $forum_counters[$forum['fid']]['num_deleted_posts'] += $thread['replies'] + $thread['unapprovedposts'] + 1; if ($thread['visible'] == 1) { ++$forum_counters[$forum['fid']]['num_threads']; $forum_counters[$forum['fid']]['num_posts'] += $thread['replies'] + 1; // Add implied invisible to count $forum_counters[$forum['fid']]['unapproved_posts'] += $thread['unapprovedposts']; } else { ++$forum_counters[$forum['fid']]['unapproved_threads']; $forum_counters[$forum['fid']]['unapproved_posts'] += $thread['replies'] + $thread['deletedposts'] + $thread['unapprovedposts'] + 1; // Add implied invisible to count $forum_counters[$forum['fid']]['num_deleted_posts'] += $thread['deletedposts']; } // On unapproving thread update user post counts if ($thread['visible'] == 1 && $forum['usepostcounts'] != 0) { $query = $db->simple_select("posts", "COUNT(pid) AS posts, uid", "tid='{$tid}' AND (visible='1' OR pid='{$thread['firstpost']}') AND uid > 0 GROUP BY uid"); while ($counter = $db->fetch_array($query)) { if (!isset($user_counters[$counter['uid']]['num_posts'])) { $user_counters[$counter['uid']]['num_posts'] = 0; } $user_counters[$counter['uid']]['num_posts'] += $counter['posts']; } } if ($thread['visible'] == 1 && $forum['usethreadcounts'] != 0 && substr($thread['closed'], 0, 6) != 'moved|') { ++$user_counters[$thread['uid']]['num_threads']; } } $posts_to_delete[] = $thread['firstpost']; } $update = array("visible" => -1); $db->update_query("threads", $update, "tid IN ({$tid_list})"); // Soft delete redirects, too $redirect_tids = array(); $query = $db->simple_select('threads', 'tid', "closed IN ({$tid_moved_list})"); mark_reports($tids, "threads"); while ($redirect_tid = $db->fetch_field($query, 'tid')) { $redirect_tids[] = $redirect_tid; } if (!empty($redirect_tids)) { $this->soft_delete_threads($redirect_tids); } if (!empty($posts_to_delete)) { $db->update_query("posts", $update, "pid IN (" . implode(',', $posts_to_delete) . ")"); } $plugins->run_hooks("class_moderation_soft_delete_threads", $tids); if (is_array($forum_counters)) { foreach ($forum_counters as $fid => $counters) { // Update stats $update_array = array("threads" => "-{$counters['num_threads']}", "unapprovedthreads" => "-{$counters['unapproved_threads']}", "posts" => "-{$counters['num_posts']}", "unapprovedposts" => "-{$counters['unapproved_posts']}", "deletedposts" => "+{$counters['num_deleted_posts']}", "deletedthreads" => "+{$counters['num_deleted_threads']}"); update_forum_counters($fid, $update_array); update_forum_lastpost($fid); } } if (!empty($user_counters)) { foreach ($user_counters as $uid => $counters) { $update_array = array("postnum" => "-{$counters['num_posts']}", "threadnum" => "-{$counters['num_threads']}"); update_user_counters($uid, $update_array); } } return true; }
/** * Move multiple threads to new forum * * @param array Thread IDs * @param int Destination forum * @return boolean true */ function move_threads($tids, $moveto) { global $db, $plugins; // Make sure we only have valid values $tids = array_map('intval', $tids); $tid_list = implode(',', $tids); $moveto = intval($moveto); $newforum = get_forum($moveto); $total_posts = $total_unapproved_posts = $total_threads = $total_unapproved_threads = 0; $query = $db->simple_select("threads", "fid, visible, replies, unapprovedposts, tid", "tid IN ({$tid_list}) AND closed NOT LIKE 'moved|%'"); while ($thread = $db->fetch_array($query)) { $forum = get_forum($thread['fid']); $total_posts += $thread['replies'] + 1; $total_unapproved_posts += $thread['unapprovedposts']; $forum_counters[$thread['fid']]['posts'] += $thread['replies'] + 1; $forum_counters[$thread['fid']]['unapprovedposts'] += $thread['unapprovedposts']; if ($thread['visible'] == 1) { $forum_counters[$thread['fid']]['threads']++; ++$total_threads; } else { $forum_counters[$thread['fid']]['unapprovedthreads']++; $forum_counters[$thread['fid']]['unapprovedposts'] += $thread['replies']; // Implied unapproved posts counter for unapproved threads ++$total_unapproved_threads; } $query1 = $db->query("\n\t\t\t\tSELECT COUNT(p.pid) AS posts, p.visible, u.uid\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\t\t\tWHERE p.tid = '{$thread['tid']}'\n\t\t\t\tGROUP BY p.visible, u.uid\n\t\t\t\tORDER BY posts DESC\n\t\t\t"); while ($posters = $db->fetch_array($query1)) { $pcount = ""; if ($newforum['usepostcounts'] != 0 && $forum['usepostcounts'] == 0 && $posters['visible'] != 0) { $pcount = "+{$posters['posts']}"; } else { if ($newforum['usepostcounts'] == 0 && $forum['usepostcounts'] != 0 && $posters['visible'] != 0) { $pcount = "-{$posters['posts']}"; } } if (!empty($pcount)) { $db->update_query("users", array("postnum" => "postnum{$pcount}"), "uid='{$posters['uid']}'", 1, true); } } } $sqlarray = array("fid" => $moveto); $db->update_query("threads", $sqlarray, "tid IN ({$tid_list})"); $db->update_query("posts", $sqlarray, "tid IN ({$tid_list})"); // If any of the thread has a prefix and the destination forum doesn't accept that prefix, remove the prefix $query = $db->simple_select("threads", "tid, prefix", "tid IN ({$tid_list}) AND prefix != 0"); while ($thread = $db->fetch_array($query)) { $query = $db->simple_select("threadprefixes", "COUNT(*) as num_prefixes", "(CONCAT(',',forums,',') LIKE '%,{$moveto},%' OR forums='-1') AND pid='" . $thread['prefix'] . "'"); if ($db->fetch_field($query, "num_prefixes") == 0) { $sqlarray = array("prefix" => 0); $db->update_query("threads", $sqlarray, "tid = '{$thread['tid']}'"); } } $arguments = array("tids" => $tids, "moveto" => $moveto); $plugins->run_hooks("class_moderation_move_threads", $arguments); if (is_array($forum_counters)) { foreach ($forum_counters as $fid => $counter) { $updated_count = array("posts" => "-{$counter['posts']}", "unapprovedposts" => "-{$counter['unapprovedposts']}"); if ($counter['threads']) { $updated_count['threads'] = "-{$counter['threads']}"; } if ($counter['unapprovedthreads']) { $updated_count['unapprovedthreads'] = "-{$counter['unapprovedthreads']}"; } update_forum_counters($fid, $updated_count); } } $updated_count = array("threads" => "+{$total_threads}", "unapprovedthreads" => "+{$total_unapproved_threads}", "posts" => "+{$total_posts}", "unapprovedposts" => "+{$total_unapproved_posts}"); update_forum_counters($moveto, $updated_count); // Remove thread subscriptions for the users who no longer have permission to view the thread $this->remove_thread_subscriptions($tid_list, false, $moveto); return true; }
