/**
* Code to run after Saving a Visitor Message
*
* @param boolean Do the query?
*/
function post_save_once($doquery = true)
{
$vmid = intval($this->fetch_field('vmid'));
if (!$this->condition) {
if ($this->fetch_field('userid')) {
$this->insert_dupehash($this->fetch_field('userid'));
}
}
if (!$this->info['profileuser']) {
$this->info['profileuser'] = fetch_userinfo($this->fetch_field('userid'));
}
if ($this->info['profileuser'] and !in_coventry($this->fetch_field('postuserid'), true)) {
$userdata =& datamanager_init('User', $this->registry, ERRTYPE_SILENT);
$userdata->set_existing($this->info['profileuser']);
if ($this->fetch_field('state') == 'visible') {
if (!$this->condition and !$this->fetch_field('messageread')) {
// new vm, not been read, visible -> increase unread count
$userdata->set('vmunreadcount', 'vmunreadcount + 1', false);
} else {
if ($this->condition and $this->fetch_field('messageread') and isset($this->existing['messageread']) and !$this->existing['messageread']) {
// existing vm going from unread to read -> decrease unread count
// isset() check ensures that messageread info was explicitly passed in
$userdata->set('vmunreadcount', 'vmunreadcount - 1', false);
}
}
}
if ($this->fetch_field('state') == 'visible' and $this->existing['state'] == 'moderation') {
// moderated message made visible -> decrease moderated count
$userdata->set('vmmoderatedcount', 'vmmoderatedcount - 1', false);
} else {
if ($this->fetch_field('state') == 'moderation' and $this->fetch_field('state') != $this->existing['state']) {
// message is moderated and wasn't moderated before -> increase moderated count
$userdata->set('vmmoderatedcount', 'vmmoderatedcount + 1', false);
}
}
$userdata->save();
}
if ($this->fetch_field('state') == 'moderation') {
/*insert query*/
$this->dbobject->query_write("\n\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "moderation\n\t\t\t\t\t(primaryid, type, dateline)\n\t\t\t\tVALUES\n\t\t\t\t\t({$vmid}, 'visitormessage', " . TIMENOW . ")\n\t\t\t");
} else {
if ($this->fetch_field('state') == 'visible' and $this->existing['state'] == 'moderation') {
// message was made visible, remove the moderation record
$this->dbobject->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "moderation\n\t\t\t\tWHERE primaryid = {$vmid} AND type = 'visitormessage'\n\t\t\t");
}
}
($hook = vBulletinHook::fetch_hook('visitormessagedata_postsave')) ? eval($hook) : false;
}
}
($hook = vBulletinHook::fetch_hook('misc_showattachments_start')) ? eval($hook) : false;
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
print_no_permission();
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or !$vbulletin->userinfo['userid'])) {
print_no_permission();
}
$attachs = $db->query_read_slave("\n\t\tSELECT attachment.*\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tINNER JOIN " . TABLE_PREFIX . "attachment AS attachment ON (attachment.postid=post.postid AND attachment.visible=1)\n\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\tAND post.visible = 1\n\t\tORDER BY filename DESC\n\t");
if ($db->num_rows($attachs)) {
require_once DIR . '/includes/functions_bigthree.php';
while ($attachment = $db->fetch_array($attachs)) {
// hide users in Coventry
$ast = '';
if (in_coventry($attachment['userid']) and !can_moderate($threadinfo['forumid'])) {
continue;
}
$attachment['filename'] = fetch_censored_text(htmlspecialchars_uni($attachment['filename']));
$attachment['attachmentextension'] = strtolower(file_extension($attachment['filename']));
$attachment['filesize'] = vb_number_format($attachment['filesize'], 1, true);
exec_switch_bg();
eval('$attachments .= "' . fetch_template('attachmentbit') . '";');
}
($hook = vBulletinHook::fetch_hook('misc_showattachments_complete')) ? eval($hook) : false;
eval('print_output("' . fetch_template('ATTACHMENTS') . '");');
} else {
eval(standard_error(fetch_error('noattachments')));
}
}
// ############################### start show avatars ###############################
/**
* Fetches and prepares posts for quoting. Returned text is BB code.
*
* @param array Array of post IDs to pull from
* @param integer The ID of the thread that is being quoted into
* @param integer Returns the number of posts that were unquoted because of the value of the next argument
* @param array Returns the IDs of the posts that were actually quoted
* @param string Controls what posts are successfully quoted: all, only (only the thread ID), other (only other thread IDs)
* @param boolean Whether to undo the htmlspecialchars calls; useful when returning HTML to be entered via JS
*/
function fetch_quotable_posts($quote_postids, $threadid, &$unquoted_posts, &$quoted_post_ids, $limit_thread = 'only', $unhtmlspecialchars = false)
{
global $vbulletin;
$unquoted_posts = 0;
$quoted_post_ids = array();
$quote_postids = array_diff_assoc(array_unique(array_map('intval', $quote_postids)), array(0));
// limit to X number of posts
if ($vbulletin->options['mqlimit'] > 0) {
$quote_postids = array_slice($quote_postids, 0, $vbulletin->options['mqlimit']);
}
if (empty($quote_postids)) {
// nothing to quote
return '';
}
$hook_query_fields = $hook_query_joins = '';
($hook = vBulletinHook::fetch_hook('quotable_posts_query')) ? eval($hook) : false;
$quote_post_data = $vbulletin->db->query_read_slave("\n\t\tSELECT post.postid, post.title, post.pagetext, post.dateline, post.userid, post.visible AS postvisible,\n\t\t\tIF(user.username <> '', user.username, post.username) AS username,\n\t\t\tthread.threadid, thread.title AS threadtitle, thread.postuserid, thread.visible AS threadvisible,\n\t\t\tforum.forumid, forum.password\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid)\n\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid)\n\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON (thread.forumid = forum.forumid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid IN (" . implode(',', $quote_postids) . ")\n\t");
$quote_posts = array();
while ($quote_post = $vbulletin->db->fetch_array($quote_post_data)) {
if ((!$quote_post['postvisible'] or $quote_post['postvisible'] == 2) and !can_moderate($quote_post['forumid']) or (!$quote_post['threadvisible'] or $quote_post['threadvisible'] == 2) and !can_moderate($quote_post['forumid'])) {
// no permission to view this post
continue;
}
$forumperms = fetch_permissions($quote_post['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($quote_post['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($quote_post['forumid'], $quote_post['password'], false) or in_coventry($quote_post['postuserid']) and !can_moderate($quote_post['forumid']) or in_coventry($quote_post['userid']) and !can_moderate($quote_post['forumid'])) {
// no permission to view this post
continue;
}
if ($limit_thread == 'only' and $quote_post['threadid'] != $threadid or $limit_thread == 'other' and $quote_post['threadid'] == $threadid or $limit_thread == 'all') {
$unquoted_posts++;
continue;
}
$skip_post = false;
($hook = vBulletinHook::fetch_hook('quotable_posts_logic')) ? eval($hook) : false;
if ($skip_post) {
continue;
}
$quote_posts["{$quote_post['postid']}"] = $quote_post;
}
$message = '';
foreach ($quote_postids as $quote_postid) {
if (!isset($quote_posts["{$quote_postid}"])) {
continue;
}
$quote_post =& $quote_posts["{$quote_postid}"];
$originalposter = fetch_quote_username($quote_post['username'] . ";{$quote_post['postid']}");
$postdate = vbdate($vbulletin->options['dateformat'], $quote_post['dateline']);
$posttime = vbdate($vbulletin->options['timeformat'], $quote_post['dateline']);
$pagetext = htmlspecialchars_uni($quote_post['pagetext']);
$pagetext = trim(strip_quotes($pagetext));
($hook = vBulletinHook::fetch_hook('newreply_quote')) ? eval($hook) : false;
eval('$message .= "' . fetch_template('newpost_quote', 0, false) . '\\n";');
$quoted_post_ids[] = $quote_postid;
}
if ($unhtmlspecialchars) {
$message = unhtmlspecialchars($message);
}
return $message;
}
function post_save_each($doquery = true)
{
$blogid = intval($this->fetch_field('blogid'));
$blogtextid = intval($this->fetch_field('blogtextid'));
$userid = intval($this->fetch_field('userid'));
$this->post_save_each_blogtext($doquery);
require_once(DIR . '/vb/search/indexcontroller/queue.php');
vb_Search_Indexcontroller_Queue::indexQueue('vBBlog', 'BlogComment', 'index', $blogtextid);
require_once(DIR . '/vb/search/indexcontroller/queue.php');
vb_Search_Indexcontroller_Queue::indexQueue('vBBlog', 'BlogComment', 'index', $blogtextid);
if ($this->info['blog'] AND ($attach = intval($this->info['newattach']) OR !$this->condition))
{
// things that apply to a new comment and an edit
$blog =& datamanager_init('Blog', $this->registry, ERRTYPE_SILENT, 'blog');
$blog->set_existing($this->info['blog']);
if ($attach)
{
$blog->set('attach', "attach + $attach", false);
}
}
if (!$this->condition)
{ // things that apply just to a new comment
if ($this->fetch_field('dateline') == TIMENOW)
{
$this->insert_dupehash($this->fetch_field('blogid'));
}
if ($this->fetch_field('state') == 'visible' AND $this->info['blog'] AND $this->info['blog']['state'] == 'visible')
{
$blog->set('comments_visible', 'comments_visible + 1', false);
if (in_coventry($userid, true))
{
// posted by someone in coventry, so don't update the blog last post time
// just put it in this person's tachy last post table
$replaceval = "$userid,
$blogid,
" . intval(TIMENOW) . ",
'" . $this->dbobject->escape_string($this->fetch_field('username')) . "',
$blogtextid
";
$this->dbobject->query_write("
REPLACE INTO " . TABLE_PREFIX . "blog_tachyentry
(userid, blogid, lastcomment, lastcommenter, lastblogtextid)
VALUES
($replaceval)
");
}
else
{
$blog->set('lastcomment', TIMENOW);
$blog->set('lastcommenter', $this->fetch_field('username'));
$blog->set('lastblogtextid', $blogtextid);
// empty out the tachy posts for this blog
$this->dbobject->query_write("
DELETE FROM " . TABLE_PREFIX . "blog_tachyentry
WHERE blogid = $blogid
");
// Send Email Notification
if ($this->registry->options['enableemail'])
{
$lastposttime = $this->dbobject->query_first("
SELECT MAX(dateline) AS dateline
FROM " . TABLE_PREFIX . "blog_text AS blog_text
WHERE blogid = $blogid
AND dateline < " . $this->fetch_field('dateline') . "
AND state = 'visible'
");
$entrytitle = unhtmlspecialchars($this->info['blog']['title']);
if (defined('VBBLOG_PERMS') AND $this->registry->userinfo['userid'] == $this->info['blog']['userid'])
{
$blogtitle = unhtmlspecialchars($this->registry->userinfo['blog_title']);
$username = unhtmlspecialchars($this->registry->userinfo['username']);
$userinfo =& $this->registry->userinfo;
}
else
{
if (!defined('VBBLOG_PERMS'))
{ // Tell the fetch_userinfo plugin that we need the blog fields in case this class is being called by a non blog script
define('VBBLOG_PERMS', true);
}
$userinfo = fetch_userinfo($this->info['blog']['userid'], 1);
cache_permissions($userinfo, false);
$blogtitle = unhtmlspecialchars($userinfo['blog_title']);
if ($userinfo['userid'] != $this->fetch_field('userid'))
{
$userinfo2 = fetch_userinfo($this->fetch_field('userid'), 1);
$username = unhtmlspecialchars($userinfo2['username']);
}
else
{
$username = unhtmlspecialchars($userinfo['username']);
}
}
require_once(DIR . '/includes/class_bbcode_alt.php');
$plaintext_parser = new vB_BbCodeParser_PlainText($this->registry, fetch_tag_list());
$pagetext_cache = array(); // used to cache the results per languageid for speed
$pagetext_orig =& $this->fetch_field('pagetext');
($hook = vBulletinHook::fetch_hook('blog_post_notification_start')) ? eval($hook) : false;
$useremails = $this->dbobject->query_read_slave("
SELECT
user.*,
blog_subscribeentry.blogsubscribeentryid,
blog_moderator.blogmoderatorid,
ignored.relationid AS ignoreid,
buddy.relationid AS buddyid,
blog.categories,
blog.options
FROM " . TABLE_PREFIX . "blog_subscribeentry AS blog_subscribeentry
INNER JOIN " . TABLE_PREFIX . "user AS user ON (blog_subscribeentry.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "blog_moderator AS blog_moderator ON (blog_moderator.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "userlist AS buddy ON (buddy.userid = $userinfo[userid] AND buddy.relationid = user.userid AND buddy.type = 'buddy')
LEFT JOIN " . TABLE_PREFIX . "userlist AS ignored ON (ignored.userid = $userinfo[userid] AND ignored.relationid = user.userid AND ignored.type = 'ignore')
LEFT JOIN " . TABLE_PREFIX . "blog AS blog ON (blog.blogid = blog_subscribeentry.blogid)
WHERE blog_subscribeentry.blogid = $blogid AND
blog_subscribeentry.type = 'email' AND
user.usergroupid <> 3 AND
user.userid <> " . intval($userid) . " AND
user.lastactivity >= " . intval($lastposttime['dateline']) . "
");
vbmail_start();
$evalemail = array();
while ($touser = $this->dbobject->fetch_array($useremails))
{
if (!($this->registry->usergroupcache["$touser[usergroupid]"]['genericoptions'] & $this->registry->bf_ugp_genericoptions['isnotbannedgroup']))
{
continue;
}
cache_permissions($touser, false);
// Check if entry is private, only send to blog owner, contacts, and moderators if so
if ($touser['options'] & $this->bitfields['options']['private'] AND !$touser['blogmoderatorid'] AND !$touser['buddyid'] AND !is_member_of_blog($touser, $userinfo))
{
continue;
}
prepare_blog_category_permissions($touser);
$entrycats = explode(',', $touser['categories']);
if (array_intersect($touser['blogcategorypermissions']['cantview'], $entrycats) AND $userinfo['userid'] != $touser['userid'])
{
continue;
}
else if ($userinfo['userid'] != $touser['userid'] AND !($touser['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
{
continue;
}
else if ($userinfo['userid'] == $touser['userid'] AND !($touser['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewown']))
{
continue;
}
else if (
!$touser['blogmoderatorid']
AND
!($touser['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'])
AND
!($touser['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['ismoderator'])
AND
(!$userinfo['ignore_canviewmyblog'] OR !$touser['ignoreid'])
AND
(!$userinfo['buddy_canviewmyblog'] OR !$touser['buddyid'])
AND
(!$userinfo['member_canviewmyblog'] OR (!$userinfo['buddy_canviewmyblog'] AND $touser['budyid']) OR (!$userinfo['ignore_canviewmyblog'] AND $touser['ignoreid']))
AND
!is_member_of_blog($touser, $userinfo)
)
{
continue;
}
$touser['username'] = unhtmlspecialchars($touser['username']);
$touser['languageid'] = iif($touser['languageid'] == 0, $this->registry->options['languageid'], $touser['languageid']);
$touser['auth'] = md5($touser['userid'] . $touser['blogsubscribeentryid'] . $touser['salt'] . COOKIE_SALT);
if (empty($evalemail))
{
$email_texts = $this->dbobject->query_read_slave("
SELECT text, languageid, fieldname
FROM " . TABLE_PREFIX . "phrase
WHERE fieldname IN ('emailsubject', 'emailbody') AND varname = 'blog_entry_notify'
");
while ($email_text = $this->dbobject->fetch_array($email_texts))
{
$emails["$email_text[languageid]"]["$email_text[fieldname]"] = $email_text['text'];
}
require_once(DIR . '/includes/functions_misc.php');
foreach ($emails AS $languageid => $email_text)
{
// lets cycle through our array of notify phrases
$text_message = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailbody']), $emails['-1']['emailbody'], $email_text['emailbody'])));
$text_message = replace_template_variables($text_message);
$text_subject = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailsubject']), $emails['-1']['emailsubject'], $email_text['emailsubject'])));
$text_subject = replace_template_variables($text_subject);
$evalemail["$languageid"] = '
$message = "' . $text_message . '";
$subject = "' . $text_subject . '";
';
}
}
// parse the page text into plain text, taking selected language into account
if (!isset($pagetext_cache["$touser[languageid]"]))
{
$plaintext_parser->set_parsing_language($touser['languageid']);
$pagetext_cache["$touser[languageid]"] = $plaintext_parser->parse($pagetext_orig);
}
$pagetext = $pagetext_cache["$touser[languageid]"];
($hook = vBulletinHook::fetch_hook('blog_post_notification_message')) ? eval($hook) : false;
eval(iif(empty($evalemail["$touser[languageid]"]), $evalemail["-1"], $evalemail["$touser[languageid]"]));
vbmail($touser['email'], $subject, $message);
}
unset($plaintext_parser, $pagetext_cache);
vbmail_end();
}
}
}
else if ($this->fetch_field('state') == 'moderation' AND $this->info['blog'])
{
$blog->set('comments_moderation', 'comments_moderation + 1', false);
}
}
if ($this->condition AND $this->info['emailupdate'] == 'none' AND ($userid != $this->registry->userinfo['userid'] OR ($userid == $this->registry->userinfo['userid'] AND $this->info['blog']['entrysubscribed'])))
{
$this->dbobject->query_write("
DELETE FROM " . TABLE_PREFIX . "blog_subscribeentry
WHERE blogid = $blogid AND userid = $userid
");
}
else if ($this->info['emailupdate'] == 'email' OR $this->info['emailupdate'] == 'usercp')
{
$this->dbobject->query_write("
REPLACE INTO " . TABLE_PREFIX . "blog_subscribeentry
(blogid, dateline, type, userid)
VALUES
($blogid, " . TIMENOW . ", '" . $this->info['emailupdate'] . "', $userid)
");
}
if (is_object($blog))
{
$blog->save();
}
if (!$this->condition)
{
if ($this->fetch_field('state') == 'moderation' AND $this->info['blog'])
{
$blogman =& datamanager_init('Blog_User', $this->registry, ERRTYPE_SILENT);
$userinfo = array('bloguserid' => $this->info['blog']['userid']);
$blogman->set_existing($userinfo);
$blogman->set('comments_moderation', 'comments_moderation + 1', false);
$blogman->save();
}
}
if ($this->fetch_field('state') == 'moderation')
{
/*insert query*/
$this->dbobject->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "blog_moderation (primaryid, type, dateline) VALUES ($blogtextid, 'blogtextid', " . TIMENOW . ")");
}
// Email blog owner here based on their settings
($hook = vBulletinHook::fetch_hook('blog_textdata_postsave')) ? eval($hook) : false;
}
/**
* Prepares the User's last post information
*
*/
function prepare_lastpost()
{
global $show, $vbphrase;
$this->prepared['lastposttitle'] = '';
if ($this->registry->options['profilelastpost'] and $this->userinfo['lastpost'] and !in_coventry($this->userinfo['userid'])) {
if ($this->userinfo['lastpostid'] and $getlastpost = $this->registry->db->query_first_slave("\n\t\t\t\tSELECT thread.title, thread.threadid, thread.forumid, post.postid, post.dateline\n\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\t\tWHERE post.postid = " . $this->userinfo['lastpostid'] . "\n\t\t\t\t\tAND post.visible = 1\n\t\t\t\t\tAND thread.visible = 1\n\t\t\t")) {
$getperms = fetch_permissions($getlastpost['forumid']);
if ($getperms & $this->registry->bf_ugp_forumpermissions['canview']) {
$this->prepared['lastposttitle'] = $getlastpost['title'];
$this->prepared['lastposturl'] = 'showthread.php?' . $this->registry->session->vars['sessionurl'] . "p={$getlastpost['postid']}#post{$getlastpost['postid']}";
$this->prepared['lastpostdate'] = vbdate($this->registry->options['dateformat'], $getlastpost['dateline'], true);
$this->prepared['lastposttime'] = vbdate($this->registry->options['timeformat'], $getlastpost['dateline']);
}
}
if ($this->prepared['lastposttitle'] === '') {
$getlastposts = $this->registry->db->query_read_slave("\n\t\t\t\t\tSELECT thread.title, thread.threadid, thread.forumid, post.postid, post.dateline\n\t\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\t\t\tWHERE thread.visible = 1\n\t\t\t\t\t\tAND post.userid = " . $this->userinfo['userid'] . "\n\t\t\t\t\t\tAND post.visible = 1\n\t\t\t\t\tORDER BY post.dateline DESC\n\t\t\t\t\tLIMIT 20\n\t\t\t\t");
while ($getlastpost = $this->registry->db->fetch_array($getlastposts)) {
$getperms = fetch_permissions($getlastpost['forumid']);
if ($getperms & $this->registry->bf_ugp_forumpermissions['canview']) {
$this->prepared['lastposttitle'] = $getlastpost['title'];
$this->prepared['lastposturl'] = 'showthread.php?' . $this->registry->session->vars['sessionurl'] . "p={$getlastpost['postid']}#post{$getlastpost['postid']}";
$this->prepared['lastpostdate'] = vbdate($this->registry->options['dateformat'], $getlastpost['dateline'], true);
$this->prepared['lastposttime'] = vbdate($this->registry->options['timeformat'], $getlastpost['dateline']);
break;
}
}
}
}
$this->prepared['lastpost'] = true;
}
/**
* Determines whether the post should actually be displayed.
