function create_message_func($xmlrpc_params)
{
global $db, $user, $auth, $config, $phpbb_root_path, $phpEx;
$user->setup('ucp');
include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx;
include_once $phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx;
if (!$user->data['is_registered']) {
trigger_error('LOGIN_EXPLAIN_UCP');
}
if (!$config['allow_privmsg']) {
trigger_error('Module not accessible');
}
// Flood check
$current_time = time();
$last_post_time = $user->data['user_lastpost_time'];
if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) {
trigger_error('FLOOD_ERROR');
}
$params = php_xmlrpc_decode($xmlrpc_params);
if (!is_array($params[0]) || empty($params[0]) || !isset($params[1]) || utf8_clean_string($params[1]) === '' || !isset($params[2])) {
trigger_error('Required paramerter missing');
} else {
$user_name = $params[0];
$_REQUEST['subject'] = $params[1];
$_REQUEST['message'] = $params[2];
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$text_body = utf8_normalize_nfc(request_var('message', '', true));
require_once 'include/emoji.php';
$text_body = emoji_unified_to_names($text_body);
}
$action = 'post';
// default action
if (isset($params[3])) {
if ($params[3] == 1) {
$action = 'reply';
$msg_id = intval($params[4]);
} else {
if ($params[3] == 2) {
$action = 'forword';
$msg_id = intval($params[4]);
}
}
if (!$msg_id) {
trigger_error('NO_MESSAGE');
}
}
if (($action == 'post' || $action == 'reply') && !$auth->acl_get('u_sendpm')) {
trigger_error('NO_AUTH_SEND_MESSAGE');
}
if ($action == 'forward' && (!$config['forward_pm'] || !$auth->acl_get('u_pm_forward'))) {
trigger_error('NO_AUTH_FORWARD_MESSAGE');
}
// Do NOT use request_var or specialchars here
$address_list = array('u' => array());
foreach ($user_name as $msg_to_name) {
$user_id = get_user_id_by_name(trim($msg_to_name));
if ($user_id) {
$address_list['u'][$user_id] = 'to';
} else {
trigger_error('PM_NO_USERS');
}
}
$sql = '';
// What is all this following SQL for? Well, we need to know
// some basic information in all cases before we do anything.
if ($action != 'post') {
$sql = 'SELECT t.folder_id, p.*, u.username as quote_username
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE t.user_id = ' . $user->data['user_id'] . "\n AND p.author_id = u.user_id\n AND t.msg_id = p.msg_id\n AND p.msg_id = {$msg_id}";
}
if ($sql) {
$result = $db->sql_query($sql);
$post = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$post) {
trigger_error('NO_MESSAGE');
}
if (!$post['author_id'] || $post['author_id'] == ANONYMOUS) {
trigger_error('NO_AUTHOR');
}
}
include $phpbb_root_path . 'includes/message_parser.' . $phpEx;
$message_parser = new parse_message();
// Get maximum number of allowed recipients
if ($config['version'] > '3.0.3') {
$sql = 'SELECT MAX(g.group_max_recipients) as max_recipients
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0
AND ug.group_id = g.group_id';
$result = $db->sql_query($sql);
$max_recipients = (int) $db->sql_fetchfield('max_recipients');
$db->sql_freeresult($result);
$max_recipients = !$max_recipients ? $config['pm_max_recipients'] : $max_recipients;
} else {
$max_recipients = 10;
}
// If this is a quote/reply "to all"... we may increase the max_recpients to the number of original recipients
if (($action == 'reply' || $action == 'quote') && $max_recipients) {
// We try to include every previously listed member from the TO Header
$list = rebuild_header(array('to' => $post['to_address']));
// Can be an empty array too ;)
$list = !empty($list['u']) ? $list['u'] : array();
$list[$post['author_id']] = 'to';
if (isset($list[$user->data['user_id']])) {
unset($list[$user->data['user_id']]);
}
$max_recipients = $max_recipients < sizeof($list) ? sizeof($list) : $max_recipients;
unset($list);
}
// Handle User/Group adding/removing
handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc);
if ($error) {
$error_msg = trim(strip_tags(implode("\n", $error)));
trigger_error($error_msg);
}
// Check mass pm to group permission
if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group')) && !empty($address_list['g'])) {
$address_list = array();
trigger_error('NO_AUTH_GROUP_MESSAGE');
}
// Check mass pm to users permission
if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1) {
$address_list = get_recipients($address_list, 1);
trigger_error('TOO_MANY_RECIPIENTS');
}
// Check for too many recipients
if (!empty($address_list['u']) && $max_recipients && sizeof($address_list['u']) > $max_recipients) {
$address_list = get_recipients($address_list, $max_recipients);
trigger_error('TOO_MANY_RECIPIENTS');
}
$enable_bbcode = $config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode') ? true : false;
$enable_smilies = $config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies') ? true : false;
$img_status = $config['auth_img_pm'] && $auth->acl_get('u_pm_img') ? true : false;
$flash_status = $config['auth_flash_pm'] && $auth->acl_get('u_pm_flash') ? true : false;
$enable_urls = true;
$enable_sig = false;
$message_parser->message = $text_body;
// Parse message
$message_parser->parse($enable_bbcode, $config['allow_post_links'] ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']);
$pm_data = array('msg_id' => (int) $msg_id, 'from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'reply_from_root_level' => isset($post['root_level']) ? (int) $post['root_level'] : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => 0, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list);
$msg_id = submit_pm($action, $subject, $pm_data);
$result = new xmlrpcval(array('result' => new xmlrpcval($msg_id ? true : false, 'boolean'), 'msg_id' => new xmlrpcval($msg_id, 'string')), 'struct');
return new xmlrpcresp($result);
}
function get_user_info_func($xmlrpc_params)
{
global $db, $user, $auth, $template, $config, $phpbb_root_path, $phpEx, $table_prefix;
$user->setup(array('memberlist', 'groups'));
if (!$auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) {
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('NO_VIEW_USERS');
}
trigger_error('LOGIN_EXPLAIN_VIEWPROFILE');
}
$params = php_xmlrpc_decode($xmlrpc_params);
$username = $params[0];
if (isset($params[1]) && !empty($params[1])) {
$user_id = $params[1];
} elseif (isset($params[0]) && !empty($params[0])) {
$username = $params[0];
$user_id = get_user_id_by_name($username);
} else {
$user_id = $user->data['user_id'];
}
$user_id = intval($user_id);
// Display a profile
if (!$user_id) {
trigger_error('NO_USER');
}
// Get user...
$sql = 'SELECT *
FROM ' . USERS_TABLE . "\r\r\n WHERE user_id = '{$user_id}'";
$result = $db->sql_query($sql);
$member = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$member) {
trigger_error('NO_USER');
}
// a_user admins and founder are able to view inactive users and bots to be able to manage them more easily
// Normal users are able to see at least users having only changed their profile settings but not yet reactivated.
if (!$auth->acl_get('a_user') && $user->data['user_type'] != USER_FOUNDER) {
if ($member['user_type'] == USER_IGNORE) {
trigger_error('NO_USER');
} else {
if ($member['user_type'] == USER_INACTIVE && $member['user_inactive_reason'] != INACTIVE_PROFILE) {
trigger_error('NO_USER');
}
}
}
$user_id = (int) $member['user_id'];
// Do the SQL thang
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug\r\r\n WHERE ug.user_id = {$user_id}\r\r\n AND g.group_id = ug.group_id" . (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? ' AND g.group_type <> ' . GROUP_HIDDEN : '') . '
AND ug.user_pending = 0
ORDER BY g.group_type, g.group_name';