} else { $pid = intval($_POST['pid']); } if (!$pid || !$fid || !valid_forum_user($fid)) { $msg->addError('ITEM_NOT_FOUND'); header('Location: ../../../forum/list.php'); exit; } $sql = "SELECT *, UNIX_TIMESTAMP(date) AS udate FROM %sforums_threads WHERE post_id=%d"; $post_row = queryDB($sql, array(TABLE_PREFIX, $pid), TRUE); if (count($post_row) == 0) { $msg->addError('ITEM_NOT_FOUND'); header('Location: ' . url_rewrite('/mods/_standard/forums/forum/list.php', AT_PRETTY_URL_IS_HEADER)); exit; } $forum_info = get_forum($fid, $_SESSION['course_id']); $expiry = $post_row['udate'] + $forum_info['mins_to_edit'] * 60; // check if we're either a) an assistant or, b) own this post and within the time allowed: if (!(authenticate(AT_PRIV_FORUMS, AT_PRIV_RETURN) || $post_row['member_id'] == $_SESSION['member_id'] && ($expiry > time() || isset($_POST['edit_post'])))) { $msg->addError('POST_EDIT_EXPIRE'); header('Location: ' . url_rewrite('mods/_standard/forums/forum/list.php', AT_PRETTY_URL_IS_HEADER)); exit; } if ($_POST['cancel']) { $msg->addFeedback('CANCELLED'); Header('Location: ' . url_rewrite('mods/_standard/forums/forum/view.php?fid=' . $_POST['fid'] . SEP . 'pid=' . $_POST['pid'], AT_PRETTY_URL_IS_HEADER)); exit; } if ($_POST['edit_post']) { $missing_fields = array(); // $_POST['subject'] = str_replace('<', '<', trim($_POST['subject']));
function get_announcement_func($xmlrpc_params) { global $db, $lang, $mybb, $position, $plugins, $pids, $groupscache; $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::STRING, 'start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); $parser = new Tapatalk_Parser(); // Load global language phrases $lang->load("announcements"); $aid = intval($_GET['aid']); // Get announcement fid $query = $db->simple_select("announcements", "fid", "aid='{$aid}'"); $announcement = $db->fetch_array($query); $plugins->run_hooks("announcements_start"); if (!$announcement) { error($lang->error_invalidannouncement); } // Get forum info $fid = $announcement['fid']; if ($fid > 0) { $forum = get_forum($fid); if (!$forum) { error($lang->error_invalidforum); } // Make navigation build_forum_breadcrumb($forum['fid']); // Permissions $forumpermissions = forum_permissions($forum['fid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { error_no_permission(); } // Check if this forum is password protected and we have a valid password check_forum_password($forum['fid']); } add_breadcrumb($lang->nav_announcements); $archive_url = build_archive_link("announcement", $aid); // Get announcement info $time = TIME_NOW; $query = $db->query("\n\t\tSELECT u.*, u.username AS userusername, a.*, f.*\n\t\tFROM " . TABLE_PREFIX . "announcements a\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND a.aid='{$aid}'\n\t"); $announcementarray = $db->fetch_array($query); if (!$announcementarray) { error($lang->error_invalidannouncement); } // Gather usergroup data from the cache // Field => Array Key $data_key = array('title' => 'grouptitle', 'usertitle' => 'groupusertitle', 'stars' => 'groupstars', 'starimage' => 'groupstarimage', 'image' => 'groupimage', 'namestyle' => 'namestyle', 'usereputationsystem' => 'usereputationsystem'); foreach ($data_key as $field => $key) { $announcementarray[$key] = $groupscache[$announcementarray['usergroup']][$field]; } $announcementarray['dateline'] = $announcementarray['startdate']; $announcementarray['userusername'] = $announcementarray['username']; $announcement = build_postbit($announcementarray, 3); $announcementarray['subject'] = $parser->parse_badwords($announcementarray['subject']); $lang->forum_announcement = $lang->sprintf($lang->forum_announcement, htmlspecialchars_uni($announcementarray['subject'])); if ($announcementarray['startdate'] > $mybb->user['lastvisit']) { $setcookie = true; if (isset($mybb->cookies['mybb']['announcements']) && is_scalar($mybb->cookies['mybb']['announcements'])) { $cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements'])); if (isset($cookie[$announcementarray['aid']])) { $setcookie = false; } } if ($setcookie) { my_set_array_cookie('announcements', $announcementarray['aid'], $announcementarray['startdate'], -1); } } $user_info = get_user($announcementarray['aid']); $icon_url = absolute_url($user_info['avatar']); // prepare xmlrpc return $xmlrpc_post = new xmlrpcval(array('topic_id' => new xmlrpcval('ann_' . $announcementarray['aid']), 'post_title' => new xmlrpcval(basic_clean($announcementarray['subject']), 'base64'), 'post_content' => new xmlrpcval(process_post($announcementarray['message'], $input['return_html']), 'base64'), 'post_author_id' => new xmlrpcval($announcementarray['uid']), 'post_author_name' => new xmlrpcval(basic_clean($announcementarray['username']), 'base64'), 'user_type' => new xmlrpcval(check_return_user_type($announcementarray['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($icon_url)), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($announcementarray['dateline']), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval($announcementarray['dateline'], 'string')), 'struct'); $result = array('total_post_num' => new xmlrpcval(1, 'int'), 'can_reply' => new xmlrpcval(false, 'boolean'), 'can_subscribe' => new xmlrpcval(false, 'boolean'), 'posts' => new xmlrpcval(array($xmlrpc_post), 'array')); return new xmlrpcresp(new xmlrpcval($result, 'struct')); }
function get_topic_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $time, $mybbgroups; $lang->load("member"); $parser = new postParser(); $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT, 'mode' => Tapatalk_Input::STRING), $xmlrpc_params); $lang->load("forumdisplay"); $fid = $input['forum_id']; $foruminfo = get_forum($fid); if (!$foruminfo) { return xmlrespfalse($lang->error_invalidforum); } list($start, $limit) = process_page($input['start_num'], $input['last_num']); $forumpermissions = forum_permissions(); $fpermissions = $forumpermissions[$fid]; if ($fpermissions['canview'] != 1) { return tt_no_permission(); } switch ($input['mode']) { case 'TOP': $stickyonly = " AND sticky=1 "; $tstickyonly = " AND t.sticky=1 "; break; case 'ANN': return get_announcement_list($foruminfo, $fid); break; default: $stickyonly = " AND sticky=0 "; $tstickyonly = " AND t.sticky=0 "; break; } if ($mybb->user['uid'] == 0) { // Build a forum cache. $query = $db->query("\n SELECT *\n FROM " . TABLE_PREFIX . "forums\n WHERE active != 0\n ORDER BY pid, disporder\n "); $forumsread = unserialize($mybb->cookies['mybb']['forumread']); if (!is_array($forumsread)) { $forumsread = array(); } } else { // Build a forum cache. $query = $db->query("\n SELECT f.