*
* @return bool True if the post should be displayed; false otherwise
*/
function is_displayable()
{
// hide users in Coventry from non-staff members
if ($tachyuser = in_coventry($this->post['userid']) AND !can_moderate($this->thread['forumid']))
{
return false;
}
return true;
}
/**
* Create a message object for the specified message
*
* @param array message information
*
* @return vB_Visitor_Message
*/
function &create($message, $type = '')
{
$class_name = 'vB_Visitor_Message_';
if ($type)
{
$class_name .= $type . '_';
}
switch ($message['state'])
{
case 'deleted':
$class_name .= 'Deleted';
break;
case 'moderation':
case 'visible':
default:
{
if (in_coventry($message['userid']) AND !empty($message['ignored']))
{
$class_name .= 'Global_Ignored';
}
else if (!empty($message['ignored']))
{
$class_name .= 'Ignored';
}
else
{
$class_name .= 'Message';
}
}
}
($hook = vBulletinHook::fetch_hook('visitor_messagebit_factory')) ? eval($hook) : false;
if (class_exists($class_name, false))
{
return new $class_name($this->registry, $this, $this->bbcode, $this->userinfo, $message);
}
else
{
trigger_error('vB_Visitor_MessageFactory::create(): Invalid type ' . htmlspecialchars_uni($class_name) . '.', E_USER_ERROR);
}
}
$pagenum = $vbulletin->GPC['pagenumber'] > 0 ? $vbulletin->GPC['pagenumber'] : 1;
$maxpages = ceil($search['resultcount'] / $perpage);
if ($pagenum > $maxpages) {
$pagenum = $maxpages;
}
if (!$vbulletin->GPC['start']) {
$vbulletin->GPC['start'] = ($pagenum - 1) * $perpage;
$previous_results = $vbulletin->GPC['start'];
} else {
$previous_results = ($pagenum - 1) * $perpage;
}
$previouspage = $pagenum - 1;
$nextpage = $pagenum + 1;
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('blog_search_results_query')) ? eval($hook) : false;
$results = $db->query_read("\r\n\t\tSELECT blog.*, blog_searchresult.offset, IF(blog_user.title <> '', blog_user.title, blog.username) AS blogtitle\r\n\t\t" . (($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) ? "\r\n\t\t,IF(blog_tachyentry.userid IS NULL, blog.lastcomment, blog_tachyentry.lastcomment) AS lastcomment\r\n\t\t,IF(blog_tachyentry.userid IS NULL, blog.lastcommenter, blog_tachyentry.lastcommenter) AS lastcommenter\r\n\t\t,IF(blog_tachyentry.userid IS NULL, blog.lastblogtextid, blog_tachyentry.lastblogtextid) AS lastblogtextid\r\n\t\t" : "") . "\r\n\t\t\t{$hook_query_fields}\r\n\t\tFROM " . TABLE_PREFIX . "blog_searchresult AS blog_searchresult\r\n\t\tINNER JOIN " . TABLE_PREFIX . "blog AS blog ON (blog_searchresult.id = blog.blogid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "blog_user AS blog_user ON (blog_user.bloguserid = blog.userid)\r\n\t\t" . (($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) ? "\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "blog_tachyentry AS blog_tachyentry ON (blog_tachyentry.blogid = blog.blogid AND blog_tachyentry.userid = " . $vbulletin->userinfo['userid'] . ")\r\n\t\t" : "") . "\r\n\t\t{$hook_query_joins}\r\n\t\tWHERE blog_searchresult.blogsearchid = {$search['blogsearchid']}\r\n\t\t\tAND blog_searchresult.offset >= " . $vbulletin->GPC['start'] . "\r\n\t\t{$hook_query_where}\r\n\t\tORDER BY offset\r\n\t\tLIMIT {$perpage}\r\n\t");
$resultbits = '';
while ($blog = $db->fetch_array($results)) {
$canmoderation = (can_moderate_blog('canmoderatecomments') or $vbulletin->userinfo['userid'] == $blog['userid']);
$blog['trackbacks_total'] = $blog['trackback_visible'] + ($canmoderation ? $blog['trackback_moderation'] : 0);
$blog['comments_total'] = $blog['comments_visible'] + ($canmoderation ? $blog['comments_moderation'] : 0);
$blog['lastcommenter_encoded'] = urlencode($blog['lastcommenter']);
$blog['lastposttime'] = vbdate($vbulletin->options['timeformat'], $blog['lastcomment']);
$blog['lastpostdate'] = vbdate($vbulletin->options['dateformat'], $blog['lastcomment'], true);
$show['blogtitle'] = $blog['blogtitle'] != $blog['username'];
$templater = vB_Template::create('blog_search_results_result');
$templater->register('blog', $blog);
$resultbits .= $templater->render();
}
$next_result = $previous_results + $db->num_rows($results) + 1;
$show['next_page'] = $next_result <= $search['resultcount'];
/**
* Fetches the Picture Comment HTML for a single picture
*
* @param array Information regarding the picture
* @param array (return) Statistics regarding the messages shown
* @param integer The current page pumber
* @param integer The number of comments per page
* @param integer A specific comment ID to focus on (causes pagenumber to be ignored)
* @param boolean Whether to show ignored messages in their full
*
* @return string The HTML for the picture comments
*
*/
function fetch_picturecommentbits($pictureinfo, &$messagestats, &$pagenumber, &$perpage, $commentid = 0, $showignored = false)
{
global $vbulletin, $vbphrase, $show;
require_once(DIR . '/includes/class_bbcode.php');
require_once(DIR . '/includes/class_picturecomment.php');
if ($vbulletin->options['globalignore'] != '' AND !can_moderate(0, 'candeletepicturecomments') AND !can_moderate(0, 'canremovepicturecomments'))
{
require_once(DIR . '/includes/functions_bigthree.php');
$coventry = fetch_coventry('string');
}
$messagestats = array();
$state = array('visible');
$state_or = array();
if (fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo))
{
$state[] = 'moderation';
}
else if ($vbulletin->userinfo['userid'])
{
$state_or[] = "(picturecomment.postuserid = " . $vbulletin->userinfo['userid'] . " AND state = 'moderation')";
}
if (can_moderate(0, 'canmoderatepicturecomments') OR ($vbulletin->userinfo['userid'] == $pictureinfo['userid'] AND $vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canmanagepiccomment']))
{
$state[] = 'deleted';
$deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (picturecomment.commentid = deletionlog.primaryid AND deletionlog.type = 'picturecomment')";
}
else
{
$deljoinsql = '';
}
$state_or[] = "picturecomment.state IN ('" . implode("','", $state) . "')";
$perpage = (!$perpage OR $perpage > $vbulletin->options['pc_maxperpage']) ? $vbulletin->options['pc_perpage'] : $perpage;
if ($commentid AND $commentinfo = fetch_picturecommentinfo($pictureinfo['filedataid'], $pictureinfo['userid'], $commentid))
{
$getpagenum = $vbulletin->db->query_first("
SELECT COUNT(*) AS comments
FROM " . TABLE_PREFIX . "picturecomment AS picturecomment
WHERE
filedataid = $pictureinfo[filedataid]
AND
userid = $pictureinfo[userid]
AND
(" . implode(" OR ", $state_or) . ")
AND
dateline <= $commentinfo[dateline]
" . ($coventry ? "AND picturecomment.postuserid NOT IN (" . $coventry . ")" : '' ) . "
");
$pagenumber = ceil($getpagenum['comments'] / $perpage);
}
do
{
if (!$pagenumber)
{
$pagenumber = 1;
}
$start = ($pagenumber - 1) * $perpage;
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('picture_comment_query')) ? eval($hook) : false;
$messagebits = '';
$messages = $vbulletin->db->query_read("
SELECT SQL_CALC_FOUND_ROWS
picturecomment.*, user.*, picturecomment.ipaddress AS messageipaddress
" . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "
" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "
$hook_query_fields
FROM " . TABLE_PREFIX . "picturecomment AS picturecomment
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (picturecomment.postuserid = user.userid)
" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid)
LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "
$deljoinsql
$hook_query_joins
WHERE
picturecomment.filedataid = $pictureinfo[filedataid]
AND
picturecomment.userid = $pictureinfo[userid]
AND (" . implode(" OR ", $state_or) . ")
" . ($coventry ? "AND picturecomment.postuserid NOT IN (" . $coventry . ")" : '' ) . "
$hook_query_where
ORDER BY picturecomment.dateline
LIMIT $start, $perpage
");
list($messagestats['total']) = $vbulletin->db->query_first("SELECT FOUND_ROWS()", DBARRAY_NUM);
if ($start >= $messagestats['total'])
{
$pagenumber = ceil($messagestats['total'] / $perpage);
}
}
while ($start >= $messagestats['total'] AND $messagestats['total']);
$messagestats['start'] = $start + 1;
$messagestats['end'] = min($start + $perpage, $messagestats['total']);
$bbcode = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$factory = new vB_Picture_CommentFactory($vbulletin, $bbcode, $pictureinfo);
$messagebits = '';
$firstrecord = array();
$read_ids = array();
if ($vbulletin->userinfo['userid'] AND !$showignored)
{
$ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
}
else
{
$ignorelist = array();
}
while ($message = $vbulletin->db->fetch_array($messages))
{
if (!$firstrecord)
{
$firstrecord = $message;
}
if ($ignorelist AND in_array($message['postuserid'], $ignorelist))
{
$message['ignored'] = true;
}
if (!$showignored AND in_coventry($message['postuserid']))
{
$message['ignored'] = true;
}
$response_handler =& $factory->create($message);
$response_handler->cachable = false;
$messagebits .= $response_handler->construct();
if (!$message['messageread'] AND $message['state'] == 'visible' AND $pictureinfo['userid'] == $vbulletin->userinfo['userid'])
{
$read_ids[] = $message['commentid'];
}
$messagestats['lastcomment'] = $message['dateline'];
}
if ($pictureinfo['userid'] == $vbulletin->userinfo['userid'])
{
$readpcs = 0;
if (!empty($read_ids))
{
$readpcs = sizeof($read_ids);
$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "picturecomment SET messageread = 1 WHERE commentid IN (" . implode(',', $read_ids) . ")");
}
if ($vbulletin->userinfo['pcunreadcount'] - $readpcs > 0 AND $vbulletin->options['globalignore'] != '')
{
build_picture_comment_counters($vbulletin->userinfo['userid']);
}
else if ($readpcs)
{
$vbulletin->db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET
pcunreadcount = IF(pcunreadcount >= $readpcs, pcunreadcount - $readpcs, 0)
WHERE
userid = " . $vbulletin->userinfo['userid']
);
}
}
$messagestats['perpage'] = $perpage;
$show['delete'] = fetch_user_picture_message_perm('candeletemessages', $pictureinfo);
$show['undelete'] = fetch_user_picture_message_perm('canundeletemessages', $pictureinfo);
$show['approve'] = fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo);
$show['inlinemod'] = ($show['delete'] OR $show['undelete'] OR $show['approve']);
return $messagebits;
}
/**
* Fetches information about the selected custompage with permission checks
*
* @param integer The custompage we want info about
* @param string The type of customblock that we are working with (page or block)
* @param bool Should an error be displayed when block is not found
* @param bool Should a permission check be performed as well
*
* @return array Array of information about the custom page or prints an error if it doesn't exist / permission problems
*/
function verify_blog_customblock($customblockid, $type = null, $alert = true, $perm_check = true)
{
global $vbulletin, $vbphrase;
if (!($blockinfo = fetch_customblock_info($customblockid)))
{
if ($alert)
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
else
{
return 0;
}
}
else if ($type AND $blockinfo['type'] != $type)
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
$blockinfo['userinfo'] = verify_id('user', $blockinfo['userid'], 1, 1, 10);
if ($perm_check)
{
if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND empty($blockinfo['userinfo']['bloguserid']))
{
standard_error(fetch_error('blog_noblog', $blockinfo['userinfo']['username']));
}
if (!$blockinfo['userinfo']['canviewmyblog'])
{
print_no_permission();
}
if (in_coventry($blockinfo['userinfo']['userid']) AND !can_moderate_blog())
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
if ($vbulletin->userinfo['userid'] == $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']))
{
print_no_permission();
}
if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
{
// Can't view other's entries so off you go to your own blog.
exec_header_redirect("blog.php?$session[sessionurl]u=" . $vbulletin->userinfo['userid']);
}
}
return $blockinfo;
}
function get_article_comments($article, $associated_thread_id, $userinfo, &$pageno, &$perpage, &$total)
{
require_once DIR . '/includes/functions_misc.php';
require_once DIR . '/includes/functions.php';
require_once DIR . '/includes/functions_databuild.php';
require_once DIR . '/includes/functions_bigthree.php';
$posts_out = array();
fetch_phrase_group('posting');
$threadinfo = verify_id('thread', $associated_thread_id, 0, 1);
$foruminfo = verify_id('forum', $threadinfo['forumid'], 0, 1);
//First let's see if we have forum/thread view permissions. If not,
// we're done
if (!($permissions = can_view_thread($article->getNodeId(), $userinfo))) {
return array();
}
$forumperms = fetch_permissions($threadinfo['forumid']);
//Normally this thread will be wide open, so let's get the list first
// without checking. We'll verify each post anyway.
//get our results
$results = get_comments($permissions, $associated_thread_id);
$record_count = count($results);
if (!$results or !count($results)) {
return array();
}
//we accept the parameter "last" for pageno.
if ($pageno == FR_LAST_POST) {
$pageno = intval(($record_count + $perpage - 1) / $perpage);
$first = ($pageno - 1) * $perpage;
} else {
$pageno = max(1, intval($pageno));
$first = $perpage * ($pageno - 1);
}
//Let's trim off the results we need.
//This also tells us if we should show the "next" button.