$result = $db->sql_query($sql);
$group_options = '';
while ($row = $db->sql_fetchrow($result)) {
if ($row['group_type'] == GROUP_SPECIAL) {
// Lookup group name in language dictionary
if (isset($user->lang['G_' . $row['group_name']])) {
$row['group_name'] = $user->lang['G_' . $row['group_name']];
}
} else {
if (!$auth_hidden_groups && $row['group_type'] == GROUP_HIDDEN && !isset($user_groups[$row['group_id']])) {
// Skip over hidden groups the user cannot see
continue;
}
}
$group_options .= $row['group_id'] == $member['group_id'] ? $row['group_name'] . " *\n" : $row['group_name'] . "\n";
}
$group_options = trim($group_options);
$db->sql_freeresult($result);
// What colour is the zebra
$sql = 'SELECT friend, foe
FROM ' . ZEBRA_TABLE . "\r\r\n WHERE zebra_id = {$user_id}\r\r\n AND user_id = {$user->data['user_id']}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$foe = $row['foe'] ? true : false;
$friend = $row['friend'] ? true : false;
$db->sql_freeresult($result);
if ($config['load_onlinetrack']) {
if ($config['version'] < '3.0.3') {
$sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline, session_page
FROM ' . SESSIONS_TABLE . "\r\r\n WHERE session_user_id = {$user_id}\r\r\n GROUP BY session_page\r\r\n ORDER BY session_time DESC";
} else {
$sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline, session_page, session_forum_id
FROM ' . SESSIONS_TABLE . "\r\r\n WHERE session_user_id = {$user_id}\r\r\n GROUP BY session_page, session_forum_id\r\r\n ORDER BY session_time DESC";
}
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$member['session_time'] = isset($row['session_time']) ? $row['session_time'] : 0;
$member['session_viewonline'] = isset($row['session_viewonline']) ? $row['session_viewonline'] : 0;
$member['session_page'] = isset($row['session_page']) ? $row['session_page'] : 0;
$member['session_forum_id'] = isset($row['session_forum_id']) ? $row['session_forum_id'] : 0;
unset($row);
}
if ($config['load_user_activity']) {
display_user_activity($member);
}
// Do the relevant calculations
$memberdays = max(1, round((time() - $member['user_regdate']) / 86400));
$posts_per_day = $member['user_posts'] / $memberdays;
$percentage = $config['num_posts'] ? min(100, $member['user_posts'] / $config['num_posts'] * 100) : 0;
if ($member['user_sig']) {
$member['user_sig'] = censor_text($member['user_sig']);
if ($member['user_sig_bbcode_bitfield']) {
include_once $phpbb_root_path . 'includes/bbcode.' . $phpEx;
$bbcode = new bbcode();
$bbcode->bbcode_second_pass($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield']);
}
$member['user_sig'] = bbcode_nl2br($member['user_sig']);
$member['user_sig'] = smiley_text($member['user_sig']);
}
$poster_avatar = get_user_avatar($member['user_avatar'], $member['user_avatar_type'], $member['user_avatar_width'], $member['user_avatar_height']);
// We need to check if the modules 'zebra' ('friends' & 'foes' mode), 'notes' ('user_notes' mode) and 'warn' ('warn_user' mode) are accessible to decide if we can display appropriate links
$zebra_enabled = $friends_enabled = $foes_enabled = $user_notes_enabled = $warn_user_enabled = false;
// Only check if the user is logged in
if ($user->data['is_registered']) {
if (!class_exists('p_master')) {
include $phpbb_root_path . 'includes/functions_module.' . $phpEx;
}
$module = new p_master();
$module->list_modules('ucp');
$module->list_modules('mcp');
$user_notes_enabled = $module->loaded('notes', 'user_notes') ? true : false;
$warn_user_enabled = $module->loaded('warn', 'warn_user') ? true : false;
$zebra_enabled = $module->loaded('zebra') ? true : false;
$friends_enabled = $module->loaded('zebra', 'friends') ? true : false;
$foes_enabled = $module->loaded('zebra', 'foes') ? true : false;
unset($module);
}