*, fr.dateline AS lastread\n FROM " . TABLE_PREFIX . "forums f\n LEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')\n WHERE f.active != 0\n ORDER BY pid, disporder\n "); } while ($forum = $db->fetch_array($query)) { if ($mybb->user['uid'] == 0) { if ($forumsread[$forum['fid']]) { $forum['lastread'] = $forumsread[$forum['fid']]; } } $fcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum; } tt_check_forum_password($foruminfo['fid']); if ($foruminfo['linkto']) { return xmlrespfalse('This forum is a link'); } $visibleonly = "AND visible='1'"; $tvisibleonly = "AND t.visible='1'"; // Check if the active user is a moderator and get the inline moderation tools. if (is_moderator($fid)) { $ismod = true; $inlinecount = "0"; $inlinecookie = "inlinemod_forum" . $fid; $visibleonly = " AND (visible='1' OR visible='0')"; $tvisibleonly = " AND (t.visible='1' OR t.visible='0')"; } else { $inlinemod = ''; $ismod = false; } if (is_moderator($fid, "caneditposts") || $fpermissions['caneditposts'] == 1) { $can_edit_titles = 1; } else { $can_edit_titles = 0; } $t = "t."; $sortby = "lastpost"; $sortfield = "lastpost"; $sortordernow = "desc"; $threadcount = 0; $useronly = $tuseronly = ""; if ($fpermissions['canonlyviewownthreads'] == 1) { $useronly = "AND uid={$mybb->user['uid']}"; $tuseronly = "AND t.uid={$mybb->user['uid']}"; } if ($fpermissions['canviewthreads'] != 0) { // How many posts are there? if ($datecut > 0 || $fpermissions['canonlyviewownthreads'] == 1) { $query = $db->simple_select("threads", "COUNT(tid) AS threads", "fid = '{$fid}' {$useronly} {$visibleonly} {$stickyonly}"); $threadcount = $db->fetch_field($query, "threads"); } else { $query = $db->simple_select("threads", "COUNT(tid) AS threads", "fid = '{$fid}' {$useronly} {$visibleonly} {$stickyonly}", array('limit' => 1)); $threadcount = $db->fetch_field($query, "threads"); } } // count unread stickies $query = $db->query("\n select COUNT(t.tid) AS threads\n from " . TABLE_PREFIX . "threads t\n left join " . TABLE_PREFIX . "threadsread tr on t.tid = tr.tid and tr.uid = '{$mybb->user['uid']}'\n where t.fid = '{$fid}' {$tuseronly} {$tvisibleonly} and t.sticky=1 and (tr.dateline < t.lastpost or tr.dateline is null)\n "); $unreadStickyCount = $db->fetch_field($query, "threads"); if ($fpermissions['canviewthreads'] != 0) { // Start Getting Threads $query = $db->query("\n SELECT t.*, {$ratingadd}{$select_rating_user}t.username AS threadusername, u.username, u.avatar, s.sid as subscribed, po.message, IF(b.lifted > UNIX_TIMESTAMP() OR b.lifted = 0, 1, 0) as isbanned\n FROM " . TABLE_PREFIX . "threads t\n LEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid){$select_voting}\n LEFT JOIN " . TABLE_PREFIX . "banned b ON (b.uid = t.uid) \n LEFT JOIN " . TABLE_PREFIX . "threadsubscriptions s ON (s.tid = t.tid) AND (s.uid = '{$mybb->user['uid']}')\n LEFT JOIN " . TABLE_PREFIX . "posts po ON (po.pid = t.firstpost)\n WHERE t.fid='{$fid}' {$tuseronly} {$tvisibleonly} {$tstickyonly}\n GROUP BY t.tid\n ORDER BY t.sticky DESC, {$t}{$sortfield} {$sortordernow} {$sortfield2}\n LIMIT {$start}, {$limit}\n "); while ($thread = $db->fetch_array($query)) { $threadcache[$thread['tid']] = $thread; // If this is a moved thread - set the tid for participation marking and thread read marking to that of the moved thread if (substr($thread['closed'], 0, 5) == "moved") { $tid = substr($thread['closed'], 6); if (!$tids[$tid]) { $moved_threads[$tid] = $thread['tid']; $tids[$thread['tid']] = $tid; } } else { $tids[$thread['tid']] = $thread['tid']; if ($moved_threads[$tid]) { unset($moved_threads[$tid]); } } } } else { $threadcache = $tids = null; } if ($tids) { $tids = implode(",", $tids); } if ($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $threadcache) { $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while ($post = $db->fetch_array($query)) { if ($moved_threads[$post['tid']]) { $post['tid'] = $moved_threads[$post['tid']]; } if ($threadcache[$post['tid']]) { $threadcache[$post['tid']]['doticon'] = 1; } } } if ($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0 && $threadcache) { $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while ($readthread = $db->fetch_array($query)) { if ($moved_threads[$readthread['tid']]) { $readthread['tid'] = $moved_threads[$readthread['tid']]; } if ($threadcache[$readthread['tid']]) { $threadcache[$readthread['tid']]['lastread'] = $readthread['dateline']; } } } if ($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) { $query = $db->simple_select("forumsread", "dateline", "fid='{$fid}' AND uid='{$mybb->user['uid']}'"); $forum_read = $db->fetch_field($query, "dateline"); $read_cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24; if ($forum_read == 0 || $forum_read < $read_cutoff) { $forum_read = $read_cutoff; } } else { $forum_read = my_get_array_cookie("forumread", $fid); } $threads = ''; $load_inline_edit_js = 0; $topic_list = array(); if (is_array($threadcache)) { reset($threadcache); foreach ($threadcache as $thread) { $unreadpost = false; $moved = explode("|", $thread['closed']); $thread['author'] = $thread['uid']; if (!$thread['username']) { $thread['username'] = $thread['threadusername']; $thread['profilelink'] = $thread['threadusername']; } else { $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); } // If this thread has a prefix, insert a space between prefix and subject if ($thread['prefix'] != 0) { $threadprefix = build_prefixes($thread['prefix']); $thread['displayprefix'] = $threadprefix['displaystyle']; } $thread['subject'] = $parser->parse_badwords($thread['subject']); $prefix = ''; if ($thread['poll']) { $prefix = $lang->poll_prefix; } $thread['posts'] = $thread['replies'] + 1; if ($moved[0] == "moved") { $prefix = $lang->moved_prefix; $thread['replies'] = "-"; $thread['views'] = "-"; } $gotounread = ''; $isnew = 0; $donenew = 0; if ($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read) { if ($thread['lastread']) { $last_read = $thread['lastread']; } else { $last_read = $read_cutoff; } } else { $last_read = my_get_array_cookie("threadread", $thread['tid']); } if ($forum_read > $last_read) { $last_read = $forum_read; } if ($thread['lastpost'] > $last_read && $moved[0] != "moved") { $folder .= "new"; $folder_label .= $lang->icon_new; $new_class = "subject_new"; $unreadpost = true; } else { $folder_label .= $lang->icon_no_new; $new_class = "subject_old"; } if (!empty($thread['closed'])) { $moved = explode("|", $thread['closed']); if ($moved[0] == "moved") { $thread['subject'] = $lang->moved_prefix . ' ' . $thread['subject']; } } $new_topic = array('forum_id' => new xmlrpcval($thread['fid'], 'string'), 'topic_id' => new xmlrpcval($thread['tid'], 'string'), 'topic_title' => new xmlrpcval(basic_clean($thread['subject']), 'base64'), 'prefix' => new xmlrpcval(basic_clean($thread['displayprefix']), 'base64'), 'topic_author_id' => new xmlrpcval($thread['uid'], 'string'), 'topic_author_name' => new xmlrpcval(basic_clean($thread['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($thread['avatar']), 'string'), 'last_reply_time' => new xmlrpcval(mobiquo_iso8601_encode($thread['lastpost']), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval($thread['lastpost'], 'string'), 'short_content' => new xmlrpcval(process_short_content($thread['message'], $parser), 'base64'), 'reply_number' => new xmlrpcval(intval($thread['replies']), 'int'), 'view_number' => new xmlrpcval(intval($thread['views']), 'int'), 'is_approved' => new xmlrpcval($thread['visible'], 'boolean'), 'is_moved' => new xmlrpcval(isset($moved[0]) && $moved[0] == "moved" ? true : false, 'boolean'), 'real_topic_id' => new xmlrpcval(isset($moved[1]) ? $moved[1] : $thread['tid'])); $forumpermissions = forum_permissions($thread['fid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { $new_topic['can_subscribe'] = new xmlrpcval(false, 'boolean'); } else { $new_topic['can_subscribe'] = new xmlrpcval(true, 'boolean'); } //can_rename topic $can_rename = (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $thread['uid']) && $mybb->user['uid'] != 0; if ($unreadpost) { $new_topic['new_post'] = new xmlrpcval(true, 'boolean'); } if ($thread['sticky']) { $new_topic['is_sticky'] = new xmlrpcval(true, 'boolean'); } if (!empty($thread['subscribed'])) { $new_topic['is_subscribed'] = new xmlrpcval(true, 'boolean'); } else { $new_topic['is_subscribed'] = new xmlrpcval(false, 'boolean'); } if ($thread['closed']) { $new_topic['is_closed'] = new xmlrpcval(true, 'boolean'); } if ($thread['isbanned']) { $new_topic['is_ban'] = new xmlrpcval(true, 'boolean'); } if ($mybb->usergroup['canmodcp'] == 1) { $new_topic['can_ban'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "canmanagethreads")) { $new_topic['can_move'] = new xmlrpcval(true, 'boolean'); $new_topic['can_merge'] = new xmlrpcval(true, 'boolean'); $new_topic['can_merge_post'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "canopenclosethreads")) { $new_topic['can_close'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "candeleteposts")) { $new_topic['can_delete'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "canmanagethreads")) { $new_topic['can_stick'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "canopenclosethreads")) { $new_topic['can_approve'] = new xmlrpcval(true, 'boolean'); } if ($can_rename) { $new_topic['can_rename'] = new xmlrpcval(true, 'boolean'); } $topic_list[] = new xmlrpcval($new_topic, 'struct'); } $customthreadtools = ''; } // If there are no unread threads in this forum and no unread child forums - mark it as read require_once MYBB_ROOT . "inc/functions_indicators.php"; if (fetch_unread_count($fid) == 0 && $unread_forums == 0) { mark_forum_read($fid); } $prefix_list = array(); // Does this user have additional groups? if ($mybb->user['additionalgroups']) { $exp = explode(",", $mybb->user['additionalgroups']); // Because we like apostrophes... $imps = array(); foreach ($exp as $group) { $imps[] = "'{$group}'"; } $additional_groups = implode(",", $imps); $extra_sql = "groups IN ({$additional_groups}) OR "; } else { $extra_sql = ''; } if ($mybb->version_code >= 1600 && $mybb->user['uid']) { $prefixes = get_prefix_list($fid); foreach ($prefixes as $prefix) { $prefix_list[] = new xmlrpcval(array('prefix_id' => new xmlrpcval($prefix['pid'], "string"), 'prefix_display_name' => new xmlrpcval(basic_clean($prefix['prefix']), "base64")), "struct"); } } $read_only_forums = explode(",", $settings['tapatalk_forum_read_only']); $can_post = true; if (empty($read_only_forums) || !is_array($read_only_forums)) { $read_only_forums = array(); } if (!($foruminfo['type'] == "f" && $foruminfo['open'] != 0 && $mybb->user['uid'] > 0 && $mybb->usergroup['canpostthreads']) || in_array($fid, $read_only_forums)) { $can_post = false; } $result = array('total_topic_num' => new xmlrpcval($threadcount, 'int'), 'forum_id' => new xmlrpcval($fid, 'string'), 'forum_name' => new xmlrpcval(basic_clean($foruminfo['name']), 'base64'), 'can_post' => new xmlrpcval($can_post, 'boolean'), 'prefixes' => new xmlrpcval($prefix_list, 'array'), 'can_upload' => new xmlrpcval($fpermissions['canpostattachments'], 'boolean')); if ($unreadStickyCount) { $result['unread_sticky_count'] = new xmlrpcval($unreadStickyCount, 'int'); } if ($mybb->user['uid']) { $query = $db->simple_select("forumsubscriptions", "fid", "fid='" . $fid . "' AND uid='{$mybb->user['uid']}'", array('limit' => 1)); if ($db->fetch_field($query, 'fid')) { $result['is_subscribed'] = new xmlrpcval(true, 'boolean'); } } $result['topics'] = new xmlrpcval($topic_list, 'array'); return new xmlrpcresp(new xmlrpcval($result, 'struct')); }
function xthreads_forumdisplay() { global $db, $threadfield_cache, $fid, $mybb, $tf_filters, $xt_filters, $filters_set, $xthreads_forum_filter_form, $xthreads_forum_filter_args; // the position of the "forumdisplay_start" hook is kinda REALLY annoying... $fid = (int) $mybb->input['fid']; if ($fid < 1 || !($forum = get_forum($fid))) { return; } // replicate some MyBB behaviour if (!isset($mybb->input['sortby']) && !empty($forum['defaultsortby'])) { $mybb->input['sortby'] = $forum['defaultsortby']; } $threadfield_cache = xthreads_gettfcache($fid); // Quick Thread integration if (!empty($threadfield_cache) && function_exists('quickthread_run')) { xthreads_forumdisplay_quickthread(); } $fpermissions = forum_permissions($fid); $show_threads = $fpermissions['canview'] == 1 && $fpermissions['canviewthreads'] != 0; $tf_filters = array(); $filters_set = array('__search' => array('hiddencss' => '', 'visiblecss' => 'display: none;', 'selected' => array('' => ' selected="selected"'), 'checked' => array('' => ' checked="checked"'), 'active' => array('' => 'filtertf_active'), 'nullselected' => ' selected="selected"', 'nullchecked' => ' checked="checked"', 'nullactive' => 'filtertf_active'), '__all' => array('hiddencss' => '', 'visiblecss' => 'display: none;', 'nullselected' => ' selected="selected"', 'nullchecked' => ' checked="checked"', 'nullactive' => 'filtertf_active')); $xthreads_forum_filter_form = $xthreads_forum_filter_args = ''; $use_default_filter = true; if (!empty($threadfield_cache)) { if ($show_threads) { function xthreads_forumdisplay_dbhook(&$s, &$db) { global $threadfield_cache, $fid, $plugins, $threadfields, $xthreads_forum_sort; //if(empty($threadfield_cache)) return; $fields = ''; foreach ($threadfield_cache as &$v) { $fields .= ', tfd.`' . $v['field'] . '` AS `xthreads_' . $v['field'] . '`'; } $sortjoin = ''; if (!empty($xthreads_forum_sort) && isset($xthreads_forum_sort['sortjoin'])) { $sortjoin = ' LEFT JOIN ' . $db->table_prefix . $xthreads_forum_sort['sortjoin']; } $s = strtr($s, array('SELECT t.*, ' => 'SELECT t.*' . $fields . ', ', 'WHERE t.fid=' => 'LEFT JOIN `' . $db->table_prefix . 'threadfields_data` tfd ON t.tid=tfd.tid' . $sortjoin . ' WHERE t.fid=')); $plugins->add_hook('forumdisplay_thread', 'xthreads_forumdisplay_thread'); $threadfields = array(); } control_object($db, ' function query($string, $hide_errors=0, $write_query=0) { static $done=false; if(!$done && !$write_query && strpos($string, \'SELECT t.*, \') && strpos($string, \'t.username AS threadusername, u.username\') && strpos($string, \'FROM ' . TABLE_PREFIX . 