$post_array = array_slice($results, $first, $perpage, true);
if (!$post_array) {
return array();
}
$firstpostid = false;
$displayed_dateline = 0;
if (vB::$vbulletin->options['threadmarking'] and vB::$vbulletin->userinfo['userid']) {
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - vB::$vbulletin->options['markinglimit'] * 86400);
} else {
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview) {
$threadview = vB::$vbulletin->userinfo['lastvisit'];
}
}
require_once DIR . '/includes/functions_user.php';
$show['inlinemod'] = false;
$postids = array();
$postids = ' post.postid in (' . implode(', ', $post_array) . ')';
$posts = vB::$vbulletin->db->query_read($sql = "\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t " . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n\t editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n\t editlog.reason AS edit_reason, editlog.hashistory,\n\t postparsed.pagetext_html, postparsed.hasimages,\n\t sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,\n\t customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight\n\t " . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "\n\t {$hook_query_fields}\n\t FROM " . TABLE_PREFIX . "post AS post\n\t LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t " . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t {$deljoin}\n\t LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)\n\t {$hook_query_joins}\n\t WHERE {$postids}\n\t ORDER BY post.dateline\n\t ");
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
vB::$vbulletin->options['attachthumbs'] = 0;
}
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
vB::$vbulletin->options['viewattachedimages'] = 0;
}
$postcount = count($postid_array);
$counter = 0;
$postbits = '';
vB::$vbulletin->noheader = true;
while ($post = vB::$vbulletin->db->fetch_array($posts)) {
if (!$privileges['can_moderate_forums']) {
if ($privileges['is_coventry'] or $post['visible'] == 2) {
continue;
}
}
// post/thread is deleted by moderator and we don't have permission to see it
if (!($post['visible'] or $privileges['can_moderate_posts'])) {
continue;
}
if (!intval($post['userid'])) {
$post['avatarid'] = false;
} else {
if (!$post['hascustomavatar']) {
if ($post['profilepic']) {
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
$post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile";
$post['avwidth'] = $post['ppwidth'];
$post['avheight'] = $post['ppheight'];
} else {
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
// explicity setting avatarurl to allow guests comments to show unknown avatar
$post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
$post['avwidth'] = 60;
$post['avheight'] = 60;
}
}
}
if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
continue;
}
if ($post['visible'] == 1 and !$tachyuser) {
++$counter;
if ($postorder) {
$post['postcount'] = --$postcount;
} else {
$post['postcount'] = ++$postcount;
}
}
if ($tachyuser) {
$fetchtype = 'post_global_ignore';
} else {
if ($ignore["{$post['userid']}"]) {
$fetchtype = 'post_ignore';
} else {
if ($post['visible'] == 2) {
$fetchtype = 'post_deleted';
} else {
$fetchtype = 'post';
}
}
}
if (vB::$vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
$fetchtype = 'post';
}
if (!$firstpostid) {
$firstpostid = $post['postid'];
}
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1);
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['attachments'] = $postattach["{$post['postid']}"];
$canedit = false;
if (!$threadinfo['isdeleted'] and !$post['isdeleted'] and (can_moderate($threadinfo['forumid'], 'caneditposts') or $threadinfo['open'] and $post['userid'] == vB::$vbulletin->userinfo['userid'] and $forumperms & vB::$vbulletin->bf_ugp_forumpermissions['caneditpost'] and ($post['dateline'] >= TIMENOW - vB::$vbulletin->options['edittimelimit'] * 60 or vB::$vbulletin->options['edittimelimit'] == 0))) {
$canedit = true;
}
// Get post date/time
$postdate = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], 1);
$posttime = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']);
$attachments = array();
$fr_images = array();
// Attachments (images).
if (count($post['attachments']) > 0) {
foreach ($post['attachments'] as $attachment) {
$lfilename = strtolower($attachment['filename']);
if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
$fr_images[] = array('img' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'], 'tmb' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1');
}
}
}
// Parse the post for quotes and inline images
list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], false);
if (count($fr_images) > 0) {
$text .= "<br/>";
foreach ($fr_images as $attachment) {
$text .= "<img src=\"{$attachment['img']}\"/>";
}
}
foreach ($images as $image) {
$fr_images[] = array('img' => $image);
}
$avatarurl = '';
// Avatar work
if (vB::$vbulletin->options['avatarenabled']) {
require_once DIR . '/includes/functions_user.php';
$userinfo = fetch_userinfo($post['userid'], FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfo);
if ($userinfo['avatarurl']) {
$avatarurl = process_avatarurl($userinfo['avatarurl']);
}
}
$tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'], 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images, 'image_thumbs' => array());
// Soft Deleted
if ($post['visible'] == 2) {
$tmp['deleted'] = true;
$tmp['del_username'] = prepare_utf8_string($post['del_username']);
if ($post['del_reason']) {
$tmp['del_reason'] = prepare_utf8_string($post['del_reason']);
}
} else {
$tmp['text'] = $text;
$tmp['quotable'] = $nuked_quotes;
if ($canedit) {
$tmp['canedit'] = true;
$tmp['edittext'] = prepare_utf8_string($post['pagetext']);
}
}
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
$posts_out[] = $tmp;
}
if ($LASTPOST['dateline'] > $displayed_dateline) {
$displayed_dateline = $LASTPOST['dateline'];
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
// Set thread last view
if ($displayed_dateline and $displayed_dateline > $threadview) {
mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
}
vB::$vbulletin->db->free_result($posts);
unset($post);
$total = $record_count;
return $posts_out;
}
$sql_or = array();
($hook = vBulletinHook::fetch_hook('blog_comments_start')) ? eval($hook) : false;
// Set Perpage .. this limits it to 10. Any reason for more?
if ($vbulletin->GPC['perpage'] == 0 or $vbulletin->GPC['perpage'] > $vbulletin->options['blog_commentsperpage']) {
$perpage = $vbulletin->options['blog_commentsperpage'];
} else {
$perpage = $vbulletin->GPC['perpage'];
}
if ($vbulletin->GPC['userid']) {
$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, 10);
cache_permissions($userinfo, false);
$show['entry_userinfo'] = false;
if (!$userinfo['canviewmyblog']) {
print_no_permission();
}
if (in_coventry($userinfo['userid']) and !can_moderate_blog()) {
standard_error(fetch_error('invalidid', $vbphrase['blog'], $vbulletin->options['contactuslink']));
}
if ($vbulletin->userinfo['userid'] == $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) {
print_no_permission();
}
if ($vbulletin->userinfo['userid'] != $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) {
if ($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) {
// Can't view other's entries so off you go to your own blog.
$bloginfo = array('userid' => $vbulletin->userinfo['userid'], 'title' => $vbulletin->userinfo['blog_title'] ? $vbulletin->userinfo['blog_title'] : $vbulletin->userinfo['username']);
exec_header_redirect(fetch_seo_url('blog|js', $bloginfo));
} else {
print_no_permission();
}
}
$sql_and[] = "blog_text.bloguserid = {$userinfo['userid']}";
/**
* Loads assorted show variables. Ideally, these would be used in templates,
* but sometimes they're used within code.
*/
public function load_show_variables()
{
parent::load_show_variables();
global $vbulletin, $show, $threadinfo, $foruminfo;
$show['foruminfo'] = (THIS_SCRIPT == 'forumdisplay' and $vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']);
if (THIS_SCRIPT == 'showthread' and $threadinfo['threadid']) {
if (!($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) or (!$threadinfo['visible'] and !can_moderate($foruminfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($foruminfo['forumid'])) or in_coventry($threadinfo['postuserid']) and !can_moderate($foruminfo['forumid']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
$show['threadinfo'] = false;
} else {
$show['threadinfo'] = true;
}
} else {
$show['threadinfo'] = false;
}
}
$start = ($pagenumber - 1) * $perpage;
$messages = $db->query_read_slave("\n\t(\n\t\tSELECT\n\t\t\tvisitormessage.*, visitormessage.dateline AS pmdateline, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t{$delsql1}\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "\n\t\t\t{$hook_query_fields1}\n\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t{$deljoinsql1}\n\t\t{$hook_query_joins1}\n\t\tWHERE " . implode(" AND ", $sql1) . "\n\t\t{$hook_query_where1}\n\t)\n\tUNION\n\t(\n\t\tSELECT\n\t\t\tvisitormessage.*, visitormessage.dateline AS pmdateline, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t" . ($deljoinsql2 ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "\n\t\t\t{$hook_query_fields2}\n\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t{$deljoinsql2}\n\t\t{$hook_query_joins2}\n\t\tWHERE " . implode(" AND ", $sql2) . "\n\t\t{$hook_query_where2}\n\t)\n\tORDER BY pmdateline DESC\n\tLIMIT {$start}, {$perpage}\n\t");
$messagetotal = $db->found_rows();
if ($start >= $messagetotal) {
$pagenumber = ceil($messagetotal / $perpage);
}
} while ($start >= $messagetotal and $messagetotal);
$block_data = array('messagestart' => $start + 1, 'messageend' => min($start + $perpage, $messagetotal), 'fromconverse' => 1);
$prepared = array('vm_total' => $messagetotal);
$bbcode = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$factory = new vB_Visitor_MessageFactory($vbulletin, $bbcode, $userinfo2);
$show['conversepage'] = true;
$block_data['messagebits'] = '';
$have_inlinemod = false;
while ($message = $db->fetch_array($messages)) {
if (in_coventry($message['postuserid']) and !$vbulletin->GPC['showignored']) {
$message['ignored'] = true;
}
if ($message['profileuserid'] == $vbulletin->userinfo['userid'] and $message['state'] == 'visible' and !$message['messageread']) {
$read_ids[] = $message['vmid'];
}
$response_handler =& $factory->create($message);
$response_handler->converse = false;
$response_handler->cachable = false;
$block_data['messagebits'] .= $response_handler->construct();
if ($show['inlinemod']) {
$have_inlinemod = true;
}
$block_data['lastcomment'] = !$block_data['lastcomment'] ? $message['dateline'] : $block_data['lastcomment'];
}
// our profile and ids that need read
function do_get_thread()
{
global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vault, $vbphrase;
$vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'password' => TYPE_STR, 'signature' => TYPE_BOOL));
if (empty($threadinfo['threadid'])) {
json_error(ERR_INVALID_THREAD);
}
$threadedmode = 0;
$threadid = $vbulletin->GPC['threadid'];
// Goto first unread post?
if ($vbulletin->GPC['pagenumber'] == FR_LAST_POST) {
$threadinfo = verify_id('thread', $threadid, 1, 1);
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
if (($tview = intval(fetch_bbarray_cookie('thread_lastview', $threadid))) > $vbulletin->userinfo['lastvisit']) {
$vbulletin->userinfo['lastvisit'] = $tview;
}
}
$coventry = fetch_coventry('string');
$posts = $db->query_first("\n\t SELECT MIN(postid) AS postid\n\t FROM " . TABLE_PREFIX . "post\n\t WHERE threadid = {$threadinfo['threadid']}\n\t AND visible = 1\n\t AND dateline > " . intval($vbulletin->userinfo['lastvisit']) . "\n\t " . ($coventry ? "AND userid NOT IN ({$coventry})" : "") . "\n\t LIMIT 1\n\t");
if ($posts['postid']) {
$postid = $posts['postid'];
} else {
$postid = $threadinfo['lastpostid'];
}
}
// *********************************************************************************
// workaround for header redirect issue from forms with enctype in IE
// (use a scrollIntoView javascript call in the <body> onload event)
$onload = '';
// *********************************************************************************
// set $perpage
$perpage = max(FR_MIN_PERPAGE, min($vbulletin->GPC['perpage'], FR_MAX_PERPAGE));
// FRNR
//$perpage = sanitize_maxposts($vbulletin->GPC['perpage']);
// *********************************************************************************
// set post order
if ($vbulletin->userinfo['postorder'] == 0) {
$postorder = '';
} else {
$postorder = 'DESC';
}
// *********************************************************************************
// get thread info
$thread = verify_id('thread', $threadid, 1, 1);
$threadinfo =& $thread;
($hook = vBulletinHook::fetch_hook('showthread_getinfo')) ? eval($hook) : false;
// *********************************************************************************
// check for visible / deleted thread
if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts') or $thread['isdeleted'] and !can_moderate($thread['forumid'])) {
json_error(ERR_INVALID_THREAD);
}
// *********************************************************************************
// Tachy goes to coventry
if (in_coventry($thread['postuserid']) and !can_moderate($thread['forumid'])) {
json_error(ERR_INVALID_THREAD);
}
// FRNR Start
// Check the forum password (set necessary cookies)
if ($vbulletin->GPC['password'] && $foruminfo['password'] == $vbulletin->GPC['password']) {
// set a temp cookie for guests
if (!$vbulletin->userinfo['userid']) {
set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']));
} else {
set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']), 1);
}
}
// FRNR End
// *********************************************************************************
// do word wrapping for the thread title
if ($vbulletin->options['wordwrap'] != 0) {
$thread['title'] = fetch_word_wrapped_string($thread['title']);
}
$thread['title'] = fetch_censored_text($thread['title']);
$thread['meta_description'] = strip_bbcode(strip_quotes($thread['description']), false, true);
$thread['meta_description'] = htmlspecialchars_uni(fetch_censored_text(fetch_trimmed_title($thread['meta_description'], 500, false)));
// *********************************************************************************
// words to highlight from the search engine
if (!empty($vbulletin->GPC['highlight'])) {
$highlight = preg_replace('#\\*+#s', '*', $vbulletin->GPC['highlight']);
if ($highlight != '*') {
$regexfind = array('\\*', '\\<', '\\>');
$regexreplace = array('[\\w.:@*/?=]*?', '<', '>');
$highlight = preg_quote(strtolower($highlight), '#');
$highlight = explode(' ', $highlight);
$highlight = str_replace($regexfind, $regexreplace, $highlight);
foreach ($highlight as $val) {
if ($val = trim($val)) {
$replacewords[] = htmlspecialchars_uni($val);
}
}
}
}
// *********************************************************************************
// make the forum jump in order to fill the forum caches
$navpopup = array('id' => 'showthread_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('thread', $threadinfo));
construct_quick_nav($navpopup);
// *********************************************************************************
// get forum info
$forum = fetch_foruminfo($thread['forumid']);
$foruminfo =& $forum;
// *********************************************************************************
// check forum permissions
$forumperms = fetch_permissions($thread['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
json_error(ERR_NO_PERMISSION);
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
json_error(ERR_NO_PERMISSION);
}
// *********************************************************************************
// check if there is a forum password and if so, ensure the user has it set
if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'])) {
// FRNR
json_error(ERR_NEED_PASSWORD, RV_NEED_FORUM_PASSWORD);
}
// verify that we are at the canonical SEO url
// and redirect to this if not
//verify_seo_url('thread|js', $threadinfo, array('pagenumber' => $_REQUEST['pagenumber']));
// *********************************************************************************
// jump page if thread is actually a redirect
if ($thread['open'] == 10) {
$destthreadinfo = fetch_threadinfo($threadinfo['pollid']);
exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo));
}
// *********************************************************************************
// get ignored users
$ignore = array();
if (trim($vbulletin->userinfo['ignorelist'])) {
$ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
foreach ($ignorelist as $ignoreuserid) {
$ignore["{$ignoreuserid}"] = 1;
}
}
DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore)));
// *********************************************************************************
// filter out deletion notices if can't be seen
if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'] or can_moderate($threadinfo['forumid'])) {
$deljoin = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(post.postid = deletionlog.primaryid AND deletionlog.type = 'post')";
} else {
$deljoin = '';
}
$show['viewpost'] = can_moderate($threadinfo['forumid']) ? true : false;
$show['managepost'] = iif(can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts'), true, false);
$show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false;
$show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false;
$show['approveattachment'] = can_moderate($threadinfo['forumid'], 'canmoderateattachments') ? true : false;
$show['inlinemod'] = (!$show['threadedmode'] and ($show['managethread'] or $show['managepost'] or $show['approvepost'])) ? true : false;
$show['spamctrls'] = ($show['inlinemod'] and $show['managepost']);
$url = $show['inlinemod'] ? SCRIPTPATH : '';
// build inline moderation popup
if ($show['popups'] and $show['inlinemod']) {
$threadadmin_imod_menu_post = vB_Template::create('threadadmin_imod_menu_post')->render();
} else {
$threadadmin_imod_menu_post = '';
}
// *********************************************************************************
// find the page that we should be on to display this post
if (!empty($postid) and $threadedmode == 0) {
$postinfo = verify_id('post', $postid, 1, 1);
$threadid = $postinfo['threadid'];
$getpagenum = $db->query_first("\n \t\tSELECT COUNT(*) AS posts\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tWHERE threadid = {$threadid} AND visible = 1\n \t\tAND dateline " . iif(!$postorder, '<=', '>=') . " {$postinfo['dateline']}\n \t");
$vbulletin->GPC['pagenumber'] = ceil($getpagenum['posts'] / $perpage);
}
// *********************************************************************************
// update views counter
if ($vbulletin->options['threadviewslive']) {
// doing it as they happen; for optimization purposes, this cannot use a DM!