$template->assign_vars(show_profile($member, $user_notes_enabled, $warn_user_enabled));
// Custom Profile Fields
$profile_fields = array();
if ($config['load_cpf_viewprofile']) {
include_once $phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx;
$cp = new custom_profile();
$profile_fields = $cp->generate_profile_fields_template('grab', $user_id);
$profile_fields = isset($profile_fields[$user_id]) ? $cp->generate_profile_fields_template('show', false, $profile_fields[$user_id]) : array();
}
// If the user has m_approve permission or a_user permission, then list then display unapproved posts
if ($auth->acl_getf_global('m_approve') || $auth->acl_get('a_user')) {
$sql = 'SELECT COUNT(post_id) as posts_in_queue
FROM ' . POSTS_TABLE . '
WHERE poster_id = ' . $user_id . '
AND post_approved = 0';
$result = $db->sql_query($sql);
$member['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue');
$db->sql_freeresult($result);
} else {
$member['posts_in_queue'] = 0;
}
$template->assign_vars(array('OCCUPATION' => !empty($member['user_occ']) ? censor_text($member['user_occ']) : '', 'INTERESTS' => !empty($member['user_interests']) ? censor_text($member['user_interests']) : '', 'SIGNATURE' => $member['user_sig'], 'POSTS_IN_QUEUE' => $member['posts_in_queue'], 'AVATAR_IMG' => $poster_avatar, 'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']), 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['EMAIL']), 'WWW_IMG' => $user->img('icon_contact_www', $user->lang['WWW']), 'ICQ_IMG' => $user->img('icon_contact_icq', $user->lang['ICQ']), 'AIM_IMG' => $user->img('icon_contact_aim', $user->lang['AIM']), 'MSN_IMG' => $user->img('icon_contact_msnm', $user->lang['MSNM']), 'YIM_IMG' => $user->img('icon_contact_yahoo', $user->lang['YIM']), 'JABBER_IMG' => $user->img('icon_contact_jabber', $user->lang['JABBER']), 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']), 'S_PROFILE_ACTION' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group'), 'S_GROUP_OPTIONS' => $group_options, 'S_CUSTOM_FIELDS' => isset($profile_fields['row']) && sizeof($profile_fields['row']) ? true : false, 'U_USER_ADMIN' => $auth->acl_get('a_user') ? append_sid("{$phpbb_root_path}adm/index.{$phpEx}", 'i=users&mode=overview&u=' . $user_id, true, $user->session_id) : '', 'U_USER_BAN' => $auth->acl_get('m_ban') && $user_id != $user->data['user_id'] ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=ban&mode=user&u=' . $user_id, true, $user->session_id) : '', 'U_MCP_QUEUE' => $auth->acl_getf_global('m_approve') ? append_sid("{$phpbb_root_path}mcp.{$phpEx}", 'i=queue', true, $user->session_id) : '', 'S_USER_NOTES' => $user_notes_enabled ? true : false, 'S_WARN_USER' => $warn_user_enabled ? true : false, 'S_ZEBRA' => $user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled ? true : false, 'U_ADD_FRIEND' => !$friend && !$foe && $friends_enabled ? append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=zebra&add=' . urlencode(htmlspecialchars_decode($member['username']))) : '', 'U_ADD_FOE' => !$friend && !$foe && $foes_enabled ? append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=zebra&mode=foes&add=' . urlencode(htmlspecialchars_decode($member['username']))) : '', 'U_REMOVE_FRIEND' => $friend && $friends_enabled ? append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=zebra&remove=1&usernames[]=' . $user_id) : '', 'U_REMOVE_FOE' => $foe && $foes_enabled ? append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=zebra&remove=1&mode=foes&usernames[]=' . $user_id) : ''));
if (!empty($profile_fields['row'])) {
$template->assign_vars($profile_fields['row']);
}
if (!empty($profile_fields['blockrow'])) {
foreach ($profile_fields['blockrow'] as $field_data) {
$template->assign_block_vars('custom_fields', $field_data);
}
}
// Inactive reason/account?