'threads t\')) { $done = true; xthreads_forumdisplay_dbhook($string, $this); } return parent::query($string, $hide_errors, $write_query); } '); } // also check for forumdisplay filters/sort // and generate form HTML foreach ($threadfield_cache as $n => &$tf) { $filters_set[$n] = array('hiddencss' => '', 'visiblecss' => 'display: none;', 'nullselected' => ' selected="selected"', 'nullchecked' => ' checked="checked"', 'nullactive' => 'filtertf_active'); if ($tf['ignoreblankfilter']) { // will be overwritten if not blank $filters_set[$n]['selected'] = array('' => ' selected="selected"'); $filters_set[$n]['checked'] = array('' => ' checked="checked"'); $filters_set[$n]['active'] = array('' => 'filtertf_active'); } if ($tf['allowfilter'] && isset($mybb->input['filtertf_' . $n]) && xthreads_user_in_groups($tf['viewable_gids'])) { $tf_filters[$n] = $mybb->input['filtertf_' . $n]; $use_default_filter = false; // ignore blank inputs if ($tf['ignoreblankfilter'] && (is_array($tf_filters[$n]) && (empty($tf_filters[$n]) || array_unique($tf_filters[$n]) == array('')) || $tf_filters[$n] === '')) { unset($tf_filters[$n]); } } } // sorting by thread fields if ($mybb->input['sortby'] && substr($mybb->input['sortby'], 0, 2) == 'tf') { global $xthreads_forum_sort; if (substr($mybb->input['sortby'], 0, 3) == 'tf_') { $n = substr($mybb->input['sortby'], 3); if (isset($threadfield_cache[$n]) && xthreads_empty($threadfield_cache[$n]['multival']) && $threadfield_cache[$n]['inputtype'] != XTHREADS_INPUT_FILE && xthreads_user_in_groups($threadfield_cache[$n]['viewable_gids'])) { if ($threadfield_cache[$n]['inputtype'] != XTHREADS_INPUT_TEXTAREA) { // also disallow sorting by textarea inputs $xthreads_forum_sort = array('t' => 'tfd.', 'sortby' => $mybb->input['sortby'], 'sortfield' => '`' . $n . '`'); } } } elseif (substr($mybb->input['sortby'], 0, 4) == 'tfa_') { $p = strpos($mybb->input['sortby'], '_', 5); if ($p) { $field = strtolower(substr($mybb->input['sortby'], 4, $p - 4)); $n = substr($mybb->input['sortby'], $p + 1); if (isset($threadfield_cache[$n]) && xthreads_empty($threadfield_cache[$n]['multival']) && $threadfield_cache[$n]['inputtype'] == XTHREADS_INPUT_FILE && xthreads_user_in_groups($threadfield_cache[$n]['viewable_gids']) && in_array($field, array('filename', 'filesize', 'uploadtime', 'updatetime', 'downloads'))) { $xthreads_forum_sort = array('t' => 'xta.', 'sortby' => $mybb->input['sortby'], 'sortfield' => '`' . $field . '`', 'sortjoin' => 'xtattachments xta ON tfd.`' . $n . '`=xta.aid'); } } } } } if (!isset($xthreads_forum_sort) && $mybb->input['sortby'] && in_array($mybb->input['sortby'], array('prefix', 'icon', 'lastposter', 'numratings', 'attachmentcount'))) { global $xthreads_forum_sort; switch ($mybb->input['sortby']) { case 'prefix': if ($mybb->version_code >= 1500) { $xthreads_forum_sort = array('t' => $mybb->version_code >= 1604 ? 't.' : 'p.', 'sortby' => $mybb->input['sortby'], 'sortfield' => $mybb->input['sortby']); } break; case 'icon': $xthreads_forum_sort = array('t' => 't.', 'sortby' => $mybb->input['sortby'], 'sortfield' => $mybb->input['sortby']); break; case 'lastposter': case 'numratings': case 'attachmentcount': $xthreads_forum_sort = array('t' => 't.', 'sortby' => $mybb->input['sortby'], 'sortfield' => $mybb->input['sortby']); } } $xt_filters = array(); //$enabled_xtf = explode(',', $forum['xthreads_addfiltenable']); //if(!empty($enabled_xtf)) { //global $lang; //foreach($enabled_xtf as &$xtf) { $enabled_xtf = array('uid', 'icon', 'lastposteruid'); if ($mybb->version_code >= 1500) { $enabled_xtf[] = 'prefix'; } foreach ($enabled_xtf as &$xtf) { $filters_set['__xt_' . $xtf] = array('hiddencss' => '', 'visiblecss' => 'display: none;', 'nullselected' => ' selected="selected"', 'nullchecked' => ' checked="checked"', 'nullactive' => 'filtertf_active'); if (isset($mybb->input['filterxt_' . $xtf]) && $mybb->input['filterxt_' . $xtf] !== '') { $xt_filters[$xtf] = $mybb->input['filterxt_' . $xtf]; $use_default_filter = false; } } unset($enabled_xtf); //} if (function_exists('xthreads_evalcacheForumFilters')) { $xtforum = xthreads_evalcacheForumFilters($fid); if ($use_default_filter && (!empty($xtforum['defaultfilter_tf']) || !empty($xtforum['defaultfilter_xt'])) && !$mybb->input['filterdisable']) { $tf_filters = $xtforum['defaultfilter_tf']; foreach ($tf_filters as $n => &$filter) { if (!xthreads_user_in_groups($threadfield_cache[$n]['viewable_gids'])) { unset($tf_filters[$n]); continue; } } $xt_filters = $xtforum['defaultfilter_xt']; } //unset($enabled_xtf); } foreach ($tf_filters as $n => &$filter) { xthreads_forumdisplay_filter_input('filtertf_' . $n, $filter, $filters_set[$n]); } foreach ($xt_filters as $n => &$filter) { /* // sanitise input here as we may need to grab extra info if(is_array($filter)) $filter = array_map('intval', $filter); else $filter = (int)$filter; */ xthreads_forumdisplay_filter_input('filterxt_' . $n, $filter, $filters_set['__xt_' . $n]); /* if(is_array($filter)) $ids = implode(',', $filter); else $ids = $filter; // grab extra info for $filter_set array switch($n) { case 'uid': case 'lastposteruid': // perhaps might be nice if we could merge these two together... $info = xthreads_forumdisplay_xtfilter_extrainfo('users', array('username'), 'uid', $ids, 'guest'); $filters_set['__xt_'.$n]['name'] = $info['username']; break; case 'prefix': // displaystyles? if(!$lang->xthreads_no_prefix) $lang->load('xthreads'); $info = xthreads_forumdisplay_xtfilter_extrainfo('threadprefixes', array('prefix', 'displaystyle'), 'pid', $ids, 'xthreads_no_prefix'); $filters_set['__xt_'.$n]['name'] = $info['prefix']; $filters_set['__xt_'.$n]['displayname'] = $info['displaystyle']; break; case 'icon': // we'll retrieve icons from the cache rather than query the DB $icons = $GLOBALS['cache']->read('posticons'); if(is_array($filter)) $ids =& $filter; else $ids = array($ids); $filters_set['__xt_'.$n]['name'] = ''; $iconstr =& $filters_set['__xt_'.$n]['name']; foreach($ids as $id) { if($id && $icons[$id]) $iconstr .= ($iconstr?', ':'') . htmlspecialchars_uni($icons[$id]['name']); elseif(!$id) { if(!$lang->xthreads_no_icon) $lang->load('xthreads'); $iconstr .= ($iconstr?', ':'') . '<em>'.$lang->xthreads_no_icon.'</em>'; } } unset($icons); break; } */ } unset($filter); if ($xthreads_forum_filter_args) { $filters_set['__all']['urlarg'] = htmlspecialchars_uni(substr($xthreads_forum_filter_args, 1)); $filters_set['__all']['urlarga'] = '&' . $filters_set['__all']['urlarg']; $filters_set['__all']['urlargq'] = '?' . $filters_set['__all']['urlarg']; $filters_set['__all']['forminput'] = $xthreads_forum_filter_form; $filters_set['__all']['hiddencss'] = 'display: none;'; $filters_set['__all']['visiblecss'] = ''; unset($filters_set['__all']['nullselected'], $filters_set['__all']['nullchecked'], $filters_set['__all']['nullactive']); } if ($forum['xthreads_inlinesearch'] && isset($mybb->input['search']) && $mybb->input['search'] !== '') { $urlarg = 'search=' . rawurlencode($mybb->input['search']); $xthreads_forum_filter_args .= '&' . $urlarg; $GLOBALS['xthreads_forum_search_form'] = '<input type="hidden" name="search" value="' . htmlspecialchars_uni($mybb->input['search']) . '" />'; $filters_set['__search']['forminput'] =& $GLOBALS['xthreads_forum_search_form']; $filters_set['__search']['value'] = htmlspecialchars_uni($mybb->input['search']); $filters_set['__search']['urlarg'] = htmlspecialchars_uni($urlarg); $filters_set['__search']['urlarga'] = '&' . $filters_set['__search']['urlarg']; $filters_set['__search']['urlargq'] = '?' . $filters_set['__search']['urlarg']; $filters_set['__search']['selected'] = array($mybb->input['search'] => ' selected="selected"'); $filters_set['__search']['checked'] = array($mybb->input['search'] => ' checked="checked"'); $filters_set['__search']['active'] = array($mybb->input['search'] => 'filtertf_active'); $filters_set['__search']['hiddencss'] = 'display: none;'; $filters_set['__search']['visiblecss'] = ''; unset($filters_set['__search']['nullselected'], $filters_set['__search']['nullchecked'], $filters_set['__search']['nullactive']); } if ($show_threads) { $using_filter = $forum['xthreads_inlinesearch'] || !empty($tf_filters) || !empty($xt_filters); if ($using_filter || isset($xthreads_forum_sort)) { // only nice way to do all of this is to gain control of $templates, so let's do it control_object($GLOBALS['templates'], ' function get($title, $eslashes=1, $htmlcomments=1) { static $done=false; if(!