$db->shutdown_query("\n \t\tUPDATE " . TABLE_PREFIX . "thread\n \t\tSET views = views + 1\n \t\tWHERE threadid = " . intval($threadinfo['threadid']));
} else {
// or doing it once an hour
$db->shutdown_query("\n \t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n \t\tVALUES (" . intval($threadinfo['threadid']) . ')');
}
// *********************************************************************************
// display ratings if enabled
$show['rating'] = false;
if ($forum['allowratings'] == 1) {
if ($thread['votenum'] > 0) {
$thread['voteavg'] = vb_number_format($thread['votetotal'] / $thread['votenum'], 2);
$thread['rating'] = intval(round($thread['votetotal'] / $thread['votenum']));
if ($thread['votenum'] >= $vbulletin->options['showvotes']) {
$show['rating'] = true;
}
}
devdebug("threadinfo[vote] = {$threadinfo['vote']}");
if ($threadinfo['vote']) {
$voteselected["{$threadinfo['vote']}"] = 'selected="selected"';
$votechecked["{$threadinfo['vote']}"] = 'checked="checked"';
} else {
$voteselected[0] = 'selected="selected"';
$votechecked[0] = 'checked="checked"';
}
}
// *********************************************************************************
// set page number
if ($vbulletin->GPC['pagenumber'] < 1) {
$vbulletin->GPC['pagenumber'] = 1;
} else {
if ($vbulletin->GPC['pagenumber'] > ceil(($thread['replycount'] + 1) / $perpage)) {
$vbulletin->GPC['pagenumber'] = ceil(($thread['replycount'] + 1) / $perpage);
}
}
// *********************************************************************************
// initialise some stuff...
$limitlower = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
$limitupper = $vbulletin->GPC['pagenumber'] * $perpage;
$counter = 0;
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview) {
$threadview = $vbulletin->userinfo['lastvisit'];
}
}
$threadinfo['threadview'] = intval($threadview);
$displayed_dateline = 0;
################################################################################
############################### SHOW POLL ######################################
################################################################################
$poll = '';
if ($thread['pollid']) {
$pollbits = '';
$counter = 1;
$pollid = $thread['pollid'];
$show['editpoll'] = iif(can_moderate($threadinfo['forumid'], 'caneditpoll'), true, false);
// get poll info
$pollinfo = $db->query_first_slave("\n \t\tSELECT *\n \t\tFROM " . TABLE_PREFIX . "poll\n \t\tWHERE pollid = {$pollid}\n \t");
require_once DIR . '/includes/class_bbcode.php';
$bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$pollinfo['question'] = $bbcode_parser->parse(unhtmlspecialchars($pollinfo['question']), $forum['forumid'], true);
$splitoptions = explode('|||', $pollinfo['options']);
$splitoptions = array_map('rtrim', $splitoptions);
$splitvotes = explode('|||', $pollinfo['votes']);
$showresults = 0;
$uservoted = 0;
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) {
$nopermission = 1;
}
if (!$pollinfo['active'] or !$thread['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0 or $nopermission) {
//thread/poll is closed, ie show results no matter what
$showresults = 1;
} else {
//get userid, check if user already voted
$voted = intval(fetch_bbarray_cookie('poll_voted', $pollid));
if ($voted) {
$uservoted = 1;
}
}
($hook = vBulletinHook::fetch_hook('showthread_poll_start')) ? eval($hook) : false;
if ($pollinfo['timeout'] and !$showresults) {
$pollendtime = vbdate($vbulletin->options['timeformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400);
$pollenddate = vbdate($vbulletin->options['dateformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400);
$show['pollenddate'] = true;
} else {
$show['pollenddate'] = false;
}
foreach ($splitvotes as $index => $value) {
$pollinfo['numbervotes'] += $value;
}
if ($vbulletin->userinfo['userid'] > 0) {
$pollvotes = $db->query_read_slave("\n \t\t\tSELECT voteoption\n \t\t\tFROM " . TABLE_PREFIX . "pollvote\n \t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . " AND pollid = {$pollid}\n \t\t");
if ($db->num_rows($pollvotes) > 0) {
$uservoted = 1;
}
}
if ($showresults or $uservoted) {
if ($uservoted) {
$uservote = array();
while ($pollvote = $db->fetch_array($pollvotes)) {
$uservote["{$pollvote['voteoption']}"] = 1;
}
}
}
$left = vB_Template_Runtime::fetchStyleVar('left');
$right = vB_Template_Runtime::fetchStyleVar('right');
$option['open'] = $left[0];
$option['close'] = $right[0];
foreach ($splitvotes as $index => $value) {
$arrayindex = $index + 1;
$option['uservote'] = iif($uservote["{$arrayindex}"], true, false);
$option['question'] = $bbcode_parser->parse($splitoptions["{$index}"], $forum['forumid'], true);
// public link
if ($pollinfo['public'] and $value) {
$option['votes'] = '<a href="poll.php?' . $vbulletin->session->vars['sessionurl'] . 'do=showresults&pollid=' . $pollinfo['pollid'] . '">' . vb_number_format($value) . '</a>';
} else {
$option['votes'] = vb_number_format($value);
//get the vote count for the option
}
$option['number'] = $counter;
//number of the option
//Now we check if the user has voted or not
if ($showresults or $uservoted) {
// user did vote or poll is closed
if ($value <= 0) {
$option['percentraw'] = 0;
} else {
if ($pollinfo['multiple']) {
$option['percentraw'] = $value < $pollinfo['voters'] ? $value / $pollinfo['voters'] * 100 : 100;
} else {
$option['percentraw'] = $value < $pollinfo['numbervotes'] ? $value / $pollinfo['numbervotes'] * 100 : 100;
}
}
$option['percent'] = vb_number_format($option['percentraw'], 2);
$option['graphicnumber'] = $option['number'] % 6 + 1;
$option['barnumber'] = round($option['percent']) * 2;
$option['remainder'] = 201 - $option['barnumber'];
// Phrase parts below
if ($nopermission) {
$pollstatus = $vbphrase['you_may_not_vote_on_this_poll'];
} else {
if ($showresults) {
$pollstatus = $vbphrase['this_poll_is_closed'];
} else {
if ($uservoted) {
$pollstatus = $vbphrase['you_have_already_voted_on_this_poll'];
}
}
}
($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false;
$templater = vB_Template::create('pollresult');
$templater->register('names', $names);
$templater->register('option', $option);
$pollbits .= $templater->render();
} else {
($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false;
if ($pollinfo['multiple']) {
$templater = vB_Template::create('polloption_multiple');
$templater->register('option', $option);
$pollbits .= $templater->render();
} else {
$templater = vB_Template::create('polloption');
$templater->register('option', $option);
$pollbits .= $templater->render();
}
}
$counter++;
}
if ($pollinfo['multiple']) {
$pollinfo['numbervotes'] = $pollinfo['voters'];
$show['multiple'] = true;
}
if ($pollinfo['public']) {
$show['publicwarning'] = true;
} else {
$show['publicwarning'] = false;
}
$displayed_dateline = $threadinfo['lastpost'];
($hook = vBulletinHook::fetch_hook('showthread_poll_complete')) ? eval($hook) : false;
if ($showresults or $uservoted) {
$templater = vB_Template::create('pollresults_table');
$templater->register('pollbits', $pollbits);
$templater->register('pollenddate', $pollenddate);
$templater->register('pollendtime', $pollendtime);
$templater->register('pollinfo', $pollinfo);
$templater->register('pollstatus', $pollstatus);
$poll = $templater->render();
} else {
$templater = vB_Template::create('polloptions_table');
$templater->register('pollbits', $pollbits);
$templater->register('pollenddate', $pollenddate);
$templater->register('pollendtime', $pollendtime);
$templater->register('pollinfo', $pollinfo);
$poll = $templater->render();
}
}
// work out if quickreply should be shown or not
if ($vbulletin->options['quickreply'] and !$thread['isdeleted'] and !is_browser('netscape') and $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'] or $vbulletin->userinfo['userid'] != $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']) and ($thread['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and !fetch_require_hvcheck('post')) {
$show['quickreply'] = true;
} else {
$show['quickreply'] = false;
$show['wysiwyg'] = 0;
$quickreply = '';
}
$show['largereplybutton'] = (!$thread['isdeleted'] and !$show['threadedmode'] and $forum['allowposting'] and !$show['search_engine']);
if (!$forum['allowposting']) {
$show['quickreply'] = false;
}
$show['multiquote_global'] = ($vbulletin->options['multiquote'] and $vbulletin->userinfo['userid']);
if ($show['multiquote_global']) {
$vbulletin->input->clean_array_gpc('c', array('vbulletin_multiquote' => TYPE_STR));
$vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']);
}
// post is cachable if option is enabled, last post is newer than max age, and this user
// isn't showing a sessionhash
$post_cachable = ($vbulletin->options['cachemaxage'] > 0 and TIMENOW - $vbulletin->options['cachemaxage'] * 60 * 60 * 24 <= $thread['lastpost'] and $vbulletin->session->vars['sessionurl'] == '');
$saveparsed = '';
$save_parsed_sigs = '';
($hook = vBulletinHook::fetch_hook('showthread_post_start')) ? eval($hook) : false;
################################################################################
####################### SHOW THREAD IN LINEAR MODE #############################
################################################################################
if ($threadedmode == 0) {
// allow deleted posts to not be counted in number of posts displayed on the page;
// prevents issue with page count on forum display being incorrect
$ids = array();
$lastpostid = 0;
$hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('showthread_query_postids')) ? eval($hook) : false;
if (empty($deljoin) and !$show['approvepost']) {
$totalposts = $threadinfo['replycount'] + 1;
if (can_moderate($thread['forumid'])) {
$coventry = '';
} else {
$coventry = fetch_coventry('string');
}
$getpostids = $db->query_read("\n \t\t\tSELECT post.postid\n \t\t\tFROM " . TABLE_PREFIX . "post AS post\n \t\t\t{$hook_query_joins}\n \t\t\tWHERE post.threadid = {$threadid}\n \t\t\t\tAND post.visible = 1\n \t\t\t\t" . ($coventry ? "AND post.userid NOT IN ({$coventry})" : '') . "\n \t\t\t\t{$hook_query_where}\n \t\t\tORDER BY post.dateline {$postorder}\n \t\t\tLIMIT {$limitlower}, {$perpage}\n \t\t");
while ($post = $db->fetch_array($getpostids)) {
if (!isset($qrfirstpostid)) {
$qrfirstpostid = $post['postid'];
}
$qrlastpostid = $post['postid'];
$ids[] = $post['postid'];
}
$db->free_result($getpostids);
$lastpostid = $qrlastpostid;
} else {
$getpostids = $db->query_read("\n \t\t\tSELECT post.postid, post.visible, post.userid\n \t\t\tFROM " . TABLE_PREFIX . "post AS post\n \t\t\t{$hook_query_joins}\n \t\t\tWHERE post.threadid = {$threadid}\n \t\t\t\tAND post.visible IN (1\n \t\t\t\t" . (!empty($deljoin) ? ",2" : "") . "\n \t\t\t\t" . ($show['approvepost'] ? ",0" : "") . "\n \t\t\t\t)\n \t\t\t\t{$hook_query_where}\n \t\t\tORDER BY post.dateline {$postorder}\n \t\t");
$totalposts = 0;
if ($limitlower != 0) {
$limitlower++;
}
while ($post = $db->fetch_array($getpostids)) {
if (!isset($qrfirstpostid)) {
$qrfirstpostid = $post['postid'];
}
$qrlastpostid = $post['postid'];
if ($post['visible'] == 1 and !in_coventry($post['userid']) and !$ignore[$post['userid']]) {
$totalposts++;
}
if ($totalposts < $limitlower or $totalposts > $limitupper) {
continue;
}
// remember, these are only added if they're going to be displayed
$ids[] = $post['postid'];
$lastpostid = $post['postid'];
}
$db->free_result($getpostids);
}
// '0' inside parenthesis in unlikely case we have no ids for this page
// (this could happen if the replycount is wrong in the db)
$postids = "post.postid IN (0" . implode(',', $ids) . ")";
// load attachments
if ($thread['attach']) {
require_once DIR . '/packages/vbattach/attach.php';
$attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
$postattach = $attach->fetch_postattach(0, $ids);
}
$hook_query_fields = $hook_query_joins = '';
($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false;
$posts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*, usertextfield.*,\n \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n \t\t\t" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n \t\t\t{$deljoin}\n \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n \t\t\t{$hook_query_joins}\n \t\tWHERE {$postids}\n \t\tORDER BY post.dateline {$postorder}\n \t");
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
$vbulletin->options['attachthumbs'] = 0;
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
$vbulletin->options['viewattachedimages'] = 0;
}
$postcount = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
if ($postorder) {
// Newest first
$postcount = $totalposts - $postcount + 1;
}
$counter = 0;
$postbits = '';
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry =& $vbulletin;
$postbit_factory->forum =& $foruminfo;
$postbit_factory->thread =& $thread;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
while ($post = $db->fetch_array($posts)) {
if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
continue;
}
if ($post['visible'] == 1 and !$tachyuser) {
++$counter;
if ($postorder) {
$post['postcount'] = --$postcount;
} else {
$post['postcount'] = ++$postcount;
}
}
if ($tachyuser) {
$fetchtype = 'post_global_ignore';
} else {
if ($ignore["{$post['userid']}"]) {
$fetchtype = 'post_ignore';
} else {
if ($post['visible'] == 2) {
$fetchtype = 'post_deleted';
} else {
$fetchtype = 'post';
}
}
}
if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
$fetchtype = 'post';
}
if ($fetchtype != 'post' && $fetchtype != 'post_deleted') {
continue;
}
($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
$postbit_obj =& $postbit_factory->fetch_postbit($fetchtype);
if ($fetchtype == 'post') {
$postbit_obj->highlight =& $replacewords;
}
$postbit_obj->cachable = $post_cachable;
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1);
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['attachments'] = $postattach["{$post['postid']}"];
$parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);
$postbits .= $postbit_obj->construct_postbit($post);
// Only show after the first post, counter isn't incremented for deleted/moderated posts
if ($post['isfirstshown']) {
$postbits .= vB_Template::create('ad_showthread_firstpost')->render();
}
if ($post_cachable and $post['pagetext_html'] == '') {
if (!empty($saveparsed)) {
$saveparsed .= ',';
}
$saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if (!empty($postbit_obj->sig_cache) and $post['userid']) {
if (!empty($save_parsed_sigs)) {
$save_parsed_sigs .= ',';
}
$save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
}
// get first and last post ids for this page (for big reply buttons)
if (!isset($FIRSTPOSTID)) {
$FIRSTPOSTID = $post['postid'];
}
$LASTPOSTID = $post['postid'];
if ($post['dateline'] > $displayed_dateline) {
$displayed_dateline = $post['dateline'];
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
// FRNR Start
// find out if first post
$getpost = $db->query_first("\n SELECT firstpostid\n FROM " . TABLE_PREFIX . "thread\n WHERE threadid = {$threadinfo['threadid']}\n ");
$isfirstpost = $getpost['firstpostid'] == $post['postid'];
$candelete = false;
if ($isfirstpost and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
$candelete = true;
} else {
if (!$isfirstpost and can_moderate($threadinfo['forumid'], 'candeleteposts')) {
$candelete = true;
} else {
if (($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and !$isfirstpost or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $isfirstpost) and $vbulletin->userinfo['userid'] == $post['userid']) {
$candelete = true;
}
}
}
// Get post date/time
$postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1);
$posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']);
$fr_images = array();
$docattach = array();
// Attachments (images).