if ($member['user_type'] == USER_INACTIVE) {
$user->add_lang('acp/common');
$inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
switch ($member['user_inactive_reason']) {
case INACTIVE_REGISTER:
$inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
break;
case INACTIVE_PROFILE:
$inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
break;
case INACTIVE_MANUAL:
$inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
break;
case INACTIVE_REMIND:
$inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
break;
}
$template->assign_vars(array('S_USER_INACTIVE' => true, 'USER_INACTIVE_REASON' => $inactive_reason));
}
$custom_fields_list = get_custom_fields();
if (!empty($member['user_sig'])) {
$custom_fields_list[] = new xmlrpcval(array('name' => new xmlrpcval($user->lang['SIGNATURE'], 'base64'), 'value' => new xmlrpcval(basic_clean($member['user_sig']), 'base64')), 'struct');
}
if ($member['user_id'] == $user->data['user_id'] && push_table_exists()) {
$sql = "SELECT * FROM " . $table_prefix . "tapatalk_users WHERE userid = '" . $member['user_id'] . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
if (!empty($row)) {
array_push($custom_fields_list, new xmlrpcval(array('name' => new xmlrpcval('Notification - Message', 'base64'), 'value' => new xmlrpcval($row['pm'] ? 'On' : 'Off', 'base64')), 'struct'));
array_push($custom_fields_list, new xmlrpcval(array('name' => new xmlrpcval('Notification - Quoted', 'base64'), 'value' => new xmlrpcval($row['quote'] ? 'On' : 'Off', 'base64')), 'struct'));
array_push($custom_fields_list, new xmlrpcval(array('name' => new xmlrpcval('Notification - Mentioned', 'base64'), 'value' => new xmlrpcval($row['tag'] ? 'On' : 'Off', 'base64')), 'struct'));
array_push($custom_fields_list, new xmlrpcval(array('name' => new xmlrpcval('Notification - New Topic', 'base64'), 'value' => new xmlrpcval($row['newtopic'] ? 'On' : 'Off', 'base64')), 'struct'));
array_push($custom_fields_list, new xmlrpcval(array('name' => new xmlrpcval('Notification - Replies', 'base64'), 'value' => new xmlrpcval($row['subscribe'] ? 'On' : 'Off', 'base64')), 'struct'));
}
}
$user_avatar_url = get_user_avatar_url($member['user_avatar'], $member['user_avatar_type']);
// Forum info
$sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id
FROM ' . FORUMS_TABLE . '
ORDER BY left_id ASC';
$result = $db->sql_query($sql, 600);
$forum_data = array();
while ($row = $db->sql_fetchrow($result)) {
$forum_data[$row['forum_id']] = $row;
}
$db->sql_freeresult($result);
// get user current activity
preg_match('#^([a-z0-9/_-]+)#i', $member['session_page'], $on_page);
if (!sizeof($on_page)) {
$on_page[1] = '';
}
switch ($on_page[1]) {
case 'index':
$location = $user->lang['INDEX'];
break;
case 'adm/index':
$location = $user->lang['ACP'];
break;
case 'posting':
case 'viewforum':
case 'viewtopic':
$forum_id = $member['session_forum_id'];
if ($forum_id && $auth->acl_get('f_list', $forum_id)) {
$location = '';
if ($forum_data[$forum_id]['forum_type'] == FORUM_LINK) {
$location = sprintf($user->lang['READING_LINK'], $forum_data[$forum_id]['forum_name']);
break;
}
switch ($on_page[1]) {
case 'posting':
preg_match('#mode=([a-z]+)#', $member['session_page'], $on_page);
$posting_mode = !empty($on_page[1]) ? $on_page[1] : '';
switch ($posting_mode) {
case 'reply':
case 'quote':
$location = sprintf($user->lang['REPLYING_MESSAGE'], $forum_data[$forum_id]['forum_name']);
break;
default:
$location = sprintf($user->lang['POSTING_MESSAGE'], $forum_data[$forum_id]['forum_name']);
break;
}
break;
case 'viewtopic':
$location = sprintf($user->lang['READING_TOPIC'], $forum_data[$forum_id]['forum_name']);
break;
case 'viewforum':