$done && $title == \'forumdisplay_orderarrow\') { $done = true; ' . ($using_filter ? 'xthreads_forumdisplay_filter();' : '') . ' ' . (isset($xthreads_forum_sort) ? ' $orderbyhack = xthreads_forumdisplay_sorter(); return $orderbyhack.parent::get($title, $eslashes, $htmlcomments); ' : '') . ' } return parent::get($title, $eslashes, $htmlcomments); } '); /* if($forum['xthreads_inlinesearch']) { // give us a bit of a free speed up since this isn't really being used anyway... $templates->cache['forumdisplay_searchforum'] = ''; } */ // generate stuff for pagination/sort-links and fields for forms (sort listboxes, inline search) } } if ($forum['xthreads_fdcolspan_offset']) { control_object($GLOBALS['cache'], ' function read($name, $hard=false) { static $done=false; if(!$done && $name == "posticons" && isset($GLOBALS["colspan"])) { $done = true; $GLOBALS["colspan"] += $GLOBALS["foruminfo"]["xthreads_fdcolspan_offset"]; } return parent::read($name, $hard); } '); } }
function xthreads_xmlhttp_blankpost_hack() { global $mybb; if ($mybb->input['action'] == 'edit_post' && $mybb->input['do'] == 'get_post') { $post = get_post((int) $mybb->input['pid']); if ($post['pid']) { $thread = get_thread($post['tid']); $forum = get_forum($thread['fid']); if (!$forum['xthreads_allow_blankmsg'] || $thread['firstpost'] != $post['pid']) { return; } global $templates; if (!isset($templates->cache['xmlhttp_inline_post_editor'])) { $templates->cache('xmlhttp_inline_post_editor'); } $templates->cache['xmlhttp_inline_post_editor'] = str_replace('onclick="Thread.quickEditSave({$post[\'pid\']});"', 'onclick="Thread.spinner = new ActivityIndicator(\'body\', {image: imagepath+\'/spinner_big.gif\'}); new Ajax.Request(\'xmlhttp.php?action=edit_post&do=update_post&pid={$post[\'pid\']}&my_post_key=\'+my_post_key, {method: \'post\', postBody: \'value=\'+encodeURIComponent($(\'quickedit_{$post[\'pid\']}\').value).replace(/\\+/g, \'%2B\'), onComplete: function(request) { Thread.quickEditSaved(request, {$post[\'pid\']}); }});"', $templates->cache['xmlhttp_inline_post_editor']); } } }
if (!is_shared_forum($_POST['fid'])) { edit_forum($_POST); $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); } else { $msg->addError('FORUM_NO_EDIT_SHARE'); } header('Location: ' . AT_BASE_HREF . 'mods/_standard/forums/index.php'); exit; } } } $onload = 'document.form.title.focus();'; require AT_INCLUDE_PATH . 'header.inc.php'; $fid = intval($_REQUEST['fid']); if (!isset($_POST['submit'])) { $row = get_forum($fid, $_SESSION['course_id']); if (!is_array($row)) { $msg->addError('FORUM_NOT_FOUND'); $msg->printALL(); require AT_INCLUDE_PATH . 'footer.inc.php'; exit; } } else { $row['description'] = $_POST['body']; $row['mins_to_edit'] = $_POST['edit']; } $msg->printErrors(); $savant->assign('row', $row); $savant->assign('fid', $fid); $savant->display('instructor/forums/edit_forum.tmpl.php'); require AT_INCLUDE_PATH . 'footer.inc.php';
/** * Returns data of a specified forum * Refers to: inc/functions.php * * @param integer $forum_id ID of forum to fetch data from * @param integer $active_override If set to 1, will override the active forum status * @return array|boolean If unsuccessful, it returns false - Otherwise the Database row */ function getForum($forum_id, $active_override = 0) { $forum = get_forum($forum_id, $active_override); // Do we have permission? $forumpermissions = forum_permissions($forum['fid']); if ($forumpermissions['canview'] != 1 || $forumpermissions['canviewthreads'] != 1) { // error_no_permission(); return false; } else { return $forum; } }
/** * Updates a post that is already in the database. * */ function update_post() { global $db, $mybb, $plugins; // Yes, validating is required. if ($this->get_validated() != true) { die("The post needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The post is not valid."); } $post =& $this->data; $post['pid'] = (int) $post['pid']; $existing_post = get_post($post['pid']); $post['tid'] = $existing_post['tid']; $post['fid'] = $existing_post['fid']; $forum = get_forum($post['fid']); $forumpermissions = forum_permissions($post['fid'], $post['uid']); // Check if this is the first post in a thread. $options = array("order_by" => "dateline", "order_dir" => "asc", "limit_start" => 0, "limit" => 1); $query = $db->simple_select("posts", "pid", "tid='" . (int) $post['tid'] . "'", $options); $first_post_check = $db->fetch_array($query); if ($first_post_check['pid'] == $post['pid']) { $first_post = true; } else { $first_post = false; } // Decide on the visibility of this post. $ismod = is_moderator($post['fid'], "", $post['uid']); // Keep visibility for unapproved and deleted posts if ($existing_post['visible'] == 0) { $visible = 0; } elseif ($existing_post['visible'] == -1) { $visible = -1; } elseif ($forumpermissions['mod_edit_posts'] == 1 && !$ismod) { $visible = 0; require_once MYBB_ROOT . "inc/class_moderation.php"; $moderation = new Moderation(); $moderation->unapprove_posts(array($post['pid'])); } else { $visible = 1; } // Update the thread details that might have been changed first. if ($first_post) { $this->tid = $post['tid']; if (isset($post['prefix'])) { $this->thread_update_data['prefix'] = (int) $post['prefix']; } if (isset($post['subject'])) { $this->thread_update_data['subject'] = $db->escape_string($post['subject']); } if (isset($post['icon'])) { $this->thread_update_data['icon'] = (int) $post['icon']; } if (count($this->thread_update_data) > 0) { $plugins->run_hooks("datahandler_post_update_thread", $this); $db->update_query("threads", $this->thread_update_data, "tid='" . (int) $post['tid'] . "'"); } } // Prepare array for post updating. $this->pid = $post['pid']; if (isset($post['subject'])) { $this->post_update_data['subject'] = $db->escape_string($post['subject']); } if (isset($post['message'])) { $this->post_update_data['message'] = $db->escape_string($post['message']); } if (isset($post['editreason']) && trim($post['editreason']) != '') { $this->post_update_data['editreason'] = $db->escape_string(trim($post['editreason'])); } if (isset($post['icon'])) { $this->post_update_data['icon'] = (int) $post['icon']; } if (isset($post['options'])) { if (isset($post['options']['disablesmilies'])) { $this->post_update_data['smilieoff'] = $db->escape_string($post['options']['disablesmilies']); } if (isset($post['options']['signature'])) { $this->post_update_data['includesig'] = $db->escape_string($post['options']['signature']); } } // If we need to show the edited by, let's do so. if ($mybb->settings['showeditedby'] == 1 && !is_moderator($post['fid'], "caneditposts", $post['edit_uid']) || $mybb->settings['showeditedbyadmin'] == 1 && is_moderator($post['fid'], "caneditposts", $post['edit_uid'])) { $this->post_update_data['edituid'] = (int) $post['edit_uid']; $this->post_update_data['edittime'] = TIME_NOW; } $plugins->run_hooks("datahandler_post_update", $this); $db->update_query("posts", $this->post_update_data, "pid='" . (int) $post['pid'] . "'"); // Automatic subscription to the thread if ($post['options']['subscriptionmethod'] != "" && $post['uid'] > 0) { switch ($post['options']['subscriptionmethod']) { case "pm": $notification = 2; break; case "email": $notification = 1; break; default: $notification = 0; } require_once MYBB_ROOT . "inc/functions_user.php"; add_subscribed_thread($post['tid'], $notification, $post['uid']); } else { $db->delete_query("threadsubscriptions", "uid='" . (int) $post['uid'] . "' AND tid='" . (int) $post['tid'] . "'"); } update_forum_lastpost($post['fid']); update_last_post($post['tid']); // Return the thread's first post id and whether or not it is visible. $this->return_values = array('visible' => $visible, 'first_post' => $first_post); $plugins->run_hooks("datahandler_post_update_end", $this); return $this->return_values; }
// Load global language phrases $lang->load("report"); if ($mybb->usergroup['canview'] == 0 || !$mybb->user['uid']) { error_no_permission(); } if ($mybb->input['action'] != "do_report") { $mybb->input['action'] = "report"; } $post = get_post($mybb->input['pid']); if (!$post['pid']) { $error = $lang->error_invalidpost; eval("\$report_error = \"" . $templates->get("report_error") . "\";"); output_page($report_error); exit; } $forum = get_forum($post['fid']); if (!$forum) { $error = $lang->error_invalidforum; eval("\$report_error = \"" . $templates->get("report_error") . "\";"); output_page($report_error); exit; } // Password protected forums ......... yhummmmy! check_forum_password($forum['parentlist']); $thread = get_thread($post['tid']); if ($mybb->input['action'] == "report") { $plugins->run_hooks("report_start"); $pid = $mybb->input['pid']; eval("\$report = \"" . $templates->get("report") . "\";"); $plugins->run_hooks("report_end"); output_page($report);
if ($mybb->user['subscriptionmethod'] == 2) { $notification_email_checked = "checked=\"checked\""; } else { if ($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\""; } } } $plugins->run_hooks("usercp2_addsubscription_thread"); eval("\$add_subscription = \"" . $templates->get("usercp_addsubscription_thread") . "\";"); output_page($add_subscription); exit; } } elseif ($mybb->get_input('action') == "removesubscription") { if ($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if (!$forum) { error($lang->error_invalidforum); } $plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if ($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if (!$thread) { error($lang->error_invalidthread);
$thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']); if ($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0) { $notification_none_checked = "checked=\"checked\""; } else { if ($mybb->user['subscriptionmethod'] == 2) { $notification_instant_checked = "checked=\"checked\""; } } eval("\$add_subscription = \"" . $templates->get("usercp_addsubscription_thread") . "\";"); output_page($add_subscription); } } elseif ($mybb->input['action'] == "removesubscription") { if ($mybb->input['type'] == "forum") { $forum = get_forum($mybb->input['fid']); if (!$forum['fid']) { error($lang->error_invalidforum); } remove_subscribed_forum($forum['fid']); if ($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved); } else { $thread = get_thread($mybb->input['tid']); if (!$thread['tid']) { error($lang->error_invalidthread); }
function firstpreview_ajax() { global $mybb, $db, $lang, $charset; // Get the first post if (isset($mybb->input['firstpost']) && $mybb->input['firstpost'] == 1 && $mybb->request_method == "post") { $thread = get_thread((int) $mybb->input['tid']); $permissions = forum_permissions($thread['fid']); require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $post = get_post($thread['firstpost']); $forum = get_forum($thread['fid']); $user = get_user($post['uid']); $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); $threaddate = my_date($mybb->settings['dateformat'], $thread['dateline']); $threadtime = my_date($mybb->settings['timeformat'], $thread['dateline']); $threadposted = ' (' . $threaddate . ', ' . $threadtime . ')'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; $id = 0; $post['message'] = $parser->parse_message($post['message'], $parser_options); if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) { $post['message'] = strip_tags($post['message'], "<br><p><ul><ol><li>"); } if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($post['message']) > (int) $mybb->settings['firstpreview_length']) { $post['message'] = my_substr($post['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...'; } if (isset($permissions['canviewthreads']) && $permissions['canviewthreads'] == 1) { $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span>\n\t\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $thread['subject'] . "</div>\n\t\t\t<div class=\"tcat\" style=\"padding-left:10px; height: 10%;\">" . build_profile_link(format_name(htmlspecialchars_uni($post['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $post['uid']) . "<span class=\"smalltext\">" . $threadposted . "</span></div>\n\t\t\t<div class=\"prev_content\">" . $post['message'] . "</div>\n\t\t\t</div>"; } else { $lang->load("messages"); $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span><div class=\"prev_content\" style=\"text-align:center;\">" . $lang->error_nopermission_user_ajax . "</div></div>"; } header("Content-type: text/plain; charset={$charset}"); echo $preview; exit; } // Get the last post if (isset($mybb->settings['firstpreview_last']) && $mybb->settings['firstpreview_last'] != 0 && isset($mybb->input['lastpost']) && $mybb->input['lastpost'] == 1 && $mybb->request_method == "post") { $thread = get_thread((int) $mybb->input['tid']); $tid = (int) $thread['tid']; $permissions = forum_permissions($thread['fid']); require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $lastposter = (int) $thread['lastposteruid']; $lastposttime = (int) $thread['lastpost']; $query = $db->simple_select('posts', '*', "uid = '" . $lastposter . "' AND dateline = '" . $lastposttime . "' AND tid = '" . $tid . "'"); $post = $db->fetch_array($query); $forum = get_forum($thread['fid']); $user = get_user($post['uid']); $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); $lastdate = my_date($mybb->settings['dateformat'], $lastposttime); $lasttime = my_date($mybb->settings['timeformat'], $lastposttime); $lastposted = ' (' . $lastdate . ', ' . $lasttime . ')'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; $id = 0; $post['message'] = $parser->parse_message($post['message'], $parser_options); if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) { $post['message'] = strip_tags($post['message'], "<br><p><ul><ol><li>"); } if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($post['message']) > (int) $mybb->settings['firstpreview_length']) { $post['message'] = my_substr($post['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...'; } if (isset($permissions['canviewthreads']) && $permissions['canviewthreads'] == 1) { $lang->load("forumdisplay"); $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span>\n\t\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $thread['subject'] . "</div>\n\t\t\t<div class=\"tcat\" style=\"padding-left:10px; padding-right:10px;\">" . build_profile_link(format_name(htmlspecialchars_uni($post['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $post['uid']) . "<span class=\"smalltext\">" . $lastposted . "<span class=\"float_right\"><strong>" . $lang->lastpost . "</strong></span></span></div>\n\t\t\t<div class=\"prev_content\">" . $post['message'] . "</div>\n\t\t\t</div>"; } else { $lang->load("messages"); $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span><div class=\"prev_content\" style=\"text-align:center;\">" . $lang->error_nopermission_user_ajax . "</div></div>"; } header("Content-type: text/plain; charset={$charset}"); echo $preview; exit; } }
function m_delete_post_func($xmlrpc_params) { global $input, $post, $thread, $forum, $pid, $tid, $fid, $modlogdata, $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $moderation, $parser; $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'mode' => Tapatalk_Input::INT, 'reason_text' => Tapatalk_Input::STRING), $xmlrpc_params); // Load global language phrases $lang->load("editpost"); $plugins->run_hooks("editpost_start"); // No permission for guests if (!$mybb->user['uid']) { error_no_permission(); } // Get post info $pid = intval($input['post_id']); $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (!$post['pid']) { error($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { error($lang->error_invalidthread); } // Get forum info $fid = $post['fid']; $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { error($lang->error_closedinvalidforum); } if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) { error_no_permission(); } $forumpermissions = forum_permissions($fid); if (!is_moderator($fid, "candeleteposts")) { if ($thread['closed'] == 1) { error($lang->redirect_threadclosed); } if ($forumpermissions['candeleteposts'] == 0) { error_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { error_no_permission(); } } // Check if this forum is password protected and we have a valid password check_forum_password($forum['fid']); $plugins->run_hooks("editpost_deletepost"); $modlogdata['fid'] = $fid; $modlogdata['tid'] = $tid; $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline", "order_dir" => "asc")); $firstcheck = $db->fetch_array($query); if ($firstcheck['pid'] == $pid) { if ($forumpermissions['candeletethreads'] == 1 || is_moderator($fid, "candeletethreads")) { delete_thread($tid); mark_reports($tid, "thread"); log_moderator_action($modlogdata, $lang->thread_deleted); } else { error_no_permission(); } } else { if ($forumpermissions['candeleteposts'] == 1 || is_moderator($fid, "candeleteposts")) { // Select the first post before this delete_post($pid, $tid); mark_reports($pid, "post"); log_moderator_action($modlogdata, $lang->post_deleted); } else { error_no_permission(); } } $response = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'is_login_mod' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval("", 'base64')), 'struct'); return new xmlrpcresp($response); }
// 120 is the varchar length for the subject column echo json_encode(array("subject" => '<a href="' . get_thread_link($thread['tid']) . '">' . htmlspecialchars_uni($subject) . '</a>')); // Close the connection. exit; } else { if ($mybb->input['action'] == "edit_post") { // Fetch the post from the database. $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT)); // No result, die. if (!$post) { xmlhttp_error($lang->post_doesnt_exist); } // Fetch the thread associated with this post. $thread = get_thread($post['tid']); // Fetch the specific forum this thread/post is in. $forum = get_forum($thread['fid']); // Missing thread, invalid forum? Error. if (!$thread || !$forum || $forum['type'] != "f") { xmlhttp_error($lang->thread_doesnt_exist); } // Fetch forum permissions. $forumpermissions = forum_permissions($forum['fid']); $plugins->run_hooks("xmlhttp_edit_post_start"); // If this user is not a moderator with "caneditposts" permissions. if (!is_moderator($forum['fid'], "caneditposts")) { // Thread is closed - no editing allowed. if ($thread['closed'] == 1) { xmlhttp_error($lang->thread_closed_edit_message); } else { if ($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0 || $mybb->user['suspendposting'] == 1) { xmlhttp_error($lang->no_permission_edit_post);
function xthreads_upload_attachments_global() { //if($mybb->request_method == 'post' && ($current_page == 'newthread.php' || ($current_page == 'editpost.php' && $mybb->input['action'] != 'deletepost')) // the above line is always checked and true global $mybb, $current_page, $thread; if ($current_page == 'editpost.php') { // check if first post $pid = (int) $mybb->input['pid']; if (!$thread) { $post = get_post($pid); if (!empty($post)) { $thread = get_thread($post['tid']); } if (empty($thread)) { return; } $pid = $post['pid']; } if ($thread['firstpost'] != $pid) { return; } } elseif ($mybb->input['tid']) { /* ($mybb->input['action'] == 'editdraft' || $mybb->input['action'] == 'savedraft') && */ $thread = get_thread((int) $mybb->input['tid']); if ($thread['visible'] != -2 || $thread['uid'] != $mybb->user['uid']) { // ensure that this is, indeed, a draft unset($GLOBALS['thread']); } } // permissions check - ideally, should get MyBB to do this, but I see no easy way to implement it unfortunately if ($mybb->user['suspendposting'] == 1) { return; } if ($thread['fid']) { $fid = $thread['fid']; } else { $fid = (int) $mybb->input['fid']; } $forum = get_forum($fid); if (!$forum['fid'] || $forum['open'] == 0 || $forum['type'] != 'f') { return; } $forumpermissions = forum_permissions($fid); if ($forumpermissions['canview'] == 0) { return; } if ($current_page == 'newthread.php' && $forumpermissions['canpostthreads'] == 0) { return; } elseif ($current_page == 'editpost.php') { if (!is_moderator($fid, 'caneditposts')) { if ($thread['closed'] == 1 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $thread['uid']) { return; } if ($mybb->settings['edittimelimit'] != 0 && $thread['dateline'] < TIME_NOW - $mybb->settings['edittimelimit'] * 60) { return; } } } if (!verify_post_check($mybb->input['my_post_key'], true)) { return; } check_forum_password($forum['fid']); xthreads_upload_attachments(); }