if (is_array($post['attachments']) && count($post['attachments']) > 0) {
foreach ($post['attachments'] as $attachment) {
$lfilename = strtolower($attachment['filename']);
if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
$tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']);
if ($vbulletin->options['attachthumbs']) {
$tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1';
}
$fr_images[] = $tmp;
}
if (strpos($lfilename, '.pdf') !== false) {
$docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'];
}
}
}
// Parse the post for quotes and inline images
list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies);
if (count($fr_images) > 0) {
$text .= "<br/>";
foreach ($fr_images as $attachment) {
$text .= "<img src=\"{$attachment['img']}\"/>";
}
}
foreach ($images as $image) {
$fr_images[] = array('img' => $image);
}
$avatarurl = '';
// Avatar work
if ($post['avatarurl']) {
$avatarurl = process_avatarurl($post['avatarurl']);
}
$tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'online' => fetch_online_status(fetch_userinfo($post['userid']), false), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images);
if ($candelete) {
$tmp['candelete'] = true;
}
// Soft Deleted
if ($post['visible'] == 2) {
$tmp['deleted'] = true;
$tmp['del_username'] = prepare_utf8_string($post['del_username']);
if ($post['del_reason']) {
$tmp['del_reason'] = prepare_utf8_string($post['del_reason']);
}
} else {
$tmp['text'] = $text;
$tmp['quotable'] = $nuked_quotes;
if ($post['editlink']) {
$tmp['canedit'] = true;
$tmp['edittext'] = prepare_utf8_string($post['pagetext']);
}
}
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
if (count($docattach) > 0) {
$tmp['docattach'] = $docattach;
}
if ($vbulletin->GPC['signature']) {
$sig = trim(remove_bbcode(strip_tags($post['signatureparsed']), true, true), '<a>');
$sig = str_replace(array("\t", "\r"), array('', ''), $sig);
$sig = str_replace("\n\n", "\n", $sig);
$tmp['sig'] = prepare_utf8_string($sig);
}
// Begin Support for Post Thanks Hack - http://www.vbulletin.org/forum/showthread.php?t=122944
if ($vbulletin->userinfo['userid'] && function_exists('post_thanks_off') && function_exists('can_thank_this_post') && function_exists('thanked_already') && function_exists('fetch_thanks')) {
if (!post_thanks_off($thread['forumid'], $post, $thread['firstpostid'], THIS_SCRIPT)) {
global $ids;
if (can_thank_this_post($post, $thread['isdeleted'])) {
$tmp['canlike'] = true;
}
if (thanked_already($post, 0, true)) {
$tmp['likes'] = true;
if (!$vbulletin->options['post_thanks_delete_own']) {
$tmp['canlike'] = $tmp['likes'] = false;
}
}
$thanks = fetch_thanks($post['postid']);
$thank_users = array();
if (is_array($thanks)) {
foreach ($thanks as $thank) {
$thank_users[] = $thank['username'];
}
}
if (count($thank_users)) {
$tmp['likestext'] = prepare_utf8_string($vbphrase['fr_thanked_by'] . ': ' . join(', ', $thank_users));
$tmp['likesusers'] = join(', ', $thank_users);
}
}
}
// End Support for Post Thanks Hack
$posts_out[] = $tmp;
// FRNR End
}
$db->free_result($posts);
unset($post);
if ($postbits == '' and $vbulletin->GPC['pagenumber'] > 1) {
$pageinfo = array('page' => $vbulletin->GPC['pagenumber'] - 1);
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo['pp'] = $perpage;
}
if (!empty($vbulletin->GPC['highlight'])) {
$pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
}
exec_header_redirect(fetch_seo_url('thread|js', $threadinfo, $pageinfo));
}
DEVDEBUG("First Post: {$FIRSTPOSTID}; Last Post: {$LASTPOSTID}");
$pageinfo = array();
if ($vbulletin->GPC['highlight']) {
$pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
}
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo['pp'] = $perpage;
}
$pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $totalposts, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo);
if ($thread['lastpost'] > $threadview) {
if ($firstnew) {
$firstunread = fetch_seo_url('thread', $threadinfo, array('page' => $vbulletin->GPC['pagenumber'])) . '#post' . $firstnew;
$show['firstunreadlink'] = true;
} else {
$firstunread = fetch_seo_url('thread', $threadinfo, array('goto' => 'newpost'));
$show['firstunreadlink'] = true;
}
} else {
$firstunread = '';
$show['firstunreadlink'] = false;
}
if ($vbulletin->userinfo['postorder']) {
// disable ajax qr when displaying linear newest first
$show['allow_ajax_qr'] = 0;
} else {
// only allow ajax on the last page of a thread when viewing oldest first
$show['allow_ajax_qr'] = $vbulletin->GPC['pagenumber'] == ceil($totalposts / $perpage) ? 1 : 0;
}
################################################################################
################ SHOW THREAD IN THREADED OR HYBRID MODE ########################
################################################################################
} else {
// ajax qr doesn't work with threaded controls
$show['allow_ajax_qr'] = 0;
require_once DIR . '/includes/functions_threadedmode.php';
// save data
$ipostarray = array();
$postarray = array();
$userarray = array();
$postparent = array();
$postorder = array();
$hybridposts = array();
$deletedparents = array();
$totalposts = 0;
$links = '';
$cache_postids = '';
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('showthread_query_postids_threaded')) ? eval($hook) : false;
// get all posts
$listposts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\t{$hook_query_joins}\n \t\tWHERE threadid = {$threadid}\n \t\t\t{$hook_query_where}\n \t\tORDER BY postid\n \t");
// $toppostid is the first post in the thread
// $curpostid is the postid passed from the URL, or if not specified, the first post in the thread
$ids = array();
while ($post = $db->fetch_array($listposts)) {
if ($post['visible'] == 2 and !$deljoin or $post['visible'] == 0 and !$show['approvepost'] or in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
$deletedparents["{$post['postid']}"] = iif(isset($deletedparents["{$post['parentid']}"]), $deletedparents["{$post['parentid']}"], $post['parentid']);
continue;
}
if (empty($toppostid)) {
$toppostid = $post['postid'];
}
if (empty($postid)) {
if (empty($curpostid)) {
$curpostid = $post['postid'];
if ($threadedmode == 2 and empty($vbulletin->GPC['postid'])) {
$vbulletin->GPC['postid'] = $curpostid;
}
$curpostparent = $post['parentid'];
}
} else {
if ($post['postid'] == $postid) {
$curpostid = $post['postid'];
$curpostparent = $post['parentid'];
}
}
$postparent["{$post['postid']}"] = $post['parentid'];
$ipostarray["{$post['parentid']}"][] = $post['postid'];
$postarray["{$post['postid']}"] = $post;
$userarray["{$post['userid']}"] = $db->escape_string($post['username']);
$totalposts++;
$ids[] = $post['postid'];
}
$db->free_result($listposts);
// hooks child posts up to new parent if actual parent has been deleted or hidden
if (count($deletedparents) > 0) {
foreach ($deletedparents as $dpostid => $dparentid) {
if (is_array($ipostarray[$dpostid])) {
foreach ($ipostarray[$dpostid] as $temppostid) {
$postparent[$temppostid] = $dparentid;
$ipostarray[$dparentid][] = $temppostid;
$postarray[$temppostid]['parentid'] = $dparentid;
}
unset($ipostarray[$dpostid]);
}
if ($curpostparent == $dpostid) {
$curpostparent = $dparentid;
}
}
}
unset($post, $listposts, $deletedparents);
if ($thread['attach']) {
require_once DIR . '/packages/vbattach/attach.php';
$attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
$postattach = $attach->fetch_postattach(0, $ids);
}
// get list of usernames from post list
$userjs = '';
foreach ($userarray as $userid => $username) {
if ($userid) {
$userjs .= "pu[{$userid}] = \"" . addslashes_js($username) . "\";\n";
}
}
unset($userarray, $userid, $username);
$parent_postids = fetch_post_parentlist($curpostid);
if (!$parent_postids) {
$currentdepth = 0;
} else {
$currentdepth = sizeof(explode(',', $parent_postids));
}
sort_threaded_posts();
if (empty($curpostid)) {
eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
}
if ($threadedmode == 2) {
$numhybrids = sizeof($hybridposts);
if ($vbulletin->GPC['pagenumber'] < 1) {
$vbulletin->GPC['pagenumber'] = 1;
}
$startat = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
if ($startat > $numhybrids) {
$vbulletin->GPC['pagenumber'] = 1;
$startat = 0;
}
$endat = $startat + $perpage;
for ($i = $startat; $i < $endat; $i++) {
if (isset($hybridposts["{$i}"])) {
if (!isset($FIRSTPOSTID)) {
$FIRSTPOSTID = $hybridposts["{$i}"];
}
$cache_postids .= ",{$hybridposts[$i]}";
$LASTPOSTID = $hybridposts["{$i}"];
}
}
$pageinfo = array('p' => $vbulletin->GPC['postid']);
if ($vbulletin->GPC['highlight']) {
$pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
}
if (!empty($vbulletin->GPC['perpage'])) {
$pageinfo['pp'] = $perpage;
}
$pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $numhybrids, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo);
} else {
$FIRSTPOSTID = $curpostid;
$LASTPOSTID = $curpostid;
// sort out which posts to cache:
if (!$vbulletin->options['threaded_maxcache']) {
$vbulletin->options['threaded_maxcache'] = 999999;
}
// cache $vbulletin->options['threaded_maxcache'] posts
// take 0.25 from above $curpostid
// and take 0.75 below
if (sizeof($postorder) <= $vbulletin->options['threaded_maxcache']) {
$startat = 0;
} else {
if ($curpostidkey + $vbulletin->options['threaded_maxcache'] * 0.75 > sizeof($postorder)) {
$startat = sizeof($postorder) - $vbulletin->options['threaded_maxcache'];
} else {
if ($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25 < 0) {
$startat = 0;
} else {
$startat = intval($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25);
}
}
}
unset($curpostidkey);
foreach ($postorder as $postkey => $pid) {
if ($postkey > $startat + $vbulletin->options['threaded_maxcache']) {
break;
}
if ($postkey >= $startat and empty($morereplies["{$pid}"])) {
$cache_postids .= ',' . $pid;
}
}
// get next/previous posts for each post in the list
// key: NAVJS[postid][0] = prev post, [1] = next post
$NAVJS = array();
$prevpostid = 0;
foreach ($postorder as $pid) {
$NAVJS["{$pid}"][0] = $prevpostid;
$NAVJS["{$prevpostid}"][1] = $pid;
$prevpostid = $pid;
}
$NAVJS["{$toppostid}"][0] = $pid;
//prev button for first post
$NAVJS["{$pid}"][1] = $toppostid;
//next button for last post
$navjs = '';
foreach ($NAVJS as $pid => $info) {
$navjs .= "pn[{$pid}] = \"{$info['0']},{$info['1']}\";\n";
}
}
unset($ipostarray, $postparent, $postorder, $NAVJS, $postid, $info, $prevpostid, $postkey);
$cache_postids = substr($cache_postids, 1);
if (empty($cache_postids)) {
// umm... something weird happened. Just prevent an error.
eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false;
$cacheposts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*, usertextfield.*,\n \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,') . "\n \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n \t\t\t" . iif($deljoin, "deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,") . "\n \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n \t\t\t{$deljoin}\n \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n \t\t\t{$hook_query_joins}\n \t\tWHERE post.postid IN (" . $cache_postids . ") {$hook_query_where}\n \t");
// re-initialise the $postarray variable
$postarray = array();
while ($post = $db->fetch_array($cacheposts)) {
$postarray["{$post['postid']}"] = $post;
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
$vbulletin->options['viewattachedimages'] = 0;
$vbulletin->options['attachthumbs'] = 0;
}
// init
$postcount = 0;
$postbits = '';
$saveparsed = '';
$jspostbits = '';
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry =& $vbulletin;
$postbit_factory->forum =& $foruminfo;
$postbit_factory->thread =& $thread;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
foreach (explode(',', $cache_postids) as $id) {
// get the post from the post array
if (!isset($postarray["{$id}"])) {
continue;
}
$post = $postarray["{$id}"];
if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
continue;
}
if ($tachyuser) {
$fetchtype = 'post_global_ignore';
} else {
if ($ignore["{$post['userid']}"]) {
$fetchtype = 'post_ignore';
} else {
if ($post['visible'] == 2) {
$fetchtype = 'post_deleted';
} else {
$fetchtype = 'post';
}
}
}
if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
$fetchtype = 'post';
}
($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
$postbit_obj =& $postbit_factory->fetch_postbit($fetchtype);
if ($fetchtype == 'post') {
$postbit_obj->highlight =& $replacewords;
}
$postbit_obj->cachable = $post_cachable;
$post['postcount'] = ++$postcount;
$post['attachments'] =& $postattach["{$post['postid']}"];
$parsed_postcache = array('text' => '', 'images' => 1);
$bgclass = 'alt2';
if ($threadedmode == 2) {
$postbits .= $postbit_obj->construct_postbit($post);
} else {
$postbit = $postbit_obj->construct_postbit($post);
if ($curpostid == $post['postid']) {
$curpostdateline = $post['dateline'];
$curpostbit = $postbit;
}
$postbit = preg_replace('#</script>#i', "<\\/scr' + 'ipt>", addslashes_js($postbit));
$jspostbits .= "pd[{$post['postid']}] = '{$postbit}';\n";
}
// end threaded mode
if ($post_cachable and $post['pagetext_html'] == '') {
if (!empty($saveparsed)) {
$saveparsed .= ',';
}
$saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "'," . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if (!empty($postbit_obj->sig_cache) and $post['userid']) {
if (!empty($save_parsed_sigs)) {
$save_parsed_sigs .= ',';
}
$save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
}
if ($post['dateline'] > $displayed_dateline) {
$displayed_dateline = $post['dateline'];
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
}
// end while ($post)
$db->free_result($cacheposts);
if ($threadedmode == 1) {
$postbits = $curpostbit;
}
$templater = vB_Template::create('showthread_list');
$templater->register('curpostid', $curpostid);
$templater->register('highlightwords', $highlightwords);
$templater->register('jspostbits', $jspostbits);
$templater->register('links', $links);
$templater->register('navjs', $navjs);
$templater->register('threadedmode', $threadedmode);
$templater->register('userjs', $userjs);
$threadlist = $templater->render();
unset($curpostbit, $post, $cacheposts, $parsed_postcache, $postbit);
}
################################################################################
########################## END LINEAR / THREADED ###############################
################################################################################
$effective_lastpost = max($displayed_dateline, $thread['lastpost']);
// *********************************************************************************
//set thread last view
if ($thread['pollid'] and $vbulletin->options['updatelastpost'] and ($displayed_dateline == $thread['lastpost'] or $threadview == $thread['lastpost']) and $pollinfo['lastvote'] > $thread['lastpost']) {
$displayed_dateline = $pollinfo['lastvote'];
}
if ((!$vbulletin->GPC['posted'] or $updatethreadcookie) and $displayed_dateline and $displayed_dateline > $threadview) {
mark_thread_read($threadinfo, $foruminfo, $vbulletin->userinfo['userid'], $displayed_dateline);
}
// FRNR Below
fr_update_subsent($threadinfo['threadid'], $displayed_dateline);
if (!is_array($posts_out)) {
$posts_out = array();
}
// Figure out if we can post
$canpost = true;
if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
$canpost = false;
}
if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
$canpost = false;
}
if (!$threadinfo['open']) {
if (!can_moderate($threadinfo['forumid'], 'canopenclose')) {
$canpost = false;
}
}
if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
$canpost = false;
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) {
$canpost = false;
}
$mod = 0;
if (can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts')) {
$mod |= MOD_DELETEPOST;
}
if (can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
if ($threadinfo['sticky']) {
$mod |= MOD_UNSTICK;
} else {
$mod |= MOD_STICK;
}
}
if ($threadinfo['visible'] != 2 and can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts') or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and ($vbulletin->options['edittimelimit'] == 0 or $threadinfo['dateline'] > TIMENOW - $vbulletin->options['edittimelimit'] * 60)) {
$mod |= MOD_DELETETHREAD;
}
if (can_moderate($threadinfo['forumid'], 'canopenclose') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) {
if ($threadinfo['open']) {
$mod |= MOD_CLOSE;
} else {
$mod |= MOD_OPEN;
}
}
if (can_moderate($threadinfo['forumid'], 'canmanagethreads') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) {
$mod |= MOD_MOVETHREAD;
}
if ($show['spamctrls']) {
$mod |= MOD_SPAM_CONTROLS;
}
$out = array('posts' => $posts_out, 'total_posts' => $totalposts, 'page' => $vbulletin->GPC['pagenumber'], 'canpost' => $canpost ? 1 : 0, 'mod' => $mod, 'pollid' => $thread['pollid'], 'subscribed' => $threadinfo['issubscribed'] ? 1 : 0, 'title' => prepare_utf8_string($thread['title']), 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid']);
if ($postid) {
$out['gotopostid'] = $postid;
}
return $out;
}
private static function renderResult($userinfo, $post_array, $permissions,
$forumperms, $target_url, $nodeid)
{
if (!count($post_array))
{
return '';
}
require_once DIR . '/includes/functions_bigthree.php' ;
require_once DIR . '/includes/class_postbit.php' ;
fetch_phrase_group('showthread');
fetch_phrase_group('postbit');
global $vbphrase;
global $template_hook;
global $show;
global $thread;
$thread = $thread->get_record();
$threadinfo = verify_id('thread', $thread['threadid'], 1, 1);
$foruminfo = verify_id('forum', $threadinfo['forumid'], 1, 1);
$firstpostid = false;
$displayed_dateline = 0;
if (vB::$vbulletin->options['threadmarking'] AND vB::$vbulletin->userinfo['userid'])
{
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - (vB::$vbulletin->options['markinglimit'] * 86400));
}
else
{
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview)
{
$threadview = vB::$vbulletin->userinfo['lastvisit'];
}
}
require_once DIR . '/includes/functions_user.php';
$show['inlinemod'] = false;
$postids = array();
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
$postids = ' post.postid in ('
. implode(', ', $post_array) .')';
$posts = vB::$vbulletin->db->query_read($sql = "
SELECT
post.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,
user.*, userfield.*, usertextfield.*,
" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "
" . iif( vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "
" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "
" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "
editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,
editlog.reason AS edit_reason, editlog.hashistory,
postparsed.pagetext_html, postparsed.hasimages,
sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,
sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,
IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,
customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight
" . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "
$hook_query_fields
FROM " . TABLE_PREFIX . "post AS post
LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)
LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)
" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "
" . iif( vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "
" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "
$deljoin
LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)
LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")
LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")
LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)
LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)
$hook_query_joins
WHERE $postids
ORDER BY post.dateline
");
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) AND !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
{
vB::$vbulletin->options['attachthumbs'] = 0;
}
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
{
vB::$vbulletin->options['viewattachedimages'] = 0;
}
$postcount = count($postid_array);
$counter = 0;
$postbits = '';
vB::$vbulletin->noheader = true;
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry = vB::$vbulletin;
$postbit_factory->forum = $foruminfo;
$postbit_factory->thread = $thread;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser( vB::$vbulletin, fetch_tag_list());
//We need to tell the parser to handle quotes differently.
$postbit_factory->bbcode_parser->set_quote_template('vbcms_bbcode_quote');
$postbit_factory->bbcode_parser->set_quote_vars(array('page_url' => $target_url .