$location = sprintf($user->lang['READING_FORUM'], $forum_data[$forum_id]['forum_name']);
break;
}
} else {
$location = $user->lang['INDEX'];
}
break;
case 'search':
$location = $user->lang['SEARCHING_FORUMS'];
break;
case 'faq':
$location = $user->lang['VIEWING_FAQ'];
break;
case 'viewonline':
$location = $user->lang['VIEWING_ONLINE'];
break;
case 'memberlist':
$location = strpos($member['session_page'], 'mode=viewprofile') !== false ? $user->lang['VIEWING_MEMBER_PROFILE'] : $user->lang['VIEWING_MEMBERS'];
break;
case 'mcp':
$location = $user->lang['VIEWING_MCP'];
break;
case 'ucp':
$location = $user->lang['VIEWING_UCP'];
// Grab some common modules
$url_params = array('mode=register' => 'VIEWING_REGISTER', 'i=pm&mode=compose' => 'POSTING_PRIVATE_MESSAGE', 'i=pm&' => 'VIEWING_PRIVATE_MESSAGES', 'i=profile&' => 'CHANGING_PROFILE', 'i=prefs&' => 'CHANGING_PREFERENCES');
foreach ($url_params as $param => $lang) {
if (strpos($member['session_page'], $param) !== false) {
$location = $user->lang[$lang];
break;
}
}
break;
case 'download/file':
$location = $user->lang['DOWNLOADING_FILE'];
break;
case 'report':
$location = $user->lang['REPORTING_POST'];
break;
case 'mobiquo/mobiquo':
$location = 'On Tapatalk';
break;
default:
$location = $user->lang['INDEX'];
break;
}
$user_info = array('user_id' => new xmlrpcval($member['user_id']), 'username' => new xmlrpcval(basic_clean($member['username']), 'base64'), 'user_type' => check_return_user_type($member['username']), 'post_count' => new xmlrpcval($member['user_posts'], 'int'), 'reg_time' => new xmlrpcval(mobiquo_iso8601_encode($member['user_regdate']), 'dateTime.iso8601'), 'timestamp_reg' => new xmlrpcval($member['user_regdate'], 'string'), 'last_activity_time' => new xmlrpcval(mobiquo_iso8601_encode($template->_rootref['VISITED']), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval($template->_rootref['VISITED'], 'string'), 'is_online' => new xmlrpcval($template->_rootref['S_ONLINE'], 'boolean'), 'accept_pm' => new xmlrpcval($template->_rootref['U_PM'] ? true : false, 'boolean'), 'display_text' => new xmlrpcval('', 'base64'), 'icon_url' => new xmlrpcval($user_avatar_url), 'current_activity' => new xmlrpcval($location, 'base64'), 'custom_fields_list' => new xmlrpcval($custom_fields_list, 'array'));
$xmlrpc_user_info = new xmlrpcval($user_info, 'struct');
return new xmlrpcresp($xmlrpc_user_info);
}
<?php
define('IN_MOBIQUO', 1);
define('IN_PHPBB', true);
//error_reporting(0);
$forum_root = dirname(dirname(__FILE__));
$mobiquo_root = dirname(__FILE__);
if (!$forum_root) {
$forum_root = '.';
}
if (!$mobiquo_root) {
$mobiquo_root = '.';
}
include $mobiquo_root . '/config/config.php';
include $forum_root . '/common.' . $phpEx;
require_once $mobiquo_root . '/mobiquo_common.php';
if (!empty($_GET['user_id'])) {
$uid = intval($_GET['user_id']);
} else {
if (!empty($_GET['username'])) {
$_GET['username'] = base64_decode($_GET['username']);
$_GET['username'] = trim($_GET['username']);
$uid = get_user_id_by_name($_GET['username']);
} else {
die('Invalid params!');
}
}
$phpbb_home = generate_board_url() . '/';
$user_info = tt_get_user_by_id($uid);
$icon_url = get_user_avatar_url($user_info['user_avatar'], $user_info['user_avatar_type']);
header("Location:{$icon_url}");
} else {
if ($topic_id) {
$sql = 'SELECT forum_id, topic_first_post_id
FROM ' . TOPICS_TABLE . "\r\r\n WHERE topic_id = {$topic_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$_REQUEST['f'] = $forum_id = (int) $row['forum_id'];
if ($request_method == 'm_approve_topic') {
$_REQUEST['post_id_list'] = array($row['topic_first_post_id']);
}
}
}
// transform username to ban id and delete the users's posts
if ($request_method == 'm_ban_user' && $request_params[1] == 2) {
$ban_userid = get_user_id_by_name($request_params[0]);
//judge the user post num is or not > 50
$sql = "SELECT COUNT(*) AS tp_count FROM " . POSTS_TABLE . " p WHERE p.poster_id = '" . $ban_userid . "'";
$result = $db->sql_query($sql);
$countRow = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($countRow['tp_count'] > 50) {
trigger_error('USER_POSTS_NUM GERATER THAN 50');
} else {
$sql = "SELECT post_id,topic_id,forum_id FROM " . POSTS_TABLE . " p WHERE p.poster_id = '" . $ban_userid . "'";
$result1 = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result1)) {
$sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u\r\r\n\t\t\t\tWHERE p.post_id = '" . $row['post_id'] . "'\r\r\n\t\t\t\t\tAND t.topic_id = p.topic_id\r\r\n\t\t\t\t\tAND u.user_id = p.poster_id\r\r\n\t\t\t\t\tAND (f.forum_id = t.forum_id\r\r\n\t\t\t\t\t\tOR f.forum_id = '" . $row['forum_id'] . "')" . ($auth->acl_get('m_approve', $row['forum_id']) ? '' : 'AND p.post_approved = 1');
$result2 = $db->sql_query($sql);
$post_data = $db->sql_fetchrow($result2);
function check_return_user_type($username)
{
global $db;
$session = new user();
$user_id = get_user_id_by_name($username);
if (empty($user_id)) {
$user_id = 0;
}
$sql = "SELECT group_name FROM " . USER_GROUP_TABLE . " AS ug LEFT JOIN " . GROUPS_TABLE . " AS g ON ug.group_id = g.group_id WHERE user_id = " . $user_id;
$query = $db->sql_query($sql);
$is_ban = $session->check_ban($user_id);
$user_groups = array();
while ($row = $db->sql_fetchrow($query)) {
$user_groups[] = $row['group_name'];
}
if (!empty($is_ban)) {
$user_type = 'banned';
} else {
if (in_array('ADMINISTRATORS', $user_groups)) {
$user_type = 'admin';
} else {
if (in_array('GLOBAL_MODERATORS', $user_groups)) {
$user_type = 'mod';
} else {
$user_type = 'normal';
}
}
}
return new xmlrpcval(basic_clean($user_type), 'base64');
}
function login_func($xmlrpc_params)
{
global $auth, $user, $config, $db, $phpbb_root_path, $phpEx;
$params = php_xmlrpc_decode($xmlrpc_params);
$user->setup('ucp');
$username = $username_orgin = $params[0];
$password = $params[1];
$viewonline = isset($params[2]) ? !$params[2] : 1;
$push = isset($params[3]) ? intval($params[3]) : 1;
set_var($username, $username, 'string', true);
set_var($password, $password, 'string', true);
header('Set-Cookie: mobiquo_a=0');
header('Set-Cookie: mobiquo_b=0');
header('Set-Cookie: mobiquo_c=0');
if (!get_user_id_by_name($username_orgin)) {
$status = 2;
$response = new xmlrpcval(array('result' => new xmlrpcval(0, 'boolean'), 'result_text' => new xmlrpcval('username is not exist', 'base64'), 'status' => new xmlrpcval($status, 'string')), 'struct');
return new xmlrpcresp($response);
}
$config['max_login_attempts'] = 20;
$config['ip_login_limit_max'] = 50;
$login_result = $auth->login($username, $password, true, $viewonline);
$usergroup_id = array();
if ($login_result['status'] == LOGIN_SUCCESS) {
$auth->acl($user->data);
//add tapatalk_users here,for push service
if (push_table_exists()) {
global $table_prefix;
$sql = "SELECT * FROM " . $table_prefix . "tapatalk_users where userid = '" . $user->data['user_id'] . "'";
$result = $db->sql_query($sql);
$userInfo = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$time = time();
if (empty($userInfo)) {
$sql_data[$table_prefix . "tapatalk_users"]['sql'] = array('userid' => $user->data['user_id'], 'announcement' => 1, 'pm' => 1, 'subscribe' => 1, 'quote' => 1, 'tag' => 1, 'newtopic' => 1, 'updated' => time());
$sql = 'INSERT INTO ' . $table_prefix . "tapatalk_users" . ' ' . $db->sql_build_array('INSERT', $sql_data[$table_prefix . "tapatalk_users"]['sql']);
$db->sql_query($sql);
}
if ($push == 1) {