(strpos($target_url, '?') == false ? '?' : '&')));
$show['return_node'] = $nodeid;
$show['avatar'] = 1;
while ($post = vB::$vbulletin->db->fetch_array($posts))
{
if (! self::canViewPost($post, $permissions) )
{
continue;
}
if (! intval($post['userid']))
{
$post['avatarid'] = false;
}
else if (!$post['hascustomavatar'])
{
if ($post['profilepic'])
{
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
$post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile";
$post['avwidth'] = $post['ppwidth'];
$post['avheight'] = $post['ppheight'];
}
else
{
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
// explicity setting avatarurl to allow guests comments to show unknown avatar
$post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
$post['avwidth'] = 60;
$post['avheight'] = 60;
}
}
if ($tachyuser = in_coventry($post['userid']) AND !can_moderate($thread['forumid']))
{
continue;
}
if ($post['visible'] == 1 AND !$tachyuser)
{
++$counter;
if ($postorder)
{
$post['postcount'] = --$postcount;
}
else
{
$post['postcount'] = ++$postcount;
}
}
if ($tachyuser)
{
$fetchtype = 'post_global_ignore';
}
else if ($ignore["$post[userid]"])
{
$fetchtype = 'post_ignore';
}
else if ($post['visible'] == 2)
{
$fetchtype = 'post_deleted';
}
else
{
$fetchtype = 'post';
}
if (
( vB::$vbulletin->GPC['viewfull'] AND $post['postid'] == $postinfo['postid'] AND $fetchtype != 'post')
AND
(can_moderate($threadinfo['forumid']) OR !$post['isdeleted'])
)
{
$fetchtype = 'post';
}
($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
$postbit_obj = $postbit_factory->fetch_postbit($fetchtype);
$postbit_obj->set_template_prefix('vbcms_');
if ($fetchtype == 'post')
{
$postbit_obj->highlight = $replacewords;
}
if (!$firstpostid)
{
$firstpostid = $post['postid'];
}
$post['islastshown'] = ($post['postid'] == $lastpostid);
$post['isfirstshown'] = ($counter == 1 AND $fetchtype == 'post' AND $post['visible'] == 1);
$post['islastshown'] = ($post['postid'] == $lastpostid);
$post['attachments'] = $postattach["$post[postid]"];
$parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);
$this_postbit = $postbit_obj->construct_postbit($post);
$this_template = vB_Template::create('vbcms_comments_detail');
$this_template->register('postid', $post['postid'] );
$this_template->register('postbit', $this_postbit);
$this_template->register('indent', $post_array[$this_key]['level'] * $pixel_indent);
$postbits .= $this_template->render();
$LASTPOST = $post;
// Only show after the first post, counter isn't incremented for deleted/moderated posts
if ($post_cachable AND $post['pagetext_html'] == '')
{
if (!empty($saveparsed))
{
$saveparsed .= ',';
}
$saveparsed .= "($post[postid], " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if (!empty($postbit_obj->sig_cache) AND $post['userid'])
{
if (!empty($save_parsed_sigs))
{
$save_parsed_sigs .= ',';
}
$save_parsed_sigs .= "($post[userid], " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
}
}
if ($LASTPOST['dateline'] > $displayed_dateline)
{
$displayed_dateline = $LASTPOST['dateline'];
if ($displayed_dateline <= $threadview)
{
$updatethreadcookie = true;
}
}
if ($firstpostid)
{
$this_template->register('FIRSTPOSTID', $firstpostid );
}
if ($lastpostid)
{
$this_template->register('LASTPOSTID', $lastpostid);
}
// Set thread last view
if ($displayed_dateline AND $displayed_dateline > $threadview)
{
mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
}
vB::$vbulletin->db->free_result($posts);
unset($post);
return $postbits;
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('blog_search_results_query')) ? eval($hook) : false;
$results = $db->query_read("
SELECT blog.*, blog_searchresult.offset, IF(blog_user.title <> '', blog_user.title, blog.username) AS blogtitle
" . (($vbulletin->userinfo['userid'] AND in_coventry($vbulletin->userinfo['userid'], true)) ? "
,IF(blog_tachyentry.userid IS NULL, blog.lastcomment, blog_tachyentry.lastcomment) AS lastcomment
,IF(blog_tachyentry.userid IS NULL, blog.lastcommenter, blog_tachyentry.lastcommenter) AS lastcommenter
,IF(blog_tachyentry.userid IS NULL, blog.lastblogtextid, blog_tachyentry.lastblogtextid) AS lastblogtextid
" : "") . "
$hook_query_fields
FROM " . TABLE_PREFIX . "blog_searchresult AS blog_searchresult
INNER JOIN " . TABLE_PREFIX . "blog AS blog ON (blog_searchresult.id = blog.blogid)
LEFT JOIN " . TABLE_PREFIX . "blog_user AS blog_user ON (blog_user.bloguserid = blog.userid)
" . (($vbulletin->userinfo['userid'] AND in_coventry($vbulletin->userinfo['userid'], true)) ? "
LEFT JOIN " . TABLE_PREFIX . "blog_tachyentry AS blog_tachyentry ON (blog_tachyentry.blogid = blog.blogid AND blog_tachyentry.userid = " . $vbulletin->userinfo['userid'] . ")
" : "") . "
$hook_query_joins
WHERE blog_searchresult.blogsearchid = $search[blogsearchid]
AND blog_searchresult.offset >= " . $vbulletin->GPC['start'] . "
$hook_query_where
ORDER BY offset
LIMIT $perpage
");
$resultbits = '';
while ($blog = $db->fetch_array($results))
{
$canmoderation = (can_moderate_blog('canmoderatecomments') OR $vbulletin->userinfo['userid'] == $blog['userid']);
$blog['trackbacks_total'] = $blog['trackback_visible'] + ($canmoderation ? $blog['trackback_moderation'] : 0);
/**
* Code to run after saving a picture comment
*
* @param boolean Do the query?
*/
function post_save_once($doquery = true)
{
$commentid = intval($this->fetch_field('commentid'));
if (!$this->condition) {
if ($this->fetch_field('pictureid')) {
$this->insert_dupehash($this->fetch_field('pictureid'));
}
if ($this->info['pictureuser'] and !in_coventry($this->fetch_field('postuserid'), true)) {
$userdata =& datamanager_init('User', $this->registry, ERRTYPE_STANDARD);
$userdata->set_existing($this->info['pictureuser']);
if (!$this->fetch_field('messageread') and $this->fetch_field('state') == 'visible') {
$userdata->set('pcunreadcount', 'pcunreadcount + 1', false);
} else {
if ($this->fetch_field('state') == 'moderation') {
$userdata->set('pcmoderatedcount', 'pcmoderatedcount + 1', false);
}
}
$userdata->save();
}
}
if ($this->fetch_field('state') == 'moderation') {
/*insert query*/
$this->dbobject->query_write("\n\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "moderation\n\t\t\t\t\t(primaryid, type, dateline)\n\t\t\t\tVALUES\n\t\t\t\t\t({$commentid}, 'picturecomment', " . TIMENOW . ")\n\t\t\t");
}
($hook = vBulletinHook::fetch_hook('picturecommentdata_postsave')) ? eval($hook) : false;
}
// wrong username / password
exec_strike_user($vbulletin->userinfo['username']);
$error_message = fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes);
$do = 'error';
}
}
}
}
if ($do == 'error') {
} else {
if ($t) {
$do = 'thread';
$threadinfo = fetch_threadinfo($t);
$foruminfo = fetch_foruminfo($threadinfo['forumid']);
$forumperms = $vbulletin->userinfo['forumpermissions'][$foruminfo['forumid']];
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or in_coventry($threadinfo['postuserid']) or $threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
exit;
}
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
if (trim($foruminfo['link']) != '') {
exec_header_redirect($foruminfo['link'], true);
}
$title = "{$threadinfo['prefix_plain_html']} {$threadinfo['title']} [{$vbphrase['archive']}] " . ($p > 1 ? ' - ' . construct_phrase($vbphrase['page_x'], $p) : '') . " - {$title}";
$p = intval($p);
$metatags = "<meta name=\"keywords\" content=\"{$threadinfo['prefix_plain_html']} {$threadinfo['title']}, " . $vbulletin->options['keywords'] . "\" />\n\t<meta name=\"description\" content=\"[{$vbphrase['archive']}] " . ($p > 1 ? construct_phrase($vbphrase['page_x'], $p) . " " : "") . "{$threadinfo['prefix_plain_html']} {$threadinfo['title']} {$foruminfo['title_clean']}\" />\n\t";
} else {
if ($f) {
$do = 'forum';
$forumperms = $vbulletin->userinfo['forumpermissions'][$f];
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
exit;
/**
* Prepare any data needed for the output
*
* @param string The id of the block
* @param array Options specific to the block
*/
function prepare_output($id = '', $options = array())
{
global $show, $vbphrase, $messagearea, $vBeditTemplate;
require_once DIR . '/includes/functions_visitormessage.php';
require_once DIR . '/includes/class_bbcode.php';
require_once DIR . '/includes/class_visitormessage.php';
if (is_array($options)) {
$options = array_merge($this->option_defaults, $options);
} else {
$options = $this->option_defaults;
}
if ($options['vmid']) {
$messageinfo = verify_visitormessage($options['vmid'], false);
}
$state = array('visible');
if (fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo)) {
$state[] = 'moderation';
}
if (can_moderate(0, 'canmoderatevisitormessages') or $this->registry->userinfo['userid'] == $this->profile->userinfo['userid'] and $this->registry->userinfo['permissions']['visitormessagepermissions'] & $this->registry->bf_ugp_visitormessagepermissions['canmanageownprofile']) {
$state[] = 'deleted';
$deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
} else {
$deljoinsql = '';
}
$state_or = array("visitormessage.state IN ('" . implode("','", $state) . "')");
// Get the viewing user's moderated posts
if ($this->registry->userinfo['userid'] and !fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo)) {
$state_or[] = "(visitormessage.postuserid = " . $this->registry->userinfo['userid'] . " AND state = 'moderation')";
}
$perpage = (!$options['perpage'] or $options['perpage'] > $this->registry->options['vm_maxperpage']) ? $this->registry->options['vm_perpage'] : $options['perpage'];
if ($messageinfo['vmid']) {
$getpagenum = $this->registry->db->query_first("\n\t\t\t\tSELECT COUNT(*) AS comments\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tWHERE userid = " . $this->profile->userinfo['userid'] . "\n\t\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\t\tAND dateline >= {$messageinfo['dateline']}\n\t\t\t");
$options['pagenumber'] = ceil($getpagenum['comments'] / $perpage);
}
$pagenumber = $options['pagenumber'];
do {
if (!$pagenumber or $options['tab'] != $id and $options['tab'] != '') {
$pagenumber = 1;
}
$start = ($pagenumber - 1) * $perpage;
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('member_profileblock_visitormessage_query')) ? eval($hook) : false;
if ($this->registry->options['globalignore'] != '') {
if (!can_moderate(0, 'candeletevisitormessages') and !can_moderate(0, 'canremovevisitormessages')) {
require_once DIR . '/includes/functions_bigthree.php';
$coventry = fetch_coventry('string');
}
}
$messagebits = '';
$messages = $this->registry->db->query_read("\n\t\t\t\tSELECT " . (!isset($this->profile->prepared['vm_total']) ? "SQL_CALC_FOUND_ROWS" : "") . "\n\t\t\t\t\tvisitormessage.*, user.*, visitormessage.ipaddress AS messageipaddress\n\t\t\t\t\t" . ($this->registry->userinfo['userid'] ? ",IF(userlist.userid IS NOT NULL, 1, 0) AS bbuser_iscontact_of_user" : "") . "\n\t\t\t\t\t" . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t\t\t" . ($this->registry->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "\n\t\t\t\t\t{$hook_query_fields}\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t\t" . ($this->registry->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.userid = user.userid AND userlist.type = 'buddy' AND userlist.relationid = " . $this->registry->userinfo['userid'] . ")" : "") . "\n\t\t\t\t" . ($this->registry->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t\t{$deljoinsql}\n\t\t\t\t{$hook_query_joins}\n\t\t\t\tWHERE visitormessage.userid = " . $this->profile->userinfo['userid'] . "\n\t\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\t" . ($coventry ? "AND visitormessage.postuserid NOT IN (" . $coventry . ")" : '') . "\n\t\t\t\t\t{$hook_query_where}\n\t\t\t\tORDER BY visitormessage.dateline DESC\n\t\t\t\tLIMIT {$start}, {$perpage}\n\t\t\t");
if (!isset($this->profile->prepared['vm_total'])) {
list($messagetotal) = $this->registry->db->query_first("SELECT FOUND_ROWS()", DBARRAY_NUM);
} else {
$messagetotal = $this->profile->prepared['vm_total'];
}
if ($start >= $messagetotal) {
$pagenumber = ceil($messagetotal / $perpage);
}
} while ($start >= $messagetotal and $messagetotal);
$this->block_data['messagestart'] = $start + 1;
$this->block_data['messageend'] = min($start + $perpage, $messagetotal);
$bbcode = new vB_BbCodeParser($this->registry, fetch_tag_list());
$factory = new vB_Visitor_MessageFactory($this->registry, $bbcode, $this->profile->userinfo);
$messagebits = '';
if ($this->registry->userinfo['userid'] and empty($options['showignored'])) {
$ignorelist = preg_split('/( )+/', trim($this->registry->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
} else {
$ignorelist = array();
}
$firstrecord = array();
$read_ids = array();
while ($message = $this->registry->db->fetch_array($messages)) {
// Process user.options
$message = array_merge($message, convert_bits_to_array($message['options'], $this->registry->bf_misc_useroptions));
if (!$firstrecord) {
$firstrecord = $message;
}
if ($ignorelist and in_array($message['postuserid'], $ignorelist)) {
$message['ignored'] = true;
}
if (empty($options['showignored']) and in_coventry($message['postuserid'])) {
$message['ignored'] = true;
}
$response_handler =& $factory->create($message);
$response_handler->converse = true;
if (!$message['vm_enable'] and (!can_moderate(0, 'canmoderatevisitormessages') or $this->registry->userinfo['userid'] == $message['postuserid']) or $message['vm_contactonly'] and !can_moderate(0, 'canmoderatevisitormessages') and $message['postuserid'] != $this->registry->userinfo['userid'] and !$message['bbuser_iscontact_of_user']) {
$response_handler->converse = false;
}
$response_handler->cachable = false;
$messagebits .= $response_handler->construct();
if (!$message['messageread'] and $message['state'] == 'visible') {
$read_ids[] = $message['vmid'];
}
$lastcomment = !$lastcomment ? $message['dateline'] : $lastcomment;
}
$readvms = 0;
// If it's our profile and the visible or default tab then we hope they've read it
// if ($this->profile->userinfo['userid'] == $this->registry->userinfo['userid'] AND ($options['tab'] == $id OR $options['tab'] == '') AND !empty($read_ids))
if ($this->profile->userinfo['userid'] == $this->registry->userinfo['userid']) {
if (!empty($read_ids)) {
$readvms = sizeof($read_ids);
$this->registry->db->query_write("UPDATE " . TABLE_PREFIX . "visitormessage SET messageread = 1 WHERE vmid IN (" . implode(',', $read_ids) . ")");
}
if ($this->profile->userinfo['vmunreadcount'] - $readvms > 0 and $this->registry->options['globalignore'] != '') {
// We still have unread VMs somewhere, and Tachy is enabled
build_visitor_message_counters($this->profile->userinfo['userid']);
} else {
if ($readvms) {
// This is more than likely on the second page
$this->registry->db->query_write("\n\t\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\t\tSET vmunreadcount = IF(vmunreadcount >= {$readvms}, vmunreadcount - {$readvms}, 0)\n\t\t\t\t\tWHERE userid = " . $this->registry->userinfo['userid']);
}
}
}
if ($pagenumber == 1 and (!isset($this->profile->prepared['vm_total']) or !isset($this->profile->prepared['lastvm_time']) or !isset($this->profile->prepared['lastvm_date']))) {
$pminfo = array('dateline' => $firstrecord['dateline'], 'messages' => $messagetotal);
} else {
$pminfo = null;
}
$this->profile->prepare('vm_total', $pminfo);
$this->block_data['messagebits'] = $messagebits;
$this->block_data['lastcomment'] = $lastcomment;
$show['delete'] = fetch_visitor_message_perm('candeletevisitormessages', $this->profile->userinfo);
$show['undelete'] = fetch_visitor_message_perm('canundeletevisitormessages', $this->profile->userinfo);
$show['approve'] = fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo);
$show['inlinemod'] = ($show['delete'] or $show['undelete'] or $show['approve']);
// Only allow AJAX QC on the first page
$show['quickcomment'] = $show['post_visitor_message'];
$show['allow_ajax_qc'] = ($pagenumber == 1 and $messagetotal) ? 1 : 0;
$pageinfo = array('tab' => $id);
if ($options['perpage'] != $this->registry->options['vm_perpage']) {
$pageindo['pp'] = $options['perpage'];
}
if (!empty($options['showignored'])) {
$pageinfo['showignored'] = 1;
}
$this->block_data['pagenav'] = construct_page_nav($pagenumber, $perpage, $messagetotal, '', '', $id, 'member', $this->profile->userinfo, $pageinfo);
$this->block_data['messagetotal'] = $messagetotal;
$show['view_conversation'] = (!$this->profile->prepared['myprofile'] and THIS_SCRIPT != 'converse' and $this->registry->userinfo['vm_enable']);
if ($show['quickcomment']) {
require_once DIR . '/includes/functions_editor.php';
$this->block_data['editorid'] = construct_edit_toolbar('', false, 'visitormessage', $this->registry->options['allowsmilies'], true, false, 'qr_small', '', array(), 'content', 'vBForum_VisitorMessage', 0, $this->profile->userinfo['userid']);
$this->block_data['messagearea'] = $messagearea;
$this->block_data['clientscript'] = $vBeditTemplate['clientscript'];
}
}
{
$xml->add_tag('error', 'nopermission');
$xml->print_xml();
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
// Tachy goes to coventry
if (in_coventry($threadinfo['postuserid']) AND !can_moderate($threadinfo['forumid']))
{
// do not show post if part of a thread from a user in Coventry and bbuser is not mod
$xml->add_tag('error', 'nopermission');
$xml->print_xml();
}
if (in_coventry($postinfo['userid']) AND !can_moderate($threadinfo['forumid']))
{
// do not show post if posted by a user in Coventry and bbuser is not mod
$xml->add_tag('error', 'nopermission');
$xml->print_xml();
}
$show['managepost'] = iif (can_moderate($threadinfo['forumid'], 'candeleteposts') OR can_moderate($threadinfo['forumid'], 'canremoveposts'), true, false);
$show['approvepost'] = (can_moderate($threadinfo['forumid'], 'canmoderateposts')) ? true : false;
$show['managethread'] = (can_moderate($threadinfo['forumid'], 'canmanagethreads')) ? true : false;
$show['quick_edit_form_tag'] = ($show['managethread'] OR $show['managepost'] OR $show['approvepost']) ? false : true;
// Is this the first post in the thread?
$isfirstpost = $postinfo['postid'] == $threadinfo['firstpostid'] ? true : false;
if ($isfirstpost AND can_moderate($threadinfo['forumid'], 'canmanagethreads'))
/**
* Gets counter information and makes sure the forums are in the proper order
* for tree iteration. Changes will be made to the forum cache directly.
*
* @param boolean Whether or not to get the forum counter info
* @param boolean Whether to include invisible forums in the liast
* @param integer ID of the user that subscribed forums should be fetched for
*/
function cache_ordered_forums($getcounters = 0, $getinvisibles = 0, $userid = 0)
{
global $vbulletin;
// query forum table to get latest lastpost/lastthread info and counters
if ($getcounters)
{
if ($vbulletin->userinfo['userid'] AND in_coventry($vbulletin->userinfo['userid'], true))
{
$tachyjoin = "
LEFT JOIN " . TABLE_PREFIX . "tachyforumpost AS tachyforumpost ON
(tachyforumpost.forumid = forum.forumid AND tachyforumpost.userid = " . $vbulletin->userinfo['userid'] . ")
LEFT JOIN " . TABLE_PREFIX . "tachyforumcounter AS tachyforumcounter ON
(tachyforumpost.forumid = forum.forumid AND tachyforumpost.userid = " . $vbulletin->userinfo['userid'] . ")
";
$counter_select = '
forum.forumid,
IF(tachyforumpost.userid IS NULL, forum.lastpost, tachyforumpost.lastpost) AS lastpost,
IF(tachyforumpost.userid IS NULL, forum.lastposter, tachyforumpost.lastposter) AS lastposter,
IF(tachyforumpost.userid IS NULL, forum.lastposterid, tachyforumpost.lastposterid) AS lastposterid,
IF(tachyforumpost.userid IS NULL, forum.lastthread, tachyforumpost.lastthread) AS lastthread,
IF(tachyforumpost.userid IS NULL, forum.lastthreadid, tachyforumpost.lastthreadid) AS lastthreadid,
IF(tachyforumpost.userid IS NULL, forum.lasticonid, tachyforumpost.lasticonid) AS lasticonid,
IF(tachyforumpost.userid IS NULL, forum.lastpostid, tachyforumpost.lastpostid) AS lastpostid,
IF(tachyforumpost.userid IS NULL, forum.lastprefixid, tachyforumpost.lastprefixid) AS lastprefixid,
IF(tachyforumcounter.userid IS NULL, forum.threadcount, forum.threadcount + tachyforumcounter.threadcount) AS threadcount,
IF(tachyforumcounter.userid IS NULL, forum.replycount, forum.replycount + tachyforumcounter.replycount) AS replycount
';
}
else
{
$tachyjoin = '';
$counter_select = 'forum.forumid, forum.lastpost, forum.lastposter, forum.lastposterid, forum.lastthread, forum.lastthreadid, forum.lasticonid, forum.threadcount, forum.replycount, forum.lastpostid, forum.lastprefixid';
}
($hook = vBulletinHook::fetch_hook('cache_ordered_forums')) ? eval($hook) : false;
// get subscribed forums too
if ($userid)
{
$query = "
SELECT subscribeforumid, $counter_select, user.usergroupid, user.homepage, user.options AS useroptions, IF(userlist.friend = 'yes', 1, 0) AS isfriend
". iif($vbulletin->options['threadmarking'], ', forumread.readtime AS forumread') . "
FROM " . TABLE_PREFIX . "forum AS forum
LEFT JOIN " . TABLE_PREFIX . "subscribeforum AS subscribeforum ON (subscribeforum.forumid = forum.forumid AND subscribeforum.userid = $userid)
" . iif($vbulletin->options['threadmarking'], " LEFT JOIN " . TABLE_PREFIX . "forumread AS forumread ON (forumread.forumid = forum.forumid AND forumread.userid = $userid)") . "
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = forum.lastposterid)
LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.relationid = user.userid AND userlist.type = 'buddy' AND userlist.userid = " . $vbulletin->userinfo['userid'] . ")
$tachyjoin
";
}
// just get counters
else
{
$query = "
SELECT $counter_select, user.usergroupid, user.homepage, user.options AS useroptions, IF(userlist.friend = 'yes', 1, 0) AS isfriend
". iif($vbulletin->options['threadmarking'] AND $vbulletin->userinfo['userid'], ', forumread.readtime AS forumread') . "
FROM " . TABLE_PREFIX . "forum AS forum
" . iif($vbulletin->options['threadmarking'] AND $vbulletin->userinfo['userid'], " LEFT JOIN " . TABLE_PREFIX . "forumread AS forumread ON (forumread.forumid = forum.forumid AND forumread.userid = " . $vbulletin->userinfo['userid'] . ")") . "
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = forum.lastposterid)
LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.relationid = user.userid AND userlist.type = 'buddy' AND userlist.userid = " . $vbulletin->userinfo['userid'] . ")
$tachyjoin
";
}
}
// get subscribed forums
else if ($userid)
{
$query = "
SELECT subscribeforumid, forumid
FROM " . TABLE_PREFIX . "subscribeforum
WHERE userid = $userid
";
}
// don't bother to query forum table, just use the cache
else
{
$query = null;
}
if ($query !== null)
{
$db =& $vbulletin->db;
$getthings = $db->query_read_slave($query);
if ($db->num_rows($getthings))
{
while ($getthing = $db->fetch_array($getthings))
{
if (empty($vbulletin->forumcache["$getthing[forumid]"]))
{
$vbulletin->forumcache["$getthing[forumid]"] = $getthing;
}
else
{
// this adds the existing cache to $getthing without overwriting
// any of $getthing's keys
$vbulletin->forumcache["$getthing[forumid]"] = $getthing + $vbulletin->forumcache["$getthing[forumid]"];
}
}
}
}
$vbulletin->iforumcache = array();
foreach ($vbulletin->forumcache AS $forumid => $forum)
{
if ((!$forum['displayorder'] OR !($forum['options'] & $vbulletin->bf_misc_forumoptions['active'])) AND !$getinvisibles)
{
continue;
}
$forum['parentid'] = intval($forum['parentid']);
$vbulletin->iforumcache["$forum[parentid]"]["$forumid"] = $forumid;
}
}
$permQuery = "\n\t\t\tSELECT postid AS itemid, post.visible AS post_visible, thread.visible AS thread_visible, thread.forumid, thread.threadid, thread.postuserid, post.userid,\n\t\t\tIF(postuserid = " . $vbulletin->userinfo['userid'] . ", 'self', 'other') AS starter\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = post.threadid)\n\t\t\tWHERE postid IN(" . implode(', ', $orderedids) . ")\n\t\t\tAND thread.open <> 10\n\t\t";
$hook_query_fields = $hook_query_joins = '';
($hook = vBulletinHook::fetch_hook('search_results_query_posts')) ? eval($hook) : false;
// query post data
$dataQuery = "\n\t\t\tSELECT post.postid, post.title AS posttitle, post.dateline AS postdateline,\n\t\t\t\tpost.iconid AS posticonid, post.pagetext, post.visible, post.attach,\n\t\t\t\tIF(post.userid = 0, post.username, user.username) AS username,\n\t\t\t\tthread.threadid, thread.title AS threadtitle, thread.iconid AS threadiconid, thread.replycount,\n\t\t\t\tIF(thread.views=0, thread.replycount+1, thread.views) as views, thread.firstpostid, thread.prefixid, thread.taglist,\n\t\t\t\tthread.pollid, thread.sticky, thread.open, thread.lastpost, thread.forumid, thread.visible AS thread_visible,\n\t\t\t\tuser.userid\n\t\t\t\t" . (can_moderate() ? ",pdeletionlog.userid AS pdel_userid, pdeletionlog.username AS pdel_username, pdeletionlog.reason AS pdel_reason" : "") . "\n\t\t\t\t" . (can_moderate() ? ",tdeletionlog.userid AS tdel_userid, tdeletionlog.username AS tdel_username, tdeletionlog.reason AS tdel_reason" : "") . "\n\t\t\t\t" . iif($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid'], ', threadread.readtime AS threadread') . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = post.threadid)\n\n\t\t\t" . (can_moderate() ? "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS tdeletionlog ON(thread.threadid = tdeletionlog.primaryid AND tdeletionlog.type = 'thread')\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "deletionlog AS pdeletionlog ON(post.postid = pdeletionlog.primaryid AND pdeletionlog.type = 'post')" : "") . "\n\n\t\t\t" . iif($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid'], " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")") . "\n\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE post.postid IN";
} else {
// query threads
$permQuery = "\n\t\t\tSELECT threadid AS itemid, forumid, visible AS thread_visible, postuserid,\n\t\t\tIF(postuserid = " . $vbulletin->userinfo['userid'] . ", 'self', 'other') AS starter\n\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\tWHERE threadid IN(" . implode(', ', $orderedids) . ")\n\t\t\tAND thread.open <> 10\n\t\t";
if ($vbulletin->options['threadpreview'] > 0) {
$previewfield = "post.pagetext AS preview,";
$previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)";
} else {
$previewfield = "";
$previewjoin = "";
}
if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
$tachyjoin = "\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON\n\t\t\t\t\t(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ")\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "tachythreadcounter AS tachythreadcounter ON\n\t\t\t\t\t(tachythreadcounter.threadid = thread.threadid AND tachythreadcounter.userid = " . $vbulletin->userinfo['userid'] . ")\n\t\t\t";
$tachycolumns = '
IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount) AS replycount,
IF(views<=IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount), IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount)+1, views) AS views,
IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost,
IF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter,
IF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid
';
} else {
$tachyjoin = '';
$tachycolumns = '
replycount, IF(views<=replycount, replycount+1, views) AS views,
thread.lastpost, thread.lastposter, thread.lastpostid
';
}
}
$posts = $db->query_read_slave("
SELECT post.*,post.username AS postusername,user.username
FROM " . TABLE_PREFIX . "post AS post
LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)
WHERE post.threadid=$threadid AND post.visible=1
ORDER BY dateline $postorder
LIMIT $startat, " . $vbulletin->GPC['perpage'] . "
");
$postbits = '';
while ($post = $db->fetch_array($posts))
{
// hide users in Coventry from non-staff members
if ($tachyuser = in_coventry($post['userid']) AND !can_moderate($threadinfo['forumid']))
{
continue;
}
if ($tachyuser)
{
$show['adminignore'] = true;
$bit_template = 'printthreadbit_ignore';
}
else if ($ignore["$post[userid]"])
{
$show['adminignore'] = false;
$bit_template = 'printthreadbit_ignore';
}
else
function goto_nextthread($threadid, $throwerror = true)
{
global $vbulletin;
$thread = verify_id('thread', $threadid, $throwerror, 1);
$forumperms = fetch_permissions($thread['forumid']);
// remove threads from users on the global ignore list if user is not a moderator
if ($coventry = fetch_coventry('string') and !can_moderate($thread['forumid'])) {
$globalignore = "AND postuserid NOT IN ({$coventry})";
} else {
$globalignore = '';
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
$limitothers = "AND postuserid = " . $vbulletin->userinfo['userid'] . " AND " . $vbulletin->userinfo['userid'] . " <> 0";
} else {
$limitothers = '';
}
if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
$lastpost_info = ",IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost";
$tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')';
$lastpost_having = "HAVING lastpost > {$thread['lastpost']}";
} else {
$lastpost_info = "";
$tachyjoin = "";
$lastpost_having = "AND lastpost > {$thread['lastpost']}";
}
if ($getnextnewest = $vbulletin->db->query_first_slave("\n\t\tSELECT thread.threadid, thread.title\n\t\t\t{$lastpost_info}\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t{$tachyjoin}\n\t\tWHERE forumid = {$thread['forumid']}\n\t\t\tAND visible = 1\n\t\t\tAND open <> 10\n\t\t\t{$globalignore}\n\t\t\t{$limitothers}\n\t\t{$lastpost_having}\n\t\tORDER BY lastpost\n\t\tLIMIT 1\n\t")) {
$threadid = $getnextnewest['threadid'];
unset($thread);
} else {
if ($throwerror) {
eval(standard_error(fetch_error('nonextnewest')));
}
}
return $getnextnewest;
}
/**
* Accepts a list of recipients names to create the touserarray field
*
* @param string Single user name, or semi-colon separated list of user names
* @param array $permissions array for sending user.
*
* @return boolean
*/
function set_recipients($recipientlist, &$permissions, $type = 'bcc')
{
$names = array();
// names in the recipient list
$users = array();
// users from the recipient list found in the user table
$notfound = array();
// names from the recipient list NOT found in the user table
$recipients = array();
// users to whom the message WILL be sent
$errors = array();
$recipientlist = trim($recipientlist);
$this->info['permissions'] =& $permissions;
if (!empty($this->info['is_automated'])) {
$this->overridequota = true;
}
// pmboxfull needs $fromusername defined
if (($fromusername = $this->fetch_field('fromusername')) === null) {
trigger_error('Set fromusername before calling set_recipients()', E_USER_ERROR);
}
if (($fromuserid = $this->fetch_field('fromuserid')) === null) {
trigger_error('Set fromuserid before calling set_recipients()', E_USER_ERROR);
}
$fromuser = fetch_userinfo($fromuserid);
// check for valid recipient string
if ($recipientlist == '') {
return false;
}
// split multiple recipients into an array
if (preg_match('/(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});/', $recipientlist)) {
$recipientlist = preg_split('/(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});/', $recipientlist, -1, PREG_SPLIT_NO_EMPTY);
foreach ($recipientlist as $recipient) {
$recipient = trim($recipient);
if ($recipient != '') {
$names[] = htmlspecialchars_uni($recipient);
}
}
} else {
$names[] = htmlspecialchars_uni($recipientlist);
}
// check for max allowed recipients
if ($permissions['pmsendmax'] > 0) {
$this->info['numusers'] += sizeof($names);
}
// query recipients
$checkusers = $this->dbobject->query_read_slave("\n\t\t\tSELECT usertextfield.*, user.*\n\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\t\tWHERE username IN('" . implode('\', \'', array_map(array($this->dbobject, 'escape_string'), $names)) . "')\n\t\t\tORDER BY user.username\n\t\t");
// build array of checked users
while ($checkuser = $this->dbobject->fetch_array($checkusers)) {
$lowname = vbstrtolower($checkuser['username']);
$checkuserperms = fetch_permissions(0, $checkuser['userid'], $checkuser);
if ($checkuserperms['pmquota'] < 1 and !$this->overridequota) {
if ($checkuser['options'] & $this->registry->bf_misc_useroptions['receivepm']) {
// This will cause the 'can't receive pms' error below to be triggered
$checkuser['options'] -= $this->registry->bf_misc_useroptions['receivepm'];
}
}
$users["{$lowname}"] = $checkuser;
}
// check to see if any recipients were not found
foreach ($names as $name) {
$lowname = vbstrtolower($name);
if (!isset($users["{$lowname}"])) {
$notfound[] = $name;
}
}
if (!empty($notfound)) {
$this->error('pmrecipientsnotfound', implode("</li>\r\n<li>", $notfound));
return false;
}
// run through recipients to check if we can insert the message
foreach ($users as $lowname => $user) {
if (!($user['options'] & $this->registry->bf_misc_useroptions['receivepm']) and !$this->overridequota) {
// recipient has private messaging disabled
$this->error('pmrecipturnedoff', $user['username']);
return false;
} else {
if ($user['options'] & $this->registry->bf_misc_useroptions['receivepmbuddies'] and strpos(" {$user['buddylist']} ", " {$fromuser['userid']} ") === false and !can_moderate() and !$this->overridequota) {
// recipient receives PMs only from buddies and sender is not on the list and not board staff
$this->error('pmrecipturnedoff', $user['username']);
return false;
} else {
// don't allow a tachy user to sends pms to anyone other than himself
if (in_coventry($fromuser['userid'], true) and $user['userid'] != $fromuser['userid']) {
$this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
continue;
} else {
if (strpos(" {$user['ignorelist']} ", ' ' . $fromuser['userid'] . ' ') !== false and !$this->overridequota) {
// recipient is ignoring sender
if ($permissions['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel']) {
$recipients["{$lowname}"] = true;
$this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
} else {
// bbuser is being ignored by recipient - do not send, but do not error
$this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
continue;
}
} else {
cache_permissions($user, false);
if ($user['permissions'] < 1) {
// recipient has no pm permission
$this->error('pmusernotallowed', $user['username']);
} else {
if ($user['pmtotal'] >= $user['permissions']['pmquota'] and !$this->overridequota) {
// recipient is over their pm quota, is the sender allowed to ignore it?
if ($permissions['pmpermissions'] & $this->registry->bf_ugp_pmpermissions['canignorequota']) {
$recipients["{$lowname}"] = true;
$this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
} else {
if ($user['usergroupid'] != 3 and $user['usergroupid'] != 4) {
$touserinfo =& $user;
eval(fetch_email_phrases('pmboxfull', $touserinfo['languageid'], '', 'email'));
vbmail($touserinfo['email'], $emailsubject, $emailmessage, true);
$this->error('pmquotaexceeded', $user['username']);
} else {
$this->error('pmquotaexceeded', $user['username']);
}
}
} else {
if (!($user['options'] & $this->registry->bf_misc_useroptions['pmboxwarning']) and $user['permissions']['pmquota'] and ($user['pmtotal'] + 1) / $user['permissions']['pmquota'] >= 0.9) {
// Send email about box being almost full
$this->info['pmwarning']["{$user['userid']}"] = true;
}
// okay, send the message!