$sql = 'UPDATE ' . $table_prefix . "tapatalk_users SET announcement = '1',pm='1',\r\r\n\t\t\t\tsubscribe = '1',quote = '1',tag = '1',newtopic='1' ,updated= '" . time() . "'\r\r\n\t\t\t\tWHERE userid = '" . $user->data['user_id'] . "'";
} else {
$sql = 'UPDATE ' . $table_prefix . "tapatalk_users SET announcement = '0',pm='0',\r\r\n\t\t\t\tsubscribe = '0',quote = '0',tag = '0',newtopic='0' ,updated= '" . time() . "'\r\r\n\t\t\t\tWHERE userid = '" . $user->data['user_id'] . "'";
}
}
// Compatibility with mod NV who was here
if (file_exists($phpbb_root_path . 'includes/mods/who_was_here.' . $phpEx)) {
include_once $phpbb_root_path . 'includes/mods/who_was_here.' . $phpEx;
if (class_exists('phpbb_mods_who_was_here') && method_exists('phpbb_mods_who_was_here', 'update_session')) {
@phpbb_mods_who_was_here::update_session();
}
}
} else {
$error_msg = str_replace('%s', '', strip_tags($user->lang[$login_result['error_msg']]));
return new xmlrpcresp(new xmlrpcval(array('result' => new xmlrpcval(false, 'boolean'), 'result_text' => new xmlrpcval($error_msg, 'base64')), 'struct'));
}
if ($config['max_attachments'] == 0) {
$config['max_attachments'] = 100;
}
$usergroup_id[] = new xmlrpcval($user->data['group_id']);
$can_readpm = $config['allow_privmsg'] && $auth->acl_get('u_readpm') && ($user->data['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'));
$can_sendpm = $config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user->data['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'));
$can_upload = $config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && (function_exists('phpbb_is_writable') ? phpbb_is_writable($phpbb_root_path . $config['avatar_path']) : 1) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false;
$can_search = $auth->acl_get('u_search') && $auth->acl_getf_global('f_search') && $config['load_search'];
$can_whosonline = $auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel');
$max_filesize = $config['max_filesize'] === '0' || $config['max_filesize'] > 10485760 ? 10485760 : $config['max_filesize'];
$userPushType = array('pm' => 1, 'newtopic' => 1, 'sub' => 1, 'tag' => 1, 'quote' => 1);
$push_type = array();
foreach ($userPushType as $name => $value) {
$push_type[] = new xmlrpcval(array('name' => new xmlrpcval($name, 'string'), 'value' => new xmlrpcval($value, 'boolean')), 'struct');
}
$response = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'user_id' => new xmlrpcval($user->data['user_id'], 'string'), 'username' => new xmlrpcval(basic_clean($user->data['username']), 'base64'), 'email' => new xmlrpcval($user->data['user_email'], 'base64'), 'user_type' => check_return_user_type($user->data['username']), 'usergroup_id' => new xmlrpcval($usergroup_id, 'array'), 'ignored_uids' => new xmlrpcval(implode(',', tt_get_ignore_users($user->data['user_id'])), 'string'), 'icon_url' => new xmlrpcval(get_user_avatar_url($user->data['user_avatar'], $user->data['user_avatar_type']), 'string'), 'post_count' => new xmlrpcval($user->data['user_posts'], 'int'), 'can_pm' => new xmlrpcval($can_readpm, 'boolean'), 'can_send_pm' => new xmlrpcval($can_sendpm, 'boolean'), 'can_moderate' => new xmlrpcval($auth->acl_get('m_') || $auth->acl_getf_global('m_'), 'boolean'), 'max_attachment' => new xmlrpcval($config['max_attachments'], 'int'), 'max_png_size' => new xmlrpcval($max_filesize, 'int'), 'max_jpg_size' => new xmlrpcval($max_filesize, 'int'), 'can_search' => new xmlrpcval($can_search, 'boolean'), 'can_whosonline' => new xmlrpcval($can_whosonline, 'boolean'), 'can_upload_avatar' => new xmlrpcval($can_upload, 'boolean'), 'push_type' => new xmlrpcval($push_type, 'array')), 'struct');
return new xmlrpcresp($response);
}