$recipients["{$lowname}"] = true;
$this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
}
}
}
}
}
}
}
if (empty($this->errors)) {
foreach ($recipients as $lowname => $bool) {
$user =& $users["{$lowname}"];
$this->info['recipients']["{$user['userid']}"] = $user;
}
return true;
} else {
return false;
}
}
function do_get_subscriptions()
{
global $vbulletin, $db, $show, $vbphrase, $permissions, $subscribecounters;
$vbulletin->options['threadpreview'] = FR_PREVIEW_LEN;
if (!$vbulletin->userinfo['userid']) {
json_error(ERR_NO_PERMISSION);
}
if (!$vbulletin->userinfo['userid'] and $_REQUEST['do'] != 'removesubscription' or $vbulletin->userinfo['userid'] and !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or $vbulletin->userinfo['usergroupid'] == 4 or !($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) {
json_error(ERR_NO_PERMISSION);
}
$thread_data = array();
$unread_subs = 0;
// vbulletin expects folderid, but we will just get them all
$vbulletin->input->clean_array_gpc('r', array('folderid' => TYPE_NOHTML, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'sortfield' => TYPE_NOHTML, 'sortorder' => TYPE_NOHTML, 'previewtype' => TYPE_INT));
$previewtype = $vbulletin->GPC['previewtype'];
if (!$previewtype) {
$previewtype = 1;
}
$vbulletin->GPC['folderid'] = 'all';
// Values that are reused in templates
$sortfield =& $vbulletin->GPC['sortfield'];
$perpage =& $vbulletin->GPC['perpage'];
$pagenumber =& $vbulletin->GPC['pagenumber'];
$folderid =& $vbulletin->GPC['folderid'];
if ($folderid == 'all') {
$getallfolders = true;
$show['allfolders'] = true;
} else {
$folderid = intval($folderid);
}
$folderselect["{$folderid}"] = 'selected="selected"';
// Build folder jump
require_once DIR . '/includes/functions_misc.php';
$folders = construct_folder_jump(1, $folderid, false, '', true);
$templater = vB_Template::create('subscribe_folder_jump');
$templater->register('folders', $folders);
$folderjump = $templater->render();
// look at sorting options:
if ($vbulletin->GPC['sortorder'] != 'asc') {
$vbulletin->GPC['sortorder'] = 'desc';
$sqlsortorder = 'DESC';
$order = array('desc' => 'selected="selected"');
} else {
$sqlsortorder = '';
$order = array('asc' => 'selected="selected"');
}
switch ($sortfield) {
case 'title':
case 'lastpost':
case 'replycount':
case 'views':
case 'postusername':
$sqlsortfield = 'thread.' . $sortfield;
break;
default:
$handled = false;
if (!$handled) {
$sqlsortfield = 'thread.lastpost';
$sortfield = 'lastpost';
}
}
$sort = array($sortfield => 'selected="selected"');
if ($getallfolders) {
$totalallthreads = array_sum($subscribecounters);
} else {
$totalallthreads = $subscribecounters["{$folderid}"];
}
// set defaults
sanitize_pageresults($totalallthreads, $pagenumber, $perpage, 200, $vbulletin->options['maxthreads']);
// display threads
$limitlower = ($pagenumber - 1) * $perpage + 1;
$limitupper = $pagenumber * $perpage;
if ($limitupper > $totalallthreads) {
$limitupper = $totalallthreads;
if ($limitlower > $totalallthreads) {
$limitlower = $totalallthreads - $perpage;
}
}
if ($limitlower <= 0) {
$limitlower = 1;
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$getthreads = $db->query_read_slave("\n\t\tSELECT thread.threadid, emailupdate, subscribethreadid, thread.forumid, thread.postuserid\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "subscribethread AS subscribethread\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = subscribethread.threadid)\n\t\t{$hook_query_joins}\n\t\tWHERE subscribethread.userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\tAND thread.visible = 1\n\t\t\tAND canview = 1\n\t\t" . iif(!$getallfolders, "\tAND folderid = {$folderid}") . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\tLIMIT " . ($limitlower - 1) . ", {$perpage}\n\t");
if ($totalthreads = $db->num_rows($getthreads)) {
$forumids = array();
$threadids = array();
$emailupdate = array();
$killthreads = array();
while ($getthread = $db->fetch_array($getthreads)) {
$forumperms = fetch_permissions($getthread['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $getthread['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
$killthreads["{$getthread['subscribethreadid']}"] = $getthread['subscribethreadid'];
$totalallthreads--;
continue;
}
$forumids["{$getthread['forumid']}"] = true;
$threadids[] = $getthread['threadid'];
$emailupdate["{$getthread['threadid']}"] = $getthread['emailupdate'];
$subscribethread["{$getthread['threadid']}"] = $getthread['subscribethreadid'];
}
$threadids = implode(',', $threadids);
}
unset($getthread);
$db->free_result($getthreads);
if (!empty($killthreads)) {
// Update thread subscriptions
$vbulletin->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "subscribethread\n\t\t\tSET canview = 0\n\t\t\tWHERE subscribethreadid IN (" . implode(', ', $killthreads) . ")\n\t\t");
}
if (!empty($threadids)) {
cache_ordered_forums(1);
$colspan = 5;
$show['threadicons'] = false;
// get last read info for each thread
$lastread = array();
foreach (array_keys($forumids) as $forumid) {
if ($vbulletin->options['threadmarking']) {
$lastread["{$forumid}"] = max($vbulletin->forumcache["{$forumid}"]['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
$lastread["{$forumid}"] = max(intval(fetch_bbarray_cookie('forum_view', $forumid)), $vbulletin->userinfo['lastvisit']);
}
if ($vbulletin->forumcache["{$forumid}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons']) {
$show['threadicons'] = true;
$colspan = 6;
}
}
if ($previewtype == 1) {
$previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,";
$previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)";
} else {
$previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,";
$previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.lastpostid)";
}
$hasthreads = true;
$threadbits = '';
$pagenav = '';
$counter = 0;
$toread = 0;
$vbulletin->options['showvotes'] = intval($vbulletin->options['showvotes']);
if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
$lastpost_info = "IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost, " . "IF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter, " . "IF(tachythreadpost.userid IS NULL, thread.lastposterid, tachythreadpost.lastposterid) AS lastposterid, " . "IF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid";
$tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')';
} else {
$lastpost_info = 'thread.lastpost, thread.lastposter, thread.lastposterid, thread.lastpostid';
$tachyjoin = '';
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$threads = $db->query_read_slave("\n\t\t\tSELECT\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . ", thread.votenum, 0) AS votenum,\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . " AND thread.votenum > 0, thread.votetotal / thread.votenum, 0) AS voteavg,\n\t\t\t\tthread.votetotal,\n\t\t\t\t{$previewfield} thread.threadid, thread.title AS threadtitle, thread.forumid, thread.pollid,\n\t\t\t\tthread.open, thread.replycount, thread.postusername, thread.prefixid,\n\t\t\t\t{$lastpost_info}, thread.postuserid, thread.dateline, thread.views, thread.iconid AS threadiconid,\n\t\t\t\tthread.notes, thread.visible, thread.attach, thread.taglist\n\t\t\t\t" . ($vbulletin->options['threadmarking'] ? ", threadread.readtime AS threadread" : '') . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t{$previewjoin}\n\t\t\t" . ($vbulletin->options['threadmarking'] ? " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")" : '') . "\n\t\t\t{$tachyjoin}\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE thread.threadid IN ({$threadids})\n\t\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\t");
unset($sqlsortfield, $sqlsortorder);
require_once DIR . '/includes/functions_forumdisplay.php';
// Get Dot Threads
$dotthreads = fetch_dot_threads_array($threadids);
if ($vbulletin->options['showdots'] and $vbulletin->userinfo['userid']) {
$show['dotthreads'] = true;
} else {
$show['dotthreads'] = false;
}
if ($vbulletin->options['threadpreview'] and $vbulletin->userinfo['ignorelist']) {
// Get Buddy List
$buddy = array();
if (trim($vbulletin->userinfo['buddylist'])) {
$buddylist = preg_split('/( )+/', trim($vbulletin->userinfo['buddylist']), -1, PREG_SPLIT_NO_EMPTY);
foreach ($buddylist as $buddyuserid) {
$buddy["{$buddyuserid}"] = 1;
}
}
DEVDEBUG('buddies: ' . implode(', ', array_keys($buddy)));
// Get Ignore Users
$ignore = array();
if (trim($vbulletin->userinfo['ignorelist'])) {
$ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
foreach ($ignorelist as $ignoreuserid) {
if (!$buddy["{$ignoreuserid}"]) {
$ignore["{$ignoreuserid}"] = 1;
}
}
}
DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore)));
}
$foruminfo['allowratings'] = true;
$show['notificationtype'] = true;
$show['threadratings'] = true;
$show['threadrating'] = true;
while ($thread = $db->fetch_array($threads)) {
$threadid = $thread['threadid'];
// build thread data
$thread = process_thread_array($thread, $lastread["{$thread['forumid']}"]);
switch ($emailupdate["{$thread['threadid']}"]) {
case 0:
$thread['notification'] = $vbphrase['none'];
break;
case 1:
$thread['notification'] = $vbphrase['instant'];
break;
case 2:
$thread['notification'] = $vbphrase['daily'];
break;
case 3:
$thread['notification'] = $vbphrase['weekly'];
break;
default:
$thread['notification'] = $vbphrase['n_a'];
}
$avatarurl = '';
if ($thread['lastpost_userid'] > 0) {
$userinfoavatar = fetch_userinfo($thread['lastpost_userid'], FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfoavatar, true, false);
if ($userinfoavatar['avatarurl'] != '') {
$avatarurl = process_avatarurl($userinfoavatar['avatarurl']);
}
unset($userinfoavatar);
}
$tmp = array('thread_id' => $thread['threadid'], 'new_posts' => $show['gotonewpost'] ? true : false, 'forum_id' => $thread['forumid'], 'total_posts' => $thread['totalposts'] ? $thread['totalposts'] : 0, 'forum_title' => prepare_utf8_string($thread['forumtitle']), 'thread_title' => prepare_utf8_string($thread['threadtitle']), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($thread['preview']), FR_PREVIEW_LEN)), 'post_userid' => $thread['lastpost_userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($thread['lastpostdate']) . ' ' . $thread['lastposttime']), 'post_username' => prepare_utf8_string(strip_tags($thread['lastpost_username'])));
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
if ($thread['attach']) {
$tmp['attach'] = true;
}
if ($thread['pollid']) {
$tmp['poll'] = true;
}
$thread_data[] = $tmp;
}
$db->free_result($threads);
unset($threadids);
} else {
$totalallthreads = 0;
}
$out = array('threads' => $thread_data, 'total_threads' => $totalallthreads);
return $out;
}
$show['avatarlink'] = $vbulletin->options['avatarenabled'];
$show['profilepiclink'] = ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic'] and $vbulletin->options['profilepicenabled']);
$show['wollink'] = $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonline'];
$show['spacer'] = true;
// used in postbit template
if (THIS_SCRIPT == 'register') {
// see 3.6 bug 876 -- causes double redirect and error when activating
$show['dst_correction'] = false;
} else {
$show['dst_correction'] = (($vbulletin->session->vars['loggedin'] == 1 or $vbulletin->session->created or THIS_SCRIPT == 'usercp') and $vbulletin->userinfo['dstauto'] == 1 and $vbulletin->userinfo['userid']);
}
$show['contactus'] = ($vbulletin->options['contactuslink'] and (!$vbulletin->userinfo['userid'] and $vbulletin->options['contactustype'] or $vbulletin->userinfo['userid']));
$show['forumdesc'] = ($vbulletin->options['nav_forumdesc'] and trim($foruminfo['description']) != '' and in_array(THIS_SCRIPT, array('newthread', 'newreply', 'forumdisplay', 'showthread', 'announcement', 'editpost', 'poll', 'report', 'sendmessage', 'threadrate')));
$show['foruminfo'] = (THIS_SCRIPT == 'forumdisplay' and $vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) ? true : false;
if (THIS_SCRIPT == 'showthread' and $threadinfo['threadid']) {
if (!($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) or (!$threadinfo['visible'] and !can_moderate($foruminfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($foruminfo['forumid'])) or in_coventry($threadinfo['postuserid']) and !can_moderate($foruminfo['forumid']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
$show['threadinfo'] = false;
} else {
$show['threadinfo'] = true;
}
} else {
$show['threadinfo'] = false;
}
// you may define this if you don't want the password in the login box to be zapped onsubmit; good for integration
$show['nopasswordempty'] = defined('DISABLE_PASSWORD_CLEARING') ? 1 : 0;
// this nees to be an int for the templates
$ad_location = array();
// parse some global templates
eval('$gobutton = "' . fetch_template('gobutton') . '";');
eval('$spacer_open = "' . fetch_template('spacer_open') . '";');
eval('$spacer_close = "' . fetch_template('spacer_close') . '";');
function post_save_each($doquery = true)
{
$postid = intval($this->fetch_field('postid'));
if (!$this->condition and $this->fetch_field('dateline') == TIMENOW) {
$this->insert_dupehash($this->fetch_field('threadid'));
}
$this->post_save_each_post($doquery);
if ($this->info['thread'] and ($attach = intval($this->info['newattach']) or !$this->condition)) {
$thread =& datamanager_init('Thread', $this->registry, ERRTYPE_SILENT, 'threadpost');
$thread->set_existing($this->info['thread']);
if ($attach) {
$thread->set('attach', "attach + {$attach}", false);
}
}
if (!$this->condition) {
if ($this->fetch_field('dateline') == TIMENOW) {
$this->insert_postlog_data();
}
if ($this->fetch_field('visible') == 1 and $this->info['thread']) {
if (in_coventry($this->fetch_field('userid'), true)) {
$thread->set_info('coventry', array('in_coventry' => 1, 'userid' => $this->fetch_field('userid')));
}
if ($this->fetch_field('dateline') == TIMENOW) {
$thread->set('lastpost', TIMENOW);
$thread->set('lastposter', $this->fetch_field('username'));
$thread->set('lastpostid', $postid);
}
// update last post info for this thread
if ($this->info['thread']['replycount'] % 10 == 0) {
$replies = $this->registry->db->query_first("\n\t\t\t\t\t\tSELECT COUNT(*)-1 AS replies\n\t\t\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\t\t\tWHERE threadid = " . intval($this->info['thread']['threadid']) . " AND\n\t\t\t\t\t\t\tpost.visible = 1\n\t\t\t\t\t");
$thread->set('replycount', $replies['replies']);
} else {
$thread->set('replycount', 'replycount + 1', false);
}
} else {
if ($this->fetch_field('visible') == 0 and $this->info['thread']) {
$thread->set('hiddencount', 'hiddencount + 1', false);
}
}
/*if ($this->fetch_field('visible') == 1 AND !in_coventry($this->registry->userinfo['userid'], true))
{
// Send out subscription emails
exec_send_notification($this->fetch_field('threadid'), $this->registry->userinfo['userid'], $this->fetch_field('postid'));
}*/
}
if (is_object($thread)) {
$thread->save();
}
if ($this->post['visible'] === 0) {
$threadid = intval($this->fetch_field('threadid'));
$postid = intval($this->fetch_field('postid'));
/*insert query*/
$this->dbobject->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "moderation (primaryid, type, dateline) VALUES ({$postid}, 'reply', " . TIMENOW . ")");
}
if ($this->info['forum']['podcast'] and $this->info['thread']['firstpostid'] == $postid) {
$this->dbobject->query_write("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "podcastitem\n\t\t\t\t\t(postid, url, length, explicit, author, keywords, subtitle)\n\t\t\t\tVALUES\n\t\t\t\t\t(\n\t\t\t\t\t\t{$postid},\n\t\t\t\t\t\t'" . $this->dbobject->escape_string($this->info['podcasturl']) . "',\n\t\t\t\t\t\t" . intval($this->info['podcastsize']) . ",\n\t\t\t\t\t\t" . intval($this->info['podcastexplicit']) . ",\n\t\t\t\t\t\t'" . $this->dbobject->escape_string($this->info['podcastauthor']) . "',\n\t\t\t\t\t\t'" . $this->dbobject->escape_string($this->info['podcastkeywords']) . "',\n\t\t\t\t\t\t'" . $this->dbobject->escape_string($this->info['podcastsubtitle']) . "'\n\t\t\t\t\t)\n\t\t\t");
// reset rss cache for this forum
$this->dbobject->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "externalcache\n\t\t\t\tWHERE forumid = " . intval($this->info['forum']['forumid']) . "\n\t\t\t");
}
if (!$this->condition) {
$this->email_moderators('newpostemail');
}
($hook = vBulletinHook::fetch_hook('postdata_postsave')) ? eval($hook) : false;
}
if (!$vbulletin->options['threadtagging']) {
print_no_permission();
}
// *********************************************************************************
// check for visible / deleted thread
if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'])) {
eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])));
}
// *********************************************************************************
// jump page if thread is actually a redirect
if ($threadinfo['open'] == 10) {
exec_header_redirect('showthread.php?' . $vbulletin->session->vars['sessionurl_js'] . "t={$threadinfo['pollid']}");
}
// *********************************************************************************
// Tachy goes to coventry
if (in_coventry($threadinfo['postuserid']) and !can_moderate($threadinfo['forumid'])) {
eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])));
}
// *********************************************************************************
// get forum info
$foruminfo = fetch_foruminfo($threadinfo['forumid']);
// *********************************************************************************
// check forum permissions
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
print_no_permission();
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
print_no_permission();
}
// *********************************************